From edb62a3ace8c4303822a391b38231e577f8c2ee8 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Tue, 6 Oct 2020 19:30:07 +0000 Subject: [PATCH 001/252] Ensure MkdirAllAndChown also sets perms Generally if we ever need to change perms of a dir, between versions, this ensures the permissions actually change when we think it should change without having to handle special cases if it already existed. Signed-off-by: Brian Goff --- pkg/idtools/idtools.go | 11 ++++++++--- pkg/idtools/idtools_unix.go | 14 ++++++++++---- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/pkg/idtools/idtools.go b/pkg/idtools/idtools.go index 7569ac15dde76..25a57b231e011 100644 --- a/pkg/idtools/idtools.go +++ b/pkg/idtools/idtools.go @@ -35,13 +35,13 @@ const ( // MkdirAllAndChown creates a directory (include any along the path) and then modifies // ownership to the requested uid/gid. If the directory already exists, this -// function will still change ownership to the requested uid/gid pair. +// function will still change ownership and permissions. func MkdirAllAndChown(path string, mode os.FileMode, owner Identity) error { return mkdirAs(path, mode, owner, true, true) } // MkdirAndChown creates a directory and then modifies ownership to the requested uid/gid. -// If the directory already exists, this function still changes ownership. +// If the directory already exists, this function still changes ownership and permissions. // Note that unlike os.Mkdir(), this function does not return IsExist error // in case path already exists. func MkdirAndChown(path string, mode os.FileMode, owner Identity) error { @@ -50,7 +50,7 @@ func MkdirAndChown(path string, mode os.FileMode, owner Identity) error { // MkdirAllAndChownNew creates a directory (include any along the path) and then modifies // ownership ONLY of newly created directories to the requested uid/gid. If the -// directories along the path exist, no change of ownership will be performed +// directories along the path exist, no change of ownership or permissions will be performed func MkdirAllAndChownNew(path string, mode os.FileMode, owner Identity) error { return mkdirAs(path, mode, owner, true, false) } @@ -234,3 +234,8 @@ func parseSubidFile(path, username string) (ranges, error) { return rangeList, s.Err() } + +// CurrentIdentity returns the identity of the current process +func CurrentIdentity() Identity { + return Identity{UID: os.Getuid(), GID: os.Getegid()} +} diff --git a/pkg/idtools/idtools_unix.go b/pkg/idtools/idtools_unix.go index 5defe6459f5ba..a03af120458e4 100644 --- a/pkg/idtools/idtools_unix.go +++ b/pkg/idtools/idtools_unix.go @@ -40,7 +40,7 @@ func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting } // short-circuit--we were called with an existing directory and chown was requested - return lazyChown(path, owner.UID, owner.GID, stat) + return setPermissions(path, mode, owner.UID, owner.GID, stat) } if os.IsNotExist(err) { @@ -71,7 +71,7 @@ func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting // even if it existed, we will chown the requested path + any subpaths that // didn't exist when we called MkdirAll for _, pathComponent := range paths { - if err := lazyChown(pathComponent, owner.UID, owner.GID, nil); err != nil { + if err := setPermissions(pathComponent, mode, owner.UID, owner.GID, nil); err != nil { return err } } @@ -213,10 +213,11 @@ func callGetent(database, key string) (io.Reader, error) { return bytes.NewReader(out), nil } -// lazyChown performs a chown only if the uid/gid don't match what's requested +// setPermissions performs a chown/chmod only if the uid/gid don't match what's requested // Normally a Chown is a no-op if uid/gid match, but in some cases this can still cause an error, e.g. if the // dir is on an NFS share, so don't call chown unless we absolutely must. -func lazyChown(p string, uid, gid int, stat *system.StatT) error { +// Likewise for setting permissions. +func setPermissions(p string, mode os.FileMode, uid, gid int, stat *system.StatT) error { if stat == nil { var err error stat, err = system.Stat(p) @@ -224,6 +225,11 @@ func lazyChown(p string, uid, gid int, stat *system.StatT) error { return err } } + if os.FileMode(stat.Mode()).Perm() != mode.Perm() { + if err := os.Chmod(p, mode.Perm()); err != nil { + return err + } + } if stat.UID() == uint32(uid) && stat.GID() == uint32(gid) { return nil } From bfedd2725971303efb7a2fe5d6990317b381622f Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Tue, 6 Oct 2020 19:40:30 +0000 Subject: [PATCH 002/252] Do not set DOCKER_TMP to be owned by remapped root The remapped root does not need access to this dir. Having this owned by the remapped root opens the host up to an uprivileged user on the host being able to escalate privileges. While it would not be normal for the remapped UID to be used outside of the container context, it could happen. Signed-off-by: Brian Goff --- daemon/daemon.go | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/daemon/daemon.go b/daemon/daemon.go index 3e86ab5c87219..ab0db4fa06680 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go @@ -795,7 +795,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S } // set up the tmpDir to use a canonical path - tmp, err := prepareTempDir(config.Root, rootIDs) + tmp, err := prepareTempDir(config.Root) if err != nil { return nil, fmt.Errorf("Unable to get the TempDir under %s: %s", config.Root, err) } @@ -1370,7 +1370,7 @@ func (daemon *Daemon) Subnets() ([]net.IPNet, []net.IPNet) { // prepareTempDir prepares and returns the default directory to use // for temporary files. // If it doesn't exist, it is created. If it exists, its content is removed. -func prepareTempDir(rootDir string, rootIdentity idtools.Identity) (string, error) { +func prepareTempDir(rootDir string) (string, error) { var tmpDir string if tmpDir = os.Getenv("DOCKER_TMPDIR"); tmpDir == "" { tmpDir = filepath.Join(rootDir, "tmp") @@ -1388,9 +1388,7 @@ func prepareTempDir(rootDir string, rootIdentity idtools.Identity) (string, erro } } } - // We don't remove the content of tmpdir if it's not the default, - // it may hold things that do not belong to us. - return tmpDir, idtools.MkdirAllAndChown(tmpDir, 0700, rootIdentity) + return tmpDir, idtools.MkdirAllAndChown(tmpDir, 0700, idtools.CurrentIdentity()) } func (daemon *Daemon) setGenericResources(conf *config.Config) error { From e908cc39018c015084ffbffbc5703ccba5c2fbb7 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Tue, 6 Oct 2020 19:43:24 +0000 Subject: [PATCH 003/252] Use real root with 0701 perms Various dirs in /var/lib/docker contain data that needs to be mounted into a container. For this reason, these dirs are set to be owned by the remapped root user, otherwise there can be permissions issues. However, this uneccessarily exposes these dirs to an unprivileged user on the host. Instead, set the ownership of these dirs to the real root (or rather the UID/GID of dockerd) with 0701 permissions, which allows the remapped root to enter the directories but not read/write to them. The remapped root needs to enter these dirs so the container's rootfs can be configured... e.g. to mount /etc/resolve.conf. This prevents an unprivileged user from having read/write access to these dirs on the host. The flip side of this is now any user can enter these directories. Signed-off-by: Brian Goff --- daemon/container_operations_unix.go | 2 +- daemon/create.go | 6 ++---- daemon/daemon.go | 2 +- daemon/daemon_unix.go | 14 ++++++++++---- daemon/graphdriver/aufs/aufs.go | 9 +++------ daemon/graphdriver/btrfs/btrfs.go | 10 +++------- .../graphdriver/fuse-overlayfs/fuseoverlayfs.go | 14 +++++--------- daemon/graphdriver/overlay/overlay.go | 16 +++++++--------- daemon/graphdriver/overlay2/overlay.go | 12 ++++-------- daemon/graphdriver/vfs/driver.go | 5 ++--- daemon/graphdriver/zfs/zfs.go | 6 +----- volume/local/local.go | 11 +++++++++-- 12 files changed, 48 insertions(+), 59 deletions(-) diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go index f4f1bd2c0b6a3..5521adbd27494 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -466,5 +466,5 @@ func (daemon *Daemon) setupContainerMountsRoot(c *container.Container) error { if err != nil { return err } - return idtools.MkdirAllAndChown(p, 0700, daemon.idMapping.RootPair()) + return idtools.MkdirAllAndChown(p, 0701, idtools.CurrentIdentity()) } diff --git a/daemon/create.go b/daemon/create.go index d4aeb77c7b767..e0d6eeea8b90e 100644 --- a/daemon/create.go +++ b/daemon/create.go @@ -211,12 +211,10 @@ func (daemon *Daemon) create(opts createOpts) (retC *container.Container, retErr } ctr.RWLayer = rwLayer - rootIDs := daemon.idMapping.RootPair() - - if err := idtools.MkdirAndChown(ctr.Root, 0700, rootIDs); err != nil { + if err := idtools.MkdirAndChown(ctr.Root, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } - if err := idtools.MkdirAndChown(ctr.CheckpointDir(), 0700, rootIDs); err != nil { + if err := idtools.MkdirAndChown(ctr.CheckpointDir(), 0700, idtools.CurrentIdentity()); err != nil { return nil, err } diff --git a/daemon/daemon.go b/daemon/daemon.go index ab0db4fa06680..794ff9712d08d 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go @@ -861,7 +861,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S } daemonRepo := filepath.Join(config.Root, "containers") - if err := idtools.MkdirAllAndChown(daemonRepo, 0700, rootIDs); err != nil { + if err := idtools.MkdirAllAndChown(daemonRepo, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index 5fa688dff4c76..b477275228a24 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -1196,7 +1196,7 @@ func setupRemappedRoot(config *config.Config) (*idtools.IdentityMapping, error) return &idtools.IdentityMapping{}, nil } -func setupDaemonRoot(config *config.Config, rootDir string, rootIdentity idtools.Identity) error { +func setupDaemonRoot(config *config.Config, rootDir string, remappedRoot idtools.Identity) error { config.Root = rootDir // the docker root metadata directory needs to have execute permissions for all users (g+x,o+x) // so that syscalls executing as non-root, operating on subdirectories of the graph root @@ -1221,10 +1221,16 @@ func setupDaemonRoot(config *config.Config, rootDir string, rootIdentity idtools // a new subdirectory with ownership set to the remapped uid/gid (so as to allow // `chdir()` to work for containers namespaced to that uid/gid) if config.RemappedRoot != "" { - config.Root = filepath.Join(rootDir, fmt.Sprintf("%d.%d", rootIdentity.UID, rootIdentity.GID)) + id := idtools.CurrentIdentity() + // First make sure the current root dir has the correct perms. + if err := idtools.MkdirAllAndChown(config.Root, 0701, id); err != nil { + return errors.Wrapf(err, "could not create or set daemon root permissions: %s", config.Root) + } + + config.Root = filepath.Join(rootDir, fmt.Sprintf("%d.%d", remappedRoot.UID, remappedRoot.GID)) logrus.Debugf("Creating user namespaced daemon root: %s", config.Root) // Create the root directory if it doesn't exist - if err := idtools.MkdirAllAndChown(config.Root, 0700, rootIdentity); err != nil { + if err := idtools.MkdirAllAndChown(config.Root, 0701, id); err != nil { return fmt.Errorf("Cannot create daemon root: %s: %v", config.Root, err) } // we also need to verify that any pre-existing directories in the path to @@ -1237,7 +1243,7 @@ func setupDaemonRoot(config *config.Config, rootDir string, rootIdentity idtools if dirPath == "/" { break } - if !idtools.CanAccess(dirPath, rootIdentity) { + if !idtools.CanAccess(dirPath, remappedRoot) { return fmt.Errorf("a subdirectory in your graphroot path (%s) restricts access to the remapped root uid/gid; please fix by allowing 'o+x' permissions on existing directories", config.Root) } } diff --git a/daemon/graphdriver/aufs/aufs.go b/daemon/graphdriver/aufs/aufs.go index 4ecc647bdd8d5..b007274e13f19 100644 --- a/daemon/graphdriver/aufs/aufs.go +++ b/daemon/graphdriver/aufs/aufs.go @@ -129,18 +129,15 @@ func Init(root string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap locker: locker.New(), } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, err - } + currentID := idtools.CurrentIdentity() // Create the root aufs driver dir - if err := idtools.MkdirAllAndChown(root, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(root, 0701, currentID); err != nil { return nil, err } // Populate the dir structure for _, p := range paths { - if err := idtools.MkdirAllAndChown(path.Join(root, p), 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(path.Join(root, p), 0701, currentID); err != nil { return nil, err } } diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go index 1866b07b884a5..f9127472f8b0f 100644 --- a/daemon/graphdriver/btrfs/btrfs.go +++ b/daemon/graphdriver/btrfs/btrfs.go @@ -70,11 +70,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap return nil, graphdriver.ErrPrerequisites } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, err - } - if err := idtools.MkdirAllAndChown(home, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -525,7 +521,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error { if err != nil { return err } - if err := idtools.MkdirAllAndChown(subvolumes, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(subvolumes, 0701, idtools.CurrentIdentity()); err != nil { return err } if parent == "" { @@ -560,7 +556,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error { if err := d.setStorageSize(path.Join(subvolumes, id), driver); err != nil { return err } - if err := idtools.MkdirAllAndChown(quotas, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(quotas, 0700, idtools.CurrentIdentity()); err != nil { return err } if err := ioutil.WriteFile(path.Join(quotas, id), []byte(fmt.Sprint(driver.options.size)), 0644); err != nil { diff --git a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go index e906cda74db24..782e8be984469 100644 --- a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go +++ b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go @@ -88,12 +88,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap return nil, graphdriver.ErrNotSupported } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, err - } - // Create the driver home dir - if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -178,10 +173,11 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr } root := idtools.Identity{UID: rootUID, GID: rootGID} - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0700, root); err != nil { + currentID := idtools.CurrentIdentity() + if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, currentID); err != nil { return err } - if err := idtools.MkdirAndChown(dir, 0700, root); err != nil { + if err := idtools.MkdirAndChown(dir, 0701, currentID); err != nil { return err } @@ -215,7 +211,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr return nil } - if err := idtools.MkdirAndChown(path.Join(dir, workDirName), 0700, root); err != nil { + if err := idtools.MkdirAndChown(path.Join(dir, workDirName), 0701, currentID); err != nil { return err } diff --git a/daemon/graphdriver/overlay/overlay.go b/daemon/graphdriver/overlay/overlay.go index 1cffc1b896c81..90be0e3d645b2 100644 --- a/daemon/graphdriver/overlay/overlay.go +++ b/daemon/graphdriver/overlay/overlay.go @@ -156,12 +156,8 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap logrus.WithField("storage-driver", "overlay").Warn(overlayutils.ErrDTypeNotSupported("overlay", backingFs)) } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, err - } // Create the driver home dir - if err := idtools.MkdirAllAndChown(home, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -265,10 +261,11 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) (retErr } root := idtools.Identity{UID: rootUID, GID: rootGID} - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0700, root); err != nil { + currentID := idtools.CurrentIdentity() + if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, currentID); err != nil { return err } - if err := idtools.MkdirAndChown(dir, 0700, root); err != nil { + if err := idtools.MkdirAndChown(dir, 0701, currentID); err != nil { return err } @@ -281,6 +278,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) (retErr // Toplevel images are just a "root" dir if parent == "" { + // This must be 0755 otherwise unprivileged users will in the container will not be able to read / in the container return idtools.MkdirAndChown(path.Join(dir, "root"), 0755, root) } @@ -301,7 +299,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) (retErr if err := idtools.MkdirAndChown(path.Join(dir, "work"), 0700, root); err != nil { return err } - return ioutil.WriteFile(path.Join(dir, "lower-id"), []byte(parent), 0666) + return ioutil.WriteFile(path.Join(dir, "lower-id"), []byte(parent), 0600) } // Otherwise, copy the upper and the lower-id from the parent @@ -311,7 +309,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) (retErr return err } - if err := ioutil.WriteFile(path.Join(dir, "lower-id"), lowerID, 0666); err != nil { + if err := ioutil.WriteFile(path.Join(dir, "lower-id"), lowerID, 0600); err != nil { return err } diff --git a/daemon/graphdriver/overlay2/overlay.go b/daemon/graphdriver/overlay2/overlay.go index 11d53029ca9e1..e26fa07c827dd 100644 --- a/daemon/graphdriver/overlay2/overlay.go +++ b/daemon/graphdriver/overlay2/overlay.go @@ -165,12 +165,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap logger.Warn(overlayutils.ErrDTypeNotSupported("overlay2", backingFs)) } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, err - } - // Create the driver home dir - if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -339,11 +334,12 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr return err } root := idtools.Identity{UID: rootUID, GID: rootGID} + current := idtools.CurrentIdentity() - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0700, root); err != nil { + if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, current); err != nil { return err } - if err := idtools.MkdirAndChown(dir, 0700, root); err != nil { + if err := idtools.MkdirAndChown(dir, 0701, current); err != nil { return err } diff --git a/daemon/graphdriver/vfs/driver.go b/daemon/graphdriver/vfs/driver.go index b341de5b893c6..af9b107609e47 100644 --- a/daemon/graphdriver/vfs/driver.go +++ b/daemon/graphdriver/vfs/driver.go @@ -38,8 +38,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap return nil, err } - rootIDs := d.idMapping.RootPair() - if err := idtools.MkdirAllAndChown(home, 0700, rootIDs); err != nil { + if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -141,7 +140,7 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error { func (d *Driver) create(id, parent string, size uint64) error { dir := d.dir(id) rootIDs := d.idMapping.RootPair() - if err := idtools.MkdirAllAndChown(filepath.Dir(dir), 0700, rootIDs); err != nil { + if err := idtools.MkdirAllAndChown(filepath.Dir(dir), 0701, idtools.CurrentIdentity()); err != nil { return err } if err := idtools.MkdirAndChown(dir, 0755, rootIDs); err != nil { diff --git a/daemon/graphdriver/zfs/zfs.go b/daemon/graphdriver/zfs/zfs.go index 21c271e2ec07c..f9099a2094124 100644 --- a/daemon/graphdriver/zfs/zfs.go +++ b/daemon/graphdriver/zfs/zfs.go @@ -104,11 +104,7 @@ func Init(base string, opt []string, uidMaps, gidMaps []idtools.IDMap) (graphdri return nil, fmt.Errorf("BUG: zfs get all -t filesystem -rHp '%s' should contain '%s'", options.fsName, options.fsName) } - rootUID, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) - if err != nil { - return nil, fmt.Errorf("Failed to get root uid/guid: %v", err) - } - if err := idtools.MkdirAllAndChown(base, 0700, idtools.Identity{UID: rootUID, GID: rootGID}); err != nil { + if err := idtools.MkdirAllAndChown(base, 0701, idtools.CurrentIdentity()); err != nil { return nil, fmt.Errorf("Failed to create '%s': %v", base, err) } diff --git a/volume/local/local.go b/volume/local/local.go index 89252cf627420..088502f43bd83 100644 --- a/volume/local/local.go +++ b/volume/local/local.go @@ -50,7 +50,7 @@ type activeMount struct { func New(scope string, rootIdentity idtools.Identity) (*Root, error) { rootDirectory := filepath.Join(scope, volumesPathName) - if err := idtools.MkdirAllAndChown(rootDirectory, 0700, rootIdentity); err != nil { + if err := idtools.MkdirAllAndChown(rootDirectory, 0701, idtools.CurrentIdentity()); err != nil { return nil, err } @@ -153,8 +153,15 @@ func (r *Root) Create(name string, opts map[string]string) (volume.Volume, error } path := r.DataPath(name) + volRoot := filepath.Dir(path) + // Root dir does not need to be accessed by the remapped root + if err := idtools.MkdirAllAndChown(volRoot, 0701, idtools.CurrentIdentity()); err != nil { + return nil, errors.Wrapf(errdefs.System(err), "error while creating volume root path '%s'", volRoot) + } + + // Remapped root does need access to the data path if err := idtools.MkdirAllAndChown(path, 0755, r.rootIdentity); err != nil { - return nil, errors.Wrapf(errdefs.System(err), "error while creating volume path '%s'", path) + return nil, errors.Wrapf(errdefs.System(err), "error while creating volume data path '%s'", path) } var err error From 4afe620fac1abf75f11a44dfa234a56907753568 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Tue, 26 Jan 2021 17:50:55 +0000 Subject: [PATCH 004/252] vendor buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 Signed-off-by: Tibor Vass --- vendor.conf | 2 +- .../buildkit/cmd/buildkitd/config/config.go | 8 ++++++ .../moby/buildkit/executor/oci/spec.go | 8 ++++-- .../moby/buildkit/executor/oci/spec_unix.go | 26 ++++++++++++++++--- .../buildkit/executor/oci/spec_windows.go | 2 +- .../executor/runcexecutor/executor.go | 11 +++++--- vendor/github.com/moby/buildkit/go.mod | 1 + 7 files changed, 46 insertions(+), 12 deletions(-) diff --git a/vendor.conf b/vendor.conf index 580215346301a..99bb7a141aa03 100644 --- a/vendor.conf +++ b/vendor.conf @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 8142d66b5ebde79846b869fba30d9d30633e74aa # v0.8.1 +github.com/moby/buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 # v0.8 branch github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 diff --git a/vendor/github.com/moby/buildkit/cmd/buildkitd/config/config.go b/vendor/github.com/moby/buildkit/cmd/buildkitd/config/config.go index fe3e7ffa0dcf3..1841fefe1a015 100644 --- a/vendor/github.com/moby/buildkit/cmd/buildkitd/config/config.go +++ b/vendor/github.com/moby/buildkit/cmd/buildkitd/config/config.go @@ -87,6 +87,10 @@ type OCIConfig struct { // Decoding this is delayed in order to remove the dependency from this // config pkg to stargz snapshotter's config pkg. StargzSnapshotterConfig toml.Primitive `toml:"stargzSnapshotter"` + + // ApparmorProfile is the name of the apparmor profile that should be used to constrain build containers. + // The profile should already be loaded (by a higher level system) before creating a worker. + ApparmorProfile string `toml:"apparmor-profile"` } type ContainerdConfig struct { @@ -98,6 +102,10 @@ type ContainerdConfig struct { GCConfig NetworkConfig Snapshotter string `toml:"snapshotter"` + + // ApparmorProfile is the name of the apparmor profile that should be used to constrain build containers. + // The profile should already be loaded (by a higher level system) before creating a worker. + ApparmorProfile string `toml:"apparmor-profile"` } type GCPolicy struct { diff --git a/vendor/github.com/moby/buildkit/executor/oci/spec.go b/vendor/github.com/moby/buildkit/executor/oci/spec.go index 44ad95e4bfb37..8000310813833 100644 --- a/vendor/github.com/moby/buildkit/executor/oci/spec.go +++ b/vendor/github.com/moby/buildkit/executor/oci/spec.go @@ -16,6 +16,7 @@ import ( "github.com/moby/buildkit/snapshot" "github.com/moby/buildkit/util/network" specs "github.com/opencontainers/runtime-spec/specs-go" + "github.com/opencontainers/selinux/go-selinux" "github.com/pkg/errors" ) @@ -35,7 +36,7 @@ const ( // GenerateSpec generates spec using containerd functionality. // opts are ignored for s.Process, s.Hostname, and s.Mounts . -func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, processMode ProcessMode, idmap *idtools.IdentityMapping, opts ...oci.SpecOpts) (*specs.Spec, func(), error) { +func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, processMode ProcessMode, idmap *idtools.IdentityMapping, apparmorProfile string, opts ...oci.SpecOpts) (*specs.Spec, func(), error) { c := &containers.Container{ ID: id, } @@ -52,7 +53,7 @@ func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mou return nil, nil, err } - if securityOpts, err := generateSecurityOpts(meta.SecurityMode); err == nil { + if securityOpts, err := generateSecurityOpts(meta.SecurityMode, apparmorProfile); err == nil { opts = append(opts, securityOpts...) } else { return nil, nil, err @@ -103,6 +104,9 @@ func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mou for _, f := range releasers { f() } + if s.Process.SelinuxLabel != "" { + selinux.ReleaseLabel(s.Process.SelinuxLabel) + } } for _, m := range mounts { diff --git a/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go b/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go index 5c3f4c58c5e26..65f2ca6bf9430 100644 --- a/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go +++ b/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go @@ -13,6 +13,7 @@ import ( "github.com/moby/buildkit/util/entitlements/security" "github.com/moby/buildkit/util/system" specs "github.com/opencontainers/runtime-spec/specs-go" + "github.com/opencontainers/selinux/go-selinux/label" ) func generateMountOpts(resolvConf, hostsFile string) ([]oci.SpecOpts, error) { @@ -26,15 +27,32 @@ func generateMountOpts(resolvConf, hostsFile string) ([]oci.SpecOpts, error) { } // generateSecurityOpts may affect mounts, so must be called after generateMountOpts -func generateSecurityOpts(mode pb.SecurityMode) ([]oci.SpecOpts, error) { - if mode == pb.SecurityMode_INSECURE { +func generateSecurityOpts(mode pb.SecurityMode, apparmorProfile string) (opts []oci.SpecOpts, _ error) { + switch mode { + case pb.SecurityMode_INSECURE: return []oci.SpecOpts{ security.WithInsecureSpec(), oci.WithWriteableCgroupfs, oci.WithWriteableSysfs, + func(_ context.Context, _ oci.Client, _ *containers.Container, s *oci.Spec) error { + var err error + s.Process.SelinuxLabel, s.Linux.MountLabel, err = label.InitLabels([]string{"disable"}) + return err + }, }, nil - } else if system.SeccompSupported() && mode == pb.SecurityMode_SANDBOX { - return []oci.SpecOpts{withDefaultProfile()}, nil + case pb.SecurityMode_SANDBOX: + if system.SeccompSupported() { + opts = append(opts, withDefaultProfile()) + } + if apparmorProfile != "" { + opts = append(opts, oci.WithApparmorProfile(apparmorProfile)) + } + opts = append(opts, func(_ context.Context, _ oci.Client, _ *containers.Container, s *oci.Spec) error { + var err error + s.Process.SelinuxLabel, s.Linux.MountLabel, err = label.InitLabels(nil) + return err + }) + return opts, nil } return nil, nil } diff --git a/vendor/github.com/moby/buildkit/executor/oci/spec_windows.go b/vendor/github.com/moby/buildkit/executor/oci/spec_windows.go index 850a3b8730ab9..ea3afe86a4fb9 100644 --- a/vendor/github.com/moby/buildkit/executor/oci/spec_windows.go +++ b/vendor/github.com/moby/buildkit/executor/oci/spec_windows.go @@ -14,7 +14,7 @@ func generateMountOpts(resolvConf, hostsFile string) ([]oci.SpecOpts, error) { } // generateSecurityOpts may affect mounts, so must be called after generateMountOpts -func generateSecurityOpts(mode pb.SecurityMode) ([]oci.SpecOpts, error) { +func generateSecurityOpts(mode pb.SecurityMode, apparmorProfile string) ([]oci.SpecOpts, error) { if mode == pb.SecurityMode_INSECURE { return nil, errors.New("no support for running in insecure mode on Windows") } diff --git a/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go b/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go index 62c2891a57287..14790229e0d34 100644 --- a/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go +++ b/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go @@ -42,9 +42,10 @@ type Opt struct { ProcessMode oci.ProcessMode IdentityMapping *idtools.IdentityMapping // runc run --no-pivot (unrecommended) - NoPivot bool - DNS *oci.DNSConfig - OOMScoreAdj *int + NoPivot bool + DNS *oci.DNSConfig + OOMScoreAdj *int + ApparmorProfile string } var defaultCommandCandidates = []string{"buildkit-runc", "runc"} @@ -62,6 +63,7 @@ type runcExecutor struct { oomScoreAdj *int running map[string]chan error mu sync.Mutex + apparmorProfile string } func New(opt Opt, networkProviders map[pb.NetMode]network.Provider) (executor.Executor, error) { @@ -124,6 +126,7 @@ func New(opt Opt, networkProviders map[pb.NetMode]network.Provider) (executor.Ex dns: opt.DNS, oomScoreAdj: opt.OOMScoreAdj, running: make(map[string]chan error), + apparmorProfile: opt.ApparmorProfile, } return w, nil } @@ -253,7 +256,7 @@ func (w *runcExecutor) Run(ctx context.Context, id string, root executor.Mount, } opts = append(opts, containerdoci.WithCgroup(cgroupsPath)) } - spec, cleanup, err := oci.GenerateSpec(ctx, meta, mounts, id, resolvConf, hostsFile, namespace, w.processMode, w.idmap, opts...) + spec, cleanup, err := oci.GenerateSpec(ctx, meta, mounts, id, resolvConf, hostsFile, namespace, w.processMode, w.idmap, w.apparmorProfile, opts...) if err != nil { return err } diff --git a/vendor/github.com/moby/buildkit/go.mod b/vendor/github.com/moby/buildkit/go.mod index 07d71292459a4..06f53390c3146 100644 --- a/vendor/github.com/moby/buildkit/go.mod +++ b/vendor/github.com/moby/buildkit/go.mod @@ -46,6 +46,7 @@ require ( github.com/opencontainers/image-spec v1.0.1 github.com/opencontainers/runc v1.0.0-rc92 github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6 + github.com/opencontainers/selinux v1.8.0 github.com/opentracing-contrib/go-stdlib v1.0.0 github.com/opentracing/opentracing-go v1.2.0 github.com/pkg/errors v0.9.1 From 611eb6ffb32aa37876b4b47cec12e4fd47610838 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Fri, 9 Oct 2020 17:20:48 +0000 Subject: [PATCH 005/252] buildkit: Apply apparmor profile Signed-off-by: Brian Goff --- builder/builder-next/builder.go | 1 + builder/builder-next/controller.go | 2 +- builder/builder-next/executor_unix.go | 3 ++- builder/builder-next/executor_windows.go | 2 +- cmd/dockerd/daemon.go | 1 + daemon/apparmor_default.go | 8 ++++++++ daemon/apparmor_default_unsupported.go | 5 +++++ 7 files changed, 19 insertions(+), 3 deletions(-) diff --git a/builder/builder-next/builder.go b/builder/builder-next/builder.go index 5371911e8022b..4c6b08b58c1e6 100644 --- a/builder/builder-next/builder.go +++ b/builder/builder-next/builder.go @@ -75,6 +75,7 @@ type Opt struct { Rootless bool IdentityMapping *idtools.IdentityMapping DNSConfig config.DNSConfig + ApparmorProfile string } // Builder can build using BuildKit backend diff --git a/builder/builder-next/controller.go b/builder/builder-next/controller.go index 5aac0cb538c90..730917e680b06 100644 --- a/builder/builder-next/controller.go +++ b/builder/builder-next/controller.go @@ -132,7 +132,7 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) { dns := getDNSConfig(opt.DNSConfig) - exec, err := newExecutor(root, opt.DefaultCgroupParent, opt.NetworkController, dns, opt.Rootless, opt.IdentityMapping) + exec, err := newExecutor(root, opt.DefaultCgroupParent, opt.NetworkController, dns, opt.Rootless, opt.IdentityMapping, opt.ApparmorProfile) if err != nil { return nil, err } diff --git a/builder/builder-next/executor_unix.go b/builder/builder-next/executor_unix.go index c052ec707fec1..cefbb8a56fc41 100644 --- a/builder/builder-next/executor_unix.go +++ b/builder/builder-next/executor_unix.go @@ -24,7 +24,7 @@ import ( const networkName = "bridge" -func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, dnsConfig *oci.DNSConfig, rootless bool, idmap *idtools.IdentityMapping) (executor.Executor, error) { +func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, dnsConfig *oci.DNSConfig, rootless bool, idmap *idtools.IdentityMapping, apparmorProfile string) (executor.Executor, error) { networkProviders := map[pb.NetMode]network.Provider{ pb.NetMode_UNSET: &bridgeProvider{NetworkController: net, Root: filepath.Join(root, "net")}, pb.NetMode_HOST: network.NewHostProvider(), @@ -38,6 +38,7 @@ func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, dn NoPivot: os.Getenv("DOCKER_RAMDISK") != "", IdentityMapping: idmap, DNS: dnsConfig, + ApparmorProfile: apparmorProfile, }, networkProviders) } diff --git a/builder/builder-next/executor_windows.go b/builder/builder-next/executor_windows.go index f63d8aba9ec1d..638470e3a0dfc 100644 --- a/builder/builder-next/executor_windows.go +++ b/builder/builder-next/executor_windows.go @@ -11,7 +11,7 @@ import ( "github.com/moby/buildkit/executor/oci" ) -func newExecutor(_, _ string, _ libnetwork.NetworkController, _ *oci.DNSConfig, _ bool, _ *idtools.IdentityMapping) (executor.Executor, error) { +func newExecutor(_, _ string, _ libnetwork.NetworkController, _ *oci.DNSConfig, _ bool, _ *idtools.IdentityMapping, _ string) (executor.Executor, error) { return &winExecutor{}, nil } diff --git a/cmd/dockerd/daemon.go b/cmd/dockerd/daemon.go index 7fe8a6cbc6e68..bb3d72ab38753 100644 --- a/cmd/dockerd/daemon.go +++ b/cmd/dockerd/daemon.go @@ -297,6 +297,7 @@ func newRouterOptions(config *config.Config, d *daemon.Daemon) (routerOptions, e Rootless: d.Rootless(), IdentityMapping: d.IdentityMapping(), DNSConfig: config.DNSConfig, + ApparmorProfile: daemon.DefaultApparmorProfile(), }) if err != nil { return opts, err diff --git a/daemon/apparmor_default.go b/daemon/apparmor_default.go index 2045412a7966b..a7cc3a5ef412a 100644 --- a/daemon/apparmor_default.go +++ b/daemon/apparmor_default.go @@ -15,6 +15,14 @@ const ( defaultAppArmorProfile = "docker-default" ) +// DefaultApparmorProfile returns the name of the default apparmor profile +func DefaultApparmorProfile() string { + if apparmor.IsEnabled() { + return defaultAppArmorProfile + } + return "" +} + func ensureDefaultAppArmorProfile() error { if apparmor.IsEnabled() { loaded, err := aaprofile.IsLoaded(defaultAppArmorProfile) diff --git a/daemon/apparmor_default_unsupported.go b/daemon/apparmor_default_unsupported.go index 51f9c526b3505..dd581dc7dadbc 100644 --- a/daemon/apparmor_default_unsupported.go +++ b/daemon/apparmor_default_unsupported.go @@ -5,3 +5,8 @@ package daemon // import "github.com/docker/docker/daemon" func ensureDefaultAppArmorProfile() error { return nil } + +// DefaultApparmorProfile returns an empty string. +func DefaultApparmorProfile() string { + return "" +} From a7d4af84bd2f189b921c3ec60796aa825e3a0f2a Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 12 Oct 2020 18:08:28 +0000 Subject: [PATCH 006/252] pull: Validate layer digest format Otherwise a malformed or empty digest may cause a panic. Signed-off-by: Brian Goff --- builder/builder-next/adapters/containerimage/pull.go | 3 +++ distribution/pull_v2.go | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/builder/builder-next/adapters/containerimage/pull.go b/builder/builder-next/adapters/containerimage/pull.go index 733a337e87d17..e731e3e143d80 100644 --- a/builder/builder-next/adapters/containerimage/pull.go +++ b/builder/builder-next/adapters/containerimage/pull.go @@ -524,6 +524,9 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable layers := make([]xfer.DownloadDescriptor, 0, len(mfst.Layers)) for i, desc := range mfst.Layers { + if err := desc.Digest.Validate(); err != nil { + return nil, errors.Wrap(err, "layer digest could not be validated") + } ongoing.add(desc) layers = append(layers, &layerDescriptor{ desc: desc, diff --git a/distribution/pull_v2.go b/distribution/pull_v2.go index 12497ea890e7d..023ee2e71efdc 100644 --- a/distribution/pull_v2.go +++ b/distribution/pull_v2.go @@ -528,6 +528,9 @@ func (p *v2Puller) pullSchema1(ctx context.Context, ref reference.Reference, unv // to top-most, so that the downloads slice gets ordered correctly. for i := len(verifiedManifest.FSLayers) - 1; i >= 0; i-- { blobSum := verifiedManifest.FSLayers[i].BlobSum + if err = blobSum.Validate(); err != nil { + return "", "", errors.Wrapf(err, "could not validate layer digest %q", blobSum) + } var throwAway struct { ThrowAway bool `json:"throwaway,omitempty"` @@ -626,6 +629,9 @@ func (p *v2Puller) pullSchema2Layers(ctx context.Context, target distribution.De // Note that the order of this loop is in the direction of bottom-most // to top-most, so that the downloads slice gets ordered correctly. for _, d := range layers { + if err := d.Digest.Validate(); err != nil { + return "", errors.Wrapf(err, "could not validate layer digest %q", d.Digest) + } layerDescriptor := &v2LayerDescriptor{ digest: d.Digest, repo: p.repo, From 46229ca1d815cfd4b50eb377ac75ad8300e13a85 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Mon, 25 Jan 2021 17:30:29 +0000 Subject: [PATCH 007/252] Use golang.org/x/sys/execabs Signed-off-by: Tibor Vass (cherry picked from commit 7ca0cb7ffafc5339ac5fa575ce3f8b479c3643bf) Signed-off-by: Tibor Vass --- builder/remotecontext/git/gitutils.go | 2 +- pkg/archive/archive.go | 2 +- vendor.conf | 2 +- vendor/golang.org/x/sys/README.md | 2 + vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_arm64.go | 40 +- vendor/golang.org/x/sys/cpu/cpu_arm64.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go | 2 +- vendor/golang.org/x/sys/cpu/cpu_gc_x86.go | 2 +- .../golang.org/x/sys/cpu/cpu_linux_s390x.go | 121 +- .../golang.org/x/sys/cpu/cpu_netbsd_arm64.go | 173 ++ .../golang.org/x/sys/cpu/cpu_other_arm64.go | 3 +- .../golang.org/x/sys/cpu/cpu_other_mips64x.go | 12 + vendor/golang.org/x/sys/cpu/cpu_s390x.go | 150 +- vendor/golang.org/x/sys/cpu/cpu_s390x.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_x86.s | 2 +- vendor/golang.org/x/sys/cpu/cpu_zos.go | 10 + vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go | 25 + .../x/sys/cpu/syscall_aix_ppc64_gc.go | 2 +- vendor/golang.org/x/sys/execabs/execabs.go | 102 + vendor/golang.org/x/sys/unix/asm_aix_ppc64.s | 2 +- vendor/golang.org/x/sys/unix/asm_darwin_386.s | 2 +- .../golang.org/x/sys/unix/asm_darwin_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_darwin_arm.s | 2 +- .../golang.org/x/sys/unix/asm_darwin_arm64.s | 2 +- .../x/sys/unix/asm_dragonfly_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_freebsd_arm64.s | 2 +- vendor/golang.org/x/sys/unix/asm_linux_386.s | 2 +- .../golang.org/x/sys/unix/asm_linux_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_linux_arm.s | 2 +- .../golang.org/x/sys/unix/asm_linux_arm64.s | 2 +- .../golang.org/x/sys/unix/asm_linux_mips64x.s | 2 +- .../golang.org/x/sys/unix/asm_linux_mipsx.s | 2 +- .../golang.org/x/sys/unix/asm_linux_ppc64x.s | 2 +- .../golang.org/x/sys/unix/asm_linux_riscv64.s | 2 +- .../golang.org/x/sys/unix/asm_linux_s390x.s | 2 +- vendor/golang.org/x/sys/unix/asm_netbsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_netbsd_amd64.s | 2 +- vendor/golang.org/x/sys/unix/asm_netbsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_netbsd_arm64.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_386.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_amd64.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_arm.s | 2 +- .../golang.org/x/sys/unix/asm_openbsd_arm64.s | 2 +- .../x/sys/unix/asm_openbsd_mips64.s | 2 +- .../golang.org/x/sys/unix/asm_solaris_amd64.s | 2 +- vendor/golang.org/x/sys/unix/endian_big.go | 2 +- vendor/golang.org/x/sys/unix/endian_little.go | 2 +- vendor/golang.org/x/sys/unix/ptrace_darwin.go | 11 + vendor/golang.org/x/sys/unix/ptrace_ios.go | 11 + vendor/golang.org/x/sys/unix/syscall.go | 43 +- vendor/golang.org/x/sys/unix/syscall_bsd.go | 2 +- .../x/sys/unix/syscall_darwin.1_13.go | 1 - .../golang.org/x/sys/unix/syscall_darwin.go | 62 +- .../x/sys/unix/syscall_darwin_386.go | 2 +- .../x/sys/unix/syscall_darwin_amd64.go | 2 +- .../x/sys/unix/syscall_darwin_arm.go | 2 +- .../x/sys/unix/syscall_darwin_arm64.go | 2 +- .../x/sys/unix/syscall_dragonfly.go | 17 + .../golang.org/x/sys/unix/syscall_freebsd.go | 4 + .../golang.org/x/sys/unix/syscall_illumos.go | 13 - vendor/golang.org/x/sys/unix/syscall_linux.go | 87 +- .../x/sys/unix/syscall_linux_amd64_gc.go | 2 +- .../golang.org/x/sys/unix/syscall_linux_gc.go | 2 +- .../x/sys/unix/syscall_linux_gc_386.go | 2 +- .../x/sys/unix/syscall_linux_gc_arm.go | 2 +- .../golang.org/x/sys/unix/syscall_netbsd.go | 4 + .../golang.org/x/sys/unix/syscall_openbsd.go | 4 + .../golang.org/x/sys/unix/syscall_solaris.go | 13 + .../golang.org/x/sys/unix/syscall_unix_gc.go | 2 +- .../x/sys/unix/syscall_unix_gc_ppc64x.go | 2 +- vendor/golang.org/x/sys/unix/timestruct.go | 26 +- .../x/sys/unix/zerrors_darwin_386.go | 1 + .../x/sys/unix/zerrors_darwin_amd64.go | 1 + .../x/sys/unix/zerrors_darwin_arm.go | 1 + .../x/sys/unix/zerrors_darwin_arm64.go | 1 + vendor/golang.org/x/sys/unix/zerrors_linux.go | 149 +- .../x/sys/unix/zerrors_linux_386.go | 2 +- .../x/sys/unix/zerrors_linux_amd64.go | 2 +- .../x/sys/unix/zerrors_linux_arm.go | 2 +- .../x/sys/unix/zerrors_linux_arm64.go | 4 +- .../x/sys/unix/zerrors_linux_mips.go | 2 +- .../x/sys/unix/zerrors_linux_mips64.go | 2 +- .../x/sys/unix/zerrors_linux_mips64le.go | 2 +- .../x/sys/unix/zerrors_linux_mipsle.go | 2 +- .../x/sys/unix/zerrors_linux_ppc64.go | 2 +- .../x/sys/unix/zerrors_linux_ppc64le.go | 2 +- .../x/sys/unix/zerrors_linux_riscv64.go | 2 +- .../x/sys/unix/zerrors_linux_s390x.go | 2 +- .../x/sys/unix/zerrors_linux_sparc64.go | 2 +- .../x/sys/unix/zsyscall_aix_ppc64_gc.go | 2 +- .../x/sys/unix/zsyscall_darwin_386.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_386.go | 150 +- .../x/sys/unix/zsyscall_darwin_amd64.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_amd64.go | 150 +- .../x/sys/unix/zsyscall_darwin_arm.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_arm.go | 147 +- .../x/sys/unix/zsyscall_darwin_arm64.1_13.go | 2 - .../x/sys/unix/zsyscall_darwin_arm64.go | 150 +- .../x/sys/unix/zsyscall_dragonfly_amd64.go | 10 + .../x/sys/unix/zsyscall_illumos_amd64.go | 15 +- .../x/sys/unix/zsyscall_solaris_amd64.go | 13 + .../x/sys/unix/zsysnum_darwin_386.go | 437 ++++ .../x/sys/unix/zsysnum_darwin_amd64.go | 439 ++++ .../x/sys/unix/zsysnum_darwin_arm.go | 437 ++++ .../x/sys/unix/zsysnum_darwin_arm64.go | 437 ++++ .../x/sys/unix/zsysnum_linux_386.go | 1 + .../x/sys/unix/zsysnum_linux_amd64.go | 1 + .../x/sys/unix/zsysnum_linux_arm.go | 1 + .../x/sys/unix/zsysnum_linux_arm64.go | 1 + .../x/sys/unix/zsysnum_linux_mips.go | 1 + .../x/sys/unix/zsysnum_linux_mips64.go | 1 + .../x/sys/unix/zsysnum_linux_mips64le.go | 1 + .../x/sys/unix/zsysnum_linux_mipsle.go | 1 + .../x/sys/unix/zsysnum_linux_ppc64.go | 1 + .../x/sys/unix/zsysnum_linux_ppc64le.go | 1 + .../x/sys/unix/zsysnum_linux_riscv64.go | 1 + .../x/sys/unix/zsysnum_linux_s390x.go | 1 + .../x/sys/unix/zsysnum_linux_sparc64.go | 1 + .../golang.org/x/sys/unix/ztypes_aix_ppc.go | 1 + .../golang.org/x/sys/unix/ztypes_aix_ppc64.go | 1 + .../x/sys/unix/ztypes_darwin_386.go | 11 + .../x/sys/unix/ztypes_darwin_amd64.go | 11 + .../x/sys/unix/ztypes_darwin_arm.go | 11 + .../x/sys/unix/ztypes_darwin_arm64.go | 11 + .../x/sys/unix/ztypes_dragonfly_amd64.go | 1 + .../x/sys/unix/ztypes_freebsd_386.go | 1 + .../x/sys/unix/ztypes_freebsd_amd64.go | 1 + .../x/sys/unix/ztypes_freebsd_arm.go | 1 + .../x/sys/unix/ztypes_freebsd_arm64.go | 1 + vendor/golang.org/x/sys/unix/ztypes_linux.go | 2180 ++++++++++++----- .../golang.org/x/sys/unix/ztypes_linux_386.go | 17 +- .../x/sys/unix/ztypes_linux_amd64.go | 18 +- .../golang.org/x/sys/unix/ztypes_linux_arm.go | 18 +- .../x/sys/unix/ztypes_linux_arm64.go | 18 +- .../x/sys/unix/ztypes_linux_mips.go | 18 +- .../x/sys/unix/ztypes_linux_mips64.go | 18 +- .../x/sys/unix/ztypes_linux_mips64le.go | 18 +- .../x/sys/unix/ztypes_linux_mipsle.go | 18 +- .../x/sys/unix/ztypes_linux_ppc64.go | 18 +- .../x/sys/unix/ztypes_linux_ppc64le.go | 18 +- .../x/sys/unix/ztypes_linux_riscv64.go | 18 +- .../x/sys/unix/ztypes_linux_s390x.go | 18 +- .../x/sys/unix/ztypes_linux_sparc64.go | 18 +- .../x/sys/unix/ztypes_netbsd_386.go | 1 + .../x/sys/unix/ztypes_netbsd_amd64.go | 1 + .../x/sys/unix/ztypes_netbsd_arm.go | 1 + .../x/sys/unix/ztypes_netbsd_arm64.go | 1 + .../x/sys/unix/ztypes_openbsd_386.go | 1 + .../x/sys/unix/ztypes_openbsd_amd64.go | 1 + .../x/sys/unix/ztypes_openbsd_arm.go | 1 + .../x/sys/unix/ztypes_openbsd_arm64.go | 1 + .../x/sys/unix/ztypes_openbsd_mips64.go | 1 + .../x/sys/unix/ztypes_solaris_amd64.go | 1 + .../golang.org/x/sys/windows/dll_windows.go | 3 +- .../x/sys/windows/memory_windows.go | 20 +- .../sys/windows/registry/zsyscall_windows.go | 3 +- .../x/sys/windows/security_windows.go | 14 +- vendor/golang.org/x/sys/windows/service.go | 6 + .../x/sys/windows/setupapierrors_windows.go | 100 + .../x/sys/windows/svc/mgr/config.go | 7 + .../golang.org/x/sys/windows/svc/mgr/mgr.go | 3 - .../x/sys/windows/svc/mgr/service.go | 8 +- .../golang.org/x/sys/windows/svc/service.go | 12 +- vendor/golang.org/x/sys/windows/syscall.go | 46 +- .../x/sys/windows/syscall_windows.go | 30 +- .../golang.org/x/sys/windows/types_windows.go | 125 +- .../x/sys/windows/zsyscall_windows.go | 177 +- 172 files changed, 5143 insertions(+), 1514 deletions(-) create mode 100644 vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_zos.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go create mode 100644 vendor/golang.org/x/sys/execabs/execabs.go create mode 100644 vendor/golang.org/x/sys/unix/ptrace_darwin.go create mode 100644 vendor/golang.org/x/sys/unix/ptrace_ios.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go create mode 100644 vendor/golang.org/x/sys/windows/setupapierrors_windows.go diff --git a/builder/remotecontext/git/gitutils.go b/builder/remotecontext/git/gitutils.go index b3aba7f58b262..c0f68f8f89d3b 100644 --- a/builder/remotecontext/git/gitutils.go +++ b/builder/remotecontext/git/gitutils.go @@ -5,12 +5,12 @@ import ( "net/http" "net/url" "os" - "os/exec" "path/filepath" "strings" "github.com/moby/sys/symlink" "github.com/pkg/errors" + exec "golang.org/x/sys/execabs" ) type gitRepo struct { diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go index eeed6747295e6..2c65fca54a9e7 100644 --- a/pkg/archive/archive.go +++ b/pkg/archive/archive.go @@ -11,7 +11,6 @@ import ( "io" "io/ioutil" "os" - "os/exec" "path/filepath" "runtime" "strconv" @@ -25,6 +24,7 @@ import ( "github.com/docker/docker/pkg/pools" "github.com/docker/docker/pkg/system" "github.com/sirupsen/logrus" + exec "golang.org/x/sys/execabs" ) type ( diff --git a/vendor.conf b/vendor.conf index 99bb7a141aa03..b56df8947f7ad 100644 --- a/vendor.conf +++ b/vendor.conf @@ -20,7 +20,7 @@ github.com/creack/pty 2a38352e8b4d7ab6c336eef107e4 github.com/sirupsen/logrus 6699a89a232f3db797f2e280639854bbc4b89725 # v1.7.0 github.com/tchap/go-patricia a7f0089c6f496e8e70402f61733606daa326cac5 # v2.3.0 golang.org/x/net ab34263943818b32f575efc978a3d24e80b04bd7 -golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1 +golang.org/x/sys b64e53b001e413bd5067f36d4e439eded3827374 github.com/docker/go-units 519db1ee28dcc9fd2474ae59fca29a810482bfb1 # v0.4.0 github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0 golang.org/x/text 23ae387dee1f90d29a23c0e87ee0b46038fbed0e # v0.3.3 diff --git a/vendor/golang.org/x/sys/README.md b/vendor/golang.org/x/sys/README.md index ef6c9e59c2610..3b7e728042fdc 100644 --- a/vendor/golang.org/x/sys/README.md +++ b/vendor/golang.org/x/sys/README.md @@ -1,5 +1,7 @@ # sys +[![Go Reference](https://pkg.go.dev/badge/golang.org/x/sys.svg)](https://pkg.go.dev/golang.org/x/sys) + This repository holds supplemental Go packages for low-level interactions with the operating system. diff --git a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s index 06f84b8555800..6b4027b33fd24 100644 --- a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s +++ b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go index 2f64d3b3983cd..87dd5e30215b1 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go @@ -39,34 +39,34 @@ func initOptions() { func archInit() { switch runtime.GOOS { - case "android", "darwin", "ios", "netbsd", "openbsd": - // Android and iOS don't seem to allow reading these registers. - // - // NetBSD: - // ID_AA64ISAR0_EL1 is a privileged register and cannot be read from EL0. - // It can be read via sysctl(3). Example for future implementers: - // https://nxr.netbsd.org/xref/src/usr.sbin/cpuctl/arch/aarch64.c + case "freebsd": + readARM64Registers() + case "linux", "netbsd": + doinit() + default: + // Most platforms don't seem to allow reading these registers. // // OpenBSD: // See https://golang.org/issue/31746 - // - // Fake the minimal features expected by - // TestARM64minimalFeatures. - ARM64.HasASIMD = true - ARM64.HasFP = true - case "linux": - doinit() - default: - readARM64Registers() + setMinimalFeatures() } } +// setMinimalFeatures fakes the minimal ARM64 features expected by +// TestARM64minimalFeatures. +func setMinimalFeatures() { + ARM64.HasASIMD = true + ARM64.HasFP = true +} + func readARM64Registers() { Initialized = true - // ID_AA64ISAR0_EL1 - isar0 := getisar0() + parseARM64SystemRegisters(getisar0(), getisar1(), getpfr0()) +} +func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) { + // ID_AA64ISAR0_EL1 switch extractBits(isar0, 4, 7) { case 1: ARM64.HasAES = true @@ -124,8 +124,6 @@ func readARM64Registers() { } // ID_AA64ISAR1_EL1 - isar1 := getisar1() - switch extractBits(isar1, 0, 3) { case 1: ARM64.HasDCPOP = true @@ -147,8 +145,6 @@ func readARM64Registers() { } // ID_AA64PFR0_EL1 - pfr0 := getpfr0() - switch extractBits(pfr0, 16, 19) { case 0: ARM64.HasFP = true diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s index a54436e39095a..cfc08c979439d 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s +++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go index 7b88e865a4280..7f7f272a014f7 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go index 568bcd031aa41..75a95566161d0 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go index f7cb46971cb05..4adb89cf9cc84 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go +++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build 386 amd64 amd64p32 -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go index b88d6b8f662bd..1517ac61d31b5 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_linux_s390x.go @@ -17,86 +17,7 @@ const ( hwcap_VXE = 8192 ) -// bitIsSet reports whether the bit at index is set. The bit index -// is in big endian order, so bit index 0 is the leftmost bit. -func bitIsSet(bits []uint64, index uint) bool { - return bits[index/64]&((1<<63)>>(index%64)) != 0 -} - -// function is the code for the named cryptographic function. -type function uint8 - -const ( - // KM{,A,C,CTR} function codes - aes128 function = 18 // AES-128 - aes192 function = 19 // AES-192 - aes256 function = 20 // AES-256 - - // K{I,L}MD function codes - sha1 function = 1 // SHA-1 - sha256 function = 2 // SHA-256 - sha512 function = 3 // SHA-512 - sha3_224 function = 32 // SHA3-224 - sha3_256 function = 33 // SHA3-256 - sha3_384 function = 34 // SHA3-384 - sha3_512 function = 35 // SHA3-512 - shake128 function = 36 // SHAKE-128 - shake256 function = 37 // SHAKE-256 - - // KLMD function codes - ghash function = 65 // GHASH -) - -// queryResult contains the result of a Query function -// call. Bits are numbered in big endian order so the -// leftmost bit (the MSB) is at index 0. -type queryResult struct { - bits [2]uint64 -} - -// Has reports whether the given functions are present. -func (q *queryResult) Has(fns ...function) bool { - if len(fns) == 0 { - panic("no function codes provided") - } - for _, f := range fns { - if !bitIsSet(q.bits[:], uint(f)) { - return false - } - } - return true -} - -// facility is a bit index for the named facility. -type facility uint8 - -const ( - // cryptography facilities - msa4 facility = 77 // message-security-assist extension 4 - msa8 facility = 146 // message-security-assist extension 8 -) - -// facilityList contains the result of an STFLE call. -// Bits are numbered in big endian order so the -// leftmost bit (the MSB) is at index 0. -type facilityList struct { - bits [4]uint64 -} - -// Has reports whether the given facilities are present. -func (s *facilityList) Has(fs ...facility) bool { - if len(fs) == 0 { - panic("no facility bits provided") - } - for _, f := range fs { - if !bitIsSet(s.bits[:], uint(f)) { - return false - } - } - return true -} - -func doinit() { +func initS390Xbase() { // test HWCAP bit vector has := func(featureMask uint) bool { return hwCap&featureMask == featureMask @@ -116,44 +37,4 @@ func doinit() { if S390X.HasVX { S390X.HasVXE = has(hwcap_VXE) } - - // We need implementations of stfle, km and so on - // to detect cryptographic features. - if !haveAsmFunctions() { - return - } - - // optional cryptographic functions - if S390X.HasMSA { - aes := []function{aes128, aes192, aes256} - - // cipher message - km, kmc := kmQuery(), kmcQuery() - S390X.HasAES = km.Has(aes...) - S390X.HasAESCBC = kmc.Has(aes...) - if S390X.HasSTFLE { - facilities := stfle() - if facilities.Has(msa4) { - kmctr := kmctrQuery() - S390X.HasAESCTR = kmctr.Has(aes...) - } - if facilities.Has(msa8) { - kma := kmaQuery() - S390X.HasAESGCM = kma.Has(aes...) - } - } - - // compute message digest - kimd := kimdQuery() // intermediate (no padding) - klmd := klmdQuery() // last (padding) - S390X.HasSHA1 = kimd.Has(sha1) && klmd.Has(sha1) - S390X.HasSHA256 = kimd.Has(sha256) && klmd.Has(sha256) - S390X.HasSHA512 = kimd.Has(sha512) && klmd.Has(sha512) - S390X.HasGHASH = kimd.Has(ghash) // KLMD-GHASH does not exist - sha3 := []function{ - sha3_224, sha3_256, sha3_384, sha3_512, - shake128, shake256, - } - S390X.HasSHA3 = kimd.Has(sha3...) && klmd.Has(sha3...) - } } diff --git a/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go new file mode 100644 index 0000000000000..ebfb3fc8e76d2 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_netbsd_arm64.go @@ -0,0 +1,173 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +import ( + "syscall" + "unsafe" +) + +// Minimal copy of functionality from x/sys/unix so the cpu package can call +// sysctl without depending on x/sys/unix. + +const ( + _CTL_QUERY = -2 + + _SYSCTL_VERS_1 = 0x1000000 +) + +var _zero uintptr + +func sysctl(mib []int32, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { + var _p0 unsafe.Pointer + if len(mib) > 0 { + _p0 = unsafe.Pointer(&mib[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + _, _, errno := syscall.Syscall6( + syscall.SYS___SYSCTL, + uintptr(_p0), + uintptr(len(mib)), + uintptr(unsafe.Pointer(old)), + uintptr(unsafe.Pointer(oldlen)), + uintptr(unsafe.Pointer(new)), + uintptr(newlen)) + if errno != 0 { + return errno + } + return nil +} + +type sysctlNode struct { + Flags uint32 + Num int32 + Name [32]int8 + Ver uint32 + __rsvd uint32 + Un [16]byte + _sysctl_size [8]byte + _sysctl_func [8]byte + _sysctl_parent [8]byte + _sysctl_desc [8]byte +} + +func sysctlNodes(mib []int32) ([]sysctlNode, error) { + var olen uintptr + + // Get a list of all sysctl nodes below the given MIB by performing + // a sysctl for the given MIB with CTL_QUERY appended. + mib = append(mib, _CTL_QUERY) + qnode := sysctlNode{Flags: _SYSCTL_VERS_1} + qp := (*byte)(unsafe.Pointer(&qnode)) + sz := unsafe.Sizeof(qnode) + if err := sysctl(mib, nil, &olen, qp, sz); err != nil { + return nil, err + } + + // Now that we know the size, get the actual nodes. + nodes := make([]sysctlNode, olen/sz) + np := (*byte)(unsafe.Pointer(&nodes[0])) + if err := sysctl(mib, np, &olen, qp, sz); err != nil { + return nil, err + } + + return nodes, nil +} + +func nametomib(name string) ([]int32, error) { + // Split name into components. + var parts []string + last := 0 + for i := 0; i < len(name); i++ { + if name[i] == '.' { + parts = append(parts, name[last:i]) + last = i + 1 + } + } + parts = append(parts, name[last:]) + + mib := []int32{} + // Discover the nodes and construct the MIB OID. + for partno, part := range parts { + nodes, err := sysctlNodes(mib) + if err != nil { + return nil, err + } + for _, node := range nodes { + n := make([]byte, 0) + for i := range node.Name { + if node.Name[i] != 0 { + n = append(n, byte(node.Name[i])) + } + } + if string(n) == part { + mib = append(mib, int32(node.Num)) + break + } + } + if len(mib) != partno+1 { + return nil, err + } + } + + return mib, nil +} + +// aarch64SysctlCPUID is struct aarch64_sysctl_cpu_id from NetBSD's +type aarch64SysctlCPUID struct { + midr uint64 /* Main ID Register */ + revidr uint64 /* Revision ID Register */ + mpidr uint64 /* Multiprocessor Affinity Register */ + aa64dfr0 uint64 /* A64 Debug Feature Register 0 */ + aa64dfr1 uint64 /* A64 Debug Feature Register 1 */ + aa64isar0 uint64 /* A64 Instruction Set Attribute Register 0 */ + aa64isar1 uint64 /* A64 Instruction Set Attribute Register 1 */ + aa64mmfr0 uint64 /* A64 Memory Model Feature Register 0 */ + aa64mmfr1 uint64 /* A64 Memory Model Feature Register 1 */ + aa64mmfr2 uint64 /* A64 Memory Model Feature Register 2 */ + aa64pfr0 uint64 /* A64 Processor Feature Register 0 */ + aa64pfr1 uint64 /* A64 Processor Feature Register 1 */ + aa64zfr0 uint64 /* A64 SVE Feature ID Register 0 */ + mvfr0 uint32 /* Media and VFP Feature Register 0 */ + mvfr1 uint32 /* Media and VFP Feature Register 1 */ + mvfr2 uint32 /* Media and VFP Feature Register 2 */ + pad uint32 + clidr uint64 /* Cache Level ID Register */ + ctr uint64 /* Cache Type Register */ +} + +func sysctlCPUID(name string) (*aarch64SysctlCPUID, error) { + mib, err := nametomib(name) + if err != nil { + return nil, err + } + + out := aarch64SysctlCPUID{} + n := unsafe.Sizeof(out) + _, _, errno := syscall.Syscall6( + syscall.SYS___SYSCTL, + uintptr(unsafe.Pointer(&mib[0])), + uintptr(len(mib)), + uintptr(unsafe.Pointer(&out)), + uintptr(unsafe.Pointer(&n)), + uintptr(0), + uintptr(0)) + if errno != 0 { + return nil, errno + } + return &out, nil +} + +func doinit() { + cpuid, err := sysctlCPUID("machdep.cpu0.cpu_id") + if err != nil { + setMinimalFeatures() + return + } + parseARM64SystemRegisters(cpuid.aa64isar0, cpuid.aa64isar1, cpuid.aa64pfr0) + + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go index 3ffc4afa03ce2..16c1c4090ee2f 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go @@ -2,7 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !linux,arm64 +// +build !linux,!netbsd +// +build arm64 package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go new file mode 100644 index 0000000000000..f49fad67783e6 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go @@ -0,0 +1,12 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !linux +// +build mips64 mips64le + +package cpu + +func archInit() { + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_s390x.go index 544cd621ceea4..5881b8833f5a5 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_s390x.go +++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.go @@ -8,10 +8,10 @@ const cacheLineSize = 256 func initOptions() { options = []option{ - {Name: "zarch", Feature: &S390X.HasZARCH}, - {Name: "stfle", Feature: &S390X.HasSTFLE}, - {Name: "ldisp", Feature: &S390X.HasLDISP}, - {Name: "eimm", Feature: &S390X.HasEIMM}, + {Name: "zarch", Feature: &S390X.HasZARCH, Required: true}, + {Name: "stfle", Feature: &S390X.HasSTFLE, Required: true}, + {Name: "ldisp", Feature: &S390X.HasLDISP, Required: true}, + {Name: "eimm", Feature: &S390X.HasEIMM, Required: true}, {Name: "dfp", Feature: &S390X.HasDFP}, {Name: "etf3eh", Feature: &S390X.HasETF3EH}, {Name: "msa", Feature: &S390X.HasMSA}, @@ -28,3 +28,145 @@ func initOptions() { {Name: "vxe", Feature: &S390X.HasVXE}, } } + +// bitIsSet reports whether the bit at index is set. The bit index +// is in big endian order, so bit index 0 is the leftmost bit. +func bitIsSet(bits []uint64, index uint) bool { + return bits[index/64]&((1<<63)>>(index%64)) != 0 +} + +// facility is a bit index for the named facility. +type facility uint8 + +const ( + // mandatory facilities + zarch facility = 1 // z architecture mode is active + stflef facility = 7 // store-facility-list-extended + ldisp facility = 18 // long-displacement + eimm facility = 21 // extended-immediate + + // miscellaneous facilities + dfp facility = 42 // decimal-floating-point + etf3eh facility = 30 // extended-translation 3 enhancement + + // cryptography facilities + msa facility = 17 // message-security-assist + msa3 facility = 76 // message-security-assist extension 3 + msa4 facility = 77 // message-security-assist extension 4 + msa5 facility = 57 // message-security-assist extension 5 + msa8 facility = 146 // message-security-assist extension 8 + msa9 facility = 155 // message-security-assist extension 9 + + // vector facilities + vx facility = 129 // vector facility + vxe facility = 135 // vector-enhancements 1 + vxe2 facility = 148 // vector-enhancements 2 +) + +// facilityList contains the result of an STFLE call. +// Bits are numbered in big endian order so the +// leftmost bit (the MSB) is at index 0. +type facilityList struct { + bits [4]uint64 +} + +// Has reports whether the given facilities are present. +func (s *facilityList) Has(fs ...facility) bool { + if len(fs) == 0 { + panic("no facility bits provided") + } + for _, f := range fs { + if !bitIsSet(s.bits[:], uint(f)) { + return false + } + } + return true +} + +// function is the code for the named cryptographic function. +type function uint8 + +const ( + // KM{,A,C,CTR} function codes + aes128 function = 18 // AES-128 + aes192 function = 19 // AES-192 + aes256 function = 20 // AES-256 + + // K{I,L}MD function codes + sha1 function = 1 // SHA-1 + sha256 function = 2 // SHA-256 + sha512 function = 3 // SHA-512 + sha3_224 function = 32 // SHA3-224 + sha3_256 function = 33 // SHA3-256 + sha3_384 function = 34 // SHA3-384 + sha3_512 function = 35 // SHA3-512 + shake128 function = 36 // SHAKE-128 + shake256 function = 37 // SHAKE-256 + + // KLMD function codes + ghash function = 65 // GHASH +) + +// queryResult contains the result of a Query function +// call. Bits are numbered in big endian order so the +// leftmost bit (the MSB) is at index 0. +type queryResult struct { + bits [2]uint64 +} + +// Has reports whether the given functions are present. +func (q *queryResult) Has(fns ...function) bool { + if len(fns) == 0 { + panic("no function codes provided") + } + for _, f := range fns { + if !bitIsSet(q.bits[:], uint(f)) { + return false + } + } + return true +} + +func doinit() { + initS390Xbase() + + // We need implementations of stfle, km and so on + // to detect cryptographic features. + if !haveAsmFunctions() { + return + } + + // optional cryptographic functions + if S390X.HasMSA { + aes := []function{aes128, aes192, aes256} + + // cipher message + km, kmc := kmQuery(), kmcQuery() + S390X.HasAES = km.Has(aes...) + S390X.HasAESCBC = kmc.Has(aes...) + if S390X.HasSTFLE { + facilities := stfle() + if facilities.Has(msa4) { + kmctr := kmctrQuery() + S390X.HasAESCTR = kmctr.Has(aes...) + } + if facilities.Has(msa8) { + kma := kmaQuery() + S390X.HasAESGCM = kma.Has(aes...) + } + } + + // compute message digest + kimd := kimdQuery() // intermediate (no padding) + klmd := klmdQuery() // last (padding) + S390X.HasSHA1 = kimd.Has(sha1) && klmd.Has(sha1) + S390X.HasSHA256 = kimd.Has(sha256) && klmd.Has(sha256) + S390X.HasSHA512 = kimd.Has(sha512) && klmd.Has(sha512) + S390X.HasGHASH = kimd.Has(ghash) // KLMD-GHASH does not exist + sha3 := []function{ + sha3_224, sha3_256, sha3_384, sha3_512, + shake128, shake256, + } + S390X.HasSHA3 = kimd.Has(sha3...) && klmd.Has(sha3...) + } +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.s b/vendor/golang.org/x/sys/cpu/cpu_s390x.s index e5037d92e0612..964946df9571b 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_s390x.s +++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s index 47f084128cc3f..2f557a5887a4f 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_x86.s +++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build 386 amd64 amd64p32 -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/cpu/cpu_zos.go b/vendor/golang.org/x/sys/cpu/cpu_zos.go new file mode 100644 index 0000000000000..5f54683a22e3e --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_zos.go @@ -0,0 +1,10 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +func archInit() { + doinit() + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go new file mode 100644 index 0000000000000..ccb1b708aba98 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_zos_s390x.go @@ -0,0 +1,25 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +func initS390Xbase() { + // get the facilities list + facilities := stfle() + + // mandatory + S390X.HasZARCH = facilities.Has(zarch) + S390X.HasSTFLE = facilities.Has(stflef) + S390X.HasLDISP = facilities.Has(ldisp) + S390X.HasEIMM = facilities.Has(eimm) + + // optional + S390X.HasETF3EH = facilities.Has(etf3eh) + S390X.HasDFP = facilities.Has(dfp) + S390X.HasMSA = facilities.Has(msa) + S390X.HasVX = facilities.Has(vx) + if S390X.HasVX { + S390X.HasVXE = facilities.Has(vxe) + } +} diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go index 78fe25e86fbbe..5b427d67e2f7b 100644 --- a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go +++ b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go @@ -7,7 +7,7 @@ // (See golang.org/issue/32102) // +build aix,ppc64 -// +build !gccgo +// +build gc package cpu diff --git a/vendor/golang.org/x/sys/execabs/execabs.go b/vendor/golang.org/x/sys/execabs/execabs.go new file mode 100644 index 0000000000000..78192498db010 --- /dev/null +++ b/vendor/golang.org/x/sys/execabs/execabs.go @@ -0,0 +1,102 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package execabs is a drop-in replacement for os/exec +// that requires PATH lookups to find absolute paths. +// That is, execabs.Command("cmd") runs the same PATH lookup +// as exec.Command("cmd"), but if the result is a path +// which is relative, the Run and Start methods will report +// an error instead of running the executable. +// +// See https://blog.golang.org/path-security for more information +// about when it may be necessary or appropriate to use this package. +package execabs + +import ( + "context" + "fmt" + "os/exec" + "path/filepath" + "reflect" + "unsafe" +) + +// ErrNotFound is the error resulting if a path search failed to find an executable file. +// It is an alias for exec.ErrNotFound. +var ErrNotFound = exec.ErrNotFound + +// Cmd represents an external command being prepared or run. +// It is an alias for exec.Cmd. +type Cmd = exec.Cmd + +// Error is returned by LookPath when it fails to classify a file as an executable. +// It is an alias for exec.Error. +type Error = exec.Error + +// An ExitError reports an unsuccessful exit by a command. +// It is an alias for exec.ExitError. +type ExitError = exec.ExitError + +func relError(file, path string) error { + return fmt.Errorf("%s resolves to executable in current directory (.%c%s)", file, filepath.Separator, path) +} + +// LookPath searches for an executable named file in the directories +// named by the PATH environment variable. If file contains a slash, +// it is tried directly and the PATH is not consulted. The result will be +// an absolute path. +// +// LookPath differs from exec.LookPath in its handling of PATH lookups, +// which are used for file names without slashes. If exec.LookPath's +// PATH lookup would have returned an executable from the current directory, +// LookPath instead returns an error. +func LookPath(file string) (string, error) { + path, err := exec.LookPath(file) + if err != nil { + return "", err + } + if filepath.Base(file) == file && !filepath.IsAbs(path) { + return "", relError(file, path) + } + return path, nil +} + +func fixCmd(name string, cmd *exec.Cmd) { + if filepath.Base(name) == name && !filepath.IsAbs(cmd.Path) { + // exec.Command was called with a bare binary name and + // exec.LookPath returned a path which is not absolute. + // Set cmd.lookPathErr and clear cmd.Path so that it + // cannot be run. + lookPathErr := (*error)(unsafe.Pointer(reflect.ValueOf(cmd).Elem().FieldByName("lookPathErr").Addr().Pointer())) + if *lookPathErr == nil { + *lookPathErr = relError(name, cmd.Path) + } + cmd.Path = "" + } +} + +// CommandContext is like Command but includes a context. +// +// The provided context is used to kill the process (by calling os.Process.Kill) +// if the context becomes done before the command completes on its own. +func CommandContext(ctx context.Context, name string, arg ...string) *exec.Cmd { + cmd := exec.CommandContext(ctx, name, arg...) + fixCmd(name, cmd) + return cmd + +} + +// Command returns the Cmd struct to execute the named program with the given arguments. +// See exec.Command for most details. +// +// Command differs from exec.Command in its handling of PATH lookups, +// which are used when the program name contains no slashes. +// If exec.Command would have returned an exec.Cmd configured to run an +// executable from the current directory, Command instead +// returns an exec.Cmd that will return an error from Start or Run. +func Command(name string, arg ...string) *exec.Cmd { + cmd := exec.Command(name, arg...) + fixCmd(name, cmd) + return cmd +} diff --git a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s index 06f84b8555800..6b4027b33fd24 100644 --- a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s +++ b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_386.s b/vendor/golang.org/x/sys/unix/asm_darwin_386.s index 8a7278319e319..8a06b87d715a0 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_386.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s b/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s index 6321421f27263..f2397fde554de 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm.s index 333242d506197..c9e6b6fc8b55c 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc // +build arm,darwin #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s index 97e0174371868..89843f8f4b29c 100644 --- a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc // +build arm64,darwin #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s b/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s index 603dd5728c4a4..27674e1cafd79 100644 --- a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s b/vendor/golang.org/x/sys/unix/asm_freebsd_386.s index c9a0a2601562f..49f0ac2364cbc 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s index 35172477c8697..f2dfc57b836f5 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s index 9227c875bfebb..6d740db2c0c70 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s index d9318cbf034d8..a8f5a29b35f26 100644 --- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_386.s b/vendor/golang.org/x/sys/unix/asm_linux_386.s index 448bebbb59af4..0655ecbfbbecb 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_386.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s index c6468a9588022..bc3fb6ac3ed2e 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm.s b/vendor/golang.org/x/sys/unix/asm_linux_arm.s index cf0f3575c1339..55b13c7ba45c4 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s index afe6fdf6b1114..22a83d8e3fad6 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s @@ -4,7 +4,7 @@ // +build linux // +build arm64 -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s index ab9d63831a75a..dc222b90ce74f 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s @@ -4,7 +4,7 @@ // +build linux // +build mips64 mips64le -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s index 99e5399045c29..d333f13cff3b7 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s @@ -4,7 +4,7 @@ // +build linux // +build mips mipsle -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s index 88f712557810a..459a629c2732f 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s @@ -4,7 +4,7 @@ // +build linux // +build ppc64 ppc64le -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s index 3cfefed2ec042..04d38497c6dda 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build riscv64,!gccgo +// +build riscv64,gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s index a5a863c6bd75c..cc303989e1741 100644 --- a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s +++ b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s @@ -4,7 +4,7 @@ // +build s390x // +build linux -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s b/vendor/golang.org/x/sys/unix/asm_netbsd_386.s index 48bdcd7632aff..ae7b498d50684 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s index 2ede05c72f09d..e57367c17aa73 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s index e8928571c450e..d7da175e1a3fb 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s index 6f98ba5a370a2..e7cbe1904c4e6 100644 --- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s b/vendor/golang.org/x/sys/unix/asm_openbsd_386.s index 00576f3c83559..2f00b0310f434 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_386.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s index 790ef77f86ef7..07632c99ceaa8 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s index 469bfa10039a0..73e997320fc7a 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s index 0cedea3d39d8e..c47302aa46df9 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s index 567a4763c88a7..47c93fcb6c765 100644 --- a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s index ded8260f3e409..1f2c755a72035 100644 --- a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s +++ b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !gccgo +// +build gc #include "textflag.h" diff --git a/vendor/golang.org/x/sys/unix/endian_big.go b/vendor/golang.org/x/sys/unix/endian_big.go index 5e9269063f5b1..86781eac2210d 100644 --- a/vendor/golang.org/x/sys/unix/endian_big.go +++ b/vendor/golang.org/x/sys/unix/endian_big.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // -// +build ppc64 s390x mips mips64 +// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64 package unix diff --git a/vendor/golang.org/x/sys/unix/endian_little.go b/vendor/golang.org/x/sys/unix/endian_little.go index bcdb5d30eb9b6..8822d8541f23c 100644 --- a/vendor/golang.org/x/sys/unix/endian_little.go +++ b/vendor/golang.org/x/sys/unix/endian_little.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // -// +build 386 amd64 amd64p32 arm arm64 ppc64le mipsle mips64le riscv64 +// +build 386 amd64 amd64p32 alpha arm arm64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh package unix diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go new file mode 100644 index 0000000000000..fc568b5403e69 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go @@ -0,0 +1,11 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build darwin,!ios + +package unix + +func ptrace(request int, pid int, addr uintptr, data uintptr) error { + return ptrace1(request, pid, addr, data) +} diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go new file mode 100644 index 0000000000000..183441c9a5314 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go @@ -0,0 +1,11 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build ios + +package unix + +func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { + return ENOTSUP +} diff --git a/vendor/golang.org/x/sys/unix/syscall.go b/vendor/golang.org/x/sys/unix/syscall.go index fd4ee8ebeb707..ab75ef9cc621e 100644 --- a/vendor/golang.org/x/sys/unix/syscall.go +++ b/vendor/golang.org/x/sys/unix/syscall.go @@ -24,7 +24,13 @@ // holds a value of type syscall.Errno. package unix // import "golang.org/x/sys/unix" -import "strings" +import ( + "bytes" + "strings" + "unsafe" + + "golang.org/x/sys/internal/unsafeheader" +) // ByteSliceFromString returns a NUL-terminated slice of bytes // containing the text of s. If s contains a NUL byte at any @@ -49,5 +55,40 @@ func BytePtrFromString(s string) (*byte, error) { return &a[0], nil } +// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any +// bytes after the NUL removed. +func ByteSliceToString(s []byte) string { + if i := bytes.IndexByte(s, 0); i != -1 { + s = s[:i] + } + return string(s) +} + +// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string. +// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated +// at a zero byte; if the zero byte is not present, the program may crash. +func BytePtrToString(p *byte) string { + if p == nil { + return "" + } + if *p == 0 { + return "" + } + + // Find NUL terminator. + n := 0 + for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ { + ptr = unsafe.Pointer(uintptr(ptr) + 1) + } + + var s []byte + h := (*unsafeheader.Slice)(unsafe.Pointer(&s)) + h.Data = unsafe.Pointer(p) + h.Len = n + h.Cap = n + + return string(s) +} + // Single-word zero for use when we need a valid pointer to 0 bytes. var _zero uintptr diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index 123536a028ca3..bc634a280a08c 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -277,7 +277,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } return sa, nil } - return nil, EAFNOSUPPORT + return anyToSockaddrGOOS(fd, rsa) } func Accept(fd int) (nfd int, sa Sockaddr, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go index dc0befee37eb2..ee852f1abc5a5 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go @@ -26,7 +26,6 @@ func fdopendir(fd int) (dir uintptr, err error) { func libc_fdopendir_trampoline() -//go:linkname libc_fdopendir libc_fdopendir //go:cgo_import_dynamic libc_fdopendir fdopendir "/usr/lib/libSystem.B.dylib" func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go index 5b0e831f24f57..16f9c226b9088 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go @@ -31,10 +31,40 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +// SockaddrCtl implements the Sockaddr interface for AF_SYSTEM type sockets. +type SockaddrCtl struct { + ID uint32 + Unit uint32 + raw RawSockaddrCtl +} + +func (sa *SockaddrCtl) sockaddr() (unsafe.Pointer, _Socklen, error) { + sa.raw.Sc_len = SizeofSockaddrCtl + sa.raw.Sc_family = AF_SYSTEM + sa.raw.Ss_sysaddr = AF_SYS_CONTROL + sa.raw.Sc_id = sa.ID + sa.raw.Sc_unit = sa.Unit + return unsafe.Pointer(&sa.raw), SizeofSockaddrCtl, nil +} + +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + switch rsa.Addr.Family { + case AF_SYSTEM: + pp := (*RawSockaddrCtl)(unsafe.Pointer(rsa)) + if pp.Ss_sysaddr == AF_SYS_CONTROL { + sa := new(SockaddrCtl) + sa.ID = pp.Sc_id + sa.Unit = pp.Sc_unit + return sa, nil + } + } + return nil, EAFNOSUPPORT +} + // Some external packages rely on SYS___SYSCTL being defined to implement their // own sysctl wrappers. Provide it here, even though direct syscalls are no // longer supported on darwin. -const SYS___SYSCTL = 202 +const SYS___SYSCTL = SYS_SYSCTL // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { @@ -89,13 +119,16 @@ type attrList struct { Forkattr uint32 } -//sysnb pipe() (r int, w int, err error) +//sysnb pipe(p *[2]int32) (err error) func Pipe(p []int) (err error) { if len(p) != 2 { return EINVAL } - p[0], p[1], err = pipe() + var x [2]int32 + err = pipe(&x) + p[0] = int(x[0]) + p[1] = int(x[1]) return } @@ -264,6 +297,29 @@ func IoctlCtlInfo(fd int, ctlInfo *CtlInfo) error { return err } +// IfreqMTU is struct ifreq used to get or set a network device's MTU. +type IfreqMTU struct { + Name [IFNAMSIZ]byte + MTU int32 +} + +// IoctlGetIfreqMTU performs the SIOCGIFMTU ioctl operation on fd to get the MTU +// of the network device specified by ifname. +func IoctlGetIfreqMTU(fd int, ifname string) (*IfreqMTU, error) { + var ifreq IfreqMTU + copy(ifreq.Name[:], ifname) + err := ioctl(fd, SIOCGIFMTU, uintptr(unsafe.Pointer(&ifreq))) + return &ifreq, err +} + +// IoctlSetIfreqMTU performs the SIOCSIFMTU ioctl operation on fd to set the MTU +// of the network device specified by ifreq.Name. +func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error { + err := ioctl(fd, SIOCSIFMTU, uintptr(unsafe.Pointer(ifreq))) + runtime.KeepAlive(ifreq) + return err +} + //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL func Uname(uname *Utsname) error { diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go b/vendor/golang.org/x/sys/unix/syscall_darwin_386.go index 6c1f4ab95b477..ee065fcf2da97 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_386.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64 //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64 //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 //sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go index 0582ae256ef43..7a1f64a7b6b4a 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64 //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64 //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 //sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go index c6a9733b4cb6e..d30735c5d6303 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go @@ -6,7 +6,7 @@ package unix import "syscall" -func ptrace(request int, pid int, addr uintptr, data uintptr) error { +func ptrace1(request int, pid int, addr uintptr, data uintptr) error { return ENOTSUP } diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go index 253afa4de55cd..9f85fd4046ea8 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go @@ -45,6 +45,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys Fstatfs(fd int, stat *Statfs_t) (err error) //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT //sys Lstat(path string, stat *Stat_t) (err error) -//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) //sys Statfs(path string, stat *Statfs_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go index bed7dcfec116e..a4f2944a24eab 100644 --- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go +++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go @@ -47,6 +47,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { const siz = unsafe.Sizeof(mib[0]) @@ -101,6 +105,19 @@ func Pipe(p []int) (err error) { return } +//sysnb pipe2(p *[2]_C_int, flags int) (err error) + +func Pipe2(p []int, flags int) error { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err := pipe2(&pp, flags) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return err +} + //sys extpread(fd int, p []byte, flags int, offset int64) (n int, err error) func Pread(fd int, p []byte, offset int64) (n int, err error) { return extpread(fd, p, 0, offset) diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go index f6db02aff401f..acc00c2e6a10a 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go @@ -54,6 +54,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + // Translate "kern.hostname" to []_C_int{0,1,2,3}. func nametomib(name string) (mib []_C_int, err error) { const siz = unsafe.Sizeof(mib[0]) diff --git a/vendor/golang.org/x/sys/unix/syscall_illumos.go b/vendor/golang.org/x/sys/unix/syscall_illumos.go index bbc4f3ea54396..7a2d4120fc081 100644 --- a/vendor/golang.org/x/sys/unix/syscall_illumos.go +++ b/vendor/golang.org/x/sys/unix/syscall_illumos.go @@ -75,16 +75,3 @@ func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) { } return } - -//sysnb pipe2(p *[2]_C_int, flags int) (err error) - -func Pipe2(p []int, flags int) error { - if len(p) != 2 { - return EINVAL - } - var pp [2]_C_int - err := pipe2(&pp, flags) - p[0] = int(pp[0]) - p[1] = int(pp[1]) - return err -} diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 84a9e5277ac50..28be1306ec976 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -641,6 +641,36 @@ func (sa *SockaddrCAN) sockaddr() (unsafe.Pointer, _Socklen, error) { return unsafe.Pointer(&sa.raw), SizeofSockaddrCAN, nil } +// SockaddrCANJ1939 implements the Sockaddr interface for AF_CAN using J1939 +// protocol (https://en.wikipedia.org/wiki/SAE_J1939). For more information +// on the purposes of the fields, check the official linux kernel documentation +// available here: https://www.kernel.org/doc/Documentation/networking/j1939.rst +type SockaddrCANJ1939 struct { + Ifindex int + Name uint64 + PGN uint32 + Addr uint8 + raw RawSockaddrCAN +} + +func (sa *SockaddrCANJ1939) sockaddr() (unsafe.Pointer, _Socklen, error) { + if sa.Ifindex < 0 || sa.Ifindex > 0x7fffffff { + return nil, 0, EINVAL + } + sa.raw.Family = AF_CAN + sa.raw.Ifindex = int32(sa.Ifindex) + n := (*[8]byte)(unsafe.Pointer(&sa.Name)) + for i := 0; i < 8; i++ { + sa.raw.Addr[i] = n[i] + } + p := (*[4]byte)(unsafe.Pointer(&sa.PGN)) + for i := 0; i < 4; i++ { + sa.raw.Addr[i+8] = p[i] + } + sa.raw.Addr[12] = sa.Addr + return unsafe.Pointer(&sa.raw), SizeofSockaddrCAN, nil +} + // SockaddrALG implements the Sockaddr interface for AF_ALG type sockets. // SockaddrALG enables userspace access to the Linux kernel's cryptography // subsystem. The Type and Name fields specify which type of hash or cipher @@ -952,6 +982,10 @@ func (sa *SockaddrIUCV) sockaddr() (unsafe.Pointer, _Socklen, error) { return unsafe.Pointer(&sa.raw), SizeofSockaddrIUCV, nil } +var socketProtocol = func(fd int) (int, error) { + return GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) +} + func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { switch rsa.Addr.Family { case AF_NETLINK: @@ -1002,7 +1036,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { return sa, nil case AF_INET: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1028,7 +1062,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } case AF_INET6: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1063,7 +1097,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { } return sa, nil case AF_BLUETOOTH: - proto, err := GetsockoptInt(fd, SOL_SOCKET, SO_PROTOCOL) + proto, err := socketProtocol(fd) if err != nil { return nil, err } @@ -1150,20 +1184,43 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { return sa, nil case AF_CAN: - pp := (*RawSockaddrCAN)(unsafe.Pointer(rsa)) - sa := &SockaddrCAN{ - Ifindex: int(pp.Ifindex), - } - rx := (*[4]byte)(unsafe.Pointer(&sa.RxID)) - for i := 0; i < 4; i++ { - rx[i] = pp.Addr[i] - } - tx := (*[4]byte)(unsafe.Pointer(&sa.TxID)) - for i := 0; i < 4; i++ { - tx[i] = pp.Addr[i+4] + proto, err := socketProtocol(fd) + if err != nil { + return nil, err } - return sa, nil + pp := (*RawSockaddrCAN)(unsafe.Pointer(rsa)) + + switch proto { + case CAN_J1939: + sa := &SockaddrCANJ1939{ + Ifindex: int(pp.Ifindex), + } + name := (*[8]byte)(unsafe.Pointer(&sa.Name)) + for i := 0; i < 8; i++ { + name[i] = pp.Addr[i] + } + pgn := (*[4]byte)(unsafe.Pointer(&sa.PGN)) + for i := 0; i < 4; i++ { + pgn[i] = pp.Addr[i+8] + } + addr := (*[1]byte)(unsafe.Pointer(&sa.Addr)) + addr[0] = pp.Addr[12] + return sa, nil + default: + sa := &SockaddrCAN{ + Ifindex: int(pp.Ifindex), + } + rx := (*[4]byte)(unsafe.Pointer(&sa.RxID)) + for i := 0; i < 4; i++ { + rx[i] = pp.Addr[i] + } + tx := (*[4]byte)(unsafe.Pointer(&sa.TxID)) + for i := 0; i < 4; i++ { + tx[i] = pp.Addr[i+4] + } + return sa, nil + } } return nil, EAFNOSUPPORT } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go index 21a4946ba553e..baa771f8ad982 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build amd64,linux -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go index c26e6ec2314a8..9edf3961b010c 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build linux,!gccgo +// +build linux,gc package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go index 070bd38994ecf..90e33d8cf751a 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build linux,!gccgo,386 +// +build linux,gc,386 package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go index 8c514c95ed4fb..1a97baae732ec 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build arm,!gccgo,linux +// +build arm,gc,linux package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go index dbd5e03b62727..1e6843b4c3dac 100644 --- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go @@ -31,6 +31,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + func Syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func sysctlNodes(mib []_C_int) (nodes []Sysctlnode, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index 2c1f46ea1eff5..6a50b50bd6924 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -31,6 +31,10 @@ type SockaddrDatalink struct { raw RawSockaddrDatalink } +func anyToSockaddrGOOS(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { + return nil, EAFNOSUPPORT +} + func Syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func nametomib(name string) (mib []_C_int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index fee6e99528911..184786ed99b71 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -68,6 +68,19 @@ func Pipe(p []int) (err error) { return nil } +//sysnb pipe2(p *[2]_C_int, flags int) (err error) + +func Pipe2(p []int, flags int) error { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err := pipe2(&pp, flags) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return err +} + func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) { if sa.Port < 0 || sa.Port > 0xFFFF { return nil, 0, EINVAL diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go index 1c70d1b6902b1..87bd161cefc98 100644 --- a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go +++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // +build darwin dragonfly freebsd linux netbsd openbsd solaris -// +build !gccgo,!ppc64le,!ppc64 +// +build gc,!ppc64le,!ppc64 package unix diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go index 86dc765aba3e6..d36216c3ca73a 100644 --- a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go @@ -4,7 +4,7 @@ // +build linux // +build ppc64le ppc64 -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/timestruct.go b/vendor/golang.org/x/sys/unix/timestruct.go index 4a672f56942ab..103604299e2a3 100644 --- a/vendor/golang.org/x/sys/unix/timestruct.go +++ b/vendor/golang.org/x/sys/unix/timestruct.go @@ -8,12 +8,10 @@ package unix import "time" -// TimespecToNsec converts a Timespec value into a number of -// nanoseconds since the Unix epoch. -func TimespecToNsec(ts Timespec) int64 { return int64(ts.Sec)*1e9 + int64(ts.Nsec) } +// TimespecToNSec returns the time stored in ts as nanoseconds. +func TimespecToNsec(ts Timespec) int64 { return ts.Nano() } -// NsecToTimespec takes a number of nanoseconds since the Unix epoch -// and returns the corresponding Timespec value. +// NsecToTimespec converts a number of nanoseconds into a Timespec. func NsecToTimespec(nsec int64) Timespec { sec := nsec / 1e9 nsec = nsec % 1e9 @@ -42,12 +40,10 @@ func TimeToTimespec(t time.Time) (Timespec, error) { return ts, nil } -// TimevalToNsec converts a Timeval value into a number of nanoseconds -// since the Unix epoch. -func TimevalToNsec(tv Timeval) int64 { return int64(tv.Sec)*1e9 + int64(tv.Usec)*1e3 } +// TimevalToNsec returns the time stored in tv as nanoseconds. +func TimevalToNsec(tv Timeval) int64 { return tv.Nano() } -// NsecToTimeval takes a number of nanoseconds since the Unix epoch -// and returns the corresponding Timeval value. +// NsecToTimeval converts a number of nanoseconds into a Timeval. func NsecToTimeval(nsec int64) Timeval { nsec += 999 // round up to microsecond usec := nsec % 1e9 / 1e3 @@ -59,24 +55,22 @@ func NsecToTimeval(nsec int64) Timeval { return setTimeval(sec, usec) } -// Unix returns ts as the number of seconds and nanoseconds elapsed since the -// Unix epoch. +// Unix returns the time stored in ts as seconds plus nanoseconds. func (ts *Timespec) Unix() (sec int64, nsec int64) { return int64(ts.Sec), int64(ts.Nsec) } -// Unix returns tv as the number of seconds and nanoseconds elapsed since the -// Unix epoch. +// Unix returns the time stored in tv as seconds plus nanoseconds. func (tv *Timeval) Unix() (sec int64, nsec int64) { return int64(tv.Sec), int64(tv.Usec) * 1000 } -// Nano returns ts as the number of nanoseconds elapsed since the Unix epoch. +// Nano returns the time stored in ts as nanoseconds. func (ts *Timespec) Nano() int64 { return int64(ts.Sec)*1e9 + int64(ts.Nsec) } -// Nano returns tv as the number of nanoseconds elapsed since the Unix epoch. +// Nano returns the time stored in tv as nanoseconds. func (tv *Timeval) Nano() int64 { return int64(tv.Sec)*1e9 + int64(tv.Usec)*1000 } diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go index c8f9f7a1fb1a8..ec376f51bc423 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go index 7180064b2b886..fea5dfaadb9b8 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go index 3b9ca75858205..03feefbf8c92e 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go index 4687c73ac1683..b40fb1f69675f 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go @@ -45,6 +45,7 @@ const ( AF_SIP = 0x18 AF_SNA = 0xb AF_SYSTEM = 0x20 + AF_SYS_CONTROL = 0x2 AF_UNIX = 0x1 AF_UNSPEC = 0x0 AF_UTUN = 0x26 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 2069fb861d11a..b3463a8b5a54c 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -65,6 +65,7 @@ const ( ALG_OP_ENCRYPT = 0x1 ALG_SET_AEAD_ASSOCLEN = 0x4 ALG_SET_AEAD_AUTHSIZE = 0x5 + ALG_SET_DRBG_ENTROPY = 0x6 ALG_SET_IV = 0x2 ALG_SET_KEY = 0x1 ALG_SET_OP = 0x3 @@ -179,8 +180,10 @@ const ( BPF_F_ANY_ALIGNMENT = 0x2 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 + BPF_F_SLEEPABLE = 0x10 BPF_F_STRICT_ALIGNMENT = 0x1 BPF_F_TEST_RND_HI32 = 0x4 + BPF_F_TEST_RUN_ON_CPU = 0x1 BPF_F_TEST_STATE_FREQ = 0x8 BPF_H = 0x8 BPF_IMM = 0x0 @@ -219,6 +222,7 @@ const ( BPF_NET_OFF = -0x100000 BPF_OBJ_NAME_LEN = 0x10 BPF_OR = 0x40 + BPF_PSEUDO_BTF_ID = 0x3 BPF_PSEUDO_CALL = 0x1 BPF_PSEUDO_MAP_FD = 0x1 BPF_PSEUDO_MAP_VALUE = 0x2 @@ -429,10 +433,13 @@ const ( DEBUGFS_MAGIC = 0x64626720 DEVLINK_CMD_ESWITCH_MODE_GET = 0x1d DEVLINK_CMD_ESWITCH_MODE_SET = 0x1e + DEVLINK_FLASH_OVERWRITE_IDENTIFIERS = 0x2 + DEVLINK_FLASH_OVERWRITE_SETTINGS = 0x1 DEVLINK_GENL_MCGRP_CONFIG_NAME = "config" DEVLINK_GENL_NAME = "devlink" DEVLINK_GENL_VERSION = 0x1 DEVLINK_SB_THRESHOLD_TO_ALPHA_MAX = 0x14 + DEVLINK_SUPPORTED_FLASH_OVERWRITE_SECTIONS = 0x3 DEVMEM_MAGIC = 0x454d444d DEVPTS_SUPER_MAGIC = 0x1cd1 DMA_BUF_MAGIC = 0x444d4142 @@ -477,9 +484,9 @@ const ( DM_UUID_FLAG = 0x4000 DM_UUID_LEN = 0x81 DM_VERSION = 0xc138fd00 - DM_VERSION_EXTRA = "-ioctl (2020-02-27)" + DM_VERSION_EXTRA = "-ioctl (2020-10-01)" DM_VERSION_MAJOR = 0x4 - DM_VERSION_MINOR = 0x2a + DM_VERSION_MINOR = 0x2b DM_VERSION_PATCHLEVEL = 0x0 DT_BLK = 0x6 DT_CHR = 0x2 @@ -520,6 +527,119 @@ const ( EPOLL_CTL_DEL = 0x2 EPOLL_CTL_MOD = 0x3 EROFS_SUPER_MAGIC_V1 = 0xe0f5e1e2 + ESP_V4_FLOW = 0xa + ESP_V6_FLOW = 0xc + ETHER_FLOW = 0x12 + ETHTOOL_BUSINFO_LEN = 0x20 + ETHTOOL_EROMVERS_LEN = 0x20 + ETHTOOL_FEC_AUTO = 0x2 + ETHTOOL_FEC_BASER = 0x10 + ETHTOOL_FEC_LLRS = 0x20 + ETHTOOL_FEC_NONE = 0x1 + ETHTOOL_FEC_OFF = 0x4 + ETHTOOL_FEC_RS = 0x8 + ETHTOOL_FLAG_ALL = 0x7 + ETHTOOL_FLAG_COMPACT_BITSETS = 0x1 + ETHTOOL_FLAG_OMIT_REPLY = 0x2 + ETHTOOL_FLAG_STATS = 0x4 + ETHTOOL_FLASHDEV = 0x33 + ETHTOOL_FLASH_MAX_FILENAME = 0x80 + ETHTOOL_FWVERS_LEN = 0x20 + ETHTOOL_F_COMPAT = 0x4 + ETHTOOL_F_UNSUPPORTED = 0x1 + ETHTOOL_F_WISH = 0x2 + ETHTOOL_GCHANNELS = 0x3c + ETHTOOL_GCOALESCE = 0xe + ETHTOOL_GDRVINFO = 0x3 + ETHTOOL_GEEE = 0x44 + ETHTOOL_GEEPROM = 0xb + ETHTOOL_GENL_NAME = "ethtool" + ETHTOOL_GENL_VERSION = 0x1 + ETHTOOL_GET_DUMP_DATA = 0x40 + ETHTOOL_GET_DUMP_FLAG = 0x3f + ETHTOOL_GET_TS_INFO = 0x41 + ETHTOOL_GFEATURES = 0x3a + ETHTOOL_GFECPARAM = 0x50 + ETHTOOL_GFLAGS = 0x25 + ETHTOOL_GGRO = 0x2b + ETHTOOL_GGSO = 0x23 + ETHTOOL_GLINK = 0xa + ETHTOOL_GLINKSETTINGS = 0x4c + ETHTOOL_GMODULEEEPROM = 0x43 + ETHTOOL_GMODULEINFO = 0x42 + ETHTOOL_GMSGLVL = 0x7 + ETHTOOL_GPAUSEPARAM = 0x12 + ETHTOOL_GPERMADDR = 0x20 + ETHTOOL_GPFLAGS = 0x27 + ETHTOOL_GPHYSTATS = 0x4a + ETHTOOL_GREGS = 0x4 + ETHTOOL_GRINGPARAM = 0x10 + ETHTOOL_GRSSH = 0x46 + ETHTOOL_GRXCLSRLALL = 0x30 + ETHTOOL_GRXCLSRLCNT = 0x2e + ETHTOOL_GRXCLSRULE = 0x2f + ETHTOOL_GRXCSUM = 0x14 + ETHTOOL_GRXFH = 0x29 + ETHTOOL_GRXFHINDIR = 0x38 + ETHTOOL_GRXNTUPLE = 0x36 + ETHTOOL_GRXRINGS = 0x2d + ETHTOOL_GSET = 0x1 + ETHTOOL_GSG = 0x18 + ETHTOOL_GSSET_INFO = 0x37 + ETHTOOL_GSTATS = 0x1d + ETHTOOL_GSTRINGS = 0x1b + ETHTOOL_GTSO = 0x1e + ETHTOOL_GTUNABLE = 0x48 + ETHTOOL_GTXCSUM = 0x16 + ETHTOOL_GUFO = 0x21 + ETHTOOL_GWOL = 0x5 + ETHTOOL_MCGRP_MONITOR_NAME = "monitor" + ETHTOOL_NWAY_RST = 0x9 + ETHTOOL_PERQUEUE = 0x4b + ETHTOOL_PHYS_ID = 0x1c + ETHTOOL_PHY_EDPD_DFLT_TX_MSECS = 0xffff + ETHTOOL_PHY_EDPD_DISABLE = 0x0 + ETHTOOL_PHY_EDPD_NO_TX = 0xfffe + ETHTOOL_PHY_FAST_LINK_DOWN_OFF = 0xff + ETHTOOL_PHY_FAST_LINK_DOWN_ON = 0x0 + ETHTOOL_PHY_GTUNABLE = 0x4e + ETHTOOL_PHY_STUNABLE = 0x4f + ETHTOOL_RESET = 0x34 + ETHTOOL_RXNTUPLE_ACTION_CLEAR = -0x2 + ETHTOOL_RXNTUPLE_ACTION_DROP = -0x1 + ETHTOOL_RX_FLOW_SPEC_RING = 0xffffffff + ETHTOOL_RX_FLOW_SPEC_RING_VF = 0xff00000000 + ETHTOOL_RX_FLOW_SPEC_RING_VF_OFF = 0x20 + ETHTOOL_SCHANNELS = 0x3d + ETHTOOL_SCOALESCE = 0xf + ETHTOOL_SEEE = 0x45 + ETHTOOL_SEEPROM = 0xc + ETHTOOL_SET_DUMP = 0x3e + ETHTOOL_SFEATURES = 0x3b + ETHTOOL_SFECPARAM = 0x51 + ETHTOOL_SFLAGS = 0x26 + ETHTOOL_SGRO = 0x2c + ETHTOOL_SGSO = 0x24 + ETHTOOL_SLINKSETTINGS = 0x4d + ETHTOOL_SMSGLVL = 0x8 + ETHTOOL_SPAUSEPARAM = 0x13 + ETHTOOL_SPFLAGS = 0x28 + ETHTOOL_SRINGPARAM = 0x11 + ETHTOOL_SRSSH = 0x47 + ETHTOOL_SRXCLSRLDEL = 0x31 + ETHTOOL_SRXCLSRLINS = 0x32 + ETHTOOL_SRXCSUM = 0x15 + ETHTOOL_SRXFH = 0x2a + ETHTOOL_SRXFHINDIR = 0x39 + ETHTOOL_SRXNTUPLE = 0x35 + ETHTOOL_SSET = 0x2 + ETHTOOL_SSG = 0x19 + ETHTOOL_STSO = 0x1f + ETHTOOL_STUNABLE = 0x49 + ETHTOOL_STXCSUM = 0x17 + ETHTOOL_SUFO = 0x22 + ETHTOOL_SWOL = 0x6 + ETHTOOL_TEST = 0x1a ETH_P_1588 = 0x88f7 ETH_P_8021AD = 0x88a8 ETH_P_8021AH = 0x88e7 @@ -989,6 +1109,7 @@ const ( IPV6_DONTFRAG = 0x3e IPV6_DROP_MEMBERSHIP = 0x15 IPV6_DSTOPTS = 0x3b + IPV6_FLOW = 0x11 IPV6_FREEBIND = 0x4e IPV6_HDRINCL = 0x24 IPV6_HOPLIMIT = 0x34 @@ -1038,6 +1159,7 @@ const ( IPV6_TRANSPARENT = 0x4b IPV6_UNICAST_HOPS = 0x10 IPV6_UNICAST_IF = 0x4c + IPV6_USER_FLOW = 0xe IPV6_V6ONLY = 0x1a IPV6_XFRM_POLICY = 0x23 IP_ADD_MEMBERSHIP = 0x23 @@ -1094,6 +1216,7 @@ const ( IP_TTL = 0x2 IP_UNBLOCK_SOURCE = 0x25 IP_UNICAST_IF = 0x32 + IP_USER_FLOW = 0xd IP_XFRM_POLICY = 0x11 ISOFS_SUPER_MAGIC = 0x9660 ISTRIP = 0x20 @@ -1217,6 +1340,12 @@ const ( LOOP_SET_STATUS_SETTABLE_FLAGS = 0xc LO_KEY_SIZE = 0x20 LO_NAME_SIZE = 0x40 + LWTUNNEL_IP6_MAX = 0x8 + LWTUNNEL_IP_MAX = 0x8 + LWTUNNEL_IP_OPTS_MAX = 0x3 + LWTUNNEL_IP_OPT_ERSPAN_MAX = 0x4 + LWTUNNEL_IP_OPT_GENEVE_MAX = 0x3 + LWTUNNEL_IP_OPT_VXLAN_MAX = 0x1 MADV_COLD = 0x14 MADV_DODUMP = 0x11 MADV_DOFORK = 0xb @@ -1325,6 +1454,7 @@ const ( MS_NOREMOTELOCK = 0x8000000 MS_NOSEC = 0x10000000 MS_NOSUID = 0x2 + MS_NOSYMFOLLOW = 0x100 MS_NOUSER = -0x80000000 MS_POSIXACL = 0x10000 MS_PRIVATE = 0x40000 @@ -1566,7 +1696,7 @@ const ( PERF_MEM_REMOTE_REMOTE = 0x1 PERF_MEM_REMOTE_SHIFT = 0x25 PERF_MEM_SNOOPX_FWD = 0x1 - PERF_MEM_SNOOPX_SHIFT = 0x25 + PERF_MEM_SNOOPX_SHIFT = 0x26 PERF_MEM_SNOOP_HIT = 0x4 PERF_MEM_SNOOP_HITM = 0x10 PERF_MEM_SNOOP_MISS = 0x8 @@ -1666,6 +1796,13 @@ const ( PR_MCE_KILL_SET = 0x1 PR_MPX_DISABLE_MANAGEMENT = 0x2c PR_MPX_ENABLE_MANAGEMENT = 0x2b + PR_MTE_TAG_MASK = 0x7fff8 + PR_MTE_TAG_SHIFT = 0x3 + PR_MTE_TCF_ASYNC = 0x4 + PR_MTE_TCF_MASK = 0x6 + PR_MTE_TCF_NONE = 0x0 + PR_MTE_TCF_SHIFT = 0x1 + PR_MTE_TCF_SYNC = 0x2 PR_PAC_APDAKEY = 0x4 PR_PAC_APDBKEY = 0x8 PR_PAC_APGAKEY = 0x10 @@ -2200,7 +2337,7 @@ const ( STATX_ATTR_APPEND = 0x20 STATX_ATTR_AUTOMOUNT = 0x1000 STATX_ATTR_COMPRESSED = 0x4 - STATX_ATTR_DAX = 0x2000 + STATX_ATTR_DAX = 0x200000 STATX_ATTR_ENCRYPTED = 0x800 STATX_ATTR_IMMUTABLE = 0x10 STATX_ATTR_MOUNT_ROOT = 0x2000 @@ -2319,6 +2456,8 @@ const ( TCP_TX_DELAY = 0x25 TCP_ULP = 0x1f TCP_USER_TIMEOUT = 0x12 + TCP_V4_FLOW = 0x1 + TCP_V6_FLOW = 0x5 TCP_WINDOW_CLAMP = 0xa TCP_ZEROCOPY_RECEIVE = 0x23 TFD_TIMER_ABSTIME = 0x1 @@ -2384,6 +2523,7 @@ const ( TIPC_NODE_STATE = 0x0 TIPC_OK = 0x0 TIPC_PUBLISHED = 0x1 + TIPC_REKEYING_NOW = 0xffffffff TIPC_RESERVED_TYPES = 0x40 TIPC_RETDATA = 0x2 TIPC_SERVICE_ADDR = 0x2 @@ -2444,6 +2584,7 @@ const ( VM_SOCKETS_INVALID_VERSION = 0xffffffff VQUIT = 0x1 VT0 = 0x0 + WAKE_MAGIC = 0x20 WALL = 0x40000000 WCLONE = 0x80000000 WCONTINUED = 0x8 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go index dd282c08b7f11..336e0b326a914 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go @@ -4,7 +4,7 @@ // +build 386,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go index 82fc93c7bbc12..961507e937d4e 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go @@ -4,7 +4,7 @@ // +build amd64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go index fe7094f2763f9..a65576db7b615 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go @@ -4,7 +4,7 @@ // +build arm,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go index 3b6cc58803b6e..cf075caa8c8f2 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go @@ -4,7 +4,7 @@ // +build arm64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go package unix @@ -196,6 +196,8 @@ const ( PPPIOCXFERUNIT = 0x744e PROT_BTI = 0x10 PR_SET_PTRACER_ANY = 0xffffffffffffffff + PTRACE_PEEKMTETAGS = 0x21 + PTRACE_POKEMTETAGS = 0x22 PTRACE_SYSEMU = 0x1f PTRACE_SYSEMU_SINGLESTEP = 0x20 RLIMIT_AS = 0x9 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go index ce3d9ae15610c..efe90deeab851 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go @@ -4,7 +4,7 @@ // +build mips,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go index 7a85215ce5231..8b0e8911dc3fd 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go @@ -4,7 +4,7 @@ // +build mips64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go index 07d4cc1bd5ff4..e9430cd1a22af 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go @@ -4,7 +4,7 @@ // +build mips64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go index d4842ba1c2a81..61e4f5db67c1b 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go @@ -4,7 +4,7 @@ // +build mipsle,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go index 941e20daceca0..973ad934633c5 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go @@ -4,7 +4,7 @@ // +build ppc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go index 63d3bc56627d2..70a7406ba11a4 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go @@ -4,7 +4,7 @@ // +build ppc64le,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go index 490bee1ab1b55..b1bf7997cbdcc 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go @@ -4,7 +4,7 @@ // +build riscv64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go index 467b8218e80e6..7053d10ba0240 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go @@ -4,7 +4,7 @@ // +build s390x,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go index 79fbafbcf6c47..137cfe7962690 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go @@ -4,7 +4,7 @@ // +build sparc64,linux // Code generated by cmd/cgo -godefs; DO NOT EDIT. -// cgo -godefs -- -Wall -Werror -static -I/tmp/include _const.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go package unix diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go index 4b3a8ad7bec18..0550da06d1472 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go @@ -2,7 +2,7 @@ // Code generated by the command above; see README.md. DO NOT EDIT. // +build aix,ppc64 -// +build !gccgo +// +build gc package unix diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go index e263fbdb8bf54..c8c142c59a093 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go index 6eb457983232d..3877183483f1f 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat64_trampoline() -//go:linkname libc_fstat64 libc_fstat64 //go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat64_trampoline() -//go:linkname libc_fstatat64 libc_fstatat64 //go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs64_trampoline() -//go:linkname libc_fstatfs64 libc_fstatfs64 //go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat64_trampoline() -//go:linkname libc_getfsstat64 libc_getfsstat64 //go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat64_trampoline() -//go:linkname libc_lstat64 libc_lstat64 //go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat64_trampoline() -//go:linkname libc_stat64 libc_stat64 //go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs64_trampoline() -//go:linkname libc_statfs64 libc_statfs64 //go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go index 314042a9d42b2..88826236136bb 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go index 889c14059e9a2..508e5639bf4a1 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat64_trampoline() -//go:linkname libc_fstat64 libc_fstat64 //go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat64_trampoline() -//go:linkname libc_fstatat64 libc_fstatat64 //go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs64_trampoline() -//go:linkname libc_fstatfs64 libc_fstatfs64 //go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat64_trampoline() -//go:linkname libc_getfsstat64 libc_getfsstat64 //go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat64_trampoline() -//go:linkname libc_lstat64 libc_lstat64 //go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat64_trampoline() -//go:linkname libc_stat64 libc_stat64 //go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs64_trampoline() -//go:linkname libc_statfs64 libc_statfs64 //go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go index f519ce9afb3b6..de4738fff8007 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go index d6b5249c2f208..c0c771f4025d3 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat_trampoline() -//go:linkname libc_fstat libc_fstat //go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat_trampoline() -//go:linkname libc_fstatat libc_fstatat //go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs_trampoline() -//go:linkname libc_fstatfs libc_fstatfs //go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat_trampoline() -//go:linkname libc_getfsstat libc_getfsstat //go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,7 +2375,6 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat_trampoline() -//go:linkname libc_lstat libc_lstat //go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2535,7 +2394,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat_trampoline() -//go:linkname libc_stat libc_stat //go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2555,5 +2413,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs_trampoline() -//go:linkname libc_statfs libc_statfs //go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go index d64e6c806f543..870eb37abf578 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go @@ -24,7 +24,6 @@ func closedir(dir uintptr) (err error) { func libc_closedir_trampoline() -//go:linkname libc_closedir libc_closedir //go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -37,5 +36,4 @@ func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) { func libc_readdir_r_trampoline() -//go:linkname libc_readdir_r libc_readdir_r //go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go index 23b65a5301ad5..9b01a79c41ea6 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go @@ -25,7 +25,6 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) { func libc_getgroups_trampoline() -//go:linkname libc_getgroups libc_getgroups //go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -40,7 +39,6 @@ func setgroups(ngid int, gid *_Gid_t) (err error) { func libc_setgroups_trampoline() -//go:linkname libc_setgroups libc_setgroups //go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -56,7 +54,6 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err func libc_wait4_trampoline() -//go:linkname libc_wait4 libc_wait4 //go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -72,7 +69,6 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { func libc_accept_trampoline() -//go:linkname libc_accept libc_accept //go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -87,7 +83,6 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_bind_trampoline() -//go:linkname libc_bind libc_bind //go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,7 +97,6 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { func libc_connect_trampoline() -//go:linkname libc_connect libc_connect //go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -118,7 +112,6 @@ func socket(domain int, typ int, proto int) (fd int, err error) { func libc_socket_trampoline() -//go:linkname libc_socket libc_socket //go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -133,7 +126,6 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen func libc_getsockopt_trampoline() -//go:linkname libc_getsockopt libc_getsockopt //go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -148,7 +140,6 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) func libc_setsockopt_trampoline() -//go:linkname libc_setsockopt libc_setsockopt //go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -163,7 +154,6 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getpeername_trampoline() -//go:linkname libc_getpeername libc_getpeername //go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -178,7 +168,6 @@ func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { func libc_getsockname_trampoline() -//go:linkname libc_getsockname libc_getsockname //go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -193,7 +182,6 @@ func Shutdown(s int, how int) (err error) { func libc_shutdown_trampoline() -//go:linkname libc_shutdown libc_shutdown //go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -208,7 +196,6 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { func libc_socketpair_trampoline() -//go:linkname libc_socketpair libc_socketpair //go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -230,7 +217,6 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl func libc_recvfrom_trampoline() -//go:linkname libc_recvfrom libc_recvfrom //go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -251,7 +237,6 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) ( func libc_sendto_trampoline() -//go:linkname libc_sendto libc_sendto //go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -267,7 +252,6 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_recvmsg_trampoline() -//go:linkname libc_recvmsg libc_recvmsg //go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -283,7 +267,6 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { func libc_sendmsg_trampoline() -//go:linkname libc_sendmsg libc_sendmsg //go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -299,7 +282,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne func libc_kevent_trampoline() -//go:linkname libc_kevent libc_kevent //go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -319,7 +301,6 @@ func utimes(path string, timeval *[2]Timeval) (err error) { func libc_utimes_trampoline() -//go:linkname libc_utimes libc_utimes //go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -334,7 +315,6 @@ func futimes(fd int, timeval *[2]Timeval) (err error) { func libc_futimes_trampoline() -//go:linkname libc_futimes libc_futimes //go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -350,7 +330,6 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { func libc_poll_trampoline() -//go:linkname libc_poll libc_poll //go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -371,7 +350,6 @@ func Madvise(b []byte, behav int) (err error) { func libc_madvise_trampoline() -//go:linkname libc_madvise libc_madvise //go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -392,7 +370,6 @@ func Mlock(b []byte) (err error) { func libc_mlock_trampoline() -//go:linkname libc_mlock libc_mlock //go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -407,7 +384,6 @@ func Mlockall(flags int) (err error) { func libc_mlockall_trampoline() -//go:linkname libc_mlockall libc_mlockall //go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -428,7 +404,6 @@ func Mprotect(b []byte, prot int) (err error) { func libc_mprotect_trampoline() -//go:linkname libc_mprotect libc_mprotect //go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -449,7 +424,6 @@ func Msync(b []byte, flags int) (err error) { func libc_msync_trampoline() -//go:linkname libc_msync libc_msync //go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -470,7 +444,6 @@ func Munlock(b []byte) (err error) { func libc_munlock_trampoline() -//go:linkname libc_munlock libc_munlock //go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -485,15 +458,12 @@ func Munlockall() (err error) { func libc_munlockall_trampoline() -//go:linkname libc_munlockall libc_munlockall //go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func pipe() (r int, w int, err error) { - r0, r1, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), 0, 0, 0) - r = int(r0) - w = int(r1) +func pipe(p *[2]int32) (err error) { + _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0) if e1 != 0 { err = errnoErr(e1) } @@ -502,7 +472,6 @@ func pipe() (r int, w int, err error) { func libc_pipe_trampoline() -//go:linkname libc_pipe libc_pipe //go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -528,7 +497,6 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o func libc_getxattr_trampoline() -//go:linkname libc_getxattr libc_getxattr //go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -549,7 +517,6 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio func libc_fgetxattr_trampoline() -//go:linkname libc_fgetxattr libc_fgetxattr //go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -574,7 +541,6 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o func libc_setxattr_trampoline() -//go:linkname libc_setxattr libc_setxattr //go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -594,7 +560,6 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio func libc_fsetxattr_trampoline() -//go:linkname libc_fsetxattr libc_fsetxattr //go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -619,7 +584,6 @@ func removexattr(path string, attr string, options int) (err error) { func libc_removexattr_trampoline() -//go:linkname libc_removexattr libc_removexattr //go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -639,7 +603,6 @@ func fremovexattr(fd int, attr string, options int) (err error) { func libc_fremovexattr_trampoline() -//go:linkname libc_fremovexattr libc_fremovexattr //go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -660,7 +623,6 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro func libc_listxattr_trampoline() -//go:linkname libc_listxattr libc_listxattr //go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -676,7 +638,6 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) { func libc_flistxattr_trampoline() -//go:linkname libc_flistxattr libc_flistxattr //go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -691,7 +652,6 @@ func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintp func libc_setattrlist_trampoline() -//go:linkname libc_setattrlist libc_setattrlist //go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -707,7 +667,6 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) { func libc_fcntl_trampoline() -//go:linkname libc_fcntl libc_fcntl //go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -722,7 +681,6 @@ func kill(pid int, signum int, posix int) (err error) { func libc_kill_trampoline() -//go:linkname libc_kill libc_kill //go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -737,7 +695,6 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { func libc_ioctl_trampoline() -//go:linkname libc_ioctl libc_ioctl //go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -758,7 +715,6 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) func libc_sysctl_trampoline() -//go:linkname libc_sysctl libc_sysctl //go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -773,7 +729,6 @@ func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer func libc_sendfile_trampoline() -//go:linkname libc_sendfile libc_sendfile //go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -793,7 +748,6 @@ func Access(path string, mode uint32) (err error) { func libc_access_trampoline() -//go:linkname libc_access libc_access //go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -808,7 +762,6 @@ func Adjtime(delta *Timeval, olddelta *Timeval) (err error) { func libc_adjtime_trampoline() -//go:linkname libc_adjtime libc_adjtime //go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -828,7 +781,6 @@ func Chdir(path string) (err error) { func libc_chdir_trampoline() -//go:linkname libc_chdir libc_chdir //go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -848,7 +800,6 @@ func Chflags(path string, flags int) (err error) { func libc_chflags_trampoline() -//go:linkname libc_chflags libc_chflags //go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -868,7 +819,6 @@ func Chmod(path string, mode uint32) (err error) { func libc_chmod_trampoline() -//go:linkname libc_chmod libc_chmod //go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -888,7 +838,6 @@ func Chown(path string, uid int, gid int) (err error) { func libc_chown_trampoline() -//go:linkname libc_chown libc_chown //go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -908,7 +857,6 @@ func Chroot(path string) (err error) { func libc_chroot_trampoline() -//go:linkname libc_chroot libc_chroot //go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -923,7 +871,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) { func libc_clock_gettime_trampoline() -//go:linkname libc_clock_gettime libc_clock_gettime //go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -938,7 +885,6 @@ func Close(fd int) (err error) { func libc_close_trampoline() -//go:linkname libc_close libc_close //go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -963,7 +909,6 @@ func Clonefile(src string, dst string, flags int) (err error) { func libc_clonefile_trampoline() -//go:linkname libc_clonefile libc_clonefile //go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -988,7 +933,6 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) func libc_clonefileat_trampoline() -//go:linkname libc_clonefileat libc_clonefileat //go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1004,7 +948,6 @@ func Dup(fd int) (nfd int, err error) { func libc_dup_trampoline() -//go:linkname libc_dup libc_dup //go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1019,7 +962,6 @@ func Dup2(from int, to int) (err error) { func libc_dup2_trampoline() -//go:linkname libc_dup2 libc_dup2 //go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1044,7 +986,6 @@ func Exchangedata(path1 string, path2 string, options int) (err error) { func libc_exchangedata_trampoline() -//go:linkname libc_exchangedata libc_exchangedata //go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1056,7 +997,6 @@ func Exit(code int) { func libc_exit_trampoline() -//go:linkname libc_exit libc_exit //go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1076,7 +1016,6 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_faccessat_trampoline() -//go:linkname libc_faccessat libc_faccessat //go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1091,7 +1030,6 @@ func Fchdir(fd int) (err error) { func libc_fchdir_trampoline() -//go:linkname libc_fchdir libc_fchdir //go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1106,7 +1044,6 @@ func Fchflags(fd int, flags int) (err error) { func libc_fchflags_trampoline() -//go:linkname libc_fchflags libc_fchflags //go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1121,7 +1058,6 @@ func Fchmod(fd int, mode uint32) (err error) { func libc_fchmod_trampoline() -//go:linkname libc_fchmod libc_fchmod //go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1141,7 +1077,6 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { func libc_fchmodat_trampoline() -//go:linkname libc_fchmodat libc_fchmodat //go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1156,7 +1091,6 @@ func Fchown(fd int, uid int, gid int) (err error) { func libc_fchown_trampoline() -//go:linkname libc_fchown libc_fchown //go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1176,7 +1110,6 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) { func libc_fchownat_trampoline() -//go:linkname libc_fchownat libc_fchownat //go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1196,7 +1129,6 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) func libc_fclonefileat_trampoline() -//go:linkname libc_fclonefileat libc_fclonefileat //go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1211,7 +1143,6 @@ func Flock(fd int, how int) (err error) { func libc_flock_trampoline() -//go:linkname libc_flock libc_flock //go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1227,7 +1158,6 @@ func Fpathconf(fd int, name int) (val int, err error) { func libc_fpathconf_trampoline() -//go:linkname libc_fpathconf libc_fpathconf //go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1242,7 +1172,6 @@ func Fsync(fd int) (err error) { func libc_fsync_trampoline() -//go:linkname libc_fsync libc_fsync //go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1257,7 +1186,6 @@ func Ftruncate(fd int, length int64) (err error) { func libc_ftruncate_trampoline() -//go:linkname libc_ftruncate libc_ftruncate //go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1279,7 +1207,6 @@ func Getcwd(buf []byte) (n int, err error) { func libc_getcwd_trampoline() -//go:linkname libc_getcwd libc_getcwd //go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1292,7 +1219,6 @@ func Getdtablesize() (size int) { func libc_getdtablesize_trampoline() -//go:linkname libc_getdtablesize libc_getdtablesize //go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1305,7 +1231,6 @@ func Getegid() (egid int) { func libc_getegid_trampoline() -//go:linkname libc_getegid libc_getegid //go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1318,7 +1243,6 @@ func Geteuid() (uid int) { func libc_geteuid_trampoline() -//go:linkname libc_geteuid libc_geteuid //go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1331,7 +1255,6 @@ func Getgid() (gid int) { func libc_getgid_trampoline() -//go:linkname libc_getgid libc_getgid //go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1347,7 +1270,6 @@ func Getpgid(pid int) (pgid int, err error) { func libc_getpgid_trampoline() -//go:linkname libc_getpgid libc_getpgid //go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1360,7 +1282,6 @@ func Getpgrp() (pgrp int) { func libc_getpgrp_trampoline() -//go:linkname libc_getpgrp libc_getpgrp //go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1373,7 +1294,6 @@ func Getpid() (pid int) { func libc_getpid_trampoline() -//go:linkname libc_getpid libc_getpid //go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1386,7 +1306,6 @@ func Getppid() (ppid int) { func libc_getppid_trampoline() -//go:linkname libc_getppid libc_getppid //go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1402,7 +1321,6 @@ func Getpriority(which int, who int) (prio int, err error) { func libc_getpriority_trampoline() -//go:linkname libc_getpriority libc_getpriority //go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1417,7 +1335,6 @@ func Getrlimit(which int, lim *Rlimit) (err error) { func libc_getrlimit_trampoline() -//go:linkname libc_getrlimit libc_getrlimit //go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1432,7 +1349,6 @@ func Getrusage(who int, rusage *Rusage) (err error) { func libc_getrusage_trampoline() -//go:linkname libc_getrusage libc_getrusage //go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1448,7 +1364,6 @@ func Getsid(pid int) (sid int, err error) { func libc_getsid_trampoline() -//go:linkname libc_getsid libc_getsid //go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1463,7 +1378,6 @@ func Gettimeofday(tp *Timeval) (err error) { func libc_gettimeofday_trampoline() -//go:linkname libc_gettimeofday libc_gettimeofday //go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1476,7 +1390,6 @@ func Getuid() (uid int) { func libc_getuid_trampoline() -//go:linkname libc_getuid libc_getuid //go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1489,7 +1402,6 @@ func Issetugid() (tainted bool) { func libc_issetugid_trampoline() -//go:linkname libc_issetugid libc_issetugid //go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1505,7 +1417,6 @@ func Kqueue() (fd int, err error) { func libc_kqueue_trampoline() -//go:linkname libc_kqueue libc_kqueue //go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1525,7 +1436,6 @@ func Lchown(path string, uid int, gid int) (err error) { func libc_lchown_trampoline() -//go:linkname libc_lchown libc_lchown //go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1550,7 +1460,6 @@ func Link(path string, link string) (err error) { func libc_link_trampoline() -//go:linkname libc_link libc_link //go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1575,7 +1484,6 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er func libc_linkat_trampoline() -//go:linkname libc_linkat libc_linkat //go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1590,7 +1498,6 @@ func Listen(s int, backlog int) (err error) { func libc_listen_trampoline() -//go:linkname libc_listen libc_listen //go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1610,7 +1517,6 @@ func Mkdir(path string, mode uint32) (err error) { func libc_mkdir_trampoline() -//go:linkname libc_mkdir libc_mkdir //go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1630,7 +1536,6 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) { func libc_mkdirat_trampoline() -//go:linkname libc_mkdirat libc_mkdirat //go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1650,7 +1555,6 @@ func Mkfifo(path string, mode uint32) (err error) { func libc_mkfifo_trampoline() -//go:linkname libc_mkfifo libc_mkfifo //go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1670,7 +1574,6 @@ func Mknod(path string, mode uint32, dev int) (err error) { func libc_mknod_trampoline() -//go:linkname libc_mknod libc_mknod //go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1691,7 +1594,6 @@ func Open(path string, mode int, perm uint32) (fd int, err error) { func libc_open_trampoline() -//go:linkname libc_open libc_open //go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1712,7 +1614,6 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) { func libc_openat_trampoline() -//go:linkname libc_openat libc_openat //go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1733,7 +1634,6 @@ func Pathconf(path string, name int) (val int, err error) { func libc_pathconf_trampoline() -//go:linkname libc_pathconf libc_pathconf //go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1755,7 +1655,6 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) { func libc_pread_trampoline() -//go:linkname libc_pread libc_pread //go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1777,7 +1676,6 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) { func libc_pwrite_trampoline() -//go:linkname libc_pwrite libc_pwrite //go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1799,7 +1697,6 @@ func read(fd int, p []byte) (n int, err error) { func libc_read_trampoline() -//go:linkname libc_read libc_read //go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1826,7 +1723,6 @@ func Readlink(path string, buf []byte) (n int, err error) { func libc_readlink_trampoline() -//go:linkname libc_readlink libc_readlink //go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1853,7 +1749,6 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) { func libc_readlinkat_trampoline() -//go:linkname libc_readlinkat libc_readlinkat //go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1878,7 +1773,6 @@ func Rename(from string, to string) (err error) { func libc_rename_trampoline() -//go:linkname libc_rename libc_rename //go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1903,7 +1797,6 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) { func libc_renameat_trampoline() -//go:linkname libc_renameat libc_renameat //go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1923,7 +1816,6 @@ func Revoke(path string) (err error) { func libc_revoke_trampoline() -//go:linkname libc_revoke libc_revoke //go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1943,7 +1835,6 @@ func Rmdir(path string) (err error) { func libc_rmdir_trampoline() -//go:linkname libc_rmdir libc_rmdir //go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1959,7 +1850,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { func libc_lseek_trampoline() -//go:linkname libc_lseek libc_lseek //go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1975,7 +1865,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err func libc_select_trampoline() -//go:linkname libc_select libc_select //go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1990,7 +1879,6 @@ func Setegid(egid int) (err error) { func libc_setegid_trampoline() -//go:linkname libc_setegid libc_setegid //go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2005,7 +1893,6 @@ func Seteuid(euid int) (err error) { func libc_seteuid_trampoline() -//go:linkname libc_seteuid libc_seteuid //go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2020,7 +1907,6 @@ func Setgid(gid int) (err error) { func libc_setgid_trampoline() -//go:linkname libc_setgid libc_setgid //go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2040,7 +1926,6 @@ func Setlogin(name string) (err error) { func libc_setlogin_trampoline() -//go:linkname libc_setlogin libc_setlogin //go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2055,7 +1940,6 @@ func Setpgid(pid int, pgid int) (err error) { func libc_setpgid_trampoline() -//go:linkname libc_setpgid libc_setpgid //go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2070,7 +1954,6 @@ func Setpriority(which int, who int, prio int) (err error) { func libc_setpriority_trampoline() -//go:linkname libc_setpriority libc_setpriority //go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2085,7 +1968,6 @@ func Setprivexec(flag int) (err error) { func libc_setprivexec_trampoline() -//go:linkname libc_setprivexec libc_setprivexec //go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2100,7 +1982,6 @@ func Setregid(rgid int, egid int) (err error) { func libc_setregid_trampoline() -//go:linkname libc_setregid libc_setregid //go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2115,7 +1996,6 @@ func Setreuid(ruid int, euid int) (err error) { func libc_setreuid_trampoline() -//go:linkname libc_setreuid libc_setreuid //go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2130,7 +2010,6 @@ func Setrlimit(which int, lim *Rlimit) (err error) { func libc_setrlimit_trampoline() -//go:linkname libc_setrlimit libc_setrlimit //go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2146,7 +2025,6 @@ func Setsid() (pid int, err error) { func libc_setsid_trampoline() -//go:linkname libc_setsid libc_setsid //go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2161,7 +2039,6 @@ func Settimeofday(tp *Timeval) (err error) { func libc_settimeofday_trampoline() -//go:linkname libc_settimeofday libc_settimeofday //go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2176,7 +2053,6 @@ func Setuid(uid int) (err error) { func libc_setuid_trampoline() -//go:linkname libc_setuid libc_setuid //go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2201,7 +2077,6 @@ func Symlink(path string, link string) (err error) { func libc_symlink_trampoline() -//go:linkname libc_symlink libc_symlink //go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2226,7 +2101,6 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) { func libc_symlinkat_trampoline() -//go:linkname libc_symlinkat libc_symlinkat //go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2241,7 +2115,6 @@ func Sync() (err error) { func libc_sync_trampoline() -//go:linkname libc_sync libc_sync //go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2261,7 +2134,6 @@ func Truncate(path string, length int64) (err error) { func libc_truncate_trampoline() -//go:linkname libc_truncate libc_truncate //go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2274,7 +2146,6 @@ func Umask(newmask int) (oldmask int) { func libc_umask_trampoline() -//go:linkname libc_umask libc_umask //go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2294,7 +2165,6 @@ func Undelete(path string) (err error) { func libc_undelete_trampoline() -//go:linkname libc_undelete libc_undelete //go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2314,7 +2184,6 @@ func Unlink(path string) (err error) { func libc_unlink_trampoline() -//go:linkname libc_unlink libc_unlink //go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2334,7 +2203,6 @@ func Unlinkat(dirfd int, path string, flags int) (err error) { func libc_unlinkat_trampoline() -//go:linkname libc_unlinkat libc_unlinkat //go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2354,7 +2222,6 @@ func Unmount(path string, flags int) (err error) { func libc_unmount_trampoline() -//go:linkname libc_unmount libc_unmount //go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2376,7 +2243,6 @@ func write(fd int, p []byte) (n int, err error) { func libc_write_trampoline() -//go:linkname libc_write libc_write //go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2392,7 +2258,6 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) ( func libc_mmap_trampoline() -//go:linkname libc_mmap libc_mmap //go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2407,7 +2272,6 @@ func munmap(addr uintptr, length uintptr) (err error) { func libc_munmap_trampoline() -//go:linkname libc_munmap libc_munmap //go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2444,7 +2308,6 @@ func Fstat(fd int, stat *Stat_t) (err error) { func libc_fstat_trampoline() -//go:linkname libc_fstat libc_fstat //go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2464,7 +2327,6 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) { func libc_fstatat_trampoline() -//go:linkname libc_fstatat libc_fstatat //go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2479,7 +2341,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) { func libc_fstatfs_trampoline() -//go:linkname libc_fstatfs libc_fstatfs //go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2495,7 +2356,6 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) { func libc_getfsstat_trampoline() -//go:linkname libc_getfsstat libc_getfsstat //go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2515,12 +2375,11 @@ func Lstat(path string, stat *Stat_t) (err error) { func libc_lstat_trampoline() -//go:linkname libc_lstat libc_lstat //go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { +func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) { _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) if e1 != 0 { err = errnoErr(e1) @@ -2530,7 +2389,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { func libc_ptrace_trampoline() -//go:linkname libc_ptrace libc_ptrace //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2550,7 +2408,6 @@ func Stat(path string, stat *Stat_t) (err error) { func libc_stat_trampoline() -//go:linkname libc_stat libc_stat //go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib" // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -2570,5 +2427,4 @@ func Statfs(path string, stat *Statfs_t) (err error) { func libc_statfs_trampoline() -//go:linkname libc_statfs libc_statfs //go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go index aebfe511ad52f..1aaccd3615eea 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go @@ -362,6 +362,16 @@ func pipe() (r int, w int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func pipe2(p *[2]_C_int, flags int) (err error) { + _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func extpread(fd int, p []byte, flags int, offset int64) (n int, err error) { var _p0 unsafe.Pointer if len(p) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go index d3af083f4e7cd..665dd9e4b49e3 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go @@ -14,22 +14,19 @@ import ( //go:cgo_import_dynamic libc_writev writev "libc.so" //go:cgo_import_dynamic libc_pwritev pwritev "libc.so" //go:cgo_import_dynamic libc_accept4 accept4 "libsocket.so" -//go:cgo_import_dynamic libc_pipe2 pipe2 "libc.so" //go:linkname procreadv libc_readv //go:linkname procpreadv libc_preadv //go:linkname procwritev libc_writev //go:linkname procpwritev libc_pwritev //go:linkname procaccept4 libc_accept4 -//go:linkname procpipe2 libc_pipe2 var ( procreadv, procpreadv, procwritev, procpwritev, - procaccept4, - procpipe2 syscallFunc + procaccept4 syscallFunc ) // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -102,13 +99,3 @@ func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, } return } - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - -func pipe2(p *[2]_C_int, flags int) (err error) { - _, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe2)), 2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0, 0, 0, 0) - if e1 != 0 { - err = e1 - } - return -} diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index a96165d4bf06f..6dbb83716c23c 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -11,6 +11,7 @@ import ( ) //go:cgo_import_dynamic libc_pipe pipe "libc.so" +//go:cgo_import_dynamic libc_pipe2 pipe2 "libc.so" //go:cgo_import_dynamic libc_getsockname getsockname "libsocket.so" //go:cgo_import_dynamic libc_getcwd getcwd "libc.so" //go:cgo_import_dynamic libc_getgroups getgroups "libc.so" @@ -140,6 +141,7 @@ import ( //go:cgo_import_dynamic libc_recvfrom recvfrom "libsocket.so" //go:linkname procpipe libc_pipe +//go:linkname procpipe2 libc_pipe2 //go:linkname procgetsockname libc_getsockname //go:linkname procGetcwd libc_getcwd //go:linkname procgetgroups libc_getgroups @@ -270,6 +272,7 @@ import ( var ( procpipe, + procpipe2, procgetsockname, procGetcwd, procgetgroups, @@ -412,6 +415,16 @@ func pipe(p *[2]_C_int) (n int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func pipe2(p *[2]_C_int, flags int) (err error) { + _, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe2)), 2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0, 0, 0, 0) + if e1 != 0 { + err = e1 + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetsockname)), 3, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), 0, 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go new file mode 100644 index 0000000000000..ad62324c7c14b --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build 386,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go new file mode 100644 index 0000000000000..a2fc91d6a8007 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go @@ -0,0 +1,439 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build amd64,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_KQUEUE_WORKLOOP_CTL = 530 + SYS___MACH_BRIDGE_REMOTE_TIME = 531 + SYS_MAXSYSCALL = 532 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go new file mode 100644 index 0000000000000..20d7808ace3d6 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build arm,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go new file mode 100644 index 0000000000000..527b9588cc969 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go @@ -0,0 +1,437 @@ +// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +// +build arm64,darwin + +package unix + +// Deprecated: Use libSystem wrappers instead of direct syscalls. +const ( + SYS_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAIT4 = 7 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_CHDIR = 12 + SYS_FCHDIR = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_CHOWN = 16 + SYS_GETFSSTAT = 18 + SYS_GETPID = 20 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_GETEUID = 25 + SYS_PTRACE = 26 + SYS_RECVMSG = 27 + SYS_SENDMSG = 28 + SYS_RECVFROM = 29 + SYS_ACCEPT = 30 + SYS_GETPEERNAME = 31 + SYS_GETSOCKNAME = 32 + SYS_ACCESS = 33 + SYS_CHFLAGS = 34 + SYS_FCHFLAGS = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_GETPPID = 39 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_GETEGID = 43 + SYS_SIGACTION = 46 + SYS_GETGID = 47 + SYS_SIGPROCMASK = 48 + SYS_GETLOGIN = 49 + SYS_SETLOGIN = 50 + SYS_ACCT = 51 + SYS_SIGPENDING = 52 + SYS_SIGALTSTACK = 53 + SYS_IOCTL = 54 + SYS_REBOOT = 55 + SYS_REVOKE = 56 + SYS_SYMLINK = 57 + SYS_READLINK = 58 + SYS_EXECVE = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_MSYNC = 65 + SYS_VFORK = 66 + SYS_MUNMAP = 73 + SYS_MPROTECT = 74 + SYS_MADVISE = 75 + SYS_MINCORE = 78 + SYS_GETGROUPS = 79 + SYS_SETGROUPS = 80 + SYS_GETPGRP = 81 + SYS_SETPGID = 82 + SYS_SETITIMER = 83 + SYS_SWAPON = 85 + SYS_GETITIMER = 86 + SYS_GETDTABLESIZE = 89 + SYS_DUP2 = 90 + SYS_FCNTL = 92 + SYS_SELECT = 93 + SYS_FSYNC = 95 + SYS_SETPRIORITY = 96 + SYS_SOCKET = 97 + SYS_CONNECT = 98 + SYS_GETPRIORITY = 100 + SYS_BIND = 104 + SYS_SETSOCKOPT = 105 + SYS_LISTEN = 106 + SYS_SIGSUSPEND = 111 + SYS_GETTIMEOFDAY = 116 + SYS_GETRUSAGE = 117 + SYS_GETSOCKOPT = 118 + SYS_READV = 120 + SYS_WRITEV = 121 + SYS_SETTIMEOFDAY = 122 + SYS_FCHOWN = 123 + SYS_FCHMOD = 124 + SYS_SETREUID = 126 + SYS_SETREGID = 127 + SYS_RENAME = 128 + SYS_FLOCK = 131 + SYS_MKFIFO = 132 + SYS_SENDTO = 133 + SYS_SHUTDOWN = 134 + SYS_SOCKETPAIR = 135 + SYS_MKDIR = 136 + SYS_RMDIR = 137 + SYS_UTIMES = 138 + SYS_FUTIMES = 139 + SYS_ADJTIME = 140 + SYS_GETHOSTUUID = 142 + SYS_SETSID = 147 + SYS_GETPGID = 151 + SYS_SETPRIVEXEC = 152 + SYS_PREAD = 153 + SYS_PWRITE = 154 + SYS_NFSSVC = 155 + SYS_STATFS = 157 + SYS_FSTATFS = 158 + SYS_UNMOUNT = 159 + SYS_GETFH = 161 + SYS_QUOTACTL = 165 + SYS_MOUNT = 167 + SYS_CSOPS = 169 + SYS_CSOPS_AUDITTOKEN = 170 + SYS_WAITID = 173 + SYS_KDEBUG_TYPEFILTER = 177 + SYS_KDEBUG_TRACE_STRING = 178 + SYS_KDEBUG_TRACE64 = 179 + SYS_KDEBUG_TRACE = 180 + SYS_SETGID = 181 + SYS_SETEGID = 182 + SYS_SETEUID = 183 + SYS_SIGRETURN = 184 + SYS_THREAD_SELFCOUNTS = 186 + SYS_FDATASYNC = 187 + SYS_STAT = 188 + SYS_FSTAT = 189 + SYS_LSTAT = 190 + SYS_PATHCONF = 191 + SYS_FPATHCONF = 192 + SYS_GETRLIMIT = 194 + SYS_SETRLIMIT = 195 + SYS_GETDIRENTRIES = 196 + SYS_MMAP = 197 + SYS_LSEEK = 199 + SYS_TRUNCATE = 200 + SYS_FTRUNCATE = 201 + SYS_SYSCTL = 202 + SYS_MLOCK = 203 + SYS_MUNLOCK = 204 + SYS_UNDELETE = 205 + SYS_OPEN_DPROTECTED_NP = 216 + SYS_GETATTRLIST = 220 + SYS_SETATTRLIST = 221 + SYS_GETDIRENTRIESATTR = 222 + SYS_EXCHANGEDATA = 223 + SYS_SEARCHFS = 225 + SYS_DELETE = 226 + SYS_COPYFILE = 227 + SYS_FGETATTRLIST = 228 + SYS_FSETATTRLIST = 229 + SYS_POLL = 230 + SYS_WATCHEVENT = 231 + SYS_WAITEVENT = 232 + SYS_MODWATCH = 233 + SYS_GETXATTR = 234 + SYS_FGETXATTR = 235 + SYS_SETXATTR = 236 + SYS_FSETXATTR = 237 + SYS_REMOVEXATTR = 238 + SYS_FREMOVEXATTR = 239 + SYS_LISTXATTR = 240 + SYS_FLISTXATTR = 241 + SYS_FSCTL = 242 + SYS_INITGROUPS = 243 + SYS_POSIX_SPAWN = 244 + SYS_FFSCTL = 245 + SYS_NFSCLNT = 247 + SYS_FHOPEN = 248 + SYS_MINHERIT = 250 + SYS_SEMSYS = 251 + SYS_MSGSYS = 252 + SYS_SHMSYS = 253 + SYS_SEMCTL = 254 + SYS_SEMGET = 255 + SYS_SEMOP = 256 + SYS_MSGCTL = 258 + SYS_MSGGET = 259 + SYS_MSGSND = 260 + SYS_MSGRCV = 261 + SYS_SHMAT = 262 + SYS_SHMCTL = 263 + SYS_SHMDT = 264 + SYS_SHMGET = 265 + SYS_SHM_OPEN = 266 + SYS_SHM_UNLINK = 267 + SYS_SEM_OPEN = 268 + SYS_SEM_CLOSE = 269 + SYS_SEM_UNLINK = 270 + SYS_SEM_WAIT = 271 + SYS_SEM_TRYWAIT = 272 + SYS_SEM_POST = 273 + SYS_SYSCTLBYNAME = 274 + SYS_OPEN_EXTENDED = 277 + SYS_UMASK_EXTENDED = 278 + SYS_STAT_EXTENDED = 279 + SYS_LSTAT_EXTENDED = 280 + SYS_FSTAT_EXTENDED = 281 + SYS_CHMOD_EXTENDED = 282 + SYS_FCHMOD_EXTENDED = 283 + SYS_ACCESS_EXTENDED = 284 + SYS_SETTID = 285 + SYS_GETTID = 286 + SYS_SETSGROUPS = 287 + SYS_GETSGROUPS = 288 + SYS_SETWGROUPS = 289 + SYS_GETWGROUPS = 290 + SYS_MKFIFO_EXTENDED = 291 + SYS_MKDIR_EXTENDED = 292 + SYS_IDENTITYSVC = 293 + SYS_SHARED_REGION_CHECK_NP = 294 + SYS_VM_PRESSURE_MONITOR = 296 + SYS_PSYNCH_RW_LONGRDLOCK = 297 + SYS_PSYNCH_RW_YIELDWRLOCK = 298 + SYS_PSYNCH_RW_DOWNGRADE = 299 + SYS_PSYNCH_RW_UPGRADE = 300 + SYS_PSYNCH_MUTEXWAIT = 301 + SYS_PSYNCH_MUTEXDROP = 302 + SYS_PSYNCH_CVBROAD = 303 + SYS_PSYNCH_CVSIGNAL = 304 + SYS_PSYNCH_CVWAIT = 305 + SYS_PSYNCH_RW_RDLOCK = 306 + SYS_PSYNCH_RW_WRLOCK = 307 + SYS_PSYNCH_RW_UNLOCK = 308 + SYS_PSYNCH_RW_UNLOCK2 = 309 + SYS_GETSID = 310 + SYS_SETTID_WITH_PID = 311 + SYS_PSYNCH_CVCLRPREPOST = 312 + SYS_AIO_FSYNC = 313 + SYS_AIO_RETURN = 314 + SYS_AIO_SUSPEND = 315 + SYS_AIO_CANCEL = 316 + SYS_AIO_ERROR = 317 + SYS_AIO_READ = 318 + SYS_AIO_WRITE = 319 + SYS_LIO_LISTIO = 320 + SYS_IOPOLICYSYS = 322 + SYS_PROCESS_POLICY = 323 + SYS_MLOCKALL = 324 + SYS_MUNLOCKALL = 325 + SYS_ISSETUGID = 327 + SYS___PTHREAD_KILL = 328 + SYS___PTHREAD_SIGMASK = 329 + SYS___SIGWAIT = 330 + SYS___DISABLE_THREADSIGNAL = 331 + SYS___PTHREAD_MARKCANCEL = 332 + SYS___PTHREAD_CANCELED = 333 + SYS___SEMWAIT_SIGNAL = 334 + SYS_PROC_INFO = 336 + SYS_SENDFILE = 337 + SYS_STAT64 = 338 + SYS_FSTAT64 = 339 + SYS_LSTAT64 = 340 + SYS_STAT64_EXTENDED = 341 + SYS_LSTAT64_EXTENDED = 342 + SYS_FSTAT64_EXTENDED = 343 + SYS_GETDIRENTRIES64 = 344 + SYS_STATFS64 = 345 + SYS_FSTATFS64 = 346 + SYS_GETFSSTAT64 = 347 + SYS___PTHREAD_CHDIR = 348 + SYS___PTHREAD_FCHDIR = 349 + SYS_AUDIT = 350 + SYS_AUDITON = 351 + SYS_GETAUID = 353 + SYS_SETAUID = 354 + SYS_GETAUDIT_ADDR = 357 + SYS_SETAUDIT_ADDR = 358 + SYS_AUDITCTL = 359 + SYS_BSDTHREAD_CREATE = 360 + SYS_BSDTHREAD_TERMINATE = 361 + SYS_KQUEUE = 362 + SYS_KEVENT = 363 + SYS_LCHOWN = 364 + SYS_BSDTHREAD_REGISTER = 366 + SYS_WORKQ_OPEN = 367 + SYS_WORKQ_KERNRETURN = 368 + SYS_KEVENT64 = 369 + SYS___OLD_SEMWAIT_SIGNAL = 370 + SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371 + SYS_THREAD_SELFID = 372 + SYS_LEDGER = 373 + SYS_KEVENT_QOS = 374 + SYS_KEVENT_ID = 375 + SYS___MAC_EXECVE = 380 + SYS___MAC_SYSCALL = 381 + SYS___MAC_GET_FILE = 382 + SYS___MAC_SET_FILE = 383 + SYS___MAC_GET_LINK = 384 + SYS___MAC_SET_LINK = 385 + SYS___MAC_GET_PROC = 386 + SYS___MAC_SET_PROC = 387 + SYS___MAC_GET_FD = 388 + SYS___MAC_SET_FD = 389 + SYS___MAC_GET_PID = 390 + SYS_PSELECT = 394 + SYS_PSELECT_NOCANCEL = 395 + SYS_READ_NOCANCEL = 396 + SYS_WRITE_NOCANCEL = 397 + SYS_OPEN_NOCANCEL = 398 + SYS_CLOSE_NOCANCEL = 399 + SYS_WAIT4_NOCANCEL = 400 + SYS_RECVMSG_NOCANCEL = 401 + SYS_SENDMSG_NOCANCEL = 402 + SYS_RECVFROM_NOCANCEL = 403 + SYS_ACCEPT_NOCANCEL = 404 + SYS_MSYNC_NOCANCEL = 405 + SYS_FCNTL_NOCANCEL = 406 + SYS_SELECT_NOCANCEL = 407 + SYS_FSYNC_NOCANCEL = 408 + SYS_CONNECT_NOCANCEL = 409 + SYS_SIGSUSPEND_NOCANCEL = 410 + SYS_READV_NOCANCEL = 411 + SYS_WRITEV_NOCANCEL = 412 + SYS_SENDTO_NOCANCEL = 413 + SYS_PREAD_NOCANCEL = 414 + SYS_PWRITE_NOCANCEL = 415 + SYS_WAITID_NOCANCEL = 416 + SYS_POLL_NOCANCEL = 417 + SYS_MSGSND_NOCANCEL = 418 + SYS_MSGRCV_NOCANCEL = 419 + SYS_SEM_WAIT_NOCANCEL = 420 + SYS_AIO_SUSPEND_NOCANCEL = 421 + SYS___SIGWAIT_NOCANCEL = 422 + SYS___SEMWAIT_SIGNAL_NOCANCEL = 423 + SYS___MAC_MOUNT = 424 + SYS___MAC_GET_MOUNT = 425 + SYS___MAC_GETFSSTAT = 426 + SYS_FSGETPATH = 427 + SYS_AUDIT_SESSION_SELF = 428 + SYS_AUDIT_SESSION_JOIN = 429 + SYS_FILEPORT_MAKEPORT = 430 + SYS_FILEPORT_MAKEFD = 431 + SYS_AUDIT_SESSION_PORT = 432 + SYS_PID_SUSPEND = 433 + SYS_PID_RESUME = 434 + SYS_PID_HIBERNATE = 435 + SYS_PID_SHUTDOWN_SOCKETS = 436 + SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438 + SYS_KAS_INFO = 439 + SYS_MEMORYSTATUS_CONTROL = 440 + SYS_GUARDED_OPEN_NP = 441 + SYS_GUARDED_CLOSE_NP = 442 + SYS_GUARDED_KQUEUE_NP = 443 + SYS_CHANGE_FDGUARD_NP = 444 + SYS_USRCTL = 445 + SYS_PROC_RLIMIT_CONTROL = 446 + SYS_CONNECTX = 447 + SYS_DISCONNECTX = 448 + SYS_PEELOFF = 449 + SYS_SOCKET_DELEGATE = 450 + SYS_TELEMETRY = 451 + SYS_PROC_UUID_POLICY = 452 + SYS_MEMORYSTATUS_GET_LEVEL = 453 + SYS_SYSTEM_OVERRIDE = 454 + SYS_VFS_PURGE = 455 + SYS_SFI_CTL = 456 + SYS_SFI_PIDCTL = 457 + SYS_COALITION = 458 + SYS_COALITION_INFO = 459 + SYS_NECP_MATCH_POLICY = 460 + SYS_GETATTRLISTBULK = 461 + SYS_CLONEFILEAT = 462 + SYS_OPENAT = 463 + SYS_OPENAT_NOCANCEL = 464 + SYS_RENAMEAT = 465 + SYS_FACCESSAT = 466 + SYS_FCHMODAT = 467 + SYS_FCHOWNAT = 468 + SYS_FSTATAT = 469 + SYS_FSTATAT64 = 470 + SYS_LINKAT = 471 + SYS_UNLINKAT = 472 + SYS_READLINKAT = 473 + SYS_SYMLINKAT = 474 + SYS_MKDIRAT = 475 + SYS_GETATTRLISTAT = 476 + SYS_PROC_TRACE_LOG = 477 + SYS_BSDTHREAD_CTL = 478 + SYS_OPENBYID_NP = 479 + SYS_RECVMSG_X = 480 + SYS_SENDMSG_X = 481 + SYS_THREAD_SELFUSAGE = 482 + SYS_CSRCTL = 483 + SYS_GUARDED_OPEN_DPROTECTED_NP = 484 + SYS_GUARDED_WRITE_NP = 485 + SYS_GUARDED_PWRITE_NP = 486 + SYS_GUARDED_WRITEV_NP = 487 + SYS_RENAMEATX_NP = 488 + SYS_MREMAP_ENCRYPTED = 489 + SYS_NETAGENT_TRIGGER = 490 + SYS_STACK_SNAPSHOT_WITH_CONFIG = 491 + SYS_MICROSTACKSHOT = 492 + SYS_GRAB_PGO_DATA = 493 + SYS_PERSONA = 494 + SYS_WORK_INTERVAL_CTL = 499 + SYS_GETENTROPY = 500 + SYS_NECP_OPEN = 501 + SYS_NECP_CLIENT_ACTION = 502 + SYS___NEXUS_OPEN = 503 + SYS___NEXUS_REGISTER = 504 + SYS___NEXUS_DEREGISTER = 505 + SYS___NEXUS_CREATE = 506 + SYS___NEXUS_DESTROY = 507 + SYS___NEXUS_GET_OPT = 508 + SYS___NEXUS_SET_OPT = 509 + SYS___CHANNEL_OPEN = 510 + SYS___CHANNEL_GET_INFO = 511 + SYS___CHANNEL_SYNC = 512 + SYS___CHANNEL_GET_OPT = 513 + SYS___CHANNEL_SET_OPT = 514 + SYS_ULOCK_WAIT = 515 + SYS_ULOCK_WAKE = 516 + SYS_FCLONEFILEAT = 517 + SYS_FS_SNAPSHOT = 518 + SYS_TERMINATE_WITH_PAYLOAD = 520 + SYS_ABORT_WITH_PAYLOAD = 521 + SYS_NECP_SESSION_OPEN = 522 + SYS_NECP_SESSION_ACTION = 523 + SYS_SETATTRLISTAT = 524 + SYS_NET_QOS_GUIDELINE = 525 + SYS_FMOUNT = 526 + SYS_NTP_ADJTIME = 527 + SYS_NTP_GETTIME = 528 + SYS_OS_FAULT_WITH_PAYLOAD = 529 + SYS_MAXSYSCALL = 530 + SYS_INVALID = 63 +) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go index 0f5a3f6970a26..f6742bdee090e 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go @@ -435,4 +435,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go index 36d5219ef824f..f7e525573bf24 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go @@ -357,4 +357,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go index 3622ba14b4e11..3f60977da678c 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go index 6193c3dc07c14..dbedf4cbacccc 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go @@ -302,4 +302,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go index 640b974345f31..eeff7e1dc9301 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go @@ -420,4 +420,5 @@ const ( SYS_OPENAT2 = 4437 SYS_PIDFD_GETFD = 4438 SYS_FACCESSAT2 = 4439 + SYS_PROCESS_MADVISE = 4440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go index 3467fbb5ff1c4..73cfa535cd69d 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go @@ -350,4 +350,5 @@ const ( SYS_OPENAT2 = 5437 SYS_PIDFD_GETFD = 5438 SYS_FACCESSAT2 = 5439 + SYS_PROCESS_MADVISE = 5440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go index 0fc38d5a72f02..be74729e0cb3a 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go @@ -350,4 +350,5 @@ const ( SYS_OPENAT2 = 5437 SYS_PIDFD_GETFD = 5438 SYS_FACCESSAT2 = 5439 + SYS_PROCESS_MADVISE = 5440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go index 999fd55bccb70..2a1047c818c83 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go @@ -420,4 +420,5 @@ const ( SYS_OPENAT2 = 4437 SYS_PIDFD_GETFD = 4438 SYS_FACCESSAT2 = 4439 + SYS_PROCESS_MADVISE = 4440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go index 1df0d799355df..32707428ce27d 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go index 4db39cca4da51..a58572f781080 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go @@ -399,4 +399,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go index e6927401446f7..72a65b76026a3 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go @@ -301,4 +301,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go index a585aec4e7971..1fb9ae5d4932e 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go @@ -364,4 +364,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go index d047e567afc60..57636e09e41b4 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go @@ -378,4 +378,5 @@ const ( SYS_OPENAT2 = 437 SYS_PIDFD_GETFD = 438 SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 ) diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go index 2c1f815e6f92c..295859c503db2 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go +++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go @@ -219,6 +219,7 @@ const ( SizeofSockaddrUnix = 0x401 SizeofSockaddrDatalink = 0x80 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofIPv6MTUInfo = 0x20 diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go index b4a069ecbdff0..a9ee0ffd44c12 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go @@ -223,6 +223,7 @@ const ( SizeofSockaddrUnix = 0x401 SizeofSockaddrDatalink = 0x80 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofIPv6MTUInfo = 0x20 diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go index 9ea0293aa8bca..725b4bee27db2 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go @@ -194,6 +194,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -258,7 +267,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go index 255e6cbb6556f..080ffce325508 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go @@ -199,6 +199,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -263,7 +272,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go index e21c828504fde..f2a77bc4e28e2 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go @@ -194,6 +194,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -258,7 +267,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go index 5eff2c1c44404..c9492428bfa3f 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go @@ -199,6 +199,15 @@ type RawSockaddrAny struct { Pad [92]int8 } +type RawSockaddrCtl struct { + Sc_len uint8 + Sc_family uint8 + Ss_sysaddr uint16 + Sc_id uint32 + Sc_unit uint32 + Sc_reserved [5]uint32 +} + type _Socklen uint32 type Linger struct { @@ -263,7 +272,9 @@ const ( SizeofSockaddrAny = 0x6c SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 + SizeofSockaddrCtl = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go index c4772df23bfd6..85506a05d4b8e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go @@ -234,6 +234,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go index 2a3ec615f753f..3e9dad33e3383 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go @@ -313,6 +313,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go index e11e95499e87d..e00e615544c89 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go @@ -309,6 +309,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go index b91c2ae0f015f..5da13c871b540 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go @@ -311,6 +311,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go index c6fe1d097d8fb..995ecf9d4e2c6 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go @@ -309,6 +309,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x36 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPMreqn = 0xc SizeofIPv6Mreq = 0x14 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 773fc321b7fd1..9f3b1a4e56e3b 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -462,170 +462,107 @@ const ( ) const ( - NDA_UNSPEC = 0x0 - NDA_DST = 0x1 - NDA_LLADDR = 0x2 - NDA_CACHEINFO = 0x3 - NDA_PROBES = 0x4 - NDA_VLAN = 0x5 - NDA_PORT = 0x6 - NDA_VNI = 0x7 - NDA_IFINDEX = 0x8 - NDA_MASTER = 0x9 - NDA_LINK_NETNSID = 0xa - NDA_SRC_VNI = 0xb - NTF_USE = 0x1 - NTF_SELF = 0x2 - NTF_MASTER = 0x4 - NTF_PROXY = 0x8 - NTF_EXT_LEARNED = 0x10 - NTF_OFFLOADED = 0x20 - NTF_ROUTER = 0x80 - NUD_INCOMPLETE = 0x1 - NUD_REACHABLE = 0x2 - NUD_STALE = 0x4 - NUD_DELAY = 0x8 - NUD_PROBE = 0x10 - NUD_FAILED = 0x20 - NUD_NOARP = 0x40 - NUD_PERMANENT = 0x80 - NUD_NONE = 0x0 - IFA_UNSPEC = 0x0 - IFA_ADDRESS = 0x1 - IFA_LOCAL = 0x2 - IFA_LABEL = 0x3 - IFA_BROADCAST = 0x4 - IFA_ANYCAST = 0x5 - IFA_CACHEINFO = 0x6 - IFA_MULTICAST = 0x7 - IFA_FLAGS = 0x8 - IFA_RT_PRIORITY = 0x9 - IFA_TARGET_NETNSID = 0xa - IFLA_UNSPEC = 0x0 - IFLA_ADDRESS = 0x1 - IFLA_BROADCAST = 0x2 - IFLA_IFNAME = 0x3 - IFLA_MTU = 0x4 - IFLA_LINK = 0x5 - IFLA_QDISC = 0x6 - IFLA_STATS = 0x7 - IFLA_COST = 0x8 - IFLA_PRIORITY = 0x9 - IFLA_MASTER = 0xa - IFLA_WIRELESS = 0xb - IFLA_PROTINFO = 0xc - IFLA_TXQLEN = 0xd - IFLA_MAP = 0xe - IFLA_WEIGHT = 0xf - IFLA_OPERSTATE = 0x10 - IFLA_LINKMODE = 0x11 - IFLA_LINKINFO = 0x12 - IFLA_NET_NS_PID = 0x13 - IFLA_IFALIAS = 0x14 - IFLA_NUM_VF = 0x15 - IFLA_VFINFO_LIST = 0x16 - IFLA_STATS64 = 0x17 - IFLA_VF_PORTS = 0x18 - IFLA_PORT_SELF = 0x19 - IFLA_AF_SPEC = 0x1a - IFLA_GROUP = 0x1b - IFLA_NET_NS_FD = 0x1c - IFLA_EXT_MASK = 0x1d - IFLA_PROMISCUITY = 0x1e - IFLA_NUM_TX_QUEUES = 0x1f - IFLA_NUM_RX_QUEUES = 0x20 - IFLA_CARRIER = 0x21 - IFLA_PHYS_PORT_ID = 0x22 - IFLA_CARRIER_CHANGES = 0x23 - IFLA_PHYS_SWITCH_ID = 0x24 - IFLA_LINK_NETNSID = 0x25 - IFLA_PHYS_PORT_NAME = 0x26 - IFLA_PROTO_DOWN = 0x27 - IFLA_GSO_MAX_SEGS = 0x28 - IFLA_GSO_MAX_SIZE = 0x29 - IFLA_PAD = 0x2a - IFLA_XDP = 0x2b - IFLA_EVENT = 0x2c - IFLA_NEW_NETNSID = 0x2d - IFLA_IF_NETNSID = 0x2e - IFLA_TARGET_NETNSID = 0x2e - IFLA_CARRIER_UP_COUNT = 0x2f - IFLA_CARRIER_DOWN_COUNT = 0x30 - IFLA_NEW_IFINDEX = 0x31 - IFLA_MIN_MTU = 0x32 - IFLA_MAX_MTU = 0x33 - IFLA_PROP_LIST = 0x34 - IFLA_ALT_IFNAME = 0x35 - IFLA_PERM_ADDRESS = 0x36 - IFLA_PROTO_DOWN_REASON = 0x37 - IFLA_MAX = 0x37 - IFLA_INFO_KIND = 0x1 - IFLA_INFO_DATA = 0x2 - IFLA_INFO_XSTATS = 0x3 - IFLA_INFO_SLAVE_KIND = 0x4 - IFLA_INFO_SLAVE_DATA = 0x5 - RT_SCOPE_UNIVERSE = 0x0 - RT_SCOPE_SITE = 0xc8 - RT_SCOPE_LINK = 0xfd - RT_SCOPE_HOST = 0xfe - RT_SCOPE_NOWHERE = 0xff - RT_TABLE_UNSPEC = 0x0 - RT_TABLE_COMPAT = 0xfc - RT_TABLE_DEFAULT = 0xfd - RT_TABLE_MAIN = 0xfe - RT_TABLE_LOCAL = 0xff - RT_TABLE_MAX = 0xffffffff - RTA_UNSPEC = 0x0 - RTA_DST = 0x1 - RTA_SRC = 0x2 - RTA_IIF = 0x3 - RTA_OIF = 0x4 - RTA_GATEWAY = 0x5 - RTA_PRIORITY = 0x6 - RTA_PREFSRC = 0x7 - RTA_METRICS = 0x8 - RTA_MULTIPATH = 0x9 - RTA_FLOW = 0xb - RTA_CACHEINFO = 0xc - RTA_TABLE = 0xf - RTA_MARK = 0x10 - RTA_MFC_STATS = 0x11 - RTA_VIA = 0x12 - RTA_NEWDST = 0x13 - RTA_PREF = 0x14 - RTA_ENCAP_TYPE = 0x15 - RTA_ENCAP = 0x16 - RTA_EXPIRES = 0x17 - RTA_PAD = 0x18 - RTA_UID = 0x19 - RTA_TTL_PROPAGATE = 0x1a - RTA_IP_PROTO = 0x1b - RTA_SPORT = 0x1c - RTA_DPORT = 0x1d - RTN_UNSPEC = 0x0 - RTN_UNICAST = 0x1 - RTN_LOCAL = 0x2 - RTN_BROADCAST = 0x3 - RTN_ANYCAST = 0x4 - RTN_MULTICAST = 0x5 - RTN_BLACKHOLE = 0x6 - RTN_UNREACHABLE = 0x7 - RTN_PROHIBIT = 0x8 - RTN_THROW = 0x9 - RTN_NAT = 0xa - RTN_XRESOLVE = 0xb - SizeofNlMsghdr = 0x10 - SizeofNlMsgerr = 0x14 - SizeofRtGenmsg = 0x1 - SizeofNlAttr = 0x4 - SizeofRtAttr = 0x4 - SizeofIfInfomsg = 0x10 - SizeofIfAddrmsg = 0x8 - SizeofIfaCacheinfo = 0x10 - SizeofRtMsg = 0xc - SizeofRtNexthop = 0x8 - SizeofNdUseroptmsg = 0x10 - SizeofNdMsg = 0xc + NDA_UNSPEC = 0x0 + NDA_DST = 0x1 + NDA_LLADDR = 0x2 + NDA_CACHEINFO = 0x3 + NDA_PROBES = 0x4 + NDA_VLAN = 0x5 + NDA_PORT = 0x6 + NDA_VNI = 0x7 + NDA_IFINDEX = 0x8 + NDA_MASTER = 0x9 + NDA_LINK_NETNSID = 0xa + NDA_SRC_VNI = 0xb + NTF_USE = 0x1 + NTF_SELF = 0x2 + NTF_MASTER = 0x4 + NTF_PROXY = 0x8 + NTF_EXT_LEARNED = 0x10 + NTF_OFFLOADED = 0x20 + NTF_ROUTER = 0x80 + NUD_INCOMPLETE = 0x1 + NUD_REACHABLE = 0x2 + NUD_STALE = 0x4 + NUD_DELAY = 0x8 + NUD_PROBE = 0x10 + NUD_FAILED = 0x20 + NUD_NOARP = 0x40 + NUD_PERMANENT = 0x80 + NUD_NONE = 0x0 + IFA_UNSPEC = 0x0 + IFA_ADDRESS = 0x1 + IFA_LOCAL = 0x2 + IFA_LABEL = 0x3 + IFA_BROADCAST = 0x4 + IFA_ANYCAST = 0x5 + IFA_CACHEINFO = 0x6 + IFA_MULTICAST = 0x7 + IFA_FLAGS = 0x8 + IFA_RT_PRIORITY = 0x9 + IFA_TARGET_NETNSID = 0xa + RT_SCOPE_UNIVERSE = 0x0 + RT_SCOPE_SITE = 0xc8 + RT_SCOPE_LINK = 0xfd + RT_SCOPE_HOST = 0xfe + RT_SCOPE_NOWHERE = 0xff + RT_TABLE_UNSPEC = 0x0 + RT_TABLE_COMPAT = 0xfc + RT_TABLE_DEFAULT = 0xfd + RT_TABLE_MAIN = 0xfe + RT_TABLE_LOCAL = 0xff + RT_TABLE_MAX = 0xffffffff + RTA_UNSPEC = 0x0 + RTA_DST = 0x1 + RTA_SRC = 0x2 + RTA_IIF = 0x3 + RTA_OIF = 0x4 + RTA_GATEWAY = 0x5 + RTA_PRIORITY = 0x6 + RTA_PREFSRC = 0x7 + RTA_METRICS = 0x8 + RTA_MULTIPATH = 0x9 + RTA_FLOW = 0xb + RTA_CACHEINFO = 0xc + RTA_TABLE = 0xf + RTA_MARK = 0x10 + RTA_MFC_STATS = 0x11 + RTA_VIA = 0x12 + RTA_NEWDST = 0x13 + RTA_PREF = 0x14 + RTA_ENCAP_TYPE = 0x15 + RTA_ENCAP = 0x16 + RTA_EXPIRES = 0x17 + RTA_PAD = 0x18 + RTA_UID = 0x19 + RTA_TTL_PROPAGATE = 0x1a + RTA_IP_PROTO = 0x1b + RTA_SPORT = 0x1c + RTA_DPORT = 0x1d + RTN_UNSPEC = 0x0 + RTN_UNICAST = 0x1 + RTN_LOCAL = 0x2 + RTN_BROADCAST = 0x3 + RTN_ANYCAST = 0x4 + RTN_MULTICAST = 0x5 + RTN_BLACKHOLE = 0x6 + RTN_UNREACHABLE = 0x7 + RTN_PROHIBIT = 0x8 + RTN_THROW = 0x9 + RTN_NAT = 0xa + RTN_XRESOLVE = 0xb + SizeofNlMsghdr = 0x10 + SizeofNlMsgerr = 0x14 + SizeofRtGenmsg = 0x1 + SizeofNlAttr = 0x4 + SizeofRtAttr = 0x4 + SizeofIfInfomsg = 0x10 + SizeofIfAddrmsg = 0x8 + SizeofIfaCacheinfo = 0x10 + SizeofRtMsg = 0xc + SizeofRtNexthop = 0x8 + SizeofNdUseroptmsg = 0x10 + SizeofNdMsg = 0xc ) type NlMsghdr struct { @@ -1387,6 +1324,401 @@ const ( SizeofTpacketStatsV3 = 0xc ) +const ( + IFLA_UNSPEC = 0x0 + IFLA_ADDRESS = 0x1 + IFLA_BROADCAST = 0x2 + IFLA_IFNAME = 0x3 + IFLA_MTU = 0x4 + IFLA_LINK = 0x5 + IFLA_QDISC = 0x6 + IFLA_STATS = 0x7 + IFLA_COST = 0x8 + IFLA_PRIORITY = 0x9 + IFLA_MASTER = 0xa + IFLA_WIRELESS = 0xb + IFLA_PROTINFO = 0xc + IFLA_TXQLEN = 0xd + IFLA_MAP = 0xe + IFLA_WEIGHT = 0xf + IFLA_OPERSTATE = 0x10 + IFLA_LINKMODE = 0x11 + IFLA_LINKINFO = 0x12 + IFLA_NET_NS_PID = 0x13 + IFLA_IFALIAS = 0x14 + IFLA_NUM_VF = 0x15 + IFLA_VFINFO_LIST = 0x16 + IFLA_STATS64 = 0x17 + IFLA_VF_PORTS = 0x18 + IFLA_PORT_SELF = 0x19 + IFLA_AF_SPEC = 0x1a + IFLA_GROUP = 0x1b + IFLA_NET_NS_FD = 0x1c + IFLA_EXT_MASK = 0x1d + IFLA_PROMISCUITY = 0x1e + IFLA_NUM_TX_QUEUES = 0x1f + IFLA_NUM_RX_QUEUES = 0x20 + IFLA_CARRIER = 0x21 + IFLA_PHYS_PORT_ID = 0x22 + IFLA_CARRIER_CHANGES = 0x23 + IFLA_PHYS_SWITCH_ID = 0x24 + IFLA_LINK_NETNSID = 0x25 + IFLA_PHYS_PORT_NAME = 0x26 + IFLA_PROTO_DOWN = 0x27 + IFLA_GSO_MAX_SEGS = 0x28 + IFLA_GSO_MAX_SIZE = 0x29 + IFLA_PAD = 0x2a + IFLA_XDP = 0x2b + IFLA_EVENT = 0x2c + IFLA_NEW_NETNSID = 0x2d + IFLA_IF_NETNSID = 0x2e + IFLA_TARGET_NETNSID = 0x2e + IFLA_CARRIER_UP_COUNT = 0x2f + IFLA_CARRIER_DOWN_COUNT = 0x30 + IFLA_NEW_IFINDEX = 0x31 + IFLA_MIN_MTU = 0x32 + IFLA_MAX_MTU = 0x33 + IFLA_PROP_LIST = 0x34 + IFLA_ALT_IFNAME = 0x35 + IFLA_PERM_ADDRESS = 0x36 + IFLA_PROTO_DOWN_REASON = 0x37 + IFLA_PROTO_DOWN_REASON_UNSPEC = 0x0 + IFLA_PROTO_DOWN_REASON_MASK = 0x1 + IFLA_PROTO_DOWN_REASON_VALUE = 0x2 + IFLA_PROTO_DOWN_REASON_MAX = 0x2 + IFLA_INET_UNSPEC = 0x0 + IFLA_INET_CONF = 0x1 + IFLA_INET6_UNSPEC = 0x0 + IFLA_INET6_FLAGS = 0x1 + IFLA_INET6_CONF = 0x2 + IFLA_INET6_STATS = 0x3 + IFLA_INET6_MCAST = 0x4 + IFLA_INET6_CACHEINFO = 0x5 + IFLA_INET6_ICMP6STATS = 0x6 + IFLA_INET6_TOKEN = 0x7 + IFLA_INET6_ADDR_GEN_MODE = 0x8 + IFLA_BR_UNSPEC = 0x0 + IFLA_BR_FORWARD_DELAY = 0x1 + IFLA_BR_HELLO_TIME = 0x2 + IFLA_BR_MAX_AGE = 0x3 + IFLA_BR_AGEING_TIME = 0x4 + IFLA_BR_STP_STATE = 0x5 + IFLA_BR_PRIORITY = 0x6 + IFLA_BR_VLAN_FILTERING = 0x7 + IFLA_BR_VLAN_PROTOCOL = 0x8 + IFLA_BR_GROUP_FWD_MASK = 0x9 + IFLA_BR_ROOT_ID = 0xa + IFLA_BR_BRIDGE_ID = 0xb + IFLA_BR_ROOT_PORT = 0xc + IFLA_BR_ROOT_PATH_COST = 0xd + IFLA_BR_TOPOLOGY_CHANGE = 0xe + IFLA_BR_TOPOLOGY_CHANGE_DETECTED = 0xf + IFLA_BR_HELLO_TIMER = 0x10 + IFLA_BR_TCN_TIMER = 0x11 + IFLA_BR_TOPOLOGY_CHANGE_TIMER = 0x12 + IFLA_BR_GC_TIMER = 0x13 + IFLA_BR_GROUP_ADDR = 0x14 + IFLA_BR_FDB_FLUSH = 0x15 + IFLA_BR_MCAST_ROUTER = 0x16 + IFLA_BR_MCAST_SNOOPING = 0x17 + IFLA_BR_MCAST_QUERY_USE_IFADDR = 0x18 + IFLA_BR_MCAST_QUERIER = 0x19 + IFLA_BR_MCAST_HASH_ELASTICITY = 0x1a + IFLA_BR_MCAST_HASH_MAX = 0x1b + IFLA_BR_MCAST_LAST_MEMBER_CNT = 0x1c + IFLA_BR_MCAST_STARTUP_QUERY_CNT = 0x1d + IFLA_BR_MCAST_LAST_MEMBER_INTVL = 0x1e + IFLA_BR_MCAST_MEMBERSHIP_INTVL = 0x1f + IFLA_BR_MCAST_QUERIER_INTVL = 0x20 + IFLA_BR_MCAST_QUERY_INTVL = 0x21 + IFLA_BR_MCAST_QUERY_RESPONSE_INTVL = 0x22 + IFLA_BR_MCAST_STARTUP_QUERY_INTVL = 0x23 + IFLA_BR_NF_CALL_IPTABLES = 0x24 + IFLA_BR_NF_CALL_IP6TABLES = 0x25 + IFLA_BR_NF_CALL_ARPTABLES = 0x26 + IFLA_BR_VLAN_DEFAULT_PVID = 0x27 + IFLA_BR_PAD = 0x28 + IFLA_BR_VLAN_STATS_ENABLED = 0x29 + IFLA_BR_MCAST_STATS_ENABLED = 0x2a + IFLA_BR_MCAST_IGMP_VERSION = 0x2b + IFLA_BR_MCAST_MLD_VERSION = 0x2c + IFLA_BR_VLAN_STATS_PER_PORT = 0x2d + IFLA_BR_MULTI_BOOLOPT = 0x2e + IFLA_BRPORT_UNSPEC = 0x0 + IFLA_BRPORT_STATE = 0x1 + IFLA_BRPORT_PRIORITY = 0x2 + IFLA_BRPORT_COST = 0x3 + IFLA_BRPORT_MODE = 0x4 + IFLA_BRPORT_GUARD = 0x5 + IFLA_BRPORT_PROTECT = 0x6 + IFLA_BRPORT_FAST_LEAVE = 0x7 + IFLA_BRPORT_LEARNING = 0x8 + IFLA_BRPORT_UNICAST_FLOOD = 0x9 + IFLA_BRPORT_PROXYARP = 0xa + IFLA_BRPORT_LEARNING_SYNC = 0xb + IFLA_BRPORT_PROXYARP_WIFI = 0xc + IFLA_BRPORT_ROOT_ID = 0xd + IFLA_BRPORT_BRIDGE_ID = 0xe + IFLA_BRPORT_DESIGNATED_PORT = 0xf + IFLA_BRPORT_DESIGNATED_COST = 0x10 + IFLA_BRPORT_ID = 0x11 + IFLA_BRPORT_NO = 0x12 + IFLA_BRPORT_TOPOLOGY_CHANGE_ACK = 0x13 + IFLA_BRPORT_CONFIG_PENDING = 0x14 + IFLA_BRPORT_MESSAGE_AGE_TIMER = 0x15 + IFLA_BRPORT_FORWARD_DELAY_TIMER = 0x16 + IFLA_BRPORT_HOLD_TIMER = 0x17 + IFLA_BRPORT_FLUSH = 0x18 + IFLA_BRPORT_MULTICAST_ROUTER = 0x19 + IFLA_BRPORT_PAD = 0x1a + IFLA_BRPORT_MCAST_FLOOD = 0x1b + IFLA_BRPORT_MCAST_TO_UCAST = 0x1c + IFLA_BRPORT_VLAN_TUNNEL = 0x1d + IFLA_BRPORT_BCAST_FLOOD = 0x1e + IFLA_BRPORT_GROUP_FWD_MASK = 0x1f + IFLA_BRPORT_NEIGH_SUPPRESS = 0x20 + IFLA_BRPORT_ISOLATED = 0x21 + IFLA_BRPORT_BACKUP_PORT = 0x22 + IFLA_BRPORT_MRP_RING_OPEN = 0x23 + IFLA_BRPORT_MRP_IN_OPEN = 0x24 + IFLA_INFO_UNSPEC = 0x0 + IFLA_INFO_KIND = 0x1 + IFLA_INFO_DATA = 0x2 + IFLA_INFO_XSTATS = 0x3 + IFLA_INFO_SLAVE_KIND = 0x4 + IFLA_INFO_SLAVE_DATA = 0x5 + IFLA_VLAN_UNSPEC = 0x0 + IFLA_VLAN_ID = 0x1 + IFLA_VLAN_FLAGS = 0x2 + IFLA_VLAN_EGRESS_QOS = 0x3 + IFLA_VLAN_INGRESS_QOS = 0x4 + IFLA_VLAN_PROTOCOL = 0x5 + IFLA_VLAN_QOS_UNSPEC = 0x0 + IFLA_VLAN_QOS_MAPPING = 0x1 + IFLA_MACVLAN_UNSPEC = 0x0 + IFLA_MACVLAN_MODE = 0x1 + IFLA_MACVLAN_FLAGS = 0x2 + IFLA_MACVLAN_MACADDR_MODE = 0x3 + IFLA_MACVLAN_MACADDR = 0x4 + IFLA_MACVLAN_MACADDR_DATA = 0x5 + IFLA_MACVLAN_MACADDR_COUNT = 0x6 + IFLA_VRF_UNSPEC = 0x0 + IFLA_VRF_TABLE = 0x1 + IFLA_VRF_PORT_UNSPEC = 0x0 + IFLA_VRF_PORT_TABLE = 0x1 + IFLA_MACSEC_UNSPEC = 0x0 + IFLA_MACSEC_SCI = 0x1 + IFLA_MACSEC_PORT = 0x2 + IFLA_MACSEC_ICV_LEN = 0x3 + IFLA_MACSEC_CIPHER_SUITE = 0x4 + IFLA_MACSEC_WINDOW = 0x5 + IFLA_MACSEC_ENCODING_SA = 0x6 + IFLA_MACSEC_ENCRYPT = 0x7 + IFLA_MACSEC_PROTECT = 0x8 + IFLA_MACSEC_INC_SCI = 0x9 + IFLA_MACSEC_ES = 0xa + IFLA_MACSEC_SCB = 0xb + IFLA_MACSEC_REPLAY_PROTECT = 0xc + IFLA_MACSEC_VALIDATION = 0xd + IFLA_MACSEC_PAD = 0xe + IFLA_MACSEC_OFFLOAD = 0xf + IFLA_XFRM_UNSPEC = 0x0 + IFLA_XFRM_LINK = 0x1 + IFLA_XFRM_IF_ID = 0x2 + IFLA_IPVLAN_UNSPEC = 0x0 + IFLA_IPVLAN_MODE = 0x1 + IFLA_IPVLAN_FLAGS = 0x2 + IFLA_VXLAN_UNSPEC = 0x0 + IFLA_VXLAN_ID = 0x1 + IFLA_VXLAN_GROUP = 0x2 + IFLA_VXLAN_LINK = 0x3 + IFLA_VXLAN_LOCAL = 0x4 + IFLA_VXLAN_TTL = 0x5 + IFLA_VXLAN_TOS = 0x6 + IFLA_VXLAN_LEARNING = 0x7 + IFLA_VXLAN_AGEING = 0x8 + IFLA_VXLAN_LIMIT = 0x9 + IFLA_VXLAN_PORT_RANGE = 0xa + IFLA_VXLAN_PROXY = 0xb + IFLA_VXLAN_RSC = 0xc + IFLA_VXLAN_L2MISS = 0xd + IFLA_VXLAN_L3MISS = 0xe + IFLA_VXLAN_PORT = 0xf + IFLA_VXLAN_GROUP6 = 0x10 + IFLA_VXLAN_LOCAL6 = 0x11 + IFLA_VXLAN_UDP_CSUM = 0x12 + IFLA_VXLAN_UDP_ZERO_CSUM6_TX = 0x13 + IFLA_VXLAN_UDP_ZERO_CSUM6_RX = 0x14 + IFLA_VXLAN_REMCSUM_TX = 0x15 + IFLA_VXLAN_REMCSUM_RX = 0x16 + IFLA_VXLAN_GBP = 0x17 + IFLA_VXLAN_REMCSUM_NOPARTIAL = 0x18 + IFLA_VXLAN_COLLECT_METADATA = 0x19 + IFLA_VXLAN_LABEL = 0x1a + IFLA_VXLAN_GPE = 0x1b + IFLA_VXLAN_TTL_INHERIT = 0x1c + IFLA_VXLAN_DF = 0x1d + IFLA_GENEVE_UNSPEC = 0x0 + IFLA_GENEVE_ID = 0x1 + IFLA_GENEVE_REMOTE = 0x2 + IFLA_GENEVE_TTL = 0x3 + IFLA_GENEVE_TOS = 0x4 + IFLA_GENEVE_PORT = 0x5 + IFLA_GENEVE_COLLECT_METADATA = 0x6 + IFLA_GENEVE_REMOTE6 = 0x7 + IFLA_GENEVE_UDP_CSUM = 0x8 + IFLA_GENEVE_UDP_ZERO_CSUM6_TX = 0x9 + IFLA_GENEVE_UDP_ZERO_CSUM6_RX = 0xa + IFLA_GENEVE_LABEL = 0xb + IFLA_GENEVE_TTL_INHERIT = 0xc + IFLA_GENEVE_DF = 0xd + IFLA_BAREUDP_UNSPEC = 0x0 + IFLA_BAREUDP_PORT = 0x1 + IFLA_BAREUDP_ETHERTYPE = 0x2 + IFLA_BAREUDP_SRCPORT_MIN = 0x3 + IFLA_BAREUDP_MULTIPROTO_MODE = 0x4 + IFLA_PPP_UNSPEC = 0x0 + IFLA_PPP_DEV_FD = 0x1 + IFLA_GTP_UNSPEC = 0x0 + IFLA_GTP_FD0 = 0x1 + IFLA_GTP_FD1 = 0x2 + IFLA_GTP_PDP_HASHSIZE = 0x3 + IFLA_GTP_ROLE = 0x4 + IFLA_BOND_UNSPEC = 0x0 + IFLA_BOND_MODE = 0x1 + IFLA_BOND_ACTIVE_SLAVE = 0x2 + IFLA_BOND_MIIMON = 0x3 + IFLA_BOND_UPDELAY = 0x4 + IFLA_BOND_DOWNDELAY = 0x5 + IFLA_BOND_USE_CARRIER = 0x6 + IFLA_BOND_ARP_INTERVAL = 0x7 + IFLA_BOND_ARP_IP_TARGET = 0x8 + IFLA_BOND_ARP_VALIDATE = 0x9 + IFLA_BOND_ARP_ALL_TARGETS = 0xa + IFLA_BOND_PRIMARY = 0xb + IFLA_BOND_PRIMARY_RESELECT = 0xc + IFLA_BOND_FAIL_OVER_MAC = 0xd + IFLA_BOND_XMIT_HASH_POLICY = 0xe + IFLA_BOND_RESEND_IGMP = 0xf + IFLA_BOND_NUM_PEER_NOTIF = 0x10 + IFLA_BOND_ALL_SLAVES_ACTIVE = 0x11 + IFLA_BOND_MIN_LINKS = 0x12 + IFLA_BOND_LP_INTERVAL = 0x13 + IFLA_BOND_PACKETS_PER_SLAVE = 0x14 + IFLA_BOND_AD_LACP_RATE = 0x15 + IFLA_BOND_AD_SELECT = 0x16 + IFLA_BOND_AD_INFO = 0x17 + IFLA_BOND_AD_ACTOR_SYS_PRIO = 0x18 + IFLA_BOND_AD_USER_PORT_KEY = 0x19 + IFLA_BOND_AD_ACTOR_SYSTEM = 0x1a + IFLA_BOND_TLB_DYNAMIC_LB = 0x1b + IFLA_BOND_PEER_NOTIF_DELAY = 0x1c + IFLA_BOND_AD_INFO_UNSPEC = 0x0 + IFLA_BOND_AD_INFO_AGGREGATOR = 0x1 + IFLA_BOND_AD_INFO_NUM_PORTS = 0x2 + IFLA_BOND_AD_INFO_ACTOR_KEY = 0x3 + IFLA_BOND_AD_INFO_PARTNER_KEY = 0x4 + IFLA_BOND_AD_INFO_PARTNER_MAC = 0x5 + IFLA_BOND_SLAVE_UNSPEC = 0x0 + IFLA_BOND_SLAVE_STATE = 0x1 + IFLA_BOND_SLAVE_MII_STATUS = 0x2 + IFLA_BOND_SLAVE_LINK_FAILURE_COUNT = 0x3 + IFLA_BOND_SLAVE_PERM_HWADDR = 0x4 + IFLA_BOND_SLAVE_QUEUE_ID = 0x5 + IFLA_BOND_SLAVE_AD_AGGREGATOR_ID = 0x6 + IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE = 0x7 + IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE = 0x8 + IFLA_VF_INFO_UNSPEC = 0x0 + IFLA_VF_INFO = 0x1 + IFLA_VF_UNSPEC = 0x0 + IFLA_VF_MAC = 0x1 + IFLA_VF_VLAN = 0x2 + IFLA_VF_TX_RATE = 0x3 + IFLA_VF_SPOOFCHK = 0x4 + IFLA_VF_LINK_STATE = 0x5 + IFLA_VF_RATE = 0x6 + IFLA_VF_RSS_QUERY_EN = 0x7 + IFLA_VF_STATS = 0x8 + IFLA_VF_TRUST = 0x9 + IFLA_VF_IB_NODE_GUID = 0xa + IFLA_VF_IB_PORT_GUID = 0xb + IFLA_VF_VLAN_LIST = 0xc + IFLA_VF_BROADCAST = 0xd + IFLA_VF_VLAN_INFO_UNSPEC = 0x0 + IFLA_VF_VLAN_INFO = 0x1 + IFLA_VF_LINK_STATE_AUTO = 0x0 + IFLA_VF_LINK_STATE_ENABLE = 0x1 + IFLA_VF_LINK_STATE_DISABLE = 0x2 + IFLA_VF_STATS_RX_PACKETS = 0x0 + IFLA_VF_STATS_TX_PACKETS = 0x1 + IFLA_VF_STATS_RX_BYTES = 0x2 + IFLA_VF_STATS_TX_BYTES = 0x3 + IFLA_VF_STATS_BROADCAST = 0x4 + IFLA_VF_STATS_MULTICAST = 0x5 + IFLA_VF_STATS_PAD = 0x6 + IFLA_VF_STATS_RX_DROPPED = 0x7 + IFLA_VF_STATS_TX_DROPPED = 0x8 + IFLA_VF_PORT_UNSPEC = 0x0 + IFLA_VF_PORT = 0x1 + IFLA_PORT_UNSPEC = 0x0 + IFLA_PORT_VF = 0x1 + IFLA_PORT_PROFILE = 0x2 + IFLA_PORT_VSI_TYPE = 0x3 + IFLA_PORT_INSTANCE_UUID = 0x4 + IFLA_PORT_HOST_UUID = 0x5 + IFLA_PORT_REQUEST = 0x6 + IFLA_PORT_RESPONSE = 0x7 + IFLA_IPOIB_UNSPEC = 0x0 + IFLA_IPOIB_PKEY = 0x1 + IFLA_IPOIB_MODE = 0x2 + IFLA_IPOIB_UMCAST = 0x3 + IFLA_HSR_UNSPEC = 0x0 + IFLA_HSR_SLAVE1 = 0x1 + IFLA_HSR_SLAVE2 = 0x2 + IFLA_HSR_MULTICAST_SPEC = 0x3 + IFLA_HSR_SUPERVISION_ADDR = 0x4 + IFLA_HSR_SEQ_NR = 0x5 + IFLA_HSR_VERSION = 0x6 + IFLA_HSR_PROTOCOL = 0x7 + IFLA_STATS_UNSPEC = 0x0 + IFLA_STATS_LINK_64 = 0x1 + IFLA_STATS_LINK_XSTATS = 0x2 + IFLA_STATS_LINK_XSTATS_SLAVE = 0x3 + IFLA_STATS_LINK_OFFLOAD_XSTATS = 0x4 + IFLA_STATS_AF_SPEC = 0x5 + IFLA_OFFLOAD_XSTATS_UNSPEC = 0x0 + IFLA_OFFLOAD_XSTATS_CPU_HIT = 0x1 + IFLA_XDP_UNSPEC = 0x0 + IFLA_XDP_FD = 0x1 + IFLA_XDP_ATTACHED = 0x2 + IFLA_XDP_FLAGS = 0x3 + IFLA_XDP_PROG_ID = 0x4 + IFLA_XDP_DRV_PROG_ID = 0x5 + IFLA_XDP_SKB_PROG_ID = 0x6 + IFLA_XDP_HW_PROG_ID = 0x7 + IFLA_XDP_EXPECTED_FD = 0x8 + IFLA_EVENT_NONE = 0x0 + IFLA_EVENT_REBOOT = 0x1 + IFLA_EVENT_FEATURES = 0x2 + IFLA_EVENT_BONDING_FAILOVER = 0x3 + IFLA_EVENT_NOTIFY_PEERS = 0x4 + IFLA_EVENT_IGMP_RESEND = 0x5 + IFLA_EVENT_BONDING_OPTIONS = 0x6 + IFLA_TUN_UNSPEC = 0x0 + IFLA_TUN_OWNER = 0x1 + IFLA_TUN_GROUP = 0x2 + IFLA_TUN_TYPE = 0x3 + IFLA_TUN_PI = 0x4 + IFLA_TUN_VNET_HDR = 0x5 + IFLA_TUN_PERSIST = 0x6 + IFLA_TUN_MULTI_QUEUE = 0x7 + IFLA_TUN_NUM_QUEUES = 0x8 + IFLA_TUN_NUM_DISABLED_QUEUES = 0x9 + IFLA_RMNET_UNSPEC = 0x0 + IFLA_RMNET_MUX_ID = 0x1 + IFLA_RMNET_FLAGS = 0x2 +) + const ( NF_INET_PRE_ROUTING = 0x0 NF_INET_LOCAL_IN = 0x1 @@ -1892,10 +2224,12 @@ const ( ) const ( - NETNSA_NONE = 0x0 - NETNSA_NSID = 0x1 - NETNSA_PID = 0x2 - NETNSA_FD = 0x3 + NETNSA_NONE = 0x0 + NETNSA_NSID = 0x1 + NETNSA_PID = 0x2 + NETNSA_FD = 0x3 + NETNSA_TARGET_NSID = 0x4 + NETNSA_CURRENT_NSID = 0x5 ) type XDPRingOffset struct { @@ -2045,281 +2379,309 @@ const ( ) const ( - BPF_REG_0 = 0x0 - BPF_REG_1 = 0x1 - BPF_REG_2 = 0x2 - BPF_REG_3 = 0x3 - BPF_REG_4 = 0x4 - BPF_REG_5 = 0x5 - BPF_REG_6 = 0x6 - BPF_REG_7 = 0x7 - BPF_REG_8 = 0x8 - BPF_REG_9 = 0x9 - BPF_REG_10 = 0xa - BPF_MAP_CREATE = 0x0 - BPF_MAP_LOOKUP_ELEM = 0x1 - BPF_MAP_UPDATE_ELEM = 0x2 - BPF_MAP_DELETE_ELEM = 0x3 - BPF_MAP_GET_NEXT_KEY = 0x4 - BPF_PROG_LOAD = 0x5 - BPF_OBJ_PIN = 0x6 - BPF_OBJ_GET = 0x7 - BPF_PROG_ATTACH = 0x8 - BPF_PROG_DETACH = 0x9 - BPF_PROG_TEST_RUN = 0xa - BPF_PROG_GET_NEXT_ID = 0xb - BPF_MAP_GET_NEXT_ID = 0xc - BPF_PROG_GET_FD_BY_ID = 0xd - BPF_MAP_GET_FD_BY_ID = 0xe - BPF_OBJ_GET_INFO_BY_FD = 0xf - BPF_PROG_QUERY = 0x10 - BPF_RAW_TRACEPOINT_OPEN = 0x11 - BPF_BTF_LOAD = 0x12 - BPF_BTF_GET_FD_BY_ID = 0x13 - BPF_TASK_FD_QUERY = 0x14 - BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15 - BPF_MAP_FREEZE = 0x16 - BPF_BTF_GET_NEXT_ID = 0x17 - BPF_MAP_LOOKUP_BATCH = 0x18 - BPF_MAP_LOOKUP_AND_DELETE_BATCH = 0x19 - BPF_MAP_UPDATE_BATCH = 0x1a - BPF_MAP_DELETE_BATCH = 0x1b - BPF_LINK_CREATE = 0x1c - BPF_LINK_UPDATE = 0x1d - BPF_LINK_GET_FD_BY_ID = 0x1e - BPF_LINK_GET_NEXT_ID = 0x1f - BPF_ENABLE_STATS = 0x20 - BPF_ITER_CREATE = 0x21 - BPF_MAP_TYPE_UNSPEC = 0x0 - BPF_MAP_TYPE_HASH = 0x1 - BPF_MAP_TYPE_ARRAY = 0x2 - BPF_MAP_TYPE_PROG_ARRAY = 0x3 - BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4 - BPF_MAP_TYPE_PERCPU_HASH = 0x5 - BPF_MAP_TYPE_PERCPU_ARRAY = 0x6 - BPF_MAP_TYPE_STACK_TRACE = 0x7 - BPF_MAP_TYPE_CGROUP_ARRAY = 0x8 - BPF_MAP_TYPE_LRU_HASH = 0x9 - BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa - BPF_MAP_TYPE_LPM_TRIE = 0xb - BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc - BPF_MAP_TYPE_HASH_OF_MAPS = 0xd - BPF_MAP_TYPE_DEVMAP = 0xe - BPF_MAP_TYPE_SOCKMAP = 0xf - BPF_MAP_TYPE_CPUMAP = 0x10 - BPF_MAP_TYPE_XSKMAP = 0x11 - BPF_MAP_TYPE_SOCKHASH = 0x12 - BPF_MAP_TYPE_CGROUP_STORAGE = 0x13 - BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14 - BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15 - BPF_MAP_TYPE_QUEUE = 0x16 - BPF_MAP_TYPE_STACK = 0x17 - BPF_MAP_TYPE_SK_STORAGE = 0x18 - BPF_MAP_TYPE_DEVMAP_HASH = 0x19 - BPF_MAP_TYPE_STRUCT_OPS = 0x1a - BPF_MAP_TYPE_RINGBUF = 0x1b - BPF_PROG_TYPE_UNSPEC = 0x0 - BPF_PROG_TYPE_SOCKET_FILTER = 0x1 - BPF_PROG_TYPE_KPROBE = 0x2 - BPF_PROG_TYPE_SCHED_CLS = 0x3 - BPF_PROG_TYPE_SCHED_ACT = 0x4 - BPF_PROG_TYPE_TRACEPOINT = 0x5 - BPF_PROG_TYPE_XDP = 0x6 - BPF_PROG_TYPE_PERF_EVENT = 0x7 - BPF_PROG_TYPE_CGROUP_SKB = 0x8 - BPF_PROG_TYPE_CGROUP_SOCK = 0x9 - BPF_PROG_TYPE_LWT_IN = 0xa - BPF_PROG_TYPE_LWT_OUT = 0xb - BPF_PROG_TYPE_LWT_XMIT = 0xc - BPF_PROG_TYPE_SOCK_OPS = 0xd - BPF_PROG_TYPE_SK_SKB = 0xe - BPF_PROG_TYPE_CGROUP_DEVICE = 0xf - BPF_PROG_TYPE_SK_MSG = 0x10 - BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11 - BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12 - BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13 - BPF_PROG_TYPE_LIRC_MODE2 = 0x14 - BPF_PROG_TYPE_SK_REUSEPORT = 0x15 - BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16 - BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17 - BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18 - BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19 - BPF_PROG_TYPE_TRACING = 0x1a - BPF_PROG_TYPE_STRUCT_OPS = 0x1b - BPF_PROG_TYPE_EXT = 0x1c - BPF_PROG_TYPE_LSM = 0x1d - BPF_CGROUP_INET_INGRESS = 0x0 - BPF_CGROUP_INET_EGRESS = 0x1 - BPF_CGROUP_INET_SOCK_CREATE = 0x2 - BPF_CGROUP_SOCK_OPS = 0x3 - BPF_SK_SKB_STREAM_PARSER = 0x4 - BPF_SK_SKB_STREAM_VERDICT = 0x5 - BPF_CGROUP_DEVICE = 0x6 - BPF_SK_MSG_VERDICT = 0x7 - BPF_CGROUP_INET4_BIND = 0x8 - BPF_CGROUP_INET6_BIND = 0x9 - BPF_CGROUP_INET4_CONNECT = 0xa - BPF_CGROUP_INET6_CONNECT = 0xb - BPF_CGROUP_INET4_POST_BIND = 0xc - BPF_CGROUP_INET6_POST_BIND = 0xd - BPF_CGROUP_UDP4_SENDMSG = 0xe - BPF_CGROUP_UDP6_SENDMSG = 0xf - BPF_LIRC_MODE2 = 0x10 - BPF_FLOW_DISSECTOR = 0x11 - BPF_CGROUP_SYSCTL = 0x12 - BPF_CGROUP_UDP4_RECVMSG = 0x13 - BPF_CGROUP_UDP6_RECVMSG = 0x14 - BPF_CGROUP_GETSOCKOPT = 0x15 - BPF_CGROUP_SETSOCKOPT = 0x16 - BPF_TRACE_RAW_TP = 0x17 - BPF_TRACE_FENTRY = 0x18 - BPF_TRACE_FEXIT = 0x19 - BPF_MODIFY_RETURN = 0x1a - BPF_LSM_MAC = 0x1b - BPF_TRACE_ITER = 0x1c - BPF_CGROUP_INET4_GETPEERNAME = 0x1d - BPF_CGROUP_INET6_GETPEERNAME = 0x1e - BPF_CGROUP_INET4_GETSOCKNAME = 0x1f - BPF_CGROUP_INET6_GETSOCKNAME = 0x20 - BPF_XDP_DEVMAP = 0x21 - BPF_LINK_TYPE_UNSPEC = 0x0 - BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 - BPF_LINK_TYPE_TRACING = 0x2 - BPF_LINK_TYPE_CGROUP = 0x3 - BPF_LINK_TYPE_ITER = 0x4 - BPF_LINK_TYPE_NETNS = 0x5 - BPF_ANY = 0x0 - BPF_NOEXIST = 0x1 - BPF_EXIST = 0x2 - BPF_F_LOCK = 0x4 - BPF_F_NO_PREALLOC = 0x1 - BPF_F_NO_COMMON_LRU = 0x2 - BPF_F_NUMA_NODE = 0x4 - BPF_F_RDONLY = 0x8 - BPF_F_WRONLY = 0x10 - BPF_F_STACK_BUILD_ID = 0x20 - BPF_F_ZERO_SEED = 0x40 - BPF_F_RDONLY_PROG = 0x80 - BPF_F_WRONLY_PROG = 0x100 - BPF_F_CLONE = 0x200 - BPF_F_MMAPABLE = 0x400 - BPF_STATS_RUN_TIME = 0x0 - BPF_STACK_BUILD_ID_EMPTY = 0x0 - BPF_STACK_BUILD_ID_VALID = 0x1 - BPF_STACK_BUILD_ID_IP = 0x2 - BPF_F_RECOMPUTE_CSUM = 0x1 - BPF_F_INVALIDATE_HASH = 0x2 - BPF_F_HDR_FIELD_MASK = 0xf - BPF_F_PSEUDO_HDR = 0x10 - BPF_F_MARK_MANGLED_0 = 0x20 - BPF_F_MARK_ENFORCE = 0x40 - BPF_F_INGRESS = 0x1 - BPF_F_TUNINFO_IPV6 = 0x1 - BPF_F_SKIP_FIELD_MASK = 0xff - BPF_F_USER_STACK = 0x100 - BPF_F_FAST_STACK_CMP = 0x200 - BPF_F_REUSE_STACKID = 0x400 - BPF_F_USER_BUILD_ID = 0x800 - BPF_F_ZERO_CSUM_TX = 0x2 - BPF_F_DONT_FRAGMENT = 0x4 - BPF_F_SEQ_NUMBER = 0x8 - BPF_F_INDEX_MASK = 0xffffffff - BPF_F_CURRENT_CPU = 0xffffffff - BPF_F_CTXLEN_MASK = 0xfffff00000000 - BPF_F_CURRENT_NETNS = -0x1 - BPF_CSUM_LEVEL_QUERY = 0x0 - BPF_CSUM_LEVEL_INC = 0x1 - BPF_CSUM_LEVEL_DEC = 0x2 - BPF_CSUM_LEVEL_RESET = 0x3 - BPF_F_ADJ_ROOM_FIXED_GSO = 0x1 - BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2 - BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4 - BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8 - BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 - BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 - BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff - BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 - BPF_F_SYSCTL_BASE_NAME = 0x1 - BPF_SK_STORAGE_GET_F_CREATE = 0x1 - BPF_F_GET_BRANCH_RECORDS_SIZE = 0x1 - BPF_RB_NO_WAKEUP = 0x1 - BPF_RB_FORCE_WAKEUP = 0x2 - BPF_RB_AVAIL_DATA = 0x0 - BPF_RB_RING_SIZE = 0x1 - BPF_RB_CONS_POS = 0x2 - BPF_RB_PROD_POS = 0x3 - BPF_RINGBUF_BUSY_BIT = 0x80000000 - BPF_RINGBUF_DISCARD_BIT = 0x40000000 - BPF_RINGBUF_HDR_SZ = 0x8 - BPF_ADJ_ROOM_NET = 0x0 - BPF_ADJ_ROOM_MAC = 0x1 - BPF_HDR_START_MAC = 0x0 - BPF_HDR_START_NET = 0x1 - BPF_LWT_ENCAP_SEG6 = 0x0 - BPF_LWT_ENCAP_SEG6_INLINE = 0x1 - BPF_LWT_ENCAP_IP = 0x2 - BPF_OK = 0x0 - BPF_DROP = 0x2 - BPF_REDIRECT = 0x7 - BPF_LWT_REROUTE = 0x80 - BPF_SOCK_OPS_RTO_CB_FLAG = 0x1 - BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2 - BPF_SOCK_OPS_STATE_CB_FLAG = 0x4 - BPF_SOCK_OPS_RTT_CB_FLAG = 0x8 - BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf - BPF_SOCK_OPS_VOID = 0x0 - BPF_SOCK_OPS_TIMEOUT_INIT = 0x1 - BPF_SOCK_OPS_RWND_INIT = 0x2 - BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3 - BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4 - BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5 - BPF_SOCK_OPS_NEEDS_ECN = 0x6 - BPF_SOCK_OPS_BASE_RTT = 0x7 - BPF_SOCK_OPS_RTO_CB = 0x8 - BPF_SOCK_OPS_RETRANS_CB = 0x9 - BPF_SOCK_OPS_STATE_CB = 0xa - BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb - BPF_SOCK_OPS_RTT_CB = 0xc - BPF_TCP_ESTABLISHED = 0x1 - BPF_TCP_SYN_SENT = 0x2 - BPF_TCP_SYN_RECV = 0x3 - BPF_TCP_FIN_WAIT1 = 0x4 - BPF_TCP_FIN_WAIT2 = 0x5 - BPF_TCP_TIME_WAIT = 0x6 - BPF_TCP_CLOSE = 0x7 - BPF_TCP_CLOSE_WAIT = 0x8 - BPF_TCP_LAST_ACK = 0x9 - BPF_TCP_LISTEN = 0xa - BPF_TCP_CLOSING = 0xb - BPF_TCP_NEW_SYN_RECV = 0xc - BPF_TCP_MAX_STATES = 0xd - TCP_BPF_IW = 0x3e9 - TCP_BPF_SNDCWND_CLAMP = 0x3ea - BPF_DEVCG_ACC_MKNOD = 0x1 - BPF_DEVCG_ACC_READ = 0x2 - BPF_DEVCG_ACC_WRITE = 0x4 - BPF_DEVCG_DEV_BLOCK = 0x1 - BPF_DEVCG_DEV_CHAR = 0x2 - BPF_FIB_LOOKUP_DIRECT = 0x1 - BPF_FIB_LOOKUP_OUTPUT = 0x2 - BPF_FIB_LKUP_RET_SUCCESS = 0x0 - BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 - BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 - BPF_FIB_LKUP_RET_PROHIBIT = 0x3 - BPF_FIB_LKUP_RET_NOT_FWDED = 0x4 - BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5 - BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6 - BPF_FIB_LKUP_RET_NO_NEIGH = 0x7 - BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8 - BPF_FD_TYPE_RAW_TRACEPOINT = 0x0 - BPF_FD_TYPE_TRACEPOINT = 0x1 - BPF_FD_TYPE_KPROBE = 0x2 - BPF_FD_TYPE_KRETPROBE = 0x3 - BPF_FD_TYPE_UPROBE = 0x4 - BPF_FD_TYPE_URETPROBE = 0x5 - BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1 - BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2 - BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4 + BPF_REG_0 = 0x0 + BPF_REG_1 = 0x1 + BPF_REG_2 = 0x2 + BPF_REG_3 = 0x3 + BPF_REG_4 = 0x4 + BPF_REG_5 = 0x5 + BPF_REG_6 = 0x6 + BPF_REG_7 = 0x7 + BPF_REG_8 = 0x8 + BPF_REG_9 = 0x9 + BPF_REG_10 = 0xa + BPF_MAP_CREATE = 0x0 + BPF_MAP_LOOKUP_ELEM = 0x1 + BPF_MAP_UPDATE_ELEM = 0x2 + BPF_MAP_DELETE_ELEM = 0x3 + BPF_MAP_GET_NEXT_KEY = 0x4 + BPF_PROG_LOAD = 0x5 + BPF_OBJ_PIN = 0x6 + BPF_OBJ_GET = 0x7 + BPF_PROG_ATTACH = 0x8 + BPF_PROG_DETACH = 0x9 + BPF_PROG_TEST_RUN = 0xa + BPF_PROG_GET_NEXT_ID = 0xb + BPF_MAP_GET_NEXT_ID = 0xc + BPF_PROG_GET_FD_BY_ID = 0xd + BPF_MAP_GET_FD_BY_ID = 0xe + BPF_OBJ_GET_INFO_BY_FD = 0xf + BPF_PROG_QUERY = 0x10 + BPF_RAW_TRACEPOINT_OPEN = 0x11 + BPF_BTF_LOAD = 0x12 + BPF_BTF_GET_FD_BY_ID = 0x13 + BPF_TASK_FD_QUERY = 0x14 + BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15 + BPF_MAP_FREEZE = 0x16 + BPF_BTF_GET_NEXT_ID = 0x17 + BPF_MAP_LOOKUP_BATCH = 0x18 + BPF_MAP_LOOKUP_AND_DELETE_BATCH = 0x19 + BPF_MAP_UPDATE_BATCH = 0x1a + BPF_MAP_DELETE_BATCH = 0x1b + BPF_LINK_CREATE = 0x1c + BPF_LINK_UPDATE = 0x1d + BPF_LINK_GET_FD_BY_ID = 0x1e + BPF_LINK_GET_NEXT_ID = 0x1f + BPF_ENABLE_STATS = 0x20 + BPF_ITER_CREATE = 0x21 + BPF_LINK_DETACH = 0x22 + BPF_PROG_BIND_MAP = 0x23 + BPF_MAP_TYPE_UNSPEC = 0x0 + BPF_MAP_TYPE_HASH = 0x1 + BPF_MAP_TYPE_ARRAY = 0x2 + BPF_MAP_TYPE_PROG_ARRAY = 0x3 + BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4 + BPF_MAP_TYPE_PERCPU_HASH = 0x5 + BPF_MAP_TYPE_PERCPU_ARRAY = 0x6 + BPF_MAP_TYPE_STACK_TRACE = 0x7 + BPF_MAP_TYPE_CGROUP_ARRAY = 0x8 + BPF_MAP_TYPE_LRU_HASH = 0x9 + BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa + BPF_MAP_TYPE_LPM_TRIE = 0xb + BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc + BPF_MAP_TYPE_HASH_OF_MAPS = 0xd + BPF_MAP_TYPE_DEVMAP = 0xe + BPF_MAP_TYPE_SOCKMAP = 0xf + BPF_MAP_TYPE_CPUMAP = 0x10 + BPF_MAP_TYPE_XSKMAP = 0x11 + BPF_MAP_TYPE_SOCKHASH = 0x12 + BPF_MAP_TYPE_CGROUP_STORAGE = 0x13 + BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14 + BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15 + BPF_MAP_TYPE_QUEUE = 0x16 + BPF_MAP_TYPE_STACK = 0x17 + BPF_MAP_TYPE_SK_STORAGE = 0x18 + BPF_MAP_TYPE_DEVMAP_HASH = 0x19 + BPF_MAP_TYPE_STRUCT_OPS = 0x1a + BPF_MAP_TYPE_RINGBUF = 0x1b + BPF_MAP_TYPE_INODE_STORAGE = 0x1c + BPF_PROG_TYPE_UNSPEC = 0x0 + BPF_PROG_TYPE_SOCKET_FILTER = 0x1 + BPF_PROG_TYPE_KPROBE = 0x2 + BPF_PROG_TYPE_SCHED_CLS = 0x3 + BPF_PROG_TYPE_SCHED_ACT = 0x4 + BPF_PROG_TYPE_TRACEPOINT = 0x5 + BPF_PROG_TYPE_XDP = 0x6 + BPF_PROG_TYPE_PERF_EVENT = 0x7 + BPF_PROG_TYPE_CGROUP_SKB = 0x8 + BPF_PROG_TYPE_CGROUP_SOCK = 0x9 + BPF_PROG_TYPE_LWT_IN = 0xa + BPF_PROG_TYPE_LWT_OUT = 0xb + BPF_PROG_TYPE_LWT_XMIT = 0xc + BPF_PROG_TYPE_SOCK_OPS = 0xd + BPF_PROG_TYPE_SK_SKB = 0xe + BPF_PROG_TYPE_CGROUP_DEVICE = 0xf + BPF_PROG_TYPE_SK_MSG = 0x10 + BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11 + BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12 + BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13 + BPF_PROG_TYPE_LIRC_MODE2 = 0x14 + BPF_PROG_TYPE_SK_REUSEPORT = 0x15 + BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16 + BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17 + BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18 + BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19 + BPF_PROG_TYPE_TRACING = 0x1a + BPF_PROG_TYPE_STRUCT_OPS = 0x1b + BPF_PROG_TYPE_EXT = 0x1c + BPF_PROG_TYPE_LSM = 0x1d + BPF_PROG_TYPE_SK_LOOKUP = 0x1e + BPF_CGROUP_INET_INGRESS = 0x0 + BPF_CGROUP_INET_EGRESS = 0x1 + BPF_CGROUP_INET_SOCK_CREATE = 0x2 + BPF_CGROUP_SOCK_OPS = 0x3 + BPF_SK_SKB_STREAM_PARSER = 0x4 + BPF_SK_SKB_STREAM_VERDICT = 0x5 + BPF_CGROUP_DEVICE = 0x6 + BPF_SK_MSG_VERDICT = 0x7 + BPF_CGROUP_INET4_BIND = 0x8 + BPF_CGROUP_INET6_BIND = 0x9 + BPF_CGROUP_INET4_CONNECT = 0xa + BPF_CGROUP_INET6_CONNECT = 0xb + BPF_CGROUP_INET4_POST_BIND = 0xc + BPF_CGROUP_INET6_POST_BIND = 0xd + BPF_CGROUP_UDP4_SENDMSG = 0xe + BPF_CGROUP_UDP6_SENDMSG = 0xf + BPF_LIRC_MODE2 = 0x10 + BPF_FLOW_DISSECTOR = 0x11 + BPF_CGROUP_SYSCTL = 0x12 + BPF_CGROUP_UDP4_RECVMSG = 0x13 + BPF_CGROUP_UDP6_RECVMSG = 0x14 + BPF_CGROUP_GETSOCKOPT = 0x15 + BPF_CGROUP_SETSOCKOPT = 0x16 + BPF_TRACE_RAW_TP = 0x17 + BPF_TRACE_FENTRY = 0x18 + BPF_TRACE_FEXIT = 0x19 + BPF_MODIFY_RETURN = 0x1a + BPF_LSM_MAC = 0x1b + BPF_TRACE_ITER = 0x1c + BPF_CGROUP_INET4_GETPEERNAME = 0x1d + BPF_CGROUP_INET6_GETPEERNAME = 0x1e + BPF_CGROUP_INET4_GETSOCKNAME = 0x1f + BPF_CGROUP_INET6_GETSOCKNAME = 0x20 + BPF_XDP_DEVMAP = 0x21 + BPF_CGROUP_INET_SOCK_RELEASE = 0x22 + BPF_XDP_CPUMAP = 0x23 + BPF_SK_LOOKUP = 0x24 + BPF_XDP = 0x25 + BPF_LINK_TYPE_UNSPEC = 0x0 + BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 + BPF_LINK_TYPE_TRACING = 0x2 + BPF_LINK_TYPE_CGROUP = 0x3 + BPF_LINK_TYPE_ITER = 0x4 + BPF_LINK_TYPE_NETNS = 0x5 + BPF_LINK_TYPE_XDP = 0x6 + BPF_ANY = 0x0 + BPF_NOEXIST = 0x1 + BPF_EXIST = 0x2 + BPF_F_LOCK = 0x4 + BPF_F_NO_PREALLOC = 0x1 + BPF_F_NO_COMMON_LRU = 0x2 + BPF_F_NUMA_NODE = 0x4 + BPF_F_RDONLY = 0x8 + BPF_F_WRONLY = 0x10 + BPF_F_STACK_BUILD_ID = 0x20 + BPF_F_ZERO_SEED = 0x40 + BPF_F_RDONLY_PROG = 0x80 + BPF_F_WRONLY_PROG = 0x100 + BPF_F_CLONE = 0x200 + BPF_F_MMAPABLE = 0x400 + BPF_F_PRESERVE_ELEMS = 0x800 + BPF_F_INNER_MAP = 0x1000 + BPF_STATS_RUN_TIME = 0x0 + BPF_STACK_BUILD_ID_EMPTY = 0x0 + BPF_STACK_BUILD_ID_VALID = 0x1 + BPF_STACK_BUILD_ID_IP = 0x2 + BPF_F_RECOMPUTE_CSUM = 0x1 + BPF_F_INVALIDATE_HASH = 0x2 + BPF_F_HDR_FIELD_MASK = 0xf + BPF_F_PSEUDO_HDR = 0x10 + BPF_F_MARK_MANGLED_0 = 0x20 + BPF_F_MARK_ENFORCE = 0x40 + BPF_F_INGRESS = 0x1 + BPF_F_TUNINFO_IPV6 = 0x1 + BPF_F_SKIP_FIELD_MASK = 0xff + BPF_F_USER_STACK = 0x100 + BPF_F_FAST_STACK_CMP = 0x200 + BPF_F_REUSE_STACKID = 0x400 + BPF_F_USER_BUILD_ID = 0x800 + BPF_F_ZERO_CSUM_TX = 0x2 + BPF_F_DONT_FRAGMENT = 0x4 + BPF_F_SEQ_NUMBER = 0x8 + BPF_F_INDEX_MASK = 0xffffffff + BPF_F_CURRENT_CPU = 0xffffffff + BPF_F_CTXLEN_MASK = 0xfffff00000000 + BPF_F_CURRENT_NETNS = -0x1 + BPF_CSUM_LEVEL_QUERY = 0x0 + BPF_CSUM_LEVEL_INC = 0x1 + BPF_CSUM_LEVEL_DEC = 0x2 + BPF_CSUM_LEVEL_RESET = 0x3 + BPF_F_ADJ_ROOM_FIXED_GSO = 0x1 + BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2 + BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4 + BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8 + BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 + BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 + BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff + BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 + BPF_F_SYSCTL_BASE_NAME = 0x1 + BPF_LOCAL_STORAGE_GET_F_CREATE = 0x1 + BPF_SK_STORAGE_GET_F_CREATE = 0x1 + BPF_F_GET_BRANCH_RECORDS_SIZE = 0x1 + BPF_RB_NO_WAKEUP = 0x1 + BPF_RB_FORCE_WAKEUP = 0x2 + BPF_RB_AVAIL_DATA = 0x0 + BPF_RB_RING_SIZE = 0x1 + BPF_RB_CONS_POS = 0x2 + BPF_RB_PROD_POS = 0x3 + BPF_RINGBUF_BUSY_BIT = 0x80000000 + BPF_RINGBUF_DISCARD_BIT = 0x40000000 + BPF_RINGBUF_HDR_SZ = 0x8 + BPF_SK_LOOKUP_F_REPLACE = 0x1 + BPF_SK_LOOKUP_F_NO_REUSEPORT = 0x2 + BPF_ADJ_ROOM_NET = 0x0 + BPF_ADJ_ROOM_MAC = 0x1 + BPF_HDR_START_MAC = 0x0 + BPF_HDR_START_NET = 0x1 + BPF_LWT_ENCAP_SEG6 = 0x0 + BPF_LWT_ENCAP_SEG6_INLINE = 0x1 + BPF_LWT_ENCAP_IP = 0x2 + BPF_OK = 0x0 + BPF_DROP = 0x2 + BPF_REDIRECT = 0x7 + BPF_LWT_REROUTE = 0x80 + BPF_SOCK_OPS_RTO_CB_FLAG = 0x1 + BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2 + BPF_SOCK_OPS_STATE_CB_FLAG = 0x4 + BPF_SOCK_OPS_RTT_CB_FLAG = 0x8 + BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG = 0x10 + BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG = 0x20 + BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = 0x40 + BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7f + BPF_SOCK_OPS_VOID = 0x0 + BPF_SOCK_OPS_TIMEOUT_INIT = 0x1 + BPF_SOCK_OPS_RWND_INIT = 0x2 + BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3 + BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4 + BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5 + BPF_SOCK_OPS_NEEDS_ECN = 0x6 + BPF_SOCK_OPS_BASE_RTT = 0x7 + BPF_SOCK_OPS_RTO_CB = 0x8 + BPF_SOCK_OPS_RETRANS_CB = 0x9 + BPF_SOCK_OPS_STATE_CB = 0xa + BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb + BPF_SOCK_OPS_RTT_CB = 0xc + BPF_SOCK_OPS_PARSE_HDR_OPT_CB = 0xd + BPF_SOCK_OPS_HDR_OPT_LEN_CB = 0xe + BPF_SOCK_OPS_WRITE_HDR_OPT_CB = 0xf + BPF_TCP_ESTABLISHED = 0x1 + BPF_TCP_SYN_SENT = 0x2 + BPF_TCP_SYN_RECV = 0x3 + BPF_TCP_FIN_WAIT1 = 0x4 + BPF_TCP_FIN_WAIT2 = 0x5 + BPF_TCP_TIME_WAIT = 0x6 + BPF_TCP_CLOSE = 0x7 + BPF_TCP_CLOSE_WAIT = 0x8 + BPF_TCP_LAST_ACK = 0x9 + BPF_TCP_LISTEN = 0xa + BPF_TCP_CLOSING = 0xb + BPF_TCP_NEW_SYN_RECV = 0xc + BPF_TCP_MAX_STATES = 0xd + TCP_BPF_IW = 0x3e9 + TCP_BPF_SNDCWND_CLAMP = 0x3ea + TCP_BPF_DELACK_MAX = 0x3eb + TCP_BPF_RTO_MIN = 0x3ec + TCP_BPF_SYN = 0x3ed + TCP_BPF_SYN_IP = 0x3ee + TCP_BPF_SYN_MAC = 0x3ef + BPF_LOAD_HDR_OPT_TCP_SYN = 0x1 + BPF_WRITE_HDR_TCP_CURRENT_MSS = 0x1 + BPF_WRITE_HDR_TCP_SYNACK_COOKIE = 0x2 + BPF_DEVCG_ACC_MKNOD = 0x1 + BPF_DEVCG_ACC_READ = 0x2 + BPF_DEVCG_ACC_WRITE = 0x4 + BPF_DEVCG_DEV_BLOCK = 0x1 + BPF_DEVCG_DEV_CHAR = 0x2 + BPF_FIB_LOOKUP_DIRECT = 0x1 + BPF_FIB_LOOKUP_OUTPUT = 0x2 + BPF_FIB_LKUP_RET_SUCCESS = 0x0 + BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 + BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 + BPF_FIB_LKUP_RET_PROHIBIT = 0x3 + BPF_FIB_LKUP_RET_NOT_FWDED = 0x4 + BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5 + BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6 + BPF_FIB_LKUP_RET_NO_NEIGH = 0x7 + BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8 + BPF_FD_TYPE_RAW_TRACEPOINT = 0x0 + BPF_FD_TYPE_TRACEPOINT = 0x1 + BPF_FD_TYPE_KPROBE = 0x2 + BPF_FD_TYPE_KRETPROBE = 0x3 + BPF_FD_TYPE_UPROBE = 0x4 + BPF_FD_TYPE_URETPROBE = 0x5 + BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1 + BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2 + BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4 ) const ( @@ -2356,6 +2718,7 @@ const ( RTNLGRP_IPV4_MROUTE_R = 0x1e RTNLGRP_IPV6_MROUTE_R = 0x1f RTNLGRP_NEXTHOP = 0x20 + RTNLGRP_BRVLAN = 0x21 ) type CapUserHeader struct { @@ -2450,132 +2813,317 @@ const ( ) const ( - DEVLINK_CMD_UNSPEC = 0x0 - DEVLINK_CMD_GET = 0x1 - DEVLINK_CMD_SET = 0x2 - DEVLINK_CMD_NEW = 0x3 - DEVLINK_CMD_DEL = 0x4 - DEVLINK_CMD_PORT_GET = 0x5 - DEVLINK_CMD_PORT_SET = 0x6 - DEVLINK_CMD_PORT_NEW = 0x7 - DEVLINK_CMD_PORT_DEL = 0x8 - DEVLINK_CMD_PORT_SPLIT = 0x9 - DEVLINK_CMD_PORT_UNSPLIT = 0xa - DEVLINK_CMD_SB_GET = 0xb - DEVLINK_CMD_SB_SET = 0xc - DEVLINK_CMD_SB_NEW = 0xd - DEVLINK_CMD_SB_DEL = 0xe - DEVLINK_CMD_SB_POOL_GET = 0xf - DEVLINK_CMD_SB_POOL_SET = 0x10 - DEVLINK_CMD_SB_POOL_NEW = 0x11 - DEVLINK_CMD_SB_POOL_DEL = 0x12 - DEVLINK_CMD_SB_PORT_POOL_GET = 0x13 - DEVLINK_CMD_SB_PORT_POOL_SET = 0x14 - DEVLINK_CMD_SB_PORT_POOL_NEW = 0x15 - DEVLINK_CMD_SB_PORT_POOL_DEL = 0x16 - DEVLINK_CMD_SB_TC_POOL_BIND_GET = 0x17 - DEVLINK_CMD_SB_TC_POOL_BIND_SET = 0x18 - DEVLINK_CMD_SB_TC_POOL_BIND_NEW = 0x19 - DEVLINK_CMD_SB_TC_POOL_BIND_DEL = 0x1a - DEVLINK_CMD_SB_OCC_SNAPSHOT = 0x1b - DEVLINK_CMD_SB_OCC_MAX_CLEAR = 0x1c - DEVLINK_CMD_ESWITCH_GET = 0x1d - DEVLINK_CMD_ESWITCH_SET = 0x1e - DEVLINK_CMD_DPIPE_TABLE_GET = 0x1f - DEVLINK_CMD_DPIPE_ENTRIES_GET = 0x20 - DEVLINK_CMD_DPIPE_HEADERS_GET = 0x21 - DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET = 0x22 - DEVLINK_CMD_MAX = 0x48 - DEVLINK_PORT_TYPE_NOTSET = 0x0 - DEVLINK_PORT_TYPE_AUTO = 0x1 - DEVLINK_PORT_TYPE_ETH = 0x2 - DEVLINK_PORT_TYPE_IB = 0x3 - DEVLINK_SB_POOL_TYPE_INGRESS = 0x0 - DEVLINK_SB_POOL_TYPE_EGRESS = 0x1 - DEVLINK_SB_THRESHOLD_TYPE_STATIC = 0x0 - DEVLINK_SB_THRESHOLD_TYPE_DYNAMIC = 0x1 - DEVLINK_ESWITCH_MODE_LEGACY = 0x0 - DEVLINK_ESWITCH_MODE_SWITCHDEV = 0x1 - DEVLINK_ESWITCH_INLINE_MODE_NONE = 0x0 - DEVLINK_ESWITCH_INLINE_MODE_LINK = 0x1 - DEVLINK_ESWITCH_INLINE_MODE_NETWORK = 0x2 - DEVLINK_ESWITCH_INLINE_MODE_TRANSPORT = 0x3 - DEVLINK_ESWITCH_ENCAP_MODE_NONE = 0x0 - DEVLINK_ESWITCH_ENCAP_MODE_BASIC = 0x1 - DEVLINK_ATTR_UNSPEC = 0x0 - DEVLINK_ATTR_BUS_NAME = 0x1 - DEVLINK_ATTR_DEV_NAME = 0x2 - DEVLINK_ATTR_PORT_INDEX = 0x3 - DEVLINK_ATTR_PORT_TYPE = 0x4 - DEVLINK_ATTR_PORT_DESIRED_TYPE = 0x5 - DEVLINK_ATTR_PORT_NETDEV_IFINDEX = 0x6 - DEVLINK_ATTR_PORT_NETDEV_NAME = 0x7 - DEVLINK_ATTR_PORT_IBDEV_NAME = 0x8 - DEVLINK_ATTR_PORT_SPLIT_COUNT = 0x9 - DEVLINK_ATTR_PORT_SPLIT_GROUP = 0xa - DEVLINK_ATTR_SB_INDEX = 0xb - DEVLINK_ATTR_SB_SIZE = 0xc - DEVLINK_ATTR_SB_INGRESS_POOL_COUNT = 0xd - DEVLINK_ATTR_SB_EGRESS_POOL_COUNT = 0xe - DEVLINK_ATTR_SB_INGRESS_TC_COUNT = 0xf - DEVLINK_ATTR_SB_EGRESS_TC_COUNT = 0x10 - DEVLINK_ATTR_SB_POOL_INDEX = 0x11 - DEVLINK_ATTR_SB_POOL_TYPE = 0x12 - DEVLINK_ATTR_SB_POOL_SIZE = 0x13 - DEVLINK_ATTR_SB_POOL_THRESHOLD_TYPE = 0x14 - DEVLINK_ATTR_SB_THRESHOLD = 0x15 - DEVLINK_ATTR_SB_TC_INDEX = 0x16 - DEVLINK_ATTR_SB_OCC_CUR = 0x17 - DEVLINK_ATTR_SB_OCC_MAX = 0x18 - DEVLINK_ATTR_ESWITCH_MODE = 0x19 - DEVLINK_ATTR_ESWITCH_INLINE_MODE = 0x1a - DEVLINK_ATTR_DPIPE_TABLES = 0x1b - DEVLINK_ATTR_DPIPE_TABLE = 0x1c - DEVLINK_ATTR_DPIPE_TABLE_NAME = 0x1d - DEVLINK_ATTR_DPIPE_TABLE_SIZE = 0x1e - DEVLINK_ATTR_DPIPE_TABLE_MATCHES = 0x1f - DEVLINK_ATTR_DPIPE_TABLE_ACTIONS = 0x20 - DEVLINK_ATTR_DPIPE_TABLE_COUNTERS_ENABLED = 0x21 - DEVLINK_ATTR_DPIPE_ENTRIES = 0x22 - DEVLINK_ATTR_DPIPE_ENTRY = 0x23 - DEVLINK_ATTR_DPIPE_ENTRY_INDEX = 0x24 - DEVLINK_ATTR_DPIPE_ENTRY_MATCH_VALUES = 0x25 - DEVLINK_ATTR_DPIPE_ENTRY_ACTION_VALUES = 0x26 - DEVLINK_ATTR_DPIPE_ENTRY_COUNTER = 0x27 - DEVLINK_ATTR_DPIPE_MATCH = 0x28 - DEVLINK_ATTR_DPIPE_MATCH_VALUE = 0x29 - DEVLINK_ATTR_DPIPE_MATCH_TYPE = 0x2a - DEVLINK_ATTR_DPIPE_ACTION = 0x2b - DEVLINK_ATTR_DPIPE_ACTION_VALUE = 0x2c - DEVLINK_ATTR_DPIPE_ACTION_TYPE = 0x2d - DEVLINK_ATTR_DPIPE_VALUE = 0x2e - DEVLINK_ATTR_DPIPE_VALUE_MASK = 0x2f - DEVLINK_ATTR_DPIPE_VALUE_MAPPING = 0x30 - DEVLINK_ATTR_DPIPE_HEADERS = 0x31 - DEVLINK_ATTR_DPIPE_HEADER = 0x32 - DEVLINK_ATTR_DPIPE_HEADER_NAME = 0x33 - DEVLINK_ATTR_DPIPE_HEADER_ID = 0x34 - DEVLINK_ATTR_DPIPE_HEADER_FIELDS = 0x35 - DEVLINK_ATTR_DPIPE_HEADER_GLOBAL = 0x36 - DEVLINK_ATTR_DPIPE_HEADER_INDEX = 0x37 - DEVLINK_ATTR_DPIPE_FIELD = 0x38 - DEVLINK_ATTR_DPIPE_FIELD_NAME = 0x39 - DEVLINK_ATTR_DPIPE_FIELD_ID = 0x3a - DEVLINK_ATTR_DPIPE_FIELD_BITWIDTH = 0x3b - DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE = 0x3c - DEVLINK_ATTR_PAD = 0x3d - DEVLINK_ATTR_ESWITCH_ENCAP_MODE = 0x3e - DEVLINK_ATTR_MAX = 0x94 - DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 - DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 - DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 - DEVLINK_DPIPE_ACTION_TYPE_FIELD_MODIFY = 0x0 - DEVLINK_DPIPE_FIELD_ETHERNET_DST_MAC = 0x0 - DEVLINK_DPIPE_FIELD_IPV4_DST_IP = 0x0 - DEVLINK_DPIPE_FIELD_IPV6_DST_IP = 0x0 - DEVLINK_DPIPE_HEADER_ETHERNET = 0x0 - DEVLINK_DPIPE_HEADER_IPV4 = 0x1 - DEVLINK_DPIPE_HEADER_IPV6 = 0x2 + DEVLINK_CMD_UNSPEC = 0x0 + DEVLINK_CMD_GET = 0x1 + DEVLINK_CMD_SET = 0x2 + DEVLINK_CMD_NEW = 0x3 + DEVLINK_CMD_DEL = 0x4 + DEVLINK_CMD_PORT_GET = 0x5 + DEVLINK_CMD_PORT_SET = 0x6 + DEVLINK_CMD_PORT_NEW = 0x7 + DEVLINK_CMD_PORT_DEL = 0x8 + DEVLINK_CMD_PORT_SPLIT = 0x9 + DEVLINK_CMD_PORT_UNSPLIT = 0xa + DEVLINK_CMD_SB_GET = 0xb + DEVLINK_CMD_SB_SET = 0xc + DEVLINK_CMD_SB_NEW = 0xd + DEVLINK_CMD_SB_DEL = 0xe + DEVLINK_CMD_SB_POOL_GET = 0xf + DEVLINK_CMD_SB_POOL_SET = 0x10 + DEVLINK_CMD_SB_POOL_NEW = 0x11 + DEVLINK_CMD_SB_POOL_DEL = 0x12 + DEVLINK_CMD_SB_PORT_POOL_GET = 0x13 + DEVLINK_CMD_SB_PORT_POOL_SET = 0x14 + DEVLINK_CMD_SB_PORT_POOL_NEW = 0x15 + DEVLINK_CMD_SB_PORT_POOL_DEL = 0x16 + DEVLINK_CMD_SB_TC_POOL_BIND_GET = 0x17 + DEVLINK_CMD_SB_TC_POOL_BIND_SET = 0x18 + DEVLINK_CMD_SB_TC_POOL_BIND_NEW = 0x19 + DEVLINK_CMD_SB_TC_POOL_BIND_DEL = 0x1a + DEVLINK_CMD_SB_OCC_SNAPSHOT = 0x1b + DEVLINK_CMD_SB_OCC_MAX_CLEAR = 0x1c + DEVLINK_CMD_ESWITCH_GET = 0x1d + DEVLINK_CMD_ESWITCH_SET = 0x1e + DEVLINK_CMD_DPIPE_TABLE_GET = 0x1f + DEVLINK_CMD_DPIPE_ENTRIES_GET = 0x20 + DEVLINK_CMD_DPIPE_HEADERS_GET = 0x21 + DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET = 0x22 + DEVLINK_CMD_RESOURCE_SET = 0x23 + DEVLINK_CMD_RESOURCE_DUMP = 0x24 + DEVLINK_CMD_RELOAD = 0x25 + DEVLINK_CMD_PARAM_GET = 0x26 + DEVLINK_CMD_PARAM_SET = 0x27 + DEVLINK_CMD_PARAM_NEW = 0x28 + DEVLINK_CMD_PARAM_DEL = 0x29 + DEVLINK_CMD_REGION_GET = 0x2a + DEVLINK_CMD_REGION_SET = 0x2b + DEVLINK_CMD_REGION_NEW = 0x2c + DEVLINK_CMD_REGION_DEL = 0x2d + DEVLINK_CMD_REGION_READ = 0x2e + DEVLINK_CMD_PORT_PARAM_GET = 0x2f + DEVLINK_CMD_PORT_PARAM_SET = 0x30 + DEVLINK_CMD_PORT_PARAM_NEW = 0x31 + DEVLINK_CMD_PORT_PARAM_DEL = 0x32 + DEVLINK_CMD_INFO_GET = 0x33 + DEVLINK_CMD_HEALTH_REPORTER_GET = 0x34 + DEVLINK_CMD_HEALTH_REPORTER_SET = 0x35 + DEVLINK_CMD_HEALTH_REPORTER_RECOVER = 0x36 + DEVLINK_CMD_HEALTH_REPORTER_DIAGNOSE = 0x37 + DEVLINK_CMD_HEALTH_REPORTER_DUMP_GET = 0x38 + DEVLINK_CMD_HEALTH_REPORTER_DUMP_CLEAR = 0x39 + DEVLINK_CMD_FLASH_UPDATE = 0x3a + DEVLINK_CMD_FLASH_UPDATE_END = 0x3b + DEVLINK_CMD_FLASH_UPDATE_STATUS = 0x3c + DEVLINK_CMD_TRAP_GET = 0x3d + DEVLINK_CMD_TRAP_SET = 0x3e + DEVLINK_CMD_TRAP_NEW = 0x3f + DEVLINK_CMD_TRAP_DEL = 0x40 + DEVLINK_CMD_TRAP_GROUP_GET = 0x41 + DEVLINK_CMD_TRAP_GROUP_SET = 0x42 + DEVLINK_CMD_TRAP_GROUP_NEW = 0x43 + DEVLINK_CMD_TRAP_GROUP_DEL = 0x44 + DEVLINK_CMD_TRAP_POLICER_GET = 0x45 + DEVLINK_CMD_TRAP_POLICER_SET = 0x46 + DEVLINK_CMD_TRAP_POLICER_NEW = 0x47 + DEVLINK_CMD_TRAP_POLICER_DEL = 0x48 + DEVLINK_CMD_HEALTH_REPORTER_TEST = 0x49 + DEVLINK_CMD_MAX = 0x49 + DEVLINK_PORT_TYPE_NOTSET = 0x0 + DEVLINK_PORT_TYPE_AUTO = 0x1 + DEVLINK_PORT_TYPE_ETH = 0x2 + DEVLINK_PORT_TYPE_IB = 0x3 + DEVLINK_SB_POOL_TYPE_INGRESS = 0x0 + DEVLINK_SB_POOL_TYPE_EGRESS = 0x1 + DEVLINK_SB_THRESHOLD_TYPE_STATIC = 0x0 + DEVLINK_SB_THRESHOLD_TYPE_DYNAMIC = 0x1 + DEVLINK_ESWITCH_MODE_LEGACY = 0x0 + DEVLINK_ESWITCH_MODE_SWITCHDEV = 0x1 + DEVLINK_ESWITCH_INLINE_MODE_NONE = 0x0 + DEVLINK_ESWITCH_INLINE_MODE_LINK = 0x1 + DEVLINK_ESWITCH_INLINE_MODE_NETWORK = 0x2 + DEVLINK_ESWITCH_INLINE_MODE_TRANSPORT = 0x3 + DEVLINK_ESWITCH_ENCAP_MODE_NONE = 0x0 + DEVLINK_ESWITCH_ENCAP_MODE_BASIC = 0x1 + DEVLINK_PORT_FLAVOUR_PHYSICAL = 0x0 + DEVLINK_PORT_FLAVOUR_CPU = 0x1 + DEVLINK_PORT_FLAVOUR_DSA = 0x2 + DEVLINK_PORT_FLAVOUR_PCI_PF = 0x3 + DEVLINK_PORT_FLAVOUR_PCI_VF = 0x4 + DEVLINK_PORT_FLAVOUR_VIRTUAL = 0x5 + DEVLINK_PORT_FLAVOUR_UNUSED = 0x6 + DEVLINK_PARAM_CMODE_RUNTIME = 0x0 + DEVLINK_PARAM_CMODE_DRIVERINIT = 0x1 + DEVLINK_PARAM_CMODE_PERMANENT = 0x2 + DEVLINK_PARAM_CMODE_MAX = 0x2 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_DRIVER = 0x0 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_FLASH = 0x1 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_DISK = 0x2 + DEVLINK_PARAM_FW_LOAD_POLICY_VALUE_UNKNOWN = 0x3 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_UNKNOWN = 0x0 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_ALWAYS = 0x1 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_NEVER = 0x2 + DEVLINK_PARAM_RESET_DEV_ON_DRV_PROBE_VALUE_DISK = 0x3 + DEVLINK_ATTR_STATS_RX_PACKETS = 0x0 + DEVLINK_ATTR_STATS_RX_BYTES = 0x1 + DEVLINK_ATTR_STATS_RX_DROPPED = 0x2 + DEVLINK_ATTR_STATS_MAX = 0x2 + DEVLINK_FLASH_OVERWRITE_SETTINGS_BIT = 0x0 + DEVLINK_FLASH_OVERWRITE_IDENTIFIERS_BIT = 0x1 + DEVLINK_FLASH_OVERWRITE_MAX_BIT = 0x1 + DEVLINK_TRAP_ACTION_DROP = 0x0 + DEVLINK_TRAP_ACTION_TRAP = 0x1 + DEVLINK_TRAP_ACTION_MIRROR = 0x2 + DEVLINK_TRAP_TYPE_DROP = 0x0 + DEVLINK_TRAP_TYPE_EXCEPTION = 0x1 + DEVLINK_TRAP_TYPE_CONTROL = 0x2 + DEVLINK_ATTR_TRAP_METADATA_TYPE_IN_PORT = 0x0 + DEVLINK_ATTR_TRAP_METADATA_TYPE_FA_COOKIE = 0x1 + DEVLINK_RELOAD_ACTION_UNSPEC = 0x0 + DEVLINK_RELOAD_ACTION_DRIVER_REINIT = 0x1 + DEVLINK_RELOAD_ACTION_FW_ACTIVATE = 0x2 + DEVLINK_RELOAD_ACTION_MAX = 0x2 + DEVLINK_RELOAD_LIMIT_UNSPEC = 0x0 + DEVLINK_RELOAD_LIMIT_NO_RESET = 0x1 + DEVLINK_RELOAD_LIMIT_MAX = 0x1 + DEVLINK_ATTR_UNSPEC = 0x0 + DEVLINK_ATTR_BUS_NAME = 0x1 + DEVLINK_ATTR_DEV_NAME = 0x2 + DEVLINK_ATTR_PORT_INDEX = 0x3 + DEVLINK_ATTR_PORT_TYPE = 0x4 + DEVLINK_ATTR_PORT_DESIRED_TYPE = 0x5 + DEVLINK_ATTR_PORT_NETDEV_IFINDEX = 0x6 + DEVLINK_ATTR_PORT_NETDEV_NAME = 0x7 + DEVLINK_ATTR_PORT_IBDEV_NAME = 0x8 + DEVLINK_ATTR_PORT_SPLIT_COUNT = 0x9 + DEVLINK_ATTR_PORT_SPLIT_GROUP = 0xa + DEVLINK_ATTR_SB_INDEX = 0xb + DEVLINK_ATTR_SB_SIZE = 0xc + DEVLINK_ATTR_SB_INGRESS_POOL_COUNT = 0xd + DEVLINK_ATTR_SB_EGRESS_POOL_COUNT = 0xe + DEVLINK_ATTR_SB_INGRESS_TC_COUNT = 0xf + DEVLINK_ATTR_SB_EGRESS_TC_COUNT = 0x10 + DEVLINK_ATTR_SB_POOL_INDEX = 0x11 + DEVLINK_ATTR_SB_POOL_TYPE = 0x12 + DEVLINK_ATTR_SB_POOL_SIZE = 0x13 + DEVLINK_ATTR_SB_POOL_THRESHOLD_TYPE = 0x14 + DEVLINK_ATTR_SB_THRESHOLD = 0x15 + DEVLINK_ATTR_SB_TC_INDEX = 0x16 + DEVLINK_ATTR_SB_OCC_CUR = 0x17 + DEVLINK_ATTR_SB_OCC_MAX = 0x18 + DEVLINK_ATTR_ESWITCH_MODE = 0x19 + DEVLINK_ATTR_ESWITCH_INLINE_MODE = 0x1a + DEVLINK_ATTR_DPIPE_TABLES = 0x1b + DEVLINK_ATTR_DPIPE_TABLE = 0x1c + DEVLINK_ATTR_DPIPE_TABLE_NAME = 0x1d + DEVLINK_ATTR_DPIPE_TABLE_SIZE = 0x1e + DEVLINK_ATTR_DPIPE_TABLE_MATCHES = 0x1f + DEVLINK_ATTR_DPIPE_TABLE_ACTIONS = 0x20 + DEVLINK_ATTR_DPIPE_TABLE_COUNTERS_ENABLED = 0x21 + DEVLINK_ATTR_DPIPE_ENTRIES = 0x22 + DEVLINK_ATTR_DPIPE_ENTRY = 0x23 + DEVLINK_ATTR_DPIPE_ENTRY_INDEX = 0x24 + DEVLINK_ATTR_DPIPE_ENTRY_MATCH_VALUES = 0x25 + DEVLINK_ATTR_DPIPE_ENTRY_ACTION_VALUES = 0x26 + DEVLINK_ATTR_DPIPE_ENTRY_COUNTER = 0x27 + DEVLINK_ATTR_DPIPE_MATCH = 0x28 + DEVLINK_ATTR_DPIPE_MATCH_VALUE = 0x29 + DEVLINK_ATTR_DPIPE_MATCH_TYPE = 0x2a + DEVLINK_ATTR_DPIPE_ACTION = 0x2b + DEVLINK_ATTR_DPIPE_ACTION_VALUE = 0x2c + DEVLINK_ATTR_DPIPE_ACTION_TYPE = 0x2d + DEVLINK_ATTR_DPIPE_VALUE = 0x2e + DEVLINK_ATTR_DPIPE_VALUE_MASK = 0x2f + DEVLINK_ATTR_DPIPE_VALUE_MAPPING = 0x30 + DEVLINK_ATTR_DPIPE_HEADERS = 0x31 + DEVLINK_ATTR_DPIPE_HEADER = 0x32 + DEVLINK_ATTR_DPIPE_HEADER_NAME = 0x33 + DEVLINK_ATTR_DPIPE_HEADER_ID = 0x34 + DEVLINK_ATTR_DPIPE_HEADER_FIELDS = 0x35 + DEVLINK_ATTR_DPIPE_HEADER_GLOBAL = 0x36 + DEVLINK_ATTR_DPIPE_HEADER_INDEX = 0x37 + DEVLINK_ATTR_DPIPE_FIELD = 0x38 + DEVLINK_ATTR_DPIPE_FIELD_NAME = 0x39 + DEVLINK_ATTR_DPIPE_FIELD_ID = 0x3a + DEVLINK_ATTR_DPIPE_FIELD_BITWIDTH = 0x3b + DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE = 0x3c + DEVLINK_ATTR_PAD = 0x3d + DEVLINK_ATTR_ESWITCH_ENCAP_MODE = 0x3e + DEVLINK_ATTR_RESOURCE_LIST = 0x3f + DEVLINK_ATTR_RESOURCE = 0x40 + DEVLINK_ATTR_RESOURCE_NAME = 0x41 + DEVLINK_ATTR_RESOURCE_ID = 0x42 + DEVLINK_ATTR_RESOURCE_SIZE = 0x43 + DEVLINK_ATTR_RESOURCE_SIZE_NEW = 0x44 + DEVLINK_ATTR_RESOURCE_SIZE_VALID = 0x45 + DEVLINK_ATTR_RESOURCE_SIZE_MIN = 0x46 + DEVLINK_ATTR_RESOURCE_SIZE_MAX = 0x47 + DEVLINK_ATTR_RESOURCE_SIZE_GRAN = 0x48 + DEVLINK_ATTR_RESOURCE_UNIT = 0x49 + DEVLINK_ATTR_RESOURCE_OCC = 0x4a + DEVLINK_ATTR_DPIPE_TABLE_RESOURCE_ID = 0x4b + DEVLINK_ATTR_DPIPE_TABLE_RESOURCE_UNITS = 0x4c + DEVLINK_ATTR_PORT_FLAVOUR = 0x4d + DEVLINK_ATTR_PORT_NUMBER = 0x4e + DEVLINK_ATTR_PORT_SPLIT_SUBPORT_NUMBER = 0x4f + DEVLINK_ATTR_PARAM = 0x50 + DEVLINK_ATTR_PARAM_NAME = 0x51 + DEVLINK_ATTR_PARAM_GENERIC = 0x52 + DEVLINK_ATTR_PARAM_TYPE = 0x53 + DEVLINK_ATTR_PARAM_VALUES_LIST = 0x54 + DEVLINK_ATTR_PARAM_VALUE = 0x55 + DEVLINK_ATTR_PARAM_VALUE_DATA = 0x56 + DEVLINK_ATTR_PARAM_VALUE_CMODE = 0x57 + DEVLINK_ATTR_REGION_NAME = 0x58 + DEVLINK_ATTR_REGION_SIZE = 0x59 + DEVLINK_ATTR_REGION_SNAPSHOTS = 0x5a + DEVLINK_ATTR_REGION_SNAPSHOT = 0x5b + DEVLINK_ATTR_REGION_SNAPSHOT_ID = 0x5c + DEVLINK_ATTR_REGION_CHUNKS = 0x5d + DEVLINK_ATTR_REGION_CHUNK = 0x5e + DEVLINK_ATTR_REGION_CHUNK_DATA = 0x5f + DEVLINK_ATTR_REGION_CHUNK_ADDR = 0x60 + DEVLINK_ATTR_REGION_CHUNK_LEN = 0x61 + DEVLINK_ATTR_INFO_DRIVER_NAME = 0x62 + DEVLINK_ATTR_INFO_SERIAL_NUMBER = 0x63 + DEVLINK_ATTR_INFO_VERSION_FIXED = 0x64 + DEVLINK_ATTR_INFO_VERSION_RUNNING = 0x65 + DEVLINK_ATTR_INFO_VERSION_STORED = 0x66 + DEVLINK_ATTR_INFO_VERSION_NAME = 0x67 + DEVLINK_ATTR_INFO_VERSION_VALUE = 0x68 + DEVLINK_ATTR_SB_POOL_CELL_SIZE = 0x69 + DEVLINK_ATTR_FMSG = 0x6a + DEVLINK_ATTR_FMSG_OBJ_NEST_START = 0x6b + DEVLINK_ATTR_FMSG_PAIR_NEST_START = 0x6c + DEVLINK_ATTR_FMSG_ARR_NEST_START = 0x6d + DEVLINK_ATTR_FMSG_NEST_END = 0x6e + DEVLINK_ATTR_FMSG_OBJ_NAME = 0x6f + DEVLINK_ATTR_FMSG_OBJ_VALUE_TYPE = 0x70 + DEVLINK_ATTR_FMSG_OBJ_VALUE_DATA = 0x71 + DEVLINK_ATTR_HEALTH_REPORTER = 0x72 + DEVLINK_ATTR_HEALTH_REPORTER_NAME = 0x73 + DEVLINK_ATTR_HEALTH_REPORTER_STATE = 0x74 + DEVLINK_ATTR_HEALTH_REPORTER_ERR_COUNT = 0x75 + DEVLINK_ATTR_HEALTH_REPORTER_RECOVER_COUNT = 0x76 + DEVLINK_ATTR_HEALTH_REPORTER_DUMP_TS = 0x77 + DEVLINK_ATTR_HEALTH_REPORTER_GRACEFUL_PERIOD = 0x78 + DEVLINK_ATTR_HEALTH_REPORTER_AUTO_RECOVER = 0x79 + DEVLINK_ATTR_FLASH_UPDATE_FILE_NAME = 0x7a + DEVLINK_ATTR_FLASH_UPDATE_COMPONENT = 0x7b + DEVLINK_ATTR_FLASH_UPDATE_STATUS_MSG = 0x7c + DEVLINK_ATTR_FLASH_UPDATE_STATUS_DONE = 0x7d + DEVLINK_ATTR_FLASH_UPDATE_STATUS_TOTAL = 0x7e + DEVLINK_ATTR_PORT_PCI_PF_NUMBER = 0x7f + DEVLINK_ATTR_PORT_PCI_VF_NUMBER = 0x80 + DEVLINK_ATTR_STATS = 0x81 + DEVLINK_ATTR_TRAP_NAME = 0x82 + DEVLINK_ATTR_TRAP_ACTION = 0x83 + DEVLINK_ATTR_TRAP_TYPE = 0x84 + DEVLINK_ATTR_TRAP_GENERIC = 0x85 + DEVLINK_ATTR_TRAP_METADATA = 0x86 + DEVLINK_ATTR_TRAP_GROUP_NAME = 0x87 + DEVLINK_ATTR_RELOAD_FAILED = 0x88 + DEVLINK_ATTR_HEALTH_REPORTER_DUMP_TS_NS = 0x89 + DEVLINK_ATTR_NETNS_FD = 0x8a + DEVLINK_ATTR_NETNS_PID = 0x8b + DEVLINK_ATTR_NETNS_ID = 0x8c + DEVLINK_ATTR_HEALTH_REPORTER_AUTO_DUMP = 0x8d + DEVLINK_ATTR_TRAP_POLICER_ID = 0x8e + DEVLINK_ATTR_TRAP_POLICER_RATE = 0x8f + DEVLINK_ATTR_TRAP_POLICER_BURST = 0x90 + DEVLINK_ATTR_PORT_FUNCTION = 0x91 + DEVLINK_ATTR_INFO_BOARD_SERIAL_NUMBER = 0x92 + DEVLINK_ATTR_PORT_LANES = 0x93 + DEVLINK_ATTR_PORT_SPLITTABLE = 0x94 + DEVLINK_ATTR_PORT_EXTERNAL = 0x95 + DEVLINK_ATTR_PORT_CONTROLLER_NUMBER = 0x96 + DEVLINK_ATTR_FLASH_UPDATE_STATUS_TIMEOUT = 0x97 + DEVLINK_ATTR_FLASH_UPDATE_OVERWRITE_MASK = 0x98 + DEVLINK_ATTR_RELOAD_ACTION = 0x99 + DEVLINK_ATTR_RELOAD_ACTIONS_PERFORMED = 0x9a + DEVLINK_ATTR_RELOAD_LIMITS = 0x9b + DEVLINK_ATTR_DEV_STATS = 0x9c + DEVLINK_ATTR_RELOAD_STATS = 0x9d + DEVLINK_ATTR_RELOAD_STATS_ENTRY = 0x9e + DEVLINK_ATTR_RELOAD_STATS_LIMIT = 0x9f + DEVLINK_ATTR_RELOAD_STATS_VALUE = 0xa0 + DEVLINK_ATTR_REMOTE_RELOAD_STATS = 0xa1 + DEVLINK_ATTR_RELOAD_ACTION_INFO = 0xa2 + DEVLINK_ATTR_RELOAD_ACTION_STATS = 0xa3 + DEVLINK_ATTR_MAX = 0xa3 + DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 + DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 + DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 + DEVLINK_DPIPE_ACTION_TYPE_FIELD_MODIFY = 0x0 + DEVLINK_DPIPE_FIELD_ETHERNET_DST_MAC = 0x0 + DEVLINK_DPIPE_FIELD_IPV4_DST_IP = 0x0 + DEVLINK_DPIPE_FIELD_IPV6_DST_IP = 0x0 + DEVLINK_DPIPE_HEADER_ETHERNET = 0x0 + DEVLINK_DPIPE_HEADER_IPV4 = 0x1 + DEVLINK_DPIPE_HEADER_IPV6 = 0x2 + DEVLINK_RESOURCE_UNIT_ENTRY = 0x0 + DEVLINK_PORT_FUNCTION_ATTR_UNSPEC = 0x0 + DEVLINK_PORT_FUNCTION_ATTR_HW_ADDR = 0x1 + DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x1 ) type FsverityDigest struct { @@ -2638,3 +3186,497 @@ type WatchdogInfo struct { Version uint32 Identity [32]uint8 } + +type PPSFData struct { + Info PPSKInfo + Timeout PPSKTime +} + +type PPSKParams struct { + Api_version int32 + Mode int32 + Assert_off_tu PPSKTime + Clear_off_tu PPSKTime +} + +type PPSKTime struct { + Sec int64 + Nsec int32 + Flags uint32 +} + +const ( + LWTUNNEL_ENCAP_NONE = 0x0 + LWTUNNEL_ENCAP_MPLS = 0x1 + LWTUNNEL_ENCAP_IP = 0x2 + LWTUNNEL_ENCAP_ILA = 0x3 + LWTUNNEL_ENCAP_IP6 = 0x4 + LWTUNNEL_ENCAP_SEG6 = 0x5 + LWTUNNEL_ENCAP_BPF = 0x6 + LWTUNNEL_ENCAP_SEG6_LOCAL = 0x7 + LWTUNNEL_ENCAP_RPL = 0x8 + LWTUNNEL_ENCAP_MAX = 0x8 + + MPLS_IPTUNNEL_UNSPEC = 0x0 + MPLS_IPTUNNEL_DST = 0x1 + MPLS_IPTUNNEL_TTL = 0x2 + MPLS_IPTUNNEL_MAX = 0x2 +) + +const ( + ETHTOOL_ID_UNSPEC = 0x0 + ETHTOOL_RX_COPYBREAK = 0x1 + ETHTOOL_TX_COPYBREAK = 0x2 + ETHTOOL_PFC_PREVENTION_TOUT = 0x3 + ETHTOOL_TUNABLE_UNSPEC = 0x0 + ETHTOOL_TUNABLE_U8 = 0x1 + ETHTOOL_TUNABLE_U16 = 0x2 + ETHTOOL_TUNABLE_U32 = 0x3 + ETHTOOL_TUNABLE_U64 = 0x4 + ETHTOOL_TUNABLE_STRING = 0x5 + ETHTOOL_TUNABLE_S8 = 0x6 + ETHTOOL_TUNABLE_S16 = 0x7 + ETHTOOL_TUNABLE_S32 = 0x8 + ETHTOOL_TUNABLE_S64 = 0x9 + ETHTOOL_PHY_ID_UNSPEC = 0x0 + ETHTOOL_PHY_DOWNSHIFT = 0x1 + ETHTOOL_PHY_FAST_LINK_DOWN = 0x2 + ETHTOOL_PHY_EDPD = 0x3 + ETHTOOL_LINK_EXT_STATE_AUTONEG = 0x0 + ETHTOOL_LINK_EXT_STATE_LINK_TRAINING_FAILURE = 0x1 + ETHTOOL_LINK_EXT_STATE_LINK_LOGICAL_MISMATCH = 0x2 + ETHTOOL_LINK_EXT_STATE_BAD_SIGNAL_INTEGRITY = 0x3 + ETHTOOL_LINK_EXT_STATE_NO_CABLE = 0x4 + ETHTOOL_LINK_EXT_STATE_CABLE_ISSUE = 0x5 + ETHTOOL_LINK_EXT_STATE_EEPROM_ISSUE = 0x6 + ETHTOOL_LINK_EXT_STATE_CALIBRATION_FAILURE = 0x7 + ETHTOOL_LINK_EXT_STATE_POWER_BUDGET_EXCEEDED = 0x8 + ETHTOOL_LINK_EXT_STATE_OVERHEAT = 0x9 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_PARTNER_DETECTED = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_AN_ACK_NOT_RECEIVED = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NEXT_PAGE_EXCHANGE_FAILED = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_PARTNER_DETECTED_FORCE_MODE = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_AN_FEC_MISMATCH_DURING_OVERRIDE = 0x5 + ETHTOOL_LINK_EXT_SUBSTATE_AN_NO_HCD = 0x6 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_FRAME_LOCK_NOT_ACQUIRED = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_LINK_INHIBIT_TIMEOUT = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_LT_KR_LINK_PARTNER_DID_NOT_SET_RECEIVER_READY = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_LT_REMOTE_FAULT = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_ACQUIRE_BLOCK_LOCK = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_ACQUIRE_AM_LOCK = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_PCS_DID_NOT_GET_ALIGN_STATUS = 0x3 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_FC_FEC_IS_NOT_LOCKED = 0x4 + ETHTOOL_LINK_EXT_SUBSTATE_LLM_RS_FEC_IS_NOT_LOCKED = 0x5 + ETHTOOL_LINK_EXT_SUBSTATE_BSI_LARGE_NUMBER_OF_PHYSICAL_ERRORS = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_BSI_UNSUPPORTED_RATE = 0x2 + ETHTOOL_LINK_EXT_SUBSTATE_CI_UNSUPPORTED_CABLE = 0x1 + ETHTOOL_LINK_EXT_SUBSTATE_CI_CABLE_TEST_FAILURE = 0x2 + ETHTOOL_FLASH_ALL_REGIONS = 0x0 + ETHTOOL_F_UNSUPPORTED__BIT = 0x0 + ETHTOOL_F_WISH__BIT = 0x1 + ETHTOOL_F_COMPAT__BIT = 0x2 + ETHTOOL_FEC_NONE_BIT = 0x0 + ETHTOOL_FEC_AUTO_BIT = 0x1 + ETHTOOL_FEC_OFF_BIT = 0x2 + ETHTOOL_FEC_RS_BIT = 0x3 + ETHTOOL_FEC_BASER_BIT = 0x4 + ETHTOOL_FEC_LLRS_BIT = 0x5 + ETHTOOL_LINK_MODE_10baseT_Half_BIT = 0x0 + ETHTOOL_LINK_MODE_10baseT_Full_BIT = 0x1 + ETHTOOL_LINK_MODE_100baseT_Half_BIT = 0x2 + ETHTOOL_LINK_MODE_100baseT_Full_BIT = 0x3 + ETHTOOL_LINK_MODE_1000baseT_Half_BIT = 0x4 + ETHTOOL_LINK_MODE_1000baseT_Full_BIT = 0x5 + ETHTOOL_LINK_MODE_Autoneg_BIT = 0x6 + ETHTOOL_LINK_MODE_TP_BIT = 0x7 + ETHTOOL_LINK_MODE_AUI_BIT = 0x8 + ETHTOOL_LINK_MODE_MII_BIT = 0x9 + ETHTOOL_LINK_MODE_FIBRE_BIT = 0xa + ETHTOOL_LINK_MODE_BNC_BIT = 0xb + ETHTOOL_LINK_MODE_10000baseT_Full_BIT = 0xc + ETHTOOL_LINK_MODE_Pause_BIT = 0xd + ETHTOOL_LINK_MODE_Asym_Pause_BIT = 0xe + ETHTOOL_LINK_MODE_2500baseX_Full_BIT = 0xf + ETHTOOL_LINK_MODE_Backplane_BIT = 0x10 + ETHTOOL_LINK_MODE_1000baseKX_Full_BIT = 0x11 + ETHTOOL_LINK_MODE_10000baseKX4_Full_BIT = 0x12 + ETHTOOL_LINK_MODE_10000baseKR_Full_BIT = 0x13 + ETHTOOL_LINK_MODE_10000baseR_FEC_BIT = 0x14 + ETHTOOL_LINK_MODE_20000baseMLD2_Full_BIT = 0x15 + ETHTOOL_LINK_MODE_20000baseKR2_Full_BIT = 0x16 + ETHTOOL_LINK_MODE_40000baseKR4_Full_BIT = 0x17 + ETHTOOL_LINK_MODE_40000baseCR4_Full_BIT = 0x18 + ETHTOOL_LINK_MODE_40000baseSR4_Full_BIT = 0x19 + ETHTOOL_LINK_MODE_40000baseLR4_Full_BIT = 0x1a + ETHTOOL_LINK_MODE_56000baseKR4_Full_BIT = 0x1b + ETHTOOL_LINK_MODE_56000baseCR4_Full_BIT = 0x1c + ETHTOOL_LINK_MODE_56000baseSR4_Full_BIT = 0x1d + ETHTOOL_LINK_MODE_56000baseLR4_Full_BIT = 0x1e + ETHTOOL_LINK_MODE_25000baseCR_Full_BIT = 0x1f + ETHTOOL_LINK_MODE_25000baseKR_Full_BIT = 0x20 + ETHTOOL_LINK_MODE_25000baseSR_Full_BIT = 0x21 + ETHTOOL_LINK_MODE_50000baseCR2_Full_BIT = 0x22 + ETHTOOL_LINK_MODE_50000baseKR2_Full_BIT = 0x23 + ETHTOOL_LINK_MODE_100000baseKR4_Full_BIT = 0x24 + ETHTOOL_LINK_MODE_100000baseSR4_Full_BIT = 0x25 + ETHTOOL_LINK_MODE_100000baseCR4_Full_BIT = 0x26 + ETHTOOL_LINK_MODE_100000baseLR4_ER4_Full_BIT = 0x27 + ETHTOOL_LINK_MODE_50000baseSR2_Full_BIT = 0x28 + ETHTOOL_LINK_MODE_1000baseX_Full_BIT = 0x29 + ETHTOOL_LINK_MODE_10000baseCR_Full_BIT = 0x2a + ETHTOOL_LINK_MODE_10000baseSR_Full_BIT = 0x2b + ETHTOOL_LINK_MODE_10000baseLR_Full_BIT = 0x2c + ETHTOOL_LINK_MODE_10000baseLRM_Full_BIT = 0x2d + ETHTOOL_LINK_MODE_10000baseER_Full_BIT = 0x2e + ETHTOOL_LINK_MODE_2500baseT_Full_BIT = 0x2f + ETHTOOL_LINK_MODE_5000baseT_Full_BIT = 0x30 + ETHTOOL_LINK_MODE_FEC_NONE_BIT = 0x31 + ETHTOOL_LINK_MODE_FEC_RS_BIT = 0x32 + ETHTOOL_LINK_MODE_FEC_BASER_BIT = 0x33 + ETHTOOL_LINK_MODE_50000baseKR_Full_BIT = 0x34 + ETHTOOL_LINK_MODE_50000baseSR_Full_BIT = 0x35 + ETHTOOL_LINK_MODE_50000baseCR_Full_BIT = 0x36 + ETHTOOL_LINK_MODE_50000baseLR_ER_FR_Full_BIT = 0x37 + ETHTOOL_LINK_MODE_50000baseDR_Full_BIT = 0x38 + ETHTOOL_LINK_MODE_100000baseKR2_Full_BIT = 0x39 + ETHTOOL_LINK_MODE_100000baseSR2_Full_BIT = 0x3a + ETHTOOL_LINK_MODE_100000baseCR2_Full_BIT = 0x3b + ETHTOOL_LINK_MODE_100000baseLR2_ER2_FR2_Full_BIT = 0x3c + ETHTOOL_LINK_MODE_100000baseDR2_Full_BIT = 0x3d + ETHTOOL_LINK_MODE_200000baseKR4_Full_BIT = 0x3e + ETHTOOL_LINK_MODE_200000baseSR4_Full_BIT = 0x3f + ETHTOOL_LINK_MODE_200000baseLR4_ER4_FR4_Full_BIT = 0x40 + ETHTOOL_LINK_MODE_200000baseDR4_Full_BIT = 0x41 + ETHTOOL_LINK_MODE_200000baseCR4_Full_BIT = 0x42 + ETHTOOL_LINK_MODE_100baseT1_Full_BIT = 0x43 + ETHTOOL_LINK_MODE_1000baseT1_Full_BIT = 0x44 + ETHTOOL_LINK_MODE_400000baseKR8_Full_BIT = 0x45 + ETHTOOL_LINK_MODE_400000baseSR8_Full_BIT = 0x46 + ETHTOOL_LINK_MODE_400000baseLR8_ER8_FR8_Full_BIT = 0x47 + ETHTOOL_LINK_MODE_400000baseDR8_Full_BIT = 0x48 + ETHTOOL_LINK_MODE_400000baseCR8_Full_BIT = 0x49 + ETHTOOL_LINK_MODE_FEC_LLRS_BIT = 0x4a + ETHTOOL_LINK_MODE_100000baseKR_Full_BIT = 0x4b + ETHTOOL_LINK_MODE_100000baseSR_Full_BIT = 0x4c + ETHTOOL_LINK_MODE_100000baseLR_ER_FR_Full_BIT = 0x4d + ETHTOOL_LINK_MODE_100000baseCR_Full_BIT = 0x4e + ETHTOOL_LINK_MODE_100000baseDR_Full_BIT = 0x4f + ETHTOOL_LINK_MODE_200000baseKR2_Full_BIT = 0x50 + ETHTOOL_LINK_MODE_200000baseSR2_Full_BIT = 0x51 + ETHTOOL_LINK_MODE_200000baseLR2_ER2_FR2_Full_BIT = 0x52 + ETHTOOL_LINK_MODE_200000baseDR2_Full_BIT = 0x53 + ETHTOOL_LINK_MODE_200000baseCR2_Full_BIT = 0x54 + ETHTOOL_LINK_MODE_400000baseKR4_Full_BIT = 0x55 + ETHTOOL_LINK_MODE_400000baseSR4_Full_BIT = 0x56 + ETHTOOL_LINK_MODE_400000baseLR4_ER4_FR4_Full_BIT = 0x57 + ETHTOOL_LINK_MODE_400000baseDR4_Full_BIT = 0x58 + ETHTOOL_LINK_MODE_400000baseCR4_Full_BIT = 0x59 + ETHTOOL_LINK_MODE_100baseFX_Half_BIT = 0x5a + ETHTOOL_LINK_MODE_100baseFX_Full_BIT = 0x5b + + ETHTOOL_MSG_USER_NONE = 0x0 + ETHTOOL_MSG_STRSET_GET = 0x1 + ETHTOOL_MSG_LINKINFO_GET = 0x2 + ETHTOOL_MSG_LINKINFO_SET = 0x3 + ETHTOOL_MSG_LINKMODES_GET = 0x4 + ETHTOOL_MSG_LINKMODES_SET = 0x5 + ETHTOOL_MSG_LINKSTATE_GET = 0x6 + ETHTOOL_MSG_DEBUG_GET = 0x7 + ETHTOOL_MSG_DEBUG_SET = 0x8 + ETHTOOL_MSG_WOL_GET = 0x9 + ETHTOOL_MSG_WOL_SET = 0xa + ETHTOOL_MSG_FEATURES_GET = 0xb + ETHTOOL_MSG_FEATURES_SET = 0xc + ETHTOOL_MSG_PRIVFLAGS_GET = 0xd + ETHTOOL_MSG_PRIVFLAGS_SET = 0xe + ETHTOOL_MSG_RINGS_GET = 0xf + ETHTOOL_MSG_RINGS_SET = 0x10 + ETHTOOL_MSG_CHANNELS_GET = 0x11 + ETHTOOL_MSG_CHANNELS_SET = 0x12 + ETHTOOL_MSG_COALESCE_GET = 0x13 + ETHTOOL_MSG_COALESCE_SET = 0x14 + ETHTOOL_MSG_PAUSE_GET = 0x15 + ETHTOOL_MSG_PAUSE_SET = 0x16 + ETHTOOL_MSG_EEE_GET = 0x17 + ETHTOOL_MSG_EEE_SET = 0x18 + ETHTOOL_MSG_TSINFO_GET = 0x19 + ETHTOOL_MSG_CABLE_TEST_ACT = 0x1a + ETHTOOL_MSG_CABLE_TEST_TDR_ACT = 0x1b + ETHTOOL_MSG_TUNNEL_INFO_GET = 0x1c + ETHTOOL_MSG_USER_MAX = 0x1c + ETHTOOL_MSG_KERNEL_NONE = 0x0 + ETHTOOL_MSG_STRSET_GET_REPLY = 0x1 + ETHTOOL_MSG_LINKINFO_GET_REPLY = 0x2 + ETHTOOL_MSG_LINKINFO_NTF = 0x3 + ETHTOOL_MSG_LINKMODES_GET_REPLY = 0x4 + ETHTOOL_MSG_LINKMODES_NTF = 0x5 + ETHTOOL_MSG_LINKSTATE_GET_REPLY = 0x6 + ETHTOOL_MSG_DEBUG_GET_REPLY = 0x7 + ETHTOOL_MSG_DEBUG_NTF = 0x8 + ETHTOOL_MSG_WOL_GET_REPLY = 0x9 + ETHTOOL_MSG_WOL_NTF = 0xa + ETHTOOL_MSG_FEATURES_GET_REPLY = 0xb + ETHTOOL_MSG_FEATURES_SET_REPLY = 0xc + ETHTOOL_MSG_FEATURES_NTF = 0xd + ETHTOOL_MSG_PRIVFLAGS_GET_REPLY = 0xe + ETHTOOL_MSG_PRIVFLAGS_NTF = 0xf + ETHTOOL_MSG_RINGS_GET_REPLY = 0x10 + ETHTOOL_MSG_RINGS_NTF = 0x11 + ETHTOOL_MSG_CHANNELS_GET_REPLY = 0x12 + ETHTOOL_MSG_CHANNELS_NTF = 0x13 + ETHTOOL_MSG_COALESCE_GET_REPLY = 0x14 + ETHTOOL_MSG_COALESCE_NTF = 0x15 + ETHTOOL_MSG_PAUSE_GET_REPLY = 0x16 + ETHTOOL_MSG_PAUSE_NTF = 0x17 + ETHTOOL_MSG_EEE_GET_REPLY = 0x18 + ETHTOOL_MSG_EEE_NTF = 0x19 + ETHTOOL_MSG_TSINFO_GET_REPLY = 0x1a + ETHTOOL_MSG_CABLE_TEST_NTF = 0x1b + ETHTOOL_MSG_CABLE_TEST_TDR_NTF = 0x1c + ETHTOOL_MSG_TUNNEL_INFO_GET_REPLY = 0x1d + ETHTOOL_MSG_KERNEL_MAX = 0x1d + ETHTOOL_A_HEADER_UNSPEC = 0x0 + ETHTOOL_A_HEADER_DEV_INDEX = 0x1 + ETHTOOL_A_HEADER_DEV_NAME = 0x2 + ETHTOOL_A_HEADER_FLAGS = 0x3 + ETHTOOL_A_HEADER_MAX = 0x3 + ETHTOOL_A_BITSET_BIT_UNSPEC = 0x0 + ETHTOOL_A_BITSET_BIT_INDEX = 0x1 + ETHTOOL_A_BITSET_BIT_NAME = 0x2 + ETHTOOL_A_BITSET_BIT_VALUE = 0x3 + ETHTOOL_A_BITSET_BIT_MAX = 0x3 + ETHTOOL_A_BITSET_BITS_UNSPEC = 0x0 + ETHTOOL_A_BITSET_BITS_BIT = 0x1 + ETHTOOL_A_BITSET_BITS_MAX = 0x1 + ETHTOOL_A_BITSET_UNSPEC = 0x0 + ETHTOOL_A_BITSET_NOMASK = 0x1 + ETHTOOL_A_BITSET_SIZE = 0x2 + ETHTOOL_A_BITSET_BITS = 0x3 + ETHTOOL_A_BITSET_VALUE = 0x4 + ETHTOOL_A_BITSET_MASK = 0x5 + ETHTOOL_A_BITSET_MAX = 0x5 + ETHTOOL_A_STRING_UNSPEC = 0x0 + ETHTOOL_A_STRING_INDEX = 0x1 + ETHTOOL_A_STRING_VALUE = 0x2 + ETHTOOL_A_STRING_MAX = 0x2 + ETHTOOL_A_STRINGS_UNSPEC = 0x0 + ETHTOOL_A_STRINGS_STRING = 0x1 + ETHTOOL_A_STRINGS_MAX = 0x1 + ETHTOOL_A_STRINGSET_UNSPEC = 0x0 + ETHTOOL_A_STRINGSET_ID = 0x1 + ETHTOOL_A_STRINGSET_COUNT = 0x2 + ETHTOOL_A_STRINGSET_STRINGS = 0x3 + ETHTOOL_A_STRINGSET_MAX = 0x3 + ETHTOOL_A_STRINGSETS_UNSPEC = 0x0 + ETHTOOL_A_STRINGSETS_STRINGSET = 0x1 + ETHTOOL_A_STRINGSETS_MAX = 0x1 + ETHTOOL_A_STRSET_UNSPEC = 0x0 + ETHTOOL_A_STRSET_HEADER = 0x1 + ETHTOOL_A_STRSET_STRINGSETS = 0x2 + ETHTOOL_A_STRSET_COUNTS_ONLY = 0x3 + ETHTOOL_A_STRSET_MAX = 0x3 + ETHTOOL_A_LINKINFO_UNSPEC = 0x0 + ETHTOOL_A_LINKINFO_HEADER = 0x1 + ETHTOOL_A_LINKINFO_PORT = 0x2 + ETHTOOL_A_LINKINFO_PHYADDR = 0x3 + ETHTOOL_A_LINKINFO_TP_MDIX = 0x4 + ETHTOOL_A_LINKINFO_TP_MDIX_CTRL = 0x5 + ETHTOOL_A_LINKINFO_TRANSCEIVER = 0x6 + ETHTOOL_A_LINKINFO_MAX = 0x6 + ETHTOOL_A_LINKMODES_UNSPEC = 0x0 + ETHTOOL_A_LINKMODES_HEADER = 0x1 + ETHTOOL_A_LINKMODES_AUTONEG = 0x2 + ETHTOOL_A_LINKMODES_OURS = 0x3 + ETHTOOL_A_LINKMODES_PEER = 0x4 + ETHTOOL_A_LINKMODES_SPEED = 0x5 + ETHTOOL_A_LINKMODES_DUPLEX = 0x6 + ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG = 0x7 + ETHTOOL_A_LINKMODES_MASTER_SLAVE_STATE = 0x8 + ETHTOOL_A_LINKMODES_MAX = 0x8 + ETHTOOL_A_LINKSTATE_UNSPEC = 0x0 + ETHTOOL_A_LINKSTATE_HEADER = 0x1 + ETHTOOL_A_LINKSTATE_LINK = 0x2 + ETHTOOL_A_LINKSTATE_SQI = 0x3 + ETHTOOL_A_LINKSTATE_SQI_MAX = 0x4 + ETHTOOL_A_LINKSTATE_EXT_STATE = 0x5 + ETHTOOL_A_LINKSTATE_EXT_SUBSTATE = 0x6 + ETHTOOL_A_LINKSTATE_MAX = 0x6 + ETHTOOL_A_DEBUG_UNSPEC = 0x0 + ETHTOOL_A_DEBUG_HEADER = 0x1 + ETHTOOL_A_DEBUG_MSGMASK = 0x2 + ETHTOOL_A_DEBUG_MAX = 0x2 + ETHTOOL_A_WOL_UNSPEC = 0x0 + ETHTOOL_A_WOL_HEADER = 0x1 + ETHTOOL_A_WOL_MODES = 0x2 + ETHTOOL_A_WOL_SOPASS = 0x3 + ETHTOOL_A_WOL_MAX = 0x3 + ETHTOOL_A_FEATURES_UNSPEC = 0x0 + ETHTOOL_A_FEATURES_HEADER = 0x1 + ETHTOOL_A_FEATURES_HW = 0x2 + ETHTOOL_A_FEATURES_WANTED = 0x3 + ETHTOOL_A_FEATURES_ACTIVE = 0x4 + ETHTOOL_A_FEATURES_NOCHANGE = 0x5 + ETHTOOL_A_FEATURES_MAX = 0x5 + ETHTOOL_A_PRIVFLAGS_UNSPEC = 0x0 + ETHTOOL_A_PRIVFLAGS_HEADER = 0x1 + ETHTOOL_A_PRIVFLAGS_FLAGS = 0x2 + ETHTOOL_A_PRIVFLAGS_MAX = 0x2 + ETHTOOL_A_RINGS_UNSPEC = 0x0 + ETHTOOL_A_RINGS_HEADER = 0x1 + ETHTOOL_A_RINGS_RX_MAX = 0x2 + ETHTOOL_A_RINGS_RX_MINI_MAX = 0x3 + ETHTOOL_A_RINGS_RX_JUMBO_MAX = 0x4 + ETHTOOL_A_RINGS_TX_MAX = 0x5 + ETHTOOL_A_RINGS_RX = 0x6 + ETHTOOL_A_RINGS_RX_MINI = 0x7 + ETHTOOL_A_RINGS_RX_JUMBO = 0x8 + ETHTOOL_A_RINGS_TX = 0x9 + ETHTOOL_A_RINGS_MAX = 0x9 + ETHTOOL_A_CHANNELS_UNSPEC = 0x0 + ETHTOOL_A_CHANNELS_HEADER = 0x1 + ETHTOOL_A_CHANNELS_RX_MAX = 0x2 + ETHTOOL_A_CHANNELS_TX_MAX = 0x3 + ETHTOOL_A_CHANNELS_OTHER_MAX = 0x4 + ETHTOOL_A_CHANNELS_COMBINED_MAX = 0x5 + ETHTOOL_A_CHANNELS_RX_COUNT = 0x6 + ETHTOOL_A_CHANNELS_TX_COUNT = 0x7 + ETHTOOL_A_CHANNELS_OTHER_COUNT = 0x8 + ETHTOOL_A_CHANNELS_COMBINED_COUNT = 0x9 + ETHTOOL_A_CHANNELS_MAX = 0x9 + ETHTOOL_A_COALESCE_UNSPEC = 0x0 + ETHTOOL_A_COALESCE_HEADER = 0x1 + ETHTOOL_A_COALESCE_RX_USECS = 0x2 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES = 0x3 + ETHTOOL_A_COALESCE_RX_USECS_IRQ = 0x4 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ = 0x5 + ETHTOOL_A_COALESCE_TX_USECS = 0x6 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES = 0x7 + ETHTOOL_A_COALESCE_TX_USECS_IRQ = 0x8 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ = 0x9 + ETHTOOL_A_COALESCE_STATS_BLOCK_USECS = 0xa + ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX = 0xb + ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX = 0xc + ETHTOOL_A_COALESCE_PKT_RATE_LOW = 0xd + ETHTOOL_A_COALESCE_RX_USECS_LOW = 0xe + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW = 0xf + ETHTOOL_A_COALESCE_TX_USECS_LOW = 0x10 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW = 0x11 + ETHTOOL_A_COALESCE_PKT_RATE_HIGH = 0x12 + ETHTOOL_A_COALESCE_RX_USECS_HIGH = 0x13 + ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH = 0x14 + ETHTOOL_A_COALESCE_TX_USECS_HIGH = 0x15 + ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH = 0x16 + ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL = 0x17 + ETHTOOL_A_COALESCE_MAX = 0x17 + ETHTOOL_A_PAUSE_UNSPEC = 0x0 + ETHTOOL_A_PAUSE_HEADER = 0x1 + ETHTOOL_A_PAUSE_AUTONEG = 0x2 + ETHTOOL_A_PAUSE_RX = 0x3 + ETHTOOL_A_PAUSE_TX = 0x4 + ETHTOOL_A_PAUSE_STATS = 0x5 + ETHTOOL_A_PAUSE_MAX = 0x5 + ETHTOOL_A_PAUSE_STAT_UNSPEC = 0x0 + ETHTOOL_A_PAUSE_STAT_PAD = 0x1 + ETHTOOL_A_PAUSE_STAT_TX_FRAMES = 0x2 + ETHTOOL_A_PAUSE_STAT_RX_FRAMES = 0x3 + ETHTOOL_A_PAUSE_STAT_MAX = 0x3 + ETHTOOL_A_EEE_UNSPEC = 0x0 + ETHTOOL_A_EEE_HEADER = 0x1 + ETHTOOL_A_EEE_MODES_OURS = 0x2 + ETHTOOL_A_EEE_MODES_PEER = 0x3 + ETHTOOL_A_EEE_ACTIVE = 0x4 + ETHTOOL_A_EEE_ENABLED = 0x5 + ETHTOOL_A_EEE_TX_LPI_ENABLED = 0x6 + ETHTOOL_A_EEE_TX_LPI_TIMER = 0x7 + ETHTOOL_A_EEE_MAX = 0x7 + ETHTOOL_A_TSINFO_UNSPEC = 0x0 + ETHTOOL_A_TSINFO_HEADER = 0x1 + ETHTOOL_A_TSINFO_TIMESTAMPING = 0x2 + ETHTOOL_A_TSINFO_TX_TYPES = 0x3 + ETHTOOL_A_TSINFO_RX_FILTERS = 0x4 + ETHTOOL_A_TSINFO_PHC_INDEX = 0x5 + ETHTOOL_A_TSINFO_MAX = 0x5 + ETHTOOL_A_CABLE_TEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_MAX = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_RESULT_CODE_OK = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE_OPEN = 0x2 + ETHTOOL_A_CABLE_RESULT_CODE_SAME_SHORT = 0x3 + ETHTOOL_A_CABLE_RESULT_CODE_CROSS_SHORT = 0x4 + ETHTOOL_A_CABLE_PAIR_A = 0x0 + ETHTOOL_A_CABLE_PAIR_B = 0x1 + ETHTOOL_A_CABLE_PAIR_C = 0x2 + ETHTOOL_A_CABLE_PAIR_D = 0x3 + ETHTOOL_A_CABLE_RESULT_UNSPEC = 0x0 + ETHTOOL_A_CABLE_RESULT_PAIR = 0x1 + ETHTOOL_A_CABLE_RESULT_CODE = 0x2 + ETHTOOL_A_CABLE_RESULT_MAX = 0x2 + ETHTOOL_A_CABLE_FAULT_LENGTH_UNSPEC = 0x0 + ETHTOOL_A_CABLE_FAULT_LENGTH_PAIR = 0x1 + ETHTOOL_A_CABLE_FAULT_LENGTH_CM = 0x2 + ETHTOOL_A_CABLE_FAULT_LENGTH_MAX = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_STARTED = 0x1 + ETHTOOL_A_CABLE_TEST_NTF_STATUS_COMPLETED = 0x2 + ETHTOOL_A_CABLE_NEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_NEST_RESULT = 0x1 + ETHTOOL_A_CABLE_NEST_FAULT_LENGTH = 0x2 + ETHTOOL_A_CABLE_NEST_MAX = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_NTF_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_NTF_STATUS = 0x2 + ETHTOOL_A_CABLE_TEST_NTF_NEST = 0x3 + ETHTOOL_A_CABLE_TEST_NTF_MAX = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_CFG_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_CFG_FIRST = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_CFG_LAST = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_CFG_STEP = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_CFG_PAIR = 0x4 + ETHTOOL_A_CABLE_TEST_TDR_CFG_MAX = 0x4 + ETHTOOL_A_CABLE_TEST_TDR_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_CFG = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_MAX = 0x2 + ETHTOOL_A_CABLE_AMPLITUDE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_AMPLITUDE_PAIR = 0x1 + ETHTOOL_A_CABLE_AMPLITUDE_mV = 0x2 + ETHTOOL_A_CABLE_AMPLITUDE_MAX = 0x2 + ETHTOOL_A_CABLE_PULSE_UNSPEC = 0x0 + ETHTOOL_A_CABLE_PULSE_mV = 0x1 + ETHTOOL_A_CABLE_PULSE_MAX = 0x1 + ETHTOOL_A_CABLE_STEP_UNSPEC = 0x0 + ETHTOOL_A_CABLE_STEP_FIRST_DISTANCE = 0x1 + ETHTOOL_A_CABLE_STEP_LAST_DISTANCE = 0x2 + ETHTOOL_A_CABLE_STEP_STEP_DISTANCE = 0x3 + ETHTOOL_A_CABLE_STEP_MAX = 0x3 + ETHTOOL_A_CABLE_TDR_NEST_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TDR_NEST_STEP = 0x1 + ETHTOOL_A_CABLE_TDR_NEST_AMPLITUDE = 0x2 + ETHTOOL_A_CABLE_TDR_NEST_PULSE = 0x3 + ETHTOOL_A_CABLE_TDR_NEST_MAX = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_NTF_UNSPEC = 0x0 + ETHTOOL_A_CABLE_TEST_TDR_NTF_HEADER = 0x1 + ETHTOOL_A_CABLE_TEST_TDR_NTF_STATUS = 0x2 + ETHTOOL_A_CABLE_TEST_TDR_NTF_NEST = 0x3 + ETHTOOL_A_CABLE_TEST_TDR_NTF_MAX = 0x3 + ETHTOOL_UDP_TUNNEL_TYPE_VXLAN = 0x0 + ETHTOOL_UDP_TUNNEL_TYPE_GENEVE = 0x1 + ETHTOOL_UDP_TUNNEL_TYPE_VXLAN_GPE = 0x2 + ETHTOOL_A_TUNNEL_UDP_ENTRY_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_ENTRY_PORT = 0x1 + ETHTOOL_A_TUNNEL_UDP_ENTRY_TYPE = 0x2 + ETHTOOL_A_TUNNEL_UDP_ENTRY_MAX = 0x2 + ETHTOOL_A_TUNNEL_UDP_TABLE_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_TABLE_SIZE = 0x1 + ETHTOOL_A_TUNNEL_UDP_TABLE_TYPES = 0x2 + ETHTOOL_A_TUNNEL_UDP_TABLE_ENTRY = 0x3 + ETHTOOL_A_TUNNEL_UDP_TABLE_MAX = 0x3 + ETHTOOL_A_TUNNEL_UDP_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_UDP_TABLE = 0x1 + ETHTOOL_A_TUNNEL_UDP_MAX = 0x1 + ETHTOOL_A_TUNNEL_INFO_UNSPEC = 0x0 + ETHTOOL_A_TUNNEL_INFO_HEADER = 0x1 + ETHTOOL_A_TUNNEL_INFO_UDP_PORTS = 0x2 + ETHTOOL_A_TUNNEL_INFO_MAX = 0x2 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go index 73509d896a2ac..088bd77e3be33 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build 386,linux @@ -602,3 +602,18 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 +} + +const ( + PPS_GETPARAMS = 0x800470a1 + PPS_SETPARAMS = 0x400470a2 + PPS_GETCAP = 0x800470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go index 45eb8738b0df1..078d958ec956a 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build amd64,linux @@ -619,3 +619,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go index 8f6b453aba5b1..2d39122f410c2 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build arm,linux @@ -596,3 +596,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800470a1 + PPS_SETPARAMS = 0x400470a2 + PPS_GETCAP = 0x800470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go index b1e0c24f192fd..304cbd04536e2 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build arm64,linux @@ -598,3 +598,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go index fb802c3ec9b37..7d9d57006aa87 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips,linux @@ -602,3 +602,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400470a1 + PPS_SETPARAMS = 0x800470a2 + PPS_GETCAP = 0x400470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go index 30abcf3bb8e30..a1eb2577b0891 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips64,linux @@ -601,3 +601,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go index 99761aa9a78ac..2e5ce3b6a69fa 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mips64le,linux @@ -601,3 +601,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go index 293690348f6e2..bbaa1200b6a6e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build mipsle,linux @@ -602,3 +602,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400470a1 + PPS_SETPARAMS = 0x800470a2 + PPS_GETCAP = 0x400470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go index 0ca856e559b6c..0e6e8a7748390 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build ppc64,linux @@ -608,3 +608,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go index f50f6482eee7d..7382f385faf60 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build ppc64le,linux @@ -608,3 +608,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go index 4d3ac8d7b4097..28d552216656e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build riscv64,linux @@ -626,3 +626,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]uint8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go index 349f483a80ea6..a91a7a44bd394 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build s390x,linux @@ -622,3 +622,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x800870a1 + PPS_SETPARAMS = 0x400870a2 + PPS_GETCAP = 0x800870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go index 80c73beaa1556..f824b2358dc71 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go @@ -1,4 +1,4 @@ -// cgo -godefs -- -Wall -Werror -static -I/tmp/include linux/types.go | go run mkpost.go +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go // Code generated by the command above; see README.md. DO NOT EDIT. // +build sparc64,linux @@ -603,3 +603,19 @@ type TIPCSIOCNodeIDReq struct { Peer uint32 Id [16]int8 } + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400870a1 + PPS_SETPARAMS = 0x800870a2 + PPS_GETCAP = 0x400870a3 + PPS_FETCH = 0xc00870a4 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go index a89100c08aec2..3f11f88e3c657 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go @@ -248,6 +248,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go index 289184e0b3a8a..0bed83af57b37 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go @@ -255,6 +255,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go index 428c450e4ce0a..e4e3bf736d865 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go @@ -253,6 +253,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go index 6f1f2842cc377..efac861bb7fa7 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go @@ -255,6 +255,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x14 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go index 61ea0019a2981..80fa295f1dfcd 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go index 87a493f68fd3c..560dd6d08af12 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go @@ -235,6 +235,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go index d80836efaba39..0c1700fa4356a 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go @@ -235,6 +235,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x8 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x1c diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go index 4e158746f1159..5b3e46633e9be 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go index 992a1f8c01887..62bff16709790 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go @@ -231,6 +231,7 @@ const ( SizeofSockaddrUnix = 0x6a SizeofSockaddrDatalink = 0x20 SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go index db817f3ba828c..ca512aff7f86f 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go @@ -234,6 +234,7 @@ const ( SizeofSockaddrUnix = 0x6e SizeofSockaddrDatalink = 0xfc SizeofLinger = 0x8 + SizeofIovec = 0x10 SizeofIPMreq = 0x8 SizeofIPv6Mreq = 0x14 SizeofMsghdr = 0x30 diff --git a/vendor/golang.org/x/sys/windows/dll_windows.go b/vendor/golang.org/x/sys/windows/dll_windows.go index 82076fb74ff94..115341fba66da 100644 --- a/vendor/golang.org/x/sys/windows/dll_windows.go +++ b/vendor/golang.org/x/sys/windows/dll_windows.go @@ -32,6 +32,8 @@ type DLLError struct { func (e *DLLError) Error() string { return e.Msg } +func (e *DLLError) Unwrap() error { return e.Err } + // A DLL implements access to a single DLL. type DLL struct { Name string @@ -389,7 +391,6 @@ func loadLibraryEx(name string, system bool) (*DLL, error) { var flags uintptr if system { if canDoSearchSystem32() { - const LOAD_LIBRARY_SEARCH_SYSTEM32 = 0x00000800 flags = LOAD_LIBRARY_SEARCH_SYSTEM32 } else if isBaseName(name) { // WindowsXP or unpatched Windows machine diff --git a/vendor/golang.org/x/sys/windows/memory_windows.go b/vendor/golang.org/x/sys/windows/memory_windows.go index e409d76f0fde7..1adb60739a34b 100644 --- a/vendor/golang.org/x/sys/windows/memory_windows.go +++ b/vendor/golang.org/x/sys/windows/memory_windows.go @@ -16,13 +16,19 @@ const ( MEM_RESET_UNDO = 0x01000000 MEM_LARGE_PAGES = 0x20000000 - PAGE_NOACCESS = 0x01 - PAGE_READONLY = 0x02 - PAGE_READWRITE = 0x04 - PAGE_WRITECOPY = 0x08 - PAGE_EXECUTE_READ = 0x20 - PAGE_EXECUTE_READWRITE = 0x40 - PAGE_EXECUTE_WRITECOPY = 0x80 + PAGE_NOACCESS = 0x00000001 + PAGE_READONLY = 0x00000002 + PAGE_READWRITE = 0x00000004 + PAGE_WRITECOPY = 0x00000008 + PAGE_EXECUTE = 0x00000010 + PAGE_EXECUTE_READ = 0x00000020 + PAGE_EXECUTE_READWRITE = 0x00000040 + PAGE_EXECUTE_WRITECOPY = 0x00000080 + PAGE_GUARD = 0x00000100 + PAGE_NOCACHE = 0x00000200 + PAGE_WRITECOMBINE = 0x00000400 + PAGE_TARGETS_INVALID = 0x40000000 + PAGE_TARGETS_NO_UPDATE = 0x40000000 QUOTA_LIMITS_HARDWS_MIN_DISABLE = 0x00000002 QUOTA_LIMITS_HARDWS_MIN_ENABLE = 0x00000001 diff --git a/vendor/golang.org/x/sys/windows/registry/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/registry/zsyscall_windows.go index 5b02df23fd092..fc1835d8a233a 100644 --- a/vendor/golang.org/x/sys/windows/registry/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/registry/zsyscall_windows.go @@ -19,6 +19,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -26,7 +27,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return syscall.EINVAL + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go index 9e3c44a855708..69eb462c59a88 100644 --- a/vendor/golang.org/x/sys/windows/security_windows.go +++ b/vendor/golang.org/x/sys/windows/security_windows.go @@ -624,6 +624,7 @@ func (tml *Tokenmandatorylabel) Size() uint32 { // Authorization Functions //sys checkTokenMembership(tokenHandle Token, sidToCheck *SID, isMember *int32) (err error) = advapi32.CheckTokenMembership +//sys isTokenRestricted(tokenHandle Token) (ret bool, err error) [!failretval] = advapi32.IsTokenRestricted //sys OpenProcessToken(process Handle, access uint32, token *Token) (err error) = advapi32.OpenProcessToken //sys OpenThreadToken(thread Handle, access uint32, openAsSelf bool, token *Token) (err error) = advapi32.OpenThreadToken //sys ImpersonateSelf(impersonationlevel uint32) (err error) = advapi32.ImpersonateSelf @@ -837,6 +838,16 @@ func (t Token) IsMember(sid *SID) (bool, error) { return b != 0, nil } +// IsRestricted reports whether the access token t is a restricted token. +func (t Token) IsRestricted() (isRestricted bool, err error) { + isRestricted, err = isTokenRestricted(t) + if !isRestricted && err == syscall.EINVAL { + // If err is EINVAL, this returned ERROR_SUCCESS indicating a non-restricted token. + err = nil + } + return +} + const ( WTS_CONSOLE_CONNECT = 0x1 WTS_CONSOLE_DISCONNECT = 0x2 @@ -1103,9 +1114,10 @@ type OBJECTS_AND_NAME struct { } //sys getSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetSecurityInfo -//sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) = advapi32.SetSecurityInfo +//sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetSecurityInfo //sys getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetNamedSecurityInfoW //sys SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetNamedSecurityInfoW +//sys SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) = advapi32.SetKernelObjectSecurity //sys buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) = advapi32.BuildSecurityDescriptorW //sys initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) = advapi32.InitializeSecurityDescriptor diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go index f54ff90aacda9..b269850d0666e 100644 --- a/vendor/golang.org/x/sys/windows/service.go +++ b/vendor/golang.org/x/sys/windows/service.go @@ -128,6 +128,10 @@ const ( SERVICE_NOTIFY_CREATED = 0x00000080 SERVICE_NOTIFY_DELETED = 0x00000100 SERVICE_NOTIFY_DELETE_PENDING = 0x00000200 + + SC_EVENT_DATABASE_CHANGE = 0 + SC_EVENT_PROPERTY_CHANGE = 1 + SC_EVENT_STATUS_CHANGE = 2 ) type SERVICE_STATUS struct { @@ -229,3 +233,5 @@ type QUERY_SERVICE_LOCK_STATUS struct { //sys EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) = advapi32.EnumServicesStatusExW //sys QueryServiceStatusEx(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceStatusEx //sys NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) = advapi32.NotifyServiceStatusChangeW +//sys SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) = sechost.SubscribeServiceChangeNotifications? +//sys UnsubscribeServiceChangeNotifications(subscription uintptr) = sechost.UnsubscribeServiceChangeNotifications? diff --git a/vendor/golang.org/x/sys/windows/setupapierrors_windows.go b/vendor/golang.org/x/sys/windows/setupapierrors_windows.go new file mode 100644 index 0000000000000..1681810e04888 --- /dev/null +++ b/vendor/golang.org/x/sys/windows/setupapierrors_windows.go @@ -0,0 +1,100 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package windows + +import "syscall" + +const ( + ERROR_EXPECTED_SECTION_NAME syscall.Errno = 0x20000000 | 0xC0000000 | 0 + ERROR_BAD_SECTION_NAME_LINE syscall.Errno = 0x20000000 | 0xC0000000 | 1 + ERROR_SECTION_NAME_TOO_LONG syscall.Errno = 0x20000000 | 0xC0000000 | 2 + ERROR_GENERAL_SYNTAX syscall.Errno = 0x20000000 | 0xC0000000 | 3 + ERROR_WRONG_INF_STYLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x100 + ERROR_SECTION_NOT_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x101 + ERROR_LINE_NOT_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x102 + ERROR_NO_BACKUP syscall.Errno = 0x20000000 | 0xC0000000 | 0x103 + ERROR_NO_ASSOCIATED_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x200 + ERROR_CLASS_MISMATCH syscall.Errno = 0x20000000 | 0xC0000000 | 0x201 + ERROR_DUPLICATE_FOUND syscall.Errno = 0x20000000 | 0xC0000000 | 0x202 + ERROR_NO_DRIVER_SELECTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x203 + ERROR_KEY_DOES_NOT_EXIST syscall.Errno = 0x20000000 | 0xC0000000 | 0x204 + ERROR_INVALID_DEVINST_NAME syscall.Errno = 0x20000000 | 0xC0000000 | 0x205 + ERROR_INVALID_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x206 + ERROR_DEVINST_ALREADY_EXISTS syscall.Errno = 0x20000000 | 0xC0000000 | 0x207 + ERROR_DEVINFO_NOT_REGISTERED syscall.Errno = 0x20000000 | 0xC0000000 | 0x208 + ERROR_INVALID_REG_PROPERTY syscall.Errno = 0x20000000 | 0xC0000000 | 0x209 + ERROR_NO_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x20A + ERROR_NO_SUCH_DEVINST syscall.Errno = 0x20000000 | 0xC0000000 | 0x20B + ERROR_CANT_LOAD_CLASS_ICON syscall.Errno = 0x20000000 | 0xC0000000 | 0x20C + ERROR_INVALID_CLASS_INSTALLER syscall.Errno = 0x20000000 | 0xC0000000 | 0x20D + ERROR_DI_DO_DEFAULT syscall.Errno = 0x20000000 | 0xC0000000 | 0x20E + ERROR_DI_NOFILECOPY syscall.Errno = 0x20000000 | 0xC0000000 | 0x20F + ERROR_INVALID_HWPROFILE syscall.Errno = 0x20000000 | 0xC0000000 | 0x210 + ERROR_NO_DEVICE_SELECTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x211 + ERROR_DEVINFO_LIST_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x212 + ERROR_DEVINFO_DATA_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x213 + ERROR_DI_BAD_PATH syscall.Errno = 0x20000000 | 0xC0000000 | 0x214 + ERROR_NO_CLASSINSTALL_PARAMS syscall.Errno = 0x20000000 | 0xC0000000 | 0x215 + ERROR_FILEQUEUE_LOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x216 + ERROR_BAD_SERVICE_INSTALLSECT syscall.Errno = 0x20000000 | 0xC0000000 | 0x217 + ERROR_NO_CLASS_DRIVER_LIST syscall.Errno = 0x20000000 | 0xC0000000 | 0x218 + ERROR_NO_ASSOCIATED_SERVICE syscall.Errno = 0x20000000 | 0xC0000000 | 0x219 + ERROR_NO_DEFAULT_DEVICE_INTERFACE syscall.Errno = 0x20000000 | 0xC0000000 | 0x21A + ERROR_DEVICE_INTERFACE_ACTIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x21B + ERROR_DEVICE_INTERFACE_REMOVED syscall.Errno = 0x20000000 | 0xC0000000 | 0x21C + ERROR_BAD_INTERFACE_INSTALLSECT syscall.Errno = 0x20000000 | 0xC0000000 | 0x21D + ERROR_NO_SUCH_INTERFACE_CLASS syscall.Errno = 0x20000000 | 0xC0000000 | 0x21E + ERROR_INVALID_REFERENCE_STRING syscall.Errno = 0x20000000 | 0xC0000000 | 0x21F + ERROR_INVALID_MACHINENAME syscall.Errno = 0x20000000 | 0xC0000000 | 0x220 + ERROR_REMOTE_COMM_FAILURE syscall.Errno = 0x20000000 | 0xC0000000 | 0x221 + ERROR_MACHINE_UNAVAILABLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x222 + ERROR_NO_CONFIGMGR_SERVICES syscall.Errno = 0x20000000 | 0xC0000000 | 0x223 + ERROR_INVALID_PROPPAGE_PROVIDER syscall.Errno = 0x20000000 | 0xC0000000 | 0x224 + ERROR_NO_SUCH_DEVICE_INTERFACE syscall.Errno = 0x20000000 | 0xC0000000 | 0x225 + ERROR_DI_POSTPROCESSING_REQUIRED syscall.Errno = 0x20000000 | 0xC0000000 | 0x226 + ERROR_INVALID_COINSTALLER syscall.Errno = 0x20000000 | 0xC0000000 | 0x227 + ERROR_NO_COMPAT_DRIVERS syscall.Errno = 0x20000000 | 0xC0000000 | 0x228 + ERROR_NO_DEVICE_ICON syscall.Errno = 0x20000000 | 0xC0000000 | 0x229 + ERROR_INVALID_INF_LOGCONFIG syscall.Errno = 0x20000000 | 0xC0000000 | 0x22A + ERROR_DI_DONT_INSTALL syscall.Errno = 0x20000000 | 0xC0000000 | 0x22B + ERROR_INVALID_FILTER_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22C + ERROR_NON_WINDOWS_NT_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22D + ERROR_NON_WINDOWS_DRIVER syscall.Errno = 0x20000000 | 0xC0000000 | 0x22E + ERROR_NO_CATALOG_FOR_OEM_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x22F + ERROR_DEVINSTALL_QUEUE_NONNATIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x230 + ERROR_NOT_DISABLEABLE syscall.Errno = 0x20000000 | 0xC0000000 | 0x231 + ERROR_CANT_REMOVE_DEVINST syscall.Errno = 0x20000000 | 0xC0000000 | 0x232 + ERROR_INVALID_TARGET syscall.Errno = 0x20000000 | 0xC0000000 | 0x233 + ERROR_DRIVER_NONNATIVE syscall.Errno = 0x20000000 | 0xC0000000 | 0x234 + ERROR_IN_WOW64 syscall.Errno = 0x20000000 | 0xC0000000 | 0x235 + ERROR_SET_SYSTEM_RESTORE_POINT syscall.Errno = 0x20000000 | 0xC0000000 | 0x236 + ERROR_SCE_DISABLED syscall.Errno = 0x20000000 | 0xC0000000 | 0x238 + ERROR_UNKNOWN_EXCEPTION syscall.Errno = 0x20000000 | 0xC0000000 | 0x239 + ERROR_PNP_REGISTRY_ERROR syscall.Errno = 0x20000000 | 0xC0000000 | 0x23A + ERROR_REMOTE_REQUEST_UNSUPPORTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x23B + ERROR_NOT_AN_INSTALLED_OEM_INF syscall.Errno = 0x20000000 | 0xC0000000 | 0x23C + ERROR_INF_IN_USE_BY_DEVICES syscall.Errno = 0x20000000 | 0xC0000000 | 0x23D + ERROR_DI_FUNCTION_OBSOLETE syscall.Errno = 0x20000000 | 0xC0000000 | 0x23E + ERROR_NO_AUTHENTICODE_CATALOG syscall.Errno = 0x20000000 | 0xC0000000 | 0x23F + ERROR_AUTHENTICODE_DISALLOWED syscall.Errno = 0x20000000 | 0xC0000000 | 0x240 + ERROR_AUTHENTICODE_TRUSTED_PUBLISHER syscall.Errno = 0x20000000 | 0xC0000000 | 0x241 + ERROR_AUTHENTICODE_TRUST_NOT_ESTABLISHED syscall.Errno = 0x20000000 | 0xC0000000 | 0x242 + ERROR_AUTHENTICODE_PUBLISHER_NOT_TRUSTED syscall.Errno = 0x20000000 | 0xC0000000 | 0x243 + ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH syscall.Errno = 0x20000000 | 0xC0000000 | 0x244 + ERROR_ONLY_VALIDATE_VIA_AUTHENTICODE syscall.Errno = 0x20000000 | 0xC0000000 | 0x245 + ERROR_DEVICE_INSTALLER_NOT_READY syscall.Errno = 0x20000000 | 0xC0000000 | 0x246 + ERROR_DRIVER_STORE_ADD_FAILED syscall.Errno = 0x20000000 | 0xC0000000 | 0x247 + ERROR_DEVICE_INSTALL_BLOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x248 + ERROR_DRIVER_INSTALL_BLOCKED syscall.Errno = 0x20000000 | 0xC0000000 | 0x249 + ERROR_WRONG_INF_TYPE syscall.Errno = 0x20000000 | 0xC0000000 | 0x24A + ERROR_FILE_HASH_NOT_IN_CATALOG syscall.Errno = 0x20000000 | 0xC0000000 | 0x24B + ERROR_DRIVER_STORE_DELETE_FAILED syscall.Errno = 0x20000000 | 0xC0000000 | 0x24C + ERROR_UNRECOVERABLE_STACK_OVERFLOW syscall.Errno = 0x20000000 | 0xC0000000 | 0x300 + EXCEPTION_SPAPI_UNRECOVERABLE_STACK_OVERFLOW syscall.Errno = ERROR_UNRECOVERABLE_STACK_OVERFLOW + ERROR_NO_DEFAULT_INTERFACE_DEVICE syscall.Errno = ERROR_NO_DEFAULT_DEVICE_INTERFACE + ERROR_INTERFACE_DEVICE_ACTIVE syscall.Errno = ERROR_DEVICE_INTERFACE_ACTIVE + ERROR_INTERFACE_DEVICE_REMOVED syscall.Errno = ERROR_DEVICE_INTERFACE_REMOVED + ERROR_NO_SUCH_INTERFACE_DEVICE syscall.Errno = ERROR_NO_SUCH_DEVICE_INTERFACE +) diff --git a/vendor/golang.org/x/sys/windows/svc/mgr/config.go b/vendor/golang.org/x/sys/windows/svc/mgr/config.go index 30d392941016d..da4df6383db2d 100644 --- a/vendor/golang.org/x/sys/windows/svc/mgr/config.go +++ b/vendor/golang.org/x/sys/windows/svc/mgr/config.go @@ -98,6 +98,12 @@ func (s *Service) Config() (Config, error) { delayedStart = true } + b, err = s.queryServiceConfig2(windows.SERVICE_CONFIG_SERVICE_SID_INFO) + if err != nil { + return Config{}, err + } + sidType := *(*uint32)(unsafe.Pointer(&b[0])) + return Config{ ServiceType: p.ServiceType, StartType: p.StartType, @@ -110,6 +116,7 @@ func (s *Service) Config() (Config, error) { DisplayName: windows.UTF16PtrToString(p.DisplayName), Description: windows.UTF16PtrToString(p2.Description), DelayedAutoStart: delayedStart, + SidType: sidType, }, nil } diff --git a/vendor/golang.org/x/sys/windows/svc/mgr/mgr.go b/vendor/golang.org/x/sys/windows/svc/mgr/mgr.go index 9a454da6bf895..8e78daf3d01dd 100644 --- a/vendor/golang.org/x/sys/windows/svc/mgr/mgr.go +++ b/vendor/golang.org/x/sys/windows/svc/mgr/mgr.go @@ -117,9 +117,6 @@ func (m *Mgr) CreateService(name, exepath string, c Config, args ...string) (*Se if c.StartType == 0 { c.StartType = StartManual } - if c.ErrorControl == 0 { - c.ErrorControl = ErrorNormal - } if c.ServiceType == 0 { c.ServiceType = windows.SERVICE_WIN32_OWN_PROCESS } diff --git a/vendor/golang.org/x/sys/windows/svc/mgr/service.go b/vendor/golang.org/x/sys/windows/svc/mgr/service.go index ded1c7a476edd..aee2d3d205cb0 100644 --- a/vendor/golang.org/x/sys/windows/svc/mgr/service.go +++ b/vendor/golang.org/x/sys/windows/svc/mgr/service.go @@ -68,8 +68,10 @@ func (s *Service) Query() (svc.Status, error) { return svc.Status{}, err } return svc.Status{ - State: svc.State(t.CurrentState), - Accepts: svc.Accepted(t.ControlsAccepted), - ProcessId: t.ProcessId, + State: svc.State(t.CurrentState), + Accepts: svc.Accepted(t.ControlsAccepted), + ProcessId: t.ProcessId, + Win32ExitCode: t.Win32ExitCode, + ServiceSpecificExitCode: t.ServiceSpecificExitCode, }, nil } diff --git a/vendor/golang.org/x/sys/windows/svc/service.go b/vendor/golang.org/x/sys/windows/svc/service.go index f7f4ff5b514eb..3748528636d6f 100644 --- a/vendor/golang.org/x/sys/windows/svc/service.go +++ b/vendor/golang.org/x/sys/windows/svc/service.go @@ -71,11 +71,13 @@ const ( // Status combines State and Accepted commands to fully describe running service. type Status struct { - State State - Accepts Accepted - CheckPoint uint32 // used to report progress during a lengthy operation - WaitHint uint32 // estimated time required for a pending operation, in milliseconds - ProcessId uint32 // if the service is running, the process identifier of it, and otherwise zero + State State + Accepts Accepted + CheckPoint uint32 // used to report progress during a lengthy operation + WaitHint uint32 // estimated time required for a pending operation, in milliseconds + ProcessId uint32 // if the service is running, the process identifier of it, and otherwise zero + Win32ExitCode uint32 // set if the service has exited with a win32 exit code + ServiceSpecificExitCode uint32 // set if the service has exited with a service-specific exit code } // ChangeRequest is sent to the service Handler to request service status change. diff --git a/vendor/golang.org/x/sys/windows/syscall.go b/vendor/golang.org/x/sys/windows/syscall.go index af828a91bcf3f..6122f557a097a 100644 --- a/vendor/golang.org/x/sys/windows/syscall.go +++ b/vendor/golang.org/x/sys/windows/syscall.go @@ -25,17 +25,20 @@ package windows // import "golang.org/x/sys/windows" import ( + "bytes" + "strings" "syscall" + "unsafe" + + "golang.org/x/sys/internal/unsafeheader" ) // ByteSliceFromString returns a NUL-terminated slice of bytes // containing the text of s. If s contains a NUL byte at any // location, it returns (nil, syscall.EINVAL). func ByteSliceFromString(s string) ([]byte, error) { - for i := 0; i < len(s); i++ { - if s[i] == 0 { - return nil, syscall.EINVAL - } + if strings.IndexByte(s, 0) != -1 { + return nil, syscall.EINVAL } a := make([]byte, len(s)+1) copy(a, s) @@ -53,6 +56,41 @@ func BytePtrFromString(s string) (*byte, error) { return &a[0], nil } +// ByteSliceToString returns a string form of the text represented by the slice s, with a terminating NUL and any +// bytes after the NUL removed. +func ByteSliceToString(s []byte) string { + if i := bytes.IndexByte(s, 0); i != -1 { + s = s[:i] + } + return string(s) +} + +// BytePtrToString takes a pointer to a sequence of text and returns the corresponding string. +// If the pointer is nil, it returns the empty string. It assumes that the text sequence is terminated +// at a zero byte; if the zero byte is not present, the program may crash. +func BytePtrToString(p *byte) string { + if p == nil { + return "" + } + if *p == 0 { + return "" + } + + // Find NUL terminator. + n := 0 + for ptr := unsafe.Pointer(p); *(*byte)(ptr) != 0; n++ { + ptr = unsafe.Pointer(uintptr(ptr) + 1) + } + + var s []byte + h := (*unsafeheader.Slice)(unsafe.Pointer(&s)) + h.Data = unsafe.Pointer(p) + h.Len = n + h.Cap = n + + return string(s) +} + // Single-word zero for use when we need a valid pointer to 0 bytes. // See mksyscall.pl. var _zero uintptr diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index bbd075dfec20a..d249919c30f07 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -18,6 +18,7 @@ import ( ) type Handle uintptr +type HWND uintptr const ( InvalidHandle = ^Handle(0) @@ -92,11 +93,11 @@ func UTF16FromString(s string) ([]uint16, error) { } // UTF16ToString returns the UTF-8 encoding of the UTF-16 sequence s, -// with a terminating NUL removed. +// with a terminating NUL and any bytes after the NUL removed. func UTF16ToString(s []uint16) string { for i, v := range s { if v == 0 { - s = s[0:i] + s = s[:i] break } } @@ -120,7 +121,7 @@ func UTF16PtrFromString(s string) (*uint16, error) { } // UTF16PtrToString takes a pointer to a UTF-16 sequence and returns the corresponding UTF-8 encoded string. -// If the pointer is nil, this returns the empty string. This assumes that the UTF-16 sequence is terminated +// If the pointer is nil, it returns the empty string. It assumes that the UTF-16 sequence is terminated // at a zero word; if the zero word is not present, the program may crash. func UTF16PtrToString(p *uint16) string { if p == nil { @@ -170,10 +171,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetProcAddress(module Handle, procname string) (proc uintptr, err error) //sys GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW //sys GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW +//sys SetDefaultDllDirectories(directoryFlags uint32) (err error) +//sys SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW //sys GetVersion() (ver uint32, err error) //sys FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW //sys ExitProcess(exitcode uint32) //sys IsWow64Process(handle Handle, isWow64 *bool) (err error) = IsWow64Process +//sys IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) = IsWow64Process2? //sys CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW //sys ReadFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) //sys WriteFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error) @@ -187,6 +191,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys FindClose(handle Handle) (err error) //sys GetFileInformationByHandle(handle Handle, data *ByHandleFileInformation) (err error) //sys GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte, outBufferLen uint32) (err error) +//sys SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error) //sys GetCurrentDirectory(buflen uint32, buf *uint16) (n uint32, err error) = GetCurrentDirectoryW //sys SetCurrentDirectory(path *uint16) (err error) = SetCurrentDirectoryW //sys CreateDirectory(path *uint16, sa *SecurityAttributes) (err error) = CreateDirectoryW @@ -210,6 +215,10 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW //sys OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error) //sys ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW +//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) = user32.GetWindowThreadProcessId +//sys GetShellWindow() (shellWindow HWND) = user32.GetShellWindow +//sys MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW +//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx //sys shGetKnownFolderPath(id *KNOWNFOLDERID, flags uint32, token Token, path **uint16) (ret error) = shell32.SHGetKnownFolderPath //sys TerminateProcess(handle Handle, exitcode uint32) (err error) //sys GetExitCodeProcess(handle Handle, exitcode *uint32) (err error) @@ -243,6 +252,7 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) = kernel32.GetFullPathNameW //sys GetLongPathName(path *uint16, buf *uint16, buflen uint32) (n uint32, err error) = kernel32.GetLongPathNameW //sys GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uint32, err error) = kernel32.GetShortPathNameW +//sys GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) = kernel32.GetFinalPathNameByHandleW //sys CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) = kernel32.CreateFileMappingW //sys MapViewOfFile(handle Handle, access uint32, offsetHigh uint32, offsetLow uint32, length uintptr) (addr uintptr, err error) //sys UnmapViewOfFile(addr uintptr) (err error) @@ -255,10 +265,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile //sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW //sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW -//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) [failretval==InvalidHandle] = crypt32.CertOpenStore +//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore //sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore //sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore //sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore +//sys CertDeleteCertificateFromStore(certContext *CertContext) (err error) = crypt32.CertDeleteCertificateFromStore +//sys CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) = crypt32.CertDuplicateCertificateContext +//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore //sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain //sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain //sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext @@ -269,12 +282,13 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW //sys RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reserved *uint32, class *uint16, classLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegEnumKeyExW //sys RegQueryValueEx(key Handle, name *uint16, reserved *uint32, valtype *uint32, buf *byte, buflen *uint32) (regerrno error) = advapi32.RegQueryValueExW +//sys RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) = advapi32.RegNotifyChangeKeyValue //sys GetCurrentProcessId() (pid uint32) = kernel32.GetCurrentProcessId //sys ProcessIdToSessionId(pid uint32, sessionid *uint32) (err error) = kernel32.ProcessIdToSessionId //sys GetConsoleMode(console Handle, mode *uint32) (err error) = kernel32.GetConsoleMode //sys SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode //sys GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo -//sys SetConsoleCursorPosition(console Handle, position Coord) (err error) = kernel32.SetConsoleCursorPosition +//sys setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition //sys WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW //sys ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW //sys CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.CreateToolhelp32Snapshot @@ -335,8 +349,6 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) [failretval==0] = QueryDosDeviceW //sys SetVolumeLabel(rootPathName *uint16, volumeName *uint16) (err error) = SetVolumeLabelW //sys SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err error) = SetVolumeMountPointW -//sys MessageBox(hwnd Handle, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW -//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx //sys InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint32, forceAppsClosed bool, rebootAfterShutdown bool, reason uint32) (err error) = advapi32.InitiateSystemShutdownExW //sys SetProcessShutdownParameters(level uint32, flags uint32) (err error) = kernel32.SetProcessShutdownParameters //sys GetProcessShutdownParameters(level *uint32, flags *uint32) (err error) = kernel32.GetProcessShutdownParameters @@ -1478,3 +1490,7 @@ func getUILanguages(flags uint32, f func(flags uint32, numLanguages *uint32, buf return languages, nil } } + +func SetConsoleCursorPosition(console Handle, position Coord) error { + return setConsoleCursorPosition(console, *((*uint32)(unsafe.Pointer(&position)))) +} diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go index da1652e74b013..b3bd0da42722a 100644 --- a/vendor/golang.org/x/sys/windows/types_windows.go +++ b/vendor/golang.org/x/sys/windows/types_windows.go @@ -249,24 +249,27 @@ const ( const ( // wincrypt.h - PROV_RSA_FULL = 1 - PROV_RSA_SIG = 2 - PROV_DSS = 3 - PROV_FORTEZZA = 4 - PROV_MS_EXCHANGE = 5 - PROV_SSL = 6 - PROV_RSA_SCHANNEL = 12 - PROV_DSS_DH = 13 - PROV_EC_ECDSA_SIG = 14 - PROV_EC_ECNRA_SIG = 15 - PROV_EC_ECDSA_FULL = 16 - PROV_EC_ECNRA_FULL = 17 - PROV_DH_SCHANNEL = 18 - PROV_SPYRUS_LYNKS = 20 - PROV_RNG = 21 - PROV_INTEL_SEC = 22 - PROV_REPLACE_OWF = 23 - PROV_RSA_AES = 24 + /* certenrolld_begin -- PROV_RSA_*/ + PROV_RSA_FULL = 1 + PROV_RSA_SIG = 2 + PROV_DSS = 3 + PROV_FORTEZZA = 4 + PROV_MS_EXCHANGE = 5 + PROV_SSL = 6 + PROV_RSA_SCHANNEL = 12 + PROV_DSS_DH = 13 + PROV_EC_ECDSA_SIG = 14 + PROV_EC_ECNRA_SIG = 15 + PROV_EC_ECDSA_FULL = 16 + PROV_EC_ECNRA_FULL = 17 + PROV_DH_SCHANNEL = 18 + PROV_SPYRUS_LYNKS = 20 + PROV_RNG = 21 + PROV_INTEL_SEC = 22 + PROV_REPLACE_OWF = 23 + PROV_RSA_AES = 24 + + /* dwFlags definitions for CryptAcquireContext */ CRYPT_VERIFYCONTEXT = 0xF0000000 CRYPT_NEWKEYSET = 0x00000008 CRYPT_DELETEKEYSET = 0x00000010 @@ -274,6 +277,17 @@ const ( CRYPT_SILENT = 0x00000040 CRYPT_DEFAULT_CONTAINER_OPTIONAL = 0x00000080 + /* Flags for PFXImportCertStore */ + CRYPT_EXPORTABLE = 0x00000001 + CRYPT_USER_PROTECTED = 0x00000002 + CRYPT_USER_KEYSET = 0x00001000 + PKCS12_PREFER_CNG_KSP = 0x00000100 + PKCS12_ALWAYS_CNG_KSP = 0x00000200 + PKCS12_ALLOW_OVERWRITE_KEY = 0x00004000 + PKCS12_NO_PERSIST_KEY = 0x00008000 + PKCS12_INCLUDE_EXTENDED_PROPERTIES = 0x00000010 + + /* Default usage match type is AND with value zero */ USAGE_MATCH_TYPE_AND = 0 USAGE_MATCH_TYPE_OR = 1 @@ -409,6 +423,10 @@ const ( CERT_CHAIN_POLICY_EV = 8 CERT_CHAIN_POLICY_SSL_F12 = 9 + /* Certificate Store close flags */ + CERT_CLOSE_STORE_FORCE_FLAG = 0x00000001 + CERT_CLOSE_STORE_CHECK_FLAG = 0x00000002 + /* AuthType values for SSLExtraCertChainPolicyPara struct */ AUTHTYPE_CLIENT = 1 AUTHTYPE_SERVER = 2 @@ -1139,6 +1157,11 @@ type CertChainPolicyStatus struct { ExtraPolicyStatus Pointer } +type CryptDataBlob struct { + Size uint32 + Data *byte +} + const ( // do not reorder HKEY_CLASSES_ROOT = 0x80000000 + iota @@ -1772,3 +1795,69 @@ const ( MUI_LANGUAGE_INSTALLED = 0x20 MUI_LANGUAGE_LICENSED = 0x40 ) + +// FILE_INFO_BY_HANDLE_CLASS constants for SetFileInformationByHandle/GetFileInformationByHandleEx +const ( + FileBasicInfo = 0 + FileStandardInfo = 1 + FileNameInfo = 2 + FileRenameInfo = 3 + FileDispositionInfo = 4 + FileAllocationInfo = 5 + FileEndOfFileInfo = 6 + FileStreamInfo = 7 + FileCompressionInfo = 8 + FileAttributeTagInfo = 9 + FileIdBothDirectoryInfo = 10 + FileIdBothDirectoryRestartInfo = 11 + FileIoPriorityHintInfo = 12 + FileRemoteProtocolInfo = 13 + FileFullDirectoryInfo = 14 + FileFullDirectoryRestartInfo = 15 + FileStorageInfo = 16 + FileAlignmentInfo = 17 + FileIdInfo = 18 + FileIdExtdDirectoryInfo = 19 + FileIdExtdDirectoryRestartInfo = 20 + FileDispositionInfoEx = 21 + FileRenameInfoEx = 22 + FileCaseSensitiveInfo = 23 + FileNormalizedNameInfo = 24 +) + +// LoadLibrary flags for determining from where to search for a DLL +const ( + DONT_RESOLVE_DLL_REFERENCES = 0x1 + LOAD_LIBRARY_AS_DATAFILE = 0x2 + LOAD_WITH_ALTERED_SEARCH_PATH = 0x8 + LOAD_IGNORE_CODE_AUTHZ_LEVEL = 0x10 + LOAD_LIBRARY_AS_IMAGE_RESOURCE = 0x20 + LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE = 0x40 + LOAD_LIBRARY_REQUIRE_SIGNED_TARGET = 0x80 + LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR = 0x100 + LOAD_LIBRARY_SEARCH_APPLICATION_DIR = 0x200 + LOAD_LIBRARY_SEARCH_USER_DIRS = 0x400 + LOAD_LIBRARY_SEARCH_SYSTEM32 = 0x800 + LOAD_LIBRARY_SEARCH_DEFAULT_DIRS = 0x1000 + LOAD_LIBRARY_SAFE_CURRENT_DIRS = 0x00002000 + LOAD_LIBRARY_SEARCH_SYSTEM32_NO_FORWARDER = 0x00004000 + LOAD_LIBRARY_OS_INTEGRITY_CONTINUITY = 0x00008000 +) + +// RegNotifyChangeKeyValue notifyFilter flags. +const ( + // REG_NOTIFY_CHANGE_NAME notifies the caller if a subkey is added or deleted. + REG_NOTIFY_CHANGE_NAME = 0x00000001 + + // REG_NOTIFY_CHANGE_ATTRIBUTES notifies the caller of changes to the attributes of the key, such as the security descriptor information. + REG_NOTIFY_CHANGE_ATTRIBUTES = 0x00000002 + + // REG_NOTIFY_CHANGE_LAST_SET notifies the caller of changes to a value of the key. This can include adding or deleting a value, or changing an existing value. + REG_NOTIFY_CHANGE_LAST_SET = 0x00000004 + + // REG_NOTIFY_CHANGE_SECURITY notifies the caller of changes to the security descriptor of the key. + REG_NOTIFY_CHANGE_SECURITY = 0x00000008 + + // REG_NOTIFY_THREAD_AGNOSTIC indicates that the lifetime of the registration must not be tied to the lifetime of the thread issuing the RegNotifyChangeKeyValue call. Note: This flag value is only supported in Windows 8 and later. + REG_NOTIFY_THREAD_AGNOSTIC = 0x10000000 +) diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index a25f09676de3a..cd5e8528cd799 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -17,6 +17,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -24,7 +25,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return syscall.EINVAL + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } @@ -45,6 +46,7 @@ var ( modntdll = NewLazySystemDLL("ntdll.dll") modole32 = NewLazySystemDLL("ole32.dll") modpsapi = NewLazySystemDLL("psapi.dll") + modsechost = NewLazySystemDLL("sechost.dll") modsecur32 = NewLazySystemDLL("secur32.dll") modshell32 = NewLazySystemDLL("shell32.dll") moduser32 = NewLazySystemDLL("user32.dll") @@ -94,6 +96,7 @@ var ( procImpersonateSelf = modadvapi32.NewProc("ImpersonateSelf") procInitializeSecurityDescriptor = modadvapi32.NewProc("InitializeSecurityDescriptor") procInitiateSystemShutdownExW = modadvapi32.NewProc("InitiateSystemShutdownExW") + procIsTokenRestricted = modadvapi32.NewProc("IsTokenRestricted") procIsValidSecurityDescriptor = modadvapi32.NewProc("IsValidSecurityDescriptor") procIsValidSid = modadvapi32.NewProc("IsValidSid") procIsWellKnownSid = modadvapi32.NewProc("IsWellKnownSid") @@ -114,6 +117,7 @@ var ( procQueryServiceStatusEx = modadvapi32.NewProc("QueryServiceStatusEx") procRegCloseKey = modadvapi32.NewProc("RegCloseKey") procRegEnumKeyExW = modadvapi32.NewProc("RegEnumKeyExW") + procRegNotifyChangeKeyValue = modadvapi32.NewProc("RegNotifyChangeKeyValue") procRegOpenKeyExW = modadvapi32.NewProc("RegOpenKeyExW") procRegQueryInfoKeyW = modadvapi32.NewProc("RegQueryInfoKeyW") procRegQueryValueExW = modadvapi32.NewProc("RegQueryValueExW") @@ -121,6 +125,7 @@ var ( procReportEventW = modadvapi32.NewProc("ReportEventW") procRevertToSelf = modadvapi32.NewProc("RevertToSelf") procSetEntriesInAclW = modadvapi32.NewProc("SetEntriesInAclW") + procSetKernelObjectSecurity = modadvapi32.NewProc("SetKernelObjectSecurity") procSetNamedSecurityInfoW = modadvapi32.NewProc("SetNamedSecurityInfoW") procSetSecurityDescriptorControl = modadvapi32.NewProc("SetSecurityDescriptorControl") procSetSecurityDescriptorDacl = modadvapi32.NewProc("SetSecurityDescriptorDacl") @@ -137,6 +142,8 @@ var ( procCertAddCertificateContextToStore = modcrypt32.NewProc("CertAddCertificateContextToStore") procCertCloseStore = modcrypt32.NewProc("CertCloseStore") procCertCreateCertificateContext = modcrypt32.NewProc("CertCreateCertificateContext") + procCertDeleteCertificateFromStore = modcrypt32.NewProc("CertDeleteCertificateFromStore") + procCertDuplicateCertificateContext = modcrypt32.NewProc("CertDuplicateCertificateContext") procCertEnumCertificatesInStore = modcrypt32.NewProc("CertEnumCertificatesInStore") procCertFreeCertificateChain = modcrypt32.NewProc("CertFreeCertificateChain") procCertFreeCertificateContext = modcrypt32.NewProc("CertFreeCertificateContext") @@ -144,6 +151,7 @@ var ( procCertOpenStore = modcrypt32.NewProc("CertOpenStore") procCertOpenSystemStoreW = modcrypt32.NewProc("CertOpenSystemStoreW") procCertVerifyCertificateChainPolicy = modcrypt32.NewProc("CertVerifyCertificateChainPolicy") + procPFXImportCertStore = modcrypt32.NewProc("PFXImportCertStore") procDnsNameCompare_W = moddnsapi.NewProc("DnsNameCompare_W") procDnsQuery_W = moddnsapi.NewProc("DnsQuery_W") procDnsRecordListFree = moddnsapi.NewProc("DnsRecordListFree") @@ -208,6 +216,7 @@ var ( procGetFileInformationByHandle = modkernel32.NewProc("GetFileInformationByHandle") procGetFileInformationByHandleEx = modkernel32.NewProc("GetFileInformationByHandleEx") procGetFileType = modkernel32.NewProc("GetFileType") + procGetFinalPathNameByHandleW = modkernel32.NewProc("GetFinalPathNameByHandleW") procGetFullPathNameW = modkernel32.NewProc("GetFullPathNameW") procGetLastError = modkernel32.NewProc("GetLastError") procGetLogicalDriveStringsW = modkernel32.NewProc("GetLogicalDriveStringsW") @@ -245,6 +254,7 @@ var ( procGetVolumePathNamesForVolumeNameW = modkernel32.NewProc("GetVolumePathNamesForVolumeNameW") procGetWindowsDirectoryW = modkernel32.NewProc("GetWindowsDirectoryW") procIsWow64Process = modkernel32.NewProc("IsWow64Process") + procIsWow64Process2 = modkernel32.NewProc("IsWow64Process2") procLoadLibraryExW = modkernel32.NewProc("LoadLibraryExW") procLoadLibraryW = modkernel32.NewProc("LoadLibraryW") procLocalFree = modkernel32.NewProc("LocalFree") @@ -274,12 +284,15 @@ var ( procSetConsoleCursorPosition = modkernel32.NewProc("SetConsoleCursorPosition") procSetConsoleMode = modkernel32.NewProc("SetConsoleMode") procSetCurrentDirectoryW = modkernel32.NewProc("SetCurrentDirectoryW") + procSetDefaultDllDirectories = modkernel32.NewProc("SetDefaultDllDirectories") + procSetDllDirectoryW = modkernel32.NewProc("SetDllDirectoryW") procSetEndOfFile = modkernel32.NewProc("SetEndOfFile") procSetEnvironmentVariableW = modkernel32.NewProc("SetEnvironmentVariableW") procSetErrorMode = modkernel32.NewProc("SetErrorMode") procSetEvent = modkernel32.NewProc("SetEvent") procSetFileAttributesW = modkernel32.NewProc("SetFileAttributesW") procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes") + procSetFileInformationByHandle = modkernel32.NewProc("SetFileInformationByHandle") procSetFilePointer = modkernel32.NewProc("SetFilePointer") procSetFileTime = modkernel32.NewProc("SetFileTime") procSetHandleInformation = modkernel32.NewProc("SetHandleInformation") @@ -320,12 +333,16 @@ var ( procCoTaskMemFree = modole32.NewProc("CoTaskMemFree") procStringFromGUID2 = modole32.NewProc("StringFromGUID2") procEnumProcesses = modpsapi.NewProc("EnumProcesses") + procSubscribeServiceChangeNotifications = modsechost.NewProc("SubscribeServiceChangeNotifications") + procUnsubscribeServiceChangeNotifications = modsechost.NewProc("UnsubscribeServiceChangeNotifications") procGetUserNameExW = modsecur32.NewProc("GetUserNameExW") procTranslateNameW = modsecur32.NewProc("TranslateNameW") procCommandLineToArgvW = modshell32.NewProc("CommandLineToArgvW") procSHGetKnownFolderPath = modshell32.NewProc("SHGetKnownFolderPath") procShellExecuteW = modshell32.NewProc("ShellExecuteW") procExitWindowsEx = moduser32.NewProc("ExitWindowsEx") + procGetShellWindow = moduser32.NewProc("GetShellWindow") + procGetWindowThreadProcessId = moduser32.NewProc("GetWindowThreadProcessId") procMessageBoxW = moduser32.NewProc("MessageBoxW") procCreateEnvironmentBlock = moduserenv.NewProc("CreateEnvironmentBlock") procDestroyEnvironmentBlock = moduserenv.NewProc("DestroyEnvironmentBlock") @@ -750,6 +767,15 @@ func InitiateSystemShutdownEx(machineName *uint16, message *uint16, timeout uint return } +func isTokenRestricted(tokenHandle Token) (ret bool, err error) { + r0, _, e1 := syscall.Syscall(procIsTokenRestricted.Addr(), 1, uintptr(tokenHandle), 0, 0) + ret = r0 != 0 + if !ret { + err = errnoErr(e1) + } + return +} + func isValidSecurityDescriptor(sd *SECURITY_DESCRIPTOR) (isValid bool) { r0, _, _ := syscall.Syscall(procIsValidSecurityDescriptor.Addr(), 1, uintptr(unsafe.Pointer(sd)), 0, 0) isValid = r0 != 0 @@ -910,6 +936,22 @@ func RegEnumKeyEx(key Handle, index uint32, name *uint16, nameLen *uint32, reser return } +func RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) { + var _p0 uint32 + if watchSubtree { + _p0 = 1 + } + var _p1 uint32 + if asynchronous { + _p1 = 1 + } + r0, _, _ := syscall.Syscall6(procRegNotifyChangeKeyValue.Addr(), 5, uintptr(key), uintptr(_p0), uintptr(notifyFilter), uintptr(event), uintptr(_p1), 0) + if r0 != 0 { + regerrno = syscall.Errno(r0) + } + return +} + func RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) { r0, _, _ := syscall.Syscall6(procRegOpenKeyExW.Addr(), 5, uintptr(key), uintptr(unsafe.Pointer(subkey)), uintptr(options), uintptr(desiredAccess), uintptr(unsafe.Pointer(result)), 0) if r0 != 0 { @@ -967,6 +1009,14 @@ func setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCE return } +func SetKernelObjectSecurity(handle Handle, securityInformation SECURITY_INFORMATION, securityDescriptor *SECURITY_DESCRIPTOR) (err error) { + r1, _, e1 := syscall.Syscall(procSetKernelObjectSecurity.Addr(), 3, uintptr(handle), uintptr(securityInformation), uintptr(unsafe.Pointer(securityDescriptor))) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) { var _p0 *uint16 _p0, ret = syscall.UTF16PtrFromString(objectName) @@ -1053,8 +1103,11 @@ func setSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent bool, sacl * return } -func SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) { - syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0) +func SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) { + r0, _, _ := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(owner)), uintptr(unsafe.Pointer(group)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0) + if r0 != 0 { + ret = syscall.Errno(r0) + } return } @@ -1123,6 +1176,20 @@ func CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, en return } +func CertDeleteCertificateFromStore(certContext *CertContext) (err error) { + r1, _, e1 := syscall.Syscall(procCertDeleteCertificateFromStore.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + +func CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) { + r0, _, _ := syscall.Syscall(procCertDuplicateCertificateContext.Addr(), 1, uintptr(unsafe.Pointer(certContext)), 0, 0) + dupContext = (*CertContext)(unsafe.Pointer(r0)) + return +} + func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) { r0, _, e1 := syscall.Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0) context = (*CertContext)(unsafe.Pointer(r0)) @@ -1156,7 +1223,7 @@ func CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, a func CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) { r0, _, e1 := syscall.Syscall6(procCertOpenStore.Addr(), 5, uintptr(storeProvider), uintptr(msgAndCertEncodingType), uintptr(cryptProv), uintptr(flags), uintptr(para), 0) handle = Handle(r0) - if handle == InvalidHandle { + if handle == 0 { err = errnoErr(e1) } return @@ -1179,6 +1246,15 @@ func CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext return } +func PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) { + r0, _, e1 := syscall.Syscall(procPFXImportCertStore.Addr(), 3, uintptr(unsafe.Pointer(pfx)), uintptr(unsafe.Pointer(password)), uintptr(flags)) + store = Handle(r0) + if store == 0 { + err = errnoErr(e1) + } + return +} + func DnsNameCompare(name1 *uint16, name2 *uint16) (same bool) { r0, _, _ := syscall.Syscall(procDnsNameCompare_W.Addr(), 2, uintptr(unsafe.Pointer(name1)), uintptr(unsafe.Pointer(name2)), 0) same = r0 != 0 @@ -1716,6 +1792,15 @@ func GetFileType(filehandle Handle) (n uint32, err error) { return } +func GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) { + r0, _, e1 := syscall.Syscall6(procGetFinalPathNameByHandleW.Addr(), 4, uintptr(file), uintptr(unsafe.Pointer(filePath)), uintptr(filePathSize), uintptr(flags), 0, 0) + n = uint32(r0) + if n == 0 { + err = errnoErr(e1) + } + return +} + func GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) { r0, _, e1 := syscall.Syscall6(procGetFullPathNameW.Addr(), 4, uintptr(unsafe.Pointer(path)), uintptr(buflen), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(fname)), 0, 0) n = uint32(r0) @@ -2035,6 +2120,18 @@ func IsWow64Process(handle Handle, isWow64 *bool) (err error) { return } +func IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) { + err = procIsWow64Process2.Find() + if err != nil { + return + } + r1, _, e1 := syscall.Syscall(procIsWow64Process2.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(processMachine)), uintptr(unsafe.Pointer(nativeMachine))) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func LoadLibraryEx(libname string, zero Handle, flags uintptr) (handle Handle, err error) { var _p0 *uint16 _p0, err = syscall.UTF16PtrFromString(libname) @@ -2296,8 +2393,8 @@ func ResumeThread(thread Handle) (ret uint32, err error) { return } -func SetConsoleCursorPosition(console Handle, position Coord) (err error) { - r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(*((*uint32)(unsafe.Pointer(&position)))), 0) +func setConsoleCursorPosition(console Handle, position uint32) (err error) { + r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(position), 0) if r1 == 0 { err = errnoErr(e1) } @@ -2320,6 +2417,31 @@ func SetCurrentDirectory(path *uint16) (err error) { return } +func SetDefaultDllDirectories(directoryFlags uint32) (err error) { + r1, _, e1 := syscall.Syscall(procSetDefaultDllDirectories.Addr(), 1, uintptr(directoryFlags), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + +func SetDllDirectory(path string) (err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(path) + if err != nil { + return + } + return _SetDllDirectory(_p0) +} + +func _SetDllDirectory(path *uint16) (err error) { + r1, _, e1 := syscall.Syscall(procSetDllDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetEndOfFile(handle Handle) (err error) { r1, _, e1 := syscall.Syscall(procSetEndOfFile.Addr(), 1, uintptr(handle), 0, 0) if r1 == 0 { @@ -2366,6 +2488,14 @@ func SetFileCompletionNotificationModes(handle Handle, flags uint8) (err error) return } +func SetFileInformationByHandle(handle Handle, class uint32, inBuffer *byte, inBufferLen uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procSetFileInformationByHandle.Addr(), 4, uintptr(handle), uintptr(class), uintptr(unsafe.Pointer(inBuffer)), uintptr(inBufferLen), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func SetFilePointer(handle Handle, lowoffset int32, highoffsetptr *int32, whence uint32) (newlowoffset uint32, err error) { r0, _, e1 := syscall.Syscall6(procSetFilePointer.Addr(), 4, uintptr(handle), uintptr(lowoffset), uintptr(unsafe.Pointer(highoffsetptr)), uintptr(whence), 0, 0) newlowoffset = uint32(r0) @@ -2698,6 +2828,27 @@ func EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) { return } +func SubscribeServiceChangeNotifications(service Handle, eventType uint32, callback uintptr, callbackCtx uintptr, subscription *uintptr) (ret error) { + ret = procSubscribeServiceChangeNotifications.Find() + if ret != nil { + return + } + r0, _, _ := syscall.Syscall6(procSubscribeServiceChangeNotifications.Addr(), 5, uintptr(service), uintptr(eventType), uintptr(callback), uintptr(callbackCtx), uintptr(unsafe.Pointer(subscription)), 0) + if r0 != 0 { + ret = syscall.Errno(r0) + } + return +} + +func UnsubscribeServiceChangeNotifications(subscription uintptr) (err error) { + err = procUnsubscribeServiceChangeNotifications.Find() + if err != nil { + return + } + syscall.Syscall(procUnsubscribeServiceChangeNotifications.Addr(), 1, uintptr(subscription), 0, 0) + return +} + func GetUserNameEx(nameFormat uint32, nameBuffre *uint16, nSize *uint32) (err error) { r1, _, e1 := syscall.Syscall(procGetUserNameExW.Addr(), 3, uintptr(nameFormat), uintptr(unsafe.Pointer(nameBuffre)), uintptr(unsafe.Pointer(nSize))) if r1&0xff == 0 { @@ -2747,7 +2898,19 @@ func ExitWindowsEx(flags uint32, reason uint32) (err error) { return } -func MessageBox(hwnd Handle, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) { +func GetShellWindow() (shellWindow HWND) { + r0, _, _ := syscall.Syscall(procGetShellWindow.Addr(), 0, 0, 0, 0) + shellWindow = HWND(r0) + return +} + +func GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) { + r0, _, _ := syscall.Syscall(procGetWindowThreadProcessId.Addr(), 2, uintptr(hwnd), uintptr(unsafe.Pointer(pid)), 0) + tid = uint32(r0) + return +} + +func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) { r0, _, e1 := syscall.Syscall6(procMessageBoxW.Addr(), 4, uintptr(hwnd), uintptr(unsafe.Pointer(text)), uintptr(unsafe.Pointer(caption)), uintptr(boxtype), 0, 0) ret = int32(r0) if ret == 0 { From 58283298d7480848401ef63d47a1243e044aef44 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 28 Jan 2021 15:19:43 +0900 Subject: [PATCH 008/252] rootless: set systemd KillMode to mixed Now `systemctl --user stop docker` completes just with in 1 or 2 seconds. Fix issue 41944 ("Docker rootless does not exit properly if containers are running") See systemd.kill(5) https://www.freedesktop.org/software/systemd/man/systemd.kill.html Signed-off-by: Akihiro Suda (cherry picked from commit 05566adf716e85cdd5b512bc5fad4689e78c56fc) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless-setuptool.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/dockerd-rootless-setuptool.sh b/contrib/dockerd-rootless-setuptool.sh index 92279b0daa299..b9dcb4f92570c 100755 --- a/contrib/dockerd-rootless-setuptool.sh +++ b/contrib/dockerd-rootless-setuptool.sh @@ -307,6 +307,7 @@ install_systemd() { TasksMax=infinity Delegate=yes Type=simple + KillMode=mixed [Install] WantedBy=default.target From a287e76e1506ca5e38ae16a5392bd6889dc3984a Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 19 Jan 2021 12:52:53 +0900 Subject: [PATCH 009/252] pkg/archive: allow mknodding FIFO inside userns Fix #41803 Also attempt to mknod devices. Mknodding devices are likely to fail, but still worth trying when running with a seccomp user notification. Signed-off-by: Akihiro Suda (cherry picked from commit d5d5cccb7ee1d081edd24391bd2b3da9db5f3373) Signed-off-by: Akihiro Suda --- pkg/archive/archive_unix.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkg/archive/archive_unix.go b/pkg/archive/archive_unix.go index 900661423d83a..0b92bb0f4a3b9 100644 --- a/pkg/archive/archive_unix.go +++ b/pkg/archive/archive_unix.go @@ -81,11 +81,6 @@ func getFileUIDGID(stat interface{}) (idtools.Identity, error) { // handleTarTypeBlockCharFifo is an OS-specific helper function used by // createTarFile to handle the following types of header: Block; Char; Fifo func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error { - if sys.RunningInUserNS() { - // cannot create a device if running in user namespace - return nil - } - mode := uint32(hdr.Mode & 07777) switch hdr.Typeflag { case tar.TypeBlock: @@ -96,7 +91,12 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error { mode |= unix.S_IFIFO } - return system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))) + err := system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))) + if errors.Is(err, syscall.EPERM) && sys.RunningInUserNS() { + // In most cases, cannot create a device if running in user namespace + err = nil + } + return err } func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error { From 25bd941ae43fcba4d47cecbf50fe5f3d557c8229 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 19 Jan 2021 15:07:08 +0900 Subject: [PATCH 010/252] docker info: silence unhandleable warnings The following warnings in `docker info` are now discarded, because there is no action user can actually take. On cgroup v1: - "WARNING: No blkio weight support" - "WARNING: No blkio weight_device support" On cgroup v2: - "WARNING: No kernel memory TCP limit support" - "WARNING: No oom kill disable support" `docker run` still prints warnings when the missing feature is being attempted to use. Signed-off-by: Akihiro Suda (cherry picked from commit 8086443a449af8ef5c5b0574de8957df7e52f296) Signed-off-by: Akihiro Suda --- daemon/info_unix.go | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/daemon/info_unix.go b/daemon/info_unix.go index 7a71ff28da0f4..1b25b5126630c 100644 --- a/daemon/info_unix.go +++ b/daemon/info_unix.go @@ -100,10 +100,14 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) if !v.SwapLimit { v.Warnings = append(v.Warnings, "WARNING: No swap limit support") } - if !v.KernelMemoryTCP { + if !v.KernelMemoryTCP && v.CgroupVersion == "1" { + // kernel memory is not available for cgroup v2. + // Warning is not printed on cgroup v2, because there is no action user can take. v.Warnings = append(v.Warnings, "WARNING: No kernel memory TCP limit support") } - if !v.OomKillDisable { + if !v.OomKillDisable && v.CgroupVersion == "1" { + // oom kill disable is not available for cgroup v2. + // Warning is not printed on cgroup v2, because there is no action user can take. v.Warnings = append(v.Warnings, "WARNING: No oom kill disable support") } if !v.CPUCfsQuota { @@ -122,10 +126,13 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) v.Warnings = append(v.Warnings, "WARNING: Support for cgroup v2 is experimental") } // TODO add fields for these options in types.Info - if !sysInfo.BlkioWeight { + if !sysInfo.BlkioWeight && v.CgroupVersion == "2" { + // blkio weight is not available on cgroup v1 since kernel 5.0. + // Warning is not printed on cgroup v1, because there is no action user can take. + // On cgroup v2, blkio weight is implemented using io.weight v.Warnings = append(v.Warnings, "WARNING: No blkio weight support") } - if !sysInfo.BlkioWeightDevice { + if !sysInfo.BlkioWeightDevice && v.CgroupVersion == "2" { v.Warnings = append(v.Warnings, "WARNING: No blkio weight_device support") } if !sysInfo.BlkioReadBpsDevice { From b6a6a356848b3aade535a9234e1ff45059182ae3 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 20 Jan 2021 13:42:32 +0900 Subject: [PATCH 011/252] docker info: adjust warning strings for cgroup v2 Signed-off-by: Akihiro Suda (cherry picked from commit 00225e220fb18283dcf9e4fa6625fad6746d8a50) Signed-off-by: Akihiro Suda --- daemon/info_unix.go | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/daemon/info_unix.go b/daemon/info_unix.go index 1b25b5126630c..56c920990b233 100644 --- a/daemon/info_unix.go +++ b/daemon/info_unix.go @@ -130,22 +130,38 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) // blkio weight is not available on cgroup v1 since kernel 5.0. // Warning is not printed on cgroup v1, because there is no action user can take. // On cgroup v2, blkio weight is implemented using io.weight - v.Warnings = append(v.Warnings, "WARNING: No blkio weight support") + v.Warnings = append(v.Warnings, "WARNING: No io.weight support") } if !sysInfo.BlkioWeightDevice && v.CgroupVersion == "2" { - v.Warnings = append(v.Warnings, "WARNING: No blkio weight_device support") + v.Warnings = append(v.Warnings, "WARNING: No io.weight (per device) support") } if !sysInfo.BlkioReadBpsDevice { - v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.read_bps_device support") + if v.CgroupVersion == "2" { + v.Warnings = append(v.Warnings, "WARNING: No io.max (rbps) support") + } else { + v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.read_bps_device support") + } } if !sysInfo.BlkioWriteBpsDevice { - v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.write_bps_device support") + if v.CgroupVersion == "2" { + v.Warnings = append(v.Warnings, "WARNING: No io.max (wbps) support") + } else { + v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.write_bps_device support") + } } if !sysInfo.BlkioReadIOpsDevice { - v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.read_iops_device support") + if v.CgroupVersion == "2" { + v.Warnings = append(v.Warnings, "WARNING: No io.max (riops) support") + } else { + v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.read_iops_device support") + } } if !sysInfo.BlkioWriteIOpsDevice { - v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.write_iops_device support") + if v.CgroupVersion == "2" { + v.Warnings = append(v.Warnings, "WARNING: No io.max (wiops) support") + } else { + v.Warnings = append(v.Warnings, "WARNING: No blkio throttle.write_iops_device support") + } } } if !v.IPv4Forwarding { From 519a55f4914f256ccb9233736ea9f6a91199dfec Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 22 Jan 2021 16:17:05 +0900 Subject: [PATCH 012/252] TestCgroupNamespacesRunOlderClient: support cgroup v2 Signed-off-by: Akihiro Suda --- integration/container/run_cgroupns_linux_test.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/integration/container/run_cgroupns_linux_test.go b/integration/container/run_cgroupns_linux_test.go index 9f17f40371a59..ffdeb5513a99d 100644 --- a/integration/container/run_cgroupns_linux_test.go +++ b/integration/container/run_cgroupns_linux_test.go @@ -130,7 +130,7 @@ func TestCgroupNamespacesRunInvalidMode(t *testing.T) { } // Clients before 1.40 expect containers to be created in the host cgroup namespace, -// regardless of the default setting of the daemon +// regardless of the default setting of the daemon, unless running with cgroup v2 func TestCgroupNamespacesRunOlderClient(t *testing.T) { skip.If(t, testEnv.DaemonInfo.OSType != "linux") skip.If(t, testEnv.IsRemoteDaemon()) @@ -148,5 +148,9 @@ func TestCgroupNamespacesRunOlderClient(t *testing.T) { daemonCgroup := d.CgroupNamespace(t) containerCgroup := containerCgroupNamespace(ctx, t, client, cID) - assert.Assert(t, daemonCgroup == containerCgroup) + if testEnv.DaemonInfo.CgroupVersion != "2" { + assert.Assert(t, daemonCgroup == containerCgroup) + } else { + assert.Assert(t, daemonCgroup != containerCgroup) + } } From f0e526f43e2b4cbc548257bb3eef0de2a114371f Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 4 Jan 2021 23:58:00 +0000 Subject: [PATCH 013/252] Make test work with rootless mode Using `d.Kill()` with rootless mode causes the restarted daemon to not be able to start containerd (it times out). Originally this was SIGKILLing the daemon because we were hoping to not have to manipulate on disk state, but since we need to anyway we can shut it down normally. I also tested this to ensure the test fails correctly without the fix that the test was added to check for. Signed-off-by: Brian Goff (cherry picked from commit e6591a9c7abf8bfef8e8c4f1f560c13acf342f4a) Signed-off-by: Sebastiaan van Stijn --- integration/container/daemon_linux_test.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/integration/container/daemon_linux_test.go b/integration/container/daemon_linux_test.go index ea8fde2fd3d28..f4a944248b0ce 100644 --- a/integration/container/daemon_linux_test.go +++ b/integration/container/daemon_linux_test.go @@ -193,7 +193,7 @@ func TestRestartDaemonWithRestartingContainer(t *testing.T) { defer d.Cleanup(t) d.StartWithBusybox(t, "--iptables=false") - defer d.Kill() + defer d.Stop(t) ctx := context.Background() client := d.NewClientT(t) @@ -203,8 +203,7 @@ func TestRestartDaemonWithRestartingContainer(t *testing.T) { // We will manipulate the on disk state later id := container.Create(ctx, t, client, container.WithRestartPolicy("always"), container.WithCmd("/bin/sh", "-c", "exit 1")) - // SIGKILL the daemon - assert.NilError(t, d.Kill()) + d.Stop(t) configPath := filepath.Join(d.Root, "containers", id, "config.v2.json") configBytes, err := ioutil.ReadFile(configPath) From faf6442f8078f744e5ae1355acfdd0d76ecb1c3c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 8 Jan 2021 13:25:21 +0100 Subject: [PATCH 014/252] integration: fix TestBuildUserNamespaceValidateCapabilitiesAreV2 not using frozen image Commit f2f5106c92fb9399844dcb7315fe23f3612e7cea added this test to verify loading of images that were built with user-namespaces enabled. However, because this test spins up a new daemon, not the daemon that's set up by the test-suite's `TestMain()` (which loads the frozen images). As a result, the `debian:bullseye` image was pulled from Docker Hub when running the test; Calling POST /v1.41/images/load?quiet=1 Applying tar in /go/src/github.com/docker/docker/bundles/test-integration/TestBuildUserNamespaceValidateCapabilitiesAreV2/d4d366b15997b/root/165536.165536/overlay2/3f7f9375197667acaf7bc810b34689c21f8fed9c52c6765c032497092ca023d6/diff" storage-driver=overlay Applied tar sha256:845f0e5159140e9dbcad00c0326c2a506fbe375aa1c229c43f082867d283149c to 3f7f9375197667acaf7bc810b34689c21f8fed9c52c6765c032497092ca023d6, size: 5922359 Calling POST /v1.41/build?buildargs=null&cachefrom=null&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=&labels=null&memory=0&memswap=0&networkmode=&rm=0&shmsize=0&t=capabilities%3A1.0&target=&ulimits=null&version= Trying to pull debian from https://registry-1.docker.io v2 Fetching manifest from remote" digest="sha256:f169dbadc9021fc0b08e371d50a772809286a167f62a8b6ae86e4745878d283d" error="" remote="docker.io/library/debian:bullseye Pulling ref from V2 registry: debian:bullseye ... This patch updates `TestBuildUserNamespaceValidateCapabilitiesAreV2` to load the frozen image. `StartWithBusybox` is also changed to `Start`, because the test is not using the busybox image, so there's no need to load it. In a followup, we should probably add some utilities to make this easier to set up (and to allow passing the list frozen images that we want to load, without having to "hard-code" the image name to load). Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 46dfc313421a2f59a82343d8b812de799b3a0251) Signed-off-by: Sebastiaan van Stijn --- integration/build/build_userns_linux_test.go | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/integration/build/build_userns_linux_test.go b/integration/build/build_userns_linux_test.go index 5e0c4d40fbbd9..e4caee5e4cd2d 100644 --- a/integration/build/build_userns_linux_test.go +++ b/integration/build/build_userns_linux_test.go @@ -15,6 +15,7 @@ import ( "github.com/docker/docker/pkg/stdcopy" "github.com/docker/docker/testutil/daemon" "github.com/docker/docker/testutil/fakecontext" + "github.com/docker/docker/testutil/fixtures/load" "gotest.tools/v3/assert" "gotest.tools/v3/skip" ) @@ -36,7 +37,13 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { defer os.RemoveAll(tmp) dUserRemap := daemon.New(t) - dUserRemap.StartWithBusybox(t, "--userns-remap", "default") + dUserRemap.Start(t, "--userns-remap", "default") + ctx := context.Background() + clientUserRemap := dUserRemap.NewClientT(t) + + err = load.FrozenImagesLinux(clientUserRemap, "buildpack-deps:buster") + assert.NilError(t, err) + dUserRemapRunning := true defer func() { if dUserRemapRunning { @@ -49,11 +56,9 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { RUN setcap CAP_NET_BIND_SERVICE=+eip /bin/sleep ` - ctx := context.Background() source := fakecontext.New(t, "", fakecontext.WithDockerfile(dockerfile)) defer source.Close() - clientUserRemap := dUserRemap.NewClientT(t) resp, err := clientUserRemap.ImageBuild(ctx, source.AsTarReader(t), types.ImageBuildOptions{ @@ -89,7 +94,7 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { dUserRemapRunning = false dNoUserRemap := daemon.New(t) - dNoUserRemap.StartWithBusybox(t) + dNoUserRemap.Start(t) defer dNoUserRemap.Stop(t) clientNoUserRemap := dNoUserRemap.NewClientT(t) From 0211909bdec92741fc33587dd17bffabaa86fd83 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Nov 2020 15:20:27 +0100 Subject: [PATCH 015/252] testing: update docker-py 4.4.1 run docker-py integration tests of the latest release; full diff: https://github.com/docker/docker-py/compare/4.3.0...4.4.1 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 14fb1650856f52928cb9f9fd3b495c3e14776069) Signed-off-by: Sebastiaan van Stijn --- hack/make/test-docker-py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/make/test-docker-py b/hack/make/test-docker-py index 0b12304850922..e92b3d55dbbe1 100644 --- a/hack/make/test-docker-py +++ b/hack/make/test-docker-py @@ -7,7 +7,7 @@ source hack/make/.integration-test-helpers # TODO docker 17.06 cli client used in CI fails to build using a sha; # unable to prepare context: unable to 'git clone' to temporary context directory: error fetching: error: no such remote ref ead0bb9e08c13dd3d1712759491eee06bf5a5602 #: exit status 128 -: "${DOCKER_PY_COMMIT:=4.3.0}" +: "${DOCKER_PY_COMMIT:=4.4.1}" # custom options to pass py.test # From 49e706e14c72fb8e86d8847d4a887d15ad746f2c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 26 Jan 2021 11:37:50 +0100 Subject: [PATCH 016/252] Dockerfile.buildx: update buildx to v0.5.1 full diff: https://github.com/docker/buildx/compare/v0.3.1...v0.5.1 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 30b20a6bdd6ea3439da9b44bd15e34f679530fbe) Signed-off-by: Sebastiaan van Stijn --- Dockerfile.buildx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.buildx b/Dockerfile.buildx index f01ba71e34c82..d3a46964ddf10 100644 --- a/Dockerfile.buildx +++ b/Dockerfile.buildx @@ -1,5 +1,5 @@ ARG GO_VERSION=1.13.15 -ARG BUILDX_COMMIT=v0.3.1 +ARG BUILDX_COMMIT=v0.5.1 ARG BUILDX_REPO=https://github.com/docker/buildx.git FROM golang:${GO_VERSION}-buster AS build From ff49cb3e33c555f96ab67e77c428ab09dd8e24a5 Mon Sep 17 00:00:00 2001 From: Lei Jiang Date: Wed, 3 Feb 2021 21:07:10 +0000 Subject: [PATCH 017/252] Dockerfile.simple: Fix compile docker binary error with btrfs Use the image build from Dockerfile.simple to build docker binary failed with not find , we need to install libbtrfs-dev to fix this. ``` Building: bundles/dynbinary-daemon/dockerd-dev GOOS="" GOARCH="" GOARM="" .gopath/src/github.com/docker/docker/daemon/graphdriver/btrfs/btrfs.go:8:10: fatal error: btrfs/ioctl.h: No such file or directory #include ``` Signed-off-by: Lei Jitang (cherry picked from commit dd7ee8ea3e9383b525780b4e624bc16ddbf4a70d) Signed-off-by: Sebastiaan van Stijn --- Dockerfile.simple | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.simple b/Dockerfile.simple index 122b09aea1ac4..a46ff4aa34165 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -18,13 +18,13 @@ RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies RUN apt-get update && apt-get install -y --no-install-recommends \ - btrfs-tools \ build-essential \ curl \ cmake \ gcc \ git \ libapparmor-dev \ + libbtrfs-dev \ libdevmapper-dev \ libseccomp-dev \ ca-certificates \ From 5de9bc7e01ac31280be54bfa77eeeac4cf5dd86c Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 22 Jan 2021 17:47:30 +0900 Subject: [PATCH 018/252] TestInspectOomKilledTrue: skip on cgroup v2 The test fails intermittently on cgroup v2. ``` === FAIL: amd64.integration.container TestInspectOomKilledTrue (0.53s) kill_test.go:171: assertion failed: true (true bool) != false (inspect.State.OOMKilled bool) ``` Tracked in issue 41929 Signed-off-by: Akihiro Suda (cherry picked from commit c316dd7cc5846f8617a8b3709bd64e666311feb9) Signed-off-by: Sebastiaan van Stijn --- integration/container/kill_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/integration/container/kill_test.go b/integration/container/kill_test.go index bcf106c3cf366..fe47282c53ef0 100644 --- a/integration/container/kill_test.go +++ b/integration/container/kill_test.go @@ -155,6 +155,7 @@ func TestInspectOomKilledTrue(t *testing.T) { skip.If(t, testEnv.DaemonInfo.OSType == "windows") skip.If(t, testEnv.DaemonInfo.CgroupDriver == "none") skip.If(t, !testEnv.DaemonInfo.MemoryLimit || !testEnv.DaemonInfo.SwapLimit) + skip.If(t, testEnv.DaemonInfo.CgroupVersion == "2", "FIXME: flaky on cgroup v2 (https://github.com/moby/moby/issues/41929)") defer setupTest(t)() ctx := context.Background() From d31b2141aeb7d7029281c5954eca6b2ec52004c3 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sat, 23 Jan 2021 23:36:23 +0900 Subject: [PATCH 019/252] Jenkinsfile: add cgroup2 Thanks to Stefan Scherer for setting up the Jenkins nodes. Signed-off-by: Akihiro Suda (cherry picked from commit c23b99f4db3a1c150c346f754478d4326a949279) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index ec5c651783203..03a35720f6ab7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -12,6 +12,7 @@ pipeline { booleanParam(name: 'validate_force', defaultValue: false, description: 'force validation steps to be run, even if no changes were detected') booleanParam(name: 'amd64', defaultValue: true, description: 'amd64 (x86_64) Build/Test') booleanParam(name: 'rootless', defaultValue: true, description: 'amd64 (x86_64) Build/Test (Rootless mode)') + booleanParam(name: 'cgroup2', defaultValue: true, description: 'amd64 (x86_64) Build/Test (cgroup v2)') booleanParam(name: 'arm64', defaultValue: true, description: 'ARM (arm64) Build/Test') booleanParam(name: 's390x', defaultValue: true, description: 'IBM Z (s390x) Build/Test') booleanParam(name: 'ppc64le', defaultValue: true, description: 'PowerPC (ppc64le) Build/Test') @@ -460,6 +461,89 @@ pipeline { } } + stage('cgroup2') { + when { + beforeAgent true + expression { params.cgroup2 } + } + agent { label 'amd64 && ubuntu-2004 && cgroup2' } + stages { + stage("Print info") { + steps { + sh 'docker version' + sh 'docker info' + } + } + stage("Build dev image") { + steps { + sh ''' + docker build --force-rm --build-arg APT_MIRROR --build-arg SYSTEMD=true -t docker:${GIT_COMMIT} . + ''' + } + } + stage("Integration tests") { + environment { + DOCKER_SYSTEMD = '1' // recommended cgroup driver for v2 + TEST_SKIP_INTEGRATION_CLI = '1' // CLI tests do not support v2 + } + steps { + sh ''' + docker run --rm -t --privileged \ + -v "$WORKSPACE/bundles:/go/src/github.com/docker/docker/bundles" \ + --name docker-pr$BUILD_NUMBER \ + -e DOCKER_GITCOMMIT=${GIT_COMMIT} \ + -e DOCKER_GRAPHDRIVER \ + -e DOCKER_EXPERIMENTAL \ + -e DOCKER_SYSTEMD \ + -e TEST_SKIP_INTEGRATION_CLI \ + -e TIMEOUT \ + -e VALIDATE_REPO=${GIT_URL} \ + -e VALIDATE_BRANCH=${CHANGE_TARGET} \ + docker:${GIT_COMMIT} \ + hack/make.sh \ + dynbinary \ + test-integration + ''' + } + post { + always { + junit testResults: 'bundles/**/*-report.xml', allowEmptyResults: true + } + } + } + } + + post { + always { + sh ''' + echo "Ensuring container killed." + docker rm -vf docker-pr$BUILD_NUMBER || true + ''' + + sh ''' + echo "Chowning /workspace to jenkins user" + docker run --rm -v "$WORKSPACE:/workspace" busybox chown -R "$(id -u):$(id -g)" /workspace + ''' + + catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE', message: 'Failed to create bundles.tar.gz') { + sh ''' + bundleName=amd64-cgroup2 + echo "Creating ${bundleName}-bundles.tar.gz" + # exclude overlay2 directories + find bundles -path '*/root/*overlay2' -prune -o -type f \\( -name '*-report.json' -o -name '*.log' -o -name '*.prof' -o -name '*-report.xml' \\) -print | xargs tar -czf ${bundleName}-bundles.tar.gz + ''' + + archiveArtifacts artifacts: '*-bundles.tar.gz', allowEmptyArchive: true + } + } + cleanup { + sh 'make clean' + deleteDir() + } + } + } + + stage('s390x') { when { beforeAgent true From f7893961dee4597a3cc8497d856171dd7f29202f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 26 Jan 2021 15:01:24 +0100 Subject: [PATCH 020/252] TestBuildUserNamespaceValidateCapabilitiesAreV2: use correct image name This currently doesn't make a difference, because load.FrozenImagesLinux() currently loads all frozen images, not just the specified one, but in case that is fixed/implemented at some point. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 26965fbfa0e68d7dee49406b21fc0b8e01994205) Signed-off-by: Sebastiaan van Stijn --- integration/build/build_userns_linux_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration/build/build_userns_linux_test.go b/integration/build/build_userns_linux_test.go index e4caee5e4cd2d..14c08e3a5ab9e 100644 --- a/integration/build/build_userns_linux_test.go +++ b/integration/build/build_userns_linux_test.go @@ -41,7 +41,7 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { ctx := context.Background() clientUserRemap := dUserRemap.NewClientT(t) - err = load.FrozenImagesLinux(clientUserRemap, "buildpack-deps:buster") + err = load.FrozenImagesLinux(clientUserRemap, "debian:bullseye") assert.NilError(t, err) dUserRemapRunning := true From fc07fecfb58e54bd11525644e277b3dd3fff4d7f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 26 Jan 2021 15:22:13 +0100 Subject: [PATCH 021/252] TestBuildUserNamespaceValidateCapabilitiesAreV2: verify build completed Check if the `docker build` completed successfully before continuing. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit fa480403c75c90880a6bc79bab9e10b012379006) Signed-off-by: Sebastiaan van Stijn --- integration/build/build_userns_linux_test.go | 29 ++++++-------------- 1 file changed, 8 insertions(+), 21 deletions(-) diff --git a/integration/build/build_userns_linux_test.go b/integration/build/build_userns_linux_test.go index 14c08e3a5ab9e..f5b3a2705c7cb 100644 --- a/integration/build/build_userns_linux_test.go +++ b/integration/build/build_userns_linux_test.go @@ -12,6 +12,7 @@ import ( "github.com/docker/docker/api/types" "github.com/docker/docker/integration/internal/container" + "github.com/docker/docker/pkg/jsonmessage" "github.com/docker/docker/pkg/stdcopy" "github.com/docker/docker/testutil/daemon" "github.com/docker/docker/testutil/fakecontext" @@ -66,17 +67,10 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { }) assert.NilError(t, err) defer resp.Body.Close() - buf := make([]byte, 1024) - for { - n, err := resp.Body.Read(buf) - if err != nil && err != io.EOF { - t.Fatalf("Error reading ImageBuild response: %v", err) - break - } - if n == 0 { - break - } - } + + buf := bytes.NewBuffer(nil) + err = jsonmessage.DisplayJSONMessagesStream(resp.Body, buf, 0, false, nil) + assert.NilError(t, err) reader, err := clientUserRemap.ImageSave(ctx, []string{imageTag}) assert.NilError(t, err, "failed to download capabilities image") @@ -106,16 +100,9 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { loadResp, err := clientNoUserRemap.ImageLoad(ctx, tarReader, false) assert.NilError(t, err, "failed to load image tar file") defer loadResp.Body.Close() - for { - n, err := loadResp.Body.Read(buf) - if err != nil && err != io.EOF { - t.Fatalf("Error reading ImageLoad response: %v", err) - break - } - if n == 0 { - break - } - } + buf = bytes.NewBuffer(nil) + err = jsonmessage.DisplayJSONMessagesStream(loadResp.Body, buf, 0, false, nil) + assert.NilError(t, err) cid := container.Run(ctx, t, clientNoUserRemap, container.WithImage(imageTag), From cc377d27ac38a13cd4434461e47ae8f2128db48f Mon Sep 17 00:00:00 2001 From: Alexis Ries Date: Fri, 5 Feb 2021 18:55:21 +0100 Subject: [PATCH 022/252] Update TestDaemonRestartWithLiveRestore: fix docker0 subnet missmatch Fix docker0 subnet missmatch when running from docker in docker (dind) Signed-off-by: Alexis Ries (cherry picked from commit 96e103feb1d7744851e5490804a3cfc616ec5a48) Signed-off-by: Sebastiaan van Stijn --- integration/network/service_test.go | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/integration/network/service_test.go b/integration/network/service_test.go index 9ed449a3c0a20..6fc71fab7b229 100644 --- a/integration/network/service_test.go +++ b/integration/network/service_test.go @@ -33,19 +33,25 @@ func TestDaemonRestartWithLiveRestore(t *testing.T) { d := daemon.New(t) defer d.Stop(t) d.Start(t) + + c := d.NewClientT(t) + defer c.Close() + + // Verify bridge network's subnet + out, err := c.NetworkInspect(context.Background(), "bridge", types.NetworkInspectOptions{}) + assert.NilError(t, err) + subnet := out.IPAM.Config[0].Subnet + d.Restart(t, "--live-restore=true", "--default-address-pool", "base=175.30.0.0/16,size=16", "--default-address-pool", "base=175.33.0.0/16,size=24", ) - // Verify bridge network's subnet - c := d.NewClientT(t) - defer c.Close() - out, err := c.NetworkInspect(context.Background(), "bridge", types.NetworkInspectOptions{}) + out1, err := c.NetworkInspect(context.Background(), "bridge", types.NetworkInspectOptions{}) assert.NilError(t, err) // Make sure docker0 doesn't get override with new IP in live restore case - assert.Equal(t, out.IPAM.Config[0].Subnet, "172.18.0.0/16") + assert.Equal(t, out1.IPAM.Config[0].Subnet, subnet) } func TestDaemonDefaultNetworkPools(t *testing.T) { From 94feac18d26961c5ae4d080a3989cf2ccc8cdb52 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 11 Feb 2021 14:45:34 +0100 Subject: [PATCH 023/252] Update rootlesskit to v0.13.1 to fix handling of IPv6 addresses v0.13.1 - Refactor `ParsePortSpec` to handle IPv6 addresses, and improve validation v0.13.0 - `rootlesskit --pidns`: fix propagating exit status - Support cgroup2 evacuation, e.g., `systemd-run -p Delegate=yes --user -t rootlesskit --cgroupns --pidns --evacuate-cgroup2=evac --net=slirp4netns bash` v0.12.0 - Port forwarding API now supports setting `ChildIP` - The `vendor` directory is no longer included in this repo. Run `go mod vendor` if you need Signed-off-by: Sebastiaan van Stijn (cherry picked from commit e32ae1973ae0b04b543a05b3578d1295c0c98e36) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/rootlesskit.installer | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 43b84d3c4f509..9580cc971c24f 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,7 @@ #!/bin/sh -# v0.11.0 -: ${ROOTLESSKIT_COMMIT:=2886253e467c5444a4d2ac7084e53aa3cc50055d} +# v0.13.1 +: "${ROOTLESSKIT_COMMIT:=5c30c9c2586add2ad659132990fdc230f05035fa}" install_rootlesskit() { case "$1" in @@ -25,12 +25,13 @@ install_rootlesskit_dynamic() { _install_rootlesskit } -_install_rootlesskit() { +_install_rootlesskit() ( echo "Install rootlesskit version $ROOTLESSKIT_COMMIT" git clone https://github.com/rootless-containers/rootlesskit.git "$GOPATH/src/github.com/rootless-containers/rootlesskit" - cd "$GOPATH/src/github.com/rootless-containers/rootlesskit" + cd "$GOPATH/src/github.com/rootless-containers/rootlesskit" || exit 1 git checkout -q "$ROOTLESSKIT_COMMIT" + export GO111MODULE=on for f in rootlesskit rootlesskit-docker-proxy; do go build $BUILD_MODE -ldflags="$ROOTLESSKIT_LDFLAGS" -o "${PREFIX}/$f" github.com/rootless-containers/rootlesskit/cmd/$f done -} +) From 5db18e0aba4d713e6c57c9262585b0d8e67f1e2e Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Thu, 4 Feb 2021 18:38:51 -0800 Subject: [PATCH 024/252] archive: avoid creating parent dirs for XGlobalHeader Signed-off-by: Tonis Tiigi (cherry picked from commit ba7906aef38a0a9b1c586b60bf1a4109367c4343) Signed-off-by: Sebastiaan van Stijn --- pkg/archive/archive.go | 6 ++++++ pkg/archive/archive_test.go | 21 +++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go index 2c65fca54a9e7..f9c12896238a4 100644 --- a/pkg/archive/archive.go +++ b/pkg/archive/archive.go @@ -917,6 +917,12 @@ loop: return err } + // ignore XGlobalHeader early to avoid creating parent directories for them + if hdr.Typeflag == tar.TypeXGlobalHeader { + logrus.Debugf("PAX Global Extended Headers found for %s and ignored", hdr.Name) + continue + } + // Normalize name, for safety and for a simple is-root check // This keeps "../" as-is, but normalizes "/../" to "/". Or Windows: // This keeps "..\" as-is, but normalizes "\..\" to "\". diff --git a/pkg/archive/archive_test.go b/pkg/archive/archive_test.go index e89c78264afad..d7632e1f06d3e 100644 --- a/pkg/archive/archive_test.go +++ b/pkg/archive/archive_test.go @@ -4,6 +4,7 @@ import ( "archive/tar" "bytes" "compress/gzip" + "errors" "fmt" "io" "io/ioutil" @@ -1174,6 +1175,26 @@ func TestTempArchiveCloseMultipleTimes(t *testing.T) { } } +// TestXGlobalNoParent is a regression test to check parent directories are not crated for PAX headers +func TestXGlobalNoParent(t *testing.T) { + buf := &bytes.Buffer{} + w := tar.NewWriter(buf) + err := w.WriteHeader(&tar.Header{ + Name: "foo/bar", + Typeflag: tar.TypeXGlobalHeader, + }) + assert.NilError(t, err) + tmpDir, err := ioutil.TempDir("", "pax-test") + assert.NilError(t, err) + defer os.RemoveAll(tmpDir) + err = Untar(buf, tmpDir, nil) + assert.NilError(t, err) + + _, err = os.Lstat(filepath.Join(tmpDir, "foo")) + assert.Check(t, err != nil) + assert.Check(t, errors.Is(err, os.ErrNotExist)) +} + func TestReplaceFileTarWrapper(t *testing.T) { filesInArchive := 20 testcases := []struct { From 5d442b1cb7b2b23dcb26a363b522ce00790def1e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 12 Feb 2021 18:00:28 +0100 Subject: [PATCH 025/252] pkg/archive: Unpack() use 0755 permissions for missing directories Commit edb62a3ace8c4303822a391b38231e577f8c2ee8 fixed a bug in MkdirAllAndChown() that caused the specified permissions to not be applied correctly. As a result of that bug, the configured umask would be applied. When extracting archives, Unpack() used 0777 permissions when creating missing parent directories for files that were extracted. Before edb62a3ace8c4303822a391b38231e577f8c2ee8, this resulted in actual permissions of those directories to be 0755 on most configurations (using a default 022 umask). Creating these directories should not depend on the host's umask configuration. This patch changes the permissions to 0755 to match the previous behavior, and to reflect the original intent of using 0755 as default. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 25ada76437b5a9769f7203036c8ea12c5762da04) Signed-off-by: Sebastiaan van Stijn --- pkg/archive/archive.go | 2 +- pkg/archive/archive_unix_test.go | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go index f9c12896238a4..084a4fa07788e 100644 --- a/pkg/archive/archive.go +++ b/pkg/archive/archive.go @@ -942,7 +942,7 @@ loop: parent := filepath.Dir(hdr.Name) parentPath := filepath.Join(dest, parent) if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) { - err = idtools.MkdirAllAndChownNew(parentPath, 0777, rootIDs) + err = idtools.MkdirAllAndChownNew(parentPath, 0755, rootIDs) if err != nil { return err } diff --git a/pkg/archive/archive_unix_test.go b/pkg/archive/archive_unix_test.go index e308dd80c6563..4eff66629c183 100644 --- a/pkg/archive/archive_unix_test.go +++ b/pkg/archive/archive_unix_test.go @@ -3,6 +3,7 @@ package archive // import "github.com/docker/docker/pkg/archive" import ( + "archive/tar" "bytes" "fmt" "io/ioutil" @@ -156,6 +157,24 @@ func TestTarWithHardLinkAndRebase(t *testing.T) { assert.Check(t, is.Equal(i1, i2)) } +// TestUntarParentPathPermissions is a regression test to check that missing +// parent directories are created with the expected permissions +func TestUntarParentPathPermissions(t *testing.T) { + buf := &bytes.Buffer{} + w := tar.NewWriter(buf) + err := w.WriteHeader(&tar.Header{Name: "foo/bar"}) + assert.NilError(t, err) + tmpDir, err := ioutil.TempDir("", t.Name()) + assert.NilError(t, err) + defer os.RemoveAll(tmpDir) + err = Untar(buf, tmpDir, nil) + assert.NilError(t, err) + + fi, err := os.Lstat(filepath.Join(tmpDir, "foo")) + assert.NilError(t, err) + assert.Equal(t, fi.Mode(), 0755|os.ModeDir) +} + func getNlink(path string) (uint64, error) { stat, err := os.Stat(path) if err != nil { From acb8a48a3c6e5a2b5d217688814ee71033148f98 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 6 Feb 2021 12:16:00 +0100 Subject: [PATCH 026/252] update runc binary to v1.0.0-rc93 full diff: https://github.com/opencontainers/runc/compare/v1.0.0-rc92...v1.0.0-rc93 release notes: https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc93 Release notes for runc v1.0.0-rc93 ------------------------------------------------- This is the last feature-rich RC release and we are in a feature-freeze until 1.0. 1.0.0~rc94 will be released in a few weeks with minimal bug fixes only, and 1.0.0 will be released soon afterwards. - runc's cgroupv2 support is no longer considered experimental. It is now believed to be fully ready for production deployments. In addition, runc's cgroup code has been improved: - The systemd cgroup driver has been improved to be more resilient and handle more systemd properties correctly. - We now make use of openat2(2) when possible to improve the security of cgroup operations (in future runc will be wholesale ported to libpathrs to get this protection in all codepaths). - runc's mountinfo parsing code has been reworked significantly, making container startup times significantly faster and less wasteful in general. - runc now has special handling for seccomp profiles to avoid making new syscalls unusable for glibc. This is done by installing a custom prefix to all seccomp filters which returns -ENOSYS for syscalls that are newer than any syscall in the profile (meaning they have a larger syscall number). This should not cause any regressions (because previously users would simply get -EPERM rather than -ENOSYS, and the rule applied above is the most conservative rule possible) but please report any regressions you find as a result of this change -- in particular, programs which have special fallback code that is only run in the case of -EPERM. - runc now supports the following new runtime-spec features: - The umask of a container can now be specified. - The new Linux 5.9 capabilities (CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE) are now supported. - The "unified" cgroup configuration option, which allows users to explicitly specify the limits based on the cgroup file names rather than abstracting them through OCI configuration. This is currently limited in scope to cgroupv2. - Various rootless containers improvements: - runc will no longer cause conflicts if a user specifies a custom device which conflicts with a user-configured device -- the user device takes precedence. - runc no longer panics if /sys/fs/cgroup is missing in rootless mode. - runc --root is now always treated as local to the current working directory. - The --no-pivot-root hardening was improved to handle nested mounts properly (please note that we still strongly recommend that users do not use --no-pivot-root -- it is still an insecure option). - A large number of code cleanliness and other various cleanups, including fairly large changes to our tests and CI to make them all run more efficiently. For packagers the following changes have been made which will have impact on your packaging of runc: - The "selinux" and "apparmor" buildtags have been removed, and now all runc builds will have SELinux and AppArmor support enabled. Note that "seccomp" is still optional (though we very highly recommend you enable it). - make install DESTDIR= now functions correctly. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 28e5a3c5a4db5d413d0834f432e8bebde62b0d74) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 4be473c2b1691..779eb9b687a06 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=ff819c7e9184c13b7c2607fe6c30ae19403a7aff} # v1.0.0-rc92 +: ${RUNC_COMMIT:=12644e614e25b05da6fd08a38ffa0cfe1903fdec} # v1.0.0-rc93 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting @@ -13,7 +13,7 @@ install_runc() { fi # Do not build with ambient capabilities support - RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp apparmor selinux $RUNC_NOKMEM"}" + RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp $RUNC_NOKMEM"}" echo "Install runc version $RUNC_COMMIT (build tags: $RUNC_BUILDTAGS)" git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" From 94d246761388da8adccdc42176dcd7dcb3e7f6cb Mon Sep 17 00:00:00 2001 From: Grant Millar Date: Tue, 9 Feb 2021 16:13:35 +0000 Subject: [PATCH 027/252] Fix userns-remap option when username & UID match Signed-off-by: Grant Millar (cherry picked from commit 2ad187fd4ab9b8bc9fbf664c8b2f5a0bd51fe540) Signed-off-by: Sebastiaan van Stijn --- pkg/idtools/idtools_unix.go | 51 +++++++++++++++++++++++-------------- 1 file changed, 32 insertions(+), 19 deletions(-) diff --git a/pkg/idtools/idtools_unix.go b/pkg/idtools/idtools_unix.go index a03af120458e4..e7d25ee47132f 100644 --- a/pkg/idtools/idtools_unix.go +++ b/pkg/idtools/idtools_unix.go @@ -245,38 +245,51 @@ func NewIdentityMapping(name string) (*IdentityMapping, error) { return nil, fmt.Errorf("Could not get user for username %s: %v", name, err) } - uid := strconv.Itoa(usr.Uid) - - subuidRangesWithUserName, err := parseSubuid(name) + subuidRanges, err := lookupSubUIDRanges(usr) if err != nil { return nil, err } - subgidRangesWithUserName, err := parseSubgid(name) + subgidRanges, err := lookupSubGIDRanges(usr) if err != nil { return nil, err } - subuidRangesWithUID, err := parseSubuid(uid) + return &IdentityMapping{ + uids: subuidRanges, + gids: subgidRanges, + }, nil +} + +func lookupSubUIDRanges(usr user.User) ([]IDMap, error) { + rangeList, err := parseSubuid(strconv.Itoa(usr.Uid)) if err != nil { return nil, err } - subgidRangesWithUID, err := parseSubgid(uid) + if len(rangeList) == 0 { + rangeList, err = parseSubuid(usr.Name) + if err != nil { + return nil, err + } + } + if len(rangeList) == 0 { + return nil, errors.Errorf("no subuid ranges found for user %q", usr.Name) + } + return createIDMap(rangeList), nil +} + +func lookupSubGIDRanges(usr user.User) ([]IDMap, error) { + rangeList, err := parseSubgid(strconv.Itoa(usr.Uid)) if err != nil { return nil, err } - - subuidRanges := append(subuidRangesWithUserName, subuidRangesWithUID...) - subgidRanges := append(subgidRangesWithUserName, subgidRangesWithUID...) - - if len(subuidRanges) == 0 { - return nil, errors.Errorf("no subuid ranges found for user %q", name) + if len(rangeList) == 0 { + rangeList, err = parseSubgid(usr.Name) + if err != nil { + return nil, err + } } - if len(subgidRanges) == 0 { - return nil, errors.Errorf("no subgid ranges found for user %q", name) + if len(rangeList) == 0 { + return nil, errors.Errorf("no subgid ranges found for user %q", usr.Name) } - - return &IdentityMapping{ - uids: createIDMap(subuidRanges), - gids: createIDMap(subgidRanges), - }, nil + return createIDMap(rangeList), nil } From ad777ff3bcc7f52607201af8805cc59c0b9d31fa Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 10 Feb 2021 12:44:28 +0100 Subject: [PATCH 028/252] api: fix NanoCPUs casing in swagger While the field in the Go struct is named `NanoCPUs`, it has a JSON label to use `NanoCpus`, which was added in the original pull request (not clear what the reason was); 846baf1fd3efcbfbf9d3eb99e436ca9a59d3e185 Some notes: - Golang processes field names case-insensitive, so when *using* the API, both cases should work, but when inspecting a container, the field is returned as `NanoCpus`. - This only affects Containers.Resources. The `Limits` and `Reservation` for SwarmKit services and SwarmKit "nodes" do not override the name for JSON, so have the canonical (`NanoCPUs`) casing. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2bd46ed7e5a016f21b9259cec269340420fa7a63) Signed-off-by: Sebastiaan van Stijn --- api/swagger.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/api/swagger.yaml b/api/swagger.yaml index 9f1019681af51..dc838222c5abd 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -560,7 +560,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -5466,7 +5466,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 From 6e3f2acdacfff9aba0dedbbd2d81cea4411d9279 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 10 Feb 2021 13:02:27 +0100 Subject: [PATCH 029/252] docs: fix NanoCPUs casing While the field in the Go struct is named `NanoCPUs`, it has a JSON label to use `NanoCpus`, which was added in the original pull request (not clear what the reason was); 846baf1fd3efcbfbf9d3eb99e436ca9a59d3e185 Some notes: - Golang processes field names case-insensitive, so when *using* the API, both cases should work, but when inspecting a container, the field is returned as `NanoCpus`. - This only affects Containers.Resources. The `Limits` and `Reservation` for SwarmKit services and SwarmKit "nodes" do not override the name for JSON, so have the canonical (`NanoCPUs`) casing. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8e2343ffd4cdaec67688a36aa82651b75806657a) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.25.yaml | 4 ++-- docs/api/v1.26.yaml | 4 ++-- docs/api/v1.27.yaml | 4 ++-- docs/api/v1.28.yaml | 4 ++-- docs/api/v1.29.yaml | 4 ++-- docs/api/v1.30.yaml | 4 ++-- docs/api/v1.31.yaml | 4 ++-- docs/api/v1.32.yaml | 4 ++-- docs/api/v1.33.yaml | 4 ++-- docs/api/v1.34.yaml | 4 ++-- docs/api/v1.35.yaml | 4 ++-- docs/api/v1.36.yaml | 4 ++-- docs/api/v1.37.yaml | 4 ++-- docs/api/v1.38.yaml | 4 ++-- docs/api/v1.39.yaml | 4 ++-- docs/api/v1.40.yaml | 4 ++-- docs/api/v1.41.yaml | 4 ++-- docs/api/version-history.md | 4 ++-- 18 files changed, 36 insertions(+), 36 deletions(-) diff --git a/docs/api/v1.25.yaml b/docs/api/v1.25.yaml index 6328960599f91..8b3e0e08fc688 100644 --- a/docs/api/v1.25.yaml +++ b/docs/api/v1.25.yaml @@ -416,7 +416,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -2679,7 +2679,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.26.yaml b/docs/api/v1.26.yaml index 81e296177a3bb..5e3f8bdf7fb7e 100644 --- a/docs/api/v1.26.yaml +++ b/docs/api/v1.26.yaml @@ -417,7 +417,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -2684,7 +2684,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.27.yaml b/docs/api/v1.27.yaml index 29d8c6b1064e2..65e7251ac2655 100644 --- a/docs/api/v1.27.yaml +++ b/docs/api/v1.27.yaml @@ -1625,7 +1625,7 @@ definitions: Resources: type: "object" properties: - NanoCPUs: + NanoCpus: type: "integer" format: "int64" MemoryBytes: @@ -2744,7 +2744,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.28.yaml b/docs/api/v1.28.yaml index 3dcfb88198e93..69e3c39c992ac 100644 --- a/docs/api/v1.28.yaml +++ b/docs/api/v1.28.yaml @@ -427,7 +427,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -2834,7 +2834,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.29.yaml b/docs/api/v1.29.yaml index 1e92ab429d6ce..d019c7535408f 100644 --- a/docs/api/v1.29.yaml +++ b/docs/api/v1.29.yaml @@ -431,7 +431,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -2868,7 +2868,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.30.yaml b/docs/api/v1.30.yaml index 2a071171a0761..a361ca0c7144f 100644 --- a/docs/api/v1.30.yaml +++ b/docs/api/v1.30.yaml @@ -434,7 +434,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -3074,7 +3074,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.31.yaml b/docs/api/v1.31.yaml index e8a4eba4cf7b6..f6eaf9ac5b71f 100644 --- a/docs/api/v1.31.yaml +++ b/docs/api/v1.31.yaml @@ -435,7 +435,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -3144,7 +3144,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.32.yaml b/docs/api/v1.32.yaml index 499b11ba90f19..30e59757f011f 100644 --- a/docs/api/v1.32.yaml +++ b/docs/api/v1.32.yaml @@ -438,7 +438,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4387,7 +4387,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.33.yaml b/docs/api/v1.33.yaml index bf21ce97d8c61..61839254bfced 100644 --- a/docs/api/v1.33.yaml +++ b/docs/api/v1.33.yaml @@ -443,7 +443,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4392,7 +4392,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.34.yaml b/docs/api/v1.34.yaml index 11ac297d0f693..c81a4e43975f8 100644 --- a/docs/api/v1.34.yaml +++ b/docs/api/v1.34.yaml @@ -446,7 +446,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4421,7 +4421,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.35.yaml b/docs/api/v1.35.yaml index 0d78a41c40f35..43af829570b7a 100644 --- a/docs/api/v1.35.yaml +++ b/docs/api/v1.35.yaml @@ -436,7 +436,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4403,7 +4403,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.36.yaml b/docs/api/v1.36.yaml index d381e3895a97a..91a5b3f48e401 100644 --- a/docs/api/v1.36.yaml +++ b/docs/api/v1.36.yaml @@ -436,7 +436,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4416,7 +4416,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.37.yaml b/docs/api/v1.37.yaml index a4de19d8f512e..8310ed70f43a3 100644 --- a/docs/api/v1.37.yaml +++ b/docs/api/v1.37.yaml @@ -436,7 +436,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4436,7 +4436,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.38.yaml b/docs/api/v1.38.yaml index b29439feace4e..45480c46f3588 100644 --- a/docs/api/v1.38.yaml +++ b/docs/api/v1.38.yaml @@ -437,7 +437,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -4490,7 +4490,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.39.yaml b/docs/api/v1.39.yaml index ee017ea7a5a48..2bec7bf517e15 100644 --- a/docs/api/v1.39.yaml +++ b/docs/api/v1.39.yaml @@ -505,7 +505,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -5185,7 +5185,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index 56a3e824d1071..7c14ae0f837e3 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -554,7 +554,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -5308,7 +5308,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 9f1019681af51..dc838222c5abd 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -560,7 +560,7 @@ definitions: format: "int64" minimum: 0 maximum: 100 - NanoCPUs: + NanoCpus: description: "CPU quota in units of 10-9 CPUs." type: "integer" format: "int64" @@ -5466,7 +5466,7 @@ paths: MemorySwap: 0 MemoryReservation: 0 KernelMemory: 0 - NanoCPUs: 500000 + NanoCpus: 500000 CpuPercent: 80 CpuShares: 512 CpuPeriod: 100000 diff --git a/docs/api/version-history.md b/docs/api/version-history.md index 26637bf16c03e..65d6145276812 100644 --- a/docs/api/version-history.md +++ b/docs/api/version-history.md @@ -332,7 +332,7 @@ keywords: "API, Docker, rcli, REST, documentation" * `POST /services/create` and `POST /services/(id or name)/update` now accept a `rollback` value for `FailureAction`. * `POST /services/create` and `POST /services/(id or name)/update` now accept an optional `RollbackConfig` object which specifies rollback options. * `GET /services` now supports a `mode` filter to filter services based on the service mode (either `global` or `replicated`). -* `POST /containers/(name)/update` now supports updating `NanoCPUs` that represents CPU quota in units of 10-9 CPUs. +* `POST /containers/(name)/update` now supports updating `NanoCpus` that represents CPU quota in units of 10-9 CPUs. ## v1.27 API changes @@ -388,7 +388,7 @@ keywords: "API, Docker, rcli, REST, documentation" * The `hostConfig` option now accepts the fields `CpuRealtimePeriod` and `CpuRtRuntime` to allocate cpu runtime to rt tasks when `CONFIG_RT_GROUP_SCHED` is enabled in the kernel. * The `SecurityOptions` field within the `GET /info` response now includes `userns` if user namespaces are enabled in the daemon. * `GET /nodes` and `GET /node/(id or name)` now return `Addr` as part of a node's `Status`, which is the address that that node connects to the manager from. -* The `HostConfig` field now includes `NanoCPUs` that represents CPU quota in units of 10-9 CPUs. +* The `HostConfig` field now includes `NanoCpus` that represents CPU quota in units of 10-9 CPUs. * `GET /info` now returns more structured information about security options. * The `HostConfig` field now includes `CpuCount` that represents the number of CPUs available for execution by the container. Windows daemon only. * `POST /services/create` and `POST /services/(id or name)/update` now accept the `TTY` parameter, which allocate a pseudo-TTY in container. From 1640d7b986c3d29367e41e7d8b9da7063dfc0cd8 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 22 Jan 2021 14:10:22 +0100 Subject: [PATCH 030/252] Fix daemon panic when starting container with invalid device cgroup rule This fixes a panic when an invalid "device cgroup rule" is passed, resulting in an "index out of range". This bug was introduced in the original implementation in 1756af6fafabd9197feb56c0324e49dd7d30b11f, but was not reproducible when using the CLI, because the same commit also added client-side validation on the flag before making an API request. The following example, uses an invalid rule (`c *:* rwm` - two spaces before the permissions); ```console $ docker run --rm --network=host --device-cgroup-rule='c *:* rwm' busybox invalid argument "c *:* rwm" for "--device-cgroup-rule" flag: invalid device cgroup format 'c *:* rwm' ``` Doing the same, but using the API results in a daemon panic when starting the container; Create a container with an invalid device cgroup rule: ```console curl -v \ --unix-socket /var/run/docker.sock \ "http://localhost/v1.41/containers/create?name=foobar" \ -H "Content-Type: application/json" \ -d '{"Image":"busybox:latest", "HostConfig":{"DeviceCgroupRules": ["c *:* rwm"]}}' ``` Start the container: ```console curl -v \ --unix-socket /var/run/docker.sock \ -X POST \ "http://localhost/v1.41/containers/foobar/start" ``` Observe the daemon logs: ``` 2021-01-22 12:53:03.313806 I | http: panic serving @: runtime error: index out of range [0] with length 0 goroutine 571 [running]: net/http.(*conn).serve.func1(0xc000cb2d20) /usr/local/go/src/net/http/server.go:1795 +0x13b panic(0x2f32380, 0xc000aebfc0) /usr/local/go/src/runtime/panic.go:679 +0x1b6 github.com/docker/docker/oci.AppendDevicePermissionsFromCgroupRules(0xc000175c00, 0x8, 0x8, 0xc0000bd380, 0x1, 0x4, 0x0, 0x0, 0xc0000e69c0, 0x0, ...) /go/src/github.com/docker/docker/oci/oci.go:34 +0x64f ``` This patch: - fixes the panic, allowing the daemon to return an error on container start - adds a unit-test to validate various permutations - adds a "todo" to verify the regular expression (and handling) of the "a" (all) value We should also consider performing this validation when _creating_ the container, so that an error is produced early. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 5cc1753f2c9a52dd7f943f874d96cbdbc81aa542) Signed-off-by: Sebastiaan van Stijn --- oci/oci.go | 7 +- oci/oci_test.go | 168 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 174 insertions(+), 1 deletion(-) create mode 100644 oci/oci_test.go diff --git a/oci/oci.go b/oci/oci.go index 6c84ba3488347..fdc1e06de2479 100644 --- a/oci/oci.go +++ b/oci/oci.go @@ -8,6 +8,11 @@ import ( specs "github.com/opencontainers/runtime-spec/specs-go" ) +// TODO verify if this regex is correct for "a" (all); the docs (https://github.com/torvalds/linux/blob/v5.10/Documentation/admin-guide/cgroup-v1/devices.rst) describe: +// "'all' means it applies to all types and all major and minor numbers", and shows an example +// that *only* passes `a` as value: `echo a > /sys/fs/cgroup/1/devices.allow, which would be +// the "implicit" equivalent of "a *:* rwm". Source-code also looks to confirm this, and returns +// early for "a" (all); https://github.com/torvalds/linux/blob/v5.10/security/device_cgroup.c#L614-L642 // nolint: gosimple var deviceCgroupRuleRegex = regexp.MustCompile("^([acb]) ([0-9]+|\\*):([0-9]+|\\*) ([rwm]{1,3})$") @@ -31,7 +36,7 @@ func SetCapabilities(s *specs.Spec, caplist []string) error { func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error) { for _, deviceCgroupRule := range rules { ss := deviceCgroupRuleRegex.FindAllStringSubmatch(deviceCgroupRule, -1) - if len(ss[0]) != 5 { + if len(ss) == 0 || len(ss[0]) != 5 { return nil, fmt.Errorf("invalid device cgroup rule format: '%s'", deviceCgroupRule) } matches := ss[0] diff --git a/oci/oci_test.go b/oci/oci_test.go new file mode 100644 index 0000000000000..37bc7c202eb62 --- /dev/null +++ b/oci/oci_test.go @@ -0,0 +1,168 @@ +package oci + +import ( + "testing" + + "github.com/opencontainers/runtime-spec/specs-go" + "gotest.tools/v3/assert" +) + +func TestAppendDevicePermissionsFromCgroupRules(t *testing.T) { + ptr := func(i int64) *int64 { return &i } + + tests := []struct { + doc string + rule string + expected specs.LinuxDeviceCgroup + expectedErr string + }{ + { + doc: "empty rule", + rule: "", + expectedErr: `invalid device cgroup rule format: ''`, + }, + { + doc: "multiple spaces after first column", + rule: "c 1:1 rwm", + expectedErr: `invalid device cgroup rule format: 'c 1:1 rwm'`, + }, + { + doc: "multiple spaces after second column", + rule: "c 1:1 rwm", + expectedErr: `invalid device cgroup rule format: 'c 1:1 rwm'`, + }, + { + doc: "leading spaces", + rule: " c 1:1 rwm", + expectedErr: `invalid device cgroup rule format: ' c 1:1 rwm'`, + }, + { + doc: "trailing spaces", + rule: "c 1:1 rwm ", + expectedErr: `invalid device cgroup rule format: 'c 1:1 rwm '`, + }, + { + doc: "unknown device type", + rule: "z 1:1 rwm", + expectedErr: `invalid device cgroup rule format: 'z 1:1 rwm'`, + }, + { + doc: "invalid device type", + rule: "zz 1:1 rwm", + expectedErr: `invalid device cgroup rule format: 'zz 1:1 rwm'`, + }, + { + doc: "missing colon", + rule: "c 11 rwm", + expectedErr: `invalid device cgroup rule format: 'c 11 rwm'`, + }, + { + doc: "invalid device major-minor", + rule: "c a:a rwm", + expectedErr: `invalid device cgroup rule format: 'c a:a rwm'`, + }, + { + doc: "negative major device", + rule: "c -1:1 rwm", + expectedErr: `invalid device cgroup rule format: 'c -1:1 rwm'`, + }, + { + doc: "negative minor device", + rule: "c 1:-1 rwm", + expectedErr: `invalid device cgroup rule format: 'c 1:-1 rwm'`, + }, + { + doc: "missing permissions", + rule: "c 1:1", + expectedErr: `invalid device cgroup rule format: 'c 1:1'`, + }, + { + doc: "invalid permissions", + rule: "c 1:1 x", + expectedErr: `invalid device cgroup rule format: 'c 1:1 x'`, + }, + { + doc: "too many permissions", + rule: "c 1:1 rwmrwm", + expectedErr: `invalid device cgroup rule format: 'c 1:1 rwmrwm'`, + }, + { + doc: "major out of range", + rule: "c 18446744073709551616:1 rwm", + expectedErr: `invalid major value in device cgroup rule format: 'c 18446744073709551616:1 rwm'`, + }, + { + doc: "minor out of range", + rule: "c 1:18446744073709551616 rwm", + expectedErr: `invalid minor value in device cgroup rule format: 'c 1:18446744073709551616 rwm'`, + }, + { + doc: "all (a) devices", + rule: "a 1:1 rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "a", Major: ptr(1), Minor: ptr(1), Access: "rwm"}, + }, + { + doc: "char (c) devices", + rule: "c 1:1 rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(1), Access: "rwm"}, + }, + { + doc: "block (b) devices", + rule: "b 1:1 rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "b", Major: ptr(1), Minor: ptr(1), Access: "rwm"}, + }, + { + doc: "char device with rwm permissions", + rule: "c 7:128 rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(7), Minor: ptr(128), Access: "rwm"}, + }, + { + doc: "wildcard major", + rule: "c *:1 rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(-1), Minor: ptr(1), Access: "rwm"}, + }, + { + doc: "wildcard minor", + rule: "c 1:* rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(-1), Access: "rwm"}, + }, + { + doc: "wildcard major and minor", + rule: "c *:* rwm", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(-1), Minor: ptr(-1), Access: "rwm"}, + }, + { + doc: "read (r) permission", + rule: "c 1:1 r", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(1), Access: "r"}, + }, + { + doc: "write (w) permission", + rule: "c 1:1 w", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(1), Access: "w"}, + }, + { + doc: "mknod (m) permission", + rule: "c 1:1 m", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(1), Access: "m"}, + }, + { + doc: "mknod (m) and read (r) permission", + rule: "c 1:1 mr", + expected: specs.LinuxDeviceCgroup{Allow: true, Type: "c", Major: ptr(1), Minor: ptr(1), Access: "mr"}, + }, + } + + for _, tc := range tests { + tc := tc + t.Run(tc.doc, func(t *testing.T) { + out, err := AppendDevicePermissionsFromCgroupRules([]specs.LinuxDeviceCgroup{}, []string{tc.rule}) + if tc.expectedErr != "" { + assert.Error(t, err, tc.expectedErr) + return + } + assert.NilError(t, err) + assert.DeepEqual(t, out, []specs.LinuxDeviceCgroup{tc.expected}) + }) + } +} From cda69884782e8f0825518f8ea4376fdab4077bef Mon Sep 17 00:00:00 2001 From: gunadhya <6939749+gunadhya@users.noreply.github.com> Date: Tue, 5 Jan 2021 16:56:29 +0530 Subject: [PATCH 031/252] Fix Error in daemon_unix.go and docker_cli_run_unit_test.go Signed-off-by: gunadhya <6939749+gunadhya@users.noreply.github.com> (cherry picked from commit 64465f3b5fbde37ee165893248d80b24e51102aa) Signed-off-by: Sebastiaan van Stijn --- daemon/daemon_unix.go | 2 +- integration-cli/docker_cli_run_unix_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index b477275228a24..8754d4f97283a 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -461,7 +461,7 @@ func verifyPlatformContainerResources(resources *containertypes.Resources, sysIn resources.MemoryReservation = 0 } if resources.MemoryReservation > 0 && resources.MemoryReservation < linuxMinMemory { - return warnings, fmt.Errorf("Minimum memory reservation allowed is 4MB") + return warnings, fmt.Errorf("Minimum memory reservation allowed is 6MB") } if resources.Memory > 0 && resources.MemoryReservation > 0 && resources.Memory < resources.MemoryReservation { return warnings, fmt.Errorf("Minimum memory limit can not be less than memory reservation limit, see usage") diff --git a/integration-cli/docker_cli_run_unix_test.go b/integration-cli/docker_cli_run_unix_test.go index 44de2617d93b9..e6a6406e15d5e 100644 --- a/integration-cli/docker_cli_run_unix_test.go +++ b/integration-cli/docker_cli_run_unix_test.go @@ -697,7 +697,7 @@ func (s *DockerSuite) TestRunWithMemoryReservationInvalid(c *testing.T) { assert.Assert(c, strings.Contains(strings.TrimSpace(out), expected), "run container should fail with invalid memory reservation") out, _, err = dockerCmdWithError("run", "--memory-reservation", "1k", "busybox", "true") assert.ErrorContains(c, err, "") - expected = "Minimum memory reservation allowed is 4MB" + expected = "Minimum memory reservation allowed is 6MB" assert.Assert(c, strings.Contains(strings.TrimSpace(out), expected), "run container should fail with invalid memory reservation") } From 491642e69692769c8715ca8d86bf2aa68852fb90 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 12:28:21 -0800 Subject: [PATCH 032/252] contrib/check-config.sh: support for cgroupv2 Before: > Generally Necessary: > - cgroup hierarchy: nonexistent?? > (see https://github.com/tianon/cgroupfs-mount) After: > Generally Necessary: > - cgroup hierarchy: cgroupv2 Signed-off-by: Kir Kolyshkin (cherry picked from commit 76b59065ae99dca155bd95e97783f14e4b8cc272) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 3d82118c9b90e..3ada8ca9cee69 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -155,18 +155,22 @@ echo echo 'Generally Necessary:' echo -n '- ' -cgroupSubsystemDir="$(awk '/[, ](cpu|cpuacct|cpuset|devices|freezer|memory)[, ]/ && $3 == "cgroup" { print $2 }' /proc/mounts | head -n1)" -cgroupDir="$(dirname "$cgroupSubsystemDir")" -if [ -d "$cgroupDir/cpu" ] || [ -d "$cgroupDir/cpuacct" ] || [ -d "$cgroupDir/cpuset" ] || [ -d "$cgroupDir/devices" ] || [ -d "$cgroupDir/freezer" ] || [ -d "$cgroupDir/memory" ]; then - echo "$(wrap_good 'cgroup hierarchy' 'properly mounted') [$cgroupDir]" +if [ "$(stat -f -c %t /sys/fs/cgroup 2> /dev/null)" = '63677270' ]; then + echo "$(wrap_good 'cgroup hierarchy' 'cgroupv2')" else - if [ "$cgroupSubsystemDir" ]; then - echo "$(wrap_bad 'cgroup hierarchy' 'single mountpoint!') [$cgroupSubsystemDir]" + cgroupSubsystemDir="$(awk '/[, ](cpu|cpuacct|cpuset|devices|freezer|memory)[, ]/ && $3 == "cgroup" { print $2 }' /proc/mounts | head -n1)" + cgroupDir="$(dirname "$cgroupSubsystemDir")" + if [ -d "$cgroupDir/cpu" ] || [ -d "$cgroupDir/cpuacct" ] || [ -d "$cgroupDir/cpuset" ] || [ -d "$cgroupDir/devices" ] || [ -d "$cgroupDir/freezer" ] || [ -d "$cgroupDir/memory" ]; then + echo "$(wrap_good 'cgroup hierarchy' 'properly mounted') [$cgroupDir]" else - wrap_bad 'cgroup hierarchy' 'nonexistent??' + if [ "$cgroupSubsystemDir" ]; then + echo "$(wrap_bad 'cgroup hierarchy' 'single mountpoint!') [$cgroupSubsystemDir]" + else + wrap_bad 'cgroup hierarchy' 'nonexistent??' + fi + EXITCODE=1 + echo " $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)" fi - EXITCODE=1 - echo " $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)" fi if [ "$(cat /sys/module/apparmor/parameters/enabled 2> /dev/null)" = 'Y' ]; then From 6bc47ca4b4825a8a26d02e38225d74b96660d7b6 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 12:38:33 -0800 Subject: [PATCH 033/252] contrib/check-config.sh: fix NF_NAT_IPV4 CONFIG_NF_NAT_IPV4 was removed in kernel commit 3bf195ae6037e310, which made its way into v5.1-rc1. The functionality is now under NF_NAT which we already check for. Make the check for NF_NAT_IPV4 conditional. Signed-off-by: Kir Kolyshkin (cherry picked from commit eeb53c1f228ddaf1c4771282b6b07524e40bbacb) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 3ada8ca9cee69..3d23b515414bf 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -196,7 +196,7 @@ flags=( CGROUPS CGROUP_CPUACCT CGROUP_DEVICE CGROUP_FREEZER CGROUP_SCHED CPUSETS MEMCG KEYS VETH BRIDGE BRIDGE_NETFILTER - NF_NAT_IPV4 IP_NF_FILTER IP_NF_TARGET_MASQUERADE + IP_NF_FILTER IP_NF_TARGET_MASQUERADE NETFILTER_XT_MATCH_{ADDRTYPE,CONNTRACK,IPVS} IP_NF_NAT NF_NAT NF_NAT_NEEDED @@ -208,6 +208,10 @@ if [ "$kernelMajor" -lt 4 ] || ([ "$kernelMajor" -eq 4 ] && [ "$kernelMinor" -lt check_flags DEVPTS_MULTIPLE_INSTANCES fi +if [ "$kernelMajor" -lt 5 ] || [ "$kernelMajor" -eq 5 -a "$kernelMinor" -le 1 ]; then + check_flags NF_NAT_IPV4 +fi + echo echo 'Optional Features:' From db47bec3c7c36d71c37ea12cdea9b52bdeb71554 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 12:40:53 -0800 Subject: [PATCH 034/252] contrib/check-config.sh: fix NF_NAT_NEEDED CONFIG_NF_NAT_NEEDED was removed in kernel commit 4806e975729f99c7, which made its way into v5.2-rc1. The functionality is now under NF_NAT which we already check for. Make the check for NF_NAT_NEEDED conditional. Signed-off-by: Kir Kolyshkin (cherry picked from commit 03da41152af41b2ac94d86021b5369fc13bf9d34) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 3d23b515414bf..17d9c2f299c78 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -198,7 +198,7 @@ flags=( VETH BRIDGE BRIDGE_NETFILTER IP_NF_FILTER IP_NF_TARGET_MASQUERADE NETFILTER_XT_MATCH_{ADDRTYPE,CONNTRACK,IPVS} - IP_NF_NAT NF_NAT NF_NAT_NEEDED + IP_NF_NAT NF_NAT # required for bind-mounting /dev/mqueue into containers POSIX_MQUEUE @@ -212,6 +212,10 @@ if [ "$kernelMajor" -lt 5 ] || [ "$kernelMajor" -eq 5 -a "$kernelMinor" -le 1 ]; check_flags NF_NAT_IPV4 fi +if [ "$kernelMajor" -lt 5 ] || [ "$kernelMajor" -eq 5 -a "$kernelMinor" -le 2 ]; then + check_flags NF_NAT_NEEDED +fi + echo echo 'Optional Features:' From bb0866f04e0b40f3a1e3883f3c2bcc8385fe951f Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 13:25:16 -0800 Subject: [PATCH 035/252] contrib/check-config.sh: fix MEMCG_SWAP_ENABLED Kernel commit 2d1c498072de69e (which made its way into kernel v5.8-rc1) removed CONFIG_MEMCG_SWAP_ENABLED Kconfig option, making swap accounting always enabled (unless swapaccount=0 boot option is provided). Make the check conditional. Signed-off-by: Kir Kolyshkin (cherry picked from commit 070f9d9dd35e854f4a30563183987a6ec3276847) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 17d9c2f299c78..a667c9669babe 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -230,13 +230,21 @@ echo 'Optional Features:' check_flags CGROUP_PIDS } { - CODE=${EXITCODE} - check_flags MEMCG_SWAP MEMCG_SWAP_ENABLED - if [ -e /sys/fs/cgroup/memory/memory.memsw.limit_in_bytes ]; then + check_flags MEMCG_SWAP + # Kernel v5.8+ removes MEMCG_SWAP_ENABLED. + if [ "$kernelMajor" -lt 5 ] || [ "$kernelMajor" -eq 5 -a "$kernelMinor" -le 8 ]; then + CODE=${EXITCODE} + check_flags MEMCG_SWAP_ENABLED + # FIXME this check is cgroupv1-specific + if [ -e /sys/fs/cgroup/memory/memory.memsw.limit_in_bytes ]; then + echo " $(wrap_color '(cgroup swap accounting is currently enabled)' bold black)" + EXITCODE=${CODE} + elif is_set MEMCG_SWAP && ! is_set MEMCG_SWAP_ENABLED; then + echo " $(wrap_color '(cgroup swap accounting is currently not enabled, you can enable it by setting boot option "swapaccount=1")' bold black)" + fi + else + # Kernel v5.8+ enables swap accounting by default. echo " $(wrap_color '(cgroup swap accounting is currently enabled)' bold black)" - EXITCODE=${CODE} - elif is_set MEMCG_SWAP && ! is_set MEMCG_SWAP_ENABLED; then - echo " $(wrap_color '(cgroup swap accounting is currently not enabled, you can enable it by setting boot option "swapaccount=1")' bold black)" fi } { From 8412078b1eaa7abef5b35445ca233cd8928d4350 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 13:31:19 -0800 Subject: [PATCH 036/252] contrib/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED These config options are removed by kernel commit f382fb0bcef4, which made its way into kernel v5.0-rc1. Make the check conditional. Signed-off-by: Kir Kolyshkin (cherry picked from commit 18e054358758552828f1ba3ae5859a77e8b2609c) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index a667c9669babe..4378bf4155312 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -283,8 +283,12 @@ else netprio=CGROUP_NET_PRIO fi +if [ "$kernelMajor" -lt 5 ]; then + check_flags IOSCHED_CFQ CFQ_GROUP_IOSCHED +fi + flags=( - BLK_CGROUP BLK_DEV_THROTTLING IOSCHED_CFQ CFQ_GROUP_IOSCHED + BLK_CGROUP BLK_DEV_THROTTLING CGROUP_PERF CGROUP_HUGETLB NET_CLS_CGROUP $netprio From 420de4c569817aef00a1eaa3daddf65df50ae630 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 11 Jan 2021 13:39:06 -0800 Subject: [PATCH 037/252] contrib/check-config.sh: fix INET_XFRM_MODE_TRANSPORT This parameter was removed by kernel commit 4c145dce260137, which made its way to kernel v5.3-rc1. Since that commit, the functionality is built-in (i.e. it is available as long as CONFIG_XFRM is on). Make the check conditional. Signed-off-by: Kir Kolyshkin (cherry picked from commit 06d9020fac6c0165fc82dffba3bb597f209f5bb7) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 4378bf4155312..849dc32d22e7c 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -323,7 +323,10 @@ echo " - \"$(wrap_color 'overlay' blue)\":" check_flags VXLAN BRIDGE_VLAN_FILTERING | sed 's/^/ /' echo ' Optional (for encrypted networks):' check_flags CRYPTO CRYPTO_AEAD CRYPTO_GCM CRYPTO_SEQIV CRYPTO_GHASH \ - XFRM XFRM_USER XFRM_ALGO INET_ESP INET_XFRM_MODE_TRANSPORT | sed 's/^/ /' + XFRM XFRM_USER XFRM_ALGO INET_ESP | sed 's/^/ /' +if [ "$kernelMajor" -lt 5 ] || [ "$kernelMajor" -eq 5 -a "$kernelMinor" -le 3 ]; then + check_flags INET_XFRM_MODE_TRANSPORT | sed 's/^/ /' +fi echo " - \"$(wrap_color 'ipvlan' blue)\":" check_flags IPVLAN | sed 's/^/ /' echo " - \"$(wrap_color 'macvlan' blue)\":" From b7e6803ec4999918ace79261750f6556e30d7a88 Mon Sep 17 00:00:00 2001 From: "Frederico F. de Oliveira" Date: Sat, 23 Jan 2021 03:35:49 +0000 Subject: [PATCH 038/252] swagger.yaml: Remove extra 'the' wrapped by newline This PR was originally proposed by @phillc here: https://github.com/docker/engine/pull/456 Signed-off-by: FreddieOliveira (cherry picked from commit 2db5676c6e827ce311a87224cf5f2e3ae8b68afd) Signed-off-by: Sebastiaan van Stijn --- api/swagger.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/swagger.yaml b/api/swagger.yaml index 9f1019681af51..b6a6e83dfbb95 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -7310,7 +7310,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) From c00fb1383fac3b2f28afedc74157bd5c30f78c11 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 27 Jan 2021 12:24:47 +0100 Subject: [PATCH 039/252] docs: fix double "the" in existing API versions Backport of 2db5676c6e827ce311a87224cf5f2e3ae8b68afd to the swagger files used in the documentation Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 240d0b37bbb25f47f7443a47c15029465c2338e4) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.37.yaml | 2 +- docs/api/v1.38.yaml | 2 +- docs/api/v1.39.yaml | 2 +- docs/api/v1.40.yaml | 2 +- docs/api/v1.41.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/api/v1.37.yaml b/docs/api/v1.37.yaml index a4de19d8f512e..d21cc0d66d4c2 100644 --- a/docs/api/v1.37.yaml +++ b/docs/api/v1.37.yaml @@ -6196,7 +6196,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) diff --git a/docs/api/v1.38.yaml b/docs/api/v1.38.yaml index b29439feace4e..1bfa24d4b78ee 100644 --- a/docs/api/v1.38.yaml +++ b/docs/api/v1.38.yaml @@ -6257,7 +6257,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) diff --git a/docs/api/v1.39.yaml b/docs/api/v1.39.yaml index ee017ea7a5a48..59a97c3723b1d 100644 --- a/docs/api/v1.39.yaml +++ b/docs/api/v1.39.yaml @@ -7004,7 +7004,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index 56a3e824d1071..30358a63af5f3 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -7142,7 +7142,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 9f1019681af51..b6a6e83dfbb95 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -7310,7 +7310,7 @@ paths: For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - the query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. + query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) From 34446d0343339689832add03f1034c04cc3e529b Mon Sep 17 00:00:00 2001 From: Jim Lin Date: Mon, 11 Jan 2021 22:59:35 +0800 Subject: [PATCH 040/252] replace json.Unmarshal with NewFromJSON in Create Signed-off-by: Jim Lin (cherry picked from commit c9ec21e17a3353872d486f2e732ae7f53de37c41) Signed-off-by: Sebastiaan van Stijn --- image/store.go | 5 ++--- image/store_test.go | 8 ++++++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/image/store.go b/image/store.go index 0ad87f5c61def..20a6d49257300 100644 --- a/image/store.go +++ b/image/store.go @@ -1,7 +1,6 @@ package image // import "github.com/docker/docker/image" import ( - "encoding/json" "fmt" "sync" "time" @@ -118,8 +117,8 @@ func (is *store) restore() error { } func (is *store) Create(config []byte) (ID, error) { - var img Image - err := json.Unmarshal(config, &img) + var img *Image + img, err := NewFromJSON(config) if err != nil { return "", err } diff --git a/image/store_test.go b/image/store_test.go index f159cb3830eaf..970b8d8ab6526 100644 --- a/image/store_test.go +++ b/image/store_test.go @@ -10,6 +10,14 @@ import ( "gotest.tools/v3/assert/cmp" ) +func TestCreate(t *testing.T) { + is, cleanup := defaultImageStore(t) + defer cleanup() + + _, err := is.Create([]byte(`{}`)) + assert.Check(t, cmp.Error(err, "invalid image JSON, no RootFS key")) +} + func TestRestore(t *testing.T) { fs, cleanup := defaultFSStoreBackend(t) defer cleanup() From d13e162a63d9118dea85135073c071c7224a5845 Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Wed, 20 Jan 2021 13:18:41 -0800 Subject: [PATCH 041/252] Handle long log messages correctly on SizedLogger Loggers that implement BufSize() (e.g. awslogs) uses the method to tell Copier about the maximum log line length. However loggerWithCache and RingBuffer hide the method by wrapping loggers. As a result, Copier uses its default 16KB limit which breaks log lines > 16kB even the destinations can handle that. This change implements BufSize() on loggerWithCache and RingBuffer to make sure these logger wrappes don't hide the method on the underlying loggers. Fixes #41794. Signed-off-by: Kazuyoshi Kato (cherry picked from commit bb11365e96a4f25fe20606b30cbfb79998fadff3) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/awslogs/cloudwatchlogs.go | 1 + daemon/logger/copier.go | 7 ++++- daemon/logger/copier_test.go | 26 ++++++++++++++++--- .../logger/loggerutils/cache/local_cache.go | 11 ++++++++ daemon/logger/ring.go | 11 ++++++++ 5 files changed, 52 insertions(+), 4 deletions(-) diff --git a/daemon/logger/awslogs/cloudwatchlogs.go b/daemon/logger/awslogs/cloudwatchlogs.go index aafebe6274c36..c7642cece62d5 100644 --- a/daemon/logger/awslogs/cloudwatchlogs.go +++ b/daemon/logger/awslogs/cloudwatchlogs.go @@ -400,6 +400,7 @@ func (l *logStream) Name() string { return name } +// BufSize returns the maximum bytes CloudWatch can handle. func (l *logStream) BufSize() int { return maximumBytesPerEvent } diff --git a/daemon/logger/copier.go b/daemon/logger/copier.go index e24272fa6dff5..e2ee36c0987eb 100644 --- a/daemon/logger/copier.go +++ b/daemon/logger/copier.go @@ -54,7 +54,12 @@ func (c *Copier) copySrc(name string, src io.Reader) { bufSize := defaultBufSize if sizedLogger, ok := c.dst.(SizedLogger); ok { - bufSize = sizedLogger.BufSize() + size := sizedLogger.BufSize() + // Loggers that wrap another loggers would have BufSize(), but cannot return the size + // when the wrapped loggers doesn't have BufSize(). + if size > 0 { + bufSize = size + } } buf := make([]byte, bufSize) diff --git a/daemon/logger/copier_test.go b/daemon/logger/copier_test.go index 94077af6690d0..db674b32a3dd7 100644 --- a/daemon/logger/copier_test.go +++ b/daemon/logger/copier_test.go @@ -223,10 +223,28 @@ func TestCopierSlow(t *testing.T) { } func TestCopierWithSized(t *testing.T) { + t.Run("as is", func(t *testing.T) { + testCopierWithSized(t, func(l SizedLogger) SizedLogger { + return l + }) + }) + t.Run("With RingLogger", func(t *testing.T) { + testCopierWithSized(t, func(l SizedLogger) SizedLogger { + return newRingLogger(l, Info{}, defaultRingMaxSize) + }) + }) +} + +func testCopierWithSized(t *testing.T, loggerFactory func(SizedLogger) SizedLogger) { var jsonBuf bytes.Buffer expectedMsgs := 2 - sizedLogger := &TestSizedLoggerJSON{Encoder: json.NewEncoder(&jsonBuf)} - logbuf := bytes.NewBufferString(strings.Repeat(".", sizedLogger.BufSize()*expectedMsgs)) + sizedLogger := loggerFactory(&TestSizedLoggerJSON{Encoder: json.NewEncoder(&jsonBuf)}) + + size := sizedLogger.BufSize() + if size < 0 { + size = 100 + } + logbuf := bytes.NewBufferString(strings.Repeat(".", size*expectedMsgs)) c := NewCopier(map[string]io.Reader{"stdout": logbuf}, sizedLogger) c.Run() @@ -234,6 +252,8 @@ func TestCopierWithSized(t *testing.T) { c.Wait() c.Close() + sizedLogger.Close() + recvdMsgs := 0 dec := json.NewDecoder(&jsonBuf) for { @@ -253,7 +273,7 @@ func TestCopierWithSized(t *testing.T) { recvdMsgs++ } if recvdMsgs != expectedMsgs { - t.Fatalf("expected to receive %d messages, actually received %d", expectedMsgs, recvdMsgs) + t.Fatalf("expected to receive %d messages, actually received %d %q", expectedMsgs, recvdMsgs, jsonBuf.String()) } } diff --git a/daemon/logger/loggerutils/cache/local_cache.go b/daemon/logger/loggerutils/cache/local_cache.go index 750dc498ab1f8..1ca19eb5db0a6 100644 --- a/daemon/logger/loggerutils/cache/local_cache.go +++ b/daemon/logger/loggerutils/cache/local_cache.go @@ -58,6 +58,17 @@ type loggerWithCache struct { cache logger.Logger } +var _ logger.SizedLogger = &loggerWithCache{} + +// BufSize returns the buffer size of the underlying logger. +// Returns -1 if the logger doesn't match SizedLogger interface. +func (l *loggerWithCache) BufSize() int { + if sl, ok := l.l.(logger.SizedLogger); ok { + return sl.BufSize() + } + return -1 +} + func (l *loggerWithCache) Log(msg *logger.Message) error { // copy the message as the original will be reset once the call to `Log` is complete dup := logger.NewMessage() diff --git a/daemon/logger/ring.go b/daemon/logger/ring.go index c675c1e83c591..b6432aed36f74 100644 --- a/daemon/logger/ring.go +++ b/daemon/logger/ring.go @@ -21,6 +21,8 @@ type RingLogger struct { closeFlag int32 } +var _ SizedLogger = &RingLogger{} + type ringWithReader struct { *RingLogger } @@ -57,6 +59,15 @@ func NewRingLogger(driver Logger, logInfo Info, maxSize int64) Logger { return l } +// BufSize returns the buffer size of the underlying logger. +// Returns -1 if the logger doesn't match SizedLogger interface. +func (r *RingLogger) BufSize() int { + if sl, ok := r.l.(SizedLogger); ok { + return sl.BufSize() + } + return -1 +} + // Log queues messages into the ring buffer func (r *RingLogger) Log(msg *Message) error { if r.closed() { From df2a9897690cd9c3a71a3c496bc831ee5b2af361 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 4 Jan 2021 19:43:19 +0000 Subject: [PATCH 042/252] Add shim config for custom runtimes for plugins This fixes a panic when an admin specifies a custom default runtime, when a plugin is started the shim config is nil. Signed-off-by: Brian Goff (cherry picked from commit 2903863a1d7313118255dc8cc0664cdfe3e6a379) Signed-off-by: Sebastiaan van Stijn --- daemon/daemon.go | 8 ++- daemon/runtime_unix.go | 46 ++++++++++++++--- daemon/runtime_windows.go | 10 ++++ daemon/start_unix.go | 20 ++----- integration/plugin/common/plugin_test.go | 66 ++++++++++++++++++++++++ 5 files changed, 124 insertions(+), 26 deletions(-) create mode 100644 daemon/runtime_windows.go diff --git a/daemon/daemon.go b/daemon/daemon.go index 794ff9712d08d..3d8cca2880101 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go @@ -965,8 +965,12 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S } var rt types.Runtime - if runtime := config.GetRuntime(config.GetDefaultRuntimeName()); runtime != nil { - rt = *runtime + if runtime.GOOS != "windows" { + rtPtr, err := d.getRuntime(config.GetDefaultRuntimeName()) + if err != nil { + return nil, err + } + rt = *rtPtr } return pluginexec.New(ctx, getPluginExecRoot(config.Root), pluginCli, config.ContainerdPluginNamespace, m, rt) } diff --git a/daemon/runtime_unix.go b/daemon/runtime_unix.go index 2f2011f2e37cb..6c57e2455be40 100644 --- a/daemon/runtime_unix.go +++ b/daemon/runtime_unix.go @@ -10,10 +10,12 @@ import ( "path/filepath" "strings" + "github.com/containerd/cgroups" "github.com/containerd/containerd/runtime/linux/runctypes" v2runcoptions "github.com/containerd/containerd/runtime/v2/runc/options" "github.com/docker/docker/api/types" "github.com/docker/docker/daemon/config" + "github.com/docker/docker/errdefs" "github.com/docker/docker/pkg/ioutils" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -96,14 +98,15 @@ func (daemon *Daemon) initRuntimes(runtimes map[string]types.Runtime) (err error }() for name, rt := range runtimes { - if len(rt.Args) == 0 { - continue + if len(rt.Args) > 0 { + script := filepath.Join(tmpDir, name) + content := fmt.Sprintf("#!/bin/sh\n%s %s $@\n", rt.Path, strings.Join(rt.Args, " ")) + if err := ioutil.WriteFile(script, []byte(content), 0700); err != nil { + return err + } } - - script := filepath.Join(tmpDir, name) - content := fmt.Sprintf("#!/bin/sh\n%s %s $@\n", rt.Path, strings.Join(rt.Args, " ")) - if err := ioutil.WriteFile(script, []byte(content), 0700); err != nil { - return err + if rt.Shim == nil { + rt.Shim = defaultV2ShimConfig(daemon.configStore, rt.Path) } } return nil @@ -124,3 +127,32 @@ func (daemon *Daemon) rewriteRuntimePath(name, p string, args []string) (string, return filepath.Join(daemon.configStore.Root, "runtimes", name), nil } + +func (daemon *Daemon) getRuntime(name string) (*types.Runtime, error) { + rt := daemon.configStore.GetRuntime(name) + if rt == nil { + return nil, errdefs.InvalidParameter(errors.Errorf("runtime not found in config: %s", name)) + } + + if len(rt.Args) > 0 { + p, err := daemon.rewriteRuntimePath(name, rt.Path, rt.Args) + if err != nil { + return nil, err + } + rt.Path = p + rt.Args = nil + } + + if rt.Shim == nil { + rt.Shim = defaultV2ShimConfig(daemon.configStore, rt.Path) + } + + if rt.Shim.Binary == linuxShimV1 { + if cgroups.Mode() == cgroups.Unified { + return nil, errdefs.InvalidParameter(errors.Errorf("runtime %q is not supported while cgroups v2 (unified hierarchy) is being used", name)) + } + logrus.Warnf("Configured runtime %q is deprecated and will be removed in the next release", name) + } + + return rt, nil +} diff --git a/daemon/runtime_windows.go b/daemon/runtime_windows.go new file mode 100644 index 0000000000000..0787cb115563e --- /dev/null +++ b/daemon/runtime_windows.go @@ -0,0 +1,10 @@ +package daemon + +import ( + "github.com/docker/docker/api/types" + "github.com/pkg/errors" +) + +func (daemon *Daemon) getRuntime(name string) (*types.Runtime, error) { + return nil, errors.New("not implemented") +} diff --git a/daemon/start_unix.go b/daemon/start_unix.go index 7b70451162811..2b4dc95106381 100644 --- a/daemon/start_unix.go +++ b/daemon/start_unix.go @@ -3,11 +3,7 @@ package daemon // import "github.com/docker/docker/daemon" import ( - "github.com/containerd/cgroups" "github.com/docker/docker/container" - "github.com/docker/docker/errdefs" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" ) // getLibcontainerdCreateOptions callers must hold a lock on the container @@ -18,19 +14,9 @@ func (daemon *Daemon) getLibcontainerdCreateOptions(container *container.Contain container.CheckpointTo(daemon.containersReplica) } - rt := daemon.configStore.GetRuntime(container.HostConfig.Runtime) - if rt.Shim == nil { - p, err := daemon.rewriteRuntimePath(container.HostConfig.Runtime, rt.Path, rt.Args) - if err != nil { - return "", nil, translateContainerdStartErr(container.Path, container.SetExitCode, err) - } - rt.Shim = defaultV2ShimConfig(daemon.configStore, p) - } - if rt.Shim.Binary == linuxShimV1 { - if cgroups.Mode() == cgroups.Unified { - return "", nil, errdefs.InvalidParameter(errors.Errorf("runtime %q is not supported while cgroups v2 (unified hierarchy) is being used", container.HostConfig.Runtime)) - } - logrus.Warnf("Configured runtime %q is deprecated and will be removed in the next release", container.HostConfig.Runtime) + rt, err := daemon.getRuntime(container.HostConfig.Runtime) + if err != nil { + return "", nil, translateContainerdStartErr(container.Path, container.SetExitCode, err) } return rt.Shim.Binary, rt.Shim.Opts, nil diff --git a/integration/plugin/common/plugin_test.go b/integration/plugin/common/plugin_test.go index b2c824e8c4f51..055381dcfb5fe 100644 --- a/integration/plugin/common/plugin_test.go +++ b/integration/plugin/common/plugin_test.go @@ -4,11 +4,14 @@ import ( "context" "encoding/base64" "encoding/json" + "fmt" "io" "io/ioutil" "net" "net/http" + "os" "path" + "path/filepath" "strings" "testing" @@ -157,3 +160,66 @@ func TestPluginInstall(t *testing.T) { }) // TODO: test insecure registry with https } + +func TestPluginsWithRuntimes(t *testing.T) { + skip.If(t, testEnv.IsRemoteDaemon, "cannot run daemon when remote daemon") + skip.If(t, testEnv.IsRootless, "Test not supported on rootless due to buggy daemon setup in rootless mode due to daemon restart") + skip.If(t, testEnv.OSType == "windows") + + dir, err := ioutil.TempDir("", t.Name()) + assert.NilError(t, err) + defer os.RemoveAll(dir) + + d := daemon.New(t) + defer d.Cleanup(t) + + d.Start(t) + defer d.Stop(t) + + ctx := context.Background() + client := d.NewClientT(t) + + assert.NilError(t, plugin.Create(ctx, client, "test:latest")) + defer client.PluginRemove(ctx, "test:latest", types.PluginRemoveOptions{Force: true}) + + assert.NilError(t, client.PluginEnable(ctx, "test:latest", types.PluginEnableOptions{Timeout: 30})) + + p := filepath.Join(dir, "myrt") + script := fmt.Sprintf(`#!/bin/sh + file="%s/success" + if [ "$1" = "someArg" ]; then + shift + file="${file}_someArg" + fi + + touch $file + exec runc $@ + `, dir) + + assert.NilError(t, ioutil.WriteFile(p, []byte(script), 0777)) + + type config struct { + Runtimes map[string]types.Runtime `json:"runtimes"` + } + + cfg, err := json.Marshal(config{ + Runtimes: map[string]types.Runtime{ + "myrt": {Path: p}, + "myrtArgs": {Path: p, Args: []string{"someArg"}}, + }, + }) + configPath := filepath.Join(dir, "config.json") + ioutil.WriteFile(configPath, cfg, 0644) + + t.Run("No Args", func(t *testing.T) { + d.Restart(t, "--default-runtime=myrt", "--config-file="+configPath) + _, err = os.Stat(filepath.Join(dir, "success")) + assert.NilError(t, err) + }) + + t.Run("With Args", func(t *testing.T) { + d.Restart(t, "--default-runtime=myrtArgs", "--config-file="+configPath) + _, err = os.Stat(filepath.Join(dir, "success_someArg")) + assert.NilError(t, err) + }) +} From ab5711e619f2a6c7b0682a7c61a86aacdc9ad7ec Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Wed, 13 Jan 2021 01:14:36 +0000 Subject: [PATCH 043/252] Fix builder inconsistent error on buggy platform When pulling an image by platform, it is possible for the image's configured platform to not match what was in the manifest list. The image itself is buggy because either the manifest list is incorrect or the image config is incorrect. In any case, this is preventing people from upgrading because many times users do not have control over these buggy images. This was not a problem in 19.03 because we did not compare on platform before. It just assumed if we had the image it was the one we wanted regardless of platform, which has its own problems. Example Dockerfile that has this problem: ```Dockerfile FROM --platform=linux/arm64 k8s.gcr.io/build-image/debian-iptables:buster-v1.3.0 RUN echo hello ``` This fails the first time you try to build after it finishes pulling but before performing the `RUN` command. On the second attempt it works because the image is already there and does not hit the code that errors out on platform mismatch (Actually it ignores errors if an image is returned at all). Must be run with the classic builder (DOCKER_BUILDKIT=0). Signed-off-by: Brian Goff (cherry picked from commit 399695305c67aae1010e6754f90f9078aa39e742) Signed-off-by: Sebastiaan van Stijn --- daemon/images/image_builder.go | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/daemon/images/image_builder.go b/daemon/images/image_builder.go index 2fd4335d6b304..d401438ca291e 100644 --- a/daemon/images/image_builder.go +++ b/daemon/images/image_builder.go @@ -5,18 +5,23 @@ import ( "io" "runtime" + "github.com/containerd/containerd/platforms" "github.com/docker/distribution/reference" "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/backend" "github.com/docker/docker/builder" + "github.com/docker/docker/errdefs" "github.com/docker/docker/image" "github.com/docker/docker/layer" "github.com/docker/docker/pkg/containerfs" + "github.com/docker/docker/pkg/progress" + "github.com/docker/docker/pkg/streamformatter" "github.com/docker/docker/pkg/stringid" "github.com/docker/docker/pkg/system" "github.com/docker/docker/registry" specs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) type roLayer struct { @@ -161,7 +166,29 @@ func (i *ImageService) pullForBuilder(ctx context.Context, name string, authConf if err := i.pullImageWithReference(ctx, ref, platform, nil, pullRegistryAuth, output); err != nil { return nil, err } - return i.GetImage(name, platform) + + img, err := i.GetImage(name, platform) + if errdefs.IsNotFound(err) && img != nil && platform != nil { + imgPlat := specs.Platform{ + OS: img.OS, + Architecture: img.BaseImgArch(), + Variant: img.BaseImgVariant(), + } + + p := *platform + if !platforms.Only(p).Match(imgPlat) { + po := streamformatter.NewJSONProgressOutput(output, false) + progress.Messagef(po, "", ` +WARNING: Pulled image with specified platform (%s), but the resulting image's configured platform (%s) does not match. +This is most likely caused by a bug in the build system that created the fetched image (%s). +Please notify the image author to correct the configuration.`, + platforms.Format(p), platforms.Format(imgPlat), name, + ) + logrus.WithError(err).WithField("image", name).Warn("Ignoring error about platform mismatch where the manifest list points to an image whose configuration does not match the platform in the manifest.") + err = nil + } + } + return img, err } // GetImageAndReleasableLayer returns an image and releaseable layer for a reference or ID. From e3750357a5ca99f484445da898ac151adf6f21f3 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Wed, 6 Jan 2021 22:46:53 -0800 Subject: [PATCH 044/252] builder: ensure libnetwork state file do not leak Signed-off-by: Tonis Tiigi (cherry picked from commit 7c7e1689021afdd3775eecdd1e60ad8c0cc44678) Signed-off-by: Sebastiaan van Stijn --- builder/builder-next/executor_unix.go | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/builder/builder-next/executor_unix.go b/builder/builder-next/executor_unix.go index cefbb8a56fc41..5dbf64c18281e 100644 --- a/builder/builder-next/executor_unix.go +++ b/builder/builder-next/executor_unix.go @@ -3,6 +3,7 @@ package buildkit import ( + "io/ioutil" "os" "path/filepath" "strconv" @@ -25,11 +26,24 @@ import ( const networkName = "bridge" func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, dnsConfig *oci.DNSConfig, rootless bool, idmap *idtools.IdentityMapping, apparmorProfile string) (executor.Executor, error) { + netRoot := filepath.Join(root, "net") networkProviders := map[pb.NetMode]network.Provider{ - pb.NetMode_UNSET: &bridgeProvider{NetworkController: net, Root: filepath.Join(root, "net")}, + pb.NetMode_UNSET: &bridgeProvider{NetworkController: net, Root: netRoot}, pb.NetMode_HOST: network.NewHostProvider(), pb.NetMode_NONE: network.NewNoneProvider(), } + + // make sure net state directory is cleared from previous state + fis, err := ioutil.ReadDir(netRoot) + if err == nil { + for _, fi := range fis { + fp := filepath.Join(netRoot, fi.Name()) + if err := os.RemoveAll(fp); err != nil { + logrus.WithError(err).Errorf("failed to delete old network state: %v", fp) + } + } + } + return runcexecutor.New(runcexecutor.Opt{ Root: filepath.Join(root, "executor"), CommandCandidates: []string{"runc"}, @@ -118,7 +132,10 @@ func (iface *lnInterface) Close() error { if iface.sbx != nil { go func() { if err := iface.sbx.Delete(); err != nil { - logrus.Errorf("failed to delete builder network sandbox: %v", err) + logrus.WithError(err).Errorf("failed to delete builder network sandbox") + } + if err := os.RemoveAll(filepath.Join(iface.provider.Root, iface.sbx.ContainerID())); err != nil { + logrus.WithError(err).Errorf("failed to delete builder sandbox directory") } }() } From a6a88b3145c33bbec871cc9d3bea2170ed785142 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Sun, 17 Jan 2021 23:39:31 +1100 Subject: [PATCH 045/252] profiles: seccomp: update to Linux 5.11 syscall list These syscalls (some of which have been in Linux for a while but were missing from the profile) fall into a few buckets: * close_range(2), epoll_pwait2(2) are just extensions of existing "safe for everyone" syscalls. * The mountv2 API syscalls (fs*(2), move_mount(2), open_tree(2)) are all equivalent to aspects of mount(2) and thus go into the CAP_SYS_ADMIN category. * process_madvise(2) is similar to the other process_*(2) syscalls and thus goes in the CAP_SYS_PTRACE category. Signed-off-by: Aleksa Sarai (cherry picked from commit 54eff4354b17a9c460b851300f28aed1408a8615) Signed-off-by: Sebastiaan van Stijn --- profiles/seccomp/default.json | 9 +++++++++ profiles/seccomp/default_linux.go | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/profiles/seccomp/default.json b/profiles/seccomp/default.json index 3ae143c8b1417..4213799ddb5cd 100644 --- a/profiles/seccomp/default.json +++ b/profiles/seccomp/default.json @@ -74,6 +74,7 @@ "clock_nanosleep", "clock_nanosleep_time64", "close", + "close_range", "connect", "copy_file_range", "creat", @@ -85,6 +86,7 @@ "epoll_ctl", "epoll_ctl_old", "epoll_pwait", + "epoll_pwait2", "epoll_wait", "epoll_wait_old", "eventfd", @@ -590,9 +592,15 @@ "bpf", "clone", "fanotify_init", + "fsconfig", + "fsmount", + "fsopen", + "fspick", "lookup_dcookie", "mount", + "move_mount", "name_to_handle_at", + "open_tree", "perf_event_open", "quotactl", "setdomainname", @@ -724,6 +732,7 @@ "names": [ "kcmp", "pidfd_getfd", + "process_madvise", "process_vm_readv", "process_vm_writev", "ptrace" diff --git a/profiles/seccomp/default_linux.go b/profiles/seccomp/default_linux.go index 232a4149cdab6..879eb88c64f18 100644 --- a/profiles/seccomp/default_linux.go +++ b/profiles/seccomp/default_linux.go @@ -67,6 +67,7 @@ func DefaultProfile() *Seccomp { "clock_nanosleep", "clock_nanosleep_time64", "close", + "close_range", "connect", "copy_file_range", "creat", @@ -78,6 +79,7 @@ func DefaultProfile() *Seccomp { "epoll_ctl", "epoll_ctl_old", "epoll_pwait", + "epoll_pwait2", "epoll_wait", "epoll_wait_old", "eventfd", @@ -521,9 +523,15 @@ func DefaultProfile() *Seccomp { "bpf", "clone", "fanotify_init", + "fsconfig", + "fsmount", + "fsopen", + "fspick", "lookup_dcookie", "mount", + "move_mount", "name_to_handle_at", + "open_tree", "perf_event_open", "quotactl", "setdomainname", @@ -625,6 +633,7 @@ func DefaultProfile() *Seccomp { Names: []string{ "kcmp", "pidfd_getfd", + "process_madvise", "process_vm_readv", "process_vm_writev", "ptrace", From 0caf485abb22703ad24fdf0f7cad827d15394467 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 1 Feb 2021 19:09:09 +0000 Subject: [PATCH 046/252] Fallback to manifest list when no platform match In some cases, in fact many in the wild, an image may have the incorrect platform on the image config. This can lead to failures to run an image, particularly when a user specifies a `--platform`. Typically what we see in the wild is a manifest list with an an entry for, as an example, linux/arm64 pointing to an image config that has linux/amd64 on it. This change falls back to looking up the manifest list for an image to see if the manifest list shows the image as the correct one for that platform. In order to accomplish this we need to traverse the leases associated with an image. Each image, if pulled with Docker 20.10, will have the manifest list stored in the containerd content store with the resource assigned to a lease keyed on the image ID. So we look up the lease for the image, then look up the assocated resources to find the manifest list, then check the manifest list for a platform match, then ensure that manifest referes to our image config. This is only used as a fallback when a user specified they want a particular platform and the image config that we have does not match that platform. Signed-off-by: Brian Goff (cherry picked from commit 4be54532151f411bd04faf508c45bb89c4bf3841) Signed-off-by: Brian Goff --- daemon/images/image.go | 135 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 133 insertions(+), 2 deletions(-) diff --git a/daemon/images/image.go b/daemon/images/image.go index 361a2d37d549e..ac02dde1c7960 100644 --- a/daemon/images/image.go +++ b/daemon/images/image.go @@ -1,15 +1,24 @@ package images // import "github.com/docker/docker/daemon/images" import ( + "context" + "encoding/json" "fmt" + "io" + "io/ioutil" + "github.com/containerd/containerd/content" + c8derrdefs "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/images" + "github.com/containerd/containerd/leases" "github.com/containerd/containerd/platforms" - "github.com/pkg/errors" - "github.com/docker/distribution/reference" "github.com/docker/docker/errdefs" "github.com/docker/docker/image" + digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go/v1" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // ErrImageDoesNotExist is error returned when no image can be found for a reference. @@ -28,6 +37,115 @@ func (e ErrImageDoesNotExist) Error() string { // NotFound implements the NotFound interface func (e ErrImageDoesNotExist) NotFound() {} +type manifestList struct { + Manifests []specs.Descriptor `json:"manifests"` +} + +type manifest struct { + Config specs.Descriptor `json:"config"` +} + +func (i *ImageService) manifestMatchesPlatform(img *image.Image, platform specs.Platform) bool { + ctx := context.TODO() + logger := logrus.WithField("image", img.ID).WithField("desiredPlatform", platforms.Format(platform)) + + ls, leaseErr := i.leases.ListResources(context.TODO(), leases.Lease{ID: imageKey(img.ID().Digest())}) + if leaseErr != nil { + logger.WithError(leaseErr).Error("Error looking up image leases") + return false + } + + comparer := platforms.Only(platform) + + var ( + ml manifestList + m manifest + ) + + makeRdr := func(ra content.ReaderAt) io.Reader { + return io.LimitReader(io.NewSectionReader(ra, 0, ra.Size()), 1e6) + } + + for _, r := range ls { + logger := logger.WithField("resourceID", r.ID).WithField("resourceType", r.Type) + logger.Debug("Checking lease resource for platform match") + if r.Type != "content" { + continue + } + + ra, err := i.content.ReaderAt(ctx, specs.Descriptor{Digest: digest.Digest(r.ID)}) + if err != nil { + if c8derrdefs.IsNotFound(err) { + continue + } + logger.WithError(err).Error("Error looking up referenced manifest list for image") + continue + } + + data, err := ioutil.ReadAll(makeRdr(ra)) + ra.Close() + + if err != nil { + logger.WithError(err).Error("Error reading manifest list for image") + continue + } + + ml.Manifests = nil + + if err := json.Unmarshal(data, &ml); err != nil { + logger.WithError(err).Error("Error unmarshalling content") + continue + } + + for _, md := range ml.Manifests { + switch md.MediaType { + case specs.MediaTypeImageManifest, images.MediaTypeDockerSchema2Manifest: + default: + continue + } + + p := specs.Platform{ + Architecture: md.Platform.Architecture, + OS: md.Platform.OS, + Variant: md.Platform.Variant, + } + if !comparer.Match(p) { + logger.WithField("otherPlatform", platforms.Format(p)).Debug("Manifest is not a match") + continue + } + + // Here we have a platform match for the referenced manifest, let's make sure the manifest is actually for the image config we are using. + + ra, err := i.content.ReaderAt(ctx, specs.Descriptor{Digest: md.Digest}) + if err != nil { + logger.WithField("otherDigest", md.Digest).WithError(err).Error("Could not get reader for manifest") + continue + } + + data, err := ioutil.ReadAll(makeRdr(ra)) + ra.Close() + if err != nil { + logger.WithError(err).Error("Error reading manifest for image") + continue + } + + if err := json.Unmarshal(data, &m); err != nil { + logger.WithError(err).Error("Error desserializing manifest") + continue + } + + if m.Config.Digest == img.ID().Digest() { + logger.WithField("manifestDigest", md.Digest).Debug("Found matching manifest for image") + return true + } + + logger.WithField("otherDigest", md.Digest).Debug("Skipping non-matching manifest") + } + } + + return false +} + // GetImage returns an image corresponding to the image referred to by refOrID. func (i *ImageService) GetImage(refOrID string, platform *specs.Platform) (retImg *image.Image, retErr error) { defer func() { @@ -44,6 +162,19 @@ func (i *ImageService) GetImage(refOrID string, platform *specs.Platform) (retIm // Note that `platforms.Only` will fuzzy match this for us // For example: an armv6 image will run just fine an an armv7 CPU, without emulation or anything. if !platforms.Only(p).Match(imgPlat) { + // Sometimes image variant is not populated due to legacy builders + // We still should support falling back here. + if imgPlat.OS == platform.OS && imgPlat.Architecture == platform.Architecture && imgPlat.Variant == "" { + logrus.WithField("image", refOrID).WithField("platform", platforms.Format(p)).Debug("Image platform cpu variant is not populated, but otherwise it matches what was requested") + return + } + + // In some cases the image config can actually be wrong (e.g. classic `docker build` may not handle `--platform` correctly) + // So we'll look up the manifest list that coresponds to this imaage to check if at least the manifest list says it is the correct image. + if i.manifestMatchesPlatform(retImg, p) { + return + } + // This allows us to tell clients that we don't have the image they asked for // Where this gets hairy is the image store does not currently support multi-arch images, e.g.: // An image `foo` may have a multi-arch manifest, but the image store only fetches the image for a specific platform From 3beb2e4422766b42dadc75be3139f51f55570b68 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Wed, 17 Feb 2021 20:41:12 +0000 Subject: [PATCH 047/252] Move cpu variant checks into platform matcher Wrap platforms.Only and fallback to our ignore mismatches due to empty CPU variants. This just cleans things up and makes the logic re-usable in other places. Signed-off-by: Brian Goff (cherry picked from commit 50f39e724707ef121a988e422eb52045d3754802) Signed-off-by: Brian Goff --- daemon/create.go | 3 +- daemon/images/image.go | 72 ++++++++++++++++++++++++------------ daemon/images/images_test.go | 33 +++++++++++++++++ 3 files changed, 84 insertions(+), 24 deletions(-) create mode 100644 daemon/images/images_test.go diff --git a/daemon/create.go b/daemon/create.go index e0d6eeea8b90e..57f1eff66549f 100644 --- a/daemon/create.go +++ b/daemon/create.go @@ -12,6 +12,7 @@ import ( containertypes "github.com/docker/docker/api/types/container" networktypes "github.com/docker/docker/api/types/network" "github.com/docker/docker/container" + "github.com/docker/docker/daemon/images" "github.com/docker/docker/errdefs" "github.com/docker/docker/image" "github.com/docker/docker/pkg/idtools" @@ -89,7 +90,7 @@ func (daemon *Daemon) containerCreate(opts createOpts) (containertypes.Container Variant: img.Variant, } - if !platforms.Only(p).Match(imgPlat) { + if !images.OnlyPlatformWithFallback(p).Match(imgPlat) { warnings = append(warnings, fmt.Sprintf("The requested image's platform (%s) does not match the detected host platform (%s) and no specific platform was requested", platforms.Format(imgPlat), platforms.Format(p))) } } diff --git a/daemon/images/image.go b/daemon/images/image.go index ac02dde1c7960..cffa5414aea74 100644 --- a/daemon/images/image.go +++ b/daemon/images/image.go @@ -55,6 +55,8 @@ func (i *ImageService) manifestMatchesPlatform(img *image.Image, platform specs. return false } + // Note we are comparing against manifest lists here, which we expect to always have a CPU variant set (where applicable). + // So there is no need for the fallback matcher here. comparer := platforms.Only(platform) var ( @@ -161,31 +163,24 @@ func (i *ImageService) GetImage(refOrID string, platform *specs.Platform) (retIm p := *platform // Note that `platforms.Only` will fuzzy match this for us // For example: an armv6 image will run just fine an an armv7 CPU, without emulation or anything. - if !platforms.Only(p).Match(imgPlat) { - // Sometimes image variant is not populated due to legacy builders - // We still should support falling back here. - if imgPlat.OS == platform.OS && imgPlat.Architecture == platform.Architecture && imgPlat.Variant == "" { - logrus.WithField("image", refOrID).WithField("platform", platforms.Format(p)).Debug("Image platform cpu variant is not populated, but otherwise it matches what was requested") - return - } - - // In some cases the image config can actually be wrong (e.g. classic `docker build` may not handle `--platform` correctly) - // So we'll look up the manifest list that coresponds to this imaage to check if at least the manifest list says it is the correct image. - if i.manifestMatchesPlatform(retImg, p) { - return - } - - // This allows us to tell clients that we don't have the image they asked for - // Where this gets hairy is the image store does not currently support multi-arch images, e.g.: - // An image `foo` may have a multi-arch manifest, but the image store only fetches the image for a specific platform - // The image store does not store the manifest list and image tags are assigned to architecture specific images. - // So we can have a `foo` image that is amd64 but the user requested armv7. If the user looks at the list of images. - // This may be confusing. - // The alternative to this is to return a errdefs.Conflict error with a helpful message, but clients will not be - // able to automatically tell what causes the conflict. - retErr = errdefs.NotFound(errors.Errorf("image with reference %s was found but does not match the specified platform: wanted %s, actual: %s", refOrID, platforms.Format(p), platforms.Format(imgPlat))) + if OnlyPlatformWithFallback(p).Match(imgPlat) { return } + // In some cases the image config can actually be wrong (e.g. classic `docker build` may not handle `--platform` correctly) + // So we'll look up the manifest list that coresponds to this imaage to check if at least the manifest list says it is the correct image. + if i.manifestMatchesPlatform(retImg, p) { + return + } + + // This allows us to tell clients that we don't have the image they asked for + // Where this gets hairy is the image store does not currently support multi-arch images, e.g.: + // An image `foo` may have a multi-arch manifest, but the image store only fetches the image for a specific platform + // The image store does not store the manifest list and image tags are assigned to architecture specific images. + // So we can have a `foo` image that is amd64 but the user requested armv7. If the user looks at the list of images. + // This may be confusing. + // The alternative to this is to return a errdefs.Conflict error with a helpful message, but clients will not be + // able to automatically tell what causes the conflict. + retErr = errdefs.NotFound(errors.Errorf("image with reference %s was found but does not match the specified platform: wanted %s, actual: %s", refOrID, platforms.Format(p), platforms.Format(imgPlat))) }() ref, err := reference.ParseAnyReference(refOrID) if err != nil { @@ -223,3 +218,34 @@ func (i *ImageService) GetImage(refOrID string, platform *specs.Platform) (retIm return nil, ErrImageDoesNotExist{ref} } + +// OnlyPlatformWithFallback uses `platforms.Only` with a fallback to handle the case where the platform +// being matched does not have a CPU variant. +// +// The reason for this is that CPU variant is not even if the official image config spec as of this writing. +// See: https://github.com/opencontainers/image-spec/pull/809 +// Since Docker tends to compare platforms from the image config, we need to handle this case. +func OnlyPlatformWithFallback(p specs.Platform) platforms.Matcher { + return &onlyFallbackMatcher{only: platforms.Only(p), p: platforms.Normalize(p)} +} + +type onlyFallbackMatcher struct { + only platforms.Matcher + p specs.Platform +} + +func (m *onlyFallbackMatcher) Match(other specs.Platform) bool { + if m.only.Match(other) { + // It matches, no reason to fallback + return true + } + if other.Variant != "" { + // If there is a variant then this fallback does not apply, and there is no match + return false + } + otherN := platforms.Normalize(other) + otherN.Variant = "" // normalization adds a default variant... which is the whole problem with `platforms.Only` + + return m.p.OS == otherN.OS && + m.p.Architecture == otherN.Architecture +} diff --git a/daemon/images/images_test.go b/daemon/images/images_test.go new file mode 100644 index 0000000000000..2608c0b4ed819 --- /dev/null +++ b/daemon/images/images_test.go @@ -0,0 +1,33 @@ +package images + +import ( + "testing" + + specs "github.com/opencontainers/image-spec/specs-go/v1" + "gotest.tools/v3/assert" +) + +func TestOnlyPlatformWithFallback(t *testing.T) { + p := specs.Platform{ + OS: "linux", + Architecture: "arm", + Variant: "v8", + } + + // Check no variant + assert.Assert(t, OnlyPlatformWithFallback(p).Match(specs.Platform{ + OS: p.OS, + Architecture: p.Architecture, + })) + // check with variant + assert.Assert(t, OnlyPlatformWithFallback(p).Match(specs.Platform{ + OS: p.OS, + Architecture: p.Architecture, + Variant: p.Variant, + })) + // Make sure non-matches are false. + assert.Assert(t, !OnlyPlatformWithFallback(p).Match(specs.Platform{ + OS: p.OS, + Architecture: "amd64", + })) +} From 0e001154f96b034483db093276aadd24aa6191ca Mon Sep 17 00:00:00 2001 From: Nathan Carlson Date: Wed, 17 Feb 2021 15:59:27 -0600 Subject: [PATCH 048/252] Check the length of the correct variable #42039 Signed-off-by: Nathan Carlson (cherry picked from commit 8d73c1ad688b8212bb424e536c4622162ba29387) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/loginfo.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/logger/loginfo.go b/daemon/logger/loginfo.go index 947abd97af475..12034421fc984 100644 --- a/daemon/logger/loginfo.go +++ b/daemon/logger/loginfo.go @@ -42,7 +42,7 @@ func (info *Info) ExtraAttributes(keyMod func(string) string) (map[string]string } labelsRegex, ok := info.Config["labels-regex"] - if ok && len(labels) > 0 { + if ok && len(labelsRegex) > 0 { re, err := regexp.Compile(labelsRegex) if err != nil { return nil, err From da1a6721027c56d3e58805924dac67ce548af965 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Tue, 16 Feb 2021 22:37:28 -0800 Subject: [PATCH 049/252] builder: fix pull synchronization regression Config resolution was synchronized based on a wrong key as ref variable is initialized only after in the same function. Using the right key isn't fully correct either as the synchronized method changes properties of the puller instance and can't be just skipped. Added better error handling for the same case as well. Signed-off-by: Tonis Tiigi (cherry picked from commit b53ea19c4989e5d2a5b90033de6fd55b423302a0) Signed-off-by: Sebastiaan van Stijn --- .../builder-next/adapters/containerimage/pull.go | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/builder/builder-next/adapters/containerimage/pull.go b/builder/builder-next/adapters/containerimage/pull.go index e731e3e143d80..8e956799af73f 100644 --- a/builder/builder-next/adapters/containerimage/pull.go +++ b/builder/builder-next/adapters/containerimage/pull.go @@ -183,6 +183,7 @@ func (is *Source) Resolve(ctx context.Context, id source.Identifier, sm *session type puller struct { is *Source resolveLocalOnce sync.Once + g flightcontrol.Group src *source.ImageIdentifier desc ocispec.Descriptor ref string @@ -253,9 +254,7 @@ func (p *puller) resolveLocal() { } func (p *puller) resolve(ctx context.Context, g session.Group) error { - // key is used to synchronize resolutions that can happen in parallel when doing multi-stage. - key := "resolve::" + p.ref + "::" + platforms.Format(p.platform) - _, err := p.is.g.Do(ctx, key, func(ctx context.Context) (_ interface{}, err error) { + _, err := p.g.Do(ctx, "", func(ctx context.Context) (_ interface{}, err error) { resolveProgressDone := oneOffProgress(ctx, "resolve "+p.src.Reference.String()) defer func() { resolveProgressDone(err) @@ -329,6 +328,10 @@ func (p *puller) CacheKey(ctx context.Context, g session.Group, index int) (stri return dgst.String(), nil, false, nil } + if len(p.config) == 0 { + return "", nil, false, errors.Errorf("invalid empty config file resolved for %s", p.src.Reference.String()) + } + k := cacheKeyFromConfig(p.config).String() if k == "" { dgst, err := p.mainManifestKey(p.platform) @@ -360,8 +363,10 @@ func (p *puller) getRef(ctx context.Context, diffIDs []layer.DiffID, opts ...cac func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.ImmutableRef, error) { p.resolveLocal() - if err := p.resolve(ctx, g); err != nil { - return nil, err + if len(p.config) == 0 { + if err := p.resolve(ctx, g); err != nil { + return nil, err + } } if p.config != nil { @@ -801,6 +806,7 @@ func cacheKeyFromConfig(dt []byte) digest.Digest { var img ocispec.Image err := json.Unmarshal(dt, &img) if err != nil { + logrus.WithError(err).Errorf("failed to unmarshal image config for cache key %v", err) return digest.FromBytes(dt) } if img.RootFS.Type != "layers" || len(img.RootFS.DiffIDs) == 0 { From 2a220f1f3d176adee684df83921c47d003f83e8e Mon Sep 17 00:00:00 2001 From: Adam Williams Date: Mon, 22 Feb 2021 10:32:08 -0800 Subject: [PATCH 050/252] Update Swarmkit to pick up fixes to heartbeat period and stalled tasks Signed-off-by: Adam Williams (cherry picked from commit cbd2f726bffc45a01d8737ae9a48b099691a09a4) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../docker/swarmkit/manager/manager.go | 11 +++++++- .../swarmkit/manager/scheduler/scheduler.go | 27 +++++++++++++++---- 3 files changed, 33 insertions(+), 7 deletions(-) diff --git a/vendor.conf b/vendor.conf index b56df8947f7ad..e507095c55ef0 100644 --- a/vendor.conf +++ b/vendor.conf @@ -142,7 +142,7 @@ github.com/gogo/googleapis 01e0f9cca9b92166042241267ee2 github.com/cilium/ebpf 1c8d4c9ef7759622653a1d319284a44652333b28 # cluster -github.com/docker/swarmkit d6592ddefd8a5319aadff74c558b816b1a0b2590 +github.com/docker/swarmkit 17d8d4e4d8bdec33d386e6362d3537fa9493ba00 github.com/gogo/protobuf 5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1 github.com/golang/protobuf 84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5 github.com/cloudflare/cfssl 5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2 diff --git a/vendor/github.com/docker/swarmkit/manager/manager.go b/vendor/github.com/docker/swarmkit/manager/manager.go index 27820eca84cd6..6c31ef3a79ece 100644 --- a/vendor/github.com/docker/swarmkit/manager/manager.go +++ b/vendor/github.com/docker/swarmkit/manager/manager.go @@ -1049,7 +1049,16 @@ func (m *Manager) becomeLeader(ctx context.Context) { go func(d *dispatcher.Dispatcher) { // Initialize the dispatcher. - d.Init(m.raftNode, dispatcher.DefaultConfig(), drivers.New(m.config.PluginGetter), m.config.SecurityConfig) + var cluster *api.Cluster + s.View(func(tx store.ReadTx) { + cluster = store.GetCluster(tx, clusterID) + }) + var defaultConfig = dispatcher.DefaultConfig() + heartbeatPeriod, err := gogotypes.DurationFromProto(cluster.Spec.Dispatcher.HeartbeatPeriod) + if err == nil { + defaultConfig.HeartbeatPeriod = heartbeatPeriod + } + d.Init(m.raftNode, defaultConfig, drivers.New(m.config.PluginGetter), m.config.SecurityConfig) if err := d.Run(ctx); err != nil { log.G(ctx).WithError(err).Error("Dispatcher exited with an error") } diff --git a/vendor/github.com/docker/swarmkit/manager/scheduler/scheduler.go b/vendor/github.com/docker/swarmkit/manager/scheduler/scheduler.go index fda008951198b..78dd7dc3fed17 100644 --- a/vendor/github.com/docker/swarmkit/manager/scheduler/scheduler.go +++ b/vendor/github.com/docker/swarmkit/manager/scheduler/scheduler.go @@ -721,15 +721,32 @@ func (s *Scheduler) noSuitableNode(ctx context.Context, taskGroup map[string]*ap newT := *t newT.Status.Timestamp = ptypes.MustTimestampProto(time.Now()) - if explanation != "" { - newT.Status.Err = "no suitable node (" + explanation + ")" + sv := service.SpecVersion + tv := newT.SpecVersion + if sv != nil && tv != nil && sv.Index > tv.Index { + log.G(ctx).WithField("task.id", t.ID).Debug( + "task belongs to old revision of service", + ) + if t.Status.State == api.TaskStatePending && t.DesiredState >= api.TaskStateShutdown { + log.G(ctx).WithField("task.id", t.ID).Debug( + "task is desired shutdown, scheduler will go ahead and do so", + ) + newT.Status.State = api.TaskStateShutdown + newT.Status.Err = "" + } } else { - newT.Status.Err = "no suitable node" + if explanation != "" { + newT.Status.Err = "no suitable node (" + explanation + ")" + } else { + newT.Status.Err = "no suitable node" + } + + // re-enqueue a task that should still be attempted + s.enqueue(&newT) } + s.allTasks[t.ID] = &newT schedulingDecisions[t.ID] = schedulingDecision{old: t, new: &newT} - - s.enqueue(&newT) } } From 80019e1b0e5909bac2de0c01d6e068eefbc30431 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Fri, 12 Feb 2021 20:20:36 -0800 Subject: [PATCH 051/252] builder: fix blobs releasing via leases after pull Signed-off-by: Tonis Tiigi (cherry picked from commit 5c01d06f72e823d9e3203ff22083fc30768fa541) Signed-off-by: Sebastiaan van Stijn --- .../adapters/containerimage/pull.go | 36 +++++++++++++++---- builder/builder-next/controller.go | 3 ++ 2 files changed, 33 insertions(+), 6 deletions(-) diff --git a/builder/builder-next/adapters/containerimage/pull.go b/builder/builder-next/adapters/containerimage/pull.go index e731e3e143d80..d64dfce16e906 100644 --- a/builder/builder-next/adapters/containerimage/pull.go +++ b/builder/builder-next/adapters/containerimage/pull.go @@ -13,7 +13,9 @@ import ( "github.com/containerd/containerd/content" containerderrors "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/gc" "github.com/containerd/containerd/images" + "github.com/containerd/containerd/leases" "github.com/containerd/containerd/platforms" ctdreference "github.com/containerd/containerd/reference" "github.com/containerd/containerd/remotes" @@ -34,6 +36,7 @@ import ( "github.com/moby/buildkit/source" "github.com/moby/buildkit/util/flightcontrol" "github.com/moby/buildkit/util/imageutil" + "github.com/moby/buildkit/util/leaseutil" "github.com/moby/buildkit/util/progress" "github.com/moby/buildkit/util/resolver" digest "github.com/opencontainers/go-digest" @@ -54,6 +57,8 @@ type SourceOpt struct { ImageStore image.Store RegistryHosts docker.RegistryHosts LayerStore layer.Store + LeaseManager leases.Manager + GarbageCollect func(ctx context.Context) (gc.Stats, error) } // Source is the source implementation for accessing container images @@ -101,7 +106,7 @@ func (is *Source) resolveRemote(ctx context.Context, ref string, platform *ocisp key := "getconfig::" + ref + "::" + platforms.Format(p) res, err := is.g.Do(ctx, key, func(ctx context.Context) (interface{}, error) { res := resolver.DefaultPool.GetResolver(is.RegistryHosts, ref, "pull", sm, g) - dgst, dt, err := imageutil.Config(ctx, ref, res, is.ContentStore, nil, platform) + dgst, dt, err := imageutil.Config(ctx, ref, res, is.ContentStore, is.LeaseManager, platform) if err != nil { return nil, err } @@ -384,6 +389,17 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable ongoing := newJobs(p.ref) + ctx, done, err := leaseutil.WithLease(ctx, p.is.LeaseManager, leases.WithExpiration(5*time.Minute), leaseutil.MakeTemporary) + if err != nil { + return nil, err + } + defer func() { + done(context.TODO()) + if p.is.GarbageCollect != nil { + go p.is.GarbageCollect(context.TODO()) + } + }() + pctx, stopProgress := context.WithCancel(ctx) pw, _, ctx := progress.FromContext(ctx) @@ -406,6 +422,8 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable platform := platforms.Only(p.platform) + var nonLayers []digest.Digest + var ( schema1Converter *schema1.Converter handlers []images.Handler @@ -426,6 +444,7 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable case images.MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest, images.MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex, images.MediaTypeDockerSchema2Config, ocispec.MediaTypeImageConfig: + nonLayers = append(nonLayers, desc.Digest) default: return nil, images.ErrSkipDesc } @@ -435,8 +454,6 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable // Get all the children for a descriptor childrenHandler := images.ChildrenHandler(p.is.ContentStore) - // Set any children labels for that content - childrenHandler = images.SetChildrenLabels(p.is.ContentStore, childrenHandler) // Filter the children by the platform childrenHandler = images.FilterPlatforms(childrenHandler, platform) // Limit manifests pulled to the best match in an index @@ -539,9 +556,6 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable defer func() { <-progressDone - for _, desc := range mfst.Layers { - p.is.ContentStore.Delete(context.TODO(), desc.Digest) - } }() r := image.NewRootFS() @@ -557,6 +571,16 @@ func (p *puller) Snapshot(ctx context.Context, g session.Group) (cache.Immutable return nil, err } + // keep manifest blobs until ref is alive for cache + for _, nl := range nonLayers { + if err := p.is.LeaseManager.AddResource(ctx, leases.Lease{ID: ref.ID()}, leases.Resource{ + ID: nl.String(), + Type: "content", + }); err != nil { + return nil, err + } + } + // TODO: handle windows layers for cross platform builds if p.src.RecordType != "" && cache.GetRecordType(ref) == "" { diff --git a/builder/builder-next/controller.go b/builder/builder-next/controller.go index 730917e680b06..fd086ca90e562 100644 --- a/builder/builder-next/controller.go +++ b/builder/builder-next/controller.go @@ -111,6 +111,7 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) { PruneRefChecker: refChecker, LeaseManager: lm, ContentStore: store, + GarbageCollect: mdb.GarbageCollect, }) if err != nil { return nil, err @@ -125,6 +126,8 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) { ReferenceStore: dist.ReferenceStore, RegistryHosts: opt.RegistryHosts, LayerStore: dist.LayerStore, + LeaseManager: lm, + GarbageCollect: mdb.GarbageCollect, }) if err != nil { return nil, err From a24d92f95bd28df2298f1bc746217e7077d1aec2 Mon Sep 17 00:00:00 2001 From: Piotr Karbowski Date: Fri, 19 Feb 2021 20:19:36 +0100 Subject: [PATCH 052/252] check-config.sh: add NETFILTER_XT_MARK Points out another symbol that Docker might need. in this case Docker's mesh network in swarm mode does not route Virtual IPs if it's unset. From /var/logs/docker.log: time="2021-02-19T18:15:39+01:00" level=error msg="set up rule failed, [-t mangle -A INPUT -d 10.0.1.2/32 -j MARK --set-mark 257]: (iptables failed: iptables --wait -t mang le -A INPUT -d 10.0.1.2/32 -j MARK --set-mark 257: iptables v1.8.7 (legacy): unknown option \"--set-mark\"\nTry `iptables -h' or 'iptables --help' for more information.\n (exit status 2))" Bug: https://github.com/moby/libnetwork/issues/2227 Bug: https://github.com/docker/for-linux/issues/644 Bug: https://github.com/docker/for-linux/issues/525 Signed-off-by: Piotr Karbowski (cherry picked from commit e8ceb976469e15547ed368ba5c110102ccc5fbfa) Signed-off-by: Sebastiaan van Stijn --- contrib/check-config.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/check-config.sh b/contrib/check-config.sh index 849dc32d22e7c..b363d3d34e862 100755 --- a/contrib/check-config.sh +++ b/contrib/check-config.sh @@ -198,6 +198,7 @@ flags=( VETH BRIDGE BRIDGE_NETFILTER IP_NF_FILTER IP_NF_TARGET_MASQUERADE NETFILTER_XT_MATCH_{ADDRTYPE,CONNTRACK,IPVS} + NETFILTER_XT_MARK IP_NF_NAT NF_NAT # required for bind-mounting /dev/mqueue into containers From 5e8c1b4f7deddbcbc7b28e7b75b5959a5e3545be Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 2 Feb 2021 15:19:50 +0900 Subject: [PATCH 053/252] dockerd-rootless.sh: add typo guard `dockerd-rootless.sh install` is a common typo of `dockerd-rootless-setuptool.sh install`. Now `dockerd-rootless.sh install` shows human-readable error. Signed-off-by: Akihiro Suda (cherry picked from commit 8dc6c109b59b4f5629e7fb6018be88a068d1bad7) Signed-off-by: Sebastiaan van Stijn --- contrib/dockerd-rootless.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index 62da5315e7fe8..1a4d1da680029 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -18,6 +18,12 @@ # See the documentation for the further information: https://docs.docker.com/engine/security/rootless/ set -e -x +case "$1" in + "check" | "install" | "uninstall") + echo "Did you mean 'dockerd-rootless-setuptool.sh $@' ?" + exit 1 + ;; +esac if ! [ -w $XDG_RUNTIME_DIR ]; then echo "XDG_RUNTIME_DIR needs to be set and writable" exit 1 From 3ce37a6aa4206f4c6d7623bf08eeac0c70a16d9e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 22 Feb 2021 10:41:18 +0100 Subject: [PATCH 054/252] vendor: github.com/moby/buildkit v0.8.2 full diff: https://github.com/moby/buildkit/compare/68bb095353c65bc3993fd534c26cf77fe05e61b1...9065b18ba4633c75862befca8188de4338d9f94a - fix seccomp compatibility in 32bit arm - fixes Unable to build alpine:edge containers for armv7 - fixes Buildx failing to build for arm/v7 platform on arm64 machine - resolver: avoid error caching on token fetch - fixes "Error: i/o timeout should not be cached" - fileop: fix checksum to contain indexes of inputs - frontend/dockerfile: add RunCommand.FlagsUsed field - relates to [20.10] Classic builder silently ignores unsupported Dockerfile command flags - update qemu emulators - relates to "Impossible to run git clone inside buildx with non x86 architecture" - Fix reference count issues on typed errors with mount references - fixes errors on releasing mounts with typed execerror refs - fixes / addresses invalid mutable ref when using shared cache mounts - dockerfile/docs: fix frontend image tags - git: set token only for main remote access - fixes "Loading repositories with submodules is repeated. Failed to clone submodule from googlesource" - allow skipping empty layer detection on cache export Signed-off-by: Sebastiaan van Stijn Signed-off-by: Tibor Vass (cherry picked from commit 9962a3f74e73d048394dcaac96468a8864e46dd4) Signed-off-by: Tibor Vass --- vendor.conf | 2 +- .../buildkit/cache/remotecache/v1/utils.go | 6 +- .../frontend/dockerfile/instructions/bflag.go | 9 ++ .../dockerfile/instructions/commands.go | 1 + .../frontend/dockerfile/instructions/parse.go | 2 +- .../buildkit/frontend/gateway/container.go | 2 + .../buildkit/solver/llbsolver/errdefs/exec.go | 9 ++ .../buildkit/solver/llbsolver/ops/exec.go | 16 ++-- .../solver/llbsolver/ops/exec_binfmt.go | 1 + .../buildkit/solver/llbsolver/ops/file.go | 46 +++++++++- .../github.com/moby/buildkit/solver/result.go | 8 +- .../moby/buildkit/solver/scheduler.go | 2 +- .../github.com/moby/buildkit/solver/types.go | 1 + .../moby/buildkit/source/git/gitsource.go | 13 ++- .../moby/buildkit/util/resolver/authorizer.go | 84 +++++++++---------- .../github.com/moby/buildkit/worker/result.go | 8 ++ 16 files changed, 154 insertions(+), 56 deletions(-) diff --git a/vendor.conf b/vendor.conf index b56df8947f7ad..cdf48aefae6e5 100644 --- a/vendor.conf +++ b/vendor.conf @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 # v0.8 branch +github.com/moby/buildkit 9065b18ba4633c75862befca8188de4338d9f94a # v0.8.2 github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 diff --git a/vendor/github.com/moby/buildkit/cache/remotecache/v1/utils.go b/vendor/github.com/moby/buildkit/cache/remotecache/v1/utils.go index fc494aa5a0e1e..9531675ed3407 100644 --- a/vendor/github.com/moby/buildkit/cache/remotecache/v1/utils.go +++ b/vendor/github.com/moby/buildkit/cache/remotecache/v1/utils.go @@ -10,6 +10,10 @@ import ( "github.com/pkg/errors" ) +// EmptyLayerRemovalSupported defines if implementation supports removal of empty layers. Buildkit image exporter +// removes empty layers, but moby layerstore based implementation does not. +var EmptyLayerRemovalSupported = true + // sortConfig sorts the config structure to make sure it is deterministic func sortConfig(cc *CacheConfig) { type indexedLayer struct { @@ -239,7 +243,7 @@ func marshalRemote(r *solver.Remote, state *marshalState) string { } desc := r.Descriptors[len(r.Descriptors)-1] - if desc.Digest == exptypes.EmptyGZLayer { + if desc.Digest == exptypes.EmptyGZLayer && EmptyLayerRemovalSupported { return parentID } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/bflag.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/bflag.go index d8bf74739499e..66c53add055a4 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/bflag.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/bflag.go @@ -108,6 +108,15 @@ func (fl *Flag) IsUsed() bool { return false } +// Used returns a slice of flag names that are set +func (bf *BFlags) Used() []string { + used := make([]string, 0, len(bf.used)) + for f := range bf.used { + used = append(used, f) + } + return used +} + // IsTrue checks if a bool flag is true func (fl *Flag) IsTrue() bool { if fl.flagType != boolType { diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands.go index e6027445ac1d1..b900ad771151c 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands.go @@ -269,6 +269,7 @@ type RunCommand struct { withNameAndCode withExternalData ShellDependantCmdLine + FlagsUsed []string } // CmdCommand : CMD foo diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/parse.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/parse.go index 83cab66944dd9..18e727229c95b 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/parse.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/parse.go @@ -375,7 +375,7 @@ func parseRun(req parseRequest) (*RunCommand, error) { if err := req.flags.Parse(); err != nil { return nil, err } - + cmd.FlagsUsed = req.flags.Used() cmd.ShellDependantCmdLine = parseShellDependentCommand(req, false) cmd.withNameAndCode = newWithNameAndCode(req) diff --git a/vendor/github.com/moby/buildkit/frontend/gateway/container.go b/vendor/github.com/moby/buildkit/frontend/gateway/container.go index 1f79bb68f0b12..e124566da94a1 100644 --- a/vendor/github.com/moby/buildkit/frontend/gateway/container.go +++ b/vendor/github.com/moby/buildkit/frontend/gateway/container.go @@ -127,6 +127,7 @@ type MountRef struct { type MountMutableRef struct { Ref cache.MutableRef MountIndex int + NoCommit bool } type MakeMutable func(m *opspb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) @@ -196,6 +197,7 @@ func PrepareMounts(ctx context.Context, mm *mounts.MountManager, cm cache.Manage p.Actives = append(p.Actives, MountMutableRef{ MountIndex: i, Ref: active, + NoCommit: true, }) if m.Output != opspb.SkipOutput && ref != nil { p.OutputRefs = append(p.OutputRefs, MountRef{ diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/errdefs/exec.go b/vendor/github.com/moby/buildkit/solver/llbsolver/errdefs/exec.go index f60757104fffa..ed3c0d4b0faea 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/errdefs/exec.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/errdefs/exec.go @@ -21,10 +21,15 @@ func (e *ExecError) Unwrap() error { } func (e *ExecError) EachRef(fn func(solver.Result) error) (err error) { + m := map[solver.Result]struct{}{} for _, res := range e.Inputs { if res == nil { continue } + if _, ok := m[res]; ok { + continue + } + m[res] = struct{}{} if err1 := fn(res); err1 != nil && err == nil { err = err1 } @@ -33,6 +38,10 @@ func (e *ExecError) EachRef(fn func(solver.Result) error) (err error) { if res == nil { continue } + if _, ok := m[res]; ok { + continue + } + m[res] = struct{}{} if err1 := fn(res); err1 != nil && err == nil { err = err1 } diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go index 5ec45fafd5b0f..24aa46aa9fb17 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go @@ -235,7 +235,7 @@ func (e *execOp) Exec(ctx context.Context, g session.Group, inputs []solver.Resu if m.Input == -1 { continue } - execInputs[i] = inputs[m.Input] + execInputs[i] = inputs[m.Input].Clone() } execMounts := make([]solver.Result, len(e.op.Mounts)) copy(execMounts, execInputs) @@ -243,12 +243,16 @@ func (e *execOp) Exec(ctx context.Context, g session.Group, inputs []solver.Resu execMounts[p.OutputRefs[i].MountIndex] = res } for _, active := range p.Actives { - ref, cerr := active.Ref.Commit(ctx) - if cerr != nil { - err = errors.Wrapf(err, "error committing %s: %s", active.Ref.ID(), cerr) - continue + if active.NoCommit { + active.Ref.Release(context.TODO()) + } else { + ref, cerr := active.Ref.Commit(ctx) + if cerr != nil { + err = errors.Wrapf(err, "error committing %s: %s", active.Ref.ID(), cerr) + continue + } + execMounts[active.MountIndex] = worker.NewWorkerRefResult(ref, e.w) } - execMounts[active.MountIndex] = worker.NewWorkerRefResult(ref, e.w) } err = errdefs.WithExecError(err, execInputs, execMounts) } else { diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec_binfmt.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec_binfmt.go index 0603cf57fcb0e..707c5f6722cdd 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec_binfmt.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec_binfmt.go @@ -27,6 +27,7 @@ var qemuArchMap = map[string]string{ "arm": "arm", "s390x": "s390x", "ppc64le": "ppc64le", + "386": "i386", } type emulator struct { diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/file.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/file.go index 1111cdb72e840..554532c1845ff 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/file.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/file.go @@ -61,6 +61,8 @@ func (f *fileOp) CacheMap(ctx context.Context, g session.Group, index int) (*sol } } + indexes := make([][]int, 0, len(f.op.Actions)) + for _, action := range f.op.Actions { var dt []byte var err error @@ -103,14 +105,21 @@ func (f *fileOp) CacheMap(ctx context.Context, g session.Group, index int) (*sol } actions = append(actions, dt) + indexes = append(indexes, []int{int(action.Input), int(action.SecondaryInput), int(action.Output)}) + } + + if isDefaultIndexes(indexes) { + indexes = nil } dt, err := json.Marshal(struct { Type string Actions [][]byte + Indexes [][]int `json:"indexes,omitempty"` }{ Type: fileCacheType, Actions: actions, + Indexes: indexes, }) if err != nil { return nil, false, err @@ -421,7 +430,6 @@ func (s *FileOpSolver) getInput(ctx context.Context, idx int, inputs []fileoptyp if cerr == nil { outputRes[idx-len(inputs)] = worker.NewWorkerRefResult(ref.(cache.ImmutableRef), s.w) } - inpMount.Release(context.TODO()) } // If the action has a secondary input, commit it and set the ref on @@ -611,3 +619,39 @@ func (s *FileOpSolver) getInput(ctx context.Context, idx int, inputs []fileoptyp } return inp.(input), err } + +func isDefaultIndexes(idxs [][]int) bool { + // Older version of checksum did not contain indexes for actions resulting in possibility for a wrong cache match. + // We detect the most common pattern for indexes and maintain old checksum for that case to minimize cache misses on upgrade. + // If a future change causes braking changes in instruction cache consider removing this exception. + if len(idxs) == 0 { + return false + } + + for i, idx := range idxs { + if len(idx) != 3 { + return false + } + // input for first action is first input + if i == 0 && idx[0] != 0 { + return false + } + // input for other actions is previous action + if i != 0 && idx[0] != len(idxs)+(i-1) { + return false + } + // secondary input is second input or -1 + if idx[1] != -1 && idx[1] != 1 { + return false + } + // last action creates output + if i == len(idxs)-1 && idx[2] != 0 { + return false + } + // other actions do not create an output + if i != len(idxs)-1 && idx[2] != -1 { + return false + } + } + return true +} diff --git a/vendor/github.com/moby/buildkit/solver/result.go b/vendor/github.com/moby/buildkit/solver/result.go index 75b378c4fdbe8..b35c74b49e8e3 100644 --- a/vendor/github.com/moby/buildkit/solver/result.go +++ b/vendor/github.com/moby/buildkit/solver/result.go @@ -47,7 +47,7 @@ type splitResult struct { func (r *splitResult) Release(ctx context.Context) error { if atomic.AddInt64(&r.released, 1) > 1 { - err := errors.Errorf("releasing already released reference") + err := errors.Errorf("releasing already released reference %+v", r.Result.ID()) logrus.Error(err) return err } @@ -78,10 +78,14 @@ func NewSharedCachedResult(res CachedResult) *SharedCachedResult { } } -func (r *SharedCachedResult) Clone() CachedResult { +func (r *SharedCachedResult) CloneCachedResult() CachedResult { return &clonedCachedResult{Result: r.SharedResult.Clone(), cr: r.CachedResult} } +func (r *SharedCachedResult) Clone() Result { + return r.CloneCachedResult() +} + func (r *SharedCachedResult) Release(ctx context.Context) error { return r.SharedResult.Release(ctx) } diff --git a/vendor/github.com/moby/buildkit/solver/scheduler.go b/vendor/github.com/moby/buildkit/solver/scheduler.go index 5b598bd6b996e..bcad4dcdcc600 100644 --- a/vendor/github.com/moby/buildkit/solver/scheduler.go +++ b/vendor/github.com/moby/buildkit/solver/scheduler.go @@ -244,7 +244,7 @@ func (s *scheduler) build(ctx context.Context, edge Edge) (CachedResult, error) if err := p.Receiver.Status().Err; err != nil { return nil, err } - return p.Receiver.Status().Value.(*edgeState).result.Clone(), nil + return p.Receiver.Status().Value.(*edgeState).result.CloneCachedResult(), nil } // newPipe creates a new request pipe between two edges diff --git a/vendor/github.com/moby/buildkit/solver/types.go b/vendor/github.com/moby/buildkit/solver/types.go index 76e4c91163b3c..f9de6a93b2601 100644 --- a/vendor/github.com/moby/buildkit/solver/types.go +++ b/vendor/github.com/moby/buildkit/solver/types.go @@ -61,6 +61,7 @@ type Result interface { ID() string Release(context.Context) error Sys() interface{} + Clone() Result } // CachedResult is a result connected with its cache key diff --git a/vendor/github.com/moby/buildkit/source/git/gitsource.go b/vendor/github.com/moby/buildkit/source/git/gitsource.go index 7cef764642747..3d1bfe21f4d9c 100644 --- a/vendor/github.com/moby/buildkit/source/git/gitsource.go +++ b/vendor/github.com/moby/buildkit/source/git/gitsource.go @@ -231,7 +231,7 @@ func (gs *gitSourceHandler) getAuthToken(ctx context.Context, g session.Group) e if s.token { dt = []byte("basic " + base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("x-access-token:%s", dt)))) } - gs.auth = []string{"-c", "http.extraheader=Authorization: " + string(dt)} + gs.auth = []string{"-c", "http." + tokenScope(gs.src.Remote) + ".extraheader=Authorization: " + string(dt)} break } return nil @@ -631,3 +631,14 @@ func argsNoDepth(args []string) []string { } return out } + +func tokenScope(remote string) string { + // generally we can only use the token for fetching main remote but in case of github.com we do best effort + // to try reuse same token for all github.com remotes. This is the same behavior actions/checkout uses + for _, pfx := range []string{"https://github.com/", "https://www.github.com/"} { + if strings.HasPrefix(remote, pfx) { + return pfx + } + } + return remote +} diff --git a/vendor/github.com/moby/buildkit/util/resolver/authorizer.go b/vendor/github.com/moby/buildkit/util/resolver/authorizer.go index 80e2a35191f70..e58038c420a8c 100644 --- a/vendor/github.com/moby/buildkit/util/resolver/authorizer.go +++ b/vendor/github.com/moby/buildkit/util/resolver/authorizer.go @@ -220,15 +220,13 @@ func (a *dockerAuthorizer) AddResponses(ctx context.Context, responses []*http.R // authResult is used to control limit rate. type authResult struct { - sync.WaitGroup token string - err error expires time.Time } // authHandler is used to handle auth request per registry server. type authHandler struct { - sync.Mutex + g flightcontrol.Group client *http.Client @@ -240,7 +238,8 @@ type authHandler struct { // scopedTokens caches token indexed by scopes, which used in // bearer auth case - scopedTokens map[string]*authResult + scopedTokens map[string]*authResult + scopedTokensMu sync.Mutex lastUsed time.Time @@ -292,46 +291,44 @@ func (ah *authHandler) doBearerAuth(ctx context.Context, sm *session.Manager, g // Docs: https://docs.docker.com/registry/spec/auth/scope scoped := strings.Join(to.Scopes, " ") - ah.Lock() - for { + res, err := ah.g.Do(ctx, scoped, func(ctx context.Context) (interface{}, error) { + ah.scopedTokensMu.Lock() r, exist := ah.scopedTokens[scoped] - if !exist { - // no entry cached - break - } - ah.Unlock() - r.Wait() - if r.err != nil { - select { - case <-ctx.Done(): - return "", r.err - default: + ah.scopedTokensMu.Unlock() + if exist { + if r.expires.IsZero() || r.expires.After(time.Now()) { + return r, nil } } - if !errors.Is(r.err, context.Canceled) && - (r.expires.IsZero() || r.expires.After(time.Now())) { - return r.token, r.err - } - // r.err is canceled or token expired. Get rid of it and try again - ah.Lock() - r2, exist := ah.scopedTokens[scoped] - if exist && r == r2 { - delete(ah.scopedTokens, scoped) + r, err := ah.fetchToken(ctx, sm, g, to) + if err != nil { + return nil, err } + ah.scopedTokensMu.Lock() + ah.scopedTokens[scoped] = r + ah.scopedTokensMu.Unlock() + return r, nil + }) + + if err != nil || res == nil { + return "", err } + r := res.(*authResult) + if r == nil { + return "", nil + } + return r.token, nil +} - // only one fetch token job - r := new(authResult) - r.Add(1) - ah.scopedTokens[scoped] = r - ah.Unlock() - +func (ah *authHandler) fetchToken(ctx context.Context, sm *session.Manager, g session.Group, to auth.TokenOptions) (r *authResult, err error) { var issuedAt time.Time var expires int + var token string defer func() { token = fmt.Sprintf("Bearer %s", token) - r.token, r.err = token, err + if err == nil { + r = &authResult{token: token} if issuedAt.IsZero() { issuedAt = time.Now() } @@ -339,7 +336,6 @@ func (ah *authHandler) doBearerAuth(ctx context.Context, sm *session.Manager, g r.expires = exp } } - r.Done() }() if ah.authority != nil { @@ -351,10 +347,11 @@ func (ah *authHandler) doBearerAuth(ctx context.Context, sm *session.Manager, g Scopes: to.Scopes, }, sm, g) if err != nil { - return "", err + return nil, err } issuedAt, expires = time.Unix(resp.IssuedAt, 0), int(resp.ExpiresIn) - return resp.Token, nil + token = resp.Token + return nil, nil } // fetch token for the resource scope @@ -374,29 +371,32 @@ func (ah *authHandler) doBearerAuth(ctx context.Context, sm *session.Manager, g if (errStatus.StatusCode == 405 && to.Username != "") || errStatus.StatusCode == 404 || errStatus.StatusCode == 401 { resp, err := auth.FetchTokenWithOAuth(ctx, ah.client, nil, "buildkit-client", to) if err != nil { - return "", err + return nil, err } issuedAt, expires = resp.IssuedAt, resp.ExpiresIn - return resp.AccessToken, nil + token = resp.AccessToken + return nil, nil } log.G(ctx).WithFields(logrus.Fields{ "status": errStatus.Status, "body": string(errStatus.Body), }).Debugf("token request failed") } - return "", err + return nil, err } issuedAt, expires = resp.IssuedAt, resp.ExpiresIn - return resp.Token, nil + token = resp.Token + return nil, nil } // do request anonymously resp, err := auth.FetchToken(ctx, ah.client, nil, to) if err != nil { - return "", errors.Wrap(err, "failed to fetch anonymous token") + return nil, errors.Wrap(err, "failed to fetch anonymous token") } issuedAt, expires = resp.IssuedAt, resp.ExpiresIn - return resp.Token, nil + token = resp.Token + return nil, nil } func invalidAuthorization(c auth.Challenge, responses []*http.Response) error { diff --git a/vendor/github.com/moby/buildkit/worker/result.go b/vendor/github.com/moby/buildkit/worker/result.go index e178ef3fffe15..9f4cdc5bfa808 100644 --- a/vendor/github.com/moby/buildkit/worker/result.go +++ b/vendor/github.com/moby/buildkit/worker/result.go @@ -52,3 +52,11 @@ func (r *workerRefResult) Release(ctx context.Context) error { func (r *workerRefResult) Sys() interface{} { return r.WorkerRef } + +func (r *workerRefResult) Clone() solver.Result { + r2 := *r + if r.ImmutableRef != nil { + r.ImmutableRef = r.ImmutableRef.Clone() + } + return &r2 +} From 35f5f9e624e44c5e5586dfddacfc87a7b2f02953 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Thu, 25 Feb 2021 01:14:37 +0000 Subject: [PATCH 055/252] builder: fix incorrect cache match for inline cache with empty layers See https://github.com/moby/buildkit/pull/1993 Signed-off-by: Tibor Vass (cherry picked from commit 9bf93e90fa9ce74b6f7309a22838da8189838b3b) Signed-off-by: Tibor Vass --- .../builder-next/adapters/localinlinecache/inlinecache.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/builder/builder-next/adapters/localinlinecache/inlinecache.go b/builder/builder-next/adapters/localinlinecache/inlinecache.go index 0c51e207e60db..c5e19ce2d5d42 100644 --- a/builder/builder-next/adapters/localinlinecache/inlinecache.go +++ b/builder/builder-next/adapters/localinlinecache/inlinecache.go @@ -22,6 +22,11 @@ import ( "github.com/pkg/errors" ) +func init() { + // See https://github.com/moby/buildkit/pull/1993. + v1.EmptyLayerRemovalSupported = false +} + // ResolveCacheImporterFunc returns a resolver function for local inline cache func ResolveCacheImporterFunc(sm *session.Manager, resolverFunc docker.RegistryHosts, cs content.Store, rs reference.Store, is imagestore.Store) remotecache.ResolveCacheImporterFunc { From 1015b5b4386c45a6305795c734a894633d85c52f Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 17 Feb 2021 14:58:04 +0900 Subject: [PATCH 056/252] dockerd-rootless.sh: prohibit running as root Signed-off-by: Akihiro Suda (cherry picked from commit 9351e196587b73baecfe187b4bc4c3694da608fb) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index 1a4d1da680029..c5c7db58c731d 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -80,6 +80,10 @@ fi if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then _DOCKERD_ROOTLESS_CHILD=1 export _DOCKERD_ROOTLESS_CHILD + if [ "$(id -u)" = "0" ]; then + echo "This script must be executed as a non-privileged user" + exit 1 + fi # Re-exec the script via RootlessKit, so as to create unprivileged {user,mount,network} namespaces. # # --copy-up allows removing/creating files in the directories by creating tmpfs and symlinks From 04d9b581e9375ef34b7b561e9145ca05a57ed4a0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 25 Feb 2021 12:11:50 +0100 Subject: [PATCH 057/252] Update documentation links - Using "/go/" redirects for some topics, which allows us to redirect to new locations if topics are moved around in the documentation. - Updated some old URLs to their new location. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 328de0b8d961864f4915e44d7e77029c46141a5b) Signed-off-by: Sebastiaan van Stijn --- client/client.go | 2 +- contrib/dockerd-rootless-setuptool.sh | 6 +++--- contrib/dockerd-rootless.sh | 2 +- daemon/info.go | 2 +- docs/api/v1.25.yaml | 2 +- docs/api/v1.26.yaml | 2 +- docs/api/v1.27.yaml | 2 +- docs/api/v1.28.yaml | 2 +- docs/api/v1.29.yaml | 2 +- docs/api/v1.30.yaml | 2 +- docs/api/v1.31.yaml | 2 +- docs/api/v1.32.yaml | 2 +- docs/api/v1.33.yaml | 2 +- docs/api/v1.34.yaml | 2 +- docs/api/v1.35.yaml | 2 +- docs/api/v1.36.yaml | 2 +- docs/api/v1.37.yaml | 2 +- docs/api/v1.38.yaml | 2 +- docs/rootless.md | 2 +- pkg/authorization/authz.go | 2 +- 20 files changed, 22 insertions(+), 22 deletions(-) diff --git a/client/client.go b/client/client.go index 68064ca9c5f7e..21edf1fa1fc31 100644 --- a/client/client.go +++ b/client/client.go @@ -2,7 +2,7 @@ Package client is a Go client for the Docker Engine API. For more information about the Engine API, see the documentation: -https://docs.docker.com/engine/reference/api/ +https://docs.docker.com/engine/api/ Usage diff --git a/contrib/dockerd-rootless-setuptool.sh b/contrib/dockerd-rootless-setuptool.sh index b9dcb4f92570c..66f2093e1a629 100755 --- a/contrib/dockerd-rootless-setuptool.sh +++ b/contrib/dockerd-rootless-setuptool.sh @@ -4,7 +4,7 @@ # # Typical usage: dockerd-rootless-setuptool.sh install --force # -# Documentation: https://docs.docker.com/engine/security/rootless/ +# Documentation: https://docs.docker.com/go/rootless/ set -eu # utility functions @@ -290,7 +290,7 @@ install_systemd() { cat <<- EOT > "${unit_file}" [Unit] Description=Docker Application Container Engine (Rootless) - Documentation=https://docs.docker.com/engine/security/rootless/ + Documentation=https://docs.docker.com/go/rootless/ [Service] Environment=PATH=$BIN:/sbin:/usr/sbin:$PATH @@ -400,7 +400,7 @@ usage() { echo echo "A setup tool for Rootless Docker (${DOCKERD_ROOTLESS_SH})." echo - echo "Documentation: https://docs.docker.com/engine/security/rootless/" + echo "Documentation: https://docs.docker.com/go/rootless/" echo echo "Options:" echo " -f, --force Ignore rootful Docker (/var/run/docker.sock)" diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index 1a4d1da680029..f5de26774dbbc 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -15,7 +15,7 @@ # * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX=(auto|true|false): whether to protect slirp4netns with a dedicated mount namespace. Defaults to "auto". # * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP=(auto|true|false): whether to protect slirp4netns with seccomp. Defaults to "auto". # -# See the documentation for the further information: https://docs.docker.com/engine/security/rootless/ +# See the documentation for the further information: https://docs.docker.com/go/rootless/ set -e -x case "$1" in diff --git a/daemon/info.go b/daemon/info.go index 2d4151a99107d..59c3af92fe137 100644 --- a/daemon/info.go +++ b/daemon/info.go @@ -209,7 +209,7 @@ func (daemon *Daemon) fillAPIInfo(v *types.Info) { const warn string = ` Access to the remote API is equivalent to root access on the host. Refer to the 'Docker daemon attack surface' section in the documentation for - more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface` + more information: https://docs.docker.com/go/attack-surface/` cfg := daemon.configStore for _, host := range cfg.Hosts { diff --git a/docs/api/v1.25.yaml b/docs/api/v1.25.yaml index 8b3e0e08fc688..95d17656c3be5 100644 --- a/docs/api/v1.25.yaml +++ b/docs/api/v1.25.yaml @@ -105,7 +105,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.26.yaml b/docs/api/v1.26.yaml index 5e3f8bdf7fb7e..43d48a71c2947 100644 --- a/docs/api/v1.26.yaml +++ b/docs/api/v1.26.yaml @@ -106,7 +106,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.27.yaml b/docs/api/v1.27.yaml index 65e7251ac2655..db8e3fd800f58 100644 --- a/docs/api/v1.27.yaml +++ b/docs/api/v1.27.yaml @@ -107,7 +107,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.28.yaml b/docs/api/v1.28.yaml index 69e3c39c992ac..3292bd4fac418 100644 --- a/docs/api/v1.28.yaml +++ b/docs/api/v1.28.yaml @@ -108,7 +108,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.29.yaml b/docs/api/v1.29.yaml index d019c7535408f..aa1d34a5726b0 100644 --- a/docs/api/v1.29.yaml +++ b/docs/api/v1.29.yaml @@ -109,7 +109,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.30.yaml b/docs/api/v1.30.yaml index a361ca0c7144f..ebb7c49d99598 100644 --- a/docs/api/v1.30.yaml +++ b/docs/api/v1.30.yaml @@ -110,7 +110,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.31.yaml b/docs/api/v1.31.yaml index f6eaf9ac5b71f..753bc350dab4c 100644 --- a/docs/api/v1.31.yaml +++ b/docs/api/v1.31.yaml @@ -111,7 +111,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.32.yaml b/docs/api/v1.32.yaml index 30e59757f011f..7937daca7297f 100644 --- a/docs/api/v1.32.yaml +++ b/docs/api/v1.32.yaml @@ -112,7 +112,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.33.yaml b/docs/api/v1.33.yaml index 61839254bfced..cd221de8559c2 100644 --- a/docs/api/v1.33.yaml +++ b/docs/api/v1.33.yaml @@ -113,7 +113,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.34.yaml b/docs/api/v1.34.yaml index c81a4e43975f8..e1322a36edcd9 100644 --- a/docs/api/v1.34.yaml +++ b/docs/api/v1.34.yaml @@ -116,7 +116,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.35.yaml b/docs/api/v1.35.yaml index 43af829570b7a..37c0ebe21fe0f 100644 --- a/docs/api/v1.35.yaml +++ b/docs/api/v1.35.yaml @@ -104,7 +104,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.36.yaml b/docs/api/v1.36.yaml index 91a5b3f48e401..bbdff27ff0209 100644 --- a/docs/api/v1.36.yaml +++ b/docs/api/v1.36.yaml @@ -104,7 +104,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.37.yaml b/docs/api/v1.37.yaml index 2599961507de5..d041fa05e8039 100644 --- a/docs/api/v1.37.yaml +++ b/docs/api/v1.37.yaml @@ -104,7 +104,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/api/v1.38.yaml b/docs/api/v1.38.yaml index da1414017184d..1810603b712b4 100644 --- a/docs/api/v1.38.yaml +++ b/docs/api/v1.38.yaml @@ -104,7 +104,7 @@ tags: - name: "Network" x-displayName: "Networks" description: | - Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/engine/userguide/networking/) for more information. + Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information. - name: "Volume" x-displayName: "Volumes" description: | diff --git a/docs/rootless.md b/docs/rootless.md index 181ed16b0e7f7..4eada9d03e2d4 100644 --- a/docs/rootless.md +++ b/docs/rootless.md @@ -1,3 +1,3 @@ -Moved to https://docs.docker.com/engine/security/rootless/ +Moved to https://docs.docker.com/go/rootless/ diff --git a/pkg/authorization/authz.go b/pkg/authorization/authz.go index a1edbcd89d51d..590ac8dddd883 100644 --- a/pkg/authorization/authz.go +++ b/pkg/authorization/authz.go @@ -21,7 +21,7 @@ const maxBodySize = 1048576 // 1MB // Authenticate Request: // Call authZ plugins with current REST request and AuthN response // Request contains full HTTP packet sent to the docker daemon -// https://docs.docker.com/engine/reference/api/ +// https://docs.docker.com/engine/api/ // // Authenticate Response: // Call authZ plugins with full info about current REST request, REST response and AuthN response From a0670c6d3da8321a65d3057f31a9670b174c590f Mon Sep 17 00:00:00 2001 From: Shengjing Zhu Date: Sat, 27 Feb 2021 21:52:03 +0800 Subject: [PATCH 058/252] pkg/archive: TestUntarParentPathPermissions requires root === RUN TestUntarParentPathPermissions archive_unix_test.go:171: assertion failed: error is not nil: chown /tmp/TestUntarParentPathPermissions694189715/foo: operation not permitted Signed-off-by: Shengjing Zhu (cherry picked from commit f23c1c297d39d97e517667b5c676e58800132449) Signed-off-by: Sebastiaan van Stijn --- pkg/archive/archive_unix_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/archive/archive_unix_test.go b/pkg/archive/archive_unix_test.go index 4eff66629c183..6274744b61f0c 100644 --- a/pkg/archive/archive_unix_test.go +++ b/pkg/archive/archive_unix_test.go @@ -160,6 +160,7 @@ func TestTarWithHardLinkAndRebase(t *testing.T) { // TestUntarParentPathPermissions is a regression test to check that missing // parent directories are created with the expected permissions func TestUntarParentPathPermissions(t *testing.T) { + skip.If(t, os.Getuid() != 0, "skipping test that requires root") buf := &bytes.Buffer{} w := tar.NewWriter(buf) err := w.WriteHeader(&tar.Header{Name: "foo/bar"}) From 98273a606a49ab3c56b7fb289c4dc18de365bb59 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 26 Feb 2021 14:43:24 +0900 Subject: [PATCH 059/252] dockerd-rootless-setuptool.sh: create CLI context "rootless" Signed-off-by: Akihiro Suda (cherry picked from commit f2f1c0fe38fd36ebd5ca6596367b08a43eb59c2a) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless-setuptool.sh | 31 +++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/contrib/dockerd-rootless-setuptool.sh b/contrib/dockerd-rootless-setuptool.sh index b9dcb4f92570c..de4fee11670c6 100755 --- a/contrib/dockerd-rootless-setuptool.sh +++ b/contrib/dockerd-rootless-setuptool.sh @@ -23,6 +23,7 @@ ERROR() { # constants DOCKERD_ROOTLESS_SH="dockerd-rootless.sh" SYSTEMD_UNIT="docker.service" +CLI_CONTEXT="rootless" # CLI opt: --force OPT_FORCE="" @@ -350,6 +351,23 @@ install_nonsystemd() { echo } +cli_ctx_exists() { + name="$1" + "${BIN}/docker" context inspect -f "{{.Name}}" "${name}" > /dev/null 2>&1 +} + +cli_ctx_create() { + name="$1" + host="$2" + description="$3" + "${BIN}/docker" context create "${name}" --docker "host=${host}" --description "${description}" > /dev/null +} + +cli_ctx_rm() { + name="$1" + "${BIN}/docker" context rm -f "${name}" > /dev/null +} + # CLI subcommand: "install" cmd_entrypoint_install() { # requirements are already checked in init() @@ -359,6 +377,14 @@ cmd_entrypoint_install() { install_systemd fi + if cli_ctx_exists "${CLI_CONTEXT}"; then + INFO "CLI context \"${CLI_CONTEXT}\" already exists" + else + INFO "Creating CLI context \"${CLI_CONTEXT}\"" + cli_ctx_create "${CLI_CONTEXT}" "unix://${XDG_RUNTIME_DIR}/docker.sock" "Rootless mode" + fi + + echo INFO "Make sure the following environment variables are set (or add them to ~/.bashrc):" echo if [ -n "$XDG_RUNTIME_DIR_CREATED" ]; then @@ -390,6 +416,11 @@ cmd_entrypoint_uninstall() { INFO "Uninstalled ${SYSTEMD_UNIT}" fi + if cli_ctx_exists "${CLI_CONTEXT}"; then + cli_ctx_rm "${CLI_CONTEXT}" + INFO "Deleted CLI context \"${CLI_CONTEXT}\"" + fi + INFO "This uninstallation tool does NOT remove Docker binaries and data." INFO "To remove data, run: \`$BIN/rootlesskit rm -rf $HOME/.local/share/docker\`" } From d3188dc1641f8c1b2605ad2a62c93b4b86e36c37 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 14 Dec 2020 12:06:37 +0100 Subject: [PATCH 060/252] Dockerfile: switch to "stable" dockerfile front-end The `RUN --mount` options have been promoted to the stable channel, so we can switch from "experimental" to "stable". Note that the syntax directive should no longer be needed now, but it's good practice to add a syntax-directive, to allow building on older versions of docker. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 083dbe9fcdd08d8b773f2dd89cd6dafc96fe8745) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a75fc2578dce1..7ee51441adaf3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -# syntax=docker/dockerfile:1.1.7-experimental +# syntax=docker/dockerfile:1.2 ARG CROSS="false" ARG SYSTEMD="false" From 2ab3cd8c9e5752d0753fb0fcd95640d05ebeefdf Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 8 Mar 2021 15:27:26 +0100 Subject: [PATCH 061/252] update containerd binary to v1.4.4 full diff: https://github.com/containerd/containerd/compare/v1.4.3...v1.4.4 Release notes: The fourth patch release for `containerd` 1.4 contains a fix for CVE-2021-21334 along with various other minor issues. See [GHSA-36xw-fx78-c5r4](https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4) for more details related to CVE-2021-21334. Notable Updates - Fix container create in CRI to prevent possible environment variable leak between containers - Update shim server to return grpc NotFound error - Add bounds on max `oom_score_adj` value for shim's AdjustOOMScore - Update task manager to use fresh context when calling shim shutdown - Update Docker resolver to avoid possible concurrent map access panic - Update shim's log file open flags to avoid containerd hang on syscall open - Fix incorrect usage calculation Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 1a493934033919b91c4e471638ac1a8bbc5792c5) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index b656a5697b26b..e7c6488096da2 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=269548fa27e0089a8b8278fc4fc781d7f65a939b}" # v1.4.3 +: "${CONTAINERD_COMMIT:=05f951a3781f4f2c1911b05e61c160e9c30eaa8e}" # v1.4.4 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From fed6ba2790e20bb5f433f9a1485a3787c677ae56 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 24 Feb 2021 14:05:38 +0900 Subject: [PATCH 062/252] Include VPNkit binary for arm64 Signed-off-by: Akihiro Suda (cherry picked from commit 088e6ee7906b8ff6f258932e8f9aab8f2211c9f5) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 14 ++++++++++---- hack/make/binary-daemon | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index a75fc2578dce1..8ee855b6ee5fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored ARG GO_VERSION=1.13.15 ARG DEBIAN_FRONTEND=noninteractive -ARG VPNKIT_VERSION=0.4.0 +ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" ARG BASE_DEBIAN_DISTRO="buster" @@ -241,7 +241,13 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ COPY ./contrib/dockerd-rootless.sh /build COPY ./contrib/dockerd-rootless-setuptool.sh /build -FROM djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit +FROM --platform=amd64 djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-amd64 + +FROM --platform=arm64 djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-arm64 + +FROM scratch AS vpnkit +COPY --from=vpnkit-amd64 /vpnkit /build/vpnkit.x86_64 +COPY --from=vpnkit-arm64 /vpnkit /build/vpnkit.aarch64 # TODO: Some of this is only really needed for testing, it would be nice to split this up FROM runtime-dev AS dev-systemd-false @@ -308,7 +314,7 @@ COPY --from=shfmt /build/ /usr/local/bin/ COPY --from=runc /build/ /usr/local/bin/ COPY --from=containerd /build/ /usr/local/bin/ COPY --from=rootlesskit /build/ /usr/local/bin/ -COPY --from=vpnkit /vpnkit /usr/local/bin/vpnkit.x86_64 +COPY --from=vpnkit /build/ /usr/local/bin/ COPY --from=proxy /build/ /usr/local/bin/ ENV PATH=/usr/local/cli:$PATH ARG DOCKER_BUILDTAGS @@ -356,7 +362,7 @@ COPY --from=runc /build/ /usr/local/bin/ COPY --from=containerd /build/ /usr/local/bin/ COPY --from=rootlesskit /build/ /usr/local/bin/ COPY --from=proxy /build/ /usr/local/bin/ -COPY --from=vpnkit /vpnkit /usr/local/bin/vpnkit.x86_64 +COPY --from=vpnkit /build/ /usr/local/bin/ WORKDIR /go/src/github.com/docker/docker FROM binary-base AS build-binary diff --git a/hack/make/binary-daemon b/hack/make/binary-daemon index 6498b8e3d6db3..fd77aabb5b8e7 100644 --- a/hack/make/binary-daemon +++ b/hack/make/binary-daemon @@ -21,7 +21,7 @@ copy_binaries() { fi done - # vpnkit is amd64 only + # vpnkit is available for x86_64 and aarch64 if command -v "vpnkit.$(uname -m)" 2>&1 > /dev/null; then cp -f "$(command -v "vpnkit.$(uname -m)")" "$dir/vpnkit" if [ "$hash" = "hash" ]; then From 074270703c1a6b096231f1a3347d04468bd6af51 Mon Sep 17 00:00:00 2001 From: Jeremy Huntwork Date: Mon, 22 Feb 2021 04:25:43 +0000 Subject: [PATCH 063/252] Use buster backports to build with libseccomp-2.4.4 Fixes #41704 The latest released versions of the static binaries (20.10.3) are still unable to use faccessat2 with musl-1.2.2 even though this was addressed in #41353 and related issues. The underlying cause seems to be that the build system here still uses the default version of libseccomp shipped with buster. An updated version is available in buster backports: https://packages.debian.org/buster-backports/libseccomp-dev Signed-off-by: Jeremy Huntwork (cherry picked from commit 1600e851b5d618fb76ba3aa83b630f3e7c3746c2) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index a75fc2578dce1..5460ff2c4ed1c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -119,6 +119,7 @@ FROM cross-${CROSS} as dev-base FROM dev-base AS runtime-dev-cross-false ARG DEBIAN_FRONTEND +RUN echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/backports.list RUN --mount=type=cache,sharing=locked,id=moby-cross-false-aptlib,target=/var/lib/apt \ --mount=type=cache,sharing=locked,id=moby-cross-false-aptcache,target=/var/cache/apt \ apt-get update && apt-get install -y --no-install-recommends \ @@ -127,7 +128,7 @@ RUN --mount=type=cache,sharing=locked,id=moby-cross-false-aptlib,target=/var/lib libapparmor-dev \ libbtrfs-dev \ libdevmapper-dev \ - libseccomp-dev \ + libseccomp-dev/buster-backports \ libsystemd-dev \ libudev-dev @@ -137,15 +138,16 @@ ARG DEBIAN_FRONTEND # on non-amd64 systems. # Additionally, the crossbuild-amd64 is currently only on debian:buster, so # other architectures cannnot crossbuild amd64. +RUN echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/backports.list RUN --mount=type=cache,sharing=locked,id=moby-cross-true-aptlib,target=/var/lib/apt \ --mount=type=cache,sharing=locked,id=moby-cross-true-aptcache,target=/var/cache/apt \ apt-get update && apt-get install -y --no-install-recommends \ libapparmor-dev:arm64 \ libapparmor-dev:armel \ libapparmor-dev:armhf \ - libseccomp-dev:arm64 \ - libseccomp-dev:armel \ - libseccomp-dev:armhf + libseccomp-dev:arm64/buster-backports \ + libseccomp-dev:armel/buster-backports \ + libseccomp-dev:armhf/buster-backports FROM runtime-dev-cross-${CROSS} AS runtime-dev From 95d2b686bee0370719991fa78edce77f21fff11b Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 24 Feb 2021 18:36:48 +0900 Subject: [PATCH 064/252] overlay2: support "userxattr" option (kernel 5.11) The "userxattr" option is needed for mounting overlayfs inside a user namespace with kernel >= 5.11. The "userxattr" option is NOT needed for the initial user namespace (aka "the host"). Also, Ubuntu (since circa 2015) and Debian (since 10) with kernel < 5.11 can mount the overlayfs in a user namespace without the "userxattr" option. The corresponding kernel commit: 2d2f2d7322ff43e0fe92bf8cccdc0b09449bf2e1 > **ovl: user xattr** > > Optionally allow using "user.overlay." namespace instead of "trusted.overlay." > ... > Disable redirect_dir and metacopy options, because these would allow privilege escalation through direct manipulation of the > "user.overlay.redirect" or "user.overlay.metacopy" xattrs. Fix issue 42055 Related to containerd/containerd PR 5076 Signed-off-by: Akihiro Suda (cherry picked from commit 11ef8d3ba983d6fb0b1597e715bf45e3b882a507) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlay2/overlay.go | 23 +++- daemon/graphdriver/overlayutils/userxattr.go | 112 +++++++++++++++++++ 2 files changed, 129 insertions(+), 6 deletions(-) create mode 100644 daemon/graphdriver/overlayutils/userxattr.go diff --git a/daemon/graphdriver/overlay2/overlay.go b/daemon/graphdriver/overlay2/overlay.go index e26fa07c827dd..38ce92caf73c9 100644 --- a/daemon/graphdriver/overlay2/overlay.go +++ b/daemon/graphdriver/overlay2/overlay.go @@ -113,7 +113,8 @@ var ( useNaiveDiffLock sync.Once useNaiveDiffOnly bool - indexOff string + indexOff string + userxattr string ) func init() { @@ -204,7 +205,16 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap logger.Warnf("Unable to detect whether overlay kernel module supports index parameter: %s", err) } - logger.Debugf("backingFs=%s, projectQuotaSupported=%v, indexOff=%q", backingFs, projectQuotaSupported, indexOff) + needsUserXattr, err := overlayutils.NeedsUserXAttr(home) + if err != nil { + logger.Warnf("Unable to detect whether overlay kernel module needs \"userxattr\" parameter: %s", err) + } + if needsUserXattr { + userxattr = "userxattr," + } + + logger.Debugf("backingFs=%s, projectQuotaSupported=%v, indexOff=%q, userxattr=%q", + backingFs, projectQuotaSupported, indexOff, userxattr) return d, nil } @@ -257,6 +267,7 @@ func (d *Driver) Status() [][2]string { {"Backing Filesystem", backingFs}, {"Supports d_type", strconv.FormatBool(d.supportsDType)}, {"Native Overlay Diff", strconv.FormatBool(!useNaiveDiff(d.home))}, + {"userxattr", strconv.FormatBool(userxattr != "")}, } } @@ -546,9 +557,9 @@ func (d *Driver) Get(id, mountLabel string) (_ containerfs.ContainerFS, retErr e var opts string if readonly { - opts = indexOff + "lowerdir=" + diffDir + ":" + strings.Join(absLowers, ":") + opts = indexOff + userxattr + "lowerdir=" + diffDir + ":" + strings.Join(absLowers, ":") } else { - opts = indexOff + "lowerdir=" + strings.Join(absLowers, ":") + ",upperdir=" + diffDir + ",workdir=" + workDir + opts = indexOff + userxattr + "lowerdir=" + strings.Join(absLowers, ":") + ",upperdir=" + diffDir + ",workdir=" + workDir } mountData := label.FormatMountLabel(opts, mountLabel) @@ -571,9 +582,9 @@ func (d *Driver) Get(id, mountLabel string) (_ containerfs.ContainerFS, retErr e // smaller at the expense of requiring a fork exec to chroot. if len(mountData) > pageSize-1 { if readonly { - opts = indexOff + "lowerdir=" + path.Join(id, diffDirName) + ":" + string(lowers) + opts = indexOff + userxattr + "lowerdir=" + path.Join(id, diffDirName) + ":" + string(lowers) } else { - opts = indexOff + "lowerdir=" + string(lowers) + ",upperdir=" + path.Join(id, diffDirName) + ",workdir=" + path.Join(id, workDirName) + opts = indexOff + userxattr + "lowerdir=" + string(lowers) + ",upperdir=" + path.Join(id, diffDirName) + ",workdir=" + path.Join(id, workDirName) } mountData = label.FormatMountLabel(opts, mountLabel) if len(mountData) > pageSize-1 { diff --git a/daemon/graphdriver/overlayutils/userxattr.go b/daemon/graphdriver/overlayutils/userxattr.go new file mode 100644 index 0000000000000..492560f1b571f --- /dev/null +++ b/daemon/graphdriver/overlayutils/userxattr.go @@ -0,0 +1,112 @@ +// +build linux + +// Forked from https://github.com/containerd/containerd/blob/9ade247b38b5a685244e1391c86ff41ab109556e/snapshots/overlay/check.go +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package overlayutils + +import ( + "fmt" + "io/ioutil" + "os" + "path/filepath" + + "github.com/containerd/containerd/mount" + "github.com/containerd/containerd/sys" + "github.com/sirupsen/logrus" +) + +// NeedsUserXAttr returns whether overlayfs should be mounted with the "userxattr" mount option. +// +// The "userxattr" option is needed for mounting overlayfs inside a user namespace with kernel >= 5.11. +// +// The "userxattr" option is NOT needed for the initial user namespace (aka "the host"). +// +// Also, Ubuntu (since circa 2015) and Debian (since 10) with kernel < 5.11 can mount +// the overlayfs in a user namespace without the "userxattr" option. +// +// The corresponding kernel commit: https://github.com/torvalds/linux/commit/2d2f2d7322ff43e0fe92bf8cccdc0b09449bf2e1 +// > ovl: user xattr +// > +// > Optionally allow using "user.overlay." namespace instead of "trusted.overlay." +// > ... +// > Disable redirect_dir and metacopy options, because these would allow privilege escalation through direct manipulation of the +// > "user.overlay.redirect" or "user.overlay.metacopy" xattrs. +// > ... +// +// The "userxattr" support is not exposed in "/sys/module/overlay/parameters". +func NeedsUserXAttr(d string) (bool, error) { + if !sys.RunningInUserNS() { + // we are the real root (i.e., the root in the initial user NS), + // so we do never need "userxattr" opt. + return false, nil + } + + // TODO: add fast path for kernel >= 5.11 . + // + // Keep in mind that distro vendors might be going to backport the patch to older kernels. + // So we can't completely remove the check. + + tdRoot := filepath.Join(d, "userxattr-check") + if err := os.RemoveAll(tdRoot); err != nil { + logrus.WithError(err).Warnf("Failed to remove check directory %v", tdRoot) + } + + if err := os.MkdirAll(tdRoot, 0700); err != nil { + return false, err + } + + defer func() { + if err := os.RemoveAll(tdRoot); err != nil { + logrus.WithError(err).Warnf("Failed to remove check directory %v", tdRoot) + } + }() + + td, err := ioutil.TempDir(tdRoot, "") + if err != nil { + return false, err + } + + for _, dir := range []string{"lower1", "lower2", "upper", "work", "merged"} { + if err := os.Mkdir(filepath.Join(td, dir), 0755); err != nil { + return false, err + } + } + + opts := []string{ + fmt.Sprintf("lowerdir=%s:%s,upperdir=%s,workdir=%s", filepath.Join(td, "lower2"), filepath.Join(td, "lower1"), filepath.Join(td, "upper"), filepath.Join(td, "work")), + "userxattr", + } + + m := mount.Mount{ + Type: "overlay", + Source: "overlay", + Options: opts, + } + + dest := filepath.Join(td, "merged") + if err := m.Mount(dest); err != nil { + // Probably the host is running Ubuntu/Debian kernel (< 5.11) with the userns patch but without the userxattr patch. + // Return false without error. + logrus.WithError(err).Debugf("cannot mount overlay with \"userxattr\", probably the kernel does not support userxattr") + return false, nil + } + if err := mount.UnmountAll(dest, 0); err != nil { + logrus.WithError(err).Warnf("Failed to unmount check directory %v", dest) + } + return true, nil +} From 2d39a44c1c409247a3282817131b05da9ed9e36f Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 11 Mar 2021 15:18:59 +0900 Subject: [PATCH 065/252] overlayutils/userxattr.go: add "fast path" for kernel >= 5.11.0 Signed-off-by: Akihiro Suda (cherry picked from commit a8008f7313e6f9ad0b2d7e7a49d228f520469bc4) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlayutils/userxattr.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/daemon/graphdriver/overlayutils/userxattr.go b/daemon/graphdriver/overlayutils/userxattr.go index 492560f1b571f..7f19dcb7ed212 100644 --- a/daemon/graphdriver/overlayutils/userxattr.go +++ b/daemon/graphdriver/overlayutils/userxattr.go @@ -27,6 +27,7 @@ import ( "github.com/containerd/containerd/mount" "github.com/containerd/containerd/sys" + "github.com/docker/docker/pkg/parsers/kernel" "github.com/sirupsen/logrus" ) @@ -56,10 +57,13 @@ func NeedsUserXAttr(d string) (bool, error) { return false, nil } - // TODO: add fast path for kernel >= 5.11 . + // Fast path for kernel >= 5.11 . // // Keep in mind that distro vendors might be going to backport the patch to older kernels. - // So we can't completely remove the check. + // So we can't completely remove the "slow path". + if kernel.CheckKernelVersion(5, 11, 0) { + return true, nil + } tdRoot := filepath.Join(d, "userxattr-check") if err := os.RemoveAll(tdRoot); err != nil { From cb501700e809f75abe858fa6c68cf24915bc5c01 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 1 Mar 2021 20:36:53 +0000 Subject: [PATCH 066/252] Fix handling for json-file io.UnexpectedEOF When the multireader hits EOF, we will always get EOF from it, so we cannot store the multrireader fro later error handling, only for the decoder. Thanks @tobiasstadler for pointing this error out. Signed-off-by: Brian Goff (cherry picked from commit 4be98a38e7810940c260d778cfe128b97d9245fb) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/jsonfilelog/read.go | 16 ++++--- daemon/logger/jsonfilelog/read_test.go | 59 ++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 6 deletions(-) diff --git a/daemon/logger/jsonfilelog/read.go b/daemon/logger/jsonfilelog/read.go index cc4649903adcd..635f74a4bc177 100644 --- a/daemon/logger/jsonfilelog/read.go +++ b/daemon/logger/jsonfilelog/read.go @@ -61,9 +61,10 @@ func decodeLogLine(dec *json.Decoder, l *jsonlog.JSONLog) (*logger.Message, erro } type decoder struct { - rdr io.Reader - dec *json.Decoder - jl *jsonlog.JSONLog + rdr io.Reader + dec *json.Decoder + jl *jsonlog.JSONLog + maxRetry int } func (d *decoder) Reset(rdr io.Reader) { @@ -87,7 +88,11 @@ func (d *decoder) Decode() (msg *logger.Message, err error) { if d.jl == nil { d.jl = &jsonlog.JSONLog{} } - for retries := 0; retries < maxJSONDecodeRetry; retries++ { + if d.maxRetry == 0 { + // We aren't using maxJSONDecodeRetry directly so we can give a custom value for testing. + d.maxRetry = maxJSONDecodeRetry + } + for retries := 0; retries < d.maxRetry; retries++ { msg, err = decodeLogLine(d.dec, d.jl) if err == nil || err == io.EOF { break @@ -105,8 +110,7 @@ func (d *decoder) Decode() (msg *logger.Message, err error) { // If the json logger writes a partial json log entry to the disk // while at the same time the decoder tries to decode it, the race condition happens. if err == io.ErrUnexpectedEOF { - d.rdr = io.MultiReader(d.dec.Buffered(), d.rdr) - d.dec = json.NewDecoder(d.rdr) + d.dec = json.NewDecoder(io.MultiReader(d.dec.Buffered(), d.rdr)) continue } } diff --git a/daemon/logger/jsonfilelog/read_test.go b/daemon/logger/jsonfilelog/read_test.go index 19536a1ff96e6..1f0a295f63bad 100644 --- a/daemon/logger/jsonfilelog/read_test.go +++ b/daemon/logger/jsonfilelog/read_test.go @@ -2,6 +2,7 @@ package jsonfilelog // import "github.com/docker/docker/daemon/logger/jsonfilelo import ( "bytes" + "encoding/json" "io" "testing" "time" @@ -93,3 +94,61 @@ func TestEncodeDecode(t *testing.T) { _, err = dec.Decode() assert.Assert(t, err == io.EOF) } + +func TestUnexpectedEOF(t *testing.T) { + buf := bytes.NewBuffer(nil) + msg1 := &logger.Message{Timestamp: time.Now(), Line: []byte("hello1")} + msg2 := &logger.Message{Timestamp: time.Now(), Line: []byte("hello2")} + + err := marshalMessage(msg1, json.RawMessage{}, buf) + assert.NilError(t, err) + err = marshalMessage(msg2, json.RawMessage{}, buf) + assert.NilError(t, err) + + r := &readerWithErr{ + err: io.EOF, + after: buf.Len() / 4, + r: buf, + } + dec := &decoder{rdr: r, maxRetry: 1} + + _, err = dec.Decode() + assert.Error(t, err, io.ErrUnexpectedEOF.Error()) + // again just to check + _, err = dec.Decode() + assert.Error(t, err, io.ErrUnexpectedEOF.Error()) + + // reset the error + // from here all reads should succeed until we get EOF on the underlying reader + r.err = nil + + msg, err := dec.Decode() + assert.NilError(t, err) + assert.Equal(t, string(msg1.Line)+"\n", string(msg.Line)) + + msg, err = dec.Decode() + assert.NilError(t, err) + assert.Equal(t, string(msg2.Line)+"\n", string(msg.Line)) + + _, err = dec.Decode() + assert.Error(t, err, io.EOF.Error()) +} + +type readerWithErr struct { + err error + after int + r io.Reader + read int +} + +func (r *readerWithErr) Read(p []byte) (int, error) { + if r.err != nil && r.read > r.after { + return 0, r.err + } + + n, err := r.r.Read(p[:1]) + if n > 0 { + r.read += n + } + return n, err +} From 969bde20097d54c5ab2534c1e8a9e39cf7844722 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Mon, 15 Mar 2021 21:25:53 +0000 Subject: [PATCH 067/252] jsonfile: more defensive reader implementation Tonis mentioned that we can run into issues if there is more error handling added here. This adds a custom reader implementation which is like io.MultiReader except it does not cache EOF's. What got us into trouble in the first place is `io.MultiReader` will always return EOF once it has received an EOF, however the error handling that we are going for is to recover from an EOF because the underlying file is a file which can have more data added to it after EOF. Signed-off-by: Brian Goff (cherry picked from commit 5a664dc87d79ddc9f09c7a963c52f491999dc939) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/jsonfilelog/read.go | 43 ++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/daemon/logger/jsonfilelog/read.go b/daemon/logger/jsonfilelog/read.go index 635f74a4bc177..5099a0b947b8f 100644 --- a/daemon/logger/jsonfilelog/read.go +++ b/daemon/logger/jsonfilelog/read.go @@ -110,13 +110,54 @@ func (d *decoder) Decode() (msg *logger.Message, err error) { // If the json logger writes a partial json log entry to the disk // while at the same time the decoder tries to decode it, the race condition happens. if err == io.ErrUnexpectedEOF { - d.dec = json.NewDecoder(io.MultiReader(d.dec.Buffered(), d.rdr)) + d.rdr = combineReaders(d.dec.Buffered(), d.rdr) + d.dec = json.NewDecoder(d.rdr) continue } } return msg, err } +func combineReaders(pre, rdr io.Reader) io.Reader { + return &combinedReader{pre: pre, rdr: rdr} +} + +// combinedReader is a reader which is like `io.MultiReader` where except it does not cache a full EOF. +// Once `io.MultiReader` returns EOF, it is always EOF. +// +// For this usecase we have an underlying reader which is a file which may reach EOF but have more data written to it later. +// As such, io.MultiReader does not work for us. +type combinedReader struct { + pre io.Reader + rdr io.Reader +} + +func (r *combinedReader) Read(p []byte) (int, error) { + var read int + if r.pre != nil { + n, err := r.pre.Read(p) + if err != nil { + if err != io.EOF { + return n, err + } + r.pre = nil + } + read = n + } + + if read < len(p) { + n, err := r.rdr.Read(p[read:]) + if n > 0 { + read += n + } + if err != nil { + return read, err + } + } + + return read, nil +} + // decodeFunc is used to create a decoder for the log file reader func decodeFunc(rdr io.Reader) loggerutils.Decoder { return &decoder{ From e1ee2823eca94858abcdf65d79e0737bb4f7cc40 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Thu, 18 Mar 2021 18:36:00 +0000 Subject: [PATCH 068/252] TestPushMultipleTags: Add support for 20.10 CLI In 20.10 we no longer implicitly push all tags and require a "--all-tags" flag, so add this to the test when the CLI is >= 20.10 Signed-off-by: Brian Goff (cherry picked from commit 601707a655071e4ab2d3c7ee3f7f868af1774321) Signed-off-by: Brian Goff --- integration-cli/cli/cli.go | 1 + integration-cli/docker_cli_push_test.go | 11 ++++++++++- integration-cli/docker_utils_test.go | 1 + integration-cli/requirements_test.go | 9 +++++++++ 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/integration-cli/cli/cli.go b/integration-cli/cli/cli.go index b4b1e6b0c5fe4..7b4796db4dd3f 100644 --- a/integration-cli/cli/cli.go +++ b/integration-cli/cli/cli.go @@ -26,6 +26,7 @@ type CmdOperator func(*icmd.Cmd) func() // DockerCmd executes the specified docker command and expect a success func DockerCmd(t testing.TB, args ...string) *icmd.Result { + t.Helper() return Docker(Args(args...)).Assert(t, icmd.Success) } diff --git a/integration-cli/docker_cli_push_test.go b/integration-cli/docker_cli_push_test.go index e8d50547973b2..886b1780d9b1a 100644 --- a/integration-cli/docker_cli_push_test.go +++ b/integration-cli/docker_cli_push_test.go @@ -12,6 +12,7 @@ import ( "testing" "github.com/docker/distribution/reference" + "github.com/docker/docker/api/types/versions" "github.com/docker/docker/integration-cli/cli/build" "gotest.tools/v3/assert" "gotest.tools/v3/icmd" @@ -81,7 +82,15 @@ func testPushMultipleTags(c *testing.T) { // tag the image and upload it to the private registry dockerCmd(c, "tag", "busybox", repoTag1) dockerCmd(c, "tag", "busybox", repoTag2) - dockerCmd(c, "push", repoName) + + args := []string{"push"} + if versions.GreaterThanOrEqualTo(DockerCLIVersion(c), "20.10.0") { + // 20.10 CLI removed implicit push all tags and requires the "--all" flag + args = append(args, "--all-tags") + } + args = append(args, repoName) + + dockerCmd(c, args...) imageAlreadyExists := ": Image already exists" diff --git a/integration-cli/docker_utils_test.go b/integration-cli/docker_utils_test.go index 389149e73cdc5..b44267389869b 100644 --- a/integration-cli/docker_utils_test.go +++ b/integration-cli/docker_utils_test.go @@ -41,6 +41,7 @@ func dockerCmdWithError(args ...string) (string, int, error) { // Deprecated: use cli.Docker or cli.DockerCmd func dockerCmd(c testing.TB, args ...string) (string, int) { + c.Helper() result := cli.DockerCmd(c, args...) return result.Combined(), result.ExitCode } diff --git a/integration-cli/requirements_test.go b/integration-cli/requirements_test.go index 5391432d5b2ee..8d5c64fe186b8 100644 --- a/integration-cli/requirements_test.go +++ b/integration-cli/requirements_test.go @@ -189,6 +189,15 @@ func TODOBuildkit() bool { return os.Getenv("DOCKER_BUILDKIT") == "" } +func DockerCLIVersion(t testing.TB) string { + out, _ := dockerCmd(t, "--version") + version := strings.Fields(out) + if len(version) < 3 { + t.Fatal("unknown version output", version) + } + return version[2] +} + // testRequires checks if the environment satisfies the requirements // for the test to run or skips the tests. func testRequires(t *testing.T, requirements ...requirement.Test) { From 9780942e203b09fc4789ff5c426549baf7d242a3 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Thu, 18 Mar 2021 17:07:23 +0000 Subject: [PATCH 069/252] Remove cli test for duplicate --net/--network opts This seems to be testing a strange case, specifically that one can set the `--net` and `--network` in the same command with the same network. Indeed this used to work with older CLIs but newer ones error out when validating the request before sending it to the daemon. Opening this for discussion because: 1. This doesn't seem to be testing anything at all related to the rest of the test 2. Not really providing any value here. 3. Is testing that a technically invalid option is successful (whether the option should be valid as it relates to the CLI accepting it is debatable). 4. Such a case seems fringe and even a bug in whatever is calling the CLI with such options. Signed-off-by: Brian Goff (cherry picked from commit e31086320ea0305e2cc70490160ee30480471680) Signed-off-by: Brian Goff --- integration-cli/docker_cli_network_unix_test.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/integration-cli/docker_cli_network_unix_test.go b/integration-cli/docker_cli_network_unix_test.go index eb9d46b34d860..e52c1b409aeed 100644 --- a/integration-cli/docker_cli_network_unix_test.go +++ b/integration-cli/docker_cli_network_unix_test.go @@ -1696,9 +1696,6 @@ func (s *DockerNetworkSuite) TestDockerNetworkFlagAlias(c *testing.T) { output, status := dockerCmd(c, "run", "--rm", "--network=user", "--network-alias=foo", "busybox", "true") assert.Equal(c, status, 0, fmt.Sprintf("unexpected status code %d (%s)", status, output)) - output, status, _ = dockerCmdWithError("run", "--rm", "--net=user", "--network=user", "busybox", "true") - assert.Equal(c, status, 0, fmt.Sprintf("unexpected status code %d (%s)", status, output)) - output, status, _ = dockerCmdWithError("run", "--rm", "--network=user", "--net-alias=foo", "--network-alias=bar", "busybox", "true") assert.Equal(c, status, 0, fmt.Sprintf("unexpected status code %d (%s)", status, output)) } From a35e1f451e921466e1a8f2a92cc601e5c705aa05 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 22 Mar 2021 11:00:54 +0100 Subject: [PATCH 070/252] update rootlesskit to v0.14.0 full diff: https://github.com/rootless-containers/rootlesskit/compare/v0.13.1...v0.14.0 v0.14.0 Changes (since v0.13.2) -------------------------------------- - CLI: improve --help output - API: support GET /info - Port API: support specifying IP version explicitly ("tcp4", "tcp6") - rootlesskit-docker-proxy: support libnetwork >= 20201216 convention - Allow vendoring with moby/sys/mountinfo@v0.1.3 as well as @v0.4.0 - Remove socat port driver - socat driver has been deprecated since v0.7.1 (Dec 2019) - New experimental flag: --ipv6 - Enables IPv6 routing (slirp4netns --enable-ipv6). Unrelated to port driver. v0.13.2 -------------------------------------- - Fix cleaning up crashed state dir - Update Go to 1.16 - Misc fixes Signed-off-by: Sebastiaan van Stijn (cherry picked from commit e166af959daa31a536b666fa35148f93462918d6) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/rootlesskit.installer | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 9580cc971c24f..461669f0029df 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,7 @@ #!/bin/sh -# v0.13.1 -: "${ROOTLESSKIT_COMMIT:=5c30c9c2586add2ad659132990fdc230f05035fa}" +# v0.14.0 +: "${ROOTLESSKIT_COMMIT:=81d7d047d09a5b93645817ec580181de7a984082}" install_rootlesskit() { case "$1" in From 407a61cdb279659ce218fe8996ee18eb363050ac Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Tue, 23 Mar 2021 20:52:47 +0000 Subject: [PATCH 071/252] hack: use GOPROXY for rootlesskit to workaround issue with old git on CentOS/RHEL 7 Since rootlesskit removed vendor folder, building it has to rely on go mod. Dockerfile in docker-ce-packaging uses GOPROXY=direct, which makes "go mod" commands use git to fetch modules. "go mod" in Go versions before 1.14.1 are incompatible with older git versions, including the version of git that ships with CentOS/RHEL 7 (which have git 1.8), see golang/go#38373 This patch switches rootlesskit install script to set GOPROXY to https://proxy.golang.org so that git is not required for downloading modules. Once all our code has upgraded to Go 1.14+, this workaround should be removed. Signed-off-by: Tibor Vass (cherry picked from commit cbc6cefdcbe8b7ab66571407ee0b3c39f1e7a96b) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/rootlesskit.installer | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 9580cc971c24f..43027281685fa 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -31,6 +31,11 @@ _install_rootlesskit() ( cd "$GOPATH/src/github.com/rootless-containers/rootlesskit" || exit 1 git checkout -q "$ROOTLESSKIT_COMMIT" export GO111MODULE=on + # TODO remove GOPROXY override once we updated to Go 1.14+ + # Using goproxy instead of "direct" to work around an issue in go mod + # on Go 1.13 not working with older git versions (default version on + # CentOS 7 is git 1.8), see https://github.com/golang/go/issues/38373 + export GOPROXY="https://proxy.golang.org" for f in rootlesskit rootlesskit-docker-proxy; do go build $BUILD_MODE -ldflags="$ROOTLESSKIT_LDFLAGS" -o "${PREFIX}/$f" github.com/rootless-containers/rootlesskit/cmd/$f done From b41e2d4dc1d940aed60a49bac5b9f7dcfada7373 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 29 Jan 2021 17:28:46 +0100 Subject: [PATCH 072/252] integration/container: wrap some long lines for readability Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 54ca929a709553bb911661abfc60901093ad3eab) Signed-off-by: Sebastiaan van Stijn --- integration/container/nat_test.go | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/integration/container/nat_test.go b/integration/container/nat_test.go index f33c904480412..a8d1134e4dd15 100644 --- a/integration/container/nat_test.go +++ b/integration/container/nat_test.go @@ -70,7 +70,11 @@ func TestNetworkLoopbackNat(t *testing.T) { client := testEnv.APIClient() ctx := context.Background() - cID := container.Run(ctx, t, client, container.WithCmd("sh", "-c", fmt.Sprintf("stty raw && nc -w 1 %s 8080", endpoint.String())), container.WithTty(true), container.WithNetworkMode("container:"+serverContainerID)) + cID := container.Run(ctx, t, client, + container.WithCmd("sh", "-c", fmt.Sprintf("stty raw && nc -w 1 %s 8080", endpoint.String())), + container.WithTty(true), + container.WithNetworkMode("container:"+serverContainerID), + ) poll.WaitOn(t, container.IsStopped(ctx, client, cID), poll.WithDelay(100*time.Millisecond)) @@ -92,15 +96,19 @@ func startServerContainer(t *testing.T, msg string, port int) string { client := testEnv.APIClient() ctx := context.Background() - cID := container.Run(ctx, t, client, container.WithName("server-"+t.Name()), container.WithCmd("sh", "-c", fmt.Sprintf("echo %q | nc -lp %d", msg, port)), container.WithExposedPorts(fmt.Sprintf("%d/tcp", port)), func(c *container.TestContainerConfig) { - c.HostConfig.PortBindings = nat.PortMap{ - nat.Port(fmt.Sprintf("%d/tcp", port)): []nat.PortBinding{ - { - HostPort: fmt.Sprintf("%d", port), + cID := container.Run(ctx, t, client, + container.WithName("server-"+t.Name()), + container.WithCmd("sh", "-c", fmt.Sprintf("echo %q | nc -lp %d", msg, port)), + container.WithExposedPorts(fmt.Sprintf("%d/tcp", port)), + func(c *container.TestContainerConfig) { + c.HostConfig.PortBindings = nat.PortMap{ + nat.Port(fmt.Sprintf("%d/tcp", port)): []nat.PortBinding{ + { + HostPort: fmt.Sprintf("%d", port), + }, }, - }, - } - }) + } + }) poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) From 86d98f5711ea4350dce6398339df5906eeaf62fe Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 10 Feb 2021 11:31:18 +0100 Subject: [PATCH 073/252] integration: update getExternalAddress to prefer IPv4 Rootlesskit doesn't currently handle IPv6 addresses, causing TestNetworkLoopbackNat and TestNetworkNat to fail; Error starting userland proxy: error while calling PortManager.AddPort(): listen tcp: address :::8080: too many colons in address This patch: - Updates `getExternalAddress()` to pick IPv4 address if both IPv6 and IPv4 are found - Update TestNetworkNat to net.JoinHostPort(), so that square brackets are used for IPv6 addresses (e.g. `[::]:8080`) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f845b98ca675c9e848a27f135eac9cd31aac78e5) Signed-off-by: Sebastiaan van Stijn --- integration/container/nat_test.go | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/integration/container/nat_test.go b/integration/container/nat_test.go index a8d1134e4dd15..aad5175fd5e2f 100644 --- a/integration/container/nat_test.go +++ b/integration/container/nat_test.go @@ -30,7 +30,7 @@ func TestNetworkNat(t *testing.T) { startServerContainer(t, msg, 8080) endpoint := getExternalAddress(t) - conn, err := net.Dial("tcp", fmt.Sprintf("%s:%d", endpoint.String(), 8080)) + conn, err := net.Dial("tcp", net.JoinHostPort(endpoint.String(), "8080")) assert.NilError(t, err) defer conn.Close() @@ -115,6 +115,9 @@ func startServerContainer(t *testing.T, msg string, port int) string { return cID } +// getExternalAddress() returns the external IP-address from eth0. If eth0 has +// multiple IP-addresses, it returns the first IPv4 IP-address; if no IPv4 +// address is present, it returns the first IP-address found. func getExternalAddress(t *testing.T) net.IP { t.Helper() iface, err := net.InterfaceByName("eth0") @@ -124,6 +127,17 @@ func getExternalAddress(t *testing.T) net.IP { assert.NilError(t, err) assert.Check(t, 0 != len(ifaceAddrs)) + if len(ifaceAddrs) > 1 { + // Prefer IPv4 address if multiple addresses found, as rootlesskit + // does not handle IPv6 currently https://github.com/moby/moby/pull/41908#issuecomment-774200001 + for _, a := range ifaceAddrs { + ifaceIP, _, err := net.ParseCIDR(a.String()) + assert.NilError(t, err) + if ifaceIP.To4() != nil { + return ifaceIP + } + } + } ifaceIP, _, err := net.ParseCIDR(ifaceAddrs[0].String()) assert.NilError(t, err) From ef2351b416146ead18e4026a6fd2e43da70b87c7 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 11 Feb 2021 21:45:16 +0100 Subject: [PATCH 074/252] integration-cli: rely less on "docker port" output format Also re-formatting some lines for readability. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c6038b488406ca3b7cc62ddcc0438cf678694bf7) Signed-off-by: Sebastiaan van Stijn --- integration-cli/docker_api_exec_test.go | 2 +- integration-cli/docker_cli_port_test.go | 115 +++++++++++++----------- integration-cli/docker_cli_ps_test.go | 16 ++-- integration-cli/docker_cli_run_test.go | 16 ++-- 4 files changed, 77 insertions(+), 72 deletions(-) diff --git a/integration-cli/docker_api_exec_test.go b/integration-cli/docker_api_exec_test.go index e0e0973ea0e51..02b33ac0fb0f4 100644 --- a/integration-cli/docker_api_exec_test.go +++ b/integration-cli/docker_api_exec_test.go @@ -297,7 +297,7 @@ func waitForExec(c *testing.T, id string) { } func inspectContainer(c *testing.T, id string, out interface{}) { - resp, body, err := request.Get(fmt.Sprintf("/containers/%s/json", id)) + resp, body, err := request.Get("/containers/" + id + "/json") assert.NilError(c, err) defer body.Close() assert.Equal(c, resp.StatusCode, http.StatusOK) diff --git a/integration-cli/docker_cli_port_test.go b/integration-cli/docker_cli_port_test.go index f1bd7904ccfd6..fbef608288315 100644 --- a/integration-cli/docker_cli_port_test.go +++ b/integration-cli/docker_cli_port_test.go @@ -1,8 +1,8 @@ package main import ( + "context" "fmt" - "net" "regexp" "sort" "strconv" @@ -51,7 +51,8 @@ func (s *DockerSuite) TestPortList(c *testing.T) { err = assertPortList(c, out, []string{ "80/tcp -> 0.0.0.0:9876", "81/tcp -> 0.0.0.0:9877", - "82/tcp -> 0.0.0.0:9878"}) + "82/tcp -> 0.0.0.0:9878", + }) // Port list is not correct assert.NilError(c, err) @@ -78,7 +79,8 @@ func (s *DockerSuite) TestPortList(c *testing.T) { "80/tcp -> 0.0.0.0:9876", "80/tcp -> 0.0.0.0:9999", "81/tcp -> 0.0.0.0:9877", - "82/tcp -> 0.0.0.0:9878"}) + "82/tcp -> 0.0.0.0:9878", + }) // Port list is not correct assert.NilError(c, err) dockerCmd(c, "rm", "-f", ID) @@ -87,9 +89,7 @@ func (s *DockerSuite) TestPortList(c *testing.T) { // host port ranges used IDs := make([]string, 3) for i := 0; i < 3; i++ { - out, _ = dockerCmd(c, "run", "-d", - "-p", "9090-9092:80", - "busybox", "top") + out, _ = dockerCmd(c, "run", "-d", "-p", "9090-9092:80", "busybox", "top") IDs[i] = strings.TrimSpace(out) out, _ = dockerCmd(c, "port", IDs[i]) @@ -100,9 +100,7 @@ func (s *DockerSuite) TestPortList(c *testing.T) { } // test port range exhaustion - out, _, err = dockerCmdWithError("run", "-d", - "-p", "9090-9092:80", - "busybox", "top") + out, _, err = dockerCmdWithError("run", "-d", "-p", "9090-9092:80", "busybox", "top") // Exhausted port range did not return an error assert.Assert(c, err != nil, "out: %s", out) @@ -116,17 +114,13 @@ func (s *DockerSuite) TestPortList(c *testing.T) { // test invalid port ranges for _, invalidRange := range []string{"9090-9089:80", "9090-:80", "-9090:80"} { - out, _, err = dockerCmdWithError("run", "-d", - "-p", invalidRange, - "busybox", "top") + out, _, err = dockerCmdWithError("run", "-d", "-p", invalidRange, "busybox", "top") // Port range should have returned an error assert.Assert(c, err != nil, "out: %s", out) } // test host range:container range spec. - out, _ = dockerCmd(c, "run", "-d", - "-p", "9800-9803:80-83", - "busybox", "top") + out, _ = dockerCmd(c, "run", "-d", "-p", "9800-9803:80-83", "busybox", "top") ID = strings.TrimSpace(out) out, _ = dockerCmd(c, "port", ID) @@ -135,28 +129,27 @@ func (s *DockerSuite) TestPortList(c *testing.T) { "80/tcp -> 0.0.0.0:9800", "81/tcp -> 0.0.0.0:9801", "82/tcp -> 0.0.0.0:9802", - "83/tcp -> 0.0.0.0:9803"}) + "83/tcp -> 0.0.0.0:9803", + }) // Port list is not correct assert.NilError(c, err) dockerCmd(c, "rm", "-f", ID) // test mixing protocols in same port range - out, _ = dockerCmd(c, "run", "-d", - "-p", "8000-8080:80", - "-p", "8000-8080:80/udp", - "busybox", "top") + out, _ = dockerCmd(c, "run", "-d", "-p", "8000-8080:80", "-p", "8000-8080:80/udp", "busybox", "top") ID = strings.TrimSpace(out) out, _ = dockerCmd(c, "port", ID) // Running this test multiple times causes the TCP port to increment. - err = assertPortRange(c, out, []int{8000, 8080}, []int{8000, 8080}) + err = assertPortRange(ID, []int{8000, 8080}, []int{8000, 8080}) // Port list is not correct assert.NilError(c, err) dockerCmd(c, "rm", "-f", ID) } func assertPortList(c *testing.T, out string, expected []string) error { + c.Helper() lines := strings.Split(strings.Trim(out, "\n "), "\n") if len(lines) != len(expected) { return fmt.Errorf("different size lists %s, %d, %d", out, len(lines), len(expected)) @@ -164,8 +157,20 @@ func assertPortList(c *testing.T, out string, expected []string) error { sort.Strings(lines) sort.Strings(expected) + // "docker port" does not yet have a "--format" flag, and older versions + // of the CLI used an incorrect output format for mappings on IPv6 addresses + // for example, "80/tcp -> :::80" instead of "80/tcp -> [::]:80". + oldFormat := func(mapping string) string { + old := strings.Replace(mapping, "-> [", "-> ", 1) + old = strings.Replace(old, "]:", ":", 1) + return old + } + for i := 0; i < len(expected); i++ { - if lines[i] != expected[i] { + if lines[i] == expected[i] { + continue + } + if lines[i] != oldFormat(expected[i]) { return fmt.Errorf("|" + lines[i] + "!=" + expected[i] + "|") } } @@ -173,27 +178,40 @@ func assertPortList(c *testing.T, out string, expected []string) error { return nil } -func assertPortRange(c *testing.T, out string, expectedTCP, expectedUDP []int) error { - lines := strings.Split(strings.Trim(out, "\n "), "\n") +func assertPortRange(id string, expectedTCP, expectedUDP []int) error { + client := testEnv.APIClient() + inspect, err := client.ContainerInspect(context.TODO(), id) + if err != nil { + return err + } var validTCP, validUDP bool - for _, l := range lines { - // 80/tcp -> 0.0.0.0:8015 - port, err := strconv.Atoi(strings.Split(l, ":")[1]) - if err != nil { - return err + for portAndProto, binding := range inspect.NetworkSettings.Ports { + if portAndProto.Proto() == "tcp" && len(expectedTCP) == 0 { + continue } - if strings.Contains(l, "tcp") && expectedTCP != nil { - if port < expectedTCP[0] || port > expectedTCP[1] { - return fmt.Errorf("tcp port (%d) not in range expected range %d-%d", port, expectedTCP[0], expectedTCP[1]) - } - validTCP = true + if portAndProto.Proto() == "udp" && len(expectedTCP) == 0 { + continue } - if strings.Contains(l, "udp") && expectedUDP != nil { - if port < expectedUDP[0] || port > expectedUDP[1] { - return fmt.Errorf("udp port (%d) not in range expected range %d-%d", port, expectedUDP[0], expectedUDP[1]) + + for _, b := range binding { + port, err := strconv.Atoi(b.HostPort) + if err != nil { + return err + } + + if len(expectedTCP) > 0 { + if port < expectedTCP[0] || port > expectedTCP[1] { + return fmt.Errorf("tcp port (%d) not in range expected range %d-%d", port, expectedTCP[0], expectedTCP[1]) + } + validTCP = true + } + if len(expectedUDP) > 0 { + if port < expectedUDP[0] || port > expectedUDP[1] { + return fmt.Errorf("udp port (%d) not in range expected range %d-%d", port, expectedUDP[0], expectedUDP[1]) + } + validUDP = true } - validUDP = true } } if !validTCP { @@ -282,8 +300,7 @@ func (s *DockerSuite) TestUnpublishedPortsInPsOutput(c *testing.T) { func (s *DockerSuite) TestPortHostBinding(c *testing.T) { testRequires(c, DaemonIsLinux, NotUserNamespace) - out, _ := dockerCmd(c, "run", "-d", "-p", "9876:80", "busybox", - "nc", "-l", "-p", "80") + out, _ := dockerCmd(c, "run", "-d", "-p", "9876:80", "busybox", "nc", "-l", "-p", "80") firstID := strings.TrimSpace(out) out, _ = dockerCmd(c, "port", firstID, "80") @@ -292,8 +309,7 @@ func (s *DockerSuite) TestPortHostBinding(c *testing.T) { // Port list is not correct assert.NilError(c, err) - dockerCmd(c, "run", "--net=host", "busybox", - "nc", "localhost", "9876") + dockerCmd(c, "run", "--net=host", "busybox", "nc", "localhost", "9876") dockerCmd(c, "rm", "-f", firstID) @@ -304,22 +320,17 @@ func (s *DockerSuite) TestPortHostBinding(c *testing.T) { func (s *DockerSuite) TestPortExposeHostBinding(c *testing.T) { testRequires(c, DaemonIsLinux, NotUserNamespace) - out, _ := dockerCmd(c, "run", "-d", "-P", "--expose", "80", "busybox", - "nc", "-l", "-p", "80") + out, _ := dockerCmd(c, "run", "-d", "-P", "--expose", "80", "busybox", "nc", "-l", "-p", "80") firstID := strings.TrimSpace(out) - out, _ = dockerCmd(c, "port", firstID, "80") - - _, exposedPort, err := net.SplitHostPort(out) - assert.Assert(c, err == nil, "out: %s", out) + out, _ = dockerCmd(c, "inspect", "--format", `{{index .NetworkSettings.Ports "80/tcp" 0 "HostPort" }}`, firstID) - dockerCmd(c, "run", "--net=host", "busybox", - "nc", "localhost", strings.TrimSpace(exposedPort)) + exposedPort := strings.TrimSpace(out) + dockerCmd(c, "run", "--net=host", "busybox", "nc", "127.0.0.1", exposedPort) dockerCmd(c, "rm", "-f", firstID) - out, _, err = dockerCmdWithError("run", "--net=host", "busybox", - "nc", "localhost", strings.TrimSpace(exposedPort)) + out, _, err := dockerCmdWithError("run", "--net=host", "busybox", "nc", "127.0.0.1", exposedPort) // Port is still bound after the Container is removed assert.Assert(c, err != nil, "out: %s", out) } diff --git a/integration-cli/docker_cli_ps_test.go b/integration-cli/docker_cli_ps_test.go index ee0a67867aa5f..1677fc00eafe2 100644 --- a/integration-cli/docker_cli_ps_test.go +++ b/integration-cli/docker_cli_ps_test.go @@ -594,20 +594,16 @@ func (s *DockerSuite) TestPsImageIDAfterUpdate(c *testing.T) { func (s *DockerSuite) TestPsNotShowPortsOfStoppedContainer(c *testing.T) { testRequires(c, DaemonIsLinux) - dockerCmd(c, "run", "--name=foo", "-d", "-p", "5000:5000", "busybox", "top") + dockerCmd(c, "run", "--name=foo", "-d", "-p", "6000:5000", "busybox", "top") assert.Assert(c, waitRun("foo") == nil) - out, _ := dockerCmd(c, "ps") - lines := strings.Split(strings.TrimSpace(out), "\n") - expected := "0.0.0.0:5000->5000/tcp" - fields := strings.Fields(lines[1]) - assert.Equal(c, fields[len(fields)-2], expected, fmt.Sprintf("Expected: %v, got: %v", expected, fields[len(fields)-2])) + ports, _ := dockerCmd(c, "ps", "--format", "{{ .Ports }}", "--filter", "name=foo") + expected := ":6000->5000/tcp" + assert.Assert(c, is.Contains(ports, expected), "Expected: %v, got: %v", expected, ports) dockerCmd(c, "kill", "foo") dockerCmd(c, "wait", "foo") - out, _ = dockerCmd(c, "ps", "-l") - lines = strings.Split(strings.TrimSpace(out), "\n") - fields = strings.Fields(lines[1]) - assert.Assert(c, fields[len(fields)-2] != expected, "Should not got %v", expected) + ports, _ = dockerCmd(c, "ps", "--format", "{{ .Ports }}", "--filter", "name=foo") + assert.Equal(c, ports, "", "Should not got %v", expected) } func (s *DockerSuite) TestPsShowMounts(c *testing.T) { diff --git a/integration-cli/docker_cli_run_test.go b/integration-cli/docker_cli_run_test.go index 2fdc887188c6d..1856643ea824d 100644 --- a/integration-cli/docker_cli_run_test.go +++ b/integration-cli/docker_cli_run_test.go @@ -2063,12 +2063,11 @@ func (s *DockerSuite) TestRunAllocatePortInReservedRange(c *testing.T) { out, _ := dockerCmd(c, "run", "-d", "-P", "-p", "80", "busybox", "top") id := strings.TrimSpace(out) - out, _ = dockerCmd(c, "port", id, "80") - - strPort := strings.Split(strings.TrimSpace(out), ":")[1] - port, err := strconv.ParseInt(strPort, 10, 64) + out, _ = dockerCmd(c, "inspect", "--format", `{{index .NetworkSettings.Ports "80/tcp" 0 "HostPort" }}`, id) + out = strings.TrimSpace(out) + port, err := strconv.ParseInt(out, 10, 64) if err != nil { - c.Fatalf("invalid port, got: %s, error: %s", strPort, err) + c.Fatalf("invalid port, got: %s, error: %s", out, err) } // allocate a static port and a dynamic port together, with static port @@ -2278,7 +2277,7 @@ func (s *DockerSuite) TestRunAllowPortRangeThroughExpose(c *testing.T) { if portnum < 3000 || portnum > 3003 { c.Fatalf("Port %d is out of range ", portnum) } - if binding == nil || len(binding) != 1 || len(binding[0].HostPort) == 0 { + if len(binding) == 0 || len(binding[0].HostPort) == 0 { c.Fatalf("Port is not mapped for the port %s", port) } } @@ -2497,13 +2496,12 @@ func (s *DockerSuite) TestRunPortFromDockerRangeInUse(c *testing.T) { out, _ := dockerCmd(c, "run", "-d", "-p", ":80", "busybox", "top") id := strings.TrimSpace(out) - out, _ = dockerCmd(c, "port", id) + out, _ = dockerCmd(c, "inspect", "--format", `{{index .NetworkSettings.Ports "80/tcp" 0 "HostPort" }}`, id) out = strings.TrimSpace(out) if out == "" { c.Fatal("docker port command output is empty") } - out = strings.Split(out, ":")[1] lastPort, err := strconv.Atoi(out) if err != nil { c.Fatal(err) @@ -2637,7 +2635,7 @@ func (s *DockerSuite) TestRunAllowPortRangeThroughPublish(c *testing.T) { if portnum < 3000 || portnum > 3003 { c.Fatalf("Port %d is out of range ", portnum) } - if binding == nil || len(binding) != 1 || len(binding[0].HostPort) == 0 { + if len(binding) == 0 || len(binding[0].HostPort) == 0 { c.Fatal("Port is not mapped for the port "+port, out) } } From 915b239519116e239c08f64df49ceb32807963e3 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 21 Jan 2021 13:25:18 +0100 Subject: [PATCH 075/252] builder: produce error when using unsupported Dockerfile option With the promotion of the experimental Dockerfile syntax to "stable", the Dockerfile syntax now includes some options that are supported by BuildKit, but not (yet) supported in the classic builder. As a result, parsing a Dockerfile may succeed, but any flag that's known to BuildKit, but not supported by the classic builder is silently ignored; $ mkdir buildkit_flags && cd buildkit_flags $ touch foo.txt For example, `RUN --mount`: DOCKER_BUILDKIT=0 docker build --no-cache -f- . < 219ee5171f80 Step 2/2 : RUN --mount=type=cache,target=/foo echo hello ---> Running in 022fdb856bc8 hello Removing intermediate container 022fdb856bc8 ---> e9f0988844d1 Successfully built e9f0988844d1 Or `COPY --chmod` (same for `ADD --chmod`): DOCKER_BUILDKIT=0 docker build --no-cache -f- . < 219ee5171f80 Step 2/2 : COPY --chmod=0777 /foo.txt /foo.txt ---> 8b7117932a2a Successfully built 8b7117932a2a Note that unknown flags still produce and error, for example, the below fails because `--hello` is an unknown flag; DOCKER_BUILDKIT=0 docker build -< b97242f89c8a Step 2/2 : RUN --mount=type=cache,target=/foo echo hello the --mount option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled DOCKER_BUILDKIT=0 docker build --no-cache -f- . < b97242f89c8a Step 2/2 : COPY --chmod=0777 /foo.txt /foo.txt the --chmod option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a09c0276a219ba5498d26e36e5b96e6ea1028526) Signed-off-by: Sebastiaan van Stijn --- builder/dockerfile/dispatchers.go | 12 ++++++++ builder/dockerfile/dispatchers_test.go | 38 ++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/builder/dockerfile/dispatchers.go b/builder/dockerfile/dispatchers.go index 36335df952f6b..f755f12650df3 100644 --- a/builder/dockerfile/dispatchers.go +++ b/builder/dockerfile/dispatchers.go @@ -92,6 +92,9 @@ func dispatchLabel(d dispatchRequest, c *instructions.LabelCommand) error { // exist here. If you do not wish to have this automatic handling, use COPY. // func dispatchAdd(d dispatchRequest, c *instructions.AddCommand) error { + if c.Chmod != "" { + return errors.New("the --chmod option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled") + } downloader := newRemoteSourceDownloader(d.builder.Output, d.builder.Stdout) copier := copierFromDispatchRequest(d, downloader, nil) defer copier.Cleanup() @@ -111,6 +114,9 @@ func dispatchAdd(d dispatchRequest, c *instructions.AddCommand) error { // Same as 'ADD' but without the tar and remote url handling. // func dispatchCopy(d dispatchRequest, c *instructions.CopyCommand) error { + if c.Chmod != "" { + return errors.New("the --chmod option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled") + } var im *imageMount var err error if c.From != "" { @@ -346,6 +352,12 @@ func dispatchRun(d dispatchRequest, c *instructions.RunCommand) error { if !system.IsOSSupported(d.state.operatingSystem) { return system.ErrNotSupportedOperatingSystem } + + if len(c.FlagsUsed) > 0 { + // classic builder RUN currently does not support any flags, so fail on the first one + return errors.Errorf("the --%s option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled", c.FlagsUsed[0]) + } + stateRunConfig := d.state.runConfig cmdFromArgs, argsEscaped := resolveCmdLine(c.ShellDependantCmdLine, stateRunConfig, d.state.operatingSystem, c.Name(), c.String()) buildArgs := d.state.buildArgs.FilterAllowed(stateRunConfig.Env) diff --git a/builder/dockerfile/dispatchers_test.go b/builder/dockerfile/dispatchers_test.go index d5f6bb96a9888..8aa99a6513c38 100644 --- a/builder/dockerfile/dispatchers_test.go +++ b/builder/dockerfile/dispatchers_test.go @@ -3,6 +3,7 @@ package dockerfile // import "github.com/docker/docker/builder/dockerfile" import ( "bytes" "context" + "fmt" "runtime" "strings" "testing" @@ -570,3 +571,40 @@ func TestRunIgnoresHealthcheck(t *testing.T) { assert.NilError(t, dispatch(sb, run)) assert.Check(t, is.DeepEqual(expectedTest, sb.state.runConfig.Healthcheck.Test)) } + +func TestDispatchUnsupportedOptions(t *testing.T) { + b := newBuilderWithMockBackend() + sb := newDispatchRequest(b, '`', nil, NewBuildArgs(make(map[string]*string)), newStagesBuildResults()) + sb.state.baseImage = &mockImage{} + sb.state.operatingSystem = runtime.GOOS + + t.Run("ADD with chmod", func(t *testing.T) { + cmd := &instructions.AddCommand{SourcesAndDest: []string{".", "."}, Chmod: "0655"} + err := dispatch(sb, cmd) + assert.Error(t, err, "the --chmod option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled") + }) + + t.Run("COPY with chmod", func(t *testing.T) { + cmd := &instructions.CopyCommand{SourcesAndDest: []string{".", "."}, Chmod: "0655"} + err := dispatch(sb, cmd) + assert.Error(t, err, "the --chmod option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled") + }) + + t.Run("RUN with unsupported options", func(t *testing.T) { + cmd := &instructions.RunCommand{ + ShellDependantCmdLine: instructions.ShellDependantCmdLine{ + CmdLine: strslice.StrSlice{"echo foo"}, + PrependShell: true, + }, + } + + // classic builder "RUN" currently doesn't support any flags, but testing + // both "known" flags and "bogus" flags for completeness, and in case + // one or more of these flags will be supported in future + for _, f := range []string{"mount", "network", "security", "any-flag"} { + cmd.FlagsUsed = []string{f} + err := dispatch(sb, cmd) + assert.Error(t, err, fmt.Sprintf("the --%s option requires BuildKit. Refer to https://docs.docker.com/go/buildkit/ to learn how to build images with BuildKit enabled", f)) + } + }) +} From d26ed2c33babc6a8516b447bf90de20e474d5d83 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 25 Mar 2021 00:16:23 +0100 Subject: [PATCH 076/252] fix assertPortList normalizing being too strict The normalizing was updated with the output of the "docker port" command in mind, but we're normalizing the "expected" output, which is passed without the "->" in front of the mapping, causing some tests to fail; === RUN TestDockerSuite/TestPortHostBinding --- FAIL: TestDockerSuite/TestPortHostBinding (1.21s) docker_cli_port_test.go:324: assertion failed: error is not nil: |:::9876!=[::]:9876| === RUN TestDockerSuite/TestPortList --- FAIL: TestDockerSuite/TestPortList (0.96s) docker_cli_port_test.go:25: assertion failed: error is not nil: |:::9876!=[::]:9876| Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c8599a6537016dc27d01f756c6747aa709554a45) Signed-off-by: Sebastiaan van Stijn --- integration-cli/docker_cli_port_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration-cli/docker_cli_port_test.go b/integration-cli/docker_cli_port_test.go index fbef608288315..46722ae471190 100644 --- a/integration-cli/docker_cli_port_test.go +++ b/integration-cli/docker_cli_port_test.go @@ -161,7 +161,7 @@ func assertPortList(c *testing.T, out string, expected []string) error { // of the CLI used an incorrect output format for mappings on IPv6 addresses // for example, "80/tcp -> :::80" instead of "80/tcp -> [::]:80". oldFormat := func(mapping string) string { - old := strings.Replace(mapping, "-> [", "-> ", 1) + old := strings.Replace(mapping, "[", "", 1) old = strings.Replace(old, "]:", ":", 1) return old } From 88470052e7d42f3dc774442241fd6bab817876f6 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 20 Jan 2021 17:48:05 +0100 Subject: [PATCH 077/252] vendor: docker/libnetwork b3507428be5b458cb0e2b4086b13531fb0706e46 full diff: https://github.com/docker/libnetwork/compare/fa125a3512ee0f6187721c88582bf8c4378bd4d7...b3507428be5b458cb0e2b4086b13531fb0706e46 - fixed IPv6 iptables rules for enabled firewalld (libnetwork#2609) - fixes "Docker uses 'iptables' instead of 'ip6tables' for IPv6 NAT rule, crashes" - Fix regression in docker-proxy - introduced in "Fix IPv6 Port Forwarding for the Bridge Driver" (libnetwork#2604) - fixes/addresses: "IPv4 and IPv6 addresses are not bound by default anymore" (libnetwork#2607) - fixes/addresses "IPv6 is no longer proxied by default anymore" (moby#41858) - Use hostIP to decide on Portmapper version - fixes docker-proxy not being stopped correctly Port mapping of containers now contain separatet mappings for IPv4 and IPv6 addresses, when listening on "any" IP address. Various tests had to be updated to take multiple mappings into account. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 045072826763e4f66dae721675761e00101867fa) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/proxy.installer | 2 +- integration-cli/docker_cli_port_test.go | 26 ++++++++++++++----- vendor.conf | 2 +- .../libnetwork/drivers/bridge/port_mapping.go | 25 +++++++++++------- .../docker/libnetwork/iptables/iptables.go | 8 +++++- 5 files changed, 45 insertions(+), 18 deletions(-) diff --git a/hack/dockerfile/install/proxy.installer b/hack/dockerfile/install/proxy.installer index a9562dfa8c4e3..b7ce672fadc47 100755 --- a/hack/dockerfile/install/proxy.installer +++ b/hack/dockerfile/install/proxy.installer @@ -3,7 +3,7 @@ # LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When # updating the binary version, consider updating github.com/docker/libnetwork # in vendor.conf accordingly -: "${LIBNETWORK_COMMIT:=fa125a3512ee0f6187721c88582bf8c4378bd4d7}" +: "${LIBNETWORK_COMMIT:=b3507428be5b458cb0e2b4086b13531fb0706e46}" install_proxy() { case "$1" in diff --git a/integration-cli/docker_cli_port_test.go b/integration-cli/docker_cli_port_test.go index 46722ae471190..dd41d9891fd35 100644 --- a/integration-cli/docker_cli_port_test.go +++ b/integration-cli/docker_cli_port_test.go @@ -20,13 +20,13 @@ func (s *DockerSuite) TestPortList(c *testing.T) { out, _ = dockerCmd(c, "port", firstID, "80") - err := assertPortList(c, out, []string{"0.0.0.0:9876"}) + err := assertPortList(c, out, []string{"0.0.0.0:9876", "[::]:9876"}) // Port list is not correct assert.NilError(c, err) out, _ = dockerCmd(c, "port", firstID) - err = assertPortList(c, out, []string{"80/tcp -> 0.0.0.0:9876"}) + err = assertPortList(c, out, []string{"80/tcp -> 0.0.0.0:9876", "80/tcp -> [::]:9876"}) // Port list is not correct assert.NilError(c, err) @@ -42,7 +42,7 @@ func (s *DockerSuite) TestPortList(c *testing.T) { out, _ = dockerCmd(c, "port", ID, "80") - err = assertPortList(c, out, []string{"0.0.0.0:9876"}) + err = assertPortList(c, out, []string{"0.0.0.0:9876", "[::]:9876"}) // Port list is not correct assert.NilError(c, err) @@ -50,8 +50,11 @@ func (s *DockerSuite) TestPortList(c *testing.T) { err = assertPortList(c, out, []string{ "80/tcp -> 0.0.0.0:9876", + "80/tcp -> [::]:9876", "81/tcp -> 0.0.0.0:9877", + "81/tcp -> [::]:9877", "82/tcp -> 0.0.0.0:9878", + "82/tcp -> [::]:9878", }) // Port list is not correct assert.NilError(c, err) @@ -69,7 +72,7 @@ func (s *DockerSuite) TestPortList(c *testing.T) { out, _ = dockerCmd(c, "port", ID, "80") - err = assertPortList(c, out, []string{"0.0.0.0:9876", "0.0.0.0:9999"}) + err = assertPortList(c, out, []string{"0.0.0.0:9876", "[::]:9876", "0.0.0.0:9999", "[::]:9999"}) // Port list is not correct assert.NilError(c, err) @@ -78,8 +81,12 @@ func (s *DockerSuite) TestPortList(c *testing.T) { err = assertPortList(c, out, []string{ "80/tcp -> 0.0.0.0:9876", "80/tcp -> 0.0.0.0:9999", + "80/tcp -> [::]:9876", + "80/tcp -> [::]:9999", "81/tcp -> 0.0.0.0:9877", + "81/tcp -> [::]:9877", "82/tcp -> 0.0.0.0:9878", + "82/tcp -> [::]:9878", }) // Port list is not correct assert.NilError(c, err) @@ -94,7 +101,10 @@ func (s *DockerSuite) TestPortList(c *testing.T) { out, _ = dockerCmd(c, "port", IDs[i]) - err = assertPortList(c, out, []string{fmt.Sprintf("80/tcp -> 0.0.0.0:%d", 9090+i)}) + err = assertPortList(c, out, []string{ + fmt.Sprintf("80/tcp -> 0.0.0.0:%d", 9090+i), + fmt.Sprintf("80/tcp -> [::]:%d", 9090+i), + }) // Port list is not correct assert.NilError(c, err) } @@ -127,9 +137,13 @@ func (s *DockerSuite) TestPortList(c *testing.T) { err = assertPortList(c, out, []string{ "80/tcp -> 0.0.0.0:9800", + "80/tcp -> [::]:9800", "81/tcp -> 0.0.0.0:9801", + "81/tcp -> [::]:9801", "82/tcp -> 0.0.0.0:9802", + "82/tcp -> [::]:9802", "83/tcp -> 0.0.0.0:9803", + "83/tcp -> [::]:9803", }) // Port list is not correct assert.NilError(c, err) @@ -305,7 +319,7 @@ func (s *DockerSuite) TestPortHostBinding(c *testing.T) { out, _ = dockerCmd(c, "port", firstID, "80") - err := assertPortList(c, out, []string{"0.0.0.0:9876"}) + err := assertPortList(c, out, []string{"0.0.0.0:9876", "[::]:9876"}) // Port list is not correct assert.NilError(c, err) diff --git a/vendor.conf b/vendor.conf index 68b4f8650d07d..8a72ad592321d 100644 --- a/vendor.conf +++ b/vendor.conf @@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware 3c51f7f332123e8be5a157c0802a # libnetwork # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly -github.com/docker/libnetwork fa125a3512ee0f6187721c88582bf8c4378bd4d7 +github.com/docker/libnetwork b3507428be5b458cb0e2b4086b13531fb0706e46 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec diff --git a/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go b/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go index 56a9271ea7449..946130ecdd0f9 100644 --- a/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go +++ b/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go @@ -49,8 +49,16 @@ func (n *bridgeNetwork) allocatePortsInternal(bindings []types.PortBinding, cont } bs = append(bs, bIPv4) } + // Allocate IPv6 Port mappings - if ok := n.validatePortBindingIPv6(&bIPv6, containerIPv6, defHostIP); ok { + // If the container has no IPv6 address, allow proxying host IPv6 traffic to it + // by setting up the binding with the IPv4 interface if the userland proxy is enabled + // This change was added to keep backward compatibility + containerIP := containerIPv6 + if ulPxyEnabled && (containerIPv6 == nil) { + containerIP = containerIPv4 + } + if ok := n.validatePortBindingIPv6(&bIPv6, containerIP, defHostIP); ok { if err := n.allocatePort(&bIPv6, ulPxyEnabled); err != nil { // On allocation failure, release previously allocated ports. On cleanup error, just log a warning message if cuErr := n.releasePortsInternal(bs); cuErr != nil { @@ -67,7 +75,7 @@ func (n *bridgeNetwork) allocatePortsInternal(bindings []types.PortBinding, cont // validatePortBindingIPv4 validates the port binding, populates the missing Host IP field and returns true // if this is a valid IPv4 binding, else returns false func (n *bridgeNetwork) validatePortBindingIPv4(bnd *types.PortBinding, containerIPv4, defHostIP net.IP) bool { - //Return early if there is a valid Host IP, but its not a IPv6 address + //Return early if there is a valid Host IP, but its not a IPv4 address if len(bnd.HostIP) > 0 && bnd.HostIP.To4() == nil { return false } @@ -85,10 +93,10 @@ func (n *bridgeNetwork) validatePortBindingIPv4(bnd *types.PortBinding, containe } // validatePortBindingIPv6 validates the port binding, populates the missing Host IP field and returns true -// if this is a valid IP6v binding, else returns false -func (n *bridgeNetwork) validatePortBindingIPv6(bnd *types.PortBinding, containerIPv6, defHostIP net.IP) bool { - // Return early if there is no IPv6 container endpoint - if containerIPv6 == nil { +// if this is a valid IPv6 binding, else returns false +func (n *bridgeNetwork) validatePortBindingIPv6(bnd *types.PortBinding, containerIP, defHostIP net.IP) bool { + // Return early if there is no container endpoint + if containerIP == nil { return false } // Return early if there is a valid Host IP, which is a IPv4 address @@ -108,9 +116,8 @@ func (n *bridgeNetwork) validatePortBindingIPv6(bnd *types.PortBinding, containe return false } } - bnd.IP = containerIPv6 + bnd.IP = containerIP return true - } func (n *bridgeNetwork) allocatePort(bnd *types.PortBinding, ulPxyEnabled bool) error { @@ -132,7 +139,7 @@ func (n *bridgeNetwork) allocatePort(bnd *types.PortBinding, ulPxyEnabled bool) portmapper := n.portMapper - if bnd.IP.To4() == nil { + if bnd.HostIP.To4() == nil { portmapper = n.portMapperV6 } diff --git a/vendor/github.com/docker/libnetwork/iptables/iptables.go b/vendor/github.com/docker/libnetwork/iptables/iptables.go index 20c35d46de3bb..9bd100f1e8f7e 100644 --- a/vendor/github.com/docker/libnetwork/iptables/iptables.go +++ b/vendor/github.com/docker/libnetwork/iptables/iptables.go @@ -512,8 +512,14 @@ func filterOutput(start time.Time, output []byte, args ...string) []byte { // Raw calls 'iptables' system command, passing supplied arguments. func (iptable IPTable) Raw(args ...string) ([]byte, error) { if firewalldRunning { + // select correct IP version for firewalld + ipv := Iptables + if iptable.Version == IPv6 { + ipv = IP6Tables + } + startTime := time.Now() - output, err := Passthrough(Iptables, args...) + output, err := Passthrough(ipv, args...) if err == nil || !strings.Contains(err.Error(), "was not provided by any .service files") { return filterOutput(startTime, output, args...), err } From 7022b1e12ebe7f220bd4bb57caa35bdb137920e7 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 30 Mar 2021 18:01:44 +0900 Subject: [PATCH 078/252] bump up rootlesskit to v0.14.1 Fix `DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=slirp4netns` regression. Full changes: https://github.com/rootless-containers/rootlesskit/compare/v0.14.0...v0.14.1 Signed-off-by: Akihiro Suda (cherry picked from commit 45021ee35472a62796cefb3f65a5b15efcde2d4c) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/rootlesskit.installer | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 74fdeee6c0c78..269987141dc73 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,7 @@ #!/bin/sh -# v0.14.0 -: "${ROOTLESSKIT_COMMIT:=81d7d047d09a5b93645817ec580181de7a984082}" +# v0.14.1 +: "${ROOTLESSKIT_COMMIT:=ed9b8c5cc48d29d0a979dae52a24f6e886795abd}" install_rootlesskit() { case "$1" in From e974cb638c384a45b5223f839d7c2bce7453f59c Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 1 Apr 2021 14:58:11 +0900 Subject: [PATCH 079/252] rootless: bind mount: fix "operation not permitted" The following was failing previously, because `getUnprivilegedMountFlags()` was not called: ```console $ sudo mount -t tmpfs -o noexec none /tmp/foo $ $ docker --context=rootless run -it --rm -v /tmp/foo:/mnt:ro alpine docker: Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:520: container init caused: rootfs_linux.go:60: mounting "/tmp/foo" to rootfs at "/home/suda/.local/share/docker/overlay2/b8e7ea02f6ef51247f7f10c7fb26edbfb308d2af8a2c77915260408ed3b0a8ec/merged/mnt" caused: operation not permitted: unknown. ``` Signed-off-by: Akihiro Suda (cherry picked from commit 248f98ef5ebacb9250fa9aefed671aa896ad5cdf) Signed-off-by: Akihiro Suda --- daemon/oci_linux.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go index 3ef7c9060f27f..948690fe9afec 100644 --- a/daemon/oci_linux.go +++ b/daemon/oci_linux.go @@ -648,7 +648,7 @@ func WithMounts(daemon *Daemon, c *container.Container) coci.SpecOpts { // "mount" when we bind-mount. The reason for this is that at the point // when runc sets up the root filesystem, it is already inside a user // namespace, and thus cannot change any flags that are locked. - if daemon.configStore.RemappedRoot != "" { + if daemon.configStore.RemappedRoot != "" || sys.RunningInUserNS() { unprivOpts, err := getUnprivilegedMountFlags(m.Source) if err != nil { return err From daae27bfce25550c88ee7cdaff03b014f5da14b9 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 23 Mar 2021 15:12:03 +0900 Subject: [PATCH 080/252] overlay2: call d.naiveDiff.ApplyDiff when useNaiveDiff==true Previously, `d.naiveDiff.ApplyDiff` was not used even when `useNaiveDiff()==true` Signed-off-by: Akihiro Suda (cherry picked from commit dd97134232b8ab58ca06369322ae74164affb86d) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlay2/overlay.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/graphdriver/overlay2/overlay.go b/daemon/graphdriver/overlay2/overlay.go index 38ce92caf73c9..64b0697de9780 100644 --- a/daemon/graphdriver/overlay2/overlay.go +++ b/daemon/graphdriver/overlay2/overlay.go @@ -678,7 +678,7 @@ func (d *Driver) isParent(id, parent string) bool { // ApplyDiff applies the new layer into a root func (d *Driver) ApplyDiff(id string, parent string, diff io.Reader) (size int64, err error) { - if !d.isParent(id, parent) { + if useNaiveDiff(d.home) || !d.isParent(id, parent) { return d.naiveDiff.ApplyDiff(id, parent, diff) } From 22dc1597b9ceb28fc4edd09517ad937c15ec2362 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 23 Mar 2021 15:17:10 +0900 Subject: [PATCH 081/252] overlay2: doesSupportNativeDiff: add fast path for userns When running in userns, returns error (i.e. "use naive, not native") immediately. No substantial change to the logic. Signed-off-by: Akihiro Suda (cherry picked from commit 67aa418df26f850be34b0536a3e32ba218d71bec) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlay2/check.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/daemon/graphdriver/overlay2/check.go b/daemon/graphdriver/overlay2/check.go index 003933be525e4..9641ed47ec380 100644 --- a/daemon/graphdriver/overlay2/check.go +++ b/daemon/graphdriver/overlay2/check.go @@ -10,6 +10,7 @@ import ( "path/filepath" "syscall" + "github.com/containerd/containerd/sys" "github.com/docker/docker/pkg/system" "github.com/pkg/errors" "golang.org/x/sys/unix" @@ -19,7 +20,14 @@ import ( // which copies up the opaque flag when copying up an opaque // directory or the kernel enable CONFIG_OVERLAY_FS_REDIRECT_DIR. // When these exist naive diff should be used. +// +// When running in a user namespace, returns errRunningInUserNS +// immediately. func doesSupportNativeDiff(d string) error { + if sys.RunningInUserNS() { + return errors.New("running in a user namespace") + } + td, err := ioutil.TempDir(d, "opaque-bug-check") if err != nil { return err From c1e7924f7cb85f1ee0ad168eb9d6b74790ef4b65 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 23 Mar 2021 15:22:23 +0900 Subject: [PATCH 082/252] archive: do not use overlayWhiteoutConverter for UserNS overlay2 no longer sets `archive.OverlayWhiteoutFormat` when running in UserNS, so we can remove the complicated logic in the archive package. Signed-off-by: Akihiro Suda (cherry picked from commit 6322dfc217a3c28ea4d7c66f43394146b3862801) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlay2/overlay.go | 4 +- pkg/archive/archive.go | 12 +- pkg/archive/archive_linux.go | 180 ++----------------------- pkg/archive/archive_linux_test.go | 131 ------------------ pkg/archive/archive_other.go | 4 +- 5 files changed, 22 insertions(+), 309 deletions(-) diff --git a/daemon/graphdriver/overlay2/overlay.go b/daemon/graphdriver/overlay2/overlay.go index 64b0697de9780..36a921a018884 100644 --- a/daemon/graphdriver/overlay2/overlay.go +++ b/daemon/graphdriver/overlay2/overlay.go @@ -15,7 +15,6 @@ import ( "strings" "sync" - "github.com/containerd/containerd/sys" "github.com/docker/docker/daemon/graphdriver" "github.com/docker/docker/daemon/graphdriver/overlayutils" "github.com/docker/docker/pkg/archive" @@ -682,6 +681,7 @@ func (d *Driver) ApplyDiff(id string, parent string, diff io.Reader) (size int64 return d.naiveDiff.ApplyDiff(id, parent, diff) } + // never reach here if we are running in UserNS applyDir := d.getDiffPath(id) logger.Debugf("Applying tar in %s", applyDir) @@ -690,7 +690,6 @@ func (d *Driver) ApplyDiff(id string, parent string, diff io.Reader) (size int64 UIDMaps: d.uidMaps, GIDMaps: d.gidMaps, WhiteoutFormat: archive.OverlayWhiteoutFormat, - InUserNS: sys.RunningInUserNS(), }); err != nil { return 0, err } @@ -721,6 +720,7 @@ func (d *Driver) Diff(id, parent string) (io.ReadCloser, error) { return d.naiveDiff.Diff(id, parent) } + // never reach here if we are running in UserNS diffPath := d.getDiffPath(id) logger.Debugf("Tar with options on %s", diffPath) return archive.TarWithOptions(diffPath, &archive.TarOptions{ diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go index 084a4fa07788e..8d14b7869337d 100644 --- a/pkg/archive/archive.go +++ b/pkg/archive/archive.go @@ -739,13 +739,18 @@ func TarWithOptions(srcPath string, options *TarOptions) (io.ReadCloser, error) return nil, err } + whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + if err != nil { + return nil, err + } + go func() { ta := newTarAppender( idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps), compressWriter, options.ChownOpts, ) - ta.WhiteoutConverter = getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + ta.WhiteoutConverter = whiteoutConverter defer func() { // Make sure to check the error on Close. @@ -903,7 +908,10 @@ func Unpack(decompressedArchive io.Reader, dest string, options *TarOptions) err var dirs []*tar.Header idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps) rootIDs := idMapping.RootPair() - whiteoutConverter := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS) + if err != nil { + return err + } // Iterate through the files in the archive. loop: diff --git a/pkg/archive/archive_linux.go b/pkg/archive/archive_linux.go index f7888e6599db6..0a3cc1f92bcc2 100644 --- a/pkg/archive/archive_linux.go +++ b/pkg/archive/archive_linux.go @@ -2,29 +2,26 @@ package archive // import "github.com/docker/docker/pkg/archive" import ( "archive/tar" - "fmt" - "io/ioutil" "os" "path/filepath" "strings" - "syscall" - "github.com/containerd/continuity/fs" "github.com/docker/docker/pkg/system" - "github.com/moby/sys/mount" "github.com/pkg/errors" "golang.org/x/sys/unix" ) -func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter { +func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) { if format == OverlayWhiteoutFormat { - return overlayWhiteoutConverter{inUserNS: inUserNS} + if inUserNS { + return nil, errors.New("specifying OverlayWhiteoutFormat is not allowed in userns") + } + return overlayWhiteoutConverter{}, nil } - return nil + return nil, nil } type overlayWhiteoutConverter struct { - inUserNS bool } func (overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi os.FileInfo) (wo *tar.Header, err error) { @@ -77,13 +74,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo if base == WhiteoutOpaqueDir { err := unix.Setxattr(dir, "trusted.overlay.opaque", []byte{'y'}, 0) if err != nil { - if c.inUserNS { - if err = replaceDirWithOverlayOpaque(dir); err != nil { - return false, errors.Wrapf(err, "replaceDirWithOverlayOpaque(%q) failed", dir) - } - } else { - return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir) - } + return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir) } // don't write the file itself return false, err @@ -95,19 +86,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo originalPath := filepath.Join(dir, originalBase) if err := unix.Mknod(originalPath, unix.S_IFCHR, 0); err != nil { - if c.inUserNS { - // Ubuntu and a few distros support overlayfs in userns. - // - // Although we can't call mknod directly in userns (at least on bionic kernel 4.15), - // we can still create 0,0 char device using mknodChar0Overlay(). - // - // NOTE: we don't need this hack for the containerd snapshotter+unpack model. - if err := mknodChar0Overlay(originalPath); err != nil { - return false, errors.Wrapf(err, "failed to mknodChar0UserNS(%q)", originalPath) - } - } else { - return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath) - } + return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath) } if err := os.Chown(originalPath, hdr.Uid, hdr.Gid); err != nil { return false, err @@ -119,146 +98,3 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo return true, nil } - -// mknodChar0Overlay creates 0,0 char device by mounting overlayfs and unlinking. -// This function can be used for creating 0,0 char device in userns on Ubuntu. -// -// Steps: -// * Mkdir lower,upper,merged,work -// * Create lower/dummy -// * Mount overlayfs -// * Unlink merged/dummy -// * Unmount overlayfs -// * Make sure a 0,0 char device is created as upper/dummy -// * Rename upper/dummy to cleansedOriginalPath -func mknodChar0Overlay(cleansedOriginalPath string) error { - dir := filepath.Dir(cleansedOriginalPath) - tmp, err := ioutil.TempDir(dir, "mc0o") - if err != nil { - return errors.Wrapf(err, "failed to create a tmp directory under %s", dir) - } - defer os.RemoveAll(tmp) - lower := filepath.Join(tmp, "l") - upper := filepath.Join(tmp, "u") - work := filepath.Join(tmp, "w") - merged := filepath.Join(tmp, "m") - for _, s := range []string{lower, upper, work, merged} { - if err := os.MkdirAll(s, 0700); err != nil { - return errors.Wrapf(err, "failed to mkdir %s", s) - } - } - dummyBase := "d" - lowerDummy := filepath.Join(lower, dummyBase) - if err := ioutil.WriteFile(lowerDummy, []byte{}, 0600); err != nil { - return errors.Wrapf(err, "failed to create a dummy lower file %s", lowerDummy) - } - // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 - lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) - if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil { - return err - } - mergedDummy := filepath.Join(merged, dummyBase) - if err := os.Remove(mergedDummy); err != nil { - syscall.Unmount(merged, 0) - return errors.Wrapf(err, "failed to unlink %s", mergedDummy) - } - if err := syscall.Unmount(merged, 0); err != nil { - return errors.Wrapf(err, "failed to unmount %s", merged) - } - upperDummy := filepath.Join(upper, dummyBase) - if err := isChar0(upperDummy); err != nil { - return err - } - if err := os.Rename(upperDummy, cleansedOriginalPath); err != nil { - return errors.Wrapf(err, "failed to rename %s to %s", upperDummy, cleansedOriginalPath) - } - return nil -} - -func isChar0(path string) error { - osStat, err := os.Stat(path) - if err != nil { - return errors.Wrapf(err, "failed to stat %s", path) - } - st, ok := osStat.Sys().(*syscall.Stat_t) - if !ok { - return errors.Errorf("got unsupported stat for %s", path) - } - if os.FileMode(st.Mode)&syscall.S_IFMT != syscall.S_IFCHR { - return errors.Errorf("%s is not a character device, got mode=%d", path, st.Mode) - } - if st.Rdev != 0 { - return errors.Errorf("%s is not a 0,0 character device, got Rdev=%d", path, st.Rdev) - } - return nil -} - -// replaceDirWithOverlayOpaque replaces path with a new directory with trusted.overlay.opaque -// xattr. The contents of the directory are preserved. -func replaceDirWithOverlayOpaque(path string) error { - if path == "/" { - return errors.New("replaceDirWithOverlayOpaque: path must not be \"/\"") - } - dir := filepath.Dir(path) - tmp, err := ioutil.TempDir(dir, "rdwoo") - if err != nil { - return errors.Wrapf(err, "failed to create a tmp directory under %s", dir) - } - defer os.RemoveAll(tmp) - // newPath is a new empty directory crafted with trusted.overlay.opaque xattr. - // we copy the content of path into newPath, remove path, and rename newPath to path. - newPath, err := createDirWithOverlayOpaque(tmp) - if err != nil { - return errors.Wrapf(err, "createDirWithOverlayOpaque(%q) failed", tmp) - } - if err := fs.CopyDir(newPath, path); err != nil { - return errors.Wrapf(err, "CopyDir(%q, %q) failed", newPath, path) - } - if err := os.RemoveAll(path); err != nil { - return err - } - return os.Rename(newPath, path) -} - -// createDirWithOverlayOpaque creates a directory with trusted.overlay.opaque xattr, -// without calling setxattr, so as to allow creating opaque dir in userns on Ubuntu. -func createDirWithOverlayOpaque(tmp string) (string, error) { - lower := filepath.Join(tmp, "l") - upper := filepath.Join(tmp, "u") - work := filepath.Join(tmp, "w") - merged := filepath.Join(tmp, "m") - for _, s := range []string{lower, upper, work, merged} { - if err := os.MkdirAll(s, 0700); err != nil { - return "", errors.Wrapf(err, "failed to mkdir %s", s) - } - } - dummyBase := "d" - lowerDummy := filepath.Join(lower, dummyBase) - if err := os.MkdirAll(lowerDummy, 0700); err != nil { - return "", errors.Wrapf(err, "failed to create a dummy lower directory %s", lowerDummy) - } - // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286 - lowerEscaped := strings.ReplaceAll(lower, ":", "\\:") - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work) - if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil { - return "", err - } - mergedDummy := filepath.Join(merged, dummyBase) - if err := os.Remove(mergedDummy); err != nil { - syscall.Unmount(merged, 0) - return "", errors.Wrapf(err, "failed to rmdir %s", mergedDummy) - } - // upperDummy becomes a 0,0-char device file here - if err := os.Mkdir(mergedDummy, 0700); err != nil { - syscall.Unmount(merged, 0) - return "", errors.Wrapf(err, "failed to mkdir %s", mergedDummy) - } - // upperDummy becomes a directory with trusted.overlay.opaque xattr - // (but can't be verified in userns) - if err := syscall.Unmount(merged, 0); err != nil { - return "", errors.Wrapf(err, "failed to unmount %s", merged) - } - upperDummy := filepath.Join(upper, dummyBase) - return upperDummy, nil -} diff --git a/pkg/archive/archive_linux_test.go b/pkg/archive/archive_linux_test.go index 3643bc5932e76..800fda61ebf33 100644 --- a/pkg/archive/archive_linux_test.go +++ b/pkg/archive/archive_linux_test.go @@ -1,19 +1,14 @@ package archive // import "github.com/docker/docker/pkg/archive" import ( - "fmt" "io/ioutil" "os" - "os/exec" "path/filepath" "syscall" "testing" "github.com/containerd/containerd/sys" - "github.com/docker/docker/pkg/reexec" "github.com/docker/docker/pkg/system" - "github.com/moby/sys/mount" - "github.com/pkg/errors" "golang.org/x/sys/unix" "gotest.tools/v3/assert" "gotest.tools/v3/skip" @@ -167,129 +162,3 @@ func TestOverlayTarAUFSUntar(t *testing.T) { checkFileMode(t, filepath.Join(dst, "d2", "f1"), 0660) checkFileMode(t, filepath.Join(dst, "d3", WhiteoutPrefix+"f1"), 0600) } - -func unshareCmd(cmd *exec.Cmd) { - cmd.SysProcAttr = &syscall.SysProcAttr{ - Cloneflags: syscall.CLONE_NEWUSER | syscall.CLONE_NEWNS, - UidMappings: []syscall.SysProcIDMap{ - { - ContainerID: 0, - HostID: os.Geteuid(), - Size: 1, - }, - }, - GidMappings: []syscall.SysProcIDMap{ - { - ContainerID: 0, - HostID: os.Getegid(), - Size: 1, - }, - }, - } -} - -const ( - reexecSupportsUserNSOverlay = "docker-test-supports-userns-overlay" - reexecMknodChar0 = "docker-test-userns-mknod-char0" - reexecSetOpaque = "docker-test-userns-set-opaque" -) - -func supportsOverlay(dir string) error { - lower := filepath.Join(dir, "l") - upper := filepath.Join(dir, "u") - work := filepath.Join(dir, "w") - merged := filepath.Join(dir, "m") - for _, s := range []string{lower, upper, work, merged} { - if err := os.MkdirAll(s, 0700); err != nil { - return err - } - } - mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lower, upper, work) - if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil { - return err - } - if err := mount.Unmount(merged); err != nil { - return err - } - return nil -} - -// supportsUserNSOverlay returns nil error if overlay is supported in userns. -// Only Ubuntu and a few distros support overlay in userns (by patching the kernel). -// https://lists.ubuntu.com/archives/kernel-team/2014-February/038091.html -// As of kernel 4.19, the patch is not merged to the upstream. -func supportsUserNSOverlay() error { - tmp, err := ioutil.TempDir("", "docker-test-supports-userns-overlay") - if err != nil { - return err - } - defer os.RemoveAll(tmp) - cmd := reexec.Command(reexecSupportsUserNSOverlay, tmp) - unshareCmd(cmd) - out, err := cmd.CombinedOutput() - if err != nil { - return errors.Wrapf(err, "output: %q", string(out)) - } - return nil -} - -// isOpaque returns nil error if the dir has trusted.overlay.opaque=y. -// isOpaque needs to be called in the initial userns. -func isOpaque(dir string) error { - xattrOpaque, err := system.Lgetxattr(dir, "trusted.overlay.opaque") - if err != nil { - return errors.Wrapf(err, "failed to read opaque flag of %s", dir) - } - if string(xattrOpaque) != "y" { - return errors.Errorf("expected \"y\", got %q", string(xattrOpaque)) - } - return nil -} - -func TestReexecUserNSOverlayWhiteoutConverter(t *testing.T) { - skip.If(t, os.Getuid() != 0, "skipping test that requires root") - skip.If(t, sys.RunningInUserNS(), "skipping test that requires initial userns") - if err := supportsUserNSOverlay(); err != nil { - t.Skipf("skipping test that requires kernel support for overlay-in-userns: %v", err) - } - tmp, err := ioutil.TempDir("", "docker-test-userns-overlay") - assert.NilError(t, err) - defer os.RemoveAll(tmp) - - char0 := filepath.Join(tmp, "char0") - cmd := reexec.Command(reexecMknodChar0, char0) - unshareCmd(cmd) - out, err := cmd.CombinedOutput() - assert.NilError(t, err, string(out)) - assert.NilError(t, isChar0(char0)) - - opaqueDir := filepath.Join(tmp, "opaquedir") - err = os.MkdirAll(opaqueDir, 0755) - assert.NilError(t, err, string(out)) - cmd = reexec.Command(reexecSetOpaque, opaqueDir) - unshareCmd(cmd) - out, err = cmd.CombinedOutput() - assert.NilError(t, err, string(out)) - assert.NilError(t, isOpaque(opaqueDir)) -} - -func init() { - reexec.Register(reexecSupportsUserNSOverlay, func() { - if err := supportsOverlay(os.Args[1]); err != nil { - panic(err) - } - }) - reexec.Register(reexecMknodChar0, func() { - if err := mknodChar0Overlay(os.Args[1]); err != nil { - panic(err) - } - }) - reexec.Register(reexecSetOpaque, func() { - if err := replaceDirWithOverlayOpaque(os.Args[1]); err != nil { - panic(err) - } - }) - if reexec.Init() { - os.Exit(0) - } -} diff --git a/pkg/archive/archive_other.go b/pkg/archive/archive_other.go index 65a73354c429b..2a3dc95398e7c 100644 --- a/pkg/archive/archive_other.go +++ b/pkg/archive/archive_other.go @@ -2,6 +2,6 @@ package archive // import "github.com/docker/docker/pkg/archive" -func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter { - return nil +func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) { + return nil, nil } From d22dde8eb17858f421eb34d2f77f3a2d85fd891a Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 23 Mar 2021 18:11:35 +0900 Subject: [PATCH 083/252] rootless: fix getCurrentOOMScoreAdj `getCurrentOOMScoreAdj()` was broken because `strconv.Atoi()` was called without trimming "\n". Fix issue 40068: `rootless docker in kubernetes: "getting the final child's pid from pipe caused \"EOF\": unknown" Signed-off-by: Akihiro Suda (cherry picked from commit d6ddfb611815f52ac19c10c3af6a3f945b05105e) Signed-off-by: Sebastiaan van Stijn --- rootless/specconv/specconv_linux.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/rootless/specconv/specconv_linux.go b/rootless/specconv/specconv_linux.go index 9416076fb74f7..7cb9e2f6b3a9c 100644 --- a/rootless/specconv/specconv_linux.go +++ b/rootless/specconv/specconv_linux.go @@ -3,8 +3,10 @@ package specconv // import "github.com/docker/docker/rootless/specconv" import ( "io/ioutil" "strconv" + "strings" specs "github.com/opencontainers/runtime-spec/specs-go" + "github.com/sirupsen/logrus" ) // ToRootless converts spec to be compatible with "rootless" runc. @@ -19,10 +21,13 @@ func ToRootless(spec *specs.Spec, v2Controllers []string) error { func getCurrentOOMScoreAdj() int { b, err := ioutil.ReadFile("/proc/self/oom_score_adj") if err != nil { + logrus.WithError(err).Warn("failed to read /proc/self/oom_score_adj") return 0 } - i, err := strconv.Atoi(string(b)) + s := string(b) + i, err := strconv.Atoi(strings.TrimSpace(s)) if err != nil { + logrus.WithError(err).Warnf("failed to parse /proc/self/oom_score_adj (%q)", s) return 0 } return i From 8088859bab3cdf62426833ecee85b1aa08ebde32 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 25 Mar 2021 18:56:23 +0900 Subject: [PATCH 084/252] btrfs: Allow unprivileged user to delete subvolumes (kernel >= 4.18) Fix issue 41762 Cherry-pick "drivers: btrfs: Allow unprivileged user to delete subvolumes" from containers/storage https://github.com/containers/storage/pull/508/commits/831e32b6bdcb530acc4c1cb9059d3c6dba14208c > In btrfs, subvolume can be deleted by IOC_SNAP_DESTROY ioctl but there > is one catch: unprivileged IOC_SNAP_DESTROY call is restricted by default. > > This is because IOC_SNAP_DESTROY only performs permission checks on > the top directory(subvolume) and unprivileged user might delete dirs/files > which cannot be deleted otherwise. This restriction can be relaxed if > user_subvol_rm_allowed mount option is used. > > Although the above ioctl had been the only way to delete a subvolume, > btrfs now allows deletion of subvolume just like regular directory > (i.e. rmdir sycall) since kernel 4.18. > > So if we fail to cleanup subvolume in subvolDelete(), just fallback to > system.EnsureRmoveall() to try to cleanup subvolumes again. > (Note: quota needs privilege, so if quota is enabled we do not fallback) > > This fix will allow non-privileged container works with btrfs backend. Signed-off-by: Akihiro Suda (cherry picked from commit 62b5194f627571c019907edb11bb7bc2edd59933) Signed-off-by: Akihiro Suda --- daemon/graphdriver/btrfs/btrfs.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go index f9127472f8b0f..0499489d16e60 100644 --- a/daemon/graphdriver/btrfs/btrfs.go +++ b/daemon/graphdriver/btrfs/btrfs.go @@ -633,7 +633,14 @@ func (d *Driver) Remove(id string) error { d.updateQuotaStatus() if err := subvolDelete(d.subvolumesDir(), id, d.quotaEnabled); err != nil { - return err + if d.quotaEnabled { + return err + } + // If quota is not enabled, fallback to rmdir syscall to delete subvolumes. + // This would allow unprivileged user to delete their owned subvolumes + // in kernel >= 4.18 without user_subvol_rm_allowed mount option. + // + // From https://github.com/containers/storage/pull/508/commits/831e32b6bdcb530acc4c1cb9059d3c6dba14208c } if err := system.EnsureRemoveAll(dir); err != nil { return err From 60310e240901165c0bd550d429c2dc500ddcac51 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Fri, 26 Mar 2021 22:07:41 +0000 Subject: [PATCH 085/252] Use docker media type for plugin layers This was changed as part of a refactor to use containerd dist code. The problem is the OCI media types are not compatible with older versions of Docker. Signed-off-by: Brian Goff (cherry picked from commit a876ede24f4c6e13717f56897fb34f6c73914602) Signed-off-by: Brian Goff --- integration/plugin/common/plugin_test.go | 63 ++++++++++++++++++++++++ plugin/backend_linux.go | 2 +- 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/integration/plugin/common/plugin_test.go b/integration/plugin/common/plugin_test.go index 055381dcfb5fe..a5568cca9136d 100644 --- a/integration/plugin/common/plugin_test.go +++ b/integration/plugin/common/plugin_test.go @@ -15,12 +15,17 @@ import ( "strings" "testing" + "github.com/containerd/containerd/images" + "github.com/containerd/containerd/remotes/docker" "github.com/docker/docker/api/types" + "github.com/docker/docker/pkg/jsonmessage" "github.com/docker/docker/testutil/daemon" "github.com/docker/docker/testutil/fixtures/plugin" "github.com/docker/docker/testutil/registry" "github.com/docker/docker/testutil/request" + v1 "github.com/opencontainers/image-spec/specs-go/v1" "gotest.tools/v3/assert" + "gotest.tools/v3/assert/cmp" is "gotest.tools/v3/assert/cmp" "gotest.tools/v3/skip" ) @@ -223,3 +228,61 @@ func TestPluginsWithRuntimes(t *testing.T) { assert.NilError(t, err) }) } + +func TestPluginBackCompatMediaTypes(t *testing.T) { + skip.If(t, testEnv.IsRemoteDaemon, "cannot run daemon when remote daemon") + skip.If(t, testEnv.OSType == "windows") + skip.If(t, testEnv.IsRootless, "Rootless has a different view of localhost (needed for test registry access)") + + defer setupTest(t)() + + reg := registry.NewV2(t) + defer reg.Close() + reg.WaitReady(t) + + repo := path.Join(registry.DefaultURL, strings.ToLower(t.Name())+":latest") + + client := testEnv.APIClient() + + ctx := context.Background() + assert.NilError(t, plugin.Create(ctx, client, repo)) + + rdr, err := client.PluginPush(ctx, repo, "") + assert.NilError(t, err) + defer rdr.Close() + + buf := &strings.Builder{} + assert.NilError(t, jsonmessage.DisplayJSONMessagesStream(rdr, buf, 0, false, nil), buf) + + // Use custom header here because older versions of the registry do not + // parse the accept header correctly and does not like the accept header + // that the default resolver code uses. "Older registries" here would be + // like the one currently included in the test suite. + headers := http.Header{} + headers.Add("Accept", images.MediaTypeDockerSchema2Manifest) + + resolver := docker.NewResolver(docker.ResolverOptions{ + Headers: headers, + }) + assert.NilError(t, err) + + n, desc, err := resolver.Resolve(ctx, repo) + assert.NilError(t, err, repo) + + fetcher, err := resolver.Fetcher(ctx, n) + assert.NilError(t, err) + + rdr, err = fetcher.Fetch(ctx, desc) + assert.NilError(t, err) + defer rdr.Close() + + type manifest struct { + MediaType string + v1.Manifest + } + var m manifest + assert.NilError(t, json.NewDecoder(rdr).Decode(&m)) + assert.Check(t, cmp.Equal(m.MediaType, images.MediaTypeDockerSchema2Manifest)) + assert.Check(t, cmp.Len(m.Layers, 1)) + assert.Check(t, cmp.Equal(m.Layers[0].MediaType, images.MediaTypeDockerSchema2LayerGzip)) +} diff --git a/plugin/backend_linux.go b/plugin/backend_linux.go index 7bb3c4257db81..88ab8b38e750b 100644 --- a/plugin/backend_linux.go +++ b/plugin/backend_linux.go @@ -492,7 +492,7 @@ func buildManifest(ctx context.Context, s content.Manager, config digest.Digest, return m, errors.Wrapf(err, "error fetching info for content digest %s", l) } m.Layers = append(m.Layers, specs.Descriptor{ - MediaType: specs.MediaTypeImageLayerGzip, // TODO: This is assuming everything is a gzip compressed layer, but that may not be true. + MediaType: images.MediaTypeDockerSchema2LayerGzip, // TODO: This is assuming everything is a gzip compressed layer, but that may not be true. Digest: l, Size: info.Size, }) From 29ff2af2d374b0a5b15fa8d01a43b140910bfff6 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 3 Apr 2021 19:24:12 +0200 Subject: [PATCH 086/252] Fix flaky TestInspect This test has been flaky for a long time, failing with: --- FAIL: TestInspect (12.04s) inspect_test.go:39: timeout hit after 10s: waiting for tasks to enter run state. task failed with error: task: non-zero exit (1) While looking through logs, noticed tasks were started, entering RUNNING stage, and then exited, to be started again. state.transition="STARTING->RUNNING" ... msg="fatal task error" error="task: non-zero exit (1)" ... state.transition="RUNNING->FAILED" Looking for possible reasons, first considering network issues (possibly we ran out of IP addresses or networking not cleaned up), then I spotted the issue. The service is started with; Command: []string{"/bin/top"}, Args: []string{"-u", "root"}, The `-u root` is not an argument for the service, but for `/bin/top`. While the Ubuntu/Debian/GNU version `top` has a -u/-U option; docker run --rm ubuntu:20.04 top -h 2>&1 | grep '\-u' top -hv | -bcEHiOSs1 -d secs -n max -u|U user -p pid(s) -o field -w [cols] The *busybox* version of top does not: docker run --rm busybox top --help 2>&1 | grep '\-u' So running `top -u root` would cause the task to fail; docker run --rm busybox top -u root top: invalid option -- u ... echo $? 1 As a result, the service went into a crash-loop, and because the `poll.WaitOn()` was running with a short interval, in many cases would _just_ find the RUNNING state, perform the `service inspect`, and pass, but in other cases, it would not be that lucky, and continue polling untill we reached the 10 seconds timeout, and mark the test as failed. Looking for history of this option (was it previously using a different image?) I found this was added in 6cd6d8646a90fa2013416bc8f11bd78d72c4180d, but probably just missed during review. Given that the option is only set to have "something" to inspect, I replaced the `-u root` with `-d 5`, which makes top refresh with a 5 second interval. Note that there is another test (`TestServiceListWithStatuses) that uses the same spec, however, that test is skipped based on API version of the test-daemon, and (to be looked into), when performing that check, no API version is known, causing the test to (always?) be skipped: === RUN TestServiceListWithStatuses --- SKIP: TestServiceListWithStatuses (0.00s) list_test.go:34: versions.LessThan(testEnv.DaemonInfo.ServerVersion, "1.41") Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 00cb3073f4bfe7a24302aba8df87b37a33c99697) Signed-off-by: Sebastiaan van Stijn --- integration/service/inspect_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration/service/inspect_test.go b/integration/service/inspect_test.go index 7b6d6ff116306..5d8f12dbc34a3 100644 --- a/integration/service/inspect_test.go +++ b/integration/service/inspect_test.go @@ -88,7 +88,7 @@ func fullSwarmServiceSpec(name string, replicas uint64) swarmtypes.ServiceSpec { Image: "busybox:latest", Labels: map[string]string{"container-label": "container-value"}, Command: []string{"/bin/top"}, - Args: []string{"-u", "root"}, + Args: []string{"-d", "5"}, Hostname: "hostname", Env: []string{"envvar=envvalue"}, Dir: "/work", From f2c0b3688a572fa0588132317ea1e276fef44203 Mon Sep 17 00:00:00 2001 From: Stefan Scherer Date: Tue, 30 Mar 2021 12:20:40 +0200 Subject: [PATCH 087/252] Pin arm64 machines to a specific Ubuntu version Signed-off-by: Stefan Scherer (cherry picked from commit b7c3548c82218415778c1ccd8a12a9ca694f0c21) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 03a35720f6ab7..68e73a364a9fd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -939,7 +939,7 @@ pipeline { beforeAgent true expression { params.arm64 } } - agent { label 'arm64 && linux' } + agent { label 'arm64 && ubuntu-2004' } environment { TEST_SKIP_INTEGRATION_CLI = '1' } From 255c79a1e823b422ec661df05e31e9a3d85caf64 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 16 Feb 2021 17:53:41 +0900 Subject: [PATCH 088/252] Move cgroup v2 out of experimental We have upgraded runc to rc93 and added CI for cgroup 2. So we can move cgroup v2 out of experimental. Fix issue 41916 Signed-off-by: Akihiro Suda (cherry picked from commit 1d2a66009335f682ccb2539360d4259ed778daee) Signed-off-by: Akihiro Suda --- daemon/info_unix.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/daemon/info_unix.go b/daemon/info_unix.go index 56c920990b233..73d5663679bf6 100644 --- a/daemon/info_unix.go +++ b/daemon/info_unix.go @@ -122,9 +122,6 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) if !v.CPUSet { v.Warnings = append(v.Warnings, "WARNING: No cpuset support") } - if v.CgroupVersion == "2" { - v.Warnings = append(v.Warnings, "WARNING: Support for cgroup v2 is experimental") - } // TODO add fields for these options in types.Info if !sysInfo.BlkioWeight && v.CgroupVersion == "2" { // blkio weight is not available on cgroup v1 since kernel 5.0. From 404ede5737402fbead9a78216252f7ee2b7bc660 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Wed, 14 Apr 2021 18:37:13 +0000 Subject: [PATCH 089/252] Bump hcsshim for error details fix Signed-off-by: Brian Goff --- vendor.conf | 2 +- vendor/github.com/Microsoft/hcsshim/errors.go | 12 +--- .../Microsoft/hcsshim/internal/hcs/errors.go | 7 +- .../Microsoft/hcsshim/internal/hcs/system.go | 64 +++++++++---------- 4 files changed, 37 insertions(+), 48 deletions(-) diff --git a/vendor.conf b/vendor.conf index 8a72ad592321d..7fd409d154908 100644 --- a/vendor.conf +++ b/vendor.conf @@ -1,5 +1,5 @@ github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109 -github.com/Microsoft/hcsshim 9dcb42f100215f8d375b4a9265e5bba009217a85 # moby branch +github.com/Microsoft/hcsshim 89a9a3b524264d34985f1d48793ab2b2d2e430f6 # moby branch github.com/Microsoft/go-winio 5b44b70ab3ab4d291a7c1d28afe7b4afeced0ed4 # v0.4.15 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a github.com/golang/gddo 72a348e765d293ed6d1ded7b699591f14d6cd921 diff --git a/vendor/github.com/Microsoft/hcsshim/errors.go b/vendor/github.com/Microsoft/hcsshim/errors.go index 63efa23c7a4e8..9c88c70c9a046 100644 --- a/vendor/github.com/Microsoft/hcsshim/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/errors.go @@ -83,7 +83,6 @@ type NetworkNotFoundError = hns.NetworkNotFoundError type ProcessError struct { Process *process Operation string - ExtraInfo string Err error Events []hcs.ErrorEvent } @@ -92,7 +91,6 @@ type ProcessError struct { type ContainerError struct { Container *container Operation string - ExtraInfo string Err error Events []hcs.ErrorEvent } @@ -125,10 +123,6 @@ func (e *ContainerError) Error() string { s += "\n" + ev.String() } - if e.ExtraInfo != "" { - s += " extra info: " + e.ExtraInfo - } - return s } @@ -137,7 +131,7 @@ func makeContainerError(container *container, operation string, extraInfo string if _, ok := err.(*ContainerError); ok { return err } - containerError := &ContainerError{Container: container, Operation: operation, ExtraInfo: extraInfo, Err: err} + containerError := &ContainerError{Container: container, Operation: operation, Err: err} return containerError } @@ -176,7 +170,7 @@ func makeProcessError(process *process, operation string, extraInfo string, err if _, ok := err.(*ProcessError); ok { return err } - processError := &ProcessError{Process: process, Operation: operation, ExtraInfo: extraInfo, Err: err} + processError := &ProcessError{Process: process, Operation: operation, Err: err} return processError } @@ -244,7 +238,7 @@ func getInnerError(err error) error { func convertSystemError(err error, c *container) error { if serr, ok := err.(*hcs.SystemError); ok { - return &ContainerError{Container: c, Operation: serr.Op, ExtraInfo: serr.Extra, Err: serr.Err, Events: serr.Events} + return &ContainerError{Container: c, Operation: serr.Op, Err: serr.Err, Events: serr.Events} } return err } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go index 9a4705a4945da..d083880b1104a 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go @@ -171,7 +171,6 @@ type SystemError struct { ID string Op string Err error - Extra string Events []ErrorEvent } @@ -182,9 +181,6 @@ func (e *SystemError) Error() string { for _, ev := range e.Events { s += "\n" + ev.String() } - if e.Extra != "" { - s += "\n(extra info: " + e.Extra + ")" - } return s } @@ -198,7 +194,7 @@ func (e *SystemError) Timeout() bool { return ok && err.Timeout() } -func makeSystemError(system *System, op string, extra string, err error, events []ErrorEvent) error { +func makeSystemError(system *System, op string, err error, events []ErrorEvent) error { // Don't double wrap errors if _, ok := err.(*SystemError); ok { return err @@ -206,7 +202,6 @@ func makeSystemError(system *System, op string, extra string, err error, events return &SystemError{ ID: system.ID(), Op: op, - Extra: extra, Err: err, Events: events, } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go index 67a5f7176f3b0..f21dc32f98757 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go @@ -75,7 +75,7 @@ func CreateComputeSystem(ctx context.Context, id string, hcsDocumentInterface in // Terminate the compute system if it still exists. We're okay to // ignore a failure here. computeSystem.Terminate(ctx) - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } } @@ -86,7 +86,7 @@ func CreateComputeSystem(ctx context.Context, id string, hcsDocumentInterface in // ignore a failure here. computeSystem.Terminate(ctx) } - return nil, makeSystemError(computeSystem, operation, hcsDocument, err, events) + return nil, makeSystemError(computeSystem, operation, err, events) } go computeSystem.waitBackground() if err = computeSystem.getCachedProperties(ctx); err != nil { @@ -103,7 +103,7 @@ func OpenComputeSystem(ctx context.Context, id string) (*System, error) { handle, resultJSON, err := vmcompute.HcsOpenComputeSystem(ctx, id) events := processHcsResult(ctx, resultJSON) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, events) + return nil, makeSystemError(computeSystem, operation, err, events) } computeSystem.handle = handle defer func() { @@ -112,7 +112,7 @@ func OpenComputeSystem(ctx context.Context, id string) (*System, error) { } }() if err = computeSystem.registerCallback(ctx); err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } go computeSystem.waitBackground() if err = computeSystem.getCachedProperties(ctx); err != nil { @@ -188,13 +188,13 @@ func (computeSystem *System) Start(ctx context.Context) (err error) { defer computeSystem.handleLock.RUnlock() if computeSystem.handle == 0 { - return makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } resultJSON, err := vmcompute.HcsStartComputeSystem(ctx, computeSystem.handle, "") events, err := processAsyncHcsResult(ctx, err, resultJSON, computeSystem.callbackNumber, hcsNotificationSystemStartCompleted, &timeout.SystemStart) if err != nil { - return makeSystemError(computeSystem, operation, "", err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil @@ -221,7 +221,7 @@ func (computeSystem *System) Shutdown(ctx context.Context) error { switch err { case nil, ErrVmcomputeAlreadyStopped, ErrComputeSystemDoesNotExist, ErrVmcomputeOperationPending: default: - return makeSystemError(computeSystem, operation, "", err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil } @@ -242,7 +242,7 @@ func (computeSystem *System) Terminate(ctx context.Context) error { switch err { case nil, ErrVmcomputeAlreadyStopped, ErrComputeSystemDoesNotExist, ErrVmcomputeOperationPending: default: - return makeSystemError(computeSystem, operation, "", err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil } @@ -264,10 +264,10 @@ func (computeSystem *System) waitBackground() { log.G(ctx).Debug("system exited") case ErrVmcomputeUnexpectedExit: log.G(ctx).Debug("unexpected system exit") - computeSystem.exitError = makeSystemError(computeSystem, operation, "", err, nil) + computeSystem.exitError = makeSystemError(computeSystem, operation, err, nil) err = nil default: - err = makeSystemError(computeSystem, operation, "", err, nil) + err = makeSystemError(computeSystem, operation, err, nil) } computeSystem.closedWaitOnce.Do(func() { computeSystem.waitError = err @@ -305,13 +305,13 @@ func (computeSystem *System) Properties(ctx context.Context, types ...schema1.Pr queryBytes, err := json.Marshal(schema1.PropertyQuery{PropertyTypes: types}) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } propertiesJSON, resultJSON, err := vmcompute.HcsGetComputeSystemProperties(ctx, computeSystem.handle, string(queryBytes)) events := processHcsResult(ctx, resultJSON) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, events) + return nil, makeSystemError(computeSystem, operation, err, events) } if propertiesJSON == "" { @@ -319,7 +319,7 @@ func (computeSystem *System) Properties(ctx context.Context, types ...schema1.Pr } properties := &schema1.ContainerProperties{} if err := json.Unmarshal([]byte(propertiesJSON), properties); err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } return properties, nil @@ -334,13 +334,13 @@ func (computeSystem *System) PropertiesV2(ctx context.Context, types ...hcsschem queryBytes, err := json.Marshal(hcsschema.PropertyQuery{PropertyTypes: types}) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } propertiesJSON, resultJSON, err := vmcompute.HcsGetComputeSystemProperties(ctx, computeSystem.handle, string(queryBytes)) events := processHcsResult(ctx, resultJSON) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, events) + return nil, makeSystemError(computeSystem, operation, err, events) } if propertiesJSON == "" { @@ -348,7 +348,7 @@ func (computeSystem *System) PropertiesV2(ctx context.Context, types ...hcsschem } properties := &hcsschema.Properties{} if err := json.Unmarshal([]byte(propertiesJSON), properties); err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } return properties, nil @@ -369,13 +369,13 @@ func (computeSystem *System) Pause(ctx context.Context) (err error) { defer computeSystem.handleLock.RUnlock() if computeSystem.handle == 0 { - return makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } resultJSON, err := vmcompute.HcsPauseComputeSystem(ctx, computeSystem.handle, "") events, err := processAsyncHcsResult(ctx, err, resultJSON, computeSystem.callbackNumber, hcsNotificationSystemPauseCompleted, &timeout.SystemPause) if err != nil { - return makeSystemError(computeSystem, operation, "", err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil @@ -396,13 +396,13 @@ func (computeSystem *System) Resume(ctx context.Context) (err error) { defer computeSystem.handleLock.RUnlock() if computeSystem.handle == 0 { - return makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } resultJSON, err := vmcompute.HcsResumeComputeSystem(ctx, computeSystem.handle, "") events, err := processAsyncHcsResult(ctx, err, resultJSON, computeSystem.callbackNumber, hcsNotificationSystemResumeCompleted, &timeout.SystemResume) if err != nil { - return makeSystemError(computeSystem, operation, "", err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil @@ -413,19 +413,19 @@ func (computeSystem *System) createProcess(ctx context.Context, operation string defer computeSystem.handleLock.RUnlock() if computeSystem.handle == 0 { - return nil, nil, makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return nil, nil, makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } configurationb, err := json.Marshal(c) if err != nil { - return nil, nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, nil, makeSystemError(computeSystem, operation, err, nil) } configuration := string(configurationb) processInfo, processHandle, resultJSON, err := vmcompute.HcsCreateProcess(ctx, computeSystem.handle, configuration) events := processHcsResult(ctx, resultJSON) if err != nil { - return nil, nil, makeSystemError(computeSystem, operation, configuration, err, events) + return nil, nil, makeSystemError(computeSystem, operation, err, events) } log.G(ctx).WithField("pid", processInfo.ProcessId).Debug("created process pid") @@ -447,7 +447,7 @@ func (computeSystem *System) CreateProcess(ctx context.Context, c interface{}) ( pipes, err := makeOpenFiles([]syscall.Handle{processInfo.StdInput, processInfo.StdOutput, processInfo.StdError}) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } process.stdin = pipes[0] process.stdout = pipes[1] @@ -455,7 +455,7 @@ func (computeSystem *System) CreateProcess(ctx context.Context, c interface{}) ( process.hasCachedStdio = true if err = process.registerCallback(ctx); err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } go process.waitBackground() @@ -470,18 +470,18 @@ func (computeSystem *System) OpenProcess(ctx context.Context, pid int) (*Process operation := "hcsshim::System::OpenProcess" if computeSystem.handle == 0 { - return nil, makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return nil, makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } processHandle, resultJSON, err := vmcompute.HcsOpenProcess(ctx, computeSystem.handle, uint32(pid)) events := processHcsResult(ctx, resultJSON) if err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, events) + return nil, makeSystemError(computeSystem, operation, err, events) } process := newProcess(processHandle, pid, computeSystem) if err = process.registerCallback(ctx); err != nil { - return nil, makeSystemError(computeSystem, operation, "", err, nil) + return nil, makeSystemError(computeSystem, operation, err, nil) } go process.waitBackground() @@ -505,12 +505,12 @@ func (computeSystem *System) Close() (err error) { } if err = computeSystem.unregisterCallback(ctx); err != nil { - return makeSystemError(computeSystem, operation, "", err, nil) + return makeSystemError(computeSystem, operation, err, nil) } err = vmcompute.HcsCloseComputeSystem(ctx, computeSystem.handle) if err != nil { - return makeSystemError(computeSystem, operation, "", err, nil) + return makeSystemError(computeSystem, operation, err, nil) } computeSystem.handle = 0 @@ -587,7 +587,7 @@ func (computeSystem *System) Modify(ctx context.Context, config interface{}) err operation := "hcsshim::System::Modify" if computeSystem.handle == 0 { - return makeSystemError(computeSystem, operation, "", ErrAlreadyClosed, nil) + return makeSystemError(computeSystem, operation, ErrAlreadyClosed, nil) } requestBytes, err := json.Marshal(config) @@ -599,7 +599,7 @@ func (computeSystem *System) Modify(ctx context.Context, config interface{}) err resultJSON, err := vmcompute.HcsModifyComputeSystem(ctx, computeSystem.handle, requestJSON) events := processHcsResult(ctx, resultJSON) if err != nil { - return makeSystemError(computeSystem, operation, requestJSON, err, events) + return makeSystemError(computeSystem, operation, err, events) } return nil From 08b27e45d858201a58e0981bb89e22bf7e213435 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 15 Apr 2021 21:29:20 +0200 Subject: [PATCH 090/252] Dockerfile: update yamllint to v1.26.1 to fix build Installation of yamllint started failing, on non-amd64 builds, which could be if the version we were using wasn't specific enough about a dependency to install. copying Cython/Utility/CppSupport.cpp -> build/lib.linux-aarch64-3.7/Cython/Utility running build_ext building 'Cython.Plex.Scanners' extension creating build/temp.linux-aarch64-3.7 creating build/temp.linux-aarch64-3.7/tmp creating build/temp.linux-aarch64-3.7/tmp/pip-install-jasgbmp7 creating build/temp.linux-aarch64-3.7/tmp/pip-install-jasgbmp7/Cython creating build/temp.linux-aarch64-3.7/tmp/pip-install-jasgbmp7/Cython/Cython creating build/temp.linux-aarch64-3.7/tmp/pip-install-jasgbmp7/Cython/Cython/Plex aarch64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -c /tmp/pip-install-jasgbmp7/Cython/Cython/Plex/Scanners.c -o build/temp.linux-aarch64-3.7/tmp/pip-install-jasgbmp7/Cython/Cython/Plex/Scanners.o /tmp/pip-install-jasgbmp7/Cython/Cython/Plex/Scanners.c:21:10: fatal error: Python.h: No such file or directory #include "Python.h" ^~~~~~~~~~ compilation terminated. error: command 'aarch64-linux-gnu-gcc' failed with exit status 1 ---------------------------------------- Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-jasgbmp7/Cython/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-if5qclwe/install-record.txt --single-version-externally-managed --prefix /tmp/pip-build-env-_dtiuyfw --compile" failed with error code 1 in /tmp/pip-install-jasgbmp7/Cython/ ---------------------------------------- Command "/usr/bin/python3 -m pip install --ignore-installed --no-user --prefix /tmp/pip-build-env-_dtiuyfw --no-warn-script-location --no-binary :none: --only-binary :none: -i https://pypi.org/simple -- setuptools wheel Cython" failed with error code 1 in None #22 ERROR: executor failed running [/bin/sh -c pip3 install yamllint==1.16.0]: exit code: 1 Trying if updating to the latest version fixes this. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c35cefb48913fe7a77e99a5b9088cdfccac8ee13) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f5ec77836bcc1..3fa4058288df0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -300,7 +300,7 @@ RUN update-alternatives --set iptables /usr/sbin/iptables-legacy || true \ && update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy || true \ && update-alternatives --set arptables /usr/sbin/arptables-legacy || true -RUN pip3 install yamllint==1.16.0 +RUN pip3 install yamllint==1.26.1 COPY --from=dockercli /build/ /usr/local/cli COPY --from=frozen-images /build/ /docker-frozen-images From 9ca66776fa4bda05831987a87bb2232541109d79 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 15 Apr 2021 14:28:37 +0900 Subject: [PATCH 091/252] bump up rootlesskit to v0.14.2 Fix `Timed out proxy starting the userland proxy.` error with `DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=slirp4netns`. (https://github.com/rootless-containers/rootlesskit/issues/250) Full changes: https://github.com/rootless-containers/rootlesskit/compare/v0.14.1...v0.14.2 Signed-off-by: Akihiro Suda (cherry picked from commit 11bddf330d4fec818e17333c360c25e8641f221d) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/rootlesskit.installer | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 269987141dc73..b2ec88f8e8981 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,7 @@ #!/bin/sh -# v0.14.1 -: "${ROOTLESSKIT_COMMIT:=ed9b8c5cc48d29d0a979dae52a24f6e886795abd}" +# v0.14.2 +: "${ROOTLESSKIT_COMMIT:=4cd567642273d369adaadcbadca00880552c1778}" install_rootlesskit() { case "$1" in From 8a7f77cb2f0fa9585e0ae507fd57a3ebab13b3b9 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 23 Apr 2021 14:47:18 +0900 Subject: [PATCH 092/252] dockerd-rootless.sh: use `command -v` instead of `which` `which` binary is often missing Signed-off-by: Akihiro Suda (cherry picked from commit e928692c6903983ad1fb7a3b94f5520810c52f38) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index 08ef9ba8cef2f..d12d89074446c 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -35,7 +35,7 @@ fi rootlesskit="" for f in docker-rootlesskit rootlesskit; do - if which $f > /dev/null 2>&1; then + if command -v $f > /dev/null 2>&1; then rootlesskit=$f break fi @@ -53,7 +53,7 @@ fi net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU if [ -z $net ]; then - if which slirp4netns > /dev/null 2>&1; then + if command -v slirp4netns > /dev/null 2>&1; then # If --netns-type is present in --help, slirp4netns is >= v0.4.0. if slirp4netns --help | grep -qw -- --netns-type; then net=slirp4netns @@ -65,7 +65,7 @@ if [ -z $net ]; then fi fi if [ -z $net ]; then - if which vpnkit > /dev/null 2>&1; then + if command -v vpnkit > /dev/null 2>&1; then net=vpnkit else echo "Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed" From 12b03bcb2757ac0dc9a92852d43293b96e68f3de Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Wed, 14 Apr 2021 23:03:18 +0000 Subject: [PATCH 093/252] Error string match: do not match command path Whether or not the command path is in the error message is a an implementation detail. For example, on Windows the only reason this ever matched was because it dumped the entire container config into the error message, but this had nothing to do with the actual error. Signed-off-by: Brian Goff (cherry picked from commit 225e046d9d1bdf0f06f4c97bef239b5909463885) Signed-off-by: Brian Goff --- daemon/errors.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/daemon/errors.go b/daemon/errors.go index aae0954ae504b..6f9eb54039351 100644 --- a/daemon/errors.go +++ b/daemon/errors.go @@ -141,11 +141,10 @@ func translateContainerdStartErr(cmd string, setExitCode func(int), err error) e // if we receive an internal error from the initial start of a container then lets // return it instead of entering the restart loop // set to 127 for container cmd not found/does not exist) - if contains(errDesc, cmd) && - (contains(errDesc, "executable file not found") || - contains(errDesc, "no such file or directory") || - contains(errDesc, "system cannot find the file specified") || - contains(errDesc, "failed to run runc create/exec call")) { + if contains(errDesc, "executable file not found") || + contains(errDesc, "no such file or directory") || + contains(errDesc, "system cannot find the file specified") || + contains(errDesc, "failed to run runc create/exec call") { setExitCode(127) retErr = startInvalidConfigError(errDesc) } From 21391bb7f773b589be6f531b7c3283760ac665ec Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 27 Apr 2021 17:56:41 +0900 Subject: [PATCH 094/252] hack/dind: fix cgroup v2 evacuation with `docker run --init` Evacuate all the processes in `/sys/fs/cgroup/cgroup.procs`, not just PID 1. Before: ```console $ docker run --rm --privileged --init $(docker build -q .) cat /sys/fs/cgroup/cgroup.subtree_control sed: couldn't flush stdout: Device or resource busy ``` After: ```console $ docker run --rm --privileged --init $(docker build -q .) cat /sys/fs/cgroup/cgroup.subtree_control cpuset cpu io memory hugetlb pids rdma ``` Fix docker-library/docker issue 308 Signed-off-by: Akihiro Suda (cherry picked from commit 42b1175eda071c0e9121e1d64345928384a93df1) Signed-off-by: Akihiro Suda --- hack/dind | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hack/dind b/hack/dind index 9d3d28e8f7ee2..087270a7a8367 100755 --- a/hack/dind +++ b/hack/dind @@ -27,10 +27,11 @@ fi # cgroup v2: enable nesting if [ -f /sys/fs/cgroup/cgroup.controllers ]; then - # move the init process (PID 1) from the root group to the /init group, + # move the processes from the root group to the /init group, # otherwise writing subtree_control fails with EBUSY. + # An error during moving non-existent process (i.e., "cat") is ignored. mkdir -p /sys/fs/cgroup/init - echo 1 > /sys/fs/cgroup/init/cgroup.procs + xargs -rn1 < /sys/fs/cgroup/cgroup.procs > /sys/fs/cgroup/init/cgroup.procs || : # enable controllers sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers \ > /sys/fs/cgroup/cgroup.subtree_control From 2a0c446866ceb51e3a0d0afa49703a5be43b9f61 Mon Sep 17 00:00:00 2001 From: Eric Mountain Date: Fri, 27 Nov 2020 15:38:26 +0100 Subject: [PATCH 095/252] Use v2 capabilities in layer archives When building images in a user-namespaced container, v3 capabilities are stored including the root UID of the creator of the user-namespace. This UID does not make sense outside the build environment however. If the image is run in a non-user-namespaced runtime, or if a user-namespaced runtime uses a different UID, the capabilities requested by the effective bit will not be honoured by `execve(2)` due to this mismatch. Instead, we convert v3 capabilities to v2, dropping the root UID on the fly. Signed-off-by: Eric Mountain (cherry picked from commit 95eb4907805b0c8650cc1bce01844162c2c84c4a) Signed-off-by: Akihiro Suda --- integration/build/build_userns_linux_test.go | 11 +---------- pkg/archive/archive.go | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/integration/build/build_userns_linux_test.go b/integration/build/build_userns_linux_test.go index f5b3a2705c7cb..5c0bd54fea00d 100644 --- a/integration/build/build_userns_linux_test.go +++ b/integration/build/build_userns_linux_test.go @@ -118,15 +118,6 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { _, err = stdcopy.StdCopy(actualStdout, actualStderr, logReader) assert.NilError(t, err) if strings.TrimSpace(actualStdout.String()) != "/bin/sleep cap_net_bind_service=eip" { - // Activate when fix is merged: https://github.com/moby/moby/pull/41724 - //t.Fatalf("run produced invalid output: %q, expected %q", actualStdout.String(), "/bin/sleep cap_net_bind_service=eip") - // t.Logf("run produced invalid output (expected until #41724 merges): %q, expected %q", - // actualStdout.String(), - // "/bin/sleep cap_net_bind_service=eip") - } else { - // Shouldn't happen until fix is merged: https://github.com/moby/moby/pull/41724 - t.Fatalf("run produced valid output (unexpected until #41724 merges): %q, expected %q", - actualStdout.String(), - "/bin/sleep cap_net_bind_service=eip") + t.Fatalf("run produced invalid output: %q, expected %q", actualStdout.String(), "/bin/sleep cap_net_bind_service=eip") } } diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go index 8d14b7869337d..50b83c62c637b 100644 --- a/pkg/archive/archive.go +++ b/pkg/archive/archive.go @@ -402,10 +402,24 @@ func fillGo18FileTypeBits(mode int64, fi os.FileInfo) int64 { // ReadSecurityXattrToTarHeader reads security.capability xattr from filesystem // to a tar header func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error { + const ( + // Values based on linux/include/uapi/linux/capability.h + xattrCapsSz2 = 20 + versionOffset = 3 + vfsCapRevision2 = 2 + vfsCapRevision3 = 3 + ) capability, _ := system.Lgetxattr(path, "security.capability") if capability != nil { + length := len(capability) + if capability[versionOffset] == vfsCapRevision3 { + // Convert VFS_CAP_REVISION_3 to VFS_CAP_REVISION_2 as root UID makes no + // sense outside the user namespace the archive is built in. + capability[versionOffset] = vfsCapRevision2 + length = xattrCapsSz2 + } hdr.Xattrs = make(map[string]string) - hdr.Xattrs["security.capability"] = string(capability) + hdr.Xattrs["security.capability"] = string(capability[:length]) } return nil } From 01f734cb4f432760fc94a0fb6f64207628ca0662 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 12 May 2021 10:46:44 +0200 Subject: [PATCH 096/252] [20.10] update containerd binary to v1.4.5 release notes: https://github.com/containerd/containerd/releases/tag/v1.4.5 - Update runc to rc94 - Fix leaking socket path in runc shim v2 - Fix cleanup logic in new container in runc shim v2 - Fix registry mirror authorization logic in CRI plugin - Add support for userxattr in overlay snapshotter for kernel 5.11+ (Note that the update to runc is done separately) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index e7c6488096da2..c323cdf421c64 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=05f951a3781f4f2c1911b05e61c160e9c30eaa8e}" # v1.4.4 +: "${CONTAINERD_COMMIT:=8263eb3eaee447b16856eeb8839d5df4c9cca71a}" # v1.4.5 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 94c1890d3997cad133e50f0899677f4966078951 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Tue, 11 May 2021 14:19:57 -0700 Subject: [PATCH 097/252] builder-next: relax second cache key requirements for schema1 Schema1 images can not have a config based cache key before the layers are pulled. Avoid validation and reuse manifest digest as a second key. Signed-off-by: Tonis Tiigi (cherry picked from commit 85167fc63409524fa870bf9bafd7193f08a6d8ed) Signed-off-by: Sebastiaan van Stijn --- builder/builder-next/adapters/containerimage/pull.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/builder/builder-next/adapters/containerimage/pull.go b/builder/builder-next/adapters/containerimage/pull.go index 8bd9b92c4acb2..6b791f106463c 100644 --- a/builder/builder-next/adapters/containerimage/pull.go +++ b/builder/builder-next/adapters/containerimage/pull.go @@ -333,12 +333,12 @@ func (p *puller) CacheKey(ctx context.Context, g session.Group, index int) (stri return dgst.String(), nil, false, nil } - if len(p.config) == 0 { + if len(p.config) == 0 && p.desc.MediaType != images.MediaTypeDockerSchema1Manifest { return "", nil, false, errors.Errorf("invalid empty config file resolved for %s", p.src.Reference.String()) } k := cacheKeyFromConfig(p.config).String() - if k == "" { + if k == "" || p.desc.MediaType == images.MediaTypeDockerSchema1Manifest { dgst, err := p.mainManifestKey(p.platform) if err != nil { return "", nil, false, err From afbb1277a3b74a9e6852c9cb222775f70b4a2d03 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 2 May 2021 04:41:34 +0900 Subject: [PATCH 098/252] Swarm config: use absolute paths for mount destination strings Needed for runc >= 1.0.0-rc94. See runc issue 2928. Signed-off-by: Akihiro Suda Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 930337624250945472001136e7bcb8e5b102bb87) Signed-off-by: Sebastiaan van Stijn --- container/container.go | 11 +++++++++++ container/container_unix.go | 3 ++- container/container_windows.go | 3 ++- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/container/container.go b/container/container.go index df90a4ee2c696..e96f087c55915 100644 --- a/container/container.go +++ b/container/container.go @@ -716,6 +716,17 @@ func getSecretTargetPath(r *swarmtypes.SecretReference) string { return filepath.Join(containerSecretMountPath, r.File.Name) } +// getConfigTargetPath makes sure that config paths inside the container are +// absolute, as required by the runtime spec, and enforced by runc >= 1.0.0-rc94. +// see https://github.com/opencontainers/runc/issues/2928 +func getConfigTargetPath(r *swarmtypes.ConfigReference) string { + if filepath.IsAbs(r.File.Name) { + return r.File.Name + } + + return filepath.Join(containerConfigMountPath, r.File.Name) +} + // CreateDaemonEnvironment creates a new environment variable slice for this container. func (container *Container) CreateDaemonEnvironment(tty bool, linkedEnv []string) []string { // Setup environment diff --git a/container/container_unix.go b/container/container_unix.go index d5c9837532465..7a49ff55aa799 100644 --- a/container/container_unix.go +++ b/container/container_unix.go @@ -27,6 +27,7 @@ const ( // for the graceful container stop before forcefully terminating it. DefaultStopTimeout = 10 + containerConfigMountPath = "/" containerSecretMountPath = "/run/secrets" ) @@ -242,7 +243,7 @@ func (container *Container) SecretMounts() ([]Mount, error) { } mounts = append(mounts, Mount{ Source: fPath, - Destination: r.File.Name, + Destination: getConfigTargetPath(r), Writable: false, }) } diff --git a/container/container_windows.go b/container/container_windows.go index 11e255d82e021..22e77b15af88c 100644 --- a/container/container_windows.go +++ b/container/container_windows.go @@ -12,6 +12,7 @@ import ( ) const ( + containerConfigMountPath = `C:\` containerSecretMountPath = `C:\ProgramData\Docker\secrets` containerInternalSecretMountPath = `C:\ProgramData\Docker\internal\secrets` containerInternalConfigsDirPath = `C:\ProgramData\Docker\internal\configs` @@ -87,7 +88,7 @@ func (container *Container) CreateConfigSymlinks() error { if configRef.File == nil { continue } - resolvedPath, _, err := container.ResolvePath(configRef.File.Name) + resolvedPath, _, err := container.ResolvePath(getConfigTargetPath(configRef)) if err != nil { return err } From 6174e3cf220294ab7f4203bd534a9452e3aa3491 Mon Sep 17 00:00:00 2001 From: Jintao Zhang Date: Tue, 11 May 2021 10:00:03 +0800 Subject: [PATCH 099/252] Update runc binary to v1.0.0-rc94 Signed-off-by: Jintao Zhang (cherry picked from commit 8c019e830a6c735c81301bdc780925343ebcf8e2) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 779eb9b687a06..1760935dc4ad6 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=12644e614e25b05da6fd08a38ffa0cfe1903fdec} # v1.0.0-rc93 +: ${RUNC_COMMIT:=2c7861bc5e1b3e756392236553ec14a78a09f8bf} # v1.0.0-rc94 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting From 4c801fdb7d7ce4841aba3538dd1846bce5b0551c Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 2 May 2021 04:10:08 +0900 Subject: [PATCH 100/252] integration: remove KernelMemory tests Starting with runc v1.0.0-rc94, runc no longer supports KernelMemory. https://github.com/opencontainers/runc/commit/52390d68040637dfc77f9fda6bbe70952423d380 Signed-off-by: Akihiro Suda (cherry picked from commit 2f0d6664a11f70a27ff5835f60e6d4408681bd75) Signed-off-by: Sebastiaan van Stijn --- integration-cli/docker_cli_run_unix_test.go | 27 -------- .../docker_cli_update_unix_test.go | 62 ------------------- integration-cli/requirements_unix_test.go | 16 ----- integration/container/run_linux_test.go | 35 ----------- 4 files changed, 140 deletions(-) diff --git a/integration-cli/docker_cli_run_unix_test.go b/integration-cli/docker_cli_run_unix_test.go index e6a6406e15d5e..e0003396d9571 100644 --- a/integration-cli/docker_cli_run_unix_test.go +++ b/integration-cli/docker_cli_run_unix_test.go @@ -495,33 +495,6 @@ func (s *DockerSuite) TestRunWithInvalidCpuPeriod(c *testing.T) { assert.Assert(c, strings.Contains(out, expected)) } -func (s *DockerSuite) TestRunWithKernelMemory(c *testing.T) { - testRequires(c, DaemonIsLinux, kernelMemorySupport) - - file := "/sys/fs/cgroup/memory/memory.kmem.limit_in_bytes" - cli.DockerCmd(c, "run", "--kernel-memory", "50M", "--name", "test1", "busybox", "cat", file).Assert(c, icmd.Expected{ - Out: "52428800", - }) - - cli.InspectCmd(c, "test1", cli.Format(".HostConfig.KernelMemory")).Assert(c, icmd.Expected{ - Out: "52428800", - }) -} - -func (s *DockerSuite) TestRunWithInvalidKernelMemory(c *testing.T) { - testRequires(c, DaemonIsLinux, kernelMemorySupport) - - out, _, err := dockerCmdWithError("run", "--kernel-memory", "2M", "busybox", "true") - assert.ErrorContains(c, err, "") - expected := "Minimum kernel memory limit allowed is 4MB" - assert.Assert(c, strings.Contains(out, expected)) - - out, _, err = dockerCmdWithError("run", "--kernel-memory", "-16m", "--name", "test2", "busybox", "echo", "test") - assert.ErrorContains(c, err, "") - expected = "invalid size" - assert.Assert(c, strings.Contains(out, expected)) -} - func (s *DockerSuite) TestRunWithCPUShares(c *testing.T) { testRequires(c, cpuShare) diff --git a/integration-cli/docker_cli_update_unix_test.go b/integration-cli/docker_cli_update_unix_test.go index 1b3e5089b143e..53621b63c27db 100644 --- a/integration-cli/docker_cli_update_unix_test.go +++ b/integration-cli/docker_cli_update_unix_test.go @@ -14,7 +14,6 @@ import ( "github.com/creack/pty" "github.com/docker/docker/api/types" "github.com/docker/docker/client" - "github.com/docker/docker/pkg/parsers/kernel" "github.com/docker/docker/testutil/request" "gotest.tools/v3/assert" ) @@ -122,67 +121,6 @@ func (s *DockerSuite) TestUpdateContainerWithoutFlags(c *testing.T) { assert.ErrorContains(c, err, "") } -func (s *DockerSuite) TestUpdateKernelMemory(c *testing.T) { - testRequires(c, DaemonIsLinux, kernelMemorySupport) - - name := "test-update-container" - dockerCmd(c, "run", "-d", "--name", name, "--kernel-memory", "50M", "busybox", "top") - dockerCmd(c, "update", "--kernel-memory", "100M", name) - - assert.Equal(c, inspectField(c, name, "HostConfig.KernelMemory"), "104857600") - - file := "/sys/fs/cgroup/memory/memory.kmem.limit_in_bytes" - out, _ := dockerCmd(c, "exec", name, "cat", file) - assert.Equal(c, strings.TrimSpace(out), "104857600") -} - -func (s *DockerSuite) TestUpdateKernelMemoryUninitialized(c *testing.T) { - testRequires(c, DaemonIsLinux, kernelMemorySupport) - - isNewKernel := CheckKernelVersion(4, 6, 0) - name := "test-update-container" - dockerCmd(c, "run", "-d", "--name", name, "busybox", "top") - _, _, err := dockerCmdWithError("update", "--kernel-memory", "100M", name) - // Update kernel memory to a running container without kernel memory initialized - // is not allowed before kernel version 4.6. - if !isNewKernel { - assert.ErrorContains(c, err, "") - } else { - assert.NilError(c, err) - } - - dockerCmd(c, "pause", name) - _, _, err = dockerCmdWithError("update", "--kernel-memory", "200M", name) - if !isNewKernel { - assert.ErrorContains(c, err, "") - } else { - assert.NilError(c, err) - } - dockerCmd(c, "unpause", name) - - dockerCmd(c, "stop", name) - dockerCmd(c, "update", "--kernel-memory", "300M", name) - dockerCmd(c, "start", name) - - assert.Equal(c, inspectField(c, name, "HostConfig.KernelMemory"), "314572800") - - file := "/sys/fs/cgroup/memory/memory.kmem.limit_in_bytes" - out, _ := dockerCmd(c, "exec", name, "cat", file) - assert.Equal(c, strings.TrimSpace(out), "314572800") -} - -// GetKernelVersion gets the current kernel version. -func GetKernelVersion() *kernel.VersionInfo { - v, _ := kernel.ParseRelease(testEnv.DaemonInfo.KernelVersion) - return v -} - -// CheckKernelVersion checks if current kernel is newer than (or equal to) -// the given version. -func CheckKernelVersion(k, major, minor int) bool { - return kernel.CompareKernelVersion(*GetKernelVersion(), kernel.VersionInfo{Kernel: k, Major: major, Minor: minor}) >= 0 -} - func (s *DockerSuite) TestUpdateSwapMemoryOnly(c *testing.T) { testRequires(c, DaemonIsLinux) testRequires(c, memoryLimitSupport) diff --git a/integration-cli/requirements_unix_test.go b/integration-cli/requirements_unix_test.go index c309824de7523..8c75b26424a91 100644 --- a/integration-cli/requirements_unix_test.go +++ b/integration-cli/requirements_unix_test.go @@ -8,7 +8,6 @@ import ( "os/exec" "strings" - "github.com/docker/docker/pkg/parsers/kernel" "github.com/docker/docker/pkg/sysinfo" ) @@ -37,21 +36,6 @@ func pidsLimit() bool { return SysInfo.PidsLimit } -func kernelMemorySupport() bool { - // TODO remove this once kmem support in RHEL kernels is fixed. See https://github.com/opencontainers/runc/pull/1921 - daemonV, err := kernel.ParseRelease(testEnv.DaemonInfo.KernelVersion) - if err != nil { - return false - } - requiredV := kernel.VersionInfo{Kernel: 3, Major: 10} - if kernel.CompareKernelVersion(*daemonV, requiredV) < 1 { - // On Kernel 3.10 and under, don't consider kernel memory to be supported, - // even if the kernel (and thus the daemon) reports it as being supported - return false - } - return testEnv.DaemonInfo.KernelMemory -} - func memoryLimitSupport() bool { return testEnv.DaemonInfo.MemoryLimit } diff --git a/integration/container/run_linux_test.go b/integration/container/run_linux_test.go index 9e1f6c0175b73..9bff9b5a8ee59 100644 --- a/integration/container/run_linux_test.go +++ b/integration/container/run_linux_test.go @@ -2,7 +2,6 @@ package container // import "github.com/docker/docker/integration/container" import ( "context" - "strconv" "strings" "testing" "time" @@ -17,40 +16,6 @@ import ( "gotest.tools/v3/skip" ) -func TestKernelTCPMemory(t *testing.T) { - skip.If(t, testEnv.DaemonInfo.OSType != "linux") - skip.If(t, versions.LessThan(testEnv.DaemonAPIVersion(), "1.40"), "skip test from new feature") - skip.If(t, testEnv.DaemonInfo.CgroupDriver == "none") - skip.If(t, !testEnv.DaemonInfo.KernelMemoryTCP) - - defer setupTest(t)() - client := testEnv.APIClient() - ctx := context.Background() - - const ( - kernelMemoryTCP int64 = 200 * 1024 * 1024 - ) - - cID := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { - c.HostConfig.Resources = containertypes.Resources{ - KernelMemoryTCP: kernelMemoryTCP, - } - }) - - poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) - - inspect, err := client.ContainerInspect(ctx, cID) - assert.NilError(t, err) - assert.Check(t, is.Equal(kernelMemoryTCP, inspect.HostConfig.KernelMemoryTCP)) - - res, err := container.Exec(ctx, client, cID, - []string{"cat", "/sys/fs/cgroup/memory/memory.kmem.tcp.limit_in_bytes"}) - assert.NilError(t, err) - assert.Assert(t, is.Len(res.Stderr(), 0)) - assert.Equal(t, 0, res.ExitCode) - assert.Check(t, is.Equal(strconv.FormatInt(kernelMemoryTCP, 10), strings.TrimSpace(res.Stdout()))) -} - func TestNISDomainname(t *testing.T) { // Older versions of the daemon would concatenate hostname and domainname, // so hostname "foobar" and domainname "baz.cyphar.com" would produce From fb179ff09887f5956f45be424f342a4a90f07f8b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 19 May 2021 13:10:20 +0200 Subject: [PATCH 101/252] update runc binary to v1.0.0-rc95 full diff: https://github.com/opencontainers/runc/compare/v1.0.0-rc94...v1.0.0-rc95 Release notes: This release of runc contains a fix for CVE-2021-30465, and users are strongly recommended to update (especially if you are providing semi-limited access to spawn containers to untrusted users). Aside from this security fix, only a few other changes were made since v1.0.0-rc94 (the only user-visible change was the addition of support for defaultErrnoRet in seccomp profiles). Signed-off-by: Sebastiaan van Stijn (cherry picked from commit efec2bb368e1e7df55aa533773fea46113c0af63) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 1760935dc4ad6..a9b27cf6d5bbf 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=2c7861bc5e1b3e756392236553ec14a78a09f8bf} # v1.0.0-rc94 +: ${RUNC_COMMIT:=b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7} # v1.0.0-rc95 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting From 56541eca9a9ec79fefb750605285d3d88899fb00 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 19 May 2021 20:43:04 +0200 Subject: [PATCH 102/252] [20.10] update containerd binary to v1.4.6 full diff: https://github.com/containerd/containerd/compare/v1.4.5...v1.4.6 The sixth patch release for containerd 1.4 is a security release to update runc for CVE-2021-30465 Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index c323cdf421c64..d68e9bd948f3e 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=8263eb3eaee447b16856eeb8839d5df4c9cca71a}" # v1.4.5 +: "${CONTAINERD_COMMIT:=d71fcd7d8303cbf684402823e425e9dd2e99285d}" # v1.4.6 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 41cf01fa9391c117e602aafa604ee5cbe1ff18ce Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 19 May 2021 19:42:18 +0200 Subject: [PATCH 103/252] pkg/signal.CatchAll: ignore SIGURG on Linux Do not handle SIGURG on Linux, as in go1.14+, the go runtime issues SIGURG as an interrupt to support preemptable system calls on Linux. This issue was caught in TestCatchAll, which could fail when updating to Go 1.14 or above; === Failed === FAIL: pkg/signal TestCatchAll (0.01s) signal_linux_test.go:32: assertion failed: urgent I/O condition (string) != continued (string) signal_linux_test.go:32: assertion failed: continued (string) != hangup (string) signal_linux_test.go:32: assertion failed: hangup (string) != child exited (string) signal_linux_test.go:32: assertion failed: child exited (string) != illegal instruction (string) signal_linux_test.go:32: assertion failed: illegal instruction (string) != floating point exception (string) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit b7ebf32ba3f0342343558431df976d4ccb8039ba) Signed-off-by: Sebastiaan van Stijn --- pkg/signal/signal.go | 7 +++++++ pkg/signal/signal_darwin.go | 5 +++++ pkg/signal/signal_freebsd.go | 5 +++++ pkg/signal/signal_linux.go | 5 +++++ pkg/signal/signal_linux_mipsx.go | 5 +++++ pkg/signal/signal_linux_test.go | 17 +++++++++++++++++ pkg/signal/signal_windows.go | 5 +++++ 7 files changed, 49 insertions(+) diff --git a/pkg/signal/signal.go b/pkg/signal/signal.go index 88ef7b5ea2653..bbe006bd0bec9 100644 --- a/pkg/signal/signal.go +++ b/pkg/signal/signal.go @@ -12,9 +12,16 @@ import ( ) // CatchAll catches all signals and relays them to the specified channel. +// On Linux, SIGURG is not handled, as it's used by the Go runtime to support +// preemptable system calls. func CatchAll(sigc chan os.Signal) { var handledSigs []os.Signal for _, s := range SignalMap { + if isRuntimeSig(s) { + // Do not handle SIGURG on Linux, as in go1.14+, the go runtime issues + // SIGURG as an interrupt to support preemptable system calls on Linux. + continue + } handledSigs = append(handledSigs, s) } signal.Notify(sigc, handledSigs...) diff --git a/pkg/signal/signal_darwin.go b/pkg/signal/signal_darwin.go index ee5501e3d92e5..8ffd3d73d349c 100644 --- a/pkg/signal/signal_darwin.go +++ b/pkg/signal/signal_darwin.go @@ -1,6 +1,7 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( + "os" "syscall" ) @@ -39,3 +40,7 @@ var SignalMap = map[string]syscall.Signal{ "XCPU": syscall.SIGXCPU, "XFSZ": syscall.SIGXFSZ, } + +func isRuntimeSig(_ os.Signal) bool { + return false +} diff --git a/pkg/signal/signal_freebsd.go b/pkg/signal/signal_freebsd.go index 764f90e2647ac..a5e774a53868e 100644 --- a/pkg/signal/signal_freebsd.go +++ b/pkg/signal/signal_freebsd.go @@ -1,6 +1,7 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( + "os" "syscall" ) @@ -41,3 +42,7 @@ var SignalMap = map[string]syscall.Signal{ "XCPU": syscall.SIGXCPU, "XFSZ": syscall.SIGXFSZ, } + +func isRuntimeSig(_ os.Signal) bool { + return false +} diff --git a/pkg/signal/signal_linux.go b/pkg/signal/signal_linux.go index 4013bded1361f..46fe6bbad096a 100644 --- a/pkg/signal/signal_linux.go +++ b/pkg/signal/signal_linux.go @@ -3,6 +3,7 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( + "os" "syscall" "golang.org/x/sys/unix" @@ -81,3 +82,7 @@ var SignalMap = map[string]syscall.Signal{ "RTMAX-1": sigrtmax - 1, "RTMAX": sigrtmax, } + +func isRuntimeSig(s os.Signal) bool { + return s == unix.SIGURG +} diff --git a/pkg/signal/signal_linux_mipsx.go b/pkg/signal/signal_linux_mipsx.go index c78c887af5dbd..665d849adba6a 100644 --- a/pkg/signal/signal_linux_mipsx.go +++ b/pkg/signal/signal_linux_mipsx.go @@ -4,6 +4,7 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( + "os" "syscall" "golang.org/x/sys/unix" @@ -82,3 +83,7 @@ var SignalMap = map[string]syscall.Signal{ "RTMAX-1": sigrtmax - 1, "RTMAX": sigrtmax, } + +func isRuntimeSig(s os.Signal) bool { + return s == unix.SIGURG +} diff --git a/pkg/signal/signal_linux_test.go b/pkg/signal/signal_linux_test.go index 8e2fb98dbb4e1..decd454de3aee 100644 --- a/pkg/signal/signal_linux_test.go +++ b/pkg/signal/signal_linux_test.go @@ -6,6 +6,7 @@ import ( "os" "syscall" "testing" + "time" "gotest.tools/v3/assert" is "gotest.tools/v3/assert/cmp" @@ -34,6 +35,22 @@ func TestCatchAll(t *testing.T) { } } +func TestCatchAllIgnoreSigUrg(t *testing.T) { + sigs := make(chan os.Signal, 1) + CatchAll(sigs) + defer StopCatch(sigs) + + err := syscall.Kill(syscall.Getpid(), syscall.SIGURG) + assert.NilError(t, err) + timer := time.NewTimer(1 * time.Second) + defer timer.Stop() + select { + case <-timer.C: + case s := <-sigs: + t.Fatalf("expected no signals to be handled, but received %q", s.String()) + } +} + func TestStopCatch(t *testing.T) { signal := SignalMap["HUP"] channel := make(chan os.Signal, 1) diff --git a/pkg/signal/signal_windows.go b/pkg/signal/signal_windows.go index 65752f24aaef8..d44662c4e4e26 100644 --- a/pkg/signal/signal_windows.go +++ b/pkg/signal/signal_windows.go @@ -1,6 +1,7 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( + "os" "syscall" ) @@ -24,3 +25,7 @@ var SignalMap = map[string]syscall.Signal{ "KILL": syscall.SIGKILL, "TERM": syscall.SIGTERM, } + +func isRuntimeSig(_ os.Signal) bool { + return false +} From d29a55c6c344a536089d6b1bcd92be9cdea20641 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 25 May 2021 11:29:14 +0200 Subject: [PATCH 104/252] vendor: github.com/docker/libnetwork 64b7a4574d1426139437d20e81c0b6d391130ec8 Update libnetwork to make `docker run -p 80:80` functional again on environments with kernel boot parameter `ipv6.disable=1`. full diff: https://github.com/docker/libnetwork/compare/b3507428be5b458cb0e2b4086b13531fb0706e46...64b7a4574d1426139437d20e81c0b6d391130ec8 - fix port forwarding with ipv6.disable=1 - fixes moby/moby/42288 Docker 20.10.6: all containers stopped and cannot start if ipv6 is disabled on host - fixes docker/libnetwork/2629 Network issue with IPv6 following update to version 20.10.6 - fixesdocker/for-linux/1233 Since 20.10.6 it's not possible to run docker on a machine with disabled IPv6 interfaces - vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be - Enforce order of lock acquisitions on network/controller, fixes #2632 - fixes docker/libnetwork/2632 Name resolution stuck due to deadlock between different network struct methods - fixes moby/moby/42032 Docker deamon get's stuck, can't serve DNS requests Signed-off-by: Sebastiaan van Stijn (cherry picked from commit e4109b3b6bb3b6ebd6ba42cac03dfba5ffc6caf4) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/proxy.installer | 2 +- vendor.conf | 2 +- .../libnetwork/drivers/bridge/port_mapping.go | 31 +++++++++++++++++++ .../github.com/docker/libnetwork/network.go | 26 +++++++++------- .../github.com/docker/libnetwork/vendor.conf | 2 +- 5 files changed, 49 insertions(+), 14 deletions(-) diff --git a/hack/dockerfile/install/proxy.installer b/hack/dockerfile/install/proxy.installer index b7ce672fadc47..3b0bb4b486b24 100755 --- a/hack/dockerfile/install/proxy.installer +++ b/hack/dockerfile/install/proxy.installer @@ -3,7 +3,7 @@ # LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When # updating the binary version, consider updating github.com/docker/libnetwork # in vendor.conf accordingly -: "${LIBNETWORK_COMMIT:=b3507428be5b458cb0e2b4086b13531fb0706e46}" +: "${LIBNETWORK_COMMIT:=64b7a4574d1426139437d20e81c0b6d391130ec8}" install_proxy() { case "$1" in diff --git a/vendor.conf b/vendor.conf index 7fd409d154908..720d1ac4e266a 100644 --- a/vendor.conf +++ b/vendor.conf @@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware 3c51f7f332123e8be5a157c0802a # libnetwork # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly -github.com/docker/libnetwork b3507428be5b458cb0e2b4086b13531fb0706e46 +github.com/docker/libnetwork 64b7a4574d1426139437d20e81c0b6d391130ec8 github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec diff --git a/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go b/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go index 946130ecdd0f9..17bf36f9dd8c7 100644 --- a/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go +++ b/vendor/github.com/docker/libnetwork/drivers/bridge/port_mapping.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "net" + "sync" "github.com/docker/libnetwork/types" "github.com/ishidawataru/sctp" @@ -50,6 +51,13 @@ func (n *bridgeNetwork) allocatePortsInternal(bindings []types.PortBinding, cont bs = append(bs, bIPv4) } + // skip adding implicit v6 addr, when the kernel was booted with `ipv6.disable=1` + // https://github.com/moby/moby/issues/42288 + isV6Binding := c.HostIP != nil && c.HostIP.To4() == nil + if !isV6Binding && !IsV6Listenable() { + continue + } + // Allocate IPv6 Port mappings // If the container has no IPv6 address, allow proxying host IPv6 traffic to it // by setting up the binding with the IPv4 interface if the userland proxy is enabled @@ -211,3 +219,26 @@ func (n *bridgeNetwork) releasePort(bnd types.PortBinding) error { return portmapper.Unmap(host) } + +var ( + v6ListenableCached bool + v6ListenableOnce sync.Once +) + +// IsV6Listenable returns true when `[::1]:0` is listenable. +// IsV6Listenable returns false mostly when the kernel was booted with `ipv6.disable=1` option. +func IsV6Listenable() bool { + v6ListenableOnce.Do(func() { + ln, err := net.Listen("tcp6", "[::1]:0") + if err != nil { + // When the kernel was booted with `ipv6.disable=1`, + // we get err "listen tcp6 [::1]:0: socket: address family not supported by protocol" + // https://github.com/moby/moby/issues/42288 + logrus.Debugf("port_mapping: v6Listenable=false (%v)", err) + } else { + v6ListenableCached = true + ln.Close() + } + }) + return v6ListenableCached +} diff --git a/vendor/github.com/docker/libnetwork/network.go b/vendor/github.com/docker/libnetwork/network.go index a7a6d0748b4fb..2514d6c4fc691 100644 --- a/vendor/github.com/docker/libnetwork/network.go +++ b/vendor/github.com/docker/libnetwork/network.go @@ -1409,21 +1409,21 @@ func (n *network) addSvcRecords(eID, name, serviceID string, epIP, epIPv6 net.IP if n.ingress { return } - - logrus.Debugf("%s (%.7s).addSvcRecords(%s, %s, %s, %t) %s sid:%s", eID, n.ID(), name, epIP, epIPv6, ipMapUpdate, method, serviceID) + networkID := n.ID() + logrus.Debugf("%s (%.7s).addSvcRecords(%s, %s, %s, %t) %s sid:%s", eID, networkID, name, epIP, epIPv6, ipMapUpdate, method, serviceID) c := n.getController() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { sr = svcInfo{ svcMap: setmatrix.NewSetMatrix(), svcIPv6Map: setmatrix.NewSetMatrix(), ipMap: setmatrix.NewSetMatrix(), } - c.svcRecords[n.ID()] = sr + c.svcRecords[networkID] = sr } if ipMapUpdate { @@ -1445,14 +1445,14 @@ func (n *network) deleteSvcRecords(eID, name, serviceID string, epIP net.IP, epI if n.ingress { return } - - logrus.Debugf("%s (%.7s).deleteSvcRecords(%s, %s, %s, %t) %s sid:%s ", eID, n.ID(), name, epIP, epIPv6, ipMapUpdate, method, serviceID) + networkID := n.ID() + logrus.Debugf("%s (%.7s).deleteSvcRecords(%s, %s, %s, %t) %s sid:%s ", eID, networkID, name, epIP, epIPv6, ipMapUpdate, method, serviceID) c := n.getController() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { return } @@ -1972,9 +1972,10 @@ func (n *network) ResolveName(req string, ipType int) ([]net.IP, bool) { var ipv6Miss bool c := n.getController() + networkID := n.ID() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { return nil, false @@ -2012,10 +2013,11 @@ func (n *network) ResolveName(req string, ipType int) ([]net.IP, bool) { } func (n *network) HandleQueryResp(name string, ip net.IP) { + networkID := n.ID() c := n.getController() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { return @@ -2031,10 +2033,11 @@ func (n *network) HandleQueryResp(name string, ip net.IP) { } func (n *network) ResolveIP(ip string) string { + networkID := n.ID() c := n.getController() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { return "" @@ -2085,9 +2088,10 @@ func (n *network) ResolveService(name string) ([]*net.SRV, []net.IP) { proto := parts[1] svcName := strings.Join(parts[2:], ".") + networkID := n.ID() c.Lock() defer c.Unlock() - sr, ok := c.svcRecords[n.ID()] + sr, ok := c.svcRecords[networkID] if !ok { return nil, nil diff --git a/vendor/github.com/docker/libnetwork/vendor.conf b/vendor/github.com/docker/libnetwork/vendor.conf index 52aaac27d3bce..36e10194bfd53 100644 --- a/vendor/github.com/docker/libnetwork/vendor.conf +++ b/vendor/github.com/docker/libnetwork/vendor.conf @@ -43,7 +43,7 @@ golang.org/x/net ab34263943818b32f575efc978a3 golang.org/x/sys ed371f2e16b4b305ee99df548828de367527b76b golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb github.com/pkg/errors 614d223910a179a466c1767a985424175c39b465 # v0.9.1 -github.com/ishidawataru/sctp 6e2cb1366111dcf547c13531e3a263a067715847 +github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be go.opencensus.io 9c377598961b706d1542bd2d84d538b5094d596e # v0.22.0 gotest.tools/v3 bb0d8a963040ea5048dcef1a14d8f8b58a33d4b3 # v3.0.2 From 95551168ac4f7b70e4fb14b0a638ae12ce7447d0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 25 May 2021 11:36:11 +0200 Subject: [PATCH 105/252] vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be full diff: https://github.com/ishidawataru/sctp/compare/6e2cb1366111dcf547c13531e3a263a067715847...f2269e66cdee387bd321445d5d300893449805be - support SO_SNDBUF/SO_RCVBUF handling - Support Go Modules - license clarificaton - ci: drop 1.6, 1.7, 1.8 support - Add support for SocketConfig - support goarch mips64le architecture. - fix possible socket leak when bind fails Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 22b9e2a7e53645a3090ef305658f22264c380368) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- vendor/github.com/ishidawataru/sctp/NOTICE | 3 + vendor/github.com/ishidawataru/sctp/go.mod | 3 + .../ishidawataru/sctp/ipsock_linux.go | 4 ++ vendor/github.com/ishidawataru/sctp/sctp.go | 49 +++++++++++++ .../ishidawataru/sctp/sctp_linux.go | 71 ++++++++++++++++++- .../ishidawataru/sctp/sctp_unsupported.go | 39 ++++++++++ 7 files changed, 169 insertions(+), 2 deletions(-) create mode 100644 vendor/github.com/ishidawataru/sctp/NOTICE create mode 100644 vendor/github.com/ishidawataru/sctp/go.mod diff --git a/vendor.conf b/vendor.conf index 720d1ac4e266a..dc9d7d500eaa4 100644 --- a/vendor.conf +++ b/vendor.conf @@ -72,7 +72,7 @@ github.com/coreos/go-semver 8ab6407b697782a06568d4b7f1db github.com/ugorji/go b4c50a2b199d93b13dc15e78929cfb23bfdf21ab # v1.1.1 github.com/hashicorp/consul 9a9cc9341bb487651a0399e3fc5e1e8a42e62dd9 # v0.5.2 github.com/miekg/dns 6c0c4e6581f8e173cc562c8b3363ab984e4ae071 # v1.1.27 -github.com/ishidawataru/sctp 6e2cb1366111dcf547c13531e3a263a067715847 +github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 # get graph and distribution packages diff --git a/vendor/github.com/ishidawataru/sctp/NOTICE b/vendor/github.com/ishidawataru/sctp/NOTICE new file mode 100644 index 0000000000000..cfb675fd4ba42 --- /dev/null +++ b/vendor/github.com/ishidawataru/sctp/NOTICE @@ -0,0 +1,3 @@ +This source code includes following third party code + +- ipsock_linux.go : licensed by the Go authors, see GO_LICENSE file for the license which applies to the code diff --git a/vendor/github.com/ishidawataru/sctp/go.mod b/vendor/github.com/ishidawataru/sctp/go.mod new file mode 100644 index 0000000000000..5adf982b086ca --- /dev/null +++ b/vendor/github.com/ishidawataru/sctp/go.mod @@ -0,0 +1,3 @@ +module github.com/ishidawataru/sctp + +go 1.12 diff --git a/vendor/github.com/ishidawataru/sctp/ipsock_linux.go b/vendor/github.com/ishidawataru/sctp/ipsock_linux.go index f5632b72d29af..3df30fa4601a0 100644 --- a/vendor/github.com/ishidawataru/sctp/ipsock_linux.go +++ b/vendor/github.com/ishidawataru/sctp/ipsock_linux.go @@ -1,3 +1,7 @@ +// Copyright 2009 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the GO_LICENSE file. + package sctp import ( diff --git a/vendor/github.com/ishidawataru/sctp/sctp.go b/vendor/github.com/ishidawataru/sctp/sctp.go index 30d619640c405..94842f42702fa 100644 --- a/vendor/github.com/ishidawataru/sctp/sctp.go +++ b/vendor/github.com/ishidawataru/sctp/sctp.go @@ -1,3 +1,18 @@ +// Copyright 2019 Wataru Ishida. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +// implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package sctp import ( @@ -678,3 +693,37 @@ func (c *SCTPSndRcvInfoWrappedConn) SetReadDeadline(t time.Time) error { func (c *SCTPSndRcvInfoWrappedConn) SetWriteDeadline(t time.Time) error { return c.conn.SetWriteDeadline(t) } + +func (c *SCTPSndRcvInfoWrappedConn) SetWriteBuffer(bytes int) error { + return c.conn.SetWriteBuffer(bytes) +} + +func (c *SCTPSndRcvInfoWrappedConn) GetWriteBuffer() (int, error) { + return c.conn.GetWriteBuffer() +} + +func (c *SCTPSndRcvInfoWrappedConn) SetReadBuffer(bytes int) error { + return c.conn.SetReadBuffer(bytes) +} + +func (c *SCTPSndRcvInfoWrappedConn) GetReadBuffer() (int, error) { + return c.conn.GetReadBuffer() +} + +// SocketConfig contains options for the SCTP socket. +type SocketConfig struct { + // If Control is not nil it is called after the socket is created but before + // it is bound or connected. + Control func(network, address string, c syscall.RawConn) error + + // InitMsg is the options to send in the initial SCTP message + InitMsg InitMsg +} + +func (cfg *SocketConfig) Listen(net string, laddr *SCTPAddr) (*SCTPListener, error) { + return listenSCTPExtConfig(net, laddr, cfg.InitMsg, cfg.Control) +} + +func (cfg *SocketConfig) Dial(net string, laddr, raddr *SCTPAddr) (*SCTPConn, error) { + return dialSCTPExtConfig(net, laddr, raddr, cfg.InitMsg, cfg.Control) +} diff --git a/vendor/github.com/ishidawataru/sctp/sctp_linux.go b/vendor/github.com/ishidawataru/sctp/sctp_linux.go index 5a6ad93785ebf..d96d09e5ca925 100644 --- a/vendor/github.com/ishidawataru/sctp/sctp_linux.go +++ b/vendor/github.com/ishidawataru/sctp/sctp_linux.go @@ -1,4 +1,18 @@ // +build linux,!386 +// Copyright 2019 Wataru Ishida. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +// implied. +// See the License for the specific language governing permissions and +// limitations under the License. package sctp @@ -40,6 +54,23 @@ func getsockopt(fd int, optname, optval, optlen uintptr) (uintptr, uintptr, erro return r0, r1, nil } +type rawConn struct { + sockfd int +} + +func (r rawConn) Control(f func(fd uintptr)) error { + f(uintptr(r.sockfd)) + return nil +} + +func (r rawConn) Read(f func(fd uintptr) (done bool)) error { + panic("not implemented") +} + +func (r rawConn) Write(f func(fd uintptr) (done bool)) error { + panic("not implemented") +} + func (c *SCTPConn) SCTPWrite(b []byte, info *SndRcvInfo) (int, error) { var cbuf []byte if info != nil { @@ -114,6 +145,22 @@ func (c *SCTPConn) Close() error { return syscall.EBADF } +func (c *SCTPConn) SetWriteBuffer(bytes int) error { + return syscall.SetsockoptInt(c.fd(), syscall.SOL_SOCKET, syscall.SO_SNDBUF, bytes) +} + +func (c *SCTPConn) GetWriteBuffer() (int, error) { + return syscall.GetsockoptInt(c.fd(), syscall.SOL_SOCKET, syscall.SO_SNDBUF) +} + +func (c *SCTPConn) SetReadBuffer(bytes int) error { + return syscall.SetsockoptInt(c.fd(), syscall.SOL_SOCKET, syscall.SO_RCVBUF, bytes) +} + +func (c *SCTPConn) GetReadBuffer() (int, error) { + return syscall.GetsockoptInt(c.fd(), syscall.SOL_SOCKET, syscall.SO_RCVBUF) +} + // ListenSCTP - start listener on specified address/port func ListenSCTP(net string, laddr *SCTPAddr) (*SCTPListener, error) { return ListenSCTPExt(net, laddr, InitMsg{NumOstreams: SCTP_MAX_STREAM}) @@ -121,6 +168,11 @@ func ListenSCTP(net string, laddr *SCTPAddr) (*SCTPListener, error) { // ListenSCTPExt - start listener on specified address/port with given SCTP options func ListenSCTPExt(network string, laddr *SCTPAddr, options InitMsg) (*SCTPListener, error) { + return listenSCTPExtConfig(network, laddr, options, nil) +} + +// listenSCTPExtConfig - start listener on specified address/port with given SCTP options and socket configuration +func listenSCTPExtConfig(network string, laddr *SCTPAddr, options InitMsg, control func(network, address string, c syscall.RawConn) error) (*SCTPListener, error) { af, ipv6only := favoriteAddrFamily(network, laddr, nil, "listen") sock, err := syscall.Socket( af, @@ -140,6 +192,12 @@ func ListenSCTPExt(network string, laddr *SCTPAddr, options InitMsg) (*SCTPListe if err = setDefaultSockopts(sock, af, ipv6only); err != nil { return nil, err } + if control != nil { + rc := rawConn{sockfd: sock} + if err = control(network, laddr.String(), rc); err != nil { + return nil, err + } + } err = setInitOpts(sock, options) if err != nil { return nil, err @@ -154,7 +212,7 @@ func ListenSCTPExt(network string, laddr *SCTPAddr, options InitMsg) (*SCTPListe laddr.IPAddrs = append(laddr.IPAddrs, net.IPAddr{IP: net.IPv6zero}) } } - err := SCTPBind(sock, laddr, SCTP_BINDX_ADD_ADDR) + err = SCTPBind(sock, laddr, SCTP_BINDX_ADD_ADDR) if err != nil { return nil, err } @@ -191,6 +249,11 @@ func DialSCTP(net string, laddr, raddr *SCTPAddr) (*SCTPConn, error) { // DialSCTPExt - same as DialSCTP but with given SCTP options func DialSCTPExt(network string, laddr, raddr *SCTPAddr, options InitMsg) (*SCTPConn, error) { + return dialSCTPExtConfig(network, laddr, raddr, options, nil) +} + +// dialSCTPExtConfig - same as DialSCTP but with given SCTP options and socket configuration +func dialSCTPExtConfig(network string, laddr, raddr *SCTPAddr, options InitMsg, control func(network, address string, c syscall.RawConn) error) (*SCTPConn, error) { af, ipv6only := favoriteAddrFamily(network, laddr, raddr, "dial") sock, err := syscall.Socket( af, @@ -210,6 +273,12 @@ func DialSCTPExt(network string, laddr, raddr *SCTPAddr, options InitMsg) (*SCTP if err = setDefaultSockopts(sock, af, ipv6only); err != nil { return nil, err } + if control != nil { + rc := rawConn{sockfd: sock} + if err = control(network, laddr.String(), rc); err != nil { + return nil, err + } + } err = setInitOpts(sock, options) if err != nil { return nil, err diff --git a/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go b/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go index e5415843dc60f..118fe159e92d9 100644 --- a/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go +++ b/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go @@ -1,4 +1,18 @@ // +build !linux linux,386 +// Copyright 2019 Wataru Ishida. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +// implied. +// See the License for the specific language governing permissions and +// limitations under the License. package sctp @@ -6,6 +20,7 @@ import ( "errors" "net" "runtime" + "syscall" ) var ErrUnsupported = errors.New("SCTP is unsupported on " + runtime.GOOS + "/" + runtime.GOARCH) @@ -30,6 +45,22 @@ func (c *SCTPConn) Close() error { return ErrUnsupported } +func (c *SCTPConn) SetWriteBuffer(bytes int) error { + return ErrUnsupported +} + +func (c *SCTPConn) GetWriteBuffer() (int, error) { + return 0, ErrUnsupported +} + +func (c *SCTPConn) SetReadBuffer(bytes int) error { + return ErrUnsupported +} + +func (c *SCTPConn) GetReadBuffer() (int, error) { + return 0, ErrUnsupported +} + func ListenSCTP(net string, laddr *SCTPAddr) (*SCTPListener, error) { return nil, ErrUnsupported } @@ -38,6 +69,10 @@ func ListenSCTPExt(net string, laddr *SCTPAddr, options InitMsg) (*SCTPListener, return nil, ErrUnsupported } +func listenSCTPExtConfig(network string, laddr *SCTPAddr, options InitMsg, control func(network, address string, c syscall.RawConn) error) (*SCTPListener, error) { + return nil, ErrUnsupported +} + func (ln *SCTPListener) Accept() (net.Conn, error) { return nil, ErrUnsupported } @@ -57,3 +92,7 @@ func DialSCTP(net string, laddr, raddr *SCTPAddr) (*SCTPConn, error) { func DialSCTPExt(network string, laddr, raddr *SCTPAddr, options InitMsg) (*SCTPConn, error) { return nil, ErrUnsupported } + +func dialSCTPExtConfig(network string, laddr, raddr *SCTPAddr, options InitMsg, control func(network, address string, c syscall.RawConn) error) (*SCTPConn, error) { + return nil, ErrUnsupported +} From 003e3c0551518bc0a9be44be46f1eb96a351951b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 25 May 2021 12:07:53 +0200 Subject: [PATCH 106/252] pkg/signal: ignore SIGURG on all platforms Other Unix platforms (e.g. Darwin) are also affected by the Go runtime sending SIGURG. This patch changes how we match the signal by just looking for the "URG" name, which should handle any platform that has this signal defined in the SignalMap. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 05f520dd3cf6730ca53910ada5fc24791ab2ead0) Signed-off-by: Sebastiaan van Stijn --- pkg/signal/signal.go | 8 ++++---- pkg/signal/signal_darwin.go | 5 ----- pkg/signal/signal_freebsd.go | 5 ----- pkg/signal/signal_linux.go | 5 ----- pkg/signal/signal_linux_mipsx.go | 5 ----- pkg/signal/signal_windows.go | 5 ----- 6 files changed, 4 insertions(+), 29 deletions(-) diff --git a/pkg/signal/signal.go b/pkg/signal/signal.go index bbe006bd0bec9..b274033ef6935 100644 --- a/pkg/signal/signal.go +++ b/pkg/signal/signal.go @@ -12,13 +12,13 @@ import ( ) // CatchAll catches all signals and relays them to the specified channel. -// On Linux, SIGURG is not handled, as it's used by the Go runtime to support +// SIGURG is not handled, as it's used by the Go runtime to support // preemptable system calls. func CatchAll(sigc chan os.Signal) { var handledSigs []os.Signal - for _, s := range SignalMap { - if isRuntimeSig(s) { - // Do not handle SIGURG on Linux, as in go1.14+, the go runtime issues + for n, s := range SignalMap { + if n == "URG" { + // Do not handle SIGURG, as in go1.14+, the go runtime issues // SIGURG as an interrupt to support preemptable system calls on Linux. continue } diff --git a/pkg/signal/signal_darwin.go b/pkg/signal/signal_darwin.go index 8ffd3d73d349c..ee5501e3d92e5 100644 --- a/pkg/signal/signal_darwin.go +++ b/pkg/signal/signal_darwin.go @@ -1,7 +1,6 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( - "os" "syscall" ) @@ -40,7 +39,3 @@ var SignalMap = map[string]syscall.Signal{ "XCPU": syscall.SIGXCPU, "XFSZ": syscall.SIGXFSZ, } - -func isRuntimeSig(_ os.Signal) bool { - return false -} diff --git a/pkg/signal/signal_freebsd.go b/pkg/signal/signal_freebsd.go index a5e774a53868e..764f90e2647ac 100644 --- a/pkg/signal/signal_freebsd.go +++ b/pkg/signal/signal_freebsd.go @@ -1,7 +1,6 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( - "os" "syscall" ) @@ -42,7 +41,3 @@ var SignalMap = map[string]syscall.Signal{ "XCPU": syscall.SIGXCPU, "XFSZ": syscall.SIGXFSZ, } - -func isRuntimeSig(_ os.Signal) bool { - return false -} diff --git a/pkg/signal/signal_linux.go b/pkg/signal/signal_linux.go index 46fe6bbad096a..4013bded1361f 100644 --- a/pkg/signal/signal_linux.go +++ b/pkg/signal/signal_linux.go @@ -3,7 +3,6 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( - "os" "syscall" "golang.org/x/sys/unix" @@ -82,7 +81,3 @@ var SignalMap = map[string]syscall.Signal{ "RTMAX-1": sigrtmax - 1, "RTMAX": sigrtmax, } - -func isRuntimeSig(s os.Signal) bool { - return s == unix.SIGURG -} diff --git a/pkg/signal/signal_linux_mipsx.go b/pkg/signal/signal_linux_mipsx.go index 665d849adba6a..c78c887af5dbd 100644 --- a/pkg/signal/signal_linux_mipsx.go +++ b/pkg/signal/signal_linux_mipsx.go @@ -4,7 +4,6 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( - "os" "syscall" "golang.org/x/sys/unix" @@ -83,7 +82,3 @@ var SignalMap = map[string]syscall.Signal{ "RTMAX-1": sigrtmax - 1, "RTMAX": sigrtmax, } - -func isRuntimeSig(s os.Signal) bool { - return s == unix.SIGURG -} diff --git a/pkg/signal/signal_windows.go b/pkg/signal/signal_windows.go index d44662c4e4e26..65752f24aaef8 100644 --- a/pkg/signal/signal_windows.go +++ b/pkg/signal/signal_windows.go @@ -1,7 +1,6 @@ package signal // import "github.com/docker/docker/pkg/signal" import ( - "os" "syscall" ) @@ -25,7 +24,3 @@ var SignalMap = map[string]syscall.Signal{ "KILL": syscall.SIGKILL, "TERM": syscall.SIGTERM, } - -func isRuntimeSig(_ os.Signal) bool { - return false -} From 895eaacdd4bbb64586acfda2e217b1ed1dc7c085 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 26 May 2021 13:33:04 +0200 Subject: [PATCH 107/252] vendor: github.com/moby/buildkit v0.8.3 full diff: https://github.com/moby/buildkit/compare/v0.8.2...v0.8.3 - vendor containerd (required for rootless overlayfs on kernel 5.11) - not included to avoid depending on a fork - Add retry on image push 5xx errors - contenthash: include basename in content checksum for wildcards - Fix missing mounts in execOp cache map - Add regression test for run cache not considering mounts - Add hack to preserve Dockerfile RUN cache compatibility after mount cache bugfix Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 79ee285d763dbde96ef87ab832dff57969c32254) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../buildkit/cache/contenthash/checksum.go | 20 ++++++++++--------- vendor/github.com/moby/buildkit/go.mod | 6 ++++++ .../buildkit/solver/llbsolver/ops/exec.go | 20 +++++++++++++++++-- .../moby/buildkit/util/contentutil/copy.go | 2 +- .../moby/buildkit/util/imageutil/config.go | 2 +- .../moby/buildkit/util/progress/logs/logs.go | 1 + .../util/resolver/retryhandler/retry.go | 9 +++++++++ 8 files changed, 48 insertions(+), 14 deletions(-) diff --git a/vendor.conf b/vendor.conf index dc9d7d500eaa4..3fae56371fa75 100644 --- a/vendor.conf +++ b/vendor.conf @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 9065b18ba4633c75862befca8188de4338d9f94a # v0.8.2 +github.com/moby/buildkit 81c2cbd8a418918d62b71e347a00034189eea455 # v0.8.3 github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 diff --git a/vendor/github.com/moby/buildkit/cache/contenthash/checksum.go b/vendor/github.com/moby/buildkit/cache/contenthash/checksum.go index a8335eaa9c0ad..ac9d3ec36a271 100644 --- a/vendor/github.com/moby/buildkit/cache/contenthash/checksum.go +++ b/vendor/github.com/moby/buildkit/cache/contenthash/checksum.go @@ -406,17 +406,19 @@ func (cc *cacheContext) ChecksumWildcard(ctx context.Context, mountable cache.Mo return digest.FromBytes([]byte{}), nil } - if len(wildcards) > 1 { - digester := digest.Canonical.Digester() - for i, w := range wildcards { - if i != 0 { - digester.Hash().Write([]byte{0}) - } - digester.Hash().Write([]byte(w.Record.Digest)) + if len(wildcards) == 1 && path.Base(p) == path.Base(wildcards[0].Path) { + return wildcards[0].Record.Digest, nil + } + + digester := digest.Canonical.Digester() + for i, w := range wildcards { + if i != 0 { + digester.Hash().Write([]byte{0}) } - return digester.Digest(), nil + digester.Hash().Write([]byte(path.Base(w.Path))) + digester.Hash().Write([]byte(w.Record.Digest)) } - return wildcards[0].Record.Digest, nil + return digester.Digest(), nil } func (cc *cacheContext) Checksum(ctx context.Context, mountable cache.Mountable, p string, followLinks bool, s session.Group) (digest.Digest, error) { diff --git a/vendor/github.com/moby/buildkit/go.mod b/vendor/github.com/moby/buildkit/go.mod index 06f53390c3146..3e8a6d8557c79 100644 --- a/vendor/github.com/moby/buildkit/go.mod +++ b/vendor/github.com/moby/buildkit/go.mod @@ -9,6 +9,7 @@ require ( github.com/Microsoft/hcsshim v0.8.10 github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect github.com/containerd/console v1.0.1 + // containerd: the actual version is replaced in replace() github.com/containerd/containerd v1.4.1-0.20201117152358-0edc412565dc github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe github.com/containerd/go-cni v1.0.1 @@ -71,6 +72,11 @@ require ( ) replace ( + // containerd: Forked from 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 (20201117) with: + // - `Adjust overlay tests to expect "index=off"` (#4719, for ease of cherry-picking #5076) + // - `overlay: support "userxattr" option (kernel 5.11)` (#5076) + // - `docker: avoid concurrent map access panic` (#4855) + github.com/containerd/containerd => github.com/AkihiroSuda/containerd v1.1.1-0.20210312044057-48f85a131bb8 // protobuf: corresponds to containerd github.com/golang/protobuf => github.com/golang/protobuf v1.3.5 github.com/hashicorp/go-immutable-radix => github.com/tonistiigi/go-immutable-radix v0.0.0-20170803185627-826af9ccf0fe diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go index 24aa46aa9fb17..37d64ed0ef938 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go @@ -69,8 +69,8 @@ func cloneExecOp(old *pb.ExecOp) pb.ExecOp { } n.Meta = &meta n.Mounts = nil - for i := range n.Mounts { - m := *n.Mounts[i] + for i := range old.Mounts { + m := *old.Mounts[i] n.Mounts = append(n.Mounts, &m) } return n @@ -97,6 +97,22 @@ func (e *execOp) CacheMap(ctx context.Context, g session.Group, index int) (*sol } } + // Special case for cache compatibility with buggy versions that wrongly + // excluded Exec.Mounts: for the default case of one root mount (i.e. RUN + // inside a Dockerfile), do not include the mount when generating the cache + // map. + if len(op.Mounts) == 1 && + op.Mounts[0].Dest == "/" && + op.Mounts[0].Selector == "" && + !op.Mounts[0].Readonly && + op.Mounts[0].MountType == pb.MountType_BIND && + op.Mounts[0].CacheOpt == nil && + op.Mounts[0].SSHOpt == nil && + op.Mounts[0].SecretOpt == nil && + op.Mounts[0].ResultID == "" { + op.Mounts = nil + } + dt, err := json.Marshal(struct { Type string Exec *pb.ExecOp diff --git a/vendor/github.com/moby/buildkit/util/contentutil/copy.go b/vendor/github.com/moby/buildkit/util/contentutil/copy.go index 08c604730061a..b471d8b94850d 100644 --- a/vendor/github.com/moby/buildkit/util/contentutil/copy.go +++ b/vendor/github.com/moby/buildkit/util/contentutil/copy.go @@ -65,7 +65,7 @@ func CopyChain(ctx context.Context, ingester content.Ingester, provider content. handlers := []images.Handler{ images.ChildrenHandler(provider), filterHandler, - retryhandler.New(remotes.FetchHandler(ingester, &localFetcher{provider}), nil), + retryhandler.New(remotes.FetchHandler(ingester, &localFetcher{provider}), func(_ []byte) {}), } if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil { diff --git a/vendor/github.com/moby/buildkit/util/imageutil/config.go b/vendor/github.com/moby/buildkit/util/imageutil/config.go index c1ea0214523ee..0be587058a6c8 100644 --- a/vendor/github.com/moby/buildkit/util/imageutil/config.go +++ b/vendor/github.com/moby/buildkit/util/imageutil/config.go @@ -101,7 +101,7 @@ func Config(ctx context.Context, str string, resolver remotes.Resolver, cache Co children := childrenConfigHandler(cache, platform) handlers := []images.Handler{ - retryhandler.New(remotes.FetchHandler(cache, fetcher), nil), + retryhandler.New(remotes.FetchHandler(cache, fetcher), func(_ []byte) {}), children, } if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil { diff --git a/vendor/github.com/moby/buildkit/util/progress/logs/logs.go b/vendor/github.com/moby/buildkit/util/progress/logs/logs.go index da82c6923eba0..43408b8a8c80f 100644 --- a/vendor/github.com/moby/buildkit/util/progress/logs/logs.go +++ b/vendor/github.com/moby/buildkit/util/progress/logs/logs.go @@ -132,6 +132,7 @@ func (sw *streamWriter) Close() error { func LoggerFromContext(ctx context.Context) func([]byte) { return func(dt []byte) { pw, _, _ := progress.FromContext(ctx) + defer pw.Close() pw.Write(identity.NewID(), client.VertexLog{ Stream: stderr, Data: []byte(dt), diff --git a/vendor/github.com/moby/buildkit/util/resolver/retryhandler/retry.go b/vendor/github.com/moby/buildkit/util/resolver/retryhandler/retry.go index bddcfb8488cd4..3d2b797778ac2 100644 --- a/vendor/github.com/moby/buildkit/util/resolver/retryhandler/retry.go +++ b/vendor/github.com/moby/buildkit/util/resolver/retryhandler/retry.go @@ -9,6 +9,7 @@ import ( "time" "github.com/containerd/containerd/images" + remoteserrors "github.com/containerd/containerd/remotes/errors" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" ) @@ -47,6 +48,14 @@ func New(f images.HandlerFunc, logger func([]byte)) images.HandlerFunc { } func retryError(err error) bool { + // Retry on 5xx errors + var errUnexpectedStatus remoteserrors.ErrUnexpectedStatus + if errors.As(err, &errUnexpectedStatus) && + errUnexpectedStatus.StatusCode >= 500 && + errUnexpectedStatus.StatusCode <= 599 { + return true + } + if errors.Is(err, io.EOF) || errors.Is(err, syscall.ECONNRESET) || errors.Is(err, syscall.EPIPE) { return true } From 6474dada20cf065e3e1a96f87ab39012a140ed9f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 31 May 2021 16:06:58 +0200 Subject: [PATCH 108/252] vendor: github.com/moby/buildkit v0.8.3-3-g244e8cde full diff: https://github.com/moby/buildkit/compare/v0.8.3...v0.8.3-3-g244e8cde - Transform relative mountpoints for exec mounts in the executor - Add test for handling relative mountpoints Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 61b04b3a02f509dc8580ec3d7824df57336ff3e3) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../moby/buildkit/frontend/gateway/container.go | 11 ++++++++--- .../moby/buildkit/solver/llbsolver/ops/exec.go | 2 +- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/vendor.conf b/vendor.conf index 3fae56371fa75..b8cb3ae97e214 100644 --- a/vendor.conf +++ b/vendor.conf @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 81c2cbd8a418918d62b71e347a00034189eea455 # v0.8.3 +github.com/moby/buildkit 244e8cde639f71a05a1a2e0670bd88e0206ce55c # v0.8.3-3-g244e8cde github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 diff --git a/vendor/github.com/moby/buildkit/frontend/gateway/container.go b/vendor/github.com/moby/buildkit/frontend/gateway/container.go index e124566da94a1..f234401f2061f 100644 --- a/vendor/github.com/moby/buildkit/frontend/gateway/container.go +++ b/vendor/github.com/moby/buildkit/frontend/gateway/container.go @@ -3,6 +3,7 @@ package gateway import ( "context" "fmt" + "path/filepath" "runtime" "sort" "strings" @@ -75,7 +76,7 @@ func NewContainer(ctx context.Context, w worker.Worker, sm *session.Manager, g s name := fmt.Sprintf("container %s", req.ContainerID) mm := mounts.NewMountManager(name, w.CacheManager(), sm, w.MetadataStore()) - p, err := PrepareMounts(ctx, mm, w.CacheManager(), g, mnts, refs, func(m *opspb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) { + p, err := PrepareMounts(ctx, mm, w.CacheManager(), g, "", mnts, refs, func(m *opspb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) { cm := w.CacheManager() if m.Input != opspb.Empty { cm = refs[m.Input].Worker.CacheManager() @@ -132,7 +133,7 @@ type MountMutableRef struct { type MakeMutable func(m *opspb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) -func PrepareMounts(ctx context.Context, mm *mounts.MountManager, cm cache.Manager, g session.Group, mnts []*opspb.Mount, refs []*worker.WorkerRef, makeMutable MakeMutable) (p PreparedMounts, err error) { +func PrepareMounts(ctx context.Context, mm *mounts.MountManager, cm cache.Manager, g session.Group, cwd string, mnts []*opspb.Mount, refs []*worker.WorkerRef, makeMutable MakeMutable) (p PreparedMounts, err error) { // loop over all mounts, fill in mounts, root and outputs for i, m := range mnts { var ( @@ -254,7 +255,11 @@ func PrepareMounts(ctx context.Context, mm *mounts.MountManager, cm cache.Manage p.Root = mountWithSession(root, g) } else { mws := mountWithSession(mountable, g) - mws.Dest = m.Dest + dest := m.Dest + if !filepath.IsAbs(filepath.Clean(dest)) { + dest = filepath.Join("/", cwd, dest) + } + mws.Dest = dest mws.Readonly = m.Readonly mws.Selector = m.Selector p.Mounts = append(p.Mounts, mws) diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go index 37d64ed0ef938..bbf3d171c51c9 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go @@ -240,7 +240,7 @@ func (e *execOp) Exec(ctx context.Context, g session.Group, inputs []solver.Resu } } - p, err := gateway.PrepareMounts(ctx, e.mm, e.cm, g, e.op.Mounts, refs, func(m *pb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) { + p, err := gateway.PrepareMounts(ctx, e.mm, e.cm, g, e.op.Meta.Cwd, e.op.Mounts, refs, func(m *pb.Mount, ref cache.ImmutableRef) (cache.MutableRef, error) { desc := fmt.Sprintf("mount %s from exec %s", m.Dest, strings.Join(e.op.Meta.Args, " ")) return e.cm.New(ctx, ref, g, cache.WithDescription(desc)) }) From a57fc0eb152be959a4198473b83fafe9298b08c6 Mon Sep 17 00:00:00 2001 From: Jakub Guzik Date: Thu, 3 Jun 2021 22:54:10 +0200 Subject: [PATCH 109/252] Fix setting swaplimit=true without checking Signed-off-by: Jakub Guzik (cherry picked from commit 7ef6ece774facb3319c906114f15da1f22e0272c) Signed-off-by: Akihiro Suda --- pkg/sysinfo/cgroup2_linux.go | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/pkg/sysinfo/cgroup2_linux.go b/pkg/sysinfo/cgroup2_linux.go index 1f9fbf4438053..432356b4986c2 100644 --- a/pkg/sysinfo/cgroup2_linux.go +++ b/pkg/sysinfo/cgroup2_linux.go @@ -2,11 +2,13 @@ package sysinfo // import "github.com/docker/docker/pkg/sysinfo" import ( "io/ioutil" + "os" "path" "strings" cgroupsV2 "github.com/containerd/cgroups/v2" "github.com/containerd/containerd/sys" + "github.com/opencontainers/runc/libcontainer/cgroups" "github.com/sirupsen/logrus" ) @@ -66,6 +68,24 @@ func newV2(quiet bool, opts *opts) *SysInfo { return sysInfo } +func getSwapLimitV2() bool { + groups, err := cgroups.ParseCgroupFile("/proc/self/cgroup") + if err != nil { + return false + } + + g := groups[""] + if g == "" { + return false + } + + cGroupPath := path.Join("/sys/fs/cgroup", g, "memory.swap.max") + if _, err = os.Stat(cGroupPath); os.IsNotExist(err) { + return false + } + return true +} + func applyMemoryCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { var warnings []string if _, ok := controllers["memory"]; !ok { @@ -74,7 +94,7 @@ func applyMemoryCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ s } info.MemoryLimit = true - info.SwapLimit = true + info.SwapLimit = getSwapLimitV2() info.MemoryReservation = true info.OomKillDisable = false info.MemorySwappiness = false From 523f8b397c8a47b8bd1a7c2dd86cbeaa57a70d48 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 12 May 2021 12:38:41 +0200 Subject: [PATCH 110/252] Jenkinsfile: skip ppc64le and s390x by default on pull requests This changes CI to skip these platforms by default. The ppc64le and s390x machines are "pet machines", configuration may be outdated, and these machines are known to be flaky. Building and verifying packages for these platforms is being handed over to the IBM team. We can still run these platforms for specific pull requests by selecting the checkboxes. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 82c7e906eaca929d08b885170933be45c0e06d5e) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 68e73a364a9fd..d22e0fb9f9de6 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -14,8 +14,8 @@ pipeline { booleanParam(name: 'rootless', defaultValue: true, description: 'amd64 (x86_64) Build/Test (Rootless mode)') booleanParam(name: 'cgroup2', defaultValue: true, description: 'amd64 (x86_64) Build/Test (cgroup v2)') booleanParam(name: 'arm64', defaultValue: true, description: 'ARM (arm64) Build/Test') - booleanParam(name: 's390x', defaultValue: true, description: 'IBM Z (s390x) Build/Test') - booleanParam(name: 'ppc64le', defaultValue: true, description: 'PowerPC (ppc64le) Build/Test') + booleanParam(name: 's390x', defaultValue: false, description: 'IBM Z (s390x) Build/Test') + booleanParam(name: 'ppc64le', defaultValue: false, description: 'PowerPC (ppc64le) Build/Test') booleanParam(name: 'windowsRS1', defaultValue: false, description: 'Windows 2016 (RS1) Build/Test') booleanParam(name: 'windowsRS5', defaultValue: true, description: 'Windows 2019 (RS5) Build/Test') booleanParam(name: 'dco', defaultValue: true, description: 'Run the DCO check') @@ -547,7 +547,11 @@ pipeline { stage('s390x') { when { beforeAgent true - expression { params.s390x } + // Skip this stage on PRs unless the checkbox is selected + anyOf { + not { changeRequest() } + expression { params.s390x } + } } agent { label 's390x-ubuntu-1804' } @@ -735,7 +739,11 @@ pipeline { stage('ppc64le') { when { beforeAgent true - expression { params.ppc64le } + // Skip this stage on PRs unless the checkbox is selected + anyOf { + not { changeRequest() } + expression { params.ppc64le } + } } agent { label 'ppc64le-ubuntu-1604' } // ppc64le machines run on Docker 18.06, and buildkit has some From 89edb68e8917c61bd41bc9dcc516960ffa4a6556 Mon Sep 17 00:00:00 2001 From: Drew Erny Date: Mon, 10 May 2021 14:11:13 -0600 Subject: [PATCH 111/252] Fix possible overlapping IPs A node is no longer using its load balancer IP address when it no longer has tasks that use the network that requires that load balancer. When this occurs, the swarmkit manager will free that IP in IPAM, and may reaassign it. When a task shuts down cleanly, it attempts removal of the networks it uses, and if it is the last task using those networks, this removal succeeds, and the load balancer IP is freed. However, this behavior is absent if the container fails. Removal of the networks is never attempted. To address this issue, I amend the executor. Whenever a node load balancer IP is removed or changed, that information is passedd to the executor by way of the Configure method. By keeping track of the set of node NetworkAttachments from the previous call to Configure, we can determine which, if any, have been removed or changed. At first, this seems to create a race, by which a task can be attempting to start and the network is removed right out from under it. However, this is already addressed in the controller. The controller will attempt to recreate missing networks before starting a task. Signed-off-by: Drew Erny (cherry picked from commit 0d9b0ed678e2b106e769e974f13aaf100e46351c) Signed-off-by: Ameya Gawde --- daemon/cluster/executor/container/executor.go | 81 +++++++++++++++++++ 1 file changed, 81 insertions(+) diff --git a/daemon/cluster/executor/container/executor.go b/daemon/cluster/executor/container/executor.go index 9ba685b1d9221..e915acef0e103 100644 --- a/daemon/cluster/executor/container/executor.go +++ b/daemon/cluster/executor/container/executor.go @@ -15,12 +15,15 @@ import ( "github.com/docker/docker/daemon/cluster/convert" executorpkg "github.com/docker/docker/daemon/cluster/executor" clustertypes "github.com/docker/docker/daemon/cluster/provider" + "github.com/docker/libnetwork" networktypes "github.com/docker/libnetwork/types" "github.com/docker/swarmkit/agent" "github.com/docker/swarmkit/agent/exec" "github.com/docker/swarmkit/api" "github.com/docker/swarmkit/api/naming" + "github.com/docker/swarmkit/log" "github.com/docker/swarmkit/template" + "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -32,6 +35,14 @@ type executor struct { dependencies exec.DependencyManager mutex sync.Mutex // This mutex protects the following node field node *api.NodeDescription + + // nodeObj holds a copy of the swarmkit Node object from the time of the + // last call to executor.Configure. This allows us to discover which + // network attachments the node previously had, which further allows us to + // determine which, if any, need to be removed. nodeObj is not protected by + // a mutex, because it is only written to in the method (Configure) that it + // is read from. If that changes, it may need to be guarded. + nodeObj *api.Node } // NewExecutor returns an executor from the docker client. @@ -157,6 +168,40 @@ func (e *executor) Configure(ctx context.Context, node *api.Node) error { attachments[na.Network.ID] = na.Addresses[0] } + // discover which, if any, attachments have been removed. + // + // we aren't responsible directly for creating these networks. that is + // handled indirectly when a container using that network is created. + // however, when it comes time to remove the network, none of the relevant + // tasks may exist anymore. this means we should go ahead and try to remove + // any network we know to no longer be in use. + + // removeAttachments maps the network ID to a boolean. This boolean + // indicates whether the attachment in question is totally removed (true), + // or has just had its IP changed (false) + removeAttachments := make(map[string]bool) + + // the first time we Configure, nodeObj wil be nil, because it will not be + // set yet. in that case, skip this check. + if e.nodeObj != nil { + for _, na := range e.nodeObj.Attachments { + // same thing as above, check sanity of the attachments so we don't + // get a panic. + if na == nil || na.Network == nil || len(na.Addresses) == 0 { + logrus.WithField("NetworkAttachment", fmt.Sprintf("%#v", na)). + Warnf("skipping nil or malformed node network attachment entry") + continue + } + + // now, check if the attachment exists and shares the same IP address. + if ip, ok := attachments[na.Network.ID]; !ok || na.Addresses[0] != ip { + // if the map entry exists, then the network still exists, and the + // IP must be what has changed + removeAttachments[na.Network.ID] = !ok + } + } + } + if (ingressNA == nil) && (node.Attachment != nil) && (len(node.Attachment.Addresses) > 0) { ingressNA = node.Attachment attachments[ingressNA.Network.ID] = ingressNA.Addresses[0] @@ -197,6 +242,42 @@ func (e *executor) Configure(ctx context.Context, node *api.Node) error { return err } + var ( + activeEndpointsError *libnetwork.ActiveEndpointsError + errNoSuchNetwork libnetwork.ErrNoSuchNetwork + ) + + // now, finally, remove any network LB attachments that we no longer have. + for nw, gone := range removeAttachments { + err := e.backend.DeleteManagedNetwork(nw) + switch { + case err == nil: + continue + case errors.As(err, &activeEndpointsError): + // this is the purpose of the boolean in the map. it's literally + // just to log an appropriate, informative error. i'm unsure if + // this can ever actually occur, but we need to know if it does. + if gone { + log.G(ctx).Warnf("network %s should be removed, but still has active attachments", nw) + } else { + log.G(ctx).Warnf( + "network %s should have its node LB IP changed, but cannot be removed because of active attachments", + nw, + ) + } + continue + case errors.As(err, &errNoSuchNetwork): + // NoSuchNetworkError indicates the network is already gone. + continue + default: + log.G(ctx).Errorf("network %s remove failed: %v", nw, err) + } + } + + // now update our copy of the node object, reset the attachment store, and + // return + e.nodeObj = node + return e.backend.GetAttachmentStore().ResetAttachments(attachments) } From 4d42e18c05dd5f7dc0bc8ba8683a346586dc9216 Mon Sep 17 00:00:00 2001 From: Ameya Gawde Date: Wed, 23 Jun 2021 14:59:26 -0700 Subject: [PATCH 112/252] vendor: swarmkit to fix deadlock in log broker Signed-off-by: Ameya Gawde --- vendor.conf | 2 +- .../swarmkit/manager/logbroker/subscription.go | 13 ++++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/vendor.conf b/vendor.conf index b8cb3ae97e214..8a05111afa685 100644 --- a/vendor.conf +++ b/vendor.conf @@ -142,7 +142,7 @@ github.com/gogo/googleapis 01e0f9cca9b92166042241267ee2 github.com/cilium/ebpf 1c8d4c9ef7759622653a1d319284a44652333b28 # cluster -github.com/docker/swarmkit 17d8d4e4d8bdec33d386e6362d3537fa9493ba00 +github.com/docker/swarmkit c9afb5fd44bb419bae719f400f31671712bcb99e # bump_20.10 github.com/gogo/protobuf 5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1 github.com/golang/protobuf 84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5 github.com/cloudflare/cfssl 5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2 diff --git a/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go b/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go index 883ddce655f6f..45295bb40aded 100644 --- a/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go +++ b/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go @@ -204,20 +204,31 @@ func (s *subscription) watch(ch <-chan events.Event) error { } add := func(t *api.Task) { + // this mutex does not have a deferred unlock, because there is work + // we need to do after we release it. s.mu.Lock() - defer s.mu.Unlock() // Un-allocated task. if t.NodeID == "" { s.pendingTasks[t.ID] = struct{}{} + s.mu.Unlock() return } delete(s.pendingTasks, t.ID) if _, ok := s.nodes[t.NodeID]; !ok { s.nodes[t.NodeID] = struct{}{} + + s.mu.Unlock() + + // if we try to call Publish before we release the lock, we can end + // up in a situation where the receiver is trying to acquire a read + // lock on it. it's hard to explain. s.changed.Publish(s) + return } + + s.mu.Unlock() } for { From 872cb16edb4e82d4ef6f188e8df0d1ea1125ce71 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sat, 12 Jun 2021 04:45:10 +0900 Subject: [PATCH 113/252] update runc binary to v1.0.0 GA Signed-off-by: Akihiro Suda (cherry picked from commit 64badfc018e394ded0f11312368de098f76d3ef6) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index a9b27cf6d5bbf..8bcda7018fac3 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7} # v1.0.0-rc95 +: ${RUNC_COMMIT:=84113eef6fc27af1b01b3181f31bbaf708715301} # v1.0.0 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting From 618f6a79ab22ce581cb7a2f96b5a1e5aae196173 Mon Sep 17 00:00:00 2001 From: Stefan Scherer Date: Tue, 29 Jun 2021 16:27:56 +0200 Subject: [PATCH 114/252] Run s390x tests on Ubuntu 20.04 Signed-off-by: Stefan Scherer (cherry picked from commit 7a6cac2b23dfa1ac60bb7d8fddd53a9a33917a23) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index d22e0fb9f9de6..87e7a40c4d559 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -553,7 +553,7 @@ pipeline { expression { params.s390x } } } - agent { label 's390x-ubuntu-1804' } + agent { label 's390x-ubuntu-2004' } stages { stage("Print info") { @@ -659,7 +659,7 @@ pipeline { not { changeRequest() } expression { params.s390x } } - agent { label 's390x-ubuntu-1804' } + agent { label 's390x-ubuntu-2004' } stages { stage("Print info") { From 78bb0f445ae9659aa1708adae857846873622f15 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 2 Jul 2021 15:00:47 +0200 Subject: [PATCH 115/252] Dockerfile: update go-swagger to fix validation on Go1.16 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 42d2048b9d7ce09bb47e1179ffc9399406368596) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3fa4058288df0..2855a64280799 100644 --- a/Dockerfile +++ b/Dockerfile @@ -72,7 +72,7 @@ WORKDIR $GOPATH/src/github.com/go-swagger/go-swagger # Install go-swagger for validating swagger.yaml # This is https://github.com/kolyshkin/go-swagger/tree/golang-1.13-fix # TODO: move to under moby/ or fix upstream go-swagger to work for us. -ENV GO_SWAGGER_COMMIT 5e6cb12f7c82ce78e45ba71fa6cb1928094db050 +ENV GO_SWAGGER_COMMIT c56166c036004ba7a3a321e5951ba472b9ae298c RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=tmpfs,target=/go/src/ \ From 44f95c71265da48da2cb2c522706f4a7add6642a Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 25 Mar 2021 17:23:37 +0900 Subject: [PATCH 116/252] dockerd-rootless.sh: avoid /run/xtables.lock EACCES on SELinux hosts Previously, running dockerd-rootless.sh on SELinux-enabled hosts was failing with "can't open lock file /run/xtables.lock: Permission denied" error. (issue 41230). This commit avoids hitting the error by relabeling /run in the RootlessKit child. The actual /run on the parent is unaffected. https://github.com/containers/podman/blob/e6fc34b71aa9d876b1218efe90e14f8b912b0603/libpod/networking_linux.go#L396-L401 Tested on Fedora 34 Signed-off-by: Akihiro Suda (cherry picked from commit cdaf82ba3fe97eda242488ec70f400b9b345e16a) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index d12d89074446c..9c6c0f8c52bb4 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -84,6 +84,12 @@ if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then echo "This script must be executed as a non-privileged user" exit 1 fi + # `selinuxenabled` always returns false in RootlessKit child, so we execute `selinuxenabled` in the parent. + # https://github.com/rootless-containers/rootlesskit/issues/94 + if command -v selinuxenabled > /dev/null 2>&1 && selinuxenabled; then + _DOCKERD_ROOTLESS_SELINUX=1 + export _DOCKERD_ROOTLESS_SELINUX + fi # Re-exec the script via RootlessKit, so as to create unprivileged {user,mount,network} namespaces. # # --copy-up allows removing/creating files in the directories by creating tmpfs and symlinks @@ -105,5 +111,12 @@ else # remove the symlinks for the existing files in the parent namespace if any, # so that we can create our own files in our mount namespace. rm -f /run/docker /run/containerd /run/xtables.lock + + if [ -n "$_DOCKERD_ROOTLESS_SELINUX" ]; then + # iptables requires /run in the child to be relabeled. The actual /run in the parent is unaffected. + # https://github.com/containers/podman/blob/e6fc34b71aa9d876b1218efe90e14f8b912b0603/libpod/networking_linux.go#L396-L401 + # https://github.com/moby/moby/issues/41230 + chcon system_u:object_r:iptables_var_run_t:s0 /run + fi exec dockerd $@ fi From 869b50e10b682ab847e25f3ef0c1ae2ed2a98ad7 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 28 Apr 2021 15:37:36 +0900 Subject: [PATCH 117/252] rootless: disable overlay2 if running with SELinux Kernel 5.11 introduced support for rootless overlayfs, but incompatible with SELinux. On the other hand, fuse-overlayfs is compatible. Close issue 42333 Signed-off-by: Akihiro Suda (cherry picked from commit 4300a52606ac02692ffff41c97571c0e73b79746) Signed-off-by: Akihiro Suda --- daemon/graphdriver/overlayutils/overlayutils.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/daemon/graphdriver/overlayutils/overlayutils.go b/daemon/graphdriver/overlayutils/overlayutils.go index e0553a09f774e..09d3b17fb38cc 100644 --- a/daemon/graphdriver/overlayutils/overlayutils.go +++ b/daemon/graphdriver/overlayutils/overlayutils.go @@ -37,6 +37,16 @@ func ErrDTypeNotSupported(driver, backingFs string) error { // checkMultipleLowers parameter enables check for multiple lowerdirs, // which is required for the overlay2 driver. func SupportsOverlay(d string, checkMultipleLowers bool) error { + // We can't rely on go-selinux.GetEnabled() to detect whether SELinux is enabled, + // because RootlessKit doesn't mount /sys/fs/selinux in the child: https://github.com/rootless-containers/rootlesskit/issues/94 + // So we check $_DOCKERD_ROOTLESS_SELINUX, which is set by dockerd-rootless.sh . + if os.Getenv("_DOCKERD_ROOTLESS_SELINUX") == "1" { + // Kernel 5.11 introduced support for rootless overlayfs, but incompatible with SELinux, + // so fallback to fuse-overlayfs. + // https://github.com/moby/moby/issues/42333 + return errors.New("overlay is not supported for Rootless with SELinux") + } + td, err := ioutil.TempDir(d, "check-overlayfs-support") if err != nil { return err From b9cf7b7db5d35fee40142ed8aa667c6cef9dc050 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 3 Jun 2021 16:08:27 +0900 Subject: [PATCH 118/252] rootless: fix "x509: certificate signed by unknown authority" on openSUSE Tumbleweed openSUSE Tumbleweed was facing "x509: certificate signed by unknown authority" error, as `/etc/ssl/ca-bundle.pem` is provided as a symlink to `../../var/lib/ca-certificates/ca-bundle.pem`, which was not supported by `rootlesskit --copy-up=/etc` . See rootless-containers/rootlesskit issues 225 Signed-off-by: Akihiro Suda (cherry picked from commit 8610d8ce4cd28fe17c0867fbcb0714135ba9bbb8) Signed-off-by: Akihiro Suda --- contrib/dockerd-rootless.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index 9c6c0f8c52bb4..b9eda0a023f77 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -118,5 +118,15 @@ else # https://github.com/moby/moby/issues/41230 chcon system_u:object_r:iptables_var_run_t:s0 /run fi + + if [ "$(stat -c %T -f /etc)" = "tmpfs" ] && [ -L "/etc/ssl" ]; then + # Workaround for "x509: certificate signed by unknown authority" on openSUSE Tumbleweed. + # https://github.com/rootless-containers/rootlesskit/issues/225 + realpath_etc_ssl=$(realpath /etc/ssl) + rm -f /etc/ssl + mkdir /etc/ssl + mount --rbind ${realpath_etc_ssl} /etc/ssl + fi + exec dockerd $@ fi From 025e3a7898f8f2189e5b0840cd8150799a40d8f5 Mon Sep 17 00:00:00 2001 From: Matt Morrison <3maven@gmail.com> Date: Thu, 18 Feb 2021 17:09:18 -0600 Subject: [PATCH 119/252] Update v1.41.yaml fix containers/create 404 response description Signed-off-by: Matt Morrison <3241034+Emdot@users.noreply.github.com> (cherry picked from commit ff1d9a3ec52e559443c7d36561c903755e57fa7d) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 1294e5a22cfdf..bada4a8e3c876 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -5583,12 +5583,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: From 50c392c9fff344330a3b8e709ba65f7e98038529 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 3 Jul 2021 21:30:47 +0200 Subject: [PATCH 120/252] API: fix 404 status description on container create This updates the current swagger file, and all docs versions with the same fix as ff1d9a3ec52e559443c7d36561c903755e57fa7d Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 68b095d4df86260f20b16678e4aa28ef5a7aca39) Signed-off-by: Sebastiaan van Stijn --- api/swagger.yaml | 4 ++-- docs/api/v1.18.md | 2 +- docs/api/v1.19.md | 2 +- docs/api/v1.20.md | 2 +- docs/api/v1.21.md | 2 +- docs/api/v1.22.md | 2 +- docs/api/v1.23.md | 2 +- docs/api/v1.24.md | 2 +- docs/api/v1.25.yaml | 4 ++-- docs/api/v1.26.yaml | 4 ++-- docs/api/v1.27.yaml | 4 ++-- docs/api/v1.28.yaml | 4 ++-- docs/api/v1.29.yaml | 4 ++-- docs/api/v1.30.yaml | 4 ++-- docs/api/v1.31.yaml | 4 ++-- docs/api/v1.32.yaml | 4 ++-- docs/api/v1.33.yaml | 4 ++-- docs/api/v1.34.yaml | 4 ++-- docs/api/v1.35.yaml | 4 ++-- docs/api/v1.36.yaml | 4 ++-- docs/api/v1.37.yaml | 4 ++-- docs/api/v1.38.yaml | 4 ++-- docs/api/v1.39.yaml | 4 ++-- docs/api/v1.40.yaml | 4 ++-- 24 files changed, 41 insertions(+), 41 deletions(-) diff --git a/api/swagger.yaml b/api/swagger.yaml index 1294e5a22cfdf..bada4a8e3c876 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -5583,12 +5583,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.18.md b/docs/api/v1.18.md index f5f97b9dae413..dc5970125f808 100644 --- a/docs/api/v1.18.md +++ b/docs/api/v1.18.md @@ -317,7 +317,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.19.md b/docs/api/v1.19.md index b19e9cae7a206..85207d52f4af6 100644 --- a/docs/api/v1.19.md +++ b/docs/api/v1.19.md @@ -327,7 +327,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.20.md b/docs/api/v1.20.md index 0bcdaeec81653..27d99995e6899 100644 --- a/docs/api/v1.20.md +++ b/docs/api/v1.20.md @@ -331,7 +331,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.21.md b/docs/api/v1.21.md index 9c2df7e975bf7..3866da3bf6f66 100644 --- a/docs/api/v1.21.md +++ b/docs/api/v1.21.md @@ -352,7 +352,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.22.md b/docs/api/v1.22.md index adf0584f6d6ee..b0f0bc88bba2f 100644 --- a/docs/api/v1.22.md +++ b/docs/api/v1.22.md @@ -467,7 +467,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.23.md b/docs/api/v1.23.md index 835ea8582a83f..f0859fcf814d6 100644 --- a/docs/api/v1.23.md +++ b/docs/api/v1.23.md @@ -493,7 +493,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.24.md b/docs/api/v1.24.md index 18cf3ebe85452..5ee0600c04ea7 100644 --- a/docs/api/v1.24.md +++ b/docs/api/v1.24.md @@ -535,7 +535,7 @@ Create a container - **201** – no error - **400** – bad parameter -- **404** – no such container +- **404** – no such image - **406** – impossible to attach (container not running) - **409** – conflict - **500** – server error diff --git a/docs/api/v1.25.yaml b/docs/api/v1.25.yaml index 95d17656c3be5..cbcf726ab87e8 100644 --- a/docs/api/v1.25.yaml +++ b/docs/api/v1.25.yaml @@ -2786,12 +2786,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.26.yaml b/docs/api/v1.26.yaml index 43d48a71c2947..22d4cc4e06530 100644 --- a/docs/api/v1.26.yaml +++ b/docs/api/v1.26.yaml @@ -2791,12 +2791,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.27.yaml b/docs/api/v1.27.yaml index db8e3fd800f58..542251110caf1 100644 --- a/docs/api/v1.27.yaml +++ b/docs/api/v1.27.yaml @@ -2851,12 +2851,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.28.yaml b/docs/api/v1.28.yaml index 3292bd4fac418..ed96d079c914b 100644 --- a/docs/api/v1.28.yaml +++ b/docs/api/v1.28.yaml @@ -2941,12 +2941,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.29.yaml b/docs/api/v1.29.yaml index aa1d34a5726b0..77f6cbea12576 100644 --- a/docs/api/v1.29.yaml +++ b/docs/api/v1.29.yaml @@ -2975,12 +2975,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.30.yaml b/docs/api/v1.30.yaml index ebb7c49d99598..007564d3529a9 100644 --- a/docs/api/v1.30.yaml +++ b/docs/api/v1.30.yaml @@ -3181,12 +3181,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.31.yaml b/docs/api/v1.31.yaml index 753bc350dab4c..77518554fca6c 100644 --- a/docs/api/v1.31.yaml +++ b/docs/api/v1.31.yaml @@ -3251,12 +3251,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 406: description: "impossible to attach" schema: diff --git a/docs/api/v1.32.yaml b/docs/api/v1.32.yaml index 7937daca7297f..8771635713908 100644 --- a/docs/api/v1.32.yaml +++ b/docs/api/v1.32.yaml @@ -4494,12 +4494,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.33.yaml b/docs/api/v1.33.yaml index cd221de8559c2..28ac5736e3071 100644 --- a/docs/api/v1.33.yaml +++ b/docs/api/v1.33.yaml @@ -4499,12 +4499,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.34.yaml b/docs/api/v1.34.yaml index e1322a36edcd9..725b1c208090a 100644 --- a/docs/api/v1.34.yaml +++ b/docs/api/v1.34.yaml @@ -4528,12 +4528,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.35.yaml b/docs/api/v1.35.yaml index 37c0ebe21fe0f..64c586cc89801 100644 --- a/docs/api/v1.35.yaml +++ b/docs/api/v1.35.yaml @@ -4510,12 +4510,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.36.yaml b/docs/api/v1.36.yaml index bbdff27ff0209..788666a9c0b0e 100644 --- a/docs/api/v1.36.yaml +++ b/docs/api/v1.36.yaml @@ -4525,12 +4525,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.37.yaml b/docs/api/v1.37.yaml index d041fa05e8039..2df565ff0b9ac 100644 --- a/docs/api/v1.37.yaml +++ b/docs/api/v1.37.yaml @@ -4545,12 +4545,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.38.yaml b/docs/api/v1.38.yaml index 1810603b712b4..27c65ba653e4d 100644 --- a/docs/api/v1.38.yaml +++ b/docs/api/v1.38.yaml @@ -4599,12 +4599,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.39.yaml b/docs/api/v1.39.yaml index 8ef223401cada..7aafe94108915 100644 --- a/docs/api/v1.39.yaml +++ b/docs/api/v1.39.yaml @@ -5294,12 +5294,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index 7ed70cc182295..d9b424c6ebe26 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -5425,12 +5425,12 @@ paths: schema: $ref: "#/definitions/ErrorResponse" 404: - description: "no such container" + description: "no such image" schema: $ref: "#/definitions/ErrorResponse" examples: application/json: - message: "No such container: c2ada9df5af8" + message: "No such image: c2ada9df5af8" 409: description: "conflict" schema: From 72b66d56a55927687734fae392f6e451cc7db8a2 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 9 Jul 2021 20:06:40 +0200 Subject: [PATCH 121/252] [20.10] vendor github.com/Microsoft/hcsshim 64a2b71405dacf76c95600f4c756a991ad09cf7c (moby branch) Brings in microsoft/hcsshim#1065, which fixes #42610. full diff: https://github.com/Microsoft/hcsshim/compare/89a9a3b524264d34985f1d48793ab2b2d2e430f6...64a2b71405dacf76c95600f4c756a991ad09cf7c Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- vendor/github.com/Microsoft/hcsshim/errors.go | 6 +++--- .../Microsoft/hcsshim/internal/hcs/errors.go | 12 +++++------- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/vendor.conf b/vendor.conf index 8a05111afa685..394bc8807c9a8 100644 --- a/vendor.conf +++ b/vendor.conf @@ -1,5 +1,5 @@ github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109 -github.com/Microsoft/hcsshim 89a9a3b524264d34985f1d48793ab2b2d2e430f6 # moby branch +github.com/Microsoft/hcsshim 64a2b71405dacf76c95600f4c756a991ad09cf7c # moby branch github.com/Microsoft/go-winio 5b44b70ab3ab4d291a7c1d28afe7b4afeced0ed4 # v0.4.15 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a github.com/golang/gddo 72a348e765d293ed6d1ded7b699591f14d6cd921 diff --git a/vendor/github.com/Microsoft/hcsshim/errors.go b/vendor/github.com/Microsoft/hcsshim/errors.go index 9c88c70c9a046..8ea5e02338586 100644 --- a/vendor/github.com/Microsoft/hcsshim/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/errors.go @@ -59,7 +59,7 @@ var ( // ErrVmcomputeOperationInvalidState is an error encountered when the compute system is not in a valid state for the requested operation ErrVmcomputeOperationInvalidState = hcs.ErrVmcomputeOperationInvalidState - // ErrProcNotFound is an error encountered when the the process cannot be found + // ErrProcNotFound is an error encountered when a procedure look up fails. ErrProcNotFound = hcs.ErrProcNotFound // ErrVmcomputeOperationAccessIsDenied is an error which can be encountered when enumerating compute systems in RS1/RS2 @@ -177,7 +177,7 @@ func makeProcessError(process *process, operation string, extraInfo string, err // IsNotExist checks if an error is caused by the Container or Process not existing. // Note: Currently, ErrElementNotFound can mean that a Process has either // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist -// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +// will currently return true when the error is ErrElementNotFound. func IsNotExist(err error) bool { if _, ok := err.(EndpointNotFoundError); ok { return true @@ -210,7 +210,7 @@ func IsTimeout(err error) bool { // a Container or Process being already stopped. // Note: Currently, ErrElementNotFound can mean that a Process has either // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist -// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +// will currently return true when the error is ErrElementNotFound. func IsAlreadyStopped(err error) bool { return hcs.IsAlreadyStopped(getInnerError(err)) } diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go index d083880b1104a..0d47c874bf294 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go @@ -60,7 +60,7 @@ var ( // ErrVmcomputeOperationInvalidState is an error encountered when the compute system is not in a valid state for the requested operation ErrVmcomputeOperationInvalidState = syscall.Errno(0xc0370105) - // ErrProcNotFound is an error encountered when the the process cannot be found + // ErrProcNotFound is an error encountered when a procedure look up fails. ErrProcNotFound = syscall.Errno(0x7f) // ErrVmcomputeOperationAccessIsDenied is an error which can be encountered when enumerating compute systems in RS1/RS2 @@ -242,12 +242,11 @@ func makeProcessError(process *Process, op string, err error, events []ErrorEven // IsNotExist checks if an error is caused by the Container or Process not existing. // Note: Currently, ErrElementNotFound can mean that a Process has either // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist -// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +// will currently return true when the error is ErrElementNotFound. func IsNotExist(err error) bool { err = getInnerError(err) return err == ErrComputeSystemDoesNotExist || - err == ErrElementNotFound || - err == ErrProcNotFound + err == ErrElementNotFound } // IsAlreadyClosed checks if an error is caused by the Container or Process having been @@ -278,12 +277,11 @@ func IsTimeout(err error) bool { // a Container or Process being already stopped. // Note: Currently, ErrElementNotFound can mean that a Process has either // already exited, or does not exist. Both IsAlreadyStopped and IsNotExist -// will currently return true when the error is ErrElementNotFound or ErrProcNotFound. +// will currently return true when the error is ErrElementNotFound. func IsAlreadyStopped(err error) bool { err = getInnerError(err) return err == ErrVmcomputeAlreadyStopped || - err == ErrElementNotFound || - err == ErrProcNotFound + err == ErrElementNotFound } // IsNotSupported returns a boolean indicating whether the error is caused by From 7429792eed401c630d72cf296a921ee86d525579 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Apr 2021 12:41:40 +0200 Subject: [PATCH 122/252] docker pull: warn when pulled single-arch image does not match --platform This takes the same approach as was implemented on `docker build`, where a warning is printed if `FROM --platform=...` is used (added in 399695305c67aae1010e6754f90f9078aa39e742) Before: docker rmi armhf/busybox docker pull --platform=linux/s390x armhf/busybox Using default tag: latest latest: Pulling from armhf/busybox d34a655120f5: Pull complete Digest: sha256:8e51389cdda2158935f2b231cd158790c33ae13288c3106909324b061d24d6d1 Status: Downloaded newer image for armhf/busybox:latest docker.io/armhf/busybox:latest With this change: docker rmi armhf/busybox docker pull --platform=linux/s390x armhf/busybox Using default tag: latest latest: Pulling from armhf/busybox d34a655120f5: Pull complete Digest: sha256:8e51389cdda2158935f2b231cd158790c33ae13288c3106909324b061d24d6d1 Status: Downloaded newer image for armhf/busybox:latest WARNING: image with reference armhf/busybox was found but does not match the specified platform: wanted linux/s390x, actual: linux/arm64 docker.io/armhf/busybox:latest And daemon logs print: WARN[2021-04-26T11:19:37.153572667Z] ignoring platform mismatch on single-arch image error="image with reference armhf/busybox was found but does not match the specified platform: wanted linux/s390x, actual: linux/arm64" image=armhf/busybox When pulling without specifying `--platform, no warning is currently printed (but we can add a warning in future); docker rmi armhf/busybox docker pull armhf/busybox Using default tag: latest latest: Pulling from armhf/busybox d34a655120f5: Pull complete Digest: sha256:8e51389cdda2158935f2b231cd158790c33ae13288c3106909324b061d24d6d1 Status: Downloaded newer image for armhf/busybox:latest docker.io/armhf/busybox:latest Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 424c0eb3c09d373aaa9c72d81bb1c557d2e0f2e1) Signed-off-by: Sebastiaan van Stijn --- daemon/images/image_pull.go | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/daemon/images/image_pull.go b/daemon/images/image_pull.go index ed9099b2ef7d0..d326caa9c6dbc 100644 --- a/daemon/images/image_pull.go +++ b/daemon/images/image_pull.go @@ -15,10 +15,12 @@ import ( progressutils "github.com/docker/docker/distribution/utils" "github.com/docker/docker/errdefs" "github.com/docker/docker/pkg/progress" + "github.com/docker/docker/pkg/streamformatter" "github.com/docker/docker/registry" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) // PullImage initiates a pull operation. image is the repository name to pull, and @@ -51,7 +53,29 @@ func (i *ImageService) PullImage(ctx context.Context, image, tag string, platfor err = i.pullImageWithReference(ctx, ref, platform, metaHeaders, authConfig, outStream) imageActions.WithValues("pull").UpdateSince(start) - return err + if err != nil { + return err + } + + if platform != nil { + // If --platform was specified, check that the image we pulled matches + // the expected platform. This check is for situations where the image + // is a single-arch image, in which case (for backward compatibility), + // we allow the image to have a non-matching architecture. The code + // below checks for this situation, and returns a warning to the client, + // as well ass logs it to the daemon logs. + img, err := i.GetImage(image, platform) + + // Note that this is a special case where GetImage returns both an image + // and an error: https://github.com/docker/docker/blob/v20.10.7/daemon/images/image.go#L175-L183 + if errdefs.IsNotFound(err) && img != nil { + po := streamformatter.NewJSONProgressOutput(outStream, false) + progress.Messagef(po, "", `WARNING: %s`, err.Error()) + logrus.WithError(err).WithField("image", image).Warn("ignoring platform mismatch on single-arch image") + } + } + + return nil } func (i *ImageService) pullImageWithReference(ctx context.Context, ref reference.Named, platform *specs.Platform, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error { From 793340a33a33088f9d5f76031a59062e7e290eba Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 13 Jul 2021 23:41:22 +0200 Subject: [PATCH 123/252] [20.10] update containerd binary to v1.4.7 full diff: https://github.com/containerd/containerd/compare/v1.4.6...v1.4.7 Welcome to the v1.4.7 release of containerd! The seventh patch release for containerd 1.4 updates runc to 1.0.0 and contains various other fixes. Notable Updates - Update runc binary to 1.0.0 - Fix invalid validation error checking - Fix error on image pull resume - Fix symlink resolution for disk mounts on Windows Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index d68e9bd948f3e..95c1822f693b7 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=d71fcd7d8303cbf684402823e425e9dd2e99285d}" # v1.4.6 +: "${CONTAINERD_COMMIT:=3194fb46e8311ae0eeae5a7a5843573adfebb16d}" # v1.4.7 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From feaca9816abd8949d0583fcb9964b6756f2b2e9e Mon Sep 17 00:00:00 2001 From: moby Date: Wed, 15 Jul 2020 13:45:41 +0200 Subject: [PATCH 124/252] hack/vendor: add check for vendored archive/tar Also allow re-vendoring using `./hack/vendor.sh archive/tar` Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 31b2c3bbd920d415283a478170c0efe9ef7bf8e7) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 1 + hack/validate/vendor | 3 ++- hack/vendor.sh | 15 ++++++++++++++- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2855a64280799..67e6ff1f77113 100644 --- a/Dockerfile +++ b/Dockerfile @@ -280,6 +280,7 @@ RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \ libnl-3-200 \ libprotobuf-c1 \ net-tools \ + patch \ pigz \ python3-pip \ python3-setuptools \ diff --git a/hack/validate/vendor b/hack/validate/vendor index 37edcd474398e..5da3b89715225 100755 --- a/hack/validate/vendor +++ b/hack/validate/vendor @@ -5,12 +5,13 @@ source "${SCRIPTDIR}/.validate" validate_vendor_diff(){ IFS=$'\n' + # shellcheck disable=SC2207 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'vendor.conf' 'vendor/' || true) ) unset IFS if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then # recreate vendor/ - vndr -whitelist=^archive/tar + ./hack/vendor.sh # check if any files have changed diffs="$(git status --porcelain -- vendor 2>/dev/null)" mfiles="$(echo "$diffs" | awk '/^ M / {print $2}')" diff --git a/hack/vendor.sh b/hack/vendor.sh index 62cbeb545e794..67b9f738c20c6 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -12,4 +12,17 @@ if ! hash vndr; then exit 1 fi -vndr -whitelist=^archive/tar "$@" +if [ $# -eq 0 ] || [ "$1" = "archive/tar" ]; then + echo "update vendored copy of archive/tar" + : "${GO_VERSION:=$(awk -F '[ =]' '$1 == "ARG" && $2 == "GO_VERSION" { print $3; exit }' ./Dockerfile)}" + rm -rf vendor/archive + mkdir -p ./vendor/archive/tar + echo "downloading: https://golang.org/dl/go${GO_VERSION}.src.tar.gz" + curl -fsSL "https://golang.org/dl/go${GO_VERSION}.src.tar.gz" \ + | tar --extract --gzip --directory=vendor/archive/tar --strip-components=4 go/src/archive/tar + patch --strip=4 --directory=vendor/archive/tar --input="$PWD/patches/0001-archive-tar-do-not-populate-user-group-names.patch" +fi + +if [ $# -eq 0 ] || [ "$1" != "archive/tar" ]; then + vndr -whitelist=^archive/tar "$@" +fi From 1d4a06e610aa247396240d748773d550a0691d98 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sun, 26 Jul 2020 17:28:19 +0200 Subject: [PATCH 125/252] hack: add script to regenerate certificates Certificates were originally added in c000cb64712349141596318dea2a8de2462c8f81, but did not include a script to generate them. Current versions of Go expect certificates to use SAN instead of Common Name fields, so updating the script to include those; x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0 Some fields were updated to be a bit more descriptive (instead of "replaceme"), and the `-text` option was used to include a human-readable variant of the content. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2fea30f14603613b40d8ce37c8ea7951f87abd1b) Signed-off-by: Sebastiaan van Stijn --- hack/generate-test-certs.sh | 87 +++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100755 hack/generate-test-certs.sh diff --git a/hack/generate-test-certs.sh b/hack/generate-test-certs.sh new file mode 100755 index 0000000000000..2a5347903940c --- /dev/null +++ b/hack/generate-test-certs.sh @@ -0,0 +1,87 @@ +#!/bin/bash +set -eu + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd -P)" + +# integration/testdata/https (and integration-cli/fixtures/https, which has symlinks to these files) +OUT_DIR="${SCRIPT_DIR}/../integration/testdata/https" + +# generate CA +echo 01 > "${OUT_DIR}/ca.srl" +openssl genrsa -out "${OUT_DIR}/ca-key.pem" + +openssl req \ + -new \ + -x509 \ + -days 3652 \ + -subj "/C=US/ST=CA/L=SanFrancisco/O=Moby-project/OU=ci/CN=moby-ci/name=moby/emailAddress=moby@example.org" \ + -nameopt compat \ + -text \ + -key "${OUT_DIR}/ca-key.pem" \ + -out "${OUT_DIR}/ca.pem" + +# Now that we have a CA, create a server key and certificate signing request. +# Make sure that `"Common Name (e.g. server FQDN or YOUR name)"` matches the hostname you will use +# to connect or just use '*' for a certificate valid for any hostname: + +openssl genrsa -out server-key.pem +openssl req -new \ + -subj "/C=US/ST=CA/L=SanFrancisco/O=Moby-project/OU=ci/CN=server/name=moby/emailAddress=moby@example.org" \ + -text \ + -key "${OUT_DIR}/server-key.pem" \ + -out "${OUT_DIR}/server.csr" + +# Options for server certificate +cat > "${OUT_DIR}/server-options.cfg" << 'EOF' +basicConstraints=CA:FALSE +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer +extendedKeyUsage=serverAuth +subjectAltName=DNS:*,DNS:localhost,IP:127.0.0.1,IP:::1 +EOF + +# Generate the certificate and sign with our CA +openssl x509 \ + -req \ + -days 3652 \ + -extfile "${OUT_DIR}/server-options.cfg" \ + -CA "${OUT_DIR}/ca.pem" \ + -CAkey "${OUT_DIR}/ca-key.pem" \ + -nameopt compat \ + -text \ + -in "${OUT_DIR}/server.csr" \ + -out "${OUT_DIR}/server-cert.pem" + +# For client authentication, create a client key and certificate signing request +openssl genrsa -out "${OUT_DIR}/client-key.pem" +openssl req -new \ + -subj "/C=US/ST=CA/L=SanFrancisco/O=Moby-project/OU=ci/CN=client/name=moby/emailAddress=moby@example.org" \ + -text \ + -key "${OUT_DIR}/client-key.pem" \ + -out "${OUT_DIR}/client.csr" + +# Options for client certificate +cat > "${OUT_DIR}/client-options.cfg" << 'EOF' +basicConstraints=CA:FALSE +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer +extendedKeyUsage=clientAuth +subjectAltName=DNS:*,DNS:localhost,IP:127.0.0.1,IP:::1 +EOF + +# Generate the certificate and sign with our CA: +openssl x509 \ + -req \ + -days 3652 \ + -extfile "${OUT_DIR}/client-options.cfg" \ + -CA "${OUT_DIR}/ca.pem" \ + -CAkey "${OUT_DIR}/ca-key.pem" \ + -nameopt compat \ + -text \ + -in "${OUT_DIR}/client.csr" \ + -out "${OUT_DIR}/client-cert.pem" + +rm "${OUT_DIR}/ca.srl" +rm "${OUT_DIR}/ca-key.pem" +rm "${OUT_DIR}"/*.cfg +rm "${OUT_DIR}"/*.csr From ab9a92f79c27dcd959e84f129681c819499219df Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sun, 26 Jul 2020 17:27:09 +0200 Subject: [PATCH 126/252] Update test certificates Updates the certificates to account for current versions of Go expecting SANs to be used instead of the Common Name field: FAIL: s390x.integration.plugin.authz TestAuthZPluginTLS (0.53s) [2020-07-26T09:36:58.638Z] authz_plugin_test.go:132: assertion failed: error is not nil: error during connect: Get "https://localhost:4271/v1.41/version": x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit fe54215fb36bae86e7f2527c29624654e6affd98) Signed-off-by: Sebastiaan van Stijn --- integration/testdata/https/ca.pem | 101 +++++++++++++---- integration/testdata/https/client-cert.pem | 121 +++++++++++--------- integration/testdata/https/client-key.pem | 43 ++++--- integration/testdata/https/server-cert.pem | 126 +++++++++++---------- integration/testdata/https/server-key.pem | 43 ++++--- 5 files changed, 269 insertions(+), 165 deletions(-) diff --git a/integration/testdata/https/ca.pem b/integration/testdata/https/ca.pem index 6825d6d1bd15e..61285ec8e31ab 100644 --- a/integration/testdata/https/ca.pem +++ b/integration/testdata/https/ca.pem @@ -1,23 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 45:9c:ce:13:92:42:39:2e:90:f5:93:05:f1:03:92:17:5d:e4:89:8d + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=moby-ci/name=moby/emailAddress=moby@example.org + Validity + Not Before: May 17 19:49:34 2021 GMT + Not After : May 17 19:49:34 2031 GMT + Subject: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=moby-ci/name=moby/emailAddress=moby@example.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c2:5a:af:10:15:fb:c8:46:c4:31:d7:ee:ec:d9: + c4:1e:c3:b3:b6:4c:ec:e1:2b:57:40:a2:74:cd:d5: + 8e:7d:69:b6:22:60:21:05:be:a5:92:40:4c:43:2b: + eb:c9:00:32:5f:59:1c:59:50:e2:98:df:ff:9b:2d: + 16:9f:c6:a0:57:78:bc:ae:a5:8d:b3:7d:98:73:7a: + 6f:d2:05:52:15:89:89:22:ec:9d:9a:e7:c7:35:8f: + 6b:38:a3:33:54:c5:74:2a:05:ad:af:a0:8a:54:7b: + 7d:d4:6a:9b:2b:90:cb:9a:e7:6e:94:bd:a2:f3:5b: + 40:d1:fa:4d:ec:fd:6f:14:1d:89:5b:fc:35:c2:1c: + 98:0b:c4:53:7a:25:16:3f:02:e9:e8:46:20:4d:e8: + 1e:25:0d:0d:10:e9:36:42:2a:88:d9:91:b3:fa:9e: + 07:c0:a9:b1:44:db:2c:e5:cb:85:bf:4a:38:a0:cf: + 7e:2c:20:e5:a9:cf:49:2a:6f:e3:b8:93:fd:38:9b: + 2a:c2:ea:c3:0f:3b:f5:f3:30:c8:f7:51:d5:8b:d0: + 5e:97:75:21:e4:d2:47:ca:1d:66:4a:36:b2:81:13: + d9:13:19:0d:35:04:84:ca:35:f4:47:f9:47:37:21: + 64:95:a1:cb:8a:01:d3:e6:50:e2:01:17:e5:0e:64: + 89:0d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 85:57:D0:FF:A9:B4:1E:1F:80:33:FB:B8:34:ED:7D:06:39:CD:34:98 + X509v3 Authority Key Identifier: + keyid:85:57:D0:FF:A9:B4:1E:1F:80:33:FB:B8:34:ED:7D:06:39:CD:34:98 + + X509v3 Basic Constraints: critical + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 46:73:2d:4b:ce:b0:c2:13:19:85:97:67:95:d9:15:6f:cf:e0: + 89:e4:42:90:4e:a3:5a:64:8c:e9:92:6f:b4:cb:56:e6:ec:6e: + 91:04:18:12:79:ca:70:bb:e5:ba:5d:ed:fe:8c:47:7e:8f:8b: + bd:9f:40:5a:63:51:b8:80:6f:b2:7b:ff:c1:43:68:7d:21:0c: + 0a:a4:ea:b7:2d:0a:31:e4:3e:5e:bb:72:bd:63:6b:a1:2d:d3: + ca:6a:e0:af:17:52:12:71:73:77:41:11:f1:24:32:54:b4:67: + c9:5e:b1:f1:cf:bd:95:91:c8:9c:43:4f:3f:c3:f6:3c:0e:41: + 2b:f9:c7:25:3f:17:4d:4a:e7:27:36:bc:9e:d4:30:e6:6e:29: + 95:e4:33:66:b4:2e:11:ac:97:61:df:3f:4d:03:8e:96:04:10: + a5:d8:5f:85:a3:4b:6c:d5:1c:7d:17:8c:4c:8a:cb:9d:27:65: + 2c:ee:dd:2b:19:27:1a:57:3c:68:2d:eb:6e:e8:b2:59:8c:0a: + 17:75:ba:fc:89:d8:fc:c0:45:44:8a:a1:9c:52:b0:f3:b7:6d: + f2:2e:24:ee:50:d9:27:4d:33:89:5c:97:34:b0:47:81:94:4b: + c1:b4:aa:d9:65:b5:4f:98:0b:a9:76:30:a0:ef:f1:71:23:0f: + 04:dc:83:fd -----BEGIN CERTIFICATE----- -MIID0TCCAzqgAwIBAgIJAP2r7GqEJwSnMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG -A1UEChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTERMA8GA1UEAxMI -Y2hhbmdlbWUxETAPBgNVBCkTCGNoYW5nZW1lMR8wHQYJKoZIhvcNAQkBFhBtYWls -QGhvc3QuZG9tYWluMB4XDTEzMTIwMzE2NTYzMFoXDTIzMTIwMTE2NTYzMFowgaIx -CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2Nv -MRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMREwDwYD -VQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEW -EG1haWxAaG9zdC5kb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALAn -0xDw+5y7ZptQacq66pUhRu82JP2WU6IDgo5QUtNU6/CX5PwQATe/OnYTZQFbksxp -AU9boG0FCkgxfsgPYXEuZxVEGKI2fxfKHOZZI8mrkWmj6eWU/0cvCjGVc9rTITP5 -sNQvg+hORyVDdNp2IdsbMJayiB3AQYMFx3vSDOMTAgMBAAGjggELMIIBBzAdBgNV -HQ4EFgQUZu7DFz09q0QBa2+ymRm9qgK1NPswgdcGA1UdIwSBzzCBzIAUZu7DFz09 -q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJD -QTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24x -ETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMI -Y2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21haW6CCQD9q+xq -hCcEpzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAF8fJKKM+/oOdnNi -zEd0M1+PmZOyqvjYQn/2ZR8UHH6Imgc/OPQKZXf0bVE1Txc/DaUNn9Isd1SuCuaE -ic3vAIYYU7PmgeNN6vwec48V96T7jr+GAi6AVMhQEc2hHCfVtx11Xx+x6aHDZzJt -Zxtf5lL6KSO9Y+EFwM+rju6hm5hW +MIIEETCCAvmgAwIBAgIURZzOE5JCOS6Q9ZMF8QOSF13kiY0wDQYJKoZIhvcNAQEL +BQAwgZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEVMBMGA1UEBwwMU2FuRnJh +bmNpc2NvMRUwEwYDVQQKDAxNb2J5LXByb2plY3QxCzAJBgNVBAsMAmNpMRAwDgYD +VQQDDAdtb2J5LWNpMQ0wCwYDVQQpDARtb2J5MR8wHQYJKoZIhvcNAQkBFhBtb2J5 +QGV4YW1wbGUub3JnMB4XDTIxMDUxNzE5NDkzNFoXDTMxMDUxNzE5NDkzNFowgZcx +CzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEVMBMGA1UEBwwMU2FuRnJhbmNpc2Nv +MRUwEwYDVQQKDAxNb2J5LXByb2plY3QxCzAJBgNVBAsMAmNpMRAwDgYDVQQDDAdt +b2J5LWNpMQ0wCwYDVQQpDARtb2J5MR8wHQYJKoZIhvcNAQkBFhBtb2J5QGV4YW1w +bGUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlqvEBX7yEbE +Mdfu7NnEHsOztkzs4StXQKJ0zdWOfWm2ImAhBb6lkkBMQyvryQAyX1kcWVDimN// +my0Wn8agV3i8rqWNs32Yc3pv0gVSFYmJIuydmufHNY9rOKMzVMV0KgWtr6CKVHt9 +1GqbK5DLmudulL2i81tA0fpN7P1vFB2JW/w1whyYC8RTeiUWPwLp6EYgTegeJQ0N +EOk2QiqI2ZGz+p4HwKmxRNss5cuFv0o4oM9+LCDlqc9JKm/juJP9OJsqwurDDzv1 +8zDI91HVi9Bel3Uh5NJHyh1mSjaygRPZExkNNQSEyjX0R/lHNyFklaHLigHT5lDi +ARflDmSJDQIDAQABo1MwUTAdBgNVHQ4EFgQUhVfQ/6m0Hh+AM/u4NO19BjnNNJgw +HwYDVR0jBBgwFoAUhVfQ/6m0Hh+AM/u4NO19BjnNNJgwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAQEARnMtS86wwhMZhZdnldkVb8/gieRCkE6jWmSM +6ZJvtMtW5uxukQQYEnnKcLvlul3t/oxHfo+LvZ9AWmNRuIBvsnv/wUNofSEMCqTq +ty0KMeQ+XrtyvWNroS3TymrgrxdSEnFzd0ER8SQyVLRnyV6x8c+9lZHInENPP8P2 +PA5BK/nHJT8XTUrnJza8ntQw5m4pleQzZrQuEayXYd8/TQOOlgQQpdhfhaNLbNUc +fReMTIrLnSdlLO7dKxknGlc8aC3rbuiyWYwKF3W6/InY/MBFRIqhnFKw87dt8i4k +7lDZJ00ziVyXNLBHgZRLwbSq2WW1T5gLqXYwoO/xcSMPBNyD/Q== -----END CERTIFICATE----- diff --git a/integration/testdata/https/client-cert.pem b/integration/testdata/https/client-cert.pem index c05ed47c2c5eb..77809c28815a5 100644 --- a/integration/testdata/https/client-cert.pem +++ b/integration/testdata/https/client-cert.pem @@ -2,72 +2,85 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=moby-ci/name=moby/emailAddress=moby@example.org Validity - Not Before: Dec 4 14:17:54 2013 GMT - Not After : Dec 2 14:17:54 2023 GMT - Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=client/name=changeme/emailAddress=mail@host.domain + Not Before: May 17 19:49:34 2021 GMT + Not After : May 17 19:49:34 2031 GMT + Subject: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=client/name=moby/emailAddress=moby@example.org Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:ca:c9:05:d0:09:4e:3e:a4:fc:d5:14:f4:a5:e8: - 34:d3:6b:51:e3:f3:62:ea:a1:f0:e8:ed:c4:2a:bc: - f0:4f:ca:07:df:e3:88:fa:f4:21:99:35:0e:3d:ea: - b0:86:e7:c4:d2:8a:83:2b:42:b8:ec:a3:99:62:70: - 81:46:cc:fc:a5:1d:d2:63:e8:eb:07:25:9a:e2:25: - 6d:11:56:f2:1a:51:a1:b6:3e:1c:57:32:e9:7b:2c: - aa:1b:cc:97:2d:89:2d:b1:c9:5e:35:28:4d:7c:fa: - 65:31:3e:f7:70:dd:6e:0b:3c:58:af:a8:2e:24:c0: - 7e:4e:78:7d:0a:9e:8f:42:43 + 00:e3:20:9f:c9:63:fe:29:a9:0e:21:e0:4d:4c:42: + cb:cc:9f:29:8c:73:5d:f7:88:bd:81:62:1f:b2:a3: + 95:4d:3a:58:28:af:f0:3e:aa:a7:c2:c6:52:b9:94: + 9f:6b:58:d6:9a:08:b4:5f:60:fb:f1:ea:e7:49:8d: + 46:35:e2:e9:82:9f:20:44:41:82:a7:fa:ab:82:1b: + 03:7f:f0:4e:78:38:37:20:9d:67:43:c0:e2:8f:09: + 07:3f:7f:96:13:7a:64:c5:90:13:87:71:6d:ed:e7: + 28:3a:05:48:eb:d6:e6:27:da:46:f9:a4:5c:66:49: + 56:5f:88:87:4e:0a:8b:fe:ea:05:a6:c1:72:b9:94: + d5:8e:d4:9a:18:58:ac:56:1b:34:3e:c3:50:06:5d: + f3:3d:85:93:2c:8b:3f:33:e6:32:14:92:9e:fd:fc: + 5d:8a:71:1b:20:67:43:e0:72:fc:4e:31:c6:b7:03: + 98:99:e7:95:ef:7c:5a:30:cf:c1:a4:43:42:fb:be: + 1b:a7:08:d5:e0:b5:b2:10:ff:0f:e1:0d:ee:3e:b2: + 04:05:86:1e:72:a9:d6:16:84:37:73:28:5d:d9:3c: + fd:f3:99:18:dc:90:83:59:23:90:bc:25:33:0f:23: + 48:9d:d2:97:a0:ac:94:4f:8e:31:22:cc:74:83:f7: + 31:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE - Netscape Comment: - Easy-RSA Generated Certificate X509v3 Subject Key Identifier: - DE:42:EF:2D:98:A3:6C:A8:AA:E0:8C:71:2C:9D:64:23:A9:E2:7E:81 + 23:1C:5A:99:1A:2B:BC:FD:39:97:8D:1F:5A:49:BF:4F:33:0F:26:C1 X509v3 Authority Key Identifier: - keyid:66:EE:C3:17:3D:3D:AB:44:01:6B:6F:B2:99:19:BD:AA:02:B5:34:FB - DirName:/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain - serial:FD:AB:EC:6A:84:27:04:A7 + keyid:85:57:D0:FF:A9:B4:1E:1F:80:33:FB:B8:34:ED:7D:06:39:CD:34:98 X509v3 Extended Key Usage: TLS Web Client Authentication - X509v3 Key Usage: - Digital Signature - Signature Algorithm: sha1WithRSAEncryption - 1c:44:26:ea:e1:66:25:cb:e4:8e:57:1c:f6:b9:17:22:62:40: - 12:90:8f:3b:b2:61:7a:54:94:8f:b1:20:0b:bf:a3:51:e3:fa: - 1c:a1:be:92:3a:d0:76:44:c0:57:83:ab:6a:e4:1a:45:49:a4: - af:39:0d:60:32:fc:3a:be:d7:fb:5d:99:7a:1f:87:e7:d5:ab: - 84:a2:5e:90:d8:bf:fa:89:6d:32:26:02:5e:31:35:68:7f:31: - f5:6b:51:46:bc:af:70:ed:5a:09:7d:ec:b2:48:4f:fe:c5:2f: - 56:04:ad:f6:c1:d2:2a:e4:6a:c4:87:fe:08:35:c5:38:cb:5e: - 4a:c4 + X509v3 Subject Alternative Name: + DNS:*, DNS:localhost, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1 + Signature Algorithm: sha256WithRSAEncryption + 4d:79:c0:07:ac:13:51:00:5c:4b:70:6d:9f:bf:87:c8:ac:31: + c9:37:5e:4e:4c:9f:c6:cd:a4:e3:df:72:b5:06:28:9d:f6:3e: + 32:b5:01:81:43:78:6d:93:b2:b2:0a:0b:95:64:f2:25:a4:5e: + d1:4b:b1:11:5c:54:17:21:a7:f7:e6:73:af:f2:53:54:b3:69: + 40:8c:26:5b:1b:a7:63:07:26:c4:d2:c4:7a:64:b3:ab:f1:23: + fa:58:9c:b2:b7:17:35:34:91:dd:84:bb:b0:ee:a6:cd:78:cf: + 32:39:d8:5f:23:ad:62:ef:82:38:88:cd:34:1b:7d:3b:02:a8: + 75:70:72:50:33:44:a4:65:01:14:ef:78:46:3b:27:4e:82:e6: + 01:1b:5c:65:97:2c:08:f7:4f:e6:ee:dd:1c:40:0c:48:59:33: + 5e:c7:da:bf:40:ce:b0:e9:03:95:6f:a8:07:b3:7f:6b:15:cd: + c0:6f:57:e3:73:99:67:aa:fd:90:6c:a7:6f:ff:b9:5f:f6:8a: + 8c:93:f1:c3:75:34:10:c6:6c:0e:ae:0a:22:6b:16:6c:56:41: + 0a:b5:e6:74:52:b8:3e:f2:e4:fc:f1:54:a0:84:90:d5:97:70: + 25:4b:28:2c:8a:ec:46:0a:63:ac:32:c6:cd:96:71:ee:f6:17: + 2c:e9:60:5e -----BEGIN CERTIFICATE----- -MIIEFTCCA36gAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx -CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZv -cnQtRnVuc3RvbjERMA8GA1UECxMIY2hhbmdlbWUxETAPBgNVBAMTCGNoYW5nZW1l -MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRv -bWFpbjAeFw0xMzEyMDQxNDE3NTRaFw0yMzEyMDIxNDE3NTRaMIGgMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UE -ChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTEPMA0GA1UEAxMGY2xp -ZW50MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0 -LmRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyskF0AlOPqT81RT0 -peg002tR4/Ni6qHw6O3EKrzwT8oH3+OI+vQhmTUOPeqwhufE0oqDK0K47KOZYnCB -Rsz8pR3SY+jrByWa4iVtEVbyGlGhtj4cVzLpeyyqG8yXLYktscleNShNfPplMT73 -cN1uCzxYr6guJMB+Tnh9Cp6PQkMCAwEAAaOCAVkwggFVMAkGA1UdEwQCMAAwLQYJ -YIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNV -HQ4EFgQU3kLvLZijbKiq4IxxLJ1kI6nifoEwgdcGA1UdIwSBzzCBzIAUZu7DFz09 -q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJD -QTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24x -ETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQDEwhjaGFuZ2VtZTERMA8GA1UEKRMI -Y2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21haW6CCQD9q+xq -hCcEpzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcN -AQEFBQADgYEAHEQm6uFmJcvkjlcc9rkXImJAEpCPO7JhelSUj7EgC7+jUeP6HKG+ -kjrQdkTAV4OrauQaRUmkrzkNYDL8Or7X+12Zeh+H59WrhKJekNi/+oltMiYCXjE1 -aH8x9WtRRryvcO1aCX3sskhP/sUvVgSt9sHSKuRqxIf+CDXFOMteSsQ= +MIIEPzCCAyegAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xFTATBgNVBAoMDE1v +YnktcHJvamVjdDELMAkGA1UECwwCY2kxEDAOBgNVBAMMB21vYnktY2kxDTALBgNV +BCkMBG1vYnkxHzAdBgkqhkiG9w0BCQEWEG1vYnlAZXhhbXBsZS5vcmcwHhcNMjEw +NTE3MTk0OTM0WhcNMzEwNTE3MTk0OTM0WjCBljELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAkNBMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xFTATBgNVBAoMDE1vYnktcHJv +amVjdDELMAkGA1UECwwCY2kxDzANBgNVBAMMBmNsaWVudDENMAsGA1UEKQwEbW9i +eTEfMB0GCSqGSIb3DQEJARYQbW9ieUBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAOMgn8lj/impDiHgTUxCy8yfKYxzXfeIvYFiH7Kj +lU06WCiv8D6qp8LGUrmUn2tY1poItF9g+/Hq50mNRjXi6YKfIERBgqf6q4IbA3/w +Tng4NyCdZ0PA4o8JBz9/lhN6ZMWQE4dxbe3nKDoFSOvW5ifaRvmkXGZJVl+Ih04K +i/7qBabBcrmU1Y7UmhhYrFYbND7DUAZd8z2FkyyLPzPmMhSSnv38XYpxGyBnQ+By +/E4xxrcDmJnnle98WjDPwaRDQvu+G6cI1eC1shD/D+EN7j6yBAWGHnKp1haEN3Mo +Xdk8/fOZGNyQg1kjkLwlMw8jSJ3Sl6CslE+OMSLMdIP3MZ0CAwEAAaOBlDCBkTAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBQjHFqZGiu8/TmXjR9aSb9PMw8mwTAfBgNVHSME +GDAWgBSFV9D/qbQeH4Az+7g07X0GOc00mDATBgNVHSUEDDAKBggrBgEFBQcDAjAv +BgNVHREEKDAmggEqgglsb2NhbGhvc3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEw +DQYJKoZIhvcNAQELBQADggEBAE15wAesE1EAXEtwbZ+/h8isMck3Xk5Mn8bNpOPf +crUGKJ32PjK1AYFDeG2TsrIKC5Vk8iWkXtFLsRFcVBchp/fmc6/yU1SzaUCMJlsb +p2MHJsTSxHpks6vxI/pYnLK3FzU0kd2Eu7Dups14zzI52F8jrWLvgjiIzTQbfTsC +qHVwclAzRKRlARTveEY7J06C5gEbXGWXLAj3T+bu3RxADEhZM17H2r9AzrDpA5Vv +qAezf2sVzcBvV+NzmWeq/ZBsp2//uV/2ioyT8cN1NBDGbA6uCiJrFmxWQQq15nRS +uD7y5PzxVKCEkNWXcCVLKCyK7EYKY6wyxs2Wce72FyzpYF4= -----END CERTIFICATE----- diff --git a/integration/testdata/https/client-key.pem b/integration/testdata/https/client-key.pem index b5c15f8dc7d8e..47bedbe39b5ab 100644 --- a/integration/testdata/https/client-key.pem +++ b/integration/testdata/https/client-key.pem @@ -1,16 +1,27 @@ ------BEGIN PRIVATE KEY----- -MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMrJBdAJTj6k/NUU -9KXoNNNrUePzYuqh8OjtxCq88E/KB9/jiPr0IZk1Dj3qsIbnxNKKgytCuOyjmWJw -gUbM/KUd0mPo6wclmuIlbRFW8hpRobY+HFcy6XssqhvMly2JLbHJXjUoTXz6ZTE+ -93Ddbgs8WK+oLiTAfk54fQqej0JDAgMBAAECgYBOFEzKp2qbMEexe9ofL2N3rDDh -xkrl8OijpzkLA6i78BxMFn4dsnZlWUpciMrjhsYAExkiRRSS+QMMJimAq1jzQqc3 -FAQV2XGYwkd0cUn7iZGvfNnEPysjsfyYQM+m+sT0ATj4BZjVShC6kkSjTdm1leLN -OSvcHdcu3Xxg9ufF0QJBAPYdnNt5sIndt2WECePuRVi+uF4mlxTobFY0fjn26yhC -4RsnhhD3Vldygo9gvnkwrAZYaALGSPBewes2InxvjA8CQQDS7erKiNXpwoqz5XiU -SVEsIIVTdWzBjGbIqMOu/hUwM5FK4j6JTBks0aTGMyh0YV9L1EzM0X79J29JahCe -iQKNAkBKNMOGqTpBV0hko1sYDk96YobUXG5RL4L6uvkUIQ7mJMQam+AgXXL7Ctuy -v0iu4a38e8tgisiTMP7nHHtpaXihAkAOiN54/lzfMsykANgCP9scE1GcoqbP34Dl -qttxH4kOPT9xzY1JoLjLYdbc4YGUI3GRpBt2sajygNkmUey7P+2xAkBBsVCZFvTw -qHvOpPS2kX5ml5xoc/QAHK9N7kR+X7XFYx82RTVSqJEK4lPb+aEWn+CjiIewO4Q5 -ksDFuNxAzbhl ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEA4yCfyWP+KakOIeBNTELLzJ8pjHNd94i9gWIfsqOVTTpYKK/w +PqqnwsZSuZSfa1jWmgi0X2D78ernSY1GNeLpgp8gREGCp/qrghsDf/BOeDg3IJ1n +Q8DijwkHP3+WE3pkxZATh3Ft7ecoOgVI69bmJ9pG+aRcZklWX4iHTgqL/uoFpsFy +uZTVjtSaGFisVhs0PsNQBl3zPYWTLIs/M+YyFJKe/fxdinEbIGdD4HL8TjHGtwOY +meeV73xaMM/BpENC+74bpwjV4LWyEP8P4Q3uPrIEBYYecqnWFoQ3cyhd2Tz985kY +3JCDWSOQvCUzDyNIndKXoKyUT44xIsx0g/cxnQIDAQABAoIBAQCZ0oGFIlyDGISC +uud+64oc9fpsrcGJIKm/k5YGJTW7jPUh8S4TMv7VMf3aw+ZIDG2i+pw2MHfRepbT +wIM5gYlGNsDimT+ExocbYXI4Vqa+Usw7IX9LarnFx4aKIb2hSXYwOwiO5WpfAfvD +d8rQNsW/XdxNvFv7xlVh9BQ27Xus0sjz7dNBSt+LQ4hSyfZgFwbXh1+E9k6PDhnX +oYFz4/U/1G+HwXKivvKcRIkYZpMyD80H/M4+bB9x6btFvb4+R3K6Ii8wh+VMz5pX +Nm+mN8d3W/7Mhyof8EbbQpJMdwemzI7lM6wf1FPfSEeKXAclJ3+BnjOuh295Jv4Z +u+YWhzDhAoGBAPcRWiVyU7US7K4dhbVo2zyM6mGO3gFBXgeSwFFby8kMsbi8aewt +m90WMdWjvITw/sNsIRye7sCUVXOmGgz+5UfxRKtcFB5JnfLymrmQS7y1+TZ1WRak +T0400U+VEE4Cw3vkd4lFbyu94P4iDmn816Ix6tR8UTt11wMG3NgVoFSFAoGBAOtW +uKYN58BXWA3nU9rPEKq7n1cx7ML/xFvIPPNWp+6Pc1EJ2yX7tnyhPzvPdm3+XdTz +PU0oIBVfKNToPqYJRX8kK4hCYPvgOOAccZkSrxe3jBupKW72BwVvl/wN6Yb7ggda +NMbsQ85XyF4K9bvIFxROrR1K/nsowO0UaLvtEOA5AoGBALf2pabIT+e95Zlnxg1j +vAqD6mkl1cwdfgQpkyWBMmXLG/Gv6TbAZxPh2M14k4BxaWDdfHIxLRkb2dy4yyDu +Eo7U6QqnDxvWONOTLP4KoTosTRntmp4vThWvYkLdfTx49lGjthXyK2rogUT42r60 +U2Mjw/TfdCTQA37vdzU2NSF5AoGBAOZQpsEMVsRsNqbUv8IiZ8NPf2+MUpO8T+Ur +IEtdgVf9V/P1W13e7Acon4PfU53uFNJ1gobiQBPqX0GOUNGZvUPimB/wJo4aME9U +RvBx0p25agsgEIahjNmLDwkEbIlH10duxrvvOaTVUCiJPVibR8r9/HnwjQDnL3hW +QvG33o4xAoGBAOsX3ABiBnXzqotDlqgoofgmv7zGkjZByiGQz3d+nL74ucRmZRgX +aeYb14YbJ1I1sGj2u2fPa4P1EJ0RnjgYkaQ7c0ZyTXceS+2/LtJ56RvRepKKs+Yg +fX1EruZYZvoDW+AViWF784CzpIpmedgB7dbXJPahTh0Q76OWQdP3T/uh +-----END RSA PRIVATE KEY----- diff --git a/integration/testdata/https/server-cert.pem b/integration/testdata/https/server-cert.pem index 08abfd1a3b08f..0616daba71e0a 100644 --- a/integration/testdata/https/server-cert.pem +++ b/integration/testdata/https/server-cert.pem @@ -1,76 +1,86 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 4 (0x4) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme/name=changeme/emailAddress=mail@host.domain + Serial Number: 2 (0x2) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=moby-ci/name=moby/emailAddress=moby@example.org Validity - Not Before: Dec 4 15:01:20 2013 GMT - Not After : Dec 2 15:01:20 2023 GMT - Subject: C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=*/name=changeme/emailAddress=mail@host.domain + Not Before: May 17 19:49:34 2021 GMT + Not After : May 17 19:49:34 2031 GMT + Subject: C=US, ST=CA, L=SanFrancisco, O=Moby-project, OU=ci, CN=server/name=moby/emailAddress=moby@example.org Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (2048 bit) Modulus: - 00:c1:ff:7d:30:6f:64:4a:b1:92:b1:71:d1:c1:74: - e2:1d:db:2d:11:24:e1:00:d4:00:ae:6f:c8:9e:ae: - 67:b3:4a:bd:f7:e6:9e:57:6d:19:4c:3c:23:94:2d: - 3d:d6:63:84:d8:fa:76:2b:38:12:c1:ed:20:9d:32: - e0:e8:c2:bf:9a:77:70:04:3f:7f:ca:8c:2c:82:d6: - 3d:25:5c:02:1a:4f:64:93:03:dd:9c:42:97:5e:09: - 49:af:f0:c2:e1:30:08:0e:21:46:95:d1:13:59:c0: - c8:76:be:94:0d:8b:43:67:21:33:b2:08:60:9d:76: - a8:05:32:1e:f9:95:09:14:75 + 00:f2:23:b2:a3:22:03:a2:0b:cd:71:de:19:29:14: + 92:7f:e8:9d:30:7f:e3:0e:13:da:de:f9:9b:5a:65: + ec:22:c5:ce:73:e7:2f:c2:ae:c3:04:eb:72:43:77: + 87:46:d2:63:e2:3a:08:85:9f:58:1f:fc:f3:82:4f: + 5e:4e:5a:92:0f:ac:a1:16:a0:7e:92:a3:8e:aa:93: + fd:4c:e0:ed:f0:96:09:43:b8:e6:ec:72:1b:aa:aa: + 76:3f:79:00:89:26:c4:2f:ff:99:01:95:f2:8e:39: + a0:4f:13:63:bf:6b:6c:40:0f:7c:ed:ee:a8:2b:90: + 11:94:d8:a9:15:c1:91:40:89:13:eb:49:ec:0d:fe: + 4f:cd:41:8f:a6:e0:ab:15:db:45:86:28:23:79:98: + 42:bb:52:a8:96:c3:aa:91:df:5a:67:24:09:4b:2e: + ce:9a:ba:fc:97:4e:89:5e:c3:18:08:4e:31:e4:1c: + b6:65:c2:7e:93:ef:52:e7:92:ee:25:88:07:4a:d5: + 3d:86:44:31:07:e5:1a:f5:63:dc:c3:11:b5:4d:10: + a0:9c:6a:99:7a:d9:b4:22:07:97:e2:f4:0e:5a:10: + bc:90:09:c1:0f:5a:65:e8:f3:9c:e0:e2:04:29:24: + ee:a7:ee:aa:fa:02:7f:80:ac:9d:ca:9f:0f:8d:f5: + c5:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE - Netscape Cert Type: - SSL Server - Netscape Comment: - Easy-RSA Generated Server Certificate X509v3 Subject Key Identifier: - 14:02:FD:FD:DD:13:38:E0:71:EA:D1:BE:C0:0E:89:1A:2D:B6:19:06 + 82:DD:B4:72:E4:DB:12:4E:9A:3B:45:75:F0:1B:4E:7F:43:2C:10:BF X509v3 Authority Key Identifier: - keyid:66:EE:C3:17:3D:3D:AB:44:01:6B:6F:B2:99:19:BD:AA:02:B5:34:FB - DirName:/C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=changeme/name=changeme/emailAddress=mail@host.domain - serial:FD:AB:EC:6A:84:27:04:A7 + keyid:85:57:D0:FF:A9:B4:1E:1F:80:33:FB:B8:34:ED:7D:06:39:CD:34:98 X509v3 Extended Key Usage: TLS Web Server Authentication - X509v3 Key Usage: - Digital Signature, Key Encipherment - Signature Algorithm: sha1WithRSAEncryption - 40:0f:10:39:c4:b7:0f:0d:2f:bf:d2:16:cc:8e:d3:9a:fb:8b: - ce:4b:7b:0d:48:77:ce:f1:fe:d5:8f:ea:b1:71:ed:49:1d:9f: - 23:3a:16:d4:70:7c:c5:29:bf:e4:90:34:d0:f0:00:24:f4:e4: - df:2c:c3:83:01:66:61:c9:a8:ab:29:e7:98:6d:27:89:4a:76: - c9:2e:19:8e:fe:6e:d5:f8:99:11:0e:97:67:4b:34:e3:1e:e3: - 9f:35:00:a5:32:f9:b5:2c:f2:e0:c5:2e:cc:81:bd:18:dd:5c: - 12:c8:6b:fa:0c:17:74:30:55:f6:6e:20:9a:6c:1e:09:b4:0c: - 15:42 + X509v3 Subject Alternative Name: + DNS:*, DNS:localhost, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1 + Signature Algorithm: sha256WithRSAEncryption + 1e:a5:f6:ed:f9:8b:a4:c8:1d:11:e3:03:3b:ec:6a:a2:59:44: + 35:d1:28:0a:0e:b5:84:3c:17:3b:38:6f:e5:8c:03:4c:70:13: + b8:cf:40:3c:4a:5d:bf:96:a6:ca:26:9d:ce:00:13:10:a9:eb: + 91:b4:50:98:a2:68:6f:6b:95:54:46:39:97:74:d6:fd:bb:54: + f4:27:91:b7:4e:9f:bc:85:5f:51:69:59:87:86:7e:1d:06:10: + 74:f5:c3:e3:81:09:e6:77:f5:b7:ed:ae:1c:b0:56:2e:8d:31: + 60:ff:ef:f5:ab:03:fb:da:9a:69:d8:8a:ca:e7:00:99:d5:9f: + 39:f7:d5:19:4c:57:a1:90:23:c8:21:a3:9b:ab:05:d4:b7:a8: + 7c:12:a9:6e:d5:c3:ae:e0:c0:2c:08:95:da:16:c4:35:e0:89: + 3b:01:f1:f7:b2:d8:15:b6:05:7f:ec:09:fd:0a:5f:a9:48:16: + 11:c1:30:0a:fd:98:71:69:03:91:19:5f:02:14:d7:42:75:fb: + b7:01:af:c2:09:08:4c:7b:c9:d2:bc:0f:2d:de:57:84:9d:8e: + a8:f0:22:7e:eb:05:6e:f3:5b:cd:2f:1f:67:b4:3a:2f:b4:b1: + a6:bd:78:0f:c4:65:c5:01:7a:06:b2:63:3e:a0:de:a7:ef:84: + cc:17:4b:22 -----BEGIN CERTIFICATE----- -MIIEKjCCA5OgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx -CzAJBgNVBAgTAkNBMRUwEwYDVQQHEwxTYW5GcmFuY2lzY28xFTATBgNVBAoTDEZv -cnQtRnVuc3RvbjERMA8GA1UECxMIY2hhbmdlbWUxETAPBgNVBAMTCGNoYW5nZW1l -MREwDwYDVQQpEwhjaGFuZ2VtZTEfMB0GCSqGSIb3DQEJARYQbWFpbEBob3N0LmRv -bWFpbjAeFw0xMzEyMDQxNTAxMjBaFw0yMzEyMDIxNTAxMjBaMIGbMQswCQYDVQQG -EwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UE -ChMMRm9ydC1GdW5zdG9uMREwDwYDVQQLEwhjaGFuZ2VtZTEKMAgGA1UEAxQBKjER -MA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21h -aW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMH/fTBvZEqxkrFx0cF04h3b -LREk4QDUAK5vyJ6uZ7NKvffmnldtGUw8I5QtPdZjhNj6dis4EsHtIJ0y4OjCv5p3 -cAQ/f8qMLILWPSVcAhpPZJMD3ZxCl14JSa/wwuEwCA4hRpXRE1nAyHa+lA2LQ2ch -M7IIYJ12qAUyHvmVCRR1AgMBAAGjggFzMIIBbzAJBgNVHRMEAjAAMBEGCWCGSAGG -+EIBAQQEAwIGQDA0BglghkgBhvhCAQ0EJxYlRWFzeS1SU0EgR2VuZXJhdGVkIFNl -cnZlciBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUFAL9/d0TOOBx6tG+wA6JGi22GQYw -gdcGA1UdIwSBzzCBzIAUZu7DFz09q0QBa2+ymRm9qgK1NPuhgaikgaUwgaIxCzAJ -BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMMU2FuRnJhbmNpc2NvMRUw -EwYDVQQKEwxGb3J0LUZ1bnN0b24xETAPBgNVBAsTCGNoYW5nZW1lMREwDwYDVQQD -EwhjaGFuZ2VtZTERMA8GA1UEKRMIY2hhbmdlbWUxHzAdBgkqhkiG9w0BCQEWEG1h -aWxAaG9zdC5kb21haW6CCQD9q+xqhCcEpzATBgNVHSUEDDAKBggrBgEFBQcDATAL -BgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADgYEAQA8QOcS3Dw0vv9IWzI7TmvuL -zkt7DUh3zvH+1Y/qsXHtSR2fIzoW1HB8xSm/5JA00PAAJPTk3yzDgwFmYcmoqynn -mG0niUp2yS4Zjv5u1fiZEQ6XZ0s04x7jnzUApTL5tSzy4MUuzIG9GN1cEshr+gwX -dDBV9m4gmmweCbQMFUI= +MIIEPzCCAyegAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xFTATBgNVBAoMDE1v +YnktcHJvamVjdDELMAkGA1UECwwCY2kxEDAOBgNVBAMMB21vYnktY2kxDTALBgNV +BCkMBG1vYnkxHzAdBgkqhkiG9w0BCQEWEG1vYnlAZXhhbXBsZS5vcmcwHhcNMjEw +NTE3MTk0OTM0WhcNMzEwNTE3MTk0OTM0WjCBljELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAkNBMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xFTATBgNVBAoMDE1vYnktcHJv +amVjdDELMAkGA1UECwwCY2kxDzANBgNVBAMMBnNlcnZlcjENMAsGA1UEKQwEbW9i +eTEfMB0GCSqGSIb3DQEJARYQbW9ieUBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAPIjsqMiA6ILzXHeGSkUkn/onTB/4w4T2t75m1pl +7CLFznPnL8KuwwTrckN3h0bSY+I6CIWfWB/884JPXk5akg+soRagfpKjjqqT/Uzg +7fCWCUO45uxyG6qqdj95AIkmxC//mQGV8o45oE8TY79rbEAPfO3uqCuQEZTYqRXB +kUCJE+tJ7A3+T81Bj6bgqxXbRYYoI3mYQrtSqJbDqpHfWmckCUsuzpq6/JdOiV7D +GAhOMeQctmXCfpPvUueS7iWIB0rVPYZEMQflGvVj3MMRtU0QoJxqmXrZtCIHl+L0 +DloQvJAJwQ9aZejznODiBCkk7qfuqvoCf4CsncqfD431xbMCAwEAAaOBlDCBkTAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBSC3bRy5NsSTpo7RXXwG05/QywQvzAfBgNVHSME +GDAWgBSFV9D/qbQeH4Az+7g07X0GOc00mDATBgNVHSUEDDAKBggrBgEFBQcDATAv +BgNVHREEKDAmggEqgglsb2NhbGhvc3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEw +DQYJKoZIhvcNAQELBQADggEBAB6l9u35i6TIHRHjAzvsaqJZRDXRKAoOtYQ8Fzs4 +b+WMA0xwE7jPQDxKXb+Wpsomnc4AExCp65G0UJiiaG9rlVRGOZd01v27VPQnkbdO +n7yFX1FpWYeGfh0GEHT1w+OBCeZ39bftrhywVi6NMWD/7/WrA/vammnYisrnAJnV +nzn31RlMV6GQI8gho5urBdS3qHwSqW7Vw67gwCwIldoWxDXgiTsB8fey2BW2BX/s +Cf0KX6lIFhHBMAr9mHFpA5EZXwIU10J1+7cBr8IJCEx7ydK8Dy3eV4SdjqjwIn7r +BW7zW80vH2e0Oi+0saa9eA/EZcUBegayYz6g3qfvhMwXSyI= -----END CERTIFICATE----- diff --git a/integration/testdata/https/server-key.pem b/integration/testdata/https/server-key.pem index c269320ef0f75..1ba75cd137bdf 100644 --- a/integration/testdata/https/server-key.pem +++ b/integration/testdata/https/server-key.pem @@ -1,16 +1,27 @@ ------BEGIN PRIVATE KEY----- -MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMH/fTBvZEqxkrFx -0cF04h3bLREk4QDUAK5vyJ6uZ7NKvffmnldtGUw8I5QtPdZjhNj6dis4EsHtIJ0y -4OjCv5p3cAQ/f8qMLILWPSVcAhpPZJMD3ZxCl14JSa/wwuEwCA4hRpXRE1nAyHa+ -lA2LQ2chM7IIYJ12qAUyHvmVCRR1AgMBAAECgYAmwckb9RUfSwyYgLm8IYLPHiuJ -wkllZfVg5Bo7gXJcQnFjZmJ56uTj8xvUjZlODIHM63TSO5ibv6kFXtXKCqZGd2M+ -wGbhZ0f+2GvKcwMmJERnIQjuoNaYSQLT0tM0VB9Iz0rJlZC+tzPZ+5pPqEumRdsS -IzWNXfF42AhcbwAQYQJBAPVXtMYIJc9EZsz86ZcQiMPWUpCX5vnRmtwL8kKyR8D5 -4KfYeiowyFffSRMMcclwNHq7TgSXN+nIXM9WyzyzwikCQQDKbNA28AgZp9aT54HP -WnbeE2pmt+uk/zl/BtxJSoK6H+69Jec+lf7EgL7HgOWYRSNot4uQWu8IhsHLTiUq -+0FtAkEAqwlRxRy4/x24bP+D+QRV0/D97j93joFJbE4Hved7jlSlAV4xDGilwlyv -HNB4Iu5OJ6Gcaibhm+FKkmD3noHSwQJBAIpu3fokLzX0bS+bDFBU6qO3HXX/47xj -+tsfQvkwZrSI8AkU6c8IX0HdVhsz0FBRQAT2ORDQz1XCarfxykNZrwUCQQCGCBIc -BBCWzhHlswlGidWJg3HqqO6hPPClEr3B5G87oCsdeYwiO23XT6rUnoJXfJHp6oCW -5nCwDu5ZTP+khltg ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA8iOyoyIDogvNcd4ZKRSSf+idMH/jDhPa3vmbWmXsIsXOc+cv +wq7DBOtyQ3eHRtJj4joIhZ9YH/zzgk9eTlqSD6yhFqB+kqOOqpP9TODt8JYJQ7jm +7HIbqqp2P3kAiSbEL/+ZAZXyjjmgTxNjv2tsQA987e6oK5ARlNipFcGRQIkT60ns +Df5PzUGPpuCrFdtFhigjeZhCu1KolsOqkd9aZyQJSy7Omrr8l06JXsMYCE4x5By2 +ZcJ+k+9S55LuJYgHStU9hkQxB+Ua9WPcwxG1TRCgnGqZetm0IgeX4vQOWhC8kAnB +D1pl6POc4OIEKSTup+6q+gJ/gKydyp8PjfXFswIDAQABAoIBAEKIvJVGy2jDhXg8 +Zv16waaT7F1fRqyfmAyc2atFRlVntQr0A5OjIcNATu1q8qjrNrb660yMNFLV1rN/ +y5IMIQZdkQX+o8j3WERW1ctCIx9wmqsZK5rc3+1NWaCnRxZoqI/n08szwKqD+yC/ +WzFF+0C/AL0ATwVpWOtlfVCVF6x7dTkTqtc+65C/nw86ymp6cDq7Fh39d0deD8HB +h4zxGnvTr4jFGkFWg6Vq4XdzKdVeVz/Njw19wJjdi/6Q3aC90APlJ6nuX3OWv6VV +/Xs9rXqIUS4bhYyRrzCQ5Y/vINZCx3ekKynfghul4NDE4zo1GQm3E+7tVYZ6ll+9 ++uHeUwECgYEA81NxVe5ViOWa4NFXucAgiNGl7KkN9/gDh77weXzGPhZDBULTv4OC +yKokQOnn41qF5eq+YRKr+B733fGEhwJRoEyoyXSDpgTxdJHKmohdxGfsRoOEMO4Z +ALm9+XmJYTq11l01M5Jqn36Smz5+iXAD7QVQdZMnA++IaBs2/uTuEQMCgYEA/sBv +GweGKfdM11ZckNG8ocrAhkttq+5V9uFcGcpBmw08vu/Woy+L1dFvyUa7Hc/l6fe1 +PLdTvNaSK6mP/gfeevwNlS1NUVLtdnOq9cl/1/xfqi8Cj46VUTqRaEQMKHCeXyuA +A3N1k06hMuW/bYstspyWvGyjsWth5QT7MNjkYZECgYEAoWcoNqfxdO1Y3uf+GOio +rBjkxyccbO/G57RwLyXlGioKKuM5MkA58IFrquN9PgI971TXE+0exWdFY6NhFW0k +WACBtZ/j86wzve83RWpPSIjm4Z87gHlvfFu4+FL2Hdij5Z3OPHdS4plDBldd+Cyl +bgOoa1VA/AtXoDbtNAcHI6ECgYB7b6ymMSgd73jpIixp82ZuErrkl2nFlA9NN3cT ++/977JcRgU7D9UbRTNDYexAxasnhaygDCmVlq6ZZx6hAk3mGp9jA/plnHUJ4UaV1 +wLPUaLHF2U9pVdId8L4CAm7NrXvfa0l04p4GyWOsMMxnfLegwuT62b0bO4fMm3RG +/+DxMQKBgQDTz8wKQFRWuDYshcRKJ8GB7Czgb4aFU0iTPFC4ql1HXkiGePDXyWjC ++6JQ3dTadn8HA540nCOWWvpgWeSCec9Q5YslpIdupMKpCx/zUfZZ2Y2/y+yJdQCr +gGDf7LxhxBHQFyCLM9KuTdCzhQPsHVFHFrfr1UdDEe/e9QaJAyUw7Q== +-----END RSA PRIVATE KEY----- From 6793ff26d8456459ddd417869a4338a2688da4bf Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 17 May 2021 13:37:02 +0200 Subject: [PATCH 127/252] pkg/fileutils: TestMatches: remove cases no longer valid for go1.16 These tests were no longer valid on Go 1.16; related to https://tip.golang.org/doc/go1.16#path/filepath > The Match and Glob functions now return an error if the unmatched part of > the pattern has a syntax error. Previously, the functions returned early on > a failed match, and thus did not report any later syntax error in the pattern. Causing the test to fail: === RUN TestMatches fileutils_test.go:388: assertion failed: error is not nil: syntax error in pattern: pattern="a\\" text="a" --- FAIL: TestMatches (0.00s) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2842639e0e22bc2f91271603fb9990fa2ac8ad2e) Signed-off-by: Sebastiaan van Stijn --- pkg/fileutils/fileutils_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkg/fileutils/fileutils_test.go b/pkg/fileutils/fileutils_test.go index 1ed0254254112..36064b6f5fbd9 100644 --- a/pkg/fileutils/fileutils_test.go +++ b/pkg/fileutils/fileutils_test.go @@ -377,8 +377,6 @@ func TestMatches(t *testing.T) { if runtime.GOOS != "windows" { tests = append(tests, []matchesTestCase{ {"a\\*b", "a*b", true}, - {"a\\", "a", false}, - {"a\\", "a\\", false}, }...) } From 09a7efb1f7479c8c179eedfc9f1e648f9b210234 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 17 May 2021 15:24:53 +0200 Subject: [PATCH 128/252] hack/ci/windows.ps1: disable go modules INFO: Running integration tests at 05/17/2021 12:54:50... INFO: DOCKER_HOST at tcp://127.0.0.1:2357 INFO: Integration API tests being run from the host: INFO: make.ps1 starting at 05/17/2021 12:54:50 powershell.exe : go: cannot find main module, but found vendor.conf in D:\gopath\src\github.com\docker\docker At D:\gopath\src\github.com\docker\docker@tmp\durable-1ed00396\powershellWrapper.ps1:3 char:1 + & powershell -NoProfile -NonInteractive -ExecutionPolicy Bypass -Comm ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (go: cannot find...m\docker\docker:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError to create a module there, run: go mod init INFO: make.ps1 ended at 05/17/2021 12:54:51 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8bae2278ba79a4bd37841edd204b9399638e65d9) Signed-off-by: Sebastiaan van Stijn --- hack/ci/windows.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/hack/ci/windows.ps1 b/hack/ci/windows.ps1 index fe166e9bb7c53..bc58bd858b1fd 100644 --- a/hack/ci/windows.ps1 +++ b/hack/ci/windows.ps1 @@ -874,6 +874,7 @@ Try { } else { $env:DOCKER_HOST=$DASHH_CUT $env:PATH="$env:TEMP\binary;$env:PATH;" # Force to use the test binaries, not the host ones. + $env:GO111MODULE="off" Write-Host -ForegroundColor Green "INFO: DOCKER_HOST at $DASHH_CUT" $ErrorActionPreference = "SilentlyContinue" From 8b0913935c60606add6bd5a4c6dcf535a387f07a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 17 May 2021 14:12:49 +0200 Subject: [PATCH 129/252] integration: ensurePlugin: disable go modules when building plugin === RUN TestServicePlugin plugin_test.go:42: assertion failed: error is not nil: error building basic plugin bin: no required module provides package github.com/docker/docker/testutil/fixtures/plugin/basic: go.mod file not found in current directory or any parent directory; see 'go help modules' : exit status 1 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 7070df3a3e4f668c10b7c8527b15e93926214244) Signed-off-by: Sebastiaan van Stijn --- integration/plugin/logging/helpers_test.go | 2 +- integration/plugin/volumes/helpers_test.go | 2 +- testutil/fixtures/plugin/plugin.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/integration/plugin/logging/helpers_test.go b/integration/plugin/logging/helpers_test.go index f37d7aa94b0a6..7a9f146c9d3f4 100644 --- a/integration/plugin/logging/helpers_test.go +++ b/integration/plugin/logging/helpers_test.go @@ -31,7 +31,7 @@ func ensurePlugin(t *testing.T, name string) string { } cmd := exec.Command(goBin, "build", "-o", installPath, "./"+filepath.Join("cmd", name)) - cmd.Env = append(os.Environ(), "CGO_ENABLED=0") + cmd.Env = append(os.Environ(), "CGO_ENABLED=0", "GO111MODULE=off") if out, err := cmd.CombinedOutput(); err != nil { t.Fatal(errors.Wrapf(err, "error building basic plugin bin: %s", string(out))) } diff --git a/integration/plugin/volumes/helpers_test.go b/integration/plugin/volumes/helpers_test.go index 953ed0a584e4b..96cefead92df0 100644 --- a/integration/plugin/volumes/helpers_test.go +++ b/integration/plugin/volumes/helpers_test.go @@ -36,7 +36,7 @@ func ensurePlugin(t *testing.T, name string) string { assert.NilError(t, err) cmd := exec.Command(goBin, "build", "-o", installPath, "./"+filepath.Join("cmd", name)) - cmd.Env = append(os.Environ(), "CGO_ENABLED=0") + cmd.Env = append(os.Environ(), "CGO_ENABLED=0", "GO111MODULE=off") if out, err := cmd.CombinedOutput(); err != nil { t.Fatal(errors.Wrapf(err, "error building basic plugin bin: %s", string(out))) } diff --git a/testutil/fixtures/plugin/plugin.go b/testutil/fixtures/plugin/plugin.go index 88f1bd9b3a119..4a89a6c4e9851 100644 --- a/testutil/fixtures/plugin/plugin.go +++ b/testutil/fixtures/plugin/plugin.go @@ -222,7 +222,7 @@ func ensureBasicPluginBin() (string, error) { installPath := filepath.Join(os.Getenv("GOPATH"), "bin", name) sourcePath := filepath.Join("github.com", "docker", "docker", "testutil", "fixtures", "plugin", "basic") cmd := exec.Command(goBin, "build", "-o", installPath, sourcePath) - cmd.Env = append(os.Environ(), "CGO_ENABLED=0") + cmd.Env = append(os.Environ(), "CGO_ENABLED=0", "GO111MODULE=off") if out, err := cmd.CombinedOutput(); err != nil { return "", errors.Wrapf(err, "error building basic plugin bin: %s", string(out)) } From 55c363ef48c9dd5e01f95ba4f3cfd3741abe971b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 7 Jan 2020 16:40:02 +0100 Subject: [PATCH 130/252] Bump go 1.16.5 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ae5ddd257cf328b2c045999a0813c95fd8943562) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 67e6ff1f77113..cea7a90b1c49f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.5 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index b798c86175e4a..a92bba599d831 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.5 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index a46ff4aa34165..85b7cbb5c209d 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.5 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index fa73c52a728ca..ec40bdd0c1103 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.13.15 +ARG GO_VERSION=1.16.5 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 7c6645b32b8fae91a2c82cc06ef4c0351895e6c5 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 20 May 2021 11:19:22 +0200 Subject: [PATCH 131/252] update archive/tar patch for go 1.16 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f400e84a43817e0977a8a2980e75ed8050a13ce0) Signed-off-by: Sebastiaan van Stijn --- .../0001-archive-tar-do-not-populate-user-group-names.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/patches/0001-archive-tar-do-not-populate-user-group-names.patch b/patches/0001-archive-tar-do-not-populate-user-group-names.patch index 0af43b3fcb9b8..c5599b6102d66 100644 --- a/patches/0001-archive-tar-do-not-populate-user-group-names.patch +++ b/patches/0001-archive-tar-do-not-populate-user-group-names.patch @@ -23,7 +23,7 @@ index 868105f338..9640ed4bab 100644 @@ -8,10 +8,7 @@ package tar import ( - "os" + "io/fs" - "os/user" "runtime" - "strconv" @@ -39,7 +39,7 @@ index 868105f338..9640ed4bab 100644 -// The downside is that renaming uname or gname by the OS never takes effect. -var userMap, groupMap sync.Map // map[int]string - - func statUnix(fi os.FileInfo, h *Header) error { + func statUnix(fi fs.FileInfo, h *Header) error { sys, ok := fi.Sys().(*syscall.Stat_t) if !ok { @@ -31,22 +24,9 @@ func statUnix(fi os.FileInfo, h *Header) error { From abe8c4e80dd90b16c3e748875158a00b4a6b59c2 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 20 May 2021 11:56:19 +0200 Subject: [PATCH 132/252] updated vendored archive/tar to go1.16.5 result of: `hack/vendor.sh archive/tar` Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 3ed804aecaa93e38af7bc7abdf86e5e50cd56b1e) Signed-off-by: Sebastiaan van Stijn --- vendor/archive/tar/common.go | 68 +++++++++++++++--------------- vendor/archive/tar/reader.go | 9 ++-- vendor/archive/tar/reader_test.go | 5 +-- vendor/archive/tar/stat_unix.go | 6 +-- vendor/archive/tar/strconv.go | 23 +++++++++- vendor/archive/tar/strconv_test.go | 7 +++ vendor/archive/tar/tar_test.go | 30 ++++++------- vendor/archive/tar/writer_test.go | 3 +- 8 files changed, 87 insertions(+), 64 deletions(-) diff --git a/vendor/archive/tar/common.go b/vendor/archive/tar/common.go index dee9e47e4ae48..c667cfc8720b5 100644 --- a/vendor/archive/tar/common.go +++ b/vendor/archive/tar/common.go @@ -13,8 +13,8 @@ package tar import ( "errors" "fmt" + "io/fs" "math" - "os" "path" "reflect" "strconv" @@ -525,12 +525,12 @@ func (h Header) allowedFormats() (format Format, paxHdrs map[string]string, err return format, paxHdrs, err } -// FileInfo returns an os.FileInfo for the Header. -func (h *Header) FileInfo() os.FileInfo { +// FileInfo returns an fs.FileInfo for the Header. +func (h *Header) FileInfo() fs.FileInfo { return headerFileInfo{h} } -// headerFileInfo implements os.FileInfo. +// headerFileInfo implements fs.FileInfo. type headerFileInfo struct { h *Header } @@ -549,57 +549,57 @@ func (fi headerFileInfo) Name() string { } // Mode returns the permission and mode bits for the headerFileInfo. -func (fi headerFileInfo) Mode() (mode os.FileMode) { +func (fi headerFileInfo) Mode() (mode fs.FileMode) { // Set file permission bits. - mode = os.FileMode(fi.h.Mode).Perm() + mode = fs.FileMode(fi.h.Mode).Perm() // Set setuid, setgid and sticky bits. if fi.h.Mode&c_ISUID != 0 { - mode |= os.ModeSetuid + mode |= fs.ModeSetuid } if fi.h.Mode&c_ISGID != 0 { - mode |= os.ModeSetgid + mode |= fs.ModeSetgid } if fi.h.Mode&c_ISVTX != 0 { - mode |= os.ModeSticky + mode |= fs.ModeSticky } // Set file mode bits; clear perm, setuid, setgid, and sticky bits. - switch m := os.FileMode(fi.h.Mode) &^ 07777; m { + switch m := fs.FileMode(fi.h.Mode) &^ 07777; m { case c_ISDIR: - mode |= os.ModeDir + mode |= fs.ModeDir case c_ISFIFO: - mode |= os.ModeNamedPipe + mode |= fs.ModeNamedPipe case c_ISLNK: - mode |= os.ModeSymlink + mode |= fs.ModeSymlink case c_ISBLK: - mode |= os.ModeDevice + mode |= fs.ModeDevice case c_ISCHR: - mode |= os.ModeDevice - mode |= os.ModeCharDevice + mode |= fs.ModeDevice + mode |= fs.ModeCharDevice case c_ISSOCK: - mode |= os.ModeSocket + mode |= fs.ModeSocket } switch fi.h.Typeflag { case TypeSymlink: - mode |= os.ModeSymlink + mode |= fs.ModeSymlink case TypeChar: - mode |= os.ModeDevice - mode |= os.ModeCharDevice + mode |= fs.ModeDevice + mode |= fs.ModeCharDevice case TypeBlock: - mode |= os.ModeDevice + mode |= fs.ModeDevice case TypeDir: - mode |= os.ModeDir + mode |= fs.ModeDir case TypeFifo: - mode |= os.ModeNamedPipe + mode |= fs.ModeNamedPipe } return mode } // sysStat, if non-nil, populates h from system-dependent fields of fi. -var sysStat func(fi os.FileInfo, h *Header) error +var sysStat func(fi fs.FileInfo, h *Header) error const ( // Mode constants from the USTAR spec: @@ -623,10 +623,10 @@ const ( // If fi describes a symlink, FileInfoHeader records link as the link target. // If fi describes a directory, a slash is appended to the name. // -// Since os.FileInfo's Name method only returns the base name of +// Since fs.FileInfo's Name method only returns the base name of // the file it describes, it may be necessary to modify Header.Name // to provide the full path name of the file. -func FileInfoHeader(fi os.FileInfo, link string) (*Header, error) { +func FileInfoHeader(fi fs.FileInfo, link string) (*Header, error) { if fi == nil { return nil, errors.New("archive/tar: FileInfo is nil") } @@ -643,29 +643,29 @@ func FileInfoHeader(fi os.FileInfo, link string) (*Header, error) { case fi.IsDir(): h.Typeflag = TypeDir h.Name += "/" - case fm&os.ModeSymlink != 0: + case fm&fs.ModeSymlink != 0: h.Typeflag = TypeSymlink h.Linkname = link - case fm&os.ModeDevice != 0: - if fm&os.ModeCharDevice != 0 { + case fm&fs.ModeDevice != 0: + if fm&fs.ModeCharDevice != 0 { h.Typeflag = TypeChar } else { h.Typeflag = TypeBlock } - case fm&os.ModeNamedPipe != 0: + case fm&fs.ModeNamedPipe != 0: h.Typeflag = TypeFifo - case fm&os.ModeSocket != 0: + case fm&fs.ModeSocket != 0: return nil, fmt.Errorf("archive/tar: sockets not supported") default: return nil, fmt.Errorf("archive/tar: unknown file mode %v", fm) } - if fm&os.ModeSetuid != 0 { + if fm&fs.ModeSetuid != 0 { h.Mode |= c_ISUID } - if fm&os.ModeSetgid != 0 { + if fm&fs.ModeSetgid != 0 { h.Mode |= c_ISGID } - if fm&os.ModeSticky != 0 { + if fm&fs.ModeSticky != 0 { h.Mode |= c_ISVTX } // If possible, populate additional fields from OS-specific diff --git a/vendor/archive/tar/reader.go b/vendor/archive/tar/reader.go index 39437185179a6..1b1d5b46891b6 100644 --- a/vendor/archive/tar/reader.go +++ b/vendor/archive/tar/reader.go @@ -7,7 +7,6 @@ package tar import ( "bytes" "io" - "io/ioutil" "strconv" "strings" "time" @@ -104,7 +103,7 @@ func (tr *Reader) next() (*Header, error) { continue // This is a meta header affecting the next header case TypeGNULongName, TypeGNULongLink: format.mayOnlyBe(FormatGNU) - realname, err := ioutil.ReadAll(tr) + realname, err := io.ReadAll(tr) if err != nil { return nil, err } @@ -294,7 +293,7 @@ func mergePAX(hdr *Header, paxHdrs map[string]string) (err error) { // parsePAX parses PAX headers. // If an extended header (type 'x') is invalid, ErrHeader is returned func parsePAX(r io.Reader) (map[string]string, error) { - buf, err := ioutil.ReadAll(r) + buf, err := io.ReadAll(r) if err != nil { return nil, err } @@ -433,7 +432,7 @@ func (tr *Reader) readHeader() (*Header, *block, error) { // files generated by a pre-Go1.8 toolchain. If the generated file // happened to have a prefix field that parses as valid // atime and ctime fields (e.g., when they are valid octal strings), - // then it is impossible to distinguish between an valid GNU file + // then it is impossible to distinguish between a valid GNU file // and an invalid pre-Go1.8 file. // // See https://golang.org/issues/12594 @@ -850,7 +849,7 @@ func discard(r io.Reader, n int64) error { } } - copySkipped, err := io.CopyN(ioutil.Discard, r, n-seekSkipped) + copySkipped, err := io.CopyN(io.Discard, r, n-seekSkipped) if err == io.EOF && seekSkipped+copySkipped < n { err = io.ErrUnexpectedEOF } diff --git a/vendor/archive/tar/reader_test.go b/vendor/archive/tar/reader_test.go index f153b668deff8..789ddc1bc0345 100644 --- a/vendor/archive/tar/reader_test.go +++ b/vendor/archive/tar/reader_test.go @@ -10,7 +10,6 @@ import ( "errors" "fmt" "io" - "io/ioutil" "math" "os" "path" @@ -773,7 +772,7 @@ func TestReadTruncation(t *testing.T) { "testdata/pax-path-hdr.tar", "testdata/sparse-formats.tar", } { - buf, err := ioutil.ReadFile(p) + buf, err := os.ReadFile(p) if err != nil { t.Fatalf("unexpected error: %v", err) } @@ -865,7 +864,7 @@ func TestReadTruncation(t *testing.T) { } cnt++ if s2 == "manual" { - if _, err = tr.writeTo(ioutil.Discard); err != nil { + if _, err = tr.writeTo(io.Discard); err != nil { break } } diff --git a/vendor/archive/tar/stat_unix.go b/vendor/archive/tar/stat_unix.go index 5c346b8d6a535..db697f51d0f40 100644 --- a/vendor/archive/tar/stat_unix.go +++ b/vendor/archive/tar/stat_unix.go @@ -7,7 +7,7 @@ package tar import ( - "os" + "io/fs" "runtime" "syscall" ) @@ -16,7 +16,7 @@ func init() { sysStat = statUnix } -func statUnix(fi os.FileInfo, h *Header) error { +func statUnix(fi fs.FileInfo, h *Header) error { sys, ok := fi.Sys().(*syscall.Stat_t) if !ok { return nil @@ -46,7 +46,7 @@ func statUnix(fi os.FileInfo, h *Header) error { minor := uint32((dev & 0x00000000000000ff) >> 0) minor |= uint32((dev & 0x00000ffffff00000) >> 12) h.Devmajor, h.Devminor = int64(major), int64(minor) - case "darwin": + case "darwin", "ios": // Copied from golang.org/x/sys/unix/dev_darwin.go. major := uint32((dev >> 24) & 0xff) minor := uint32(dev & 0xffffff) diff --git a/vendor/archive/tar/strconv.go b/vendor/archive/tar/strconv.go index 0a910f33b9d68..f0b61e6dba69a 100644 --- a/vendor/archive/tar/strconv.go +++ b/vendor/archive/tar/strconv.go @@ -28,7 +28,7 @@ func isASCII(s string) bool { } // toASCII converts the input to an ASCII C-style string. -// This a best effort conversion, so invalid characters are dropped. +// This is a best effort conversion, so invalid characters are dropped. func toASCII(s string) string { if isASCII(s) { return s @@ -265,8 +265,27 @@ func parsePAXRecord(s string) (k, v, r string, err error) { return "", "", s, ErrHeader } + afterSpace := int64(sp + 1) + beforeLastNewLine := n - 1 + // In some cases, "length" was perhaps padded/malformed, and + // trying to index past where the space supposedly is goes past + // the end of the actual record. + // For example: + // "0000000000000000000000000000000030 mtime=1432668921.098285006\n30 ctime=2147483649.15163319" + // ^ ^ + // | | + // | afterSpace=35 + // | + // beforeLastNewLine=29 + // yet indexOf(firstSpace) MUST BE before endOfRecord. + // + // See https://golang.org/issues/40196. + if afterSpace >= beforeLastNewLine { + return "", "", s, ErrHeader + } + // Extract everything between the space and the final newline. - rec, nl, rem := s[sp+1:n-1], s[n-1:n], s[n:] + rec, nl, rem := s[afterSpace:beforeLastNewLine], s[beforeLastNewLine:n], s[n:] if nl != "\n" { return "", "", s, ErrHeader } diff --git a/vendor/archive/tar/strconv_test.go b/vendor/archive/tar/strconv_test.go index dd3505a758af8..add65e272ae6d 100644 --- a/vendor/archive/tar/strconv_test.go +++ b/vendor/archive/tar/strconv_test.go @@ -368,6 +368,13 @@ func TestParsePAXRecord(t *testing.T) { {"16 longkeyname=hahaha\n", "16 longkeyname=hahaha\n", "", "", false}, {"3 somelongkey=\n", "3 somelongkey=\n", "", "", false}, {"50 tooshort=\n", "50 tooshort=\n", "", "", false}, + {"0000000000000000000000000000000030 mtime=1432668921.098285006\n30 ctime=2147483649.15163319", "0000000000000000000000000000000030 mtime=1432668921.098285006\n30 ctime=2147483649.15163319", "mtime", "1432668921.098285006", false}, + {"06 k=v\n", "06 k=v\n", "", "", false}, + {"00006 k=v\n", "00006 k=v\n", "", "", false}, + {"000006 k=v\n", "000006 k=v\n", "", "", false}, + {"000000 k=v\n", "000000 k=v\n", "", "", false}, + {"0 k=v\n", "0 k=v\n", "", "", false}, + {"+0000005 x=\n", "+0000005 x=\n", "", "", false}, } for _, v := range vectors { diff --git a/vendor/archive/tar/tar_test.go b/vendor/archive/tar/tar_test.go index 2676853122a56..91b38401b6c10 100644 --- a/vendor/archive/tar/tar_test.go +++ b/vendor/archive/tar/tar_test.go @@ -10,7 +10,7 @@ import ( "fmt" "internal/testenv" "io" - "io/ioutil" + "io/fs" "math" "os" "path" @@ -262,7 +262,7 @@ func TestFileInfoHeaderDir(t *testing.T) { func TestFileInfoHeaderSymlink(t *testing.T) { testenv.MustHaveSymlink(t) - tmpdir, err := ioutil.TempDir("", "TestFileInfoHeaderSymlink") + tmpdir, err := os.MkdirTemp("", "TestFileInfoHeaderSymlink") if err != nil { t.Fatal(err) } @@ -327,7 +327,7 @@ func TestRoundTrip(t *testing.T) { if !reflect.DeepEqual(rHdr, hdr) { t.Errorf("Header mismatch.\n got %+v\nwant %+v", rHdr, hdr) } - rData, err := ioutil.ReadAll(tr) + rData, err := io.ReadAll(tr) if err != nil { t.Fatalf("Read: %v", err) } @@ -338,7 +338,7 @@ func TestRoundTrip(t *testing.T) { type headerRoundTripTest struct { h *Header - fm os.FileMode + fm fs.FileMode } func TestHeaderRoundTrip(t *testing.T) { @@ -361,7 +361,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360600852, 0), Typeflag: TypeSymlink, }, - fm: 0777 | os.ModeSymlink, + fm: 0777 | fs.ModeSymlink, }, { // character device node. h: &Header{ @@ -371,7 +371,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360578951, 0), Typeflag: TypeChar, }, - fm: 0666 | os.ModeDevice | os.ModeCharDevice, + fm: 0666 | fs.ModeDevice | fs.ModeCharDevice, }, { // block device node. h: &Header{ @@ -381,7 +381,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360578954, 0), Typeflag: TypeBlock, }, - fm: 0660 | os.ModeDevice, + fm: 0660 | fs.ModeDevice, }, { // directory. h: &Header{ @@ -391,7 +391,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360601116, 0), Typeflag: TypeDir, }, - fm: 0755 | os.ModeDir, + fm: 0755 | fs.ModeDir, }, { // fifo node. h: &Header{ @@ -401,7 +401,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360578949, 0), Typeflag: TypeFifo, }, - fm: 0600 | os.ModeNamedPipe, + fm: 0600 | fs.ModeNamedPipe, }, { // setuid. h: &Header{ @@ -411,7 +411,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1355405093, 0), Typeflag: TypeReg, }, - fm: 0755 | os.ModeSetuid, + fm: 0755 | fs.ModeSetuid, }, { // setguid. h: &Header{ @@ -421,7 +421,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360602346, 0), Typeflag: TypeReg, }, - fm: 0750 | os.ModeSetgid, + fm: 0750 | fs.ModeSetgid, }, { // sticky. h: &Header{ @@ -431,7 +431,7 @@ func TestHeaderRoundTrip(t *testing.T) { ModTime: time.Unix(1360602540, 0), Typeflag: TypeReg, }, - fm: 0600 | os.ModeSticky, + fm: 0600 | fs.ModeSticky, }, { // hard link. h: &Header{ @@ -804,9 +804,9 @@ func Benchmark(b *testing.B) { b.Run(v.label, func(b *testing.B) { b.ReportAllocs() for i := 0; i < b.N; i++ { - // Writing to ioutil.Discard because we want to + // Writing to io.Discard because we want to // test purely the writer code and not bring in disk performance into this. - tw := NewWriter(ioutil.Discard) + tw := NewWriter(io.Discard) for _, file := range v.files { if err := tw.WriteHeader(file.hdr); err != nil { b.Errorf("unexpected WriteHeader error: %v", err) @@ -844,7 +844,7 @@ func Benchmark(b *testing.B) { if _, err := tr.Next(); err != nil { b.Errorf("unexpected Next error: %v", err) } - if _, err := io.Copy(ioutil.Discard, tr); err != nil { + if _, err := io.Copy(io.Discard, tr); err != nil { b.Errorf("unexpected Copy error : %v", err) } } diff --git a/vendor/archive/tar/writer_test.go b/vendor/archive/tar/writer_test.go index 30556d27d027f..a00f02d8fab69 100644 --- a/vendor/archive/tar/writer_test.go +++ b/vendor/archive/tar/writer_test.go @@ -9,7 +9,6 @@ import ( "encoding/hex" "errors" "io" - "io/ioutil" "os" "path" "reflect" @@ -520,7 +519,7 @@ func TestWriter(t *testing.T) { } if v.file != "" { - want, err := ioutil.ReadFile(v.file) + want, err := os.ReadFile(v.file) if err != nil { t.Fatalf("ReadFile() = %v, want nil", err) } From b0da207af48c50c851f8e2e5eb358b67059749b0 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 13 Jul 2021 12:41:07 +0200 Subject: [PATCH 133/252] Bump go 1.16.6 (addresses CVE-2021-34558) This addresses CVE-2021-34558: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34558 go1.16.6 (released 2021-07-12) includes a security fix to the crypto/tls package, as well as bug fixes to the compiler, and the net and net/http packages. See the Go 1.16.6 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.6+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit fe6f1a4067e15f99adceaa5a1a305103ca09d3f6) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index cea7a90b1c49f..d979a8591038e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.5 +ARG GO_VERSION=1.16.6 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index a92bba599d831..f9ecbbac3a864 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.5 +ARG GO_VERSION=1.16.6 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 85b7cbb5c209d..a9a2e0e4b08c3 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.5 +ARG GO_VERSION=1.16.6 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index ec40bdd0c1103..e4caa8c237b33 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.5 +ARG GO_VERSION=1.16.6 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 067918a8c3018580c86e6c6e6326f68add162876 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 19 Jul 2021 21:21:16 +0200 Subject: [PATCH 134/252] [20.10] update containerd binary v1.4.8 Update to containerd 1.4.8 to address [CVE-2021-32760][1]. [1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760 Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 95c1822f693b7..803a22b7f108d 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=3194fb46e8311ae0eeae5a7a5843573adfebb16d}" # v1.4.7 +: "${CONTAINERD_COMMIT:=7eba5930496d9bbe375fdf71603e610ad737d2b2}" # v1.4.8 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 4cfeb27f78bca36c63c580b47e0f3ba28338c272 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 18 Jul 2021 20:19:33 +0900 Subject: [PATCH 135/252] update runc binary to v1.0.1 Signed-off-by: Akihiro Suda (cherry picked from commit f50c7644cff52feb31ab04becb6cb089fea07e53) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 8bcda7018fac3..b2d8f6ec893a0 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=84113eef6fc27af1b01b3181f31bbaf708715301} # v1.0.0 +: ${RUNC_COMMIT:=4144b63817ebcc5b358fc2c8ef95f7cddd709aa7} # v1.0.1 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting From e8fb8f7acd461db932bce5d7752c33fc9d75020d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 29 Jul 2021 19:43:43 +0200 Subject: [PATCH 136/252] [20.10] update containerd binary to v1.4.9 Welcome to the v1.4.9 release of containerd! The ninth patch release for containerd 1.4 updates runc to 1.0.1 and contains other minor updates. Notable Updates - Update runc binary to 1.0.1 - Update pull authorization logic on redirect - Fix user agent used for fetching registry authentication tokens Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 803a22b7f108d..47fbf06d1d428 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=7eba5930496d9bbe375fdf71603e610ad737d2b2}" # v1.4.8 +: "${CONTAINERD_COMMIT:=e25210fe30a0a703442421b0f60afac609f950a3}" # v1.4.9 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From decb56ac895c884b7b082bb56f299cf424219a13 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 7 Aug 2021 18:14:58 +0200 Subject: [PATCH 137/252] Update Go to 1.16.7 go1.16.7 (released 2021-08-05) includes a security fix to the net/http/httputil package, as well as bug fixes to the compiler, the linker, the runtime, the go command, and the net/http package. See the Go 1.16.7 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.7+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn (cherry picked from commit b1f7ffea9f1cbb1c46856a6045b88d3cd6f9da27) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index d979a8591038e..0a9e1422135ae 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index f9ecbbac3a864..f73f639fe0f3f 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index a9a2e0e4b08c3..ac0461637b8f6 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index e4caa8c237b33..7e1ae9617d14b 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.6 +ARG GO_VERSION=1.16.7 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From b0c0b737987b81d5ea2a44726b771d279cf315b2 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 4 Aug 2021 16:34:09 +0900 Subject: [PATCH 138/252] bump up rootlesskit to v0.14.4 Fixes `panic: tap2vif: read: read /dev/net/tun: not pollable` on early start up of RootlessKit with VPNKit. Changes: - https://github.com/rootless-containers/rootlesskit/releases/tag/v0.14.4 - https://github.com/rootless-containers/rootlesskit/releases/tag/v0.14.3 Signed-off-by: Akihiro Suda (cherry picked from commit 9499acc36092929d4737df5f1a64c36662bed39b) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/rootlesskit.installer | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index b2ec88f8e8981..fe1b8d88dddf4 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,7 @@ #!/bin/sh -# v0.14.2 -: "${ROOTLESSKIT_COMMIT:=4cd567642273d369adaadcbadca00880552c1778}" +# v0.14.4 +: "${ROOTLESSKIT_COMMIT:=87d443683ac1e8aba4110b8081f15aaae432aaa2}" install_rootlesskit() { case "$1" in From 93ac040bf0c0b51d9a7fedaf994bf5bf1d68ee0e Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Fri, 2 Jul 2021 17:27:45 +0000 Subject: [PATCH 139/252] Lock down docker root dir perms. Do not use 0701 perms. 0701 dir perms allows anyone to traverse the docker dir. It happens to allow any user to execute, as an example, suid binaries from image rootfs dirs because it allows traversal AND critically container users need to be able to do execute things. 0701 on lower directories also happens to allow any user to modify things in, for instance, the overlay upper dir which neccessarily has 0755 permissions. This changes to use 0710 which allows users in the group to traverse. In userns mode the UID owner is (real) root and the GID is the remapped root's GID. This prevents anyone but the remapped root to traverse our directories (which is required for userns with runc). Signed-off-by: Brian Goff (cherry picked from commit ef7237442147441a7cadcda0600be1186d81ac73) Signed-off-by: Brian Goff --- daemon/container_operations_unix.go | 2 +- daemon/create.go | 5 ++-- daemon/daemon.go | 5 +++- daemon/daemon_unix.go | 14 +++++------ daemon/graphdriver/aufs/aufs.go | 13 ++++++++-- daemon/graphdriver/btrfs/btrfs.go | 18 ++++++++++++-- .../fuse-overlayfs/fuseoverlayfs.go | 24 +++++++++++++++---- daemon/graphdriver/overlay/overlay.go | 20 ++++++++++++---- daemon/graphdriver/overlay2/overlay.go | 24 +++++++++++++++---- daemon/graphdriver/vfs/driver.go | 17 +++++++++++-- daemon/graphdriver/zfs/zfs.go | 11 ++++++++- 11 files changed, 121 insertions(+), 32 deletions(-) diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go index 5521adbd27494..1647df0ce7ba8 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -466,5 +466,5 @@ func (daemon *Daemon) setupContainerMountsRoot(c *container.Container) error { if err != nil { return err } - return idtools.MkdirAllAndChown(p, 0701, idtools.CurrentIdentity()) + return idtools.MkdirAllAndChown(p, 0710, idtools.Identity{UID: idtools.CurrentIdentity().UID, GID: daemon.IdentityMapping().RootPair().GID}) } diff --git a/daemon/create.go b/daemon/create.go index 57f1eff66549f..b07851aec96ce 100644 --- a/daemon/create.go +++ b/daemon/create.go @@ -212,10 +212,11 @@ func (daemon *Daemon) create(opts createOpts) (retC *container.Container, retErr } ctr.RWLayer = rwLayer - if err := idtools.MkdirAndChown(ctr.Root, 0701, idtools.CurrentIdentity()); err != nil { + current := idtools.CurrentIdentity() + if err := idtools.MkdirAndChown(ctr.Root, 0710, idtools.Identity{UID: current.UID, GID: daemon.IdentityMapping().RootPair().GID}); err != nil { return nil, err } - if err := idtools.MkdirAndChown(ctr.CheckpointDir(), 0700, idtools.CurrentIdentity()); err != nil { + if err := idtools.MkdirAndChown(ctr.CheckpointDir(), 0700, current); err != nil { return nil, err } diff --git a/daemon/daemon.go b/daemon/daemon.go index 3d8cca2880101..2a2fbbd52e19b 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go @@ -861,7 +861,10 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S } daemonRepo := filepath.Join(config.Root, "containers") - if err := idtools.MkdirAllAndChown(daemonRepo, 0701, idtools.CurrentIdentity()); err != nil { + if err := idtools.MkdirAllAndChown(daemonRepo, 0710, idtools.Identity{ + UID: idtools.CurrentIdentity().UID, + GID: rootIDs.GID, + }); err != nil { return nil, err } diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index 8754d4f97283a..d982018c34293 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -1216,21 +1216,21 @@ func setupDaemonRoot(config *config.Config, rootDir string, remappedRoot idtools } } + id := idtools.Identity{UID: idtools.CurrentIdentity().UID, GID: remappedRoot.GID} + // First make sure the current root dir has the correct perms. + if err := idtools.MkdirAllAndChown(config.Root, 0710, id); err != nil { + return errors.Wrapf(err, "could not create or set daemon root permissions: %s", config.Root) + } + // if user namespaces are enabled we will create a subtree underneath the specified root // with any/all specified remapped root uid/gid options on the daemon creating // a new subdirectory with ownership set to the remapped uid/gid (so as to allow // `chdir()` to work for containers namespaced to that uid/gid) if config.RemappedRoot != "" { - id := idtools.CurrentIdentity() - // First make sure the current root dir has the correct perms. - if err := idtools.MkdirAllAndChown(config.Root, 0701, id); err != nil { - return errors.Wrapf(err, "could not create or set daemon root permissions: %s", config.Root) - } - config.Root = filepath.Join(rootDir, fmt.Sprintf("%d.%d", remappedRoot.UID, remappedRoot.GID)) logrus.Debugf("Creating user namespaced daemon root: %s", config.Root) // Create the root directory if it doesn't exist - if err := idtools.MkdirAllAndChown(config.Root, 0701, id); err != nil { + if err := idtools.MkdirAllAndChown(config.Root, 0710, id); err != nil { return fmt.Errorf("Cannot create daemon root: %s: %v", config.Root, err) } // we also need to verify that any pre-existing directories in the path to diff --git a/daemon/graphdriver/aufs/aufs.go b/daemon/graphdriver/aufs/aufs.go index b007274e13f19..cfa18666d9cd2 100644 --- a/daemon/graphdriver/aufs/aufs.go +++ b/daemon/graphdriver/aufs/aufs.go @@ -130,14 +130,23 @@ func Init(root string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap } currentID := idtools.CurrentIdentity() + _, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) + if err != nil { + return nil, err + } + dirID := idtools.Identity{ + UID: currentID.UID, + GID: rootGID, + } + // Create the root aufs driver dir - if err := idtools.MkdirAllAndChown(root, 0701, currentID); err != nil { + if err := idtools.MkdirAllAndChown(root, 0710, dirID); err != nil { return nil, err } // Populate the dir structure for _, p := range paths { - if err := idtools.MkdirAllAndChown(path.Join(root, p), 0701, currentID); err != nil { + if err := idtools.MkdirAllAndChown(path.Join(root, p), 0710, dirID); err != nil { return nil, err } } diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go index 0499489d16e60..8fd2854a26731 100644 --- a/daemon/graphdriver/btrfs/btrfs.go +++ b/daemon/graphdriver/btrfs/btrfs.go @@ -70,7 +70,14 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap return nil, graphdriver.ErrPrerequisites } - if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { + remappedRoot := idtools.NewIDMappingsFromMaps(uidMaps, gidMaps) + currentID := idtools.CurrentIdentity() + dirID := idtools.Identity{ + UID: currentID.UID, + GID: remappedRoot.RootPair().GID, + } + + if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { return nil, err } @@ -521,7 +528,14 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error { if err != nil { return err } - if err := idtools.MkdirAllAndChown(subvolumes, 0701, idtools.CurrentIdentity()); err != nil { + + currentID := idtools.CurrentIdentity() + dirID := idtools.Identity{ + UID: currentID.UID, + GID: rootGID, + } + + if err := idtools.MkdirAllAndChown(subvolumes, 0710, dirID); err != nil { return err } if parent == "" { diff --git a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go index 782e8be984469..1bf30f42980ab 100644 --- a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go +++ b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go @@ -88,7 +88,17 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap return nil, graphdriver.ErrNotSupported } - if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0701, idtools.CurrentIdentity()); err != nil { + remappedRoot := idtools.NewIDMappingsFromMaps(uidMaps, gidMaps) + currentID := idtools.CurrentIdentity() + dirID := idtools.Identity{ + UID: currentID.UID, + GID: remappedRoot.RootPair().GID, + } + + if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { + return nil, err + } + if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 700, currentID); err != nil { return nil, err } @@ -173,11 +183,15 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr } root := idtools.Identity{UID: rootUID, GID: rootGID} - currentID := idtools.CurrentIdentity() - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, currentID); err != nil { + dirID := idtools.Identity{ + UID: rootUID, + GID: rootGID, + } + + if err := idtools.MkdirAllAndChown(path.Dir(dir), 0710, dirID); err != nil { return err } - if err := idtools.MkdirAndChown(dir, 0701, currentID); err != nil { + if err := idtools.MkdirAndChown(dir, 0710, dirID); err != nil { return err } @@ -211,7 +225,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr return nil } - if err := idtools.MkdirAndChown(path.Join(dir, workDirName), 0701, currentID); err != nil { + if err := idtools.MkdirAndChown(path.Join(dir, workDirName), 0710, dirID); err != nil { return err } diff --git a/daemon/graphdriver/overlay/overlay.go b/daemon/graphdriver/overlay/overlay.go index 90be0e3d645b2..6e9897da05142 100644 --- a/daemon/graphdriver/overlay/overlay.go +++ b/daemon/graphdriver/overlay/overlay.go @@ -156,11 +156,20 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap logrus.WithField("storage-driver", "overlay").Warn(overlayutils.ErrDTypeNotSupported("overlay", backingFs)) } - // Create the driver home dir - if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { + currentID := idtools.CurrentIdentity() + _, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) + if err != nil { return nil, err } + dirID := idtools.Identity{ + UID: currentID.UID, + GID: rootGID, + } + // Create the driver home dir + if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { + return nil, err + } d := &Driver{ home: home, uidMaps: uidMaps, @@ -262,10 +271,11 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) (retErr root := idtools.Identity{UID: rootUID, GID: rootGID} currentID := idtools.CurrentIdentity() - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, currentID); err != nil { - return err + dirID := idtools.Identity{ + UID: currentID.UID, + GID: rootGID, } - if err := idtools.MkdirAndChown(dir, 0701, currentID); err != nil { + if err := idtools.MkdirAndChown(dir, 0710, dirID); err != nil { return err } diff --git a/daemon/graphdriver/overlay2/overlay.go b/daemon/graphdriver/overlay2/overlay.go index 36a921a018884..562d1e58fd13c 100644 --- a/daemon/graphdriver/overlay2/overlay.go +++ b/daemon/graphdriver/overlay2/overlay.go @@ -165,7 +165,20 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap logger.Warn(overlayutils.ErrDTypeNotSupported("overlay2", backingFs)) } - if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0701, idtools.CurrentIdentity()); err != nil { + _, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) + if err != nil { + return nil, err + } + + cur := idtools.CurrentIdentity() + dirID := idtools.Identity{ + UID: cur.UID, + GID: rootGID, + } + if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { + return nil, err + } + if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0700, cur); err != nil { return nil, err } @@ -344,12 +357,15 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr return err } root := idtools.Identity{UID: rootUID, GID: rootGID} - current := idtools.CurrentIdentity() + dirID := idtools.Identity{ + UID: idtools.CurrentIdentity().UID, + GID: rootGID, + } - if err := idtools.MkdirAllAndChown(path.Dir(dir), 0701, current); err != nil { + if err := idtools.MkdirAllAndChown(path.Dir(dir), 0710, dirID); err != nil { return err } - if err := idtools.MkdirAndChown(dir, 0701, current); err != nil { + if err := idtools.MkdirAndChown(dir, 0710, dirID); err != nil { return err } diff --git a/daemon/graphdriver/vfs/driver.go b/daemon/graphdriver/vfs/driver.go index af9b107609e47..f903393da2b03 100644 --- a/daemon/graphdriver/vfs/driver.go +++ b/daemon/graphdriver/vfs/driver.go @@ -37,8 +37,16 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap if err := d.parseOptions(options); err != nil { return nil, err } + _, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) + if err != nil { + return nil, err + } - if err := idtools.MkdirAllAndChown(home, 0701, idtools.CurrentIdentity()); err != nil { + dirID := idtools.Identity{ + UID: idtools.CurrentIdentity().UID, + GID: rootGID, + } + if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { return nil, err } @@ -140,7 +148,12 @@ func (d *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error { func (d *Driver) create(id, parent string, size uint64) error { dir := d.dir(id) rootIDs := d.idMapping.RootPair() - if err := idtools.MkdirAllAndChown(filepath.Dir(dir), 0701, idtools.CurrentIdentity()); err != nil { + + dirID := idtools.Identity{ + UID: idtools.CurrentIdentity().UID, + GID: rootIDs.GID, + } + if err := idtools.MkdirAllAndChown(filepath.Dir(dir), 0710, dirID); err != nil { return err } if err := idtools.MkdirAndChown(dir, 0755, rootIDs); err != nil { diff --git a/daemon/graphdriver/zfs/zfs.go b/daemon/graphdriver/zfs/zfs.go index f9099a2094124..2fbbe9498f427 100644 --- a/daemon/graphdriver/zfs/zfs.go +++ b/daemon/graphdriver/zfs/zfs.go @@ -104,7 +104,16 @@ func Init(base string, opt []string, uidMaps, gidMaps []idtools.IDMap) (graphdri return nil, fmt.Errorf("BUG: zfs get all -t filesystem -rHp '%s' should contain '%s'", options.fsName, options.fsName) } - if err := idtools.MkdirAllAndChown(base, 0701, idtools.CurrentIdentity()); err != nil { + _, rootGID, err := idtools.GetRootUIDGID(uidMaps, gidMaps) + if err != nil { + return nil, err + } + + dirID := idtools.Identity{ + UID: idtools.CurrentIdentity().UID, + GID: rootGID, + } + if err := idtools.MkdirAllAndChown(base, 0710, dirID); err != nil { return nil, fmt.Errorf("Failed to create '%s': %v", base, err) } From 80f1169eca587305759829e626cebd2a434664f6 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Wed, 19 May 2021 16:51:35 -0700 Subject: [PATCH 140/252] chrootarchive: don't create parent dirs outside of chroot If chroot is used with a special root directory then create destination directory within chroot. This works automatically already due to extractor creating parent paths and is only used currently with cp where parent paths are actually required and error will be shown to user before reaching this point. Signed-off-by: Tonis Tiigi (cherry picked from commit 52d285184068998c22632bfb869f6294b5613a58) Signed-off-by: Brian Goff --- pkg/chrootarchive/archive.go | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/pkg/chrootarchive/archive.go b/pkg/chrootarchive/archive.go index 83ed0c6b2feb7..d11cbdf2777e6 100644 --- a/pkg/chrootarchive/archive.go +++ b/pkg/chrootarchive/archive.go @@ -74,13 +74,17 @@ func untarHandler(tarArchive io.Reader, dest string, options *archive.TarOptions options.ExcludePatterns = []string{} } - idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps) - rootIDs := idMapping.RootPair() + // If dest is inside a root then directory is created within chroot by extractor. + // This case is only currently used by cp. + if dest == root { + idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps) + rootIDs := idMapping.RootPair() - dest = filepath.Clean(dest) - if _, err := os.Stat(dest); os.IsNotExist(err) { - if err := idtools.MkdirAllAndChownNew(dest, 0755, rootIDs); err != nil { - return err + dest = filepath.Clean(dest) + if _, err := os.Stat(dest); os.IsNotExist(err) { + if err := idtools.MkdirAllAndChownNew(dest, 0755, rootIDs); err != nil { + return err + } } } From 964768f200d17712288a158dadbb638d5de6a781 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 27 Aug 2021 14:08:03 +0900 Subject: [PATCH 141/252] cmd/dockerd: add the link of "the documentation" Signed-off-by: Akihiro Suda (cherry picked from commit 1a67e9572e95507791465e78e503ec21a4a32781) Signed-off-by: Akihiro Suda --- cmd/dockerd/daemon.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/dockerd/daemon.go b/cmd/dockerd/daemon.go index bb3d72ab38753..bb710f60019d2 100644 --- a/cmd/dockerd/daemon.go +++ b/cmd/dockerd/daemon.go @@ -114,7 +114,7 @@ func (cli *DaemonCli) start(opts *daemonOptions) (err error) { // return human-friendly error before creating files if runtime.GOOS == "linux" && os.Geteuid() != 0 { - return fmt.Errorf("dockerd needs to be started with root. To see how to run dockerd in rootless mode with unprivileged user, see the documentation") + return fmt.Errorf("dockerd needs to be started with root privileges. To run dockerd in rootless mode as an unprivileged user, see https://docs.docker.com/go/rootless/") } system.InitLCOW(cli.Config.Experimental) From 07728cd2bdb99ddc20d5c96617c99ad79aa71df0 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Mon, 23 Aug 2021 23:26:58 +0900 Subject: [PATCH 142/252] update runc binary to v1.0.2 Signed-off-by: Akihiro Suda (cherry picked from commit 14189170d188ed77fa8728992738257ab4d5df18) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index b2d8f6ec893a0..b7ad9eb502428 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -4,7 +4,7 @@ # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=4144b63817ebcc5b358fc2c8ef95f7cddd709aa7} # v1.0.1 +: ${RUNC_COMMIT:=52b36a2dd837e8462de8e01458bf02cf9eea47dd} # v1.0.2 install_runc() { # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting From 567c01f6d157cf6c1f39d68e9ca62e76d7834558 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Thu, 9 Sep 2021 11:31:30 -0700 Subject: [PATCH 143/252] seccomp: add support for "clone3" syscall in default policy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a backport of 9f6b562dd12ef7b1f9e2f8e6f2ab6477790a6594, adapted to avoid the refactoring that happened in d92739713c633c155c0f3d8065c8278b1d8a44e7. Original commit message is as follows: > If no seccomp policy is requested, then the built-in default policy in > dockerd applies. This has no rule for "clone3" defined, nor any default > errno defined. So when runc receives the config it attempts to determine > a default errno, using logic defined in its commit: > > opencontainers/runc@7a8d716 > > As explained in the above commit message, runc uses a heuristic to > decide which errno to return by default: > > [quote] > The solution applied here is to prepend a "stub" filter which returns > -ENOSYS if the requested syscall has a larger syscall number than any > syscall mentioned in the filter. The reason for this specific rule is > that syscall numbers are (roughly) allocated sequentially and thus newer > syscalls will (usually) have a larger syscall number -- thus causing our > filters to produce -ENOSYS if the filter was written before the syscall > existed. > [/quote] > > Unfortunately clone3 appears to one of the edge cases that does not > result in use of ENOSYS, instead ending up with the historical EPERM > errno. > > Latest glibc (2.33.9000, in Fedora 35 rawhide) will attempt to use > clone3 by default. If it sees ENOSYS then it will automatically > fallback to using clone. Any other errno is treated as a fatal > error. Thus when docker seccomp policy triggers EPERM from clone3, > no fallback occurs and programs are thus unable to spawn threads. > > The clone3 syscall is much more complicated than clone, most notably its > flags are not exposed as a directly argument any more. Instead they are > hidden inside a struct. This means that seccomp filters are unable to > apply policy based on values seen in flags. Thus we can't directly > replicate the current "clone" filtering for "clone3". We can at least > ensure "clone3" returns ENOSYS errno, to trigger fallback to "clone" > at which point we can filter on flags. Signed-off-by: Tianon Gravi Co-authored-by: Daniel P. Berrangé --- profiles/seccomp/default.json | 16 ++++++++++++++++ profiles/seccomp/default_linux.go | 13 +++++++++++++ profiles/seccomp/seccomp.go | 1 + profiles/seccomp/seccomp_linux.go | 28 ++++++++++++---------------- 4 files changed, 42 insertions(+), 16 deletions(-) diff --git a/profiles/seccomp/default.json b/profiles/seccomp/default.json index 4213799ddb5cd..ee5e04f781a83 100644 --- a/profiles/seccomp/default.json +++ b/profiles/seccomp/default.json @@ -591,6 +591,7 @@ "names": [ "bpf", "clone", + "clone3", "fanotify_init", "fsconfig", "fsmount", @@ -670,6 +671,21 @@ ] } }, + { + "names": [ + "clone3" + ], + "action": "SCMP_ACT_ERRNO", + "errnoRet": 38, + "args": [], + "comment": "", + "includes": {}, + "excludes": { + "caps": [ + "CAP_SYS_ADMIN" + ] + } + }, { "names": [ "reboot" diff --git a/profiles/seccomp/default_linux.go b/profiles/seccomp/default_linux.go index 879eb88c64f18..fb593f336f7a2 100644 --- a/profiles/seccomp/default_linux.go +++ b/profiles/seccomp/default_linux.go @@ -42,6 +42,7 @@ func arches() []Architecture { // DefaultProfile defines the allowed syscalls for the default seccomp profile. func DefaultProfile() *Seccomp { + nosys := uint(unix.ENOSYS) syscalls := []*Syscall{ { Names: []string{ @@ -522,6 +523,7 @@ func DefaultProfile() *Seccomp { Names: []string{ "bpf", "clone", + "clone3", "fanotify_init", "fsconfig", "fsmount", @@ -587,6 +589,17 @@ func DefaultProfile() *Seccomp { Caps: []string{"CAP_SYS_ADMIN"}, }, }, + { + Names: []string{ + "clone3", + }, + Action: specs.ActErrno, + ErrnoRet: &nosys, + Args: []*specs.LinuxSeccompArg{}, + Excludes: Filter{ + Caps: []string{"CAP_SYS_ADMIN"}, + }, + }, { Names: []string{ "reboot", diff --git a/profiles/seccomp/seccomp.go b/profiles/seccomp/seccomp.go index d2a21cddc4b2b..9edec72db5462 100644 --- a/profiles/seccomp/seccomp.go +++ b/profiles/seccomp/seccomp.go @@ -45,6 +45,7 @@ type Syscall struct { Name string `json:"name,omitempty"` Names []string `json:"names,omitempty"` Action specs.LinuxSeccompAction `json:"action"` + ErrnoRet *uint `json:"errnoRet,omitempty"` Args []*specs.LinuxSeccompArg `json:"args"` Comment string `json:"comment"` Includes Filter `json:"includes"` diff --git a/profiles/seccomp/seccomp_linux.go b/profiles/seccomp/seccomp_linux.go index 566f173acd3a6..e35e242cd5009 100644 --- a/profiles/seccomp/seccomp_linux.go +++ b/profiles/seccomp/seccomp_linux.go @@ -150,29 +150,25 @@ Loop: } } + newCall := specs.LinuxSyscall{ + Action: call.Action, + ErrnoRet: call.ErrnoRet, + } if call.Name != "" && len(call.Names) != 0 { return nil, errors.New("'name' and 'names' were specified in the seccomp profile, use either 'name' or 'names'") } - if call.Name != "" { - newConfig.Syscalls = append(newConfig.Syscalls, createSpecsSyscall([]string{call.Name}, call.Action, call.Args)) + newCall.Names = []string{call.Name} } else { - newConfig.Syscalls = append(newConfig.Syscalls, createSpecsSyscall(call.Names, call.Action, call.Args)) + newCall.Names = call.Names + } + // Loop through all the arguments of the syscall and convert them + for _, arg := range call.Args { + newCall.Args = append(newCall.Args, *arg) } - } - - return newConfig, nil -} -func createSpecsSyscall(names []string, action specs.LinuxSeccompAction, args []*specs.LinuxSeccompArg) specs.LinuxSyscall { - newCall := specs.LinuxSyscall{ - Names: names, - Action: action, + newConfig.Syscalls = append(newConfig.Syscalls, newCall) } - // Loop through all the arguments of the syscall and convert them - for _, arg := range args { - newCall.Args = append(newCall.Args, *arg) - } - return newCall + return newConfig, nil } From fa78afebcf8b1b312a8a7ac267446f26a8877fac Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 15 Sep 2021 13:48:01 +0200 Subject: [PATCH 144/252] Update Go to 1.16.8 This includes additional fixes for CVE-2021-39293. go1.16.8 (released 2021-09-09) includes a security fix to the archive/zip package, as well as bug fixes to the archive/zip, go/internal/gccgoimporter, html/template, net/http, and runtime/pprof packages. See the Go 1.16.8 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.8+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0a9e1422135ae..f269457eff76c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index f73f639fe0f3f..abf4289a5cf3e 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index ac0461637b8f6..c1e247f453676 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 7e1ae9617d14b..30cf370c2bb19 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.7 +ARG GO_VERSION=1.16.8 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 59f10e34352a81004efff96c8f68e96d9ca4d68c Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Fri, 19 Mar 2021 15:31:46 +0000 Subject: [PATCH 145/252] quota: adjust build-tags to allow build without CGO This is to allow quota package (without tests) to be built without cgo. makeBackingFsDev was used in helpers but not defined in projectquota_unsupported.go Also adjust some GoDoc to follow the standard format. Signed-off-by: Tibor Vass Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 7cf079acdb88a5e66bf77e54b5dc30df859969bd) Signed-off-by: Pete Woods --- quota/projectquota.go | 6 +++--- quota/testhelpers.go | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/quota/projectquota.go b/quota/projectquota.go index f9f41f13c261c..b8ffe64aaf165 100644 --- a/quota/projectquota.go +++ b/quota/projectquota.go @@ -396,9 +396,9 @@ func getDirFd(dir *C.DIR) uintptr { return uintptr(C.dirfd(dir)) } -// Get the backing block device of the driver home directory -// and create a block device node under the home directory -// to be used by quotactl commands +// makeBackingFsDev gets the backing block device of the driver home directory +// and creates a block device node under the home directory to be used by +// quotactl commands. func makeBackingFsDev(home string) (string, error) { var stat unix.Stat_t if err := unix.Stat(home, &stat); err != nil { diff --git a/quota/testhelpers.go b/quota/testhelpers.go index 5f1e175d1d39d..d9a7098a6b45d 100644 --- a/quota/testhelpers.go +++ b/quota/testhelpers.go @@ -1,4 +1,4 @@ -// +build linux +// +build linux,!exclude_disk_quota,cgo package quota // import "github.com/docker/docker/quota" From 5730c139f71679e15b96fbb71ca54dd64ec4ff3b Mon Sep 17 00:00:00 2001 From: Adam Williams Date: Wed, 22 Sep 2021 11:21:01 -0700 Subject: [PATCH 146/252] Bump swarmkit to get fix for rollback Signed-off-by: Adam Williams --- vendor.conf | 2 +- .../docker/swarmkit/manager/orchestrator/update/updater.go | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/vendor.conf b/vendor.conf index 394bc8807c9a8..846b3ef2a489b 100644 --- a/vendor.conf +++ b/vendor.conf @@ -142,7 +142,7 @@ github.com/gogo/googleapis 01e0f9cca9b92166042241267ee2 github.com/cilium/ebpf 1c8d4c9ef7759622653a1d319284a44652333b28 # cluster -github.com/docker/swarmkit c9afb5fd44bb419bae719f400f31671712bcb99e # bump_20.10 +github.com/docker/swarmkit 286f4575a2d2853c1574e1be10eb1a2450692dfc # bump_20.10 github.com/gogo/protobuf 5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1 github.com/golang/protobuf 84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5 github.com/cloudflare/cfssl 5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2 diff --git a/vendor/github.com/docker/swarmkit/manager/orchestrator/update/updater.go b/vendor/github.com/docker/swarmkit/manager/orchestrator/update/updater.go index 4e6a2cc0bd90e..e181a4ffa2915 100644 --- a/vendor/github.com/docker/swarmkit/manager/orchestrator/update/updater.go +++ b/vendor/github.com/docker/swarmkit/manager/orchestrator/update/updater.go @@ -280,6 +280,11 @@ slotsLoop: wg.Wait() if !stopped { + // if a delay is set we need to monitor for a period longer than the delay + // otherwise we will leave the monitorLoop before the task is done delaying + if updateConfig.Delay >= monitoringPeriod { + monitoringPeriod = updateConfig.Delay + 1*time.Second + } // Keep watching for task failures for one more monitoringPeriod, // before declaring the update complete. doneMonitoring := time.After(monitoringPeriod) From 6835d15f5523063f0a04a86d4810a637c6010d62 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 1 Oct 2021 10:22:34 +0200 Subject: [PATCH 147/252] [20.10] update containerd binary to v1.4.10 - Update runc to v1.0.2 - Update hcsshim to v0.8.21 - Support "clone3" in default seccomp profile - Fix panic in metadata content writer on copy error Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 47fbf06d1d428..ad774c2e1756e 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=e25210fe30a0a703442421b0f60afac609f950a3}" # v1.4.9 +: "${CONTAINERD_COMMIT:=8848fdb7c4ae3815afcc990a8a99d663dda1b590}" # v1.4.10 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 129a2000cf752e0afbe935d9e258f916becf8367 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 4 Oct 2021 21:15:47 +0200 Subject: [PATCH 148/252] [20.10] update containerd binary to v1.4.11 The eleventh patch release for containerd 1.4 is a security release to fix CVE-2021-41103. Notable Updates - Fix insufficiently restricted permissions on container root and plugin directories GHSA-c2h3-6mxw-7mvq Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index ad774c2e1756e..92547b6d9b9f3 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=8848fdb7c4ae3815afcc990a8a99d663dda1b590}" # v1.4.10 +: "${CONTAINERD_COMMIT:=5b46e404f6b9f661a205e28d59c982d3634148f8}" # v1.4.11 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From c580a0287363ec5e818a61319cd9986859706b0c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 8 Oct 2021 15:14:58 +0200 Subject: [PATCH 149/252] [20.10] Update Go to 1.16.9 go1.16.9 (released 2021-10-07) includes a security fix to the linker and misc/wasm directory, as well as bug fixes to the runtime and to the text/template package. See the Go 1.16.9 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.9+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index f269457eff76c..cff0abe895e2b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index abf4289a5cf3e..1ba5016c4062a 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index c1e247f453676..3783035b76428 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 30cf370c2bb19..870be1beaee0a 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.8 +ARG GO_VERSION=1.16.9 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From c2b9a32875a4c6f1bb4e27ab2558d83240525637 Mon Sep 17 00:00:00 2001 From: Kevin Parsons Date: Fri, 15 Oct 2021 15:15:28 -0700 Subject: [PATCH 150/252] vendor: Update go-winio to v0.4.20 Updates go-winio to the latest v0.4.x version. The main important fix here is to go-winio's backuptar package. This is needed to fix a bug in sparse file handling in container layers, which was exposed by a recent change in Windows. go-winio v0.4.20: https://github.com/microsoft/go-winio/releases/tag/v0.4.20 Signed-off-by: Kevin Parsons --- vendor.conf | 2 +- .../github.com/Microsoft/go-winio/README.md | 2 +- .../Microsoft/go-winio/backuptar/tar.go | 74 ++- vendor/github.com/Microsoft/go-winio/go.mod | 6 +- .../github.com/Microsoft/go-winio/hvsock.go | 2 + vendor/github.com/Microsoft/go-winio/pipe.go | 4 +- .../Microsoft/go-winio/pkg/etw/eventdata.go | 2 + .../Microsoft/go-winio/pkg/etw/eventopt.go | 2 + .../Microsoft/go-winio/pkg/etw/fieldopt.go | 2 + .../Microsoft/go-winio/pkg/etw/newprovider.go | 34 +- .../pkg/etw/newprovider_unsupported.go | 7 +- .../Microsoft/go-winio/pkg/etw/provider.go | 53 +- .../go-winio/pkg/etw/providerglobal.go | 2 + .../Microsoft/go-winio/pkg/etw/wrapper_32.go | 16 + .../Microsoft/go-winio/pkg/etw/wrapper_64.go | 11 + .../go-winio/pkg/etw/zsyscall_windows.go | 25 +- .../Microsoft/go-winio/pkg/etwlogrus/hook.go | 2 + .../Microsoft/go-winio/pkg/guid/guid.go | 2 + .../pkg/security/grantvmgroupaccess.go | 2 + .../go-winio/pkg/security/syscall_windows.go | 6 +- .../go-winio/pkg/security/zsyscall_windows.go | 43 +- .../Microsoft/go-winio/privilege.go | 5 +- .../github.com/Microsoft/go-winio/syscall.go | 2 +- .../github.com/Microsoft/go-winio/vhd/vhd.go | 340 +++++++--- .../github.com/Microsoft/go-winio/vhd/zvhd.go | 99 --- .../Microsoft/go-winio/vhd/zvhd_windows.go | 106 ++++ .../Microsoft/go-winio/zsyscall_windows.go | 581 +++++++----------- 27 files changed, 803 insertions(+), 629 deletions(-) delete mode 100644 vendor/github.com/Microsoft/go-winio/vhd/zvhd.go create mode 100644 vendor/github.com/Microsoft/go-winio/vhd/zvhd_windows.go diff --git a/vendor.conf b/vendor.conf index 846b3ef2a489b..a88f05bd71188 100644 --- a/vendor.conf +++ b/vendor.conf @@ -1,6 +1,6 @@ github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109 github.com/Microsoft/hcsshim 64a2b71405dacf76c95600f4c756a991ad09cf7c # moby branch -github.com/Microsoft/go-winio 5b44b70ab3ab4d291a7c1d28afe7b4afeced0ed4 # v0.4.15 +github.com/Microsoft/go-winio 7e149e8c70409f36773c1b2cf3447a7ab7697368 # v0.4.20 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a github.com/golang/gddo 72a348e765d293ed6d1ded7b699591f14d6cd921 github.com/google/uuid 0cd6bf5da1e1c83f8b45653022c74f71af0538a4 # v1.1.1 diff --git a/vendor/github.com/Microsoft/go-winio/README.md b/vendor/github.com/Microsoft/go-winio/README.md index 5680010575b7f..60c93fe50684c 100644 --- a/vendor/github.com/Microsoft/go-winio/README.md +++ b/vendor/github.com/Microsoft/go-winio/README.md @@ -1,4 +1,4 @@ -# go-winio +# go-winio [![Build Status](https://github.com/microsoft/go-winio/actions/workflows/ci.yml/badge.svg)](https://github.com/microsoft/go-winio/actions/workflows/ci.yml) This repository contains utilities for efficiently performing Win32 IO operations in Go. Currently, this is focused on accessing named pipes and other file handles, and diff --git a/vendor/github.com/Microsoft/go-winio/backuptar/tar.go b/vendor/github.com/Microsoft/go-winio/backuptar/tar.go index 088a43c68e829..b32bee3c40442 100644 --- a/vendor/github.com/Microsoft/go-winio/backuptar/tar.go +++ b/vendor/github.com/Microsoft/go-winio/backuptar/tar.go @@ -5,7 +5,6 @@ package backuptar import ( "archive/tar" "encoding/base64" - "errors" "fmt" "io" "io/ioutil" @@ -41,19 +40,14 @@ const ( hdrCreationTime = "LIBARCHIVE.creationtime" ) -func writeZeroes(w io.Writer, count int64) error { - buf := make([]byte, 8192) - c := len(buf) - for i := int64(0); i < count; i += int64(c) { - if int64(c) > count-i { - c = int(count - i) - } - _, err := w.Write(buf[:c]) - if err != nil { - return err - } +// zeroReader is an io.Reader that always returns 0s. +type zeroReader struct{} + +func (zr zeroReader) Read(b []byte) (int, error) { + for i := range b { + b[i] = 0 } - return nil + return len(b), nil } func copySparse(t *tar.Writer, br *winio.BackupStreamReader) error { @@ -70,16 +64,26 @@ func copySparse(t *tar.Writer, br *winio.BackupStreamReader) error { return fmt.Errorf("unexpected stream %d", bhdr.Id) } + // We can't seek backwards, since we have already written that data to the tar.Writer. + if bhdr.Offset < curOffset { + return fmt.Errorf("cannot seek back from %d to %d", curOffset, bhdr.Offset) + } // archive/tar does not support writing sparse files // so just write zeroes to catch up to the current offset. - err = writeZeroes(t, bhdr.Offset-curOffset) + if _, err := io.CopyN(t, zeroReader{}, bhdr.Offset-curOffset); err != nil { + return fmt.Errorf("seek to offset %d: %s", bhdr.Offset, err) + } if bhdr.Size == 0 { + // A sparse block with size = 0 is used to mark the end of the sparse blocks. break } n, err := io.Copy(t, br) if err != nil { return err } + if n != bhdr.Size { + return fmt.Errorf("copied %d bytes instead of %d at offset %d", n, bhdr.Size, bhdr.Offset) + } curOffset = bhdr.Offset + n } return nil @@ -220,20 +224,44 @@ func WriteTarFileFromBackupStream(t *tar.Writer, r io.Reader, name string, size } } + // The logic for copying file contents is fairly complicated due to the need for handling sparse files, + // and the weird ways they are represented by BackupRead. A normal file will always either have a data stream + // with size and content, or no data stream at all (if empty). However, for a sparse file, the content can also + // be represented using a series of sparse block streams following the data stream. Additionally, the way sparse + // files are handled by BackupRead has changed in the OS recently. The specifics of the representation are described + // in the list at the bottom of this block comment. + // + // Sparse files can be represented in four different ways, based on the specifics of the file. + // - Size = 0: + // Previously: BackupRead yields no data stream and no sparse block streams. + // Recently: BackupRead yields a data stream with size = 0. There are no following sparse block streams. + // - Size > 0, no allocated ranges: + // BackupRead yields a data stream with size = 0. Following is a single sparse block stream with + // size = 0 and offset = . + // - Size > 0, one allocated range: + // BackupRead yields a data stream with size = containing the file contents. There are no + // sparse block streams. This is the case if you take a normal file with contents and simply set the + // sparse flag on it. + // - Size > 0, multiple allocated ranges: + // BackupRead yields a data stream with size = 0. Following are sparse block streams for each allocated + // range of the file containing the range contents. Finally there is a sparse block stream with + // size = 0 and offset = . + if dataHdr != nil { // A data stream was found. Copy the data. - if (dataHdr.Attributes & winio.StreamSparseAttributes) == 0 { + // We assume that we will either have a data stream size > 0 XOR have sparse block streams. + if dataHdr.Size > 0 || (dataHdr.Attributes&winio.StreamSparseAttributes) == 0 { if size != dataHdr.Size { return fmt.Errorf("%s: mismatch between file size %d and header size %d", name, size, dataHdr.Size) } - _, err = io.Copy(t, br) - if err != nil { - return err + if _, err = io.Copy(t, br); err != nil { + return fmt.Errorf("%s: copying contents from data stream: %s", name, err) } - } else { - err = copySparse(t, br) - if err != nil { - return err + } else if size > 0 { + // As of a recent OS change, BackupRead now returns a data stream for empty sparse files. + // These files have no sparse block streams, so skip the copySparse call if file size = 0. + if err = copySparse(t, br); err != nil { + return fmt.Errorf("%s: copying contents from sparse block stream: %s", name, err) } } } @@ -278,7 +306,7 @@ func WriteTarFileFromBackupStream(t *tar.Writer, r io.Reader, name string, size } else { // Unsupported for now, since the size of the alternate stream is not present // in the backup stream until after the data has been read. - return errors.New("tar of sparse alternate data streams is unsupported") + return fmt.Errorf("%s: tar of sparse alternate data streams is unsupported", name) } case winio.BackupEaData, winio.BackupLink, winio.BackupPropertyData, winio.BackupObjectId, winio.BackupTxfsData: // ignore these streams diff --git a/vendor/github.com/Microsoft/go-winio/go.mod b/vendor/github.com/Microsoft/go-winio/go.mod index 50b9d6e2ec603..98a8dea0e7e1d 100644 --- a/vendor/github.com/Microsoft/go-winio/go.mod +++ b/vendor/github.com/Microsoft/go-winio/go.mod @@ -3,7 +3,7 @@ module github.com/Microsoft/go-winio go 1.12 require ( - github.com/pkg/errors v0.8.1 - github.com/sirupsen/logrus v1.4.1 - golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3 + github.com/pkg/errors v0.9.1 + github.com/sirupsen/logrus v1.7.0 + golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c ) diff --git a/vendor/github.com/Microsoft/go-winio/hvsock.go b/vendor/github.com/Microsoft/go-winio/hvsock.go index dbfe790ee0049..b632f8f8bb98b 100644 --- a/vendor/github.com/Microsoft/go-winio/hvsock.go +++ b/vendor/github.com/Microsoft/go-winio/hvsock.go @@ -1,3 +1,5 @@ +// +build windows + package winio import ( diff --git a/vendor/github.com/Microsoft/go-winio/pipe.go b/vendor/github.com/Microsoft/go-winio/pipe.go index ff96dff1c6cdc..96700a73de25a 100644 --- a/vendor/github.com/Microsoft/go-winio/pipe.go +++ b/vendor/github.com/Microsoft/go-winio/pipe.go @@ -429,10 +429,10 @@ type PipeConfig struct { // when the pipe is in message mode. MessageMode bool - // InputBufferSize specifies the size the input buffer, in bytes. + // InputBufferSize specifies the size of the input buffer, in bytes. InputBufferSize int32 - // OutputBufferSize specifies the size the input buffer, in bytes. + // OutputBufferSize specifies the size of the output buffer, in bytes. OutputBufferSize int32 } diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/eventdata.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/eventdata.go index a524d8920a93f..abf16803ee40d 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/eventdata.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/eventdata.go @@ -1,3 +1,5 @@ +// +build windows + package etw import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/eventopt.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/eventopt.go index fb6ac7dbcc27d..eaace6886edc9 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/eventopt.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/eventopt.go @@ -1,3 +1,5 @@ +// +build windows + package etw import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/fieldopt.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/fieldopt.go index d544a2998f37d..b5ea80a4607aa 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/fieldopt.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/fieldopt.go @@ -1,3 +1,5 @@ +// +build windows + package etw import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider.go index f344fb65f729f..581ef595a5f97 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider.go @@ -1,3 +1,4 @@ +// +build windows // +build amd64 arm64 386 package etw @@ -11,11 +12,20 @@ import ( "golang.org/x/sys/windows" ) -// NewProviderWithID creates and registers a new ETW provider, allowing the -// provider ID to be manually specified. This is most useful when there is an -// existing provider ID that must be used to conform to existing diagnostic -// infrastructure. -func NewProviderWithID(name string, id guid.GUID, callback EnableCallback) (provider *Provider, err error) { +// NewProviderWithOptions creates and registers a new ETW provider, allowing +// the provider ID and Group to be manually specified. This is most useful when +// there is an existing provider ID that must be used to conform to existing +// diagnostic infrastructure. +func NewProviderWithOptions(name string, options ...ProviderOpt) (provider *Provider, err error) { + var opts providerOpts + for _, opt := range options { + opt(&opts) + } + + if opts.id == (guid.GUID{}) { + opts.id = providerIDFromName(name) + } + providerCallbackOnce.Do(func() { globalProviderCallback = windows.NewCallback(providerCallbackAdapter) }) @@ -26,17 +36,27 @@ func NewProviderWithID(name string, id guid.GUID, callback EnableCallback) (prov providers.removeProvider(provider) } }(provider) - provider.ID = id - provider.callback = callback + provider.ID = opts.id + provider.callback = opts.callback if err := eventRegister((*windows.GUID)(&provider.ID), globalProviderCallback, uintptr(provider.index), &provider.handle); err != nil { return nil, err } + trait := &bytes.Buffer{} + if opts.group != (guid.GUID{}) { + binary.Write(trait, binary.LittleEndian, uint16(0)) // Write empty size for buffer (update later) + binary.Write(trait, binary.LittleEndian, uint8(1)) // EtwProviderTraitTypeGroup + traitArray := opts.group.ToWindowsArray() // Append group guid + trait.Write(traitArray[:]) + binary.LittleEndian.PutUint16(trait.Bytes(), uint16(trait.Len())) // Update size + } + metadata := &bytes.Buffer{} binary.Write(metadata, binary.LittleEndian, uint16(0)) // Write empty size for buffer (to update later) metadata.WriteString(name) metadata.WriteByte(0) // Null terminator for name + trait.WriteTo(metadata) // Add traits if applicable binary.LittleEndian.PutUint16(metadata.Bytes(), uint16(metadata.Len())) // Update the size at the beginning of the buffer provider.metadata = metadata.Bytes() diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider_unsupported.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider_unsupported.go index 808455cc2dc7b..5a05c13425421 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider_unsupported.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/newprovider_unsupported.go @@ -1,12 +1,9 @@ +// +build windows // +build arm package etw -import ( - "github.com/Microsoft/go-winio/pkg/guid" -) - // NewProviderWithID returns a nil provider on unsupported platforms. -func NewProviderWithID(name string, id guid.GUID, callback EnableCallback) (provider *Provider, err error) { +func NewProviderWithOptions(name string, options ...ProviderOpt) (provider *Provider, err error) { return nil, nil } diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/provider.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/provider.go index 236960182a483..a5b90d037ddee 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/provider.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/provider.go @@ -1,3 +1,5 @@ +// +build windows + package etw import ( @@ -81,15 +83,6 @@ func providerCallback(sourceID guid.GUID, state ProviderState, level Level, matc } } -// providerCallbackAdapter acts as the first-level callback from the C/ETW side -// for provider notifications. Because Go has trouble with callback arguments of -// different size, it has only pointer-sized arguments, which are then cast to -// the appropriate types when calling providerCallback. -func providerCallbackAdapter(sourceID *guid.GUID, state uintptr, level uintptr, matchAnyKeyword uintptr, matchAllKeyword uintptr, filterData uintptr, i uintptr) uintptr { - providerCallback(*sourceID, ProviderState(state), Level(level), uint64(matchAnyKeyword), uint64(matchAllKeyword), filterData, i) - return 0 -} - // providerIDFromName generates a provider ID based on the provider name. It // uses the same algorithm as used by .NET's EventSource class, which is based // on RFC 4122. More information on the algorithm can be found here: @@ -117,10 +110,50 @@ func providerIDFromName(name string) guid.GUID { return guid.FromWindowsArray(a) } +type providerOpts struct { + callback EnableCallback + id guid.GUID + group guid.GUID +} + +// ProviderOpt allows the caller to specify provider options to +// NewProviderWithOptions +type ProviderOpt func(*providerOpts) + +// WithCallback is used to provide a callback option to NewProviderWithOptions +func WithCallback(callback EnableCallback) ProviderOpt { + return func(opts *providerOpts) { + opts.callback = callback + } +} + +// WithID is used to provide a provider ID option to NewProviderWithOptions +func WithID(id guid.GUID) ProviderOpt { + return func(opts *providerOpts) { + opts.id = id + } +} + +// WithGroup is used to provide a provider group option to +// NewProviderWithOptions +func WithGroup(group guid.GUID) ProviderOpt { + return func(opts *providerOpts) { + opts.group = group + } +} + +// NewProviderWithID creates and registers a new ETW provider, allowing the +// provider ID to be manually specified. This is most useful when there is an +// existing provider ID that must be used to conform to existing diagnostic +// infrastructure. +func NewProviderWithID(name string, id guid.GUID, callback EnableCallback) (provider *Provider, err error) { + return NewProviderWithOptions(name, WithID(id), WithCallback(callback)) +} + // NewProvider creates and registers a new ETW provider. The provider ID is // generated based on the provider name. func NewProvider(name string, callback EnableCallback) (provider *Provider, err error) { - return NewProviderWithID(name, providerIDFromName(name), callback) + return NewProviderWithOptions(name, WithCallback(callback)) } // Close unregisters the provider. diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/providerglobal.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/providerglobal.go index 6c7331d99e234..ce3d305762ab5 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/providerglobal.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/providerglobal.go @@ -1,3 +1,5 @@ +// +build windows + package etw import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_32.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_32.go index d0a7dac0c1a58..6867a1f87843e 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_32.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_32.go @@ -1,8 +1,10 @@ +// +build windows // +build 386 arm package etw import ( + "github.com/Microsoft/go-winio/pkg/guid" "golang.org/x/sys/windows" ) @@ -49,3 +51,17 @@ func eventSetInformation( information, length) } + +// providerCallbackAdapter acts as the first-level callback from the C/ETW side +// for provider notifications. Because Go has trouble with callback arguments of +// different size, it has only pointer-sized arguments, which are then cast to +// the appropriate types when calling providerCallback. +// For x86, the matchAny and matchAll keywords need to be assembled from two +// 32-bit integers, because the max size of an argument is uintptr, but those +// two arguments are actually 64-bit integers. +func providerCallbackAdapter(sourceID *guid.GUID, state uint32, level uint32, matchAnyKeyword_low uint32, matchAnyKeyword_high uint32, matchAllKeyword_low uint32, matchAllKeyword_high uint32, filterData uintptr, i uintptr) uintptr { + matchAnyKeyword := uint64(matchAnyKeyword_high)<<32 | uint64(matchAnyKeyword_low) + matchAllKeyword := uint64(matchAllKeyword_high)<<32 | uint64(matchAllKeyword_low) + providerCallback(*sourceID, ProviderState(state), Level(level), uint64(matchAnyKeyword), uint64(matchAllKeyword), filterData, i) + return 0 +} diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_64.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_64.go index ef8b599a69402..fe83df2bf0ec0 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_64.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/wrapper_64.go @@ -1,8 +1,10 @@ +// +build windows // +build amd64 arm64 package etw import ( + "github.com/Microsoft/go-winio/pkg/guid" "golang.org/x/sys/windows" ) @@ -39,3 +41,12 @@ func eventSetInformation( information, length) } + +// providerCallbackAdapter acts as the first-level callback from the C/ETW side +// for provider notifications. Because Go has trouble with callback arguments of +// different size, it has only pointer-sized arguments, which are then cast to +// the appropriate types when calling providerCallback. +func providerCallbackAdapter(sourceID *guid.GUID, state uintptr, level uintptr, matchAnyKeyword uintptr, matchAllKeyword uintptr, filterData uintptr, i uintptr) uintptr { + providerCallback(*sourceID, ProviderState(state), Level(level), uint64(matchAnyKeyword), uint64(matchAllKeyword), filterData, i) + return 0 +} diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etw/zsyscall_windows.go b/vendor/github.com/Microsoft/go-winio/pkg/etw/zsyscall_windows.go index 4e8a71922253b..719b13d284293 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etw/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etw/zsyscall_windows.go @@ -19,6 +19,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -26,7 +27,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return nil + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } @@ -40,9 +41,9 @@ var ( modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") procEventRegister = modadvapi32.NewProc("EventRegister") + procEventSetInformation = modadvapi32.NewProc("EventSetInformation") procEventUnregister = modadvapi32.NewProc("EventUnregister") procEventWriteTransfer = modadvapi32.NewProc("EventWriteTransfer") - procEventSetInformation = modadvapi32.NewProc("EventSetInformation") ) func eventRegister(providerId *windows.GUID, callback uintptr, callbackContext uintptr, providerHandle *providerHandle) (win32err error) { @@ -53,24 +54,24 @@ func eventRegister(providerId *windows.GUID, callback uintptr, callbackContext u return } -func eventUnregister_64(providerHandle providerHandle) (win32err error) { - r0, _, _ := syscall.Syscall(procEventUnregister.Addr(), 1, uintptr(providerHandle), 0, 0) +func eventSetInformation_64(providerHandle providerHandle, class eventInfoClass, information uintptr, length uint32) (win32err error) { + r0, _, _ := syscall.Syscall6(procEventSetInformation.Addr(), 4, uintptr(providerHandle), uintptr(class), uintptr(information), uintptr(length), 0, 0) if r0 != 0 { win32err = syscall.Errno(r0) } return } -func eventWriteTransfer_64(providerHandle providerHandle, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) { - r0, _, _ := syscall.Syscall6(procEventWriteTransfer.Addr(), 6, uintptr(providerHandle), uintptr(unsafe.Pointer(descriptor)), uintptr(unsafe.Pointer(activityID)), uintptr(unsafe.Pointer(relatedActivityID)), uintptr(dataDescriptorCount), uintptr(unsafe.Pointer(dataDescriptors))) +func eventSetInformation_32(providerHandle_low uint32, providerHandle_high uint32, class eventInfoClass, information uintptr, length uint32) (win32err error) { + r0, _, _ := syscall.Syscall6(procEventSetInformation.Addr(), 5, uintptr(providerHandle_low), uintptr(providerHandle_high), uintptr(class), uintptr(information), uintptr(length), 0) if r0 != 0 { win32err = syscall.Errno(r0) } return } -func eventSetInformation_64(providerHandle providerHandle, class eventInfoClass, information uintptr, length uint32) (win32err error) { - r0, _, _ := syscall.Syscall6(procEventSetInformation.Addr(), 4, uintptr(providerHandle), uintptr(class), uintptr(information), uintptr(length), 0, 0) +func eventUnregister_64(providerHandle providerHandle) (win32err error) { + r0, _, _ := syscall.Syscall(procEventUnregister.Addr(), 1, uintptr(providerHandle), 0, 0) if r0 != 0 { win32err = syscall.Errno(r0) } @@ -85,16 +86,16 @@ func eventUnregister_32(providerHandle_low uint32, providerHandle_high uint32) ( return } -func eventWriteTransfer_32(providerHandle_low uint32, providerHandle_high uint32, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) { - r0, _, _ := syscall.Syscall9(procEventWriteTransfer.Addr(), 7, uintptr(providerHandle_low), uintptr(providerHandle_high), uintptr(unsafe.Pointer(descriptor)), uintptr(unsafe.Pointer(activityID)), uintptr(unsafe.Pointer(relatedActivityID)), uintptr(dataDescriptorCount), uintptr(unsafe.Pointer(dataDescriptors)), 0, 0) +func eventWriteTransfer_64(providerHandle providerHandle, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) { + r0, _, _ := syscall.Syscall6(procEventWriteTransfer.Addr(), 6, uintptr(providerHandle), uintptr(unsafe.Pointer(descriptor)), uintptr(unsafe.Pointer(activityID)), uintptr(unsafe.Pointer(relatedActivityID)), uintptr(dataDescriptorCount), uintptr(unsafe.Pointer(dataDescriptors))) if r0 != 0 { win32err = syscall.Errno(r0) } return } -func eventSetInformation_32(providerHandle_low uint32, providerHandle_high uint32, class eventInfoClass, information uintptr, length uint32) (win32err error) { - r0, _, _ := syscall.Syscall6(procEventSetInformation.Addr(), 5, uintptr(providerHandle_low), uintptr(providerHandle_high), uintptr(class), uintptr(information), uintptr(length), 0) +func eventWriteTransfer_32(providerHandle_low uint32, providerHandle_high uint32, descriptor *eventDescriptor, activityID *windows.GUID, relatedActivityID *windows.GUID, dataDescriptorCount uint32, dataDescriptors *eventDataDescriptor) (win32err error) { + r0, _, _ := syscall.Syscall9(procEventWriteTransfer.Addr(), 7, uintptr(providerHandle_low), uintptr(providerHandle_high), uintptr(unsafe.Pointer(descriptor)), uintptr(unsafe.Pointer(activityID)), uintptr(unsafe.Pointer(relatedActivityID)), uintptr(dataDescriptorCount), uintptr(unsafe.Pointer(dataDescriptors)), 0, 0) if r0 != 0 { win32err = syscall.Errno(r0) } diff --git a/vendor/github.com/Microsoft/go-winio/pkg/etwlogrus/hook.go b/vendor/github.com/Microsoft/go-winio/pkg/etwlogrus/hook.go index 38228c39c7381..4332af56492dd 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/etwlogrus/hook.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/etwlogrus/hook.go @@ -1,3 +1,5 @@ +// +build windows + package etwlogrus import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go b/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go index 586406577043f..f497c0e391786 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/guid/guid.go @@ -1,3 +1,5 @@ +// +build windows + // Package guid provides a GUID type. The backing structure for a GUID is // identical to that used by the golang.org/x/sys/windows GUID type. // There are two main binary encodings used for a GUID, the big-endian encoding, diff --git a/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go b/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go index 2df31b6601859..fca241590ccac 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/security/grantvmgroupaccess.go @@ -1,3 +1,5 @@ +// +build windows + package security import ( diff --git a/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go b/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go index c40c2739b7c60..d7096716ce2cf 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/security/syscall_windows.go @@ -2,6 +2,6 @@ package security //go:generate go run mksyscall_windows.go -output zsyscall_windows.go syscall_windows.go -//sys getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (err error) [failretval!=0] = advapi32.GetSecurityInfo -//sys setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (err error) [failretval!=0] = advapi32.SetSecurityInfo -//sys setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (err error) [failretval!=0] = advapi32.SetEntriesInAclW +//sys getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) = advapi32.GetSecurityInfo +//sys setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) = advapi32.SetSecurityInfo +//sys setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (win32err error) = advapi32.SetEntriesInAclW diff --git a/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go b/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go index 0f0c0deff231a..4084680e0f0a0 100644 --- a/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/go-winio/pkg/security/zsyscall_windows.go @@ -1,4 +1,4 @@ -// Code generated mksyscall_windows.exe DO NOT EDIT +// Code generated by 'go generate'; DO NOT EDIT. package security @@ -19,6 +19,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -26,7 +27,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return nil + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } @@ -40,42 +41,30 @@ var ( modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") procGetSecurityInfo = modadvapi32.NewProc("GetSecurityInfo") - procSetSecurityInfo = modadvapi32.NewProc("SetSecurityInfo") procSetEntriesInAclW = modadvapi32.NewProc("SetEntriesInAclW") + procSetSecurityInfo = modadvapi32.NewProc("SetSecurityInfo") ) -func getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (err error) { - r1, _, e1 := syscall.Syscall9(procGetSecurityInfo.Addr(), 8, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(unsafe.Pointer(ppsidOwner)), uintptr(unsafe.Pointer(ppsidGroup)), uintptr(unsafe.Pointer(ppDacl)), uintptr(unsafe.Pointer(ppSacl)), uintptr(unsafe.Pointer(ppSecurityDescriptor)), 0) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) { + r0, _, _ := syscall.Syscall9(procGetSecurityInfo.Addr(), 8, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(unsafe.Pointer(ppsidOwner)), uintptr(unsafe.Pointer(ppsidGroup)), uintptr(unsafe.Pointer(ppDacl)), uintptr(unsafe.Pointer(ppSacl)), uintptr(unsafe.Pointer(ppSecurityDescriptor)), 0) + if r0 != 0 { + win32err = syscall.Errno(r0) } return } -func setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (err error) { - r1, _, e1 := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(psidOwner), uintptr(psidGroup), uintptr(pDacl), uintptr(pSacl), 0, 0) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (win32err error) { + r0, _, _ := syscall.Syscall6(procSetEntriesInAclW.Addr(), 4, uintptr(count), uintptr(pListOfEEs), uintptr(oldAcl), uintptr(unsafe.Pointer(newAcl)), 0, 0) + if r0 != 0 { + win32err = syscall.Errno(r0) } return } -func setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (err error) { - r1, _, e1 := syscall.Syscall6(procSetEntriesInAclW.Addr(), 4, uintptr(count), uintptr(pListOfEEs), uintptr(oldAcl), uintptr(unsafe.Pointer(newAcl)), 0, 0) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) { + r0, _, _ := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(psidOwner), uintptr(psidGroup), uintptr(pDacl), uintptr(pSacl), 0, 0) + if r0 != 0 { + win32err = syscall.Errno(r0) } return } diff --git a/vendor/github.com/Microsoft/go-winio/privilege.go b/vendor/github.com/Microsoft/go-winio/privilege.go index 9c83d36fe533c..c3dd7c2176971 100644 --- a/vendor/github.com/Microsoft/go-winio/privilege.go +++ b/vendor/github.com/Microsoft/go-winio/privilege.go @@ -28,8 +28,9 @@ const ( ERROR_NOT_ALL_ASSIGNED syscall.Errno = 1300 - SeBackupPrivilege = "SeBackupPrivilege" - SeRestorePrivilege = "SeRestorePrivilege" + SeBackupPrivilege = "SeBackupPrivilege" + SeRestorePrivilege = "SeRestorePrivilege" + SeSecurityPrivilege = "SeSecurityPrivilege" ) const ( diff --git a/vendor/github.com/Microsoft/go-winio/syscall.go b/vendor/github.com/Microsoft/go-winio/syscall.go index 5cb52bc746254..5955c99fdeafe 100644 --- a/vendor/github.com/Microsoft/go-winio/syscall.go +++ b/vendor/github.com/Microsoft/go-winio/syscall.go @@ -1,3 +1,3 @@ package winio -//go:generate go run $GOROOT/src/syscall/mksyscall_windows.go -output zsyscall_windows.go file.go pipe.go sd.go fileinfo.go privilege.go backup.go hvsock.go +//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go file.go pipe.go sd.go fileinfo.go privilege.go backup.go hvsock.go diff --git a/vendor/github.com/Microsoft/go-winio/vhd/vhd.go b/vendor/github.com/Microsoft/go-winio/vhd/vhd.go index 229ac25565a54..a33a36c0ffba4 100644 --- a/vendor/github.com/Microsoft/go-winio/vhd/vhd.go +++ b/vendor/github.com/Microsoft/go-winio/vhd/vhd.go @@ -2,150 +2,322 @@ package vhd -import "syscall" +import ( + "fmt" + "syscall" -//go:generate go run mksyscall_windows.go -output zvhd.go vhd.go + "github.com/Microsoft/go-winio/pkg/guid" + "github.com/pkg/errors" + "golang.org/x/sys/windows" +) -//sys createVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, securityDescriptor *uintptr, flags uint32, providerSpecificFlags uint32, parameters *createVirtualDiskParameters, o *syscall.Overlapped, handle *syscall.Handle) (err error) [failretval != 0] = VirtDisk.CreateVirtualDisk -//sys openVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) [failretval != 0] = VirtDisk.OpenVirtualDisk -//sys detachVirtualDisk(handle syscall.Handle, flags uint32, providerSpecificFlags uint32) (err error) [failretval != 0] = VirtDisk.DetachVirtualDisk +//go:generate go run mksyscall_windows.go -output zvhd_windows.go vhd.go -type virtualStorageType struct { - DeviceID uint32 - VendorID [16]byte -} +//sys createVirtualDisk(virtualStorageType *VirtualStorageType, path string, virtualDiskAccessMask uint32, securityDescriptor *uintptr, createVirtualDiskFlags uint32, providerSpecificFlags uint32, parameters *CreateVirtualDiskParameters, overlapped *syscall.Overlapped, handle *syscall.Handle) (win32err error) = virtdisk.CreateVirtualDisk +//sys openVirtualDisk(virtualStorageType *VirtualStorageType, path string, virtualDiskAccessMask uint32, openVirtualDiskFlags uint32, parameters *OpenVirtualDiskParameters, handle *syscall.Handle) (win32err error) = virtdisk.OpenVirtualDisk +//sys attachVirtualDisk(handle syscall.Handle, securityDescriptor *uintptr, attachVirtualDiskFlag uint32, providerSpecificFlags uint32, parameters *AttachVirtualDiskParameters, overlapped *syscall.Overlapped) (win32err error) = virtdisk.AttachVirtualDisk +//sys detachVirtualDisk(handle syscall.Handle, detachVirtualDiskFlags uint32, providerSpecificFlags uint32) (win32err error) = virtdisk.DetachVirtualDisk +//sys getVirtualDiskPhysicalPath(handle syscall.Handle, diskPathSizeInBytes *uint32, buffer *uint16) (win32err error) = virtdisk.GetVirtualDiskPhysicalPath type ( - createVirtualDiskFlag uint32 - VirtualDiskAccessMask uint32 + CreateVirtualDiskFlag uint32 VirtualDiskFlag uint32 + AttachVirtualDiskFlag uint32 + DetachVirtualDiskFlag uint32 + VirtualDiskAccessMask uint32 ) -const ( - // Flags for creating a VHD (not exported) - createVirtualDiskFlagNone createVirtualDiskFlag = 0 - createVirtualDiskFlagFullPhysicalAllocation createVirtualDiskFlag = 1 - createVirtualDiskFlagPreventWritesToSourceDisk createVirtualDiskFlag = 2 - createVirtualDiskFlagDoNotCopyMetadataFromParent createVirtualDiskFlag = 4 - - // Access Mask for opening a VHD - VirtualDiskAccessNone VirtualDiskAccessMask = 0 - VirtualDiskAccessAttachRO VirtualDiskAccessMask = 65536 - VirtualDiskAccessAttachRW VirtualDiskAccessMask = 131072 - VirtualDiskAccessDetach VirtualDiskAccessMask = 262144 - VirtualDiskAccessGetInfo VirtualDiskAccessMask = 524288 - VirtualDiskAccessCreate VirtualDiskAccessMask = 1048576 - VirtualDiskAccessMetaOps VirtualDiskAccessMask = 2097152 - VirtualDiskAccessRead VirtualDiskAccessMask = 851968 - VirtualDiskAccessAll VirtualDiskAccessMask = 4128768 - VirtualDiskAccessWritable VirtualDiskAccessMask = 3276800 - - // Flags for opening a VHD - OpenVirtualDiskFlagNone VirtualDiskFlag = 0 - OpenVirtualDiskFlagNoParents VirtualDiskFlag = 0x1 - OpenVirtualDiskFlagBlankFile VirtualDiskFlag = 0x2 - OpenVirtualDiskFlagBootDrive VirtualDiskFlag = 0x4 - OpenVirtualDiskFlagCachedIO VirtualDiskFlag = 0x8 - OpenVirtualDiskFlagCustomDiffChain VirtualDiskFlag = 0x10 - OpenVirtualDiskFlagParentCachedIO VirtualDiskFlag = 0x20 - OpenVirtualDiskFlagVhdSetFileOnly VirtualDiskFlag = 0x40 - OpenVirtualDiskFlagIgnoreRelativeParentLocator VirtualDiskFlag = 0x80 - OpenVirtualDiskFlagNoWriteHardening VirtualDiskFlag = 0x100 -) +type VirtualStorageType struct { + DeviceID uint32 + VendorID guid.GUID +} -type createVersion2 struct { - UniqueID [16]byte // GUID +type CreateVersion2 struct { + UniqueID guid.GUID MaximumSize uint64 BlockSizeInBytes uint32 SectorSizeInBytes uint32 + PhysicalSectorSizeInByte uint32 ParentPath *uint16 // string SourcePath *uint16 // string OpenFlags uint32 - ParentVirtualStorageType virtualStorageType - SourceVirtualStorageType virtualStorageType - ResiliencyGUID [16]byte // GUID + ParentVirtualStorageType VirtualStorageType + SourceVirtualStorageType VirtualStorageType + ResiliencyGUID guid.GUID } -type createVirtualDiskParameters struct { +type CreateVirtualDiskParameters struct { Version uint32 // Must always be set to 2 - Version2 createVersion2 + Version2 CreateVersion2 } -type openVersion2 struct { - GetInfoOnly int32 // bool but 4-byte aligned - ReadOnly int32 // bool but 4-byte aligned - ResiliencyGUID [16]byte // GUID +type OpenVersion2 struct { + GetInfoOnly bool + ReadOnly bool + ResiliencyGUID guid.GUID } -type openVirtualDiskParameters struct { +type OpenVirtualDiskParameters struct { Version uint32 // Must always be set to 2 - Version2 openVersion2 + Version2 OpenVersion2 } -// CreateVhdx will create a simple vhdx file at the given path using default values. -func CreateVhdx(path string, maxSizeInGb, blockSizeInMb uint32) error { - var ( - defaultType virtualStorageType - handle syscall.Handle - ) +type AttachVersion2 struct { + RestrictedOffset uint64 + RestrictedLength uint64 +} + +type AttachVirtualDiskParameters struct { + Version uint32 // Must always be set to 2 + Version2 AttachVersion2 +} - parameters := createVirtualDiskParameters{ +const ( + VIRTUAL_STORAGE_TYPE_DEVICE_VHDX = 0x3 + + // Access Mask for opening a VHD + VirtualDiskAccessNone VirtualDiskAccessMask = 0x00000000 + VirtualDiskAccessAttachRO VirtualDiskAccessMask = 0x00010000 + VirtualDiskAccessAttachRW VirtualDiskAccessMask = 0x00020000 + VirtualDiskAccessDetach VirtualDiskAccessMask = 0x00040000 + VirtualDiskAccessGetInfo VirtualDiskAccessMask = 0x00080000 + VirtualDiskAccessCreate VirtualDiskAccessMask = 0x00100000 + VirtualDiskAccessMetaOps VirtualDiskAccessMask = 0x00200000 + VirtualDiskAccessRead VirtualDiskAccessMask = 0x000d0000 + VirtualDiskAccessAll VirtualDiskAccessMask = 0x003f0000 + VirtualDiskAccessWritable VirtualDiskAccessMask = 0x00320000 + + // Flags for creating a VHD + CreateVirtualDiskFlagNone CreateVirtualDiskFlag = 0x0 + CreateVirtualDiskFlagFullPhysicalAllocation CreateVirtualDiskFlag = 0x1 + CreateVirtualDiskFlagPreventWritesToSourceDisk CreateVirtualDiskFlag = 0x2 + CreateVirtualDiskFlagDoNotCopyMetadataFromParent CreateVirtualDiskFlag = 0x4 + CreateVirtualDiskFlagCreateBackingStorage CreateVirtualDiskFlag = 0x8 + CreateVirtualDiskFlagUseChangeTrackingSourceLimit CreateVirtualDiskFlag = 0x10 + CreateVirtualDiskFlagPreserveParentChangeTrackingState CreateVirtualDiskFlag = 0x20 + CreateVirtualDiskFlagVhdSetUseOriginalBackingStorage CreateVirtualDiskFlag = 0x40 + CreateVirtualDiskFlagSparseFile CreateVirtualDiskFlag = 0x80 + CreateVirtualDiskFlagPmemCompatible CreateVirtualDiskFlag = 0x100 + CreateVirtualDiskFlagSupportCompressedVolumes CreateVirtualDiskFlag = 0x200 + + // Flags for opening a VHD + OpenVirtualDiskFlagNone VirtualDiskFlag = 0x00000000 + OpenVirtualDiskFlagNoParents VirtualDiskFlag = 0x00000001 + OpenVirtualDiskFlagBlankFile VirtualDiskFlag = 0x00000002 + OpenVirtualDiskFlagBootDrive VirtualDiskFlag = 0x00000004 + OpenVirtualDiskFlagCachedIO VirtualDiskFlag = 0x00000008 + OpenVirtualDiskFlagCustomDiffChain VirtualDiskFlag = 0x00000010 + OpenVirtualDiskFlagParentCachedIO VirtualDiskFlag = 0x00000020 + OpenVirtualDiskFlagVhdsetFileOnly VirtualDiskFlag = 0x00000040 + OpenVirtualDiskFlagIgnoreRelativeParentLocator VirtualDiskFlag = 0x00000080 + OpenVirtualDiskFlagNoWriteHardening VirtualDiskFlag = 0x00000100 + OpenVirtualDiskFlagSupportCompressedVolumes VirtualDiskFlag = 0x00000200 + + // Flags for attaching a VHD + AttachVirtualDiskFlagNone AttachVirtualDiskFlag = 0x00000000 + AttachVirtualDiskFlagReadOnly AttachVirtualDiskFlag = 0x00000001 + AttachVirtualDiskFlagNoDriveLetter AttachVirtualDiskFlag = 0x00000002 + AttachVirtualDiskFlagPermanentLifetime AttachVirtualDiskFlag = 0x00000004 + AttachVirtualDiskFlagNoLocalHost AttachVirtualDiskFlag = 0x00000008 + AttachVirtualDiskFlagNoSecurityDescriptor AttachVirtualDiskFlag = 0x00000010 + AttachVirtualDiskFlagBypassDefaultEncryptionPolicy AttachVirtualDiskFlag = 0x00000020 + AttachVirtualDiskFlagNonPnp AttachVirtualDiskFlag = 0x00000040 + AttachVirtualDiskFlagRestrictedRange AttachVirtualDiskFlag = 0x00000080 + AttachVirtualDiskFlagSinglePartition AttachVirtualDiskFlag = 0x00000100 + AttachVirtualDiskFlagRegisterVolume AttachVirtualDiskFlag = 0x00000200 + + // Flags for detaching a VHD + DetachVirtualDiskFlagNone DetachVirtualDiskFlag = 0x0 +) + +// CreateVhdx is a helper function to create a simple vhdx file at the given path using +// default values. +func CreateVhdx(path string, maxSizeInGb, blockSizeInMb uint32) error { + params := CreateVirtualDiskParameters{ Version: 2, - Version2: createVersion2{ + Version2: CreateVersion2{ MaximumSize: uint64(maxSizeInGb) * 1024 * 1024 * 1024, BlockSizeInBytes: blockSizeInMb * 1024 * 1024, }, } - if err := createVirtualDisk( - &defaultType, - path, - uint32(VirtualDiskAccessNone), - nil, - uint32(createVirtualDiskFlagNone), - 0, - ¶meters, - nil, - &handle); err != nil { + handle, err := CreateVirtualDisk(path, VirtualDiskAccessNone, CreateVirtualDiskFlagNone, ¶ms) + if err != nil { return err } if err := syscall.CloseHandle(handle); err != nil { return err } + return nil +} +// DetachVirtualDisk detaches a virtual hard disk by handle. +func DetachVirtualDisk(handle syscall.Handle) (err error) { + if err := detachVirtualDisk(handle, 0, 0); err != nil { + return errors.Wrap(err, "failed to detach virtual disk") + } return nil } -// DetachVhd detaches a mounted container layer vhd found at `path`. +// DetachVhd detaches a vhd found at `path`. func DetachVhd(path string) error { handle, err := OpenVirtualDisk( path, VirtualDiskAccessNone, - OpenVirtualDiskFlagCachedIO|OpenVirtualDiskFlagIgnoreRelativeParentLocator) + OpenVirtualDiskFlagCachedIO|OpenVirtualDiskFlagIgnoreRelativeParentLocator, + ) + if err != nil { + return err + } + defer syscall.CloseHandle(handle) + return DetachVirtualDisk(handle) +} +// AttachVirtualDisk attaches a virtual hard disk for use. +func AttachVirtualDisk(handle syscall.Handle, attachVirtualDiskFlag AttachVirtualDiskFlag, parameters *AttachVirtualDiskParameters) (err error) { + // Supports both version 1 and 2 of the attach parameters as version 2 wasn't present in RS5. + if err := attachVirtualDisk( + handle, + nil, + uint32(attachVirtualDiskFlag), + 0, + parameters, + nil, + ); err != nil { + return errors.Wrap(err, "failed to attach virtual disk") + } + return nil +} + +// AttachVhd attaches a virtual hard disk at `path` for use. Attaches using version 2 +// of the ATTACH_VIRTUAL_DISK_PARAMETERS. +func AttachVhd(path string) (err error) { + handle, err := OpenVirtualDisk( + path, + VirtualDiskAccessNone, + OpenVirtualDiskFlagCachedIO|OpenVirtualDiskFlagIgnoreRelativeParentLocator, + ) if err != nil { return err } + defer syscall.CloseHandle(handle) - return detachVirtualDisk(handle, 0, 0) + params := AttachVirtualDiskParameters{Version: 2} + if err := AttachVirtualDisk( + handle, + AttachVirtualDiskFlagNone, + ¶ms, + ); err != nil { + return errors.Wrap(err, "failed to attach virtual disk") + } + return nil } // OpenVirtualDisk obtains a handle to a VHD opened with supplied access mask and flags. -func OpenVirtualDisk(path string, accessMask VirtualDiskAccessMask, flag VirtualDiskFlag) (syscall.Handle, error) { +func OpenVirtualDisk(vhdPath string, virtualDiskAccessMask VirtualDiskAccessMask, openVirtualDiskFlags VirtualDiskFlag) (syscall.Handle, error) { + parameters := OpenVirtualDiskParameters{Version: 2} + handle, err := OpenVirtualDiskWithParameters( + vhdPath, + virtualDiskAccessMask, + openVirtualDiskFlags, + ¶meters, + ) + if err != nil { + return 0, err + } + return handle, nil +} + +// OpenVirtualDiskWithParameters obtains a handle to a VHD opened with supplied access mask, flags and parameters. +func OpenVirtualDiskWithParameters(vhdPath string, virtualDiskAccessMask VirtualDiskAccessMask, openVirtualDiskFlags VirtualDiskFlag, parameters *OpenVirtualDiskParameters) (syscall.Handle, error) { var ( - defaultType virtualStorageType handle syscall.Handle + defaultType VirtualStorageType ) - parameters := openVirtualDiskParameters{Version: 2} + if parameters.Version != 2 { + return handle, fmt.Errorf("only version 2 VHDs are supported, found version: %d", parameters.Version) + } if err := openVirtualDisk( + &defaultType, + vhdPath, + uint32(virtualDiskAccessMask), + uint32(openVirtualDiskFlags), + parameters, + &handle, + ); err != nil { + return 0, errors.Wrap(err, "failed to open virtual disk") + } + return handle, nil +} + +// CreateVirtualDisk creates a virtual harddisk and returns a handle to the disk. +func CreateVirtualDisk(path string, virtualDiskAccessMask VirtualDiskAccessMask, createVirtualDiskFlags CreateVirtualDiskFlag, parameters *CreateVirtualDiskParameters) (syscall.Handle, error) { + var ( + handle syscall.Handle + defaultType VirtualStorageType + ) + if parameters.Version != 2 { + return handle, fmt.Errorf("only version 2 VHDs are supported, found version: %d", parameters.Version) + } + + if err := createVirtualDisk( &defaultType, path, - uint32(accessMask), - uint32(flag), - ¶meters, - &handle); err != nil { - return 0, err + uint32(virtualDiskAccessMask), + nil, + uint32(createVirtualDiskFlags), + 0, + parameters, + nil, + &handle, + ); err != nil { + return handle, errors.Wrap(err, "failed to create virtual disk") } return handle, nil } + +// GetVirtualDiskPhysicalPath takes a handle to a virtual hard disk and returns the physical +// path of the disk on the machine. This path is in the form \\.\PhysicalDriveX where X is an integer +// that represents the particular enumeration of the physical disk on the caller's system. +func GetVirtualDiskPhysicalPath(handle syscall.Handle) (_ string, err error) { + var ( + diskPathSizeInBytes uint32 = 256 * 2 // max path length 256 wide chars + diskPhysicalPathBuf [256]uint16 + ) + if err := getVirtualDiskPhysicalPath( + handle, + &diskPathSizeInBytes, + &diskPhysicalPathBuf[0], + ); err != nil { + return "", errors.Wrap(err, "failed to get disk physical path") + } + return windows.UTF16ToString(diskPhysicalPathBuf[:]), nil +} + +// CreateDiffVhd is a helper function to create a differencing virtual disk. +func CreateDiffVhd(diffVhdPath, baseVhdPath string, blockSizeInMB uint32) error { + // Setting `ParentPath` is how to signal to create a differencing disk. + createParams := &CreateVirtualDiskParameters{ + Version: 2, + Version2: CreateVersion2{ + ParentPath: windows.StringToUTF16Ptr(baseVhdPath), + BlockSizeInBytes: blockSizeInMB * 1024 * 1024, + OpenFlags: uint32(OpenVirtualDiskFlagCachedIO), + }, + } + + vhdHandle, err := CreateVirtualDisk( + diffVhdPath, + VirtualDiskAccessNone, + CreateVirtualDiskFlagNone, + createParams, + ) + if err != nil { + return fmt.Errorf("failed to create differencing vhd: %s", err) + } + if err := syscall.CloseHandle(vhdHandle); err != nil { + return fmt.Errorf("failed to close differencing vhd handle: %s", err) + } + return nil +} diff --git a/vendor/github.com/Microsoft/go-winio/vhd/zvhd.go b/vendor/github.com/Microsoft/go-winio/vhd/zvhd.go deleted file mode 100644 index 00599ea497e83..0000000000000 --- a/vendor/github.com/Microsoft/go-winio/vhd/zvhd.go +++ /dev/null @@ -1,99 +0,0 @@ -// MACHINE GENERATED BY 'go generate' COMMAND; DO NOT EDIT - -package vhd - -import ( - "syscall" - "unsafe" - - "golang.org/x/sys/windows" -) - -var _ unsafe.Pointer - -// Do the interface allocations only once for common -// Errno values. -const ( - errnoERROR_IO_PENDING = 997 -) - -var ( - errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) -) - -// errnoErr returns common boxed Errno values, to prevent -// allocations at runtime. -func errnoErr(e syscall.Errno) error { - switch e { - case 0: - return nil - case errnoERROR_IO_PENDING: - return errERROR_IO_PENDING - } - // TODO: add more here, after collecting data on the common - // error values see on Windows. (perhaps when running - // all.bat?) - return e -} - -var ( - modVirtDisk = windows.NewLazySystemDLL("VirtDisk.dll") - - procCreateVirtualDisk = modVirtDisk.NewProc("CreateVirtualDisk") - procOpenVirtualDisk = modVirtDisk.NewProc("OpenVirtualDisk") - procDetachVirtualDisk = modVirtDisk.NewProc("DetachVirtualDisk") -) - -func createVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, securityDescriptor *uintptr, flags uint32, providerSpecificFlags uint32, parameters *createVirtualDiskParameters, o *syscall.Overlapped, handle *syscall.Handle) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(path) - if err != nil { - return - } - return _createVirtualDisk(virtualStorageType, _p0, virtualDiskAccessMask, securityDescriptor, flags, providerSpecificFlags, parameters, o, handle) -} - -func _createVirtualDisk(virtualStorageType *virtualStorageType, path *uint16, virtualDiskAccessMask uint32, securityDescriptor *uintptr, flags uint32, providerSpecificFlags uint32, parameters *createVirtualDiskParameters, o *syscall.Overlapped, handle *syscall.Handle) (err error) { - r1, _, e1 := syscall.Syscall9(procCreateVirtualDisk.Addr(), 9, uintptr(unsafe.Pointer(virtualStorageType)), uintptr(unsafe.Pointer(path)), uintptr(virtualDiskAccessMask), uintptr(unsafe.Pointer(securityDescriptor)), uintptr(flags), uintptr(providerSpecificFlags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(o)), uintptr(unsafe.Pointer(handle))) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } - return -} - -func openVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(path) - if err != nil { - return - } - return _openVirtualDisk(virtualStorageType, _p0, virtualDiskAccessMask, flags, parameters, handle) -} - -func _openVirtualDisk(virtualStorageType *virtualStorageType, path *uint16, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) { - r1, _, e1 := syscall.Syscall6(procOpenVirtualDisk.Addr(), 6, uintptr(unsafe.Pointer(virtualStorageType)), uintptr(unsafe.Pointer(path)), uintptr(virtualDiskAccessMask), uintptr(flags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(handle))) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } - return -} - -func detachVirtualDisk(handle syscall.Handle, flags uint32, providerSpecificFlags uint32) (err error) { - r1, _, e1 := syscall.Syscall(procDetachVirtualDisk.Addr(), 3, uintptr(handle), uintptr(flags), uintptr(providerSpecificFlags)) - if r1 != 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } - return -} diff --git a/vendor/github.com/Microsoft/go-winio/vhd/zvhd_windows.go b/vendor/github.com/Microsoft/go-winio/vhd/zvhd_windows.go new file mode 100644 index 0000000000000..7fb5f3651b955 --- /dev/null +++ b/vendor/github.com/Microsoft/go-winio/vhd/zvhd_windows.go @@ -0,0 +1,106 @@ +// Code generated by 'go generate'; DO NOT EDIT. + +package vhd + +import ( + "syscall" + "unsafe" + + "golang.org/x/sys/windows" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return errERROR_EINVAL + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modvirtdisk = windows.NewLazySystemDLL("virtdisk.dll") + + procAttachVirtualDisk = modvirtdisk.NewProc("AttachVirtualDisk") + procCreateVirtualDisk = modvirtdisk.NewProc("CreateVirtualDisk") + procDetachVirtualDisk = modvirtdisk.NewProc("DetachVirtualDisk") + procGetVirtualDiskPhysicalPath = modvirtdisk.NewProc("GetVirtualDiskPhysicalPath") + procOpenVirtualDisk = modvirtdisk.NewProc("OpenVirtualDisk") +) + +func attachVirtualDisk(handle syscall.Handle, securityDescriptor *uintptr, attachVirtualDiskFlag uint32, providerSpecificFlags uint32, parameters *AttachVirtualDiskParameters, overlapped *syscall.Overlapped) (win32err error) { + r0, _, _ := syscall.Syscall6(procAttachVirtualDisk.Addr(), 6, uintptr(handle), uintptr(unsafe.Pointer(securityDescriptor)), uintptr(attachVirtualDiskFlag), uintptr(providerSpecificFlags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(overlapped))) + if r0 != 0 { + win32err = syscall.Errno(r0) + } + return +} + +func createVirtualDisk(virtualStorageType *VirtualStorageType, path string, virtualDiskAccessMask uint32, securityDescriptor *uintptr, createVirtualDiskFlags uint32, providerSpecificFlags uint32, parameters *CreateVirtualDiskParameters, overlapped *syscall.Overlapped, handle *syscall.Handle) (win32err error) { + var _p0 *uint16 + _p0, win32err = syscall.UTF16PtrFromString(path) + if win32err != nil { + return + } + return _createVirtualDisk(virtualStorageType, _p0, virtualDiskAccessMask, securityDescriptor, createVirtualDiskFlags, providerSpecificFlags, parameters, overlapped, handle) +} + +func _createVirtualDisk(virtualStorageType *VirtualStorageType, path *uint16, virtualDiskAccessMask uint32, securityDescriptor *uintptr, createVirtualDiskFlags uint32, providerSpecificFlags uint32, parameters *CreateVirtualDiskParameters, overlapped *syscall.Overlapped, handle *syscall.Handle) (win32err error) { + r0, _, _ := syscall.Syscall9(procCreateVirtualDisk.Addr(), 9, uintptr(unsafe.Pointer(virtualStorageType)), uintptr(unsafe.Pointer(path)), uintptr(virtualDiskAccessMask), uintptr(unsafe.Pointer(securityDescriptor)), uintptr(createVirtualDiskFlags), uintptr(providerSpecificFlags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(handle))) + if r0 != 0 { + win32err = syscall.Errno(r0) + } + return +} + +func detachVirtualDisk(handle syscall.Handle, detachVirtualDiskFlags uint32, providerSpecificFlags uint32) (win32err error) { + r0, _, _ := syscall.Syscall(procDetachVirtualDisk.Addr(), 3, uintptr(handle), uintptr(detachVirtualDiskFlags), uintptr(providerSpecificFlags)) + if r0 != 0 { + win32err = syscall.Errno(r0) + } + return +} + +func getVirtualDiskPhysicalPath(handle syscall.Handle, diskPathSizeInBytes *uint32, buffer *uint16) (win32err error) { + r0, _, _ := syscall.Syscall(procGetVirtualDiskPhysicalPath.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(diskPathSizeInBytes)), uintptr(unsafe.Pointer(buffer))) + if r0 != 0 { + win32err = syscall.Errno(r0) + } + return +} + +func openVirtualDisk(virtualStorageType *VirtualStorageType, path string, virtualDiskAccessMask uint32, openVirtualDiskFlags uint32, parameters *OpenVirtualDiskParameters, handle *syscall.Handle) (win32err error) { + var _p0 *uint16 + _p0, win32err = syscall.UTF16PtrFromString(path) + if win32err != nil { + return + } + return _openVirtualDisk(virtualStorageType, _p0, virtualDiskAccessMask, openVirtualDiskFlags, parameters, handle) +} + +func _openVirtualDisk(virtualStorageType *VirtualStorageType, path *uint16, virtualDiskAccessMask uint32, openVirtualDiskFlags uint32, parameters *OpenVirtualDiskParameters, handle *syscall.Handle) (win32err error) { + r0, _, _ := syscall.Syscall6(procOpenVirtualDisk.Addr(), 6, uintptr(unsafe.Pointer(virtualStorageType)), uintptr(unsafe.Pointer(path)), uintptr(virtualDiskAccessMask), uintptr(openVirtualDiskFlags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(handle))) + if r0 != 0 { + win32err = syscall.Errno(r0) + } + return +} diff --git a/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go b/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go index e26b01fafb253..4579c74526f4b 100644 --- a/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go +++ b/vendor/github.com/Microsoft/go-winio/zsyscall_windows.go @@ -19,6 +19,7 @@ const ( var ( errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) + errERROR_EINVAL error = syscall.EINVAL ) // errnoErr returns common boxed Errno values, to prevent @@ -26,7 +27,7 @@ var ( func errnoErr(e syscall.Errno) error { switch e { case 0: - return nil + return errERROR_EINVAL case errnoERROR_IO_PENDING: return errERROR_IO_PENDING } @@ -37,514 +38,400 @@ func errnoErr(e syscall.Errno) error { } var ( + modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") modkernel32 = windows.NewLazySystemDLL("kernel32.dll") - modws2_32 = windows.NewLazySystemDLL("ws2_32.dll") modntdll = windows.NewLazySystemDLL("ntdll.dll") - modadvapi32 = windows.NewLazySystemDLL("advapi32.dll") + modws2_32 = windows.NewLazySystemDLL("ws2_32.dll") - procCancelIoEx = modkernel32.NewProc("CancelIoEx") - procCreateIoCompletionPort = modkernel32.NewProc("CreateIoCompletionPort") - procGetQueuedCompletionStatus = modkernel32.NewProc("GetQueuedCompletionStatus") - procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes") - procWSAGetOverlappedResult = modws2_32.NewProc("WSAGetOverlappedResult") - procConnectNamedPipe = modkernel32.NewProc("ConnectNamedPipe") - procCreateNamedPipeW = modkernel32.NewProc("CreateNamedPipeW") - procCreateFileW = modkernel32.NewProc("CreateFileW") - procGetNamedPipeInfo = modkernel32.NewProc("GetNamedPipeInfo") - procGetNamedPipeHandleStateW = modkernel32.NewProc("GetNamedPipeHandleStateW") - procLocalAlloc = modkernel32.NewProc("LocalAlloc") - procNtCreateNamedPipeFile = modntdll.NewProc("NtCreateNamedPipeFile") - procRtlNtStatusToDosErrorNoTeb = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb") - procRtlDosPathNameToNtPathName_U = modntdll.NewProc("RtlDosPathNameToNtPathName_U") - procRtlDefaultNpAcl = modntdll.NewProc("RtlDefaultNpAcl") - procLookupAccountNameW = modadvapi32.NewProc("LookupAccountNameW") + procAdjustTokenPrivileges = modadvapi32.NewProc("AdjustTokenPrivileges") + procConvertSecurityDescriptorToStringSecurityDescriptorW = modadvapi32.NewProc("ConvertSecurityDescriptorToStringSecurityDescriptorW") procConvertSidToStringSidW = modadvapi32.NewProc("ConvertSidToStringSidW") procConvertStringSecurityDescriptorToSecurityDescriptorW = modadvapi32.NewProc("ConvertStringSecurityDescriptorToSecurityDescriptorW") - procConvertSecurityDescriptorToStringSecurityDescriptorW = modadvapi32.NewProc("ConvertSecurityDescriptorToStringSecurityDescriptorW") - procLocalFree = modkernel32.NewProc("LocalFree") procGetSecurityDescriptorLength = modadvapi32.NewProc("GetSecurityDescriptorLength") - procGetFileInformationByHandleEx = modkernel32.NewProc("GetFileInformationByHandleEx") - procSetFileInformationByHandle = modkernel32.NewProc("SetFileInformationByHandle") - procAdjustTokenPrivileges = modadvapi32.NewProc("AdjustTokenPrivileges") procImpersonateSelf = modadvapi32.NewProc("ImpersonateSelf") - procRevertToSelf = modadvapi32.NewProc("RevertToSelf") - procOpenThreadToken = modadvapi32.NewProc("OpenThreadToken") - procGetCurrentThread = modkernel32.NewProc("GetCurrentThread") - procLookupPrivilegeValueW = modadvapi32.NewProc("LookupPrivilegeValueW") - procLookupPrivilegeNameW = modadvapi32.NewProc("LookupPrivilegeNameW") + procLookupAccountNameW = modadvapi32.NewProc("LookupAccountNameW") procLookupPrivilegeDisplayNameW = modadvapi32.NewProc("LookupPrivilegeDisplayNameW") + procLookupPrivilegeNameW = modadvapi32.NewProc("LookupPrivilegeNameW") + procLookupPrivilegeValueW = modadvapi32.NewProc("LookupPrivilegeValueW") + procOpenThreadToken = modadvapi32.NewProc("OpenThreadToken") + procRevertToSelf = modadvapi32.NewProc("RevertToSelf") procBackupRead = modkernel32.NewProc("BackupRead") procBackupWrite = modkernel32.NewProc("BackupWrite") + procCancelIoEx = modkernel32.NewProc("CancelIoEx") + procConnectNamedPipe = modkernel32.NewProc("ConnectNamedPipe") + procCreateFileW = modkernel32.NewProc("CreateFileW") + procCreateIoCompletionPort = modkernel32.NewProc("CreateIoCompletionPort") + procCreateNamedPipeW = modkernel32.NewProc("CreateNamedPipeW") + procGetCurrentThread = modkernel32.NewProc("GetCurrentThread") + procGetFileInformationByHandleEx = modkernel32.NewProc("GetFileInformationByHandleEx") + procGetNamedPipeHandleStateW = modkernel32.NewProc("GetNamedPipeHandleStateW") + procGetNamedPipeInfo = modkernel32.NewProc("GetNamedPipeInfo") + procGetQueuedCompletionStatus = modkernel32.NewProc("GetQueuedCompletionStatus") + procLocalAlloc = modkernel32.NewProc("LocalAlloc") + procLocalFree = modkernel32.NewProc("LocalFree") + procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes") + procSetFileInformationByHandle = modkernel32.NewProc("SetFileInformationByHandle") + procNtCreateNamedPipeFile = modntdll.NewProc("NtCreateNamedPipeFile") + procRtlDefaultNpAcl = modntdll.NewProc("RtlDefaultNpAcl") + procRtlDosPathNameToNtPathName_U = modntdll.NewProc("RtlDosPathNameToNtPathName_U") + procRtlNtStatusToDosErrorNoTeb = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb") + procWSAGetOverlappedResult = modws2_32.NewProc("WSAGetOverlappedResult") procbind = modws2_32.NewProc("bind") ) -func cancelIoEx(file syscall.Handle, o *syscall.Overlapped) (err error) { - r1, _, e1 := syscall.Syscall(procCancelIoEx.Addr(), 2, uintptr(file), uintptr(unsafe.Pointer(o)), 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func adjustTokenPrivileges(token windows.Token, releaseAll bool, input *byte, outputSize uint32, output *byte, requiredSize *uint32) (success bool, err error) { + var _p0 uint32 + if releaseAll { + _p0 = 1 } - return -} - -func createIoCompletionPort(file syscall.Handle, port syscall.Handle, key uintptr, threadCount uint32) (newport syscall.Handle, err error) { - r0, _, e1 := syscall.Syscall6(procCreateIoCompletionPort.Addr(), 4, uintptr(file), uintptr(port), uintptr(key), uintptr(threadCount), 0, 0) - newport = syscall.Handle(r0) - if newport == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + r0, _, e1 := syscall.Syscall6(procAdjustTokenPrivileges.Addr(), 6, uintptr(token), uintptr(_p0), uintptr(unsafe.Pointer(input)), uintptr(outputSize), uintptr(unsafe.Pointer(output)), uintptr(unsafe.Pointer(requiredSize))) + success = r0 != 0 + if true { + err = errnoErr(e1) } return } -func getQueuedCompletionStatus(port syscall.Handle, bytes *uint32, key *uintptr, o **ioOperation, timeout uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(port), uintptr(unsafe.Pointer(bytes)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(o)), uintptr(timeout), 0) +func convertSecurityDescriptorToStringSecurityDescriptor(sd *byte, revision uint32, secInfo uint32, sddl **uint16, sddlSize *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procConvertSecurityDescriptorToStringSecurityDescriptorW.Addr(), 5, uintptr(unsafe.Pointer(sd)), uintptr(revision), uintptr(secInfo), uintptr(unsafe.Pointer(sddl)), uintptr(unsafe.Pointer(sddlSize)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func setFileCompletionNotificationModes(h syscall.Handle, flags uint8) (err error) { - r1, _, e1 := syscall.Syscall(procSetFileCompletionNotificationModes.Addr(), 2, uintptr(h), uintptr(flags), 0) +func convertSidToStringSid(sid *byte, str **uint16) (err error) { + r1, _, e1 := syscall.Syscall(procConvertSidToStringSidW.Addr(), 2, uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(str)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func wsaGetOverlappedResult(h syscall.Handle, o *syscall.Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) { - var _p0 uint32 - if wait { - _p0 = 1 - } else { - _p0 = 0 +func convertStringSecurityDescriptorToSecurityDescriptor(str string, revision uint32, sd *uintptr, size *uint32) (err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(str) + if err != nil { + return } - r1, _, e1 := syscall.Syscall6(procWSAGetOverlappedResult.Addr(), 5, uintptr(h), uintptr(unsafe.Pointer(o)), uintptr(unsafe.Pointer(bytes)), uintptr(_p0), uintptr(unsafe.Pointer(flags)), 0) + return _convertStringSecurityDescriptorToSecurityDescriptor(_p0, revision, sd, size) +} + +func _convertStringSecurityDescriptorToSecurityDescriptor(str *uint16, revision uint32, sd *uintptr, size *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procConvertStringSecurityDescriptorToSecurityDescriptorW.Addr(), 4, uintptr(unsafe.Pointer(str)), uintptr(revision), uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(size)), 0, 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func connectNamedPipe(pipe syscall.Handle, o *syscall.Overlapped) (err error) { - r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(o)), 0) +func getSecurityDescriptorLength(sd uintptr) (len uint32) { + r0, _, _ := syscall.Syscall(procGetSecurityDescriptorLength.Addr(), 1, uintptr(sd), 0, 0) + len = uint32(r0) + return +} + +func impersonateSelf(level uint32) (err error) { + r1, _, e1 := syscall.Syscall(procImpersonateSelf.Addr(), 1, uintptr(level), 0, 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func createNamedPipe(name string, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *syscall.SecurityAttributes) (handle syscall.Handle, err error) { +func lookupAccountName(systemName *uint16, accountName string, sid *byte, sidSize *uint32, refDomain *uint16, refDomainSize *uint32, sidNameUse *uint32) (err error) { var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(name) + _p0, err = syscall.UTF16PtrFromString(accountName) if err != nil { return } - return _createNamedPipe(_p0, flags, pipeMode, maxInstances, outSize, inSize, defaultTimeout, sa) + return _lookupAccountName(systemName, _p0, sid, sidSize, refDomain, refDomainSize, sidNameUse) } -func _createNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *syscall.SecurityAttributes) (handle syscall.Handle, err error) { - r0, _, e1 := syscall.Syscall9(procCreateNamedPipeW.Addr(), 8, uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(pipeMode), uintptr(maxInstances), uintptr(outSize), uintptr(inSize), uintptr(defaultTimeout), uintptr(unsafe.Pointer(sa)), 0) - handle = syscall.Handle(r0) - if handle == syscall.InvalidHandle { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func _lookupAccountName(systemName *uint16, accountName *uint16, sid *byte, sidSize *uint32, refDomain *uint16, refDomainSize *uint32, sidNameUse *uint32) (err error) { + r1, _, e1 := syscall.Syscall9(procLookupAccountNameW.Addr(), 7, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(accountName)), uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(sidSize)), uintptr(unsafe.Pointer(refDomain)), uintptr(unsafe.Pointer(refDomainSize)), uintptr(unsafe.Pointer(sidNameUse)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) } return } -func createFile(name string, access uint32, mode uint32, sa *syscall.SecurityAttributes, createmode uint32, attrs uint32, templatefile syscall.Handle) (handle syscall.Handle, err error) { +func lookupPrivilegeDisplayName(systemName string, name *uint16, buffer *uint16, size *uint32, languageId *uint32) (err error) { var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(name) + _p0, err = syscall.UTF16PtrFromString(systemName) if err != nil { return } - return _createFile(_p0, access, mode, sa, createmode, attrs, templatefile) + return _lookupPrivilegeDisplayName(_p0, name, buffer, size, languageId) } -func _createFile(name *uint16, access uint32, mode uint32, sa *syscall.SecurityAttributes, createmode uint32, attrs uint32, templatefile syscall.Handle) (handle syscall.Handle, err error) { - r0, _, e1 := syscall.Syscall9(procCreateFileW.Addr(), 7, uintptr(unsafe.Pointer(name)), uintptr(access), uintptr(mode), uintptr(unsafe.Pointer(sa)), uintptr(createmode), uintptr(attrs), uintptr(templatefile), 0, 0) - handle = syscall.Handle(r0) - if handle == syscall.InvalidHandle { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func _lookupPrivilegeDisplayName(systemName *uint16, name *uint16, buffer *uint16, size *uint32, languageId *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procLookupPrivilegeDisplayNameW.Addr(), 5, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(buffer)), uintptr(unsafe.Pointer(size)), uintptr(unsafe.Pointer(languageId)), 0) + if r1 == 0 { + err = errnoErr(e1) } return } -func getNamedPipeInfo(pipe syscall.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procGetNamedPipeInfo.Addr(), 5, uintptr(pipe), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(outSize)), uintptr(unsafe.Pointer(inSize)), uintptr(unsafe.Pointer(maxInstances)), 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func lookupPrivilegeName(systemName string, luid *uint64, buffer *uint16, size *uint32) (err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(systemName) + if err != nil { + return } - return + return _lookupPrivilegeName(_p0, luid, buffer, size) } -func getNamedPipeHandleState(pipe syscall.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) { - r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0) +func _lookupPrivilegeName(systemName *uint16, luid *uint64, buffer *uint16, size *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procLookupPrivilegeNameW.Addr(), 4, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(luid)), uintptr(unsafe.Pointer(buffer)), uintptr(unsafe.Pointer(size)), 0, 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func localAlloc(uFlags uint32, length uint32) (ptr uintptr) { - r0, _, _ := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(uFlags), uintptr(length), 0) - ptr = uintptr(r0) - return +func lookupPrivilegeValue(systemName string, name string, luid *uint64) (err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(systemName) + if err != nil { + return + } + var _p1 *uint16 + _p1, err = syscall.UTF16PtrFromString(name) + if err != nil { + return + } + return _lookupPrivilegeValue(_p0, _p1, luid) } -func ntCreateNamedPipeFile(pipe *syscall.Handle, access uint32, oa *objectAttributes, iosb *ioStatusBlock, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (status ntstatus) { - r0, _, _ := syscall.Syscall15(procNtCreateNamedPipeFile.Addr(), 14, uintptr(unsafe.Pointer(pipe)), uintptr(access), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(share), uintptr(disposition), uintptr(options), uintptr(typ), uintptr(readMode), uintptr(completionMode), uintptr(maxInstances), uintptr(inboundQuota), uintptr(outputQuota), uintptr(unsafe.Pointer(timeout)), 0) - status = ntstatus(r0) +func _lookupPrivilegeValue(systemName *uint16, name *uint16, luid *uint64) (err error) { + r1, _, e1 := syscall.Syscall(procLookupPrivilegeValueW.Addr(), 3, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(luid))) + if r1 == 0 { + err = errnoErr(e1) + } return } -func rtlNtStatusToDosError(status ntstatus) (winerr error) { - r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(status), 0, 0) - if r0 != 0 { - winerr = syscall.Errno(r0) +func openThreadToken(thread syscall.Handle, accessMask uint32, openAsSelf bool, token *windows.Token) (err error) { + var _p0 uint32 + if openAsSelf { + _p0 = 1 + } + r1, _, e1 := syscall.Syscall6(procOpenThreadToken.Addr(), 4, uintptr(thread), uintptr(accessMask), uintptr(_p0), uintptr(unsafe.Pointer(token)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) } return } -func rtlDosPathNameToNtPathName(name *uint16, ntName *unicodeString, filePart uintptr, reserved uintptr) (status ntstatus) { - r0, _, _ := syscall.Syscall6(procRtlDosPathNameToNtPathName_U.Addr(), 4, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(ntName)), uintptr(filePart), uintptr(reserved), 0, 0) - status = ntstatus(r0) +func revertToSelf() (err error) { + r1, _, e1 := syscall.Syscall(procRevertToSelf.Addr(), 0, 0, 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } return } -func rtlDefaultNpAcl(dacl *uintptr) (status ntstatus) { - r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(dacl)), 0, 0) - status = ntstatus(r0) +func backupRead(h syscall.Handle, b []byte, bytesRead *uint32, abort bool, processSecurity bool, context *uintptr) (err error) { + var _p0 *byte + if len(b) > 0 { + _p0 = &b[0] + } + var _p1 uint32 + if abort { + _p1 = 1 + } + var _p2 uint32 + if processSecurity { + _p2 = 1 + } + r1, _, e1 := syscall.Syscall9(procBackupRead.Addr(), 7, uintptr(h), uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(unsafe.Pointer(bytesRead)), uintptr(_p1), uintptr(_p2), uintptr(unsafe.Pointer(context)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } return } -func lookupAccountName(systemName *uint16, accountName string, sid *byte, sidSize *uint32, refDomain *uint16, refDomainSize *uint32, sidNameUse *uint32) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(accountName) - if err != nil { - return +func backupWrite(h syscall.Handle, b []byte, bytesWritten *uint32, abort bool, processSecurity bool, context *uintptr) (err error) { + var _p0 *byte + if len(b) > 0 { + _p0 = &b[0] } - return _lookupAccountName(systemName, _p0, sid, sidSize, refDomain, refDomainSize, sidNameUse) + var _p1 uint32 + if abort { + _p1 = 1 + } + var _p2 uint32 + if processSecurity { + _p2 = 1 + } + r1, _, e1 := syscall.Syscall9(procBackupWrite.Addr(), 7, uintptr(h), uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(unsafe.Pointer(bytesWritten)), uintptr(_p1), uintptr(_p2), uintptr(unsafe.Pointer(context)), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return } -func _lookupAccountName(systemName *uint16, accountName *uint16, sid *byte, sidSize *uint32, refDomain *uint16, refDomainSize *uint32, sidNameUse *uint32) (err error) { - r1, _, e1 := syscall.Syscall9(procLookupAccountNameW.Addr(), 7, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(accountName)), uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(sidSize)), uintptr(unsafe.Pointer(refDomain)), uintptr(unsafe.Pointer(refDomainSize)), uintptr(unsafe.Pointer(sidNameUse)), 0, 0) +func cancelIoEx(file syscall.Handle, o *syscall.Overlapped) (err error) { + r1, _, e1 := syscall.Syscall(procCancelIoEx.Addr(), 2, uintptr(file), uintptr(unsafe.Pointer(o)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func convertSidToStringSid(sid *byte, str **uint16) (err error) { - r1, _, e1 := syscall.Syscall(procConvertSidToStringSidW.Addr(), 2, uintptr(unsafe.Pointer(sid)), uintptr(unsafe.Pointer(str)), 0) +func connectNamedPipe(pipe syscall.Handle, o *syscall.Overlapped) (err error) { + r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(o)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func convertStringSecurityDescriptorToSecurityDescriptor(str string, revision uint32, sd *uintptr, size *uint32) (err error) { +func createFile(name string, access uint32, mode uint32, sa *syscall.SecurityAttributes, createmode uint32, attrs uint32, templatefile syscall.Handle) (handle syscall.Handle, err error) { var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(str) + _p0, err = syscall.UTF16PtrFromString(name) if err != nil { return } - return _convertStringSecurityDescriptorToSecurityDescriptor(_p0, revision, sd, size) + return _createFile(_p0, access, mode, sa, createmode, attrs, templatefile) } -func _convertStringSecurityDescriptorToSecurityDescriptor(str *uint16, revision uint32, sd *uintptr, size *uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procConvertStringSecurityDescriptorToSecurityDescriptorW.Addr(), 4, uintptr(unsafe.Pointer(str)), uintptr(revision), uintptr(unsafe.Pointer(sd)), uintptr(unsafe.Pointer(size)), 0, 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func _createFile(name *uint16, access uint32, mode uint32, sa *syscall.SecurityAttributes, createmode uint32, attrs uint32, templatefile syscall.Handle) (handle syscall.Handle, err error) { + r0, _, e1 := syscall.Syscall9(procCreateFileW.Addr(), 7, uintptr(unsafe.Pointer(name)), uintptr(access), uintptr(mode), uintptr(unsafe.Pointer(sa)), uintptr(createmode), uintptr(attrs), uintptr(templatefile), 0, 0) + handle = syscall.Handle(r0) + if handle == syscall.InvalidHandle { + err = errnoErr(e1) } return } -func convertSecurityDescriptorToStringSecurityDescriptor(sd *byte, revision uint32, secInfo uint32, sddl **uint16, sddlSize *uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procConvertSecurityDescriptorToStringSecurityDescriptorW.Addr(), 5, uintptr(unsafe.Pointer(sd)), uintptr(revision), uintptr(secInfo), uintptr(unsafe.Pointer(sddl)), uintptr(unsafe.Pointer(sddlSize)), 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func createIoCompletionPort(file syscall.Handle, port syscall.Handle, key uintptr, threadCount uint32) (newport syscall.Handle, err error) { + r0, _, e1 := syscall.Syscall6(procCreateIoCompletionPort.Addr(), 4, uintptr(file), uintptr(port), uintptr(key), uintptr(threadCount), 0, 0) + newport = syscall.Handle(r0) + if newport == 0 { + err = errnoErr(e1) } return } -func localFree(mem uintptr) { - syscall.Syscall(procLocalFree.Addr(), 1, uintptr(mem), 0, 0) +func createNamedPipe(name string, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *syscall.SecurityAttributes) (handle syscall.Handle, err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(name) + if err != nil { + return + } + return _createNamedPipe(_p0, flags, pipeMode, maxInstances, outSize, inSize, defaultTimeout, sa) +} + +func _createNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *syscall.SecurityAttributes) (handle syscall.Handle, err error) { + r0, _, e1 := syscall.Syscall9(procCreateNamedPipeW.Addr(), 8, uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(pipeMode), uintptr(maxInstances), uintptr(outSize), uintptr(inSize), uintptr(defaultTimeout), uintptr(unsafe.Pointer(sa)), 0) + handle = syscall.Handle(r0) + if handle == syscall.InvalidHandle { + err = errnoErr(e1) + } return } -func getSecurityDescriptorLength(sd uintptr) (len uint32) { - r0, _, _ := syscall.Syscall(procGetSecurityDescriptorLength.Addr(), 1, uintptr(sd), 0, 0) - len = uint32(r0) +func getCurrentThread() (h syscall.Handle) { + r0, _, _ := syscall.Syscall(procGetCurrentThread.Addr(), 0, 0, 0, 0) + h = syscall.Handle(r0) return } func getFileInformationByHandleEx(h syscall.Handle, class uint32, buffer *byte, size uint32) (err error) { r1, _, e1 := syscall.Syscall6(procGetFileInformationByHandleEx.Addr(), 4, uintptr(h), uintptr(class), uintptr(unsafe.Pointer(buffer)), uintptr(size), 0, 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func setFileInformationByHandle(h syscall.Handle, class uint32, buffer *byte, size uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procSetFileInformationByHandle.Addr(), 4, uintptr(h), uintptr(class), uintptr(unsafe.Pointer(buffer)), uintptr(size), 0, 0) +func getNamedPipeHandleState(pipe syscall.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) { + r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } - return -} - -func adjustTokenPrivileges(token windows.Token, releaseAll bool, input *byte, outputSize uint32, output *byte, requiredSize *uint32) (success bool, err error) { - var _p0 uint32 - if releaseAll { - _p0 = 1 - } else { - _p0 = 0 - } - r0, _, e1 := syscall.Syscall6(procAdjustTokenPrivileges.Addr(), 6, uintptr(token), uintptr(_p0), uintptr(unsafe.Pointer(input)), uintptr(outputSize), uintptr(unsafe.Pointer(output)), uintptr(unsafe.Pointer(requiredSize))) - success = r0 != 0 - if true { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func impersonateSelf(level uint32) (err error) { - r1, _, e1 := syscall.Syscall(procImpersonateSelf.Addr(), 1, uintptr(level), 0, 0) +func getNamedPipeInfo(pipe syscall.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procGetNamedPipeInfo.Addr(), 5, uintptr(pipe), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(outSize)), uintptr(unsafe.Pointer(inSize)), uintptr(unsafe.Pointer(maxInstances)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func revertToSelf() (err error) { - r1, _, e1 := syscall.Syscall(procRevertToSelf.Addr(), 0, 0, 0, 0) +func getQueuedCompletionStatus(port syscall.Handle, bytes *uint32, key *uintptr, o **ioOperation, timeout uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(port), uintptr(unsafe.Pointer(bytes)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(o)), uintptr(timeout), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func openThreadToken(thread syscall.Handle, accessMask uint32, openAsSelf bool, token *windows.Token) (err error) { - var _p0 uint32 - if openAsSelf { - _p0 = 1 - } else { - _p0 = 0 - } - r1, _, e1 := syscall.Syscall6(procOpenThreadToken.Addr(), 4, uintptr(thread), uintptr(accessMask), uintptr(_p0), uintptr(unsafe.Pointer(token)), 0, 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } +func localAlloc(uFlags uint32, length uint32) (ptr uintptr) { + r0, _, _ := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(uFlags), uintptr(length), 0) + ptr = uintptr(r0) return } -func getCurrentThread() (h syscall.Handle) { - r0, _, _ := syscall.Syscall(procGetCurrentThread.Addr(), 0, 0, 0, 0) - h = syscall.Handle(r0) +func localFree(mem uintptr) { + syscall.Syscall(procLocalFree.Addr(), 1, uintptr(mem), 0, 0) return } -func lookupPrivilegeValue(systemName string, name string, luid *uint64) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(systemName) - if err != nil { - return - } - var _p1 *uint16 - _p1, err = syscall.UTF16PtrFromString(name) - if err != nil { - return - } - return _lookupPrivilegeValue(_p0, _p1, luid) -} - -func _lookupPrivilegeValue(systemName *uint16, name *uint16, luid *uint64) (err error) { - r1, _, e1 := syscall.Syscall(procLookupPrivilegeValueW.Addr(), 3, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(luid))) +func setFileCompletionNotificationModes(h syscall.Handle, flags uint8) (err error) { + r1, _, e1 := syscall.Syscall(procSetFileCompletionNotificationModes.Addr(), 2, uintptr(h), uintptr(flags), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } -func lookupPrivilegeName(systemName string, luid *uint64, buffer *uint16, size *uint32) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(systemName) - if err != nil { - return +func setFileInformationByHandle(h syscall.Handle, class uint32, buffer *byte, size uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procSetFileInformationByHandle.Addr(), 4, uintptr(h), uintptr(class), uintptr(unsafe.Pointer(buffer)), uintptr(size), 0, 0) + if r1 == 0 { + err = errnoErr(e1) } - return _lookupPrivilegeName(_p0, luid, buffer, size) + return } -func _lookupPrivilegeName(systemName *uint16, luid *uint64, buffer *uint16, size *uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procLookupPrivilegeNameW.Addr(), 4, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(luid)), uintptr(unsafe.Pointer(buffer)), uintptr(unsafe.Pointer(size)), 0, 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } +func ntCreateNamedPipeFile(pipe *syscall.Handle, access uint32, oa *objectAttributes, iosb *ioStatusBlock, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (status ntstatus) { + r0, _, _ := syscall.Syscall15(procNtCreateNamedPipeFile.Addr(), 14, uintptr(unsafe.Pointer(pipe)), uintptr(access), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(share), uintptr(disposition), uintptr(options), uintptr(typ), uintptr(readMode), uintptr(completionMode), uintptr(maxInstances), uintptr(inboundQuota), uintptr(outputQuota), uintptr(unsafe.Pointer(timeout)), 0) + status = ntstatus(r0) return } -func lookupPrivilegeDisplayName(systemName string, name *uint16, buffer *uint16, size *uint32, languageId *uint32) (err error) { - var _p0 *uint16 - _p0, err = syscall.UTF16PtrFromString(systemName) - if err != nil { - return - } - return _lookupPrivilegeDisplayName(_p0, name, buffer, size, languageId) +func rtlDefaultNpAcl(dacl *uintptr) (status ntstatus) { + r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(dacl)), 0, 0) + status = ntstatus(r0) + return } -func _lookupPrivilegeDisplayName(systemName *uint16, name *uint16, buffer *uint16, size *uint32, languageId *uint32) (err error) { - r1, _, e1 := syscall.Syscall6(procLookupPrivilegeDisplayNameW.Addr(), 5, uintptr(unsafe.Pointer(systemName)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(buffer)), uintptr(unsafe.Pointer(size)), uintptr(unsafe.Pointer(languageId)), 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } - } +func rtlDosPathNameToNtPathName(name *uint16, ntName *unicodeString, filePart uintptr, reserved uintptr) (status ntstatus) { + r0, _, _ := syscall.Syscall6(procRtlDosPathNameToNtPathName_U.Addr(), 4, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(ntName)), uintptr(filePart), uintptr(reserved), 0, 0) + status = ntstatus(r0) return } -func backupRead(h syscall.Handle, b []byte, bytesRead *uint32, abort bool, processSecurity bool, context *uintptr) (err error) { - var _p0 *byte - if len(b) > 0 { - _p0 = &b[0] - } - var _p1 uint32 - if abort { - _p1 = 1 - } else { - _p1 = 0 - } - var _p2 uint32 - if processSecurity { - _p2 = 1 - } else { - _p2 = 0 - } - r1, _, e1 := syscall.Syscall9(procBackupRead.Addr(), 7, uintptr(h), uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(unsafe.Pointer(bytesRead)), uintptr(_p1), uintptr(_p2), uintptr(unsafe.Pointer(context)), 0, 0) - if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } +func rtlNtStatusToDosError(status ntstatus) (winerr error) { + r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(status), 0, 0) + if r0 != 0 { + winerr = syscall.Errno(r0) } return } -func backupWrite(h syscall.Handle, b []byte, bytesWritten *uint32, abort bool, processSecurity bool, context *uintptr) (err error) { - var _p0 *byte - if len(b) > 0 { - _p0 = &b[0] - } - var _p1 uint32 - if abort { - _p1 = 1 - } else { - _p1 = 0 - } - var _p2 uint32 - if processSecurity { - _p2 = 1 - } else { - _p2 = 0 +func wsaGetOverlappedResult(h syscall.Handle, o *syscall.Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) { + var _p0 uint32 + if wait { + _p0 = 1 } - r1, _, e1 := syscall.Syscall9(procBackupWrite.Addr(), 7, uintptr(h), uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(unsafe.Pointer(bytesWritten)), uintptr(_p1), uintptr(_p2), uintptr(unsafe.Pointer(context)), 0, 0) + r1, _, e1 := syscall.Syscall6(procWSAGetOverlappedResult.Addr(), 5, uintptr(h), uintptr(unsafe.Pointer(o)), uintptr(unsafe.Pointer(bytes)), uintptr(_p0), uintptr(unsafe.Pointer(flags)), 0) if r1 == 0 { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } @@ -552,11 +439,7 @@ func backupWrite(h syscall.Handle, b []byte, bytesWritten *uint32, abort bool, p func bind(s syscall.Handle, name unsafe.Pointer, namelen int32) (err error) { r1, _, e1 := syscall.Syscall(procbind.Addr(), 3, uintptr(s), uintptr(name), uintptr(namelen)) if r1 == socketError { - if e1 != 0 { - err = errnoErr(e1) - } else { - err = syscall.EINVAL - } + err = errnoErr(e1) } return } From 80b7e8b5d723f7f64aa10edd0942099ab7700518 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Tue, 19 Oct 2021 17:10:34 +0200 Subject: [PATCH 151/252] buildkit: normalize build target and local platform Signed-off-by: CrazyMax (cherry picked from commit b4e056d556f1318f146acd66ff916d2df79fb564) --- .../builder-next/adapters/containerimage/pull.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/builder/builder-next/adapters/containerimage/pull.go b/builder/builder-next/adapters/containerimage/pull.go index 6b791f106463c..7a5a4e1424c73 100644 --- a/builder/builder-next/adapters/containerimage/pull.go +++ b/builder/builder-next/adapters/containerimage/pull.go @@ -22,6 +22,7 @@ import ( "github.com/containerd/containerd/remotes/docker" "github.com/containerd/containerd/remotes/docker/schema1" distreference "github.com/docker/distribution/reference" + dimages "github.com/docker/docker/daemon/images" "github.com/docker/docker/distribution" "github.com/docker/docker/distribution/metadata" "github.com/docker/docker/distribution/xfer" @@ -854,11 +855,11 @@ func resolveModeToString(rm source.ResolveMode) string { } func platformMatches(img *image.Image, p *ocispec.Platform) bool { - if img.Architecture != p.Architecture { - return false - } - if img.Variant != "" && img.Variant != p.Variant { - return false - } - return img.OS == p.OS + return dimages.OnlyPlatformWithFallback(*p).Match(ocispec.Platform{ + Architecture: img.Architecture, + OS: img.OS, + OSVersion: img.OSVersion, + OSFeatures: img.OSFeatures, + Variant: img.Variant, + }) } From bed624fdc9f117cf8d0dce58024f6304caf9bde9 Mon Sep 17 00:00:00 2001 From: Cam Date: Sat, 24 Oct 2020 10:56:21 -0700 Subject: [PATCH 152/252] docker kill: fix bug where failed kills didnt fallback to unix kill 1. fixes #41587 2. removes potential infinite Wait and goroutine leak at end of kill function fixes #41587 Signed-off-by: Cam (cherry picked from commit e57a365ab1a1b5f30b9cc04e2365448868ae5b4f) Signed-off-by: Brian Goff --- daemon/container_operations_unix.go | 58 +++++++++++++---------------- daemon/kill.go | 34 ++++++++--------- 2 files changed, 40 insertions(+), 52 deletions(-) diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go index 1647df0ce7ba8..6a50b99bd29e4 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -3,13 +3,11 @@ package daemon // import "github.com/docker/docker/daemon" import ( - "context" "fmt" "io/ioutil" "os" "path/filepath" "strconv" - "time" "github.com/docker/docker/container" "github.com/docker/docker/daemon/links" @@ -336,38 +334,32 @@ func (daemon *Daemon) cleanupSecretDir(c *container.Container) { } } -func killProcessDirectly(cntr *container.Container) error { - ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) - defer cancel() - - // Block until the container to stops or timeout. - status := <-cntr.Wait(ctx, container.WaitConditionNotRunning) - if status.Err() != nil { - // Ensure that we don't kill ourselves - if pid := cntr.GetPID(); pid != 0 { - logrus.Infof("Container %s failed to exit within 10 seconds of kill - trying direct SIGKILL", stringid.TruncateID(cntr.ID)) - if err := unix.Kill(pid, 9); err != nil { - if err != unix.ESRCH { - return err - } - e := errNoSuchProcess{pid, 9} - logrus.Debug(e) - return e - } +func killProcessDirectly(container *container.Container) error { + pid := container.GetPID() + // Ensure that we don't kill ourselves + if pid == 0 { + return nil + } - // In case there were some exceptions(e.g., state of zombie and D) - if system.IsProcessAlive(pid) { - - // Since we can not kill a zombie pid, add zombie check here - isZombie, err := system.IsProcessZombie(pid) - if err != nil { - logrus.Warnf("Container %s state is invalid", stringid.TruncateID(cntr.ID)) - return err - } - if isZombie { - return errdefs.System(errors.Errorf("container %s PID %d is zombie and can not be killed. Use the --init option when creating containers to run an init inside the container that forwards signals and reaps processes", stringid.TruncateID(cntr.ID), pid)) - } - } + if err := unix.Kill(pid, 9); err != nil { + if err != unix.ESRCH { + return err + } + e := errNoSuchProcess{pid, 9} + logrus.WithError(e).WithField("container", container.ID).Debug("no such process") + return e + } + + // In case there were some exceptions(e.g., state of zombie and D) + if system.IsProcessAlive(pid) { + // Since we can not kill a zombie pid, add zombie check here + isZombie, err := system.IsProcessZombie(pid) + if err != nil { + logrus.WithError(err).WithField("container", container.ID).Warn("Container state is invalid") + return err + } + if isZombie { + return errdefs.System(errors.Errorf("container %s PID %d is zombie and can not be killed. Use the --init option when creating containers to run an init inside the container that forwards signals and reaps processes", stringid.TruncateID(container.ID), pid)) } } return nil diff --git a/daemon/kill.go b/daemon/kill.go index da8e7238a2a42..cb374b2b881b5 100644 --- a/daemon/kill.go +++ b/daemon/kill.go @@ -139,29 +139,22 @@ func (daemon *Daemon) Kill(container *containerpkg.Container) error { // 1. Send SIGKILL if err := daemon.killPossiblyDeadProcess(container, int(syscall.SIGKILL)); err != nil { - // While normally we might "return err" here we're not going to - // because if we can't stop the container by this point then - // it's probably because it's already stopped. Meaning, between - // the time of the IsRunning() call above and now it stopped. - // Also, since the err return will be environment specific we can't - // look for any particular (common) error that would indicate - // that the process is already dead vs something else going wrong. - // So, instead we'll give it up to 2 more seconds to complete and if - // by that time the container is still running, then the error - // we got is probably valid and so we return it to the caller. + // kill failed, check if process is no longer running. if isErrNoSuchProcess(err) { return nil } + } - ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second) - defer cancel() + ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) + defer cancel() - if status := <-container.Wait(ctx, containerpkg.WaitConditionNotRunning); status.Err() != nil { - return err - } + status := <-container.Wait(ctx, containerpkg.WaitConditionNotRunning) + if status.Err() == nil { + return nil } - // 2. Wait for the process to die, in last resort, try to kill the process directly + logrus.WithError(status.Err()).WithField("container", container.ID).Error("Container failed to exit within 10 seconds of kill - trying direct SIGKILL") + if err := killProcessDirectly(container); err != nil { if isErrNoSuchProcess(err) { return nil @@ -169,10 +162,13 @@ func (daemon *Daemon) Kill(container *containerpkg.Container) error { return err } - // Wait for exit with no timeout. - // Ignore returned status. - <-container.Wait(context.Background(), containerpkg.WaitConditionNotRunning) + // wait for container to exit one last time, if it doesn't then kill didnt work, so return error + ctx2, cancel2 := context.WithTimeout(context.Background(), 2*time.Second) + defer cancel2() + if status := <-container.Wait(ctx2, containerpkg.WaitConditionNotRunning); status.Err() != nil { + return errors.New("tried to kill container, but did not receive an exit event") + } return nil } From a4bcd4c64f310e9eabdcb5df1e186529d730ffab Mon Sep 17 00:00:00 2001 From: Cam Date: Sat, 24 Oct 2020 13:15:58 -0700 Subject: [PATCH 153/252] docker daemon container stop refactor this refactors the Stop command to fix a few issues and behaviors that dont seem completely correct: 1. first it fixes a situation where stop could hang forever (#41579) 2. fixes a behavior where if sending the stop signal failed, then the code directly sends a -9 signal. If that fails, it returns without waiting for the process to exit or going through the full docker kill codepath. 3. fixes a behavior where if sending the stop signal failed, then the code sends a -9 signal. If that succeeds, then we still go through the same stop waiting process, and may even go through the docker kill path again, even though we've already sent a -9. 4. fixes a behavior where the code would wait the full 30 seconds after sending a stop signal, even if we already know the stop signal failed. fixes #41579 Signed-off-by: Cam (cherry picked from commit 8e362b75cb8cfbc539169cbb5d77c52802f65eb1) Signed-off-by: Brian Goff --- daemon/stop.go | 82 +++++++++++++++++++++++++++++--------------------- 1 file changed, 47 insertions(+), 35 deletions(-) diff --git a/daemon/stop.go b/daemon/stop.go index c3ac09056a970..ce0ff08e7dba4 100644 --- a/daemon/stop.go +++ b/daemon/stop.go @@ -38,52 +38,64 @@ func (daemon *Daemon) ContainerStop(name string, timeout *int) error { // containerStop sends a stop signal, waits, sends a kill signal. func (daemon *Daemon) containerStop(container *containerpkg.Container, seconds int) error { + // TODO propagate a context down to this function + ctx := context.TODO() if !container.IsRunning() { return nil } - + var wait time.Duration + if seconds >= 0 { + wait = time.Duration(seconds) * time.Second + } + success := func() error { + daemon.LogContainerEvent(container, "stop") + return nil + } stopSignal := container.StopSignal() - // 1. Send a stop signal - if err := daemon.killPossiblyDeadProcess(container, stopSignal); err != nil { - // While normally we might "return err" here we're not going to - // because if we can't stop the container by this point then - // it's probably because it's already stopped. Meaning, between - // the time of the IsRunning() call above and now it stopped. - // Also, since the err return will be environment specific we can't - // look for any particular (common) error that would indicate - // that the process is already dead vs something else going wrong. - // So, instead we'll give it up to 2 more seconds to complete and if - // by that time the container is still running, then the error - // we got is probably valid and so we force kill it. - ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second) - defer cancel() - if status := <-container.Wait(ctx, containerpkg.WaitConditionNotRunning); status.Err() != nil { - logrus.Infof("Container failed to stop after sending signal %d to the process, force killing", stopSignal) - if err := daemon.killPossiblyDeadProcess(container, 9); err != nil { - return err - } - } + // 1. Send a stop signal + err := daemon.killPossiblyDeadProcess(container, stopSignal) + if err != nil { + wait = 2 * time.Second } - // 2. Wait for the process to exit on its own - ctx := context.Background() + var subCtx context.Context + var cancel context.CancelFunc if seconds >= 0 { - var cancel context.CancelFunc - ctx, cancel = context.WithTimeout(ctx, time.Duration(seconds)*time.Second) - defer cancel() + subCtx, cancel = context.WithTimeout(ctx, wait) + } else { + subCtx, cancel = context.WithCancel(ctx) } + defer cancel() - if status := <-container.Wait(ctx, containerpkg.WaitConditionNotRunning); status.Err() != nil { - logrus.Infof("Container %v failed to exit within %d seconds of signal %d - using the force", container.ID, seconds, stopSignal) - // 3. If it doesn't, then send SIGKILL - if err := daemon.Kill(container); err != nil { - // Wait without a timeout, ignore result. - <-container.Wait(context.Background(), containerpkg.WaitConditionNotRunning) - logrus.Warn(err) // Don't return error because we only care that container is stopped, not what function stopped it + if status := <-container.Wait(subCtx, containerpkg.WaitConditionNotRunning); status.Err() == nil { + // container did exit, so ignore any previous errors and return + return success() + } + + if err != nil { + // the container has still not exited, and the kill function errored, so log the error here: + logrus.WithError(err).WithField("container", container.ID).Errorf("Error sending stop (signal %d) to container", stopSignal) + } + if seconds < 0 { + // if the client requested that we never kill / wait forever, but container.Wait was still + // interrupted (parent context cancelled, for example), we should propagate the signal failure + return err + } + + logrus.WithField("container", container.ID).Infof("Container failed to exit within %d seconds of signal %d - using the force", seconds, stopSignal) + // Stop either failed or container didnt exit, so fallback to kill. + if err := daemon.Kill(container); err != nil { + // got a kill error, but give container 2 more seconds to exit just in case + subCtx, cancel := context.WithTimeout(ctx, 2*time.Second) + defer cancel() + if status := <-container.Wait(subCtx, containerpkg.WaitConditionNotRunning); status.Err() == nil { + // container did exit, so ignore error and return + return success() } + logrus.WithError(err).WithField("container", container.ID).Error("Error killing the container") + return err } - daemon.LogContainerEvent(container, "stop") - return nil + return success() } From 3285c275033a361f237148e0ce611cb72bebccd9 Mon Sep 17 00:00:00 2001 From: Cam Date: Tue, 8 Jun 2021 13:29:57 -0700 Subject: [PATCH 154/252] Fix log statement 'failed to exit' timeout accuracy log statement should reflect how long it actually waited, not how long it theoretically could wait based on the 'seconds' integer passed in. Signed-off-by: Cam (cherry picked from commit d15ce134efadeb7cc3b370de6acfbb7accfb691b) Signed-off-by: Brian Goff --- daemon/stop.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/stop.go b/daemon/stop.go index ce0ff08e7dba4..5d4c214004c66 100644 --- a/daemon/stop.go +++ b/daemon/stop.go @@ -83,7 +83,7 @@ func (daemon *Daemon) containerStop(container *containerpkg.Container, seconds i return err } - logrus.WithField("container", container.ID).Infof("Container failed to exit within %d seconds of signal %d - using the force", seconds, stopSignal) + logrus.WithField("container", container.ID).Infof("Container failed to exit within %s of signal %d - using the force", wait, stopSignal) // Stop either failed or container didnt exit, so fallback to kill. if err := daemon.Kill(container); err != nil { // got a kill error, but give container 2 more seconds to exit just in case From 2c6aa5aad9067b60d0a2c7a0b19de8f304d9d4c9 Mon Sep 17 00:00:00 2001 From: Hugo Barrera Date: Tue, 20 Apr 2021 19:28:50 +0000 Subject: [PATCH 155/252] Remove needless check Starting `dockerd-rootless.sh` checks that `$HOME` is writeable, but does not require it to be so. Make the check more precise, and check that it actually exists and is a directory. Signed-off-by: Hugo Osvaldo Barrera (cherry picked from commit 3980d0462d3c550e4cea7c0a88c76a7cb2319a9d) Signed-off-by: Sebastiaan van Stijn --- contrib/dockerd-rootless.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index b9eda0a023f77..c1b521d2fa538 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -28,8 +28,8 @@ if ! [ -w $XDG_RUNTIME_DIR ]; then echo "XDG_RUNTIME_DIR needs to be set and writable" exit 1 fi -if ! [ -w $HOME ]; then - echo "HOME needs to be set and writable" +if ! [ -d $HOME ]; then + echo "HOME needs to be set and exist." exit 1 fi From 59d2a2c397686c87296022269c76421804c8d046 Mon Sep 17 00:00:00 2001 From: Chenyang Yan Date: Sun, 17 Oct 2021 18:14:39 +0800 Subject: [PATCH 156/252] dockerd-rootless.sh: Fix variable not double quotes cause unexpected behavior ``` $ cat test.sh echo "orign value=$XDG_RUNTIME_DIR" echo "1. with [ ] not quote ..." [ -w $XDG_RUNTIME_DIR ] echo "get 1 ret_code: $?" echo "2. with [ ] and quote ..." [ -w "$XDG_RUNTIME_DIR" ] echo "get 2 ret_code: $?" $ sh ./test.sh orign value= 1. with [ ] not quote ... get 1 ret_code: 0 2. with [ ] and quote ... get 2 ret_code: 1 $ bash ./test.sh orign value= 1. with [ ] not quote ... get 1 ret_code: 0 2. with [ ] and quote ... get 2 ret_code: 1 ``` Signed-off-by: Chenyang Yan (cherry picked from commit a8ce4d47c37577fb66ad02fdf43a55ad2b9d288d) Signed-off-by: Sebastiaan van Stijn --- contrib/dockerd-rootless.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/contrib/dockerd-rootless.sh b/contrib/dockerd-rootless.sh index c1b521d2fa538..7f31016f6aef9 100755 --- a/contrib/dockerd-rootless.sh +++ b/contrib/dockerd-rootless.sh @@ -24,11 +24,11 @@ case "$1" in exit 1 ;; esac -if ! [ -w $XDG_RUNTIME_DIR ]; then +if ! [ -w "$XDG_RUNTIME_DIR" ]; then echo "XDG_RUNTIME_DIR needs to be set and writable" exit 1 fi -if ! [ -d $HOME ]; then +if ! [ -d "$HOME" ]; then echo "HOME needs to be set and exist." exit 1 fi @@ -40,7 +40,7 @@ for f in docker-rootlesskit rootlesskit; do break fi done -if [ -z $rootlesskit ]; then +if [ -z "$rootlesskit" ]; then echo "rootlesskit needs to be installed" exit 1 fi @@ -52,19 +52,19 @@ fi : "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}" net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU -if [ -z $net ]; then +if [ -z "$net" ]; then if command -v slirp4netns > /dev/null 2>&1; then # If --netns-type is present in --help, slirp4netns is >= v0.4.0. if slirp4netns --help | grep -qw -- --netns-type; then net=slirp4netns - if [ -z $mtu ]; then + if [ -z "$mtu" ]; then mtu=65520 fi else echo "slirp4netns found but seems older than v0.4.0. Falling back to VPNKit." fi fi - if [ -z $net ]; then + if [ -z "$net" ]; then if command -v vpnkit > /dev/null 2>&1; then net=vpnkit else @@ -73,11 +73,11 @@ if [ -z $net ]; then fi fi fi -if [ -z $mtu ]; then +if [ -z "$mtu" ]; then mtu=1500 fi -if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then +if [ -z "$_DOCKERD_ROOTLESS_CHILD" ]; then _DOCKERD_ROOTLESS_CHILD=1 export _DOCKERD_ROOTLESS_CHILD if [ "$(id -u)" = "0" ]; then @@ -107,7 +107,7 @@ if [ -z $_DOCKERD_ROOTLESS_CHILD ]; then $DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS \ $0 $@ else - [ $_DOCKERD_ROOTLESS_CHILD = 1 ] + [ "$_DOCKERD_ROOTLESS_CHILD" = 1 ] # remove the symlinks for the existing files in the parent namespace if any, # so that we can create our own files in our mount namespace. rm -f /run/docker /run/containerd /run/xtables.lock From acb4f263b3ccd959af09ee7f3d0968557e3e425e Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Thu, 21 Oct 2021 19:27:07 +0000 Subject: [PATCH 157/252] Fix racey TestHealthKillContainer Before this change if you assume that things work the way the test expects them to (it does not, but lets assume for now) we aren't really testing anything because we are testing that a container is healthy before and after we send a signal. This will give false positives even if there is a bug in the underlying code. Sending a signal can take any amount of time to cause a container to exit or to trigger healthchecks to stop or whatever. Now lets remove the assumption that things are working as expected, because they are not. In this case, `top` (which is what is running in the container) is actually exiting when it receives `USR1`. This totally invalidates the test. We need more control and knowledge as to what is happening in the container to properly test this. This change introduces a custom script which traps `USR1` and flips the health status each time the signal is received. We then send the signal twice so that we know the change has occurred and check that the value has flipped so that we know the change has actually occurred. Signed-off-by: Brian Goff (cherry picked from commit 27ba755f70b05fce0bf14a49bfe33e540408c7c6) Signed-off-by: Sebastiaan van Stijn --- integration/container/health_test.go | 33 +++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/integration/container/health_test.go b/integration/container/health_test.go index 6d23a44d822f0..ad0245c6a80d4 100644 --- a/integration/container/health_test.go +++ b/integration/container/health_test.go @@ -43,8 +43,32 @@ func TestHealthKillContainer(t *testing.T) { client := testEnv.APIClient() id := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { + cmd := ` +# Set the initial HEALTH value so the healthcheck passes +HEALTH="1" +echo $HEALTH > /health + +# Any time doHealth is run we flip the value +# This lets us use kill signals to determine when healtchecks have run. +doHealth() { + case "$HEALTH" in + "0") + HEALTH="1" + ;; + "1") + HEALTH="0" + ;; + esac + echo $HEALTH > /health +} + +trap 'doHealth' USR1 + +while true; do sleep 1; done +` + c.Config.Cmd = []string{"/bin/sh", "-c", cmd} c.Config.Healthcheck = &containertypes.HealthConfig{ - Test: []string{"CMD-SHELL", "sleep 1"}, + Test: []string{"CMD-SHELL", `[ "$(cat /health)" = "1" ]`}, Interval: time.Second, Retries: 5, } @@ -57,6 +81,13 @@ func TestHealthKillContainer(t *testing.T) { err := client.ContainerKill(ctx, id, "SIGUSR1") assert.NilError(t, err) + ctxPoll, cancel = context.WithTimeout(ctx, 30*time.Second) + defer cancel() + poll.WaitOn(t, pollForHealthStatus(ctxPoll, client, id, "unhealthy"), poll.WithDelay(100*time.Millisecond)) + + err = client.ContainerKill(ctx, id, "SIGUSR1") + assert.NilError(t, err) + ctxPoll, cancel = context.WithTimeout(ctx, 30*time.Second) defer cancel() poll.WaitOn(t, pollForHealthStatus(ctxPoll, client, id, "healthy"), poll.WithDelay(100*time.Millisecond)) From 4b9a3dac46fd8e36f9f4f7b5835f108eb69e164a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 22 Oct 2021 15:33:22 +0200 Subject: [PATCH 158/252] Fix race in TestCreateServiceSecretFileMode, TestCreateServiceConfigFileMode Looks like this test was broken from the start, and fully relied on a race condition. (Test was added in 65ee7fff02111bf696bc2fec442d07c2957f4151) The problem is in the service's command: `ls -l /etc/config || /bin/top`, which will either: - exit immediately if the secret is mounted correctly at `/etc/config` (which it should) - keep running with `/bin/top` if the above failed After the service is created, the test enters a race-condition, checking for 1 task to be running (which it ocassionally is), after which it proceeds, and looks up the list of tasks of the service, to get the log output of `ls -l /etc/config`. This is another race: first of all, the original filter for that task lookup did not filter by `running`, so it would pick "any" task of the service (either failed, running, or "completed" (successfully exited) tasks). In the meantime though, SwarmKit kept reconciling the service, and creating new tasks, so even if the test was able to get the ID of the correct task, that task may already have been exited, and removed (task-limit is 5 by default), so only if the test was "lucky", it would be able to get the logs, but of course, chances were likely that it would be "too late", and the task already gone. The problem can be easily reproduced when running the steps manually: echo 'CONFIG' | docker config create myconfig - docker service create --config source=myconfig,target=/etc/config,mode=0777 --name myservice busybox sh -c 'ls -l /etc/config || /bin/top' The above creates the service, but it keeps retrying, because each task exits immediately (followed by SwarmKit reconciling and starting a new task); mjntpfkkyuuc1dpay4h00c4oo overall progress: 0 out of 1 tasks 1/1: ready [======================================> ] verify: Detected task failure ^COperation continuing in background. Use `docker service ps mjntpfkkyuuc1dpay4h00c4oo` to check progress. And checking the tasks for the service reveals that tasks exit cleanly (no error), but _do exit_, so swarm just keeps up reconciling, and spinning up new tasks; docker service ps myservice --no-trunc ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS 2wmcuv4vffnet8nybg3he4v9n myservice.1 busybox:latest@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57 docker-desktop Ready Ready less than a second ago 5p8b006uec125iq2892lxay64 \_ myservice.1 busybox:latest@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57 docker-desktop Shutdown Complete less than a second ago k8lpsvlak4b3nil0zfkexw61p \_ myservice.1 busybox:latest@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57 docker-desktop Shutdown Complete 6 seconds ago vsunl5pi7e2n9ol3p89kvj6pn \_ myservice.1 busybox:latest@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57 docker-desktop Shutdown Complete 11 seconds ago orxl8b6kt2l6dfznzzd4lij4s \_ myservice.1 busybox:latest@sha256:f7ca5a32c10d51aeda3b4d01c61c6061f497893d7f6628b92f822f7117182a57 docker-desktop Shutdown Complete 17 seconds ago This patch changes the service's command to `sleep`, so that a successful task (after successfully performing `ls -l /etc/config`) continues to be running until the service is deleted. With that change, the service should (usually) reconcile immediately, which removes the race condition, and should also make it faster :) This patch changes the tests to use client.ServiceLogs() instead of using the service's tasklist to directly access container logs. This should also fix some failures that happened if some tasks failed to start before reconciling, in which case client.TaskList() (with the current filters), could return more tasks than anticipated (as it also contained the exited tasks); === RUN TestCreateServiceSecretFileMode create_test.go:291: assertion failed: 2 (int) != 1 (int) --- FAIL: TestCreateServiceSecretFileMode (7.88s) === RUN TestCreateServiceConfigFileMode create_test.go:355: assertion failed: 2 (int) != 1 (int) --- FAIL: TestCreateServiceConfigFileMode (7.87s) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 13cff6d5839cca995d889b47d656888e8e2345ca) Signed-off-by: Sebastiaan van Stijn --- integration/service/create_test.go | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) diff --git a/integration/service/create_test.go b/integration/service/create_test.go index 9a7d5c0c14556..1992a6e4caecc 100644 --- a/integration/service/create_test.go +++ b/integration/service/create_test.go @@ -267,7 +267,7 @@ func TestCreateServiceSecretFileMode(t *testing.T) { serviceID := swarm.CreateService(t, d, swarm.ServiceWithReplicas(instances), swarm.ServiceWithName(serviceName), - swarm.ServiceWithCommand([]string{"/bin/sh", "-c", "ls -l /etc/secret || /bin/top"}), + swarm.ServiceWithCommand([]string{"/bin/sh", "-c", "ls -l /etc/secret && sleep inf"}), swarm.ServiceWithSecret(&swarmtypes.SecretReference{ File: &swarmtypes.SecretReferenceFileTarget{ Name: "/etc/secret", @@ -282,15 +282,8 @@ func TestCreateServiceSecretFileMode(t *testing.T) { poll.WaitOn(t, swarm.RunningTasksCount(client, serviceID, instances), swarm.ServicePoll) - filter := filters.NewArgs() - filter.Add("service", serviceID) - tasks, err := client.TaskList(ctx, types.TaskListOptions{ - Filters: filter, - }) - assert.NilError(t, err) - assert.Check(t, is.Equal(len(tasks), 1)) - - body, err := client.ContainerLogs(ctx, tasks[0].Status.ContainerStatus.ContainerID, types.ContainerLogsOptions{ + body, err := client.ServiceLogs(ctx, serviceID, types.ContainerLogsOptions{ + Tail: "1", ShowStdout: true, }) assert.NilError(t, err) @@ -330,7 +323,7 @@ func TestCreateServiceConfigFileMode(t *testing.T) { serviceName := "TestService_" + t.Name() serviceID := swarm.CreateService(t, d, swarm.ServiceWithName(serviceName), - swarm.ServiceWithCommand([]string{"/bin/sh", "-c", "ls -l /etc/config || /bin/top"}), + swarm.ServiceWithCommand([]string{"/bin/sh", "-c", "ls -l /etc/config && sleep inf"}), swarm.ServiceWithReplicas(instances), swarm.ServiceWithConfig(&swarmtypes.ConfigReference{ File: &swarmtypes.ConfigReferenceFileTarget{ @@ -346,15 +339,8 @@ func TestCreateServiceConfigFileMode(t *testing.T) { poll.WaitOn(t, swarm.RunningTasksCount(client, serviceID, instances)) - filter := filters.NewArgs() - filter.Add("service", serviceID) - tasks, err := client.TaskList(ctx, types.TaskListOptions{ - Filters: filter, - }) - assert.NilError(t, err) - assert.Check(t, is.Equal(len(tasks), 1)) - - body, err := client.ContainerLogs(ctx, tasks[0].Status.ContainerStatus.ContainerID, types.ContainerLogsOptions{ + body, err := client.ServiceLogs(ctx, serviceID, types.ContainerLogsOptions{ + Tail: "1", ShowStdout: true, }) assert.NilError(t, err) From 6611c72b654d55b830f5b7187de20083faaf6857 Mon Sep 17 00:00:00 2001 From: Aleksandr Chebotov Date: Tue, 2 Nov 2021 17:36:14 +0300 Subject: [PATCH 159/252] cmd/dockerd: create panic.log file without readonly flag Signed-off-by: Aleksandr Chebotov (cherry picked from commit b865204042237d3cf620d04f7a8cb3215f87fcea) Signed-off-by: Sebastiaan van Stijn --- cmd/dockerd/service_windows.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/dockerd/service_windows.go b/cmd/dockerd/service_windows.go index 92d2462376865..2d7c3b7da621e 100644 --- a/cmd/dockerd/service_windows.go +++ b/cmd/dockerd/service_windows.go @@ -372,7 +372,7 @@ Loop: func initPanicFile(path string) error { var err error - panicFile, err = os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0) + panicFile, err = os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0o200) if err != nil { return err } From b3456925ca8450dedba32752e3417eb6e1ebf336 Mon Sep 17 00:00:00 2001 From: Samuel Karp Date: Thu, 4 Nov 2021 14:41:21 -0700 Subject: [PATCH 160/252] vendor: update github.com/docker/distribution Signed-off-by: Samuel Karp --- vendor.conf | 2 +- .../manifest/manifestlist/manifestlist.go | 23 +++++++++++++++++++ .../manifest/ocischema/manifest.go | 22 ++++++++++++++++++ 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/vendor.conf b/vendor.conf index a88f05bd71188..f16cab8452526 100644 --- a/vendor.conf +++ b/vendor.conf @@ -76,7 +76,7 @@ github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d30 go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 # get graph and distribution packages -github.com/docker/distribution 0d3efadf0154c2b8a4e7b6621fff9809655cc580 +github.com/docker/distribution 58f99e93b767ebacbf8e62a9074844712d31a177 github.com/samuelkarp/docker-distribution github.com/vbatts/tar-split 620714a4c508c880ac1bdda9c8370a2b19af1a55 # v0.11.1 github.com/opencontainers/go-digest ea51bea511f75cfa3ef6098cc253c5c3609b037a # v1.0.0 diff --git a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go index 54c8f3c94c394..09b3609737456 100644 --- a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go +++ b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go @@ -54,6 +54,9 @@ func init() { } imageIndexFunc := func(b []byte) (distribution.Manifest, distribution.Descriptor, error) { + if err := validateIndex(b); err != nil { + return nil, distribution.Descriptor{}, err + } m := new(DeserializedManifestList) err := m.UnmarshalJSON(b) if err != nil { @@ -214,3 +217,23 @@ func (m DeserializedManifestList) Payload() (string, []byte, error) { return mediaType, m.canonical, nil } + +// unknownDocument represents a manifest, manifest list, or index that has not +// yet been validated +type unknownDocument struct { + Config interface{} `json:"config,omitempty"` + Layers interface{} `json:"layers,omitempty"` +} + +// validateIndex returns an error if the byte slice is invalid JSON or if it +// contains fields that belong to a manifest +func validateIndex(b []byte) error { + var doc unknownDocument + if err := json.Unmarshal(b, &doc); err != nil { + return err + } + if doc.Config != nil || doc.Layers != nil { + return errors.New("index: expected index but found manifest") + } + return nil +} diff --git a/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go b/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go index b8c4bab547094..910a64afb42c7 100644 --- a/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go +++ b/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go @@ -22,6 +22,9 @@ var ( func init() { ocischemaFunc := func(b []byte) (distribution.Manifest, distribution.Descriptor, error) { + if err := validateManifest(b); err != nil { + return nil, distribution.Descriptor{}, err + } m := new(DeserializedManifest) err := m.UnmarshalJSON(b) if err != nil { @@ -122,3 +125,22 @@ func (m *DeserializedManifest) MarshalJSON() ([]byte, error) { func (m DeserializedManifest) Payload() (string, []byte, error) { return v1.MediaTypeImageManifest, m.canonical, nil } + +// unknownDocument represents a manifest, manifest list, or index that has not +// yet been validated +type unknownDocument struct { + Manifests interface{} `json:"manifests,omitempty"` +} + +// validateManifest returns an error if the byte slice is invalid JSON or if it +// contains fields that belong to a index +func validateManifest(b []byte) error { + var doc unknownDocument + if err := json.Unmarshal(b, &doc); err != nil { + return err + } + if doc.Manifests != nil { + return errors.New("ocimanifest: expected manifest but found index") + } + return nil +} From c7edd308ad6e4dc63f983140f8a6095bea295d20 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 5 Nov 2021 10:49:04 +0100 Subject: [PATCH 161/252] [20.10] Update Go to 1.16.10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit go1.16.10 (released 2021-11-04) includes security fixes to the archive/zip and debug/macho packages, as well as bug fixes to the compiler, linker, runtime, the misc/wasm directory, and to the net/http package. See the Go 1.16.10 milestone for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.10+label%3ACherryPickApproved From the announcement e-mail: [security] Go 1.17.3 and Go 1.16.10 are released We have just released Go versions 1.17.3 and 1.16.10, minor point releases. These minor releases include two security fixes following the security policy: - archive/zip: don't panic on (*Reader).Open Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can be made to panic by an attacker providing either a crafted ZIP archive containing completely invalid names or an empty filename argument. Thank you to Colin Arnott, SiteHost and Noah Santschi-Cooney, Sourcegraph Code Intelligence Team for reporting this issue. This is CVE-2021-41772 and Go issue golang.org/issue/48085. - debug/macho: invalid dynamic symbol table command can cause panic Malformed binaries parsed using Open or OpenFat can cause a panic when calling ImportedSymbols, due to an out-of-bounds slice operation. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. This is CVE-2021-41771 and Go issue golang.org/issue/48990. Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index cff0abe895e2b..cf1200d6c2bf8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 1ba5016c4062a..41280aec667e1 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 3783035b76428..10f30be630998 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 870be1beaee0a..37b9198ff014f 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.9 +ARG GO_VERSION=1.16.10 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 0e76a0a418713ac1ccf6fd3c1e88adfafd4ec223 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Tue, 16 Mar 2021 16:17:22 +0900 Subject: [PATCH 162/252] info: unset cgroup-related fields when CgroupDriver == none Fix issue 42151 Signed-off-by: Akihiro Suda (cherry picked from commit 039e9670cb6ec2f24fcce9c3ddbbfa0e75a70138) Signed-off-by: Akihiro Suda --- daemon/info_unix.go | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/daemon/info_unix.go b/daemon/info_unix.go index 73d5663679bf6..704bd26c674e8 100644 --- a/daemon/info_unix.go +++ b/daemon/info_unix.go @@ -25,16 +25,18 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) v.CgroupVersion = "2" } - v.MemoryLimit = sysInfo.MemoryLimit - v.SwapLimit = sysInfo.SwapLimit - v.KernelMemory = sysInfo.KernelMemory - v.KernelMemoryTCP = sysInfo.KernelMemoryTCP - v.OomKillDisable = sysInfo.OomKillDisable - v.CPUCfsPeriod = sysInfo.CPUCfs - v.CPUCfsQuota = sysInfo.CPUCfs - v.CPUShares = sysInfo.CPUShares - v.CPUSet = sysInfo.Cpuset - v.PidsLimit = sysInfo.PidsLimit + if v.CgroupDriver != cgroupNoneDriver { + v.MemoryLimit = sysInfo.MemoryLimit + v.SwapLimit = sysInfo.SwapLimit + v.KernelMemory = sysInfo.KernelMemory + v.KernelMemoryTCP = sysInfo.KernelMemoryTCP + v.OomKillDisable = sysInfo.OomKillDisable + v.CPUCfsPeriod = sysInfo.CPUCfs + v.CPUCfsQuota = sysInfo.CPUCfs + v.CPUShares = sysInfo.CPUShares + v.CPUSet = sysInfo.Cpuset + v.PidsLimit = sysInfo.PidsLimit + } v.Runtimes = daemon.configStore.GetAllRuntimes() v.DefaultRuntime = daemon.configStore.GetDefaultRuntimeName() v.InitBinary = daemon.configStore.GetInitPath() From 34eb6fbe60cccd3dae5e67b0e7b2e0286c2e0a3f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 9 Nov 2021 16:49:42 +0100 Subject: [PATCH 163/252] testutil: daemon.Cleanup(): cleanup more directories The storage-driver directory caused Jenkins cleanup to fail. While at it, also removing other directories that we do not include in the "bundles" that are stored as Jenkins artifacts. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 1a15a1a06186df90e01ef06628ea99d3d8be1e0e) Signed-off-by: Sebastiaan van Stijn --- testutil/daemon/daemon.go | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/testutil/daemon/daemon.go b/testutil/daemon/daemon.go index 52882e4dcbde8..ebaad1cc7be44 100644 --- a/testutil/daemon/daemon.go +++ b/testutil/daemon/daemon.go @@ -281,6 +281,7 @@ func (d *Daemon) Cleanup(t testing.TB) { t.Helper() cleanupMount(t, d) cleanupRaftDir(t, d) + cleanupDaemonStorage(t, d) cleanupNetworkNamespace(t, d) } @@ -822,3 +823,36 @@ func cleanupRaftDir(t testing.TB, d *Daemon) { } } } + +// cleanupDaemonStorage removes the daemon's storage directory. +// +// Note that we don't delete the whole directory, as some files (e.g. daemon +// logs) are collected for inclusion in the "bundles" that are stored as Jenkins +// artifacts. +// +// We currently do not include container logs in the bundles, so this also +// removes the "containers" sub-directory. +func cleanupDaemonStorage(t testing.TB, d *Daemon) { + t.Helper() + dirs := []string{ + "builder", + "buildkit", + "containers", + "image", + "network", + "plugins", + "tmp", + "trust", + "volumes", + // note: this assumes storage-driver name matches the subdirectory, + // which is currently true, but not guaranteed. + d.storageDriver, + } + + for _, p := range dirs { + dir := filepath.Join(d.Root, p) + if err := os.RemoveAll(dir); err != nil { + t.Logf("[%s] error removing %v: %v", d.id, dir, err) + } + } +} From 7677aeafd7e25aa063c0e40217a26c316a5a2d0c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 5 Nov 2021 17:29:44 +0100 Subject: [PATCH 164/252] TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage This should help with Jenkins failing to clean up the Workspace: - make sure "cleanup" is also called in the defer for all daemons. keeping the daemon's storage around prevented Jenkins from cleaning up. - close client connections and some readers (just to be sure) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit eea2758761ccb6ca97db1ee0f409fd04d9a05939) Signed-off-by: Sebastiaan van Stijn --- integration/build/build_userns_linux_test.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/integration/build/build_userns_linux_test.go b/integration/build/build_userns_linux_test.go index 5c0bd54fea00d..b8269438c6363 100644 --- a/integration/build/build_userns_linux_test.go +++ b/integration/build/build_userns_linux_test.go @@ -41,6 +41,7 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { dUserRemap.Start(t, "--userns-remap", "default") ctx := context.Background() clientUserRemap := dUserRemap.NewClientT(t) + defer clientUserRemap.Close() err = load.FrozenImagesLinux(clientUserRemap, "debian:bullseye") assert.NilError(t, err) @@ -49,6 +50,7 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { defer func() { if dUserRemapRunning { dUserRemap.Stop(t) + dUserRemap.Cleanup(t) } }() @@ -89,12 +91,17 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { dNoUserRemap := daemon.New(t) dNoUserRemap.Start(t) - defer dNoUserRemap.Stop(t) + defer func() { + dNoUserRemap.Stop(t) + dNoUserRemap.Cleanup(t) + }() clientNoUserRemap := dNoUserRemap.NewClientT(t) + defer clientNoUserRemap.Close() tarFile, err := os.Open(tmp + "/image.tar") assert.NilError(t, err, "failed to open image tar file") + defer tarFile.Close() tarReader := bufio.NewReader(tarFile) loadResp, err := clientNoUserRemap.ImageLoad(ctx, tarReader, false) @@ -112,6 +119,7 @@ func TestBuildUserNamespaceValidateCapabilitiesAreV2(t *testing.T) { ShowStdout: true, }) assert.NilError(t, err) + defer logReader.Close() actualStdout := new(bytes.Buffer) actualStderr := ioutil.Discard From c96ed28f2f1aa2524564efe6ae02fe76203f1aa7 Mon Sep 17 00:00:00 2001 From: Samuel Karp Date: Thu, 4 Nov 2021 14:41:58 -0700 Subject: [PATCH 165/252] vendor: update github.com/containerd/containerd Signed-off-by: Samuel Karp --- vendor.conf | 2 +- .../containerd/containerd/images/image.go | 55 +++++++++++++++++++ .../remotes/docker/schema1/converter.go | 9 ++- 3 files changed, 63 insertions(+), 3 deletions(-) diff --git a/vendor.conf b/vendor.conf index f16cab8452526..72d5d5b126f70 100644 --- a/vendor.conf +++ b/vendor.conf @@ -130,7 +130,7 @@ github.com/googleapis/gax-go bd5b16380fd03dc758d11cef74ba google.golang.org/genproto 3f1135a288c9a07e340ae8ba4cc6c7065a3160e8 # containerd -github.com/containerd/containerd 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 # master (v1.5.0-dev) +github.com/containerd/containerd e048c115a3a89caf63941d363858e207c28bccd6 github.com/moby/containerd # master (v1.5.0-dev) + patch for CVE-2021-41190 github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 diff --git a/vendor/github.com/containerd/containerd/images/image.go b/vendor/github.com/containerd/containerd/images/image.go index 1868ee88dd1fb..2e42ca09a64f2 100644 --- a/vendor/github.com/containerd/containerd/images/image.go +++ b/vendor/github.com/containerd/containerd/images/image.go @@ -19,6 +19,7 @@ package images import ( "context" "encoding/json" + "fmt" "sort" "time" @@ -154,6 +155,10 @@ func Manifest(ctx context.Context, provider content.Provider, image ocispec.Desc return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var manifest ocispec.Manifest if err := json.Unmarshal(p, &manifest); err != nil { return nil, err @@ -194,6 +199,10 @@ func Manifest(ctx context.Context, provider content.Provider, image ocispec.Desc return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var idx ocispec.Index if err := json.Unmarshal(p, &idx); err != nil { return nil, err @@ -336,6 +345,10 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + // TODO(stevvooe): We just assume oci manifest, for now. There may be // subtle differences from the docker version. var manifest ocispec.Manifest @@ -351,6 +364,10 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + var index ocispec.Index if err := json.Unmarshal(p, &index); err != nil { return nil, err @@ -368,6 +385,44 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return descs, nil } +// unknownDocument represents a manifest, manifest list, or index that has not +// yet been validated. +type unknownDocument struct { + MediaType string `json:"mediaType,omitempty"` + Config json.RawMessage `json:"config,omitempty"` + Layers json.RawMessage `json:"layers,omitempty"` + Manifests json.RawMessage `json:"manifests,omitempty"` + FSLayers json.RawMessage `json:"fsLayers,omitempty"` // schema 1 +} + +// validateMediaType returns an error if the byte slice is invalid JSON or if +// the media type identifies the blob as one format but it contains elements of +// another format. +func validateMediaType(b []byte, mt string) error { + var doc unknownDocument + if err := json.Unmarshal(b, &doc); err != nil { + return err + } + if len(doc.FSLayers) != 0 { + return fmt.Errorf("media-type: schema 1 not supported") + } + switch mt { + case MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest: + if len(doc.Manifests) != 0 || + doc.MediaType == MediaTypeDockerSchema2ManifestList || + doc.MediaType == ocispec.MediaTypeImageIndex { + return fmt.Errorf("media-type: expected manifest but found index (%s)", mt) + } + case MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex: + if len(doc.Config) != 0 || len(doc.Layers) != 0 || + doc.MediaType == MediaTypeDockerSchema2Manifest || + doc.MediaType == ocispec.MediaTypeImageManifest { + return fmt.Errorf("media-type: expected index but found manifest (%s)", mt) + } + } + return nil +} + // RootFS returns the unpacked diffids that make up and images rootfs. // // These are used to verify that a set of layers unpacked to the expected diff --git a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go index 8314c01d5a6fc..f15a9acf3e81c 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go @@ -256,6 +256,9 @@ func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor) if err := json.Unmarshal(b, &m); err != nil { return err } + if len(m.Manifests) != 0 || len(m.Layers) != 0 { + return errors.New("converter: expected schema1 document but found extra keys") + } c.pulledManifest = &m return nil @@ -472,8 +475,10 @@ type history struct { } type manifest struct { - FSLayers []fsLayer `json:"fsLayers"` - History []history `json:"history"` + FSLayers []fsLayer `json:"fsLayers"` + History []history `json:"history"` + Layers json.RawMessage `json:"layers,omitempty"` // OCI manifest + Manifests json.RawMessage `json:"manifests,omitempty"` // OCI index } type v1History struct { From c1f352c4b13a1f562c59908f71a39fa40106ee7c Mon Sep 17 00:00:00 2001 From: Samuel Karp Date: Thu, 11 Nov 2021 17:45:40 -0800 Subject: [PATCH 166/252] distribution: validate blob type Signed-off-by: Samuel Karp --- distribution/manifest.go | 43 +++++++++++++++++---- distribution/manifest_test.go | 72 +++++++++++++++++++++++++++++++++++ 2 files changed, 107 insertions(+), 8 deletions(-) diff --git a/distribution/manifest.go b/distribution/manifest.go index a97373bd61510..3b5a18bad293c 100644 --- a/distribution/manifest.go +++ b/distribution/manifest.go @@ -3,6 +3,7 @@ package distribution import ( "context" "encoding/json" + "fmt" "io" "io/ioutil" @@ -11,7 +12,9 @@ import ( "github.com/containerd/containerd/log" "github.com/containerd/containerd/remotes" "github.com/docker/distribution" + "github.com/docker/distribution/manifest/manifestlist" "github.com/docker/distribution/manifest/schema1" + "github.com/docker/distribution/manifest/schema2" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" @@ -166,8 +169,10 @@ func detectManifestMediaType(ra content.ReaderAt) (string, error) { func detectManifestBlobMediaType(dt []byte) (string, error) { var mfst struct { MediaType string `json:"mediaType"` - Config json.RawMessage `json:"config"` // schema2 Manifest - FSLayers json.RawMessage `json:"fsLayers"` // schema1 Manifest + Manifests json.RawMessage `json:"manifests"` // oci index, manifest list + Config json.RawMessage `json:"config"` // schema2 Manifest + Layers json.RawMessage `json:"layers"` // schema2 Manifest + FSLayers json.RawMessage `json:"fsLayers"` // schema1 Manifest } if err := json.Unmarshal(dt, &mfst); err != nil { @@ -178,18 +183,40 @@ func detectManifestBlobMediaType(dt []byte) (string, error) { // Docker types should generally have a media type set. // OCI (golang) types do not have a `mediaType` defined, and it is optional in the spec. // - // `distrubtion.UnmarshalManifest`, which is used to unmarshal this for real, checks these media type values. + // `distribution.UnmarshalManifest`, which is used to unmarshal this for real, checks these media type values. // If the specified media type does not match it will error, and in some cases (docker media types) it is required. // So pretty much if we don't have a media type we can fall back to OCI. // This does have a special fallback for schema1 manifests just because it is easy to detect. - switch { - case mfst.MediaType != "": + switch mfst.MediaType { + case schema2.MediaTypeManifest, specs.MediaTypeImageManifest: + if mfst.Manifests != nil || mfst.FSLayers != nil { + return "", fmt.Errorf(`media-type: %q should not have "manifests" or "fsLayers"`, mfst.MediaType) + } + return mfst.MediaType, nil + case manifestlist.MediaTypeManifestList, specs.MediaTypeImageIndex: + if mfst.Config != nil || mfst.Layers != nil || mfst.FSLayers != nil { + return "", fmt.Errorf(`media-type: %q should not have "config", "layers", or "fsLayers"`, mfst.MediaType) + } + return mfst.MediaType, nil + case schema1.MediaTypeManifest: + if mfst.Manifests != nil || mfst.Layers != nil { + return "", fmt.Errorf(`media-type: %q should not have "manifests" or "layers"`, mfst.MediaType) + } return mfst.MediaType, nil - case mfst.FSLayers != nil: + default: + if mfst.MediaType != "" { + return mfst.MediaType, nil + } + } + switch { + case mfst.FSLayers != nil && mfst.Manifests == nil && mfst.Layers == nil && mfst.Config == nil: return schema1.MediaTypeManifest, nil - case mfst.Config != nil: + case mfst.Config != nil && mfst.Manifests == nil && mfst.FSLayers == nil, + mfst.Layers != nil && mfst.Manifests == nil && mfst.FSLayers == nil: return specs.MediaTypeImageManifest, nil - default: + case mfst.Config == nil && mfst.Layers == nil && mfst.FSLayers == nil: + // fallback to index return specs.MediaTypeImageIndex, nil } + return "", errors.New("media-type: cannot determine") } diff --git a/distribution/manifest_test.go b/distribution/manifest_test.go index 0976a712ec2cd..578f8ccce833e 100644 --- a/distribution/manifest_test.go +++ b/distribution/manifest_test.go @@ -14,8 +14,10 @@ import ( "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/remotes" "github.com/docker/distribution" + "github.com/docker/distribution/manifest/manifestlist" "github.com/docker/distribution/manifest/ocischema" "github.com/docker/distribution/manifest/schema1" + "github.com/docker/distribution/manifest/schema2" "github.com/google/go-cmp/cmp/cmpopts" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go/v1" @@ -349,3 +351,73 @@ func TestDetectManifestBlobMediaType(t *testing.T) { } } + +func TestDetectManifestBlobMediaTypeInvalid(t *testing.T) { + type testCase struct { + json []byte + expected string + } + cases := map[string]testCase{ + "schema 1 mediaType with manifests": { + []byte(`{"mediaType": "` + schema1.MediaTypeManifest + `","manifests":[]}`), + `media-type: "application/vnd.docker.distribution.manifest.v1+json" should not have "manifests" or "layers"`, + }, + "schema 1 mediaType with layers": { + []byte(`{"mediaType": "` + schema1.MediaTypeManifest + `","layers":[]}`), + `media-type: "application/vnd.docker.distribution.manifest.v1+json" should not have "manifests" or "layers"`, + }, + "schema 2 mediaType with manifests": { + []byte(`{"mediaType": "` + schema2.MediaTypeManifest + `","manifests":[]}`), + `media-type: "application/vnd.docker.distribution.manifest.v2+json" should not have "manifests" or "fsLayers"`, + }, + "schema 2 mediaType with fsLayers": { + []byte(`{"mediaType": "` + schema2.MediaTypeManifest + `","fsLayers":[]}`), + `media-type: "application/vnd.docker.distribution.manifest.v2+json" should not have "manifests" or "fsLayers"`, + }, + "oci manifest mediaType with manifests": { + []byte(`{"mediaType": "` + specs.MediaTypeImageManifest + `","manifests":[]}`), + `media-type: "application/vnd.oci.image.manifest.v1+json" should not have "manifests" or "fsLayers"`, + }, + "manifest list mediaType with fsLayers": { + []byte(`{"mediaType": "` + manifestlist.MediaTypeManifestList + `","fsLayers":[]}`), + `media-type: "application/vnd.docker.distribution.manifest.list.v2+json" should not have "config", "layers", or "fsLayers"`, + }, + "index mediaType with layers": { + []byte(`{"mediaType": "` + specs.MediaTypeImageIndex + `","layers":[]}`), + `media-type: "application/vnd.oci.image.index.v1+json" should not have "config", "layers", or "fsLayers"`, + }, + "index mediaType with config": { + []byte(`{"mediaType": "` + specs.MediaTypeImageIndex + `","config":{}}`), + `media-type: "application/vnd.oci.image.index.v1+json" should not have "config", "layers", or "fsLayers"`, + }, + "config and manifests": { + []byte(`{"config":{}, "manifests":[]}`), + `media-type: cannot determine`, + }, + "layers and manifests": { + []byte(`{"layers":[], "manifests":[]}`), + `media-type: cannot determine`, + }, + "layers and fsLayers": { + []byte(`{"layers":[], "fsLayers":[]}`), + `media-type: cannot determine`, + }, + "fsLayers and manifests": { + []byte(`{"fsLayers":[], "manifests":[]}`), + `media-type: cannot determine`, + }, + "config and fsLayers": { + []byte(`{"config":{}, "fsLayers":[]}`), + `media-type: cannot determine`, + }, + } + + for name, tc := range cases { + t.Run(name, func(t *testing.T) { + mt, err := detectManifestBlobMediaType(tc.json) + assert.Error(t, err, tc.expected) + assert.Equal(t, mt, "") + }) + } + +} From da9c9837892596fb44a73bcfd3e061bd23d0cff1 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 17 Nov 2021 20:40:17 +0100 Subject: [PATCH 167/252] [20.10] vendor: github.com/moby/buildkit v0.8.3-4-gbc07b2b8 imageutil: make mediatype detection more stricter to mitigate CVE-2021-41190. full diff: https://github.com/moby/buildkit/compare/244e8cde639f71a05a1a2e0670bd88e0206ce55c...bc07b2b81b1c6a62d29981ac564b16a15ce2bfa7 Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- .../moby/buildkit/util/imageutil/config.go | 32 +++++++++++++++---- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/vendor.conf b/vendor.conf index a88f05bd71188..64d4fad33142b 100644 --- a/vendor.conf +++ b/vendor.conf @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb # buildkit -github.com/moby/buildkit 244e8cde639f71a05a1a2e0670bd88e0206ce55c # v0.8.3-3-g244e8cde +github.com/moby/buildkit bc07b2b81b1c6a62d29981ac564b16a15ce2bfa7 # v0.8.3-4-gbc07b2b8 github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 diff --git a/vendor/github.com/moby/buildkit/util/imageutil/config.go b/vendor/github.com/moby/buildkit/util/imageutil/config.go index 0be587058a6c8..a93c8ccd6ba78 100644 --- a/vendor/github.com/moby/buildkit/util/imageutil/config.go +++ b/vendor/github.com/moby/buildkit/util/imageutil/config.go @@ -183,19 +183,39 @@ func DetectManifestMediaType(ra content.ReaderAt) (string, error) { func DetectManifestBlobMediaType(dt []byte) (string, error) { var mfst struct { - MediaType string `json:"mediaType"` + MediaType *string `json:"mediaType"` Config json.RawMessage `json:"config"` + Manifests json.RawMessage `json:"manifests"` + Layers json.RawMessage `json:"layers"` } if err := json.Unmarshal(dt, &mfst); err != nil { return "", err } - if mfst.MediaType != "" { - return mfst.MediaType, nil + mt := images.MediaTypeDockerSchema2ManifestList + + if mfst.Config != nil || mfst.Layers != nil { + mt = images.MediaTypeDockerSchema2Manifest + + if mfst.Manifests != nil { + return "", errors.Errorf("invalid ambiguous manifest and manifest list") + } } - if mfst.Config != nil { - return images.MediaTypeDockerSchema2Manifest, nil + + if mfst.MediaType != nil { + switch *mfst.MediaType { + case images.MediaTypeDockerSchema2ManifestList, specs.MediaTypeImageIndex: + if mt != images.MediaTypeDockerSchema2ManifestList { + return "", errors.Errorf("mediaType in manifest does not match manifest contents") + } + mt = *mfst.MediaType + case images.MediaTypeDockerSchema2Manifest, specs.MediaTypeImageManifest: + if mt != images.MediaTypeDockerSchema2Manifest { + return "", errors.Errorf("mediaType in manifest does not match manifest contents") + } + mt = *mfst.MediaType + } } - return images.MediaTypeDockerSchema2ManifestList, nil + return mt, nil } From d47de2a4c7f9638ab4db17ad8c4d149e771954b9 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 17 Nov 2021 20:36:36 +0100 Subject: [PATCH 168/252] [20.10] update containerd binary to v1.4.12 The twelfth patch release for containerd 1.4 contains a few minor bug fixes and an update to mitigate CVE-2021-41190. Notable Updates * Handle ambiguous OCI manifest parsing GHSA-5j5w-g665-5m35 * Update pull to try next mirror for non-404 errors * Update pull to handle of non-https urls in descriptors See the changelog for complete list of changes Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 92547b6d9b9f3..e6f5b238dd3f9 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=5b46e404f6b9f661a205e28d59c982d3634148f8}" # v1.4.11 +: "${CONTAINERD_COMMIT:=7b11cfaabd73bb80907dd23182b9347b4245eb5d}" # v1.4.12 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From e0108db2bd6b6cf8fd02a1c3485be47d81856c5f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 17 Nov 2021 22:10:15 +0100 Subject: [PATCH 169/252] [20.10] fix vendor validation Looks like vndr didn't like the replace rule missing a scheme; github.com/docker/distribution: Err: exit status 128, out: fatal: repository 'github.com/samuelkarp/docker-distribution' does not exist github.com/containerd/containerd: Err: exit status 128, out: fatal: repository 'github.com/moby/containerd' does not exist While at it, I also replaced the schem for go-immutable-radix, because GitHub is deprecating the git:// protocol. Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vendor.conf b/vendor.conf index 72d5d5b126f70..0ac1eba483107 100644 --- a/vendor.conf +++ b/vendor.conf @@ -76,7 +76,7 @@ github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d30 go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 # get graph and distribution packages -github.com/docker/distribution 58f99e93b767ebacbf8e62a9074844712d31a177 github.com/samuelkarp/docker-distribution +github.com/docker/distribution 58f99e93b767ebacbf8e62a9074844712d31a177 https://github.com/samuelkarp/docker-distribution.git github.com/vbatts/tar-split 620714a4c508c880ac1bdda9c8370a2b19af1a55 # v0.11.1 github.com/opencontainers/go-digest ea51bea511f75cfa3ef6098cc253c5c3609b037a # v1.0.0 @@ -130,7 +130,7 @@ github.com/googleapis/gax-go bd5b16380fd03dc758d11cef74ba google.golang.org/genproto 3f1135a288c9a07e340ae8ba4cc6c7065a3160e8 # containerd -github.com/containerd/containerd e048c115a3a89caf63941d363858e207c28bccd6 github.com/moby/containerd # master (v1.5.0-dev) + patch for CVE-2021-41190 +github.com/containerd/containerd e048c115a3a89caf63941d363858e207c28bccd6 https://github.com/moby/containerd.git # master (v1.5.0-dev) + patch for CVE-2021-41190 github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 @@ -151,7 +151,7 @@ github.com/google/certificate-transparency-go 37a384cd035e722ea46e55029093 golang.org/x/crypto c1f2f97bffc9c53fc40a1a28a5b460094c0050d9 golang.org/x/time 555d28b269f0569763d25dbe1a237ae74c6bcc82 github.com/hashicorp/go-memdb cb9a474f84cc5e41b273b20c6927680b2a8776ad -github.com/hashicorp/go-immutable-radix 826af9ccf0feeee615d546d69b11f8e98da8c8f1 git://github.com/tonistiigi/go-immutable-radix.git +github.com/hashicorp/go-immutable-radix 826af9ccf0feeee615d546d69b11f8e98da8c8f1 https://github.com/tonistiigi/go-immutable-radix.git github.com/hashicorp/golang-lru 7f827b33c0f158ec5dfbba01bb0b14a4541fd81d # v0.5.3 github.com/coreos/pkg 3ac0863d7acf3bc44daf49afef8919af12f704ef # v3 code.cloudfoundry.org/clock 02e53af36e6c978af692887ed449b74026d76fec # v1.0.0 From dc015972bbd112f67de333b4701cd0b3b9fcc935 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 17 Nov 2021 21:56:38 +0100 Subject: [PATCH 170/252] vendor: github.com/opencontainers/image-spec v1.0.2 - Bring mediaType out of reserved status - specs-go: adding mediaType to the index and manifest structures full diff: https://github.com/opencontainers/image-spec/compare/v1.0.1...v1.0.2 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit cef0a7c14efdef430b1e84140bb68dc3e4c4f8e7) Signed-off-by: Sebastiaan van Stijn --- integration/plugin/common/plugin_test.go | 6 +----- vendor.conf | 2 +- .../opencontainers/image-spec/specs-go/v1/index.go | 3 +++ .../opencontainers/image-spec/specs-go/v1/manifest.go | 3 +++ .../opencontainers/image-spec/specs-go/version.go | 2 +- 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/integration/plugin/common/plugin_test.go b/integration/plugin/common/plugin_test.go index a5568cca9136d..21add8f34cf41 100644 --- a/integration/plugin/common/plugin_test.go +++ b/integration/plugin/common/plugin_test.go @@ -276,11 +276,7 @@ func TestPluginBackCompatMediaTypes(t *testing.T) { assert.NilError(t, err) defer rdr.Close() - type manifest struct { - MediaType string - v1.Manifest - } - var m manifest + var m v1.Manifest assert.NilError(t, json.NewDecoder(rdr).Decode(&m)) assert.Check(t, cmp.Equal(m.MediaType, images.MediaTypeDockerSchema2Manifest)) assert.Check(t, cmp.Len(m.Layers, 1)) diff --git a/vendor.conf b/vendor.conf index 72d5d5b126f70..f3a7ad2e74a37 100644 --- a/vendor.conf +++ b/vendor.conf @@ -92,7 +92,7 @@ google.golang.org/grpc f495f5b15ae7ccda3b38c53a1bfc # packages but should be newer or equal. github.com/opencontainers/runc ff819c7e9184c13b7c2607fe6c30ae19403a7aff # v1.0.0-rc92 github.com/opencontainers/runtime-spec 4d89ac9fbff6c455f46a5bb59c6b1bb7184a5e43 # v1.0.3-0.20200728170252-4d89ac9fbff6 -github.com/opencontainers/image-spec d60099175f88c47cd379c4738d158884749ed235 # v1.0.1 +github.com/opencontainers/image-spec 67d2d5658fe0476ab9bf414cec164077ebff3920 # v1.0.2 github.com/cyphar/filepath-securejoin a261ee33d7a517f054effbf451841abaafe3e0fd # v0.2.2 # go-systemd v17 is required by github.com/coreos/pkg/capnslog/journald_formatter.go diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go index 4e6c4b236237d..82da6c6a89896 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go @@ -21,6 +21,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Index struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.index.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Manifests references platform specific manifests. Manifests []Descriptor `json:"manifests"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go index 7ff32c40ba305..d72d15ce4bb8b 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go @@ -20,6 +20,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Manifest struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.manifest.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Config references a configuration object for a container, by digest. // The referenced configuration object is a JSON blob that the runtime uses to set up the container. Config Descriptor `json:"config"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/version.go b/vendor/github.com/opencontainers/image-spec/specs-go/version.go index 5d493df23300e..0d9543f16000d 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/version.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/version.go @@ -22,7 +22,7 @@ const ( // VersionMinor is for functionality in a backwards-compatible manner VersionMinor = 0 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 1 + VersionPatch = 2 // VersionDev indicates development branch. Releases will be empty string. VersionDev = "" From f4daf9dd083a3b8770e01179499e4f5acc6caeff Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 6 Dec 2021 10:16:12 +0100 Subject: [PATCH 171/252] [20.10] update Go to 1.16.11 go1.16.11 (released 2021-12-02) includes fixes to the compiler, runtime, and the net/http, net/http/httptest, and time packages. See the Go 1.16.11 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.11+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index cf1200d6c2bf8..b973844c3a09a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 41280aec667e1..ed63f698ffdf4 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 10f30be630998..5210ba81326d8 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 37b9198ff014f..f415415705960 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.10 +ARG GO_VERSION=1.16.11 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From a621bc007bf56d2a20edee4f087c3401e3a1918d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sun, 12 Dec 2021 01:15:00 +0100 Subject: [PATCH 172/252] [20.10] update Go to 1.16.12 go1.16.12 (released 2021-12-09) includes security fixes to the syscall and net/http packages. See the Go 1.16.12 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.12+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index b973844c3a09a..839d437552cfd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index ed63f698ffdf4..9a00d8c09fb7c 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index 5210ba81326d8..fa1f78899e5ba 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index f415415705960..00de2b0941d8e 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.11 +ARG GO_VERSION=1.16.12 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 660b9962e4d2d4ad68898b00571a43127b84f6c3 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 11 Aug 2021 20:43:30 +0200 Subject: [PATCH 173/252] daemon.WithCommonOptions() fix detection of user-namespaces Commit dae652e2e5e47d99c8febd5bc81df0a3269beb74 added support for non-privileged containers to use ICMP_PROTO (used for `ping`). This option cannot be set for containers that have user-namespaces enabled. However, the detection looks to be incorrect; HostConfig.UsernsMode was added in 6993e891d10c760d22e0ea3d455f13858cd0de46 / ee2183881b0273ff1707501e71798a61018f50f0, and the property only has meaning if the daemon is running with user namespaces enabled. In other situations, the property has no meaning. As a result of the above, the sysctl would only be set for containers running with UsernsMode=host on a daemon running with user-namespaces enabled. This patch adds a check if the daemon has user-namespaces enabled (RemappedRoot having a non-empty value), or if the daemon is running inside a user namespace (e.g. rootless mode) to fix the detection. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a826ca3aefbd4d29344d851723731e3809f2a4ad) --- The cherry-pick was almost clean but `userns.RunningInUserNS()` -> `sys.RunningInUserNS()`. Fix docker/buildx issue 561 --- Signed-off-by: Akihiro Suda --- daemon/oci_linux.go | 3 ++- daemon/oci_linux_test.go | 16 ++++++++++++-- integration/container/run_linux_test.go | 29 +++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go index 948690fe9afec..3d34dcb31df99 100644 --- a/daemon/oci_linux.go +++ b/daemon/oci_linux.go @@ -767,7 +767,8 @@ func WithCommonOptions(daemon *Daemon, c *container.Container) coci.SpecOpts { // joining an existing namespace, only if we create a new net namespace. if c.HostConfig.NetworkMode.IsPrivate() { // We cannot set up ping socket support in a user namespace - if !c.HostConfig.UsernsMode.IsPrivate() && sysctlExists("net.ipv4.ping_group_range") { + userNS := daemon.configStore.RemappedRoot != "" && c.HostConfig.UsernsMode.IsPrivate() + if !userNS && !sys.RunningInUserNS() && sysctlExists("net.ipv4.ping_group_range") { // allow unprivileged ICMP echo sockets without CAP_NET_RAW s.Linux.Sysctl["net.ipv4.ping_group_range"] = "0 2147483647" } diff --git a/daemon/oci_linux_test.go b/daemon/oci_linux_test.go index 890875af8740c..32854f92152e8 100644 --- a/daemon/oci_linux_test.go +++ b/daemon/oci_linux_test.go @@ -120,7 +120,6 @@ func TestSysctlOverride(t *testing.T) { HostConfig: &containertypes.HostConfig{ NetworkMode: "bridge", Sysctls: map[string]string{}, - UsernsMode: "host", }, } d := setupFakeDaemon(t, c) @@ -148,6 +147,20 @@ func TestSysctlOverride(t *testing.T) { assert.Equal(t, s.Hostname, "foobar") assert.Equal(t, s.Linux.Sysctl["kernel.domainname"], c.HostConfig.Sysctls["kernel.domainname"]) assert.Equal(t, s.Linux.Sysctl["net.ipv4.ip_unprivileged_port_start"], c.HostConfig.Sysctls["net.ipv4.ip_unprivileged_port_start"]) + + // Ensure the ping_group_range is not set on a daemon with user-namespaces enabled + d.configStore.RemappedRoot = "dummy:dummy" + s, err = d.createSpec(c) + assert.NilError(t, err) + _, ok := s.Linux.Sysctl["net.ipv4.ping_group_range"] + assert.Assert(t, !ok) + + // Ensure the ping_group_range is set on a container in "host" userns mode + // on a daemon with user-namespaces enabled + c.HostConfig.UsernsMode = "host" + s, err = d.createSpec(c) + assert.NilError(t, err) + assert.Equal(t, s.Linux.Sysctl["net.ipv4.ping_group_range"], "0 2147483647") } // TestSysctlOverrideHost ensures that any implicit network sysctls are not set @@ -159,7 +172,6 @@ func TestSysctlOverrideHost(t *testing.T) { HostConfig: &containertypes.HostConfig{ NetworkMode: "host", Sysctls: map[string]string{}, - UsernsMode: "host", }, } d := setupFakeDaemon(t, c) diff --git a/integration/container/run_linux_test.go b/integration/container/run_linux_test.go index 9bff9b5a8ee59..a8e47e9f9e56c 100644 --- a/integration/container/run_linux_test.go +++ b/integration/container/run_linux_test.go @@ -99,3 +99,32 @@ func TestHostnameDnsResolution(t *testing.T) { assert.Check(t, is.Equal("", res.Stderr())) assert.Equal(t, 0, res.ExitCode) } + +func TestUnprivilegedPortsAndPing(t *testing.T) { + skip.If(t, testEnv.DaemonInfo.OSType != "linux") + skip.If(t, testEnv.IsRootless, "rootless mode doesn't support setting net.ipv4.ping_group_range and net.ipv4.ip_unprivileged_port_start") + + defer setupTest(t)() + client := testEnv.APIClient() + ctx := context.Background() + + cID := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { + c.Config.User = "1000:1000" + }) + + poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) + + // Check net.ipv4.ping_group_range. + res, err := container.Exec(ctx, client, cID, []string{"cat", "/proc/sys/net/ipv4/ping_group_range"}) + assert.NilError(t, err) + assert.Assert(t, is.Len(res.Stderr(), 0)) + assert.Equal(t, 0, res.ExitCode) + assert.Equal(t, `0 2147483647`, strings.TrimSpace(res.Stdout())) + + // Check net.ipv4.ip_unprivileged_port_start. + res, err = container.Exec(ctx, client, cID, []string{"cat", "/proc/sys/net/ipv4/ip_unprivileged_port_start"}) + assert.NilError(t, err) + assert.Assert(t, is.Len(res.Stderr(), 0)) + assert.Equal(t, 0, res.ExitCode) + assert.Equal(t, "0", strings.TrimSpace(res.Stdout())) +} From d6f3add5c6080fb6ab2e8dc5c7734ea37edbe8e6 Mon Sep 17 00:00:00 2001 From: Cam Date: Tue, 25 May 2021 10:26:21 -0700 Subject: [PATCH 174/252] vendor: github.com/fluent/fluent-logger-golang 1.6.1 Updates the fluent logger library. Namely this fixes a couple places where the library could panic when closing and writing to channels. see https://github.com/fluent/fluent-logger-golang/pull/93 and https://github.com/fluent/fluent-logger-golang/pull/95 closes #40829 closes #32567 Signed-off-by: Cam (cherry picked from commit a6a98d6928622c70feb8bf58a8dd17c3948cdd9d) Signed-off-by: Wesley --- vendor.conf | 2 +- .../fluent/fluent-logger-golang/README.md | 78 +++++++- .../fluent-logger-golang/fluent/fluent.go | 175 +++++++++++++----- .../fluent-logger-golang/fluent/proto.go | 16 +- 4 files changed, 214 insertions(+), 57 deletions(-) diff --git a/vendor.conf b/vendor.conf index dbf3e9979a268..7df83121523ef 100644 --- a/vendor.conf +++ b/vendor.conf @@ -106,7 +106,7 @@ github.com/godbus/dbus/v5 37bf87eef99d69c4f1d3528bd66e github.com/Graylog2/go-gelf 1550ee647df0510058c9d67a45c56f18911d80b8 # v2 branch # fluent-logger-golang deps -github.com/fluent/fluent-logger-golang 7a6c9dcd7f14c2ed5d8c55c11b894e5455ee311b # v1.4.0 +github.com/fluent/fluent-logger-golang b9b7fb02ccfee8ba4e69aa87386820c2bf24fd11 # v1.6.1 github.com/philhofer/fwd bb6d471dc95d4fe11e432687f8b70ff496cf3136 # v1.0.0 github.com/tinylib/msgp af6442a0fcf6e2a1b824f70dd0c734f01e817751 # v1.1.0 diff --git a/vendor/github.com/fluent/fluent-logger-golang/README.md b/vendor/github.com/fluent/fluent-logger-golang/README.md index 5930602619082..5ef54450d8166 100644 --- a/vendor/github.com/fluent/fluent-logger-golang/README.md +++ b/vendor/github.com/fluent/fluent-logger-golang/README.md @@ -2,6 +2,7 @@ fluent-logger-golang ==== [![Build Status](https://travis-ci.org/fluent/fluent-logger-golang.png?branch=master)](https://travis-ci.org/fluent/fluent-logger-golang) +[![GoDoc](https://godoc.org/github.com/fluent/fluent-logger-golang/fluent?status.svg)](https://godoc.org/github.com/fluent/fluent-logger-golang/fluent) ## A structured event logger for Fluentd (Golang) @@ -19,8 +20,6 @@ Install the package with `go get` and use `import` to include it in your project import "github.com/fluent/fluent-logger-golang/fluent" ``` -GoDoc: http://godoc.org/github.com/fluent/fluent-logger-golang/fluent - ## Example ```go @@ -29,7 +28,7 @@ package main import ( "github.com/fluent/fluent-logger-golang/fluent" "fmt" - "time" + //"time" ) func main() { @@ -59,21 +58,92 @@ func main() { f := fluent.New(fluent.Config{FluentPort: 80, FluentHost: "example.com"}) ``` +### FluentNetwork + +Specify the network protocol, as "tcp" (use `FluentHost` and `FluentPort`) or "unix" (use `FluentSocketPath`). +The default is "tcp". + +### FluentHost + +Specify a hostname or IP address as a string for the destination of the "tcp" protocol. +The default is "127.0.0.1". + +### FluentPort + +Specify the TCP port of the destination. The default is 24224. + +### FluentSocketPath + +Specify the unix socket path when `FluentNetwork` is "unix". + +### Timeout + +Set the timeout value of `time.Duration` to connect to the destination. +The default is 3 seconds. + ### WriteTimeout -Sets the timeout for Write call of logger.Post. +Sets the timeout value of `time.Duration` for Write call of `logger.Post`. Since the default is zero value, Write will not time out. +### BufferLimit + +Sets the number of events buffered on the memory. Records will be stored in memory up to this number. If the buffer is full, the call to record logs will fail. +The default is 8192. + +### RetryWait + +Set the duration of the initial wait for the first retry, in milliseconds. The actual retry wait will be `r * 1.5^(N-1)` (r: this value, N: the number of retries). +The default is 500. + +### MaxRetry + +Sets the maximum number of retries. If the number of retries become larger than this value, the write/send operation will fail. +The default is 13. + +### MaxRetryWait + +The maximum duration of wait between retries, in milliseconds. If the calculated retry wait is larger than this value, the actual retry wait will be this value. +The default is 60,000 (60 seconds). + +### TagPrefix + +Sets the prefix string of the tag. Prefix will be appended with a dot `.`, like `ppp.tag` (ppp: the value of this parameter, tag: the tag string specified in a call). +The default is blank. + ### Async Enable asynchronous I/O (connect and write) for sending events to Fluentd. The default is false. +### ForceStopAsyncSend + +When Async is enabled, immediately discard the event queue on close() and return (instead of trying MaxRetry times for each event in the queue before returning) +The default is false. + +### SubSecondPrecision + +Enable time encoding as EventTime, which contains sub-second precision values. The messages encoded with this option can be received only by Fluentd v0.14 or later. +The default is false. + +### MarshalAsJson + +Enable Json data marshaling to send messages using Json format (instead of the standard MessagePack). It is supported by Fluentd `in_forward` plugin. +The default is false. + ### RequestAck Sets whether to request acknowledgment from Fluentd to increase the reliability of the connection. The default is false. +## FAQ + +### Does this logger support the features of Fluentd Forward Protocol v1? + +"the features" includes heartbeat messages (for TCP keepalive), TLS transport and shared key authentication. + +This logger doesn't support those features. Patches are welcome! + ## Tests ``` go test diff --git a/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go b/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go index 5bbd52668ea27..9d5d8af4d27e5 100644 --- a/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go +++ b/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go @@ -15,8 +15,9 @@ import ( "bytes" "encoding/base64" "encoding/binary" - "github.com/tinylib/msgp/msgp" "math/rand" + + "github.com/tinylib/msgp/msgp" ) const ( @@ -37,18 +38,19 @@ const ( ) type Config struct { - FluentPort int `json:"fluent_port"` - FluentHost string `json:"fluent_host"` - FluentNetwork string `json:"fluent_network"` - FluentSocketPath string `json:"fluent_socket_path"` - Timeout time.Duration `json:"timeout"` - WriteTimeout time.Duration `json:"write_timeout"` - BufferLimit int `json:"buffer_limit"` - RetryWait int `json:"retry_wait"` - MaxRetry int `json:"max_retry"` - MaxRetryWait int `json:"max_retry_wait"` - TagPrefix string `json:"tag_prefix"` - Async bool `json:"async"` + FluentPort int `json:"fluent_port"` + FluentHost string `json:"fluent_host"` + FluentNetwork string `json:"fluent_network"` + FluentSocketPath string `json:"fluent_socket_path"` + Timeout time.Duration `json:"timeout"` + WriteTimeout time.Duration `json:"write_timeout"` + BufferLimit int `json:"buffer_limit"` + RetryWait int `json:"retry_wait"` + MaxRetry int `json:"max_retry"` + MaxRetryWait int `json:"max_retry_wait"` + TagPrefix string `json:"tag_prefix"` + Async bool `json:"async"` + ForceStopAsyncSend bool `json:"force_stop_async_send"` // Deprecated: Use Async instead AsyncConnect bool `json:"async_connect"` MarshalAsJSON bool `json:"marshal_as_json"` @@ -63,6 +65,18 @@ type Config struct { RequestAck bool `json:"request_ack"` } +type ErrUnknownNetwork struct { + network string +} + +func (e *ErrUnknownNetwork) Error() string { + return "unknown network " + e.network +} + +func NewErrUnknownNetwork(network string) error { + return &ErrUnknownNetwork{network} +} + type msgToSend struct { data []byte ack string @@ -71,15 +85,32 @@ type msgToSend struct { type Fluent struct { Config - pending chan *msgToSend - wg sync.WaitGroup + dialer dialer + stopRunning chan bool + pending chan *msgToSend + pendingMutex sync.RWMutex + chanClosed bool + wg sync.WaitGroup muconn sync.Mutex conn net.Conn } // New creates a new Logger. -func New(config Config) (f *Fluent, err error) { +func New(config Config) (*Fluent, error) { + if config.Timeout == 0 { + config.Timeout = defaultTimeout + } + return newWithDialer(config, &net.Dialer{ + Timeout: config.Timeout, + }) +} + +type dialer interface { + Dial(string, string) (net.Conn, error) +} + +func newWithDialer(config Config, d dialer) (f *Fluent, err error) { if config.FluentNetwork == "" { config.FluentNetwork = defaultNetwork } @@ -92,9 +123,6 @@ func New(config Config) (f *Fluent, err error) { if config.FluentSocketPath == "" { config.FluentSocketPath = defaultSocketPath } - if config.Timeout == 0 { - config.Timeout = defaultTimeout - } if config.WriteTimeout == 0 { config.WriteTimeout = defaultWriteTimeout } @@ -114,15 +142,22 @@ func New(config Config) (f *Fluent, err error) { fmt.Fprintf(os.Stderr, "fluent#New: AsyncConnect is now deprecated, please use Async instead") config.Async = config.Async || config.AsyncConnect } + if config.Async { f = &Fluent{ - Config: config, - pending: make(chan *msgToSend, config.BufferLimit), + Config: config, + dialer: d, + pending: make(chan *msgToSend, config.BufferLimit), + pendingMutex: sync.RWMutex{}, + stopRunning: make(chan bool, 1), } f.wg.Add(1) go f.run() } else { - f = &Fluent{Config: config} + f = &Fluent{ + Config: config, + dialer: d, + } err = f.connect() } return @@ -292,16 +327,32 @@ func (f *Fluent) EncodeData(tag string, tm time.Time, message interface{}) (msg // Close closes the connection, waiting for pending logs to be sent func (f *Fluent) Close() (err error) { + defer f.close(f.conn) if f.Config.Async { + f.pendingMutex.Lock() + if f.chanClosed { + f.pendingMutex.Unlock() + return nil + } + f.chanClosed = true + f.pendingMutex.Unlock() + if f.Config.ForceStopAsyncSend { + f.stopRunning <- true + close(f.stopRunning) + } close(f.pending) f.wg.Wait() } - f.close() - return + return nil } // appendBuffer appends data to buffer with lock. func (f *Fluent) appendBuffer(msg *msgToSend) error { + f.pendingMutex.RLock() + defer f.pendingMutex.RUnlock() + if f.chanClosed { + return fmt.Errorf("fluent#appendBuffer: Logger already closed") + } select { case f.pending <- msg: default: @@ -311,9 +362,9 @@ func (f *Fluent) appendBuffer(msg *msgToSend) error { } // close closes the connection. -func (f *Fluent) close() { +func (f *Fluent) close(c net.Conn) { f.muconn.Lock() - if f.conn != nil { + if f.conn != nil && f.conn == c { f.conn.Close() f.conn = nil } @@ -322,19 +373,24 @@ func (f *Fluent) close() { // connect establishes a new connection using the specified transport. func (f *Fluent) connect() (err error) { - switch f.Config.FluentNetwork { case "tcp": - f.conn, err = net.DialTimeout(f.Config.FluentNetwork, f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort), f.Config.Timeout) + f.conn, err = f.dialer.Dial( + f.Config.FluentNetwork, + f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort)) case "unix": - f.conn, err = net.DialTimeout(f.Config.FluentNetwork, f.Config.FluentSocketPath, f.Config.Timeout) + f.conn, err = f.dialer.Dial( + f.Config.FluentNetwork, + f.Config.FluentSocketPath) default: - err = net.UnknownNetworkError(f.Config.FluentNetwork) + err = NewErrUnknownNetwork(f.Config.FluentNetwork) } return err } func (f *Fluent) run() { + drainEvents := false + var emitEventDrainMsg sync.Once for { select { case entry, ok := <-f.pending: @@ -342,11 +398,22 @@ func (f *Fluent) run() { f.wg.Done() return } + if drainEvents { + emitEventDrainMsg.Do(func() { fmt.Fprintf(os.Stderr, "[%s] Discarding queued events...\n", time.Now().Format(time.RFC3339)) }) + continue + } err := f.write(entry) if err != nil { fmt.Fprintf(os.Stderr, "[%s] Unable to send logs to fluentd, reconnecting...\n", time.Now().Format(time.RFC3339)) } } + select { + case stopRunning, ok := <-f.stopRunning: + if stopRunning || !ok { + drainEvents = true + } + default: + } } } @@ -355,48 +422,56 @@ func e(x, y float64) int { } func (f *Fluent) write(msg *msgToSend) error { - + var c net.Conn for i := 0; i < f.Config.MaxRetry; i++ { - + c = f.conn // Connect if needed - f.muconn.Lock() - if f.conn == nil { - err := f.connect() - if err != nil { - f.muconn.Unlock() - waitTime := f.Config.RetryWait * e(defaultReconnectWaitIncreRate, float64(i-1)) - if waitTime > f.Config.MaxRetryWait { - waitTime = f.Config.MaxRetryWait + if c == nil { + f.muconn.Lock() + if f.conn == nil { + err := f.connect() + if err != nil { + f.muconn.Unlock() + + if _, ok := err.(*ErrUnknownNetwork); ok { + // do not retry on unknown network error + break + } + waitTime := f.Config.RetryWait * e(defaultReconnectWaitIncreRate, float64(i-1)) + if waitTime > f.Config.MaxRetryWait { + waitTime = f.Config.MaxRetryWait + } + time.Sleep(time.Duration(waitTime) * time.Millisecond) + continue } - time.Sleep(time.Duration(waitTime) * time.Millisecond) - continue } + c = f.conn + f.muconn.Unlock() } - f.muconn.Unlock() // We're connected, write msg t := f.Config.WriteTimeout if time.Duration(0) < t { - f.conn.SetWriteDeadline(time.Now().Add(t)) + c.SetWriteDeadline(time.Now().Add(t)) } else { - f.conn.SetWriteDeadline(time.Time{}) + c.SetWriteDeadline(time.Time{}) } - _, err := f.conn.Write(msg.data) + _, err := c.Write(msg.data) if err != nil { - f.close() + f.close(c) } else { // Acknowledgment check if msg.ack != "" { resp := &AckResp{} if f.Config.MarshalAsJSON { - dec := json.NewDecoder(f.conn) + dec := json.NewDecoder(c) err = dec.Decode(resp) } else { - r := msgp.NewReader(f.conn) + r := msgp.NewReader(c) err = resp.DecodeMsg(r) } if err != nil || resp.Ack != msg.ack { - f.close() + f.close(c) continue } } diff --git a/vendor/github.com/fluent/fluent-logger-golang/fluent/proto.go b/vendor/github.com/fluent/fluent-logger-golang/fluent/proto.go index 76fc860ee357d..95faa9624a77f 100644 --- a/vendor/github.com/fluent/fluent-logger-golang/fluent/proto.go +++ b/vendor/github.com/fluent/fluent-logger-golang/fluent/proto.go @@ -3,6 +3,7 @@ package fluent import ( + "fmt" "time" "github.com/tinylib/msgp/msgp" @@ -93,8 +94,19 @@ func (t *EventTime) MarshalBinaryTo(b []byte) error { return nil } -// UnmarshalBinary is not implemented since decoding messages is not supported -// by this library. +// Although decoding messages is not officially supported by this library, +// UnmarshalBinary is implemented for testing and general completeness. func (t *EventTime) UnmarshalBinary(b []byte) error { + if len(b) != length { + return fmt.Errorf("Invalid EventTime byte length: %d", len(b)) + } + + sec := (int32(b[0]) << 24) | (int32(b[1]) << 16) + sec = sec | (int32(b[2]) << 8) | int32(b[3]) + + nsec := (int32(b[4]) << 24) | (int32(b[5]) << 16) + nsec = nsec | (int32(b[6]) << 8) | int32(b[7]) + + *t = EventTime(time.Unix(int64(sec), int64(nsec))) return nil } From 81fc02b7e1ce3df73909e3dac7f8cc9f55add1cf Mon Sep 17 00:00:00 2001 From: Albin Kerouanton Date: Mon, 1 Nov 2021 10:29:20 +0100 Subject: [PATCH 175/252] vendor: github.com/fluent/fluent-logger-golang v1.8.0 Updates the fluent logger library to v1.8.0. Following PRs/commits were merged since last bump: * [Add callback for error handling when using async](https://github.com/fluent/fluent-logger-golang/pull/97) * [Fix panic when accessing unexported struct field](https://github.com/fluent/fluent-logger-golang/pull/99) * [Properly stop logger during (re)connect failure](https://github.com/fluent/fluent-logger-golang/pull/82) * [Support a TLS-enabled connection](https://github.com/fluent/fluent-logger-golang/commit/e5d6aa13b74ca74e01d37caa7230cfc2bc204b1f) See https://github.com/fluent/fluent-logger-golang/compare/v1.6.1..v1.8.0 Signed-off-by: Albin Kerouanton (cherry picked from commit e24d61b7efac787ff3d5176d994608937a057522) Signed-off-by: Wesley --- vendor.conf | 2 +- .../fluent/fluent-logger-golang/README.md | 36 +- .../fluent-logger-golang/fluent/fluent.go | 363 ++++++++++++------ 3 files changed, 283 insertions(+), 118 deletions(-) diff --git a/vendor.conf b/vendor.conf index 7df83121523ef..503c9d229d7a7 100644 --- a/vendor.conf +++ b/vendor.conf @@ -106,7 +106,7 @@ github.com/godbus/dbus/v5 37bf87eef99d69c4f1d3528bd66e github.com/Graylog2/go-gelf 1550ee647df0510058c9d67a45c56f18911d80b8 # v2 branch # fluent-logger-golang deps -github.com/fluent/fluent-logger-golang b9b7fb02ccfee8ba4e69aa87386820c2bf24fd11 # v1.6.1 +github.com/fluent/fluent-logger-golang 0b652e850a9140d0b1db6390d8925d0601e952db # v1.8.0 github.com/philhofer/fwd bb6d471dc95d4fe11e432687f8b70ff496cf3136 # v1.0.0 github.com/tinylib/msgp af6442a0fcf6e2a1b824f70dd0c734f01e817751 # v1.1.0 diff --git a/vendor/github.com/fluent/fluent-logger-golang/README.md b/vendor/github.com/fluent/fluent-logger-golang/README.md index 5ef54450d8166..554619a31cd0e 100644 --- a/vendor/github.com/fluent/fluent-logger-golang/README.md +++ b/vendor/github.com/fluent/fluent-logger-golang/README.md @@ -1,7 +1,7 @@ fluent-logger-golang ==== -[![Build Status](https://travis-ci.org/fluent/fluent-logger-golang.png?branch=master)](https://travis-ci.org/fluent/fluent-logger-golang) +[![Build Status](https://github.com/fluent/fluent-logger-golang/actions/workflows/ci.yaml/badge.svg?branch=master)](https://github.com/fluent/fluent-logger-golang/actions) [![GoDoc](https://godoc.org/github.com/fluent/fluent-logger-golang/fluent?status.svg)](https://godoc.org/github.com/fluent/fluent-logger-golang/fluent) ## A structured event logger for Fluentd (Golang) @@ -60,7 +60,12 @@ f := fluent.New(fluent.Config{FluentPort: 80, FluentHost: "example.com"}) ### FluentNetwork -Specify the network protocol, as "tcp" (use `FluentHost` and `FluentPort`) or "unix" (use `FluentSocketPath`). +Specify the network protocol. The supported values are: + + * "tcp" (use `FluentHost` and `FluentPort`) + * "tls" (use`FluentHost` and `FluentPort`) + * "unix" (use `FluentSocketPath`) + The default is "tcp". ### FluentHost @@ -121,6 +126,12 @@ The default is false. When Async is enabled, immediately discard the event queue on close() and return (instead of trying MaxRetry times for each event in the queue before returning) The default is false. +### AsyncResultCallback + +When Async is enabled, if this is callback is provided, it will be called on every write to Fluentd. The callback function +takes two arguments - a `[]byte` of the message that was to be sent and an `error`. If the `error` is not nil this means the +delivery of the message was unsuccessful. + ### SubSecondPrecision Enable time encoding as EventTime, which contains sub-second precision values. The messages encoded with this option can be received only by Fluentd v0.14 or later. @@ -136,6 +147,10 @@ The default is false. Sets whether to request acknowledgment from Fluentd to increase the reliability of the connection. The default is false. +### TlsInsecureSkipVerify + +Skip verifying the server certificate. Useful for development and testing. The default is false. + ## FAQ ### Does this logger support the features of Fluentd Forward Protocol v1? @@ -144,7 +159,24 @@ of the connection. The default is false. This logger doesn't support those features. Patches are welcome! +### Is it allowed to call `Fluent.Post()` after connection close? + +Before v1.8.0, the Fluent logger silently reopened connections whenever +`Fluent.Post()` was called. + +```go +logger, _ := fluent.New(fluent.Config{}) +logger.Post(tag, data) +logger.Close() +logger.Post(tag, data) /* reopen connection */ +``` + +However, this behavior was confusing, in particular when multiple goroutines +were involved. Starting v1.8.0, the logger no longer accepts `Fluent.Post()` +after `Fluent.Close()`, and instead returns a "Logger already closed" error. + ## Tests ``` + go test ``` diff --git a/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go b/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go index 9d5d8af4d27e5..c2e1b25955586 100644 --- a/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go +++ b/vendor/github.com/fluent/fluent-logger-golang/fluent/fluent.go @@ -1,10 +1,13 @@ package fluent import ( + "context" + "crypto/tls" "encoding/json" "errors" "fmt" "math" + "math/rand" "net" "os" "reflect" @@ -15,7 +18,6 @@ import ( "bytes" "encoding/base64" "encoding/binary" - "math/rand" "github.com/tinylib/msgp/msgp" ) @@ -35,22 +37,30 @@ const ( // Default sub-second precision value to false since it is only compatible // with fluentd versions v0.14 and above. defaultSubSecondPrecision = false + + // Default value whether to skip checking insecure certs on TLS connections. + defaultTlsInsecureSkipVerify = false ) +// randomGenerator is used by getUniqueId to generate ack hashes. Its value is replaced +// during tests with a deterministic function. +var randomGenerator = rand.Uint64 + type Config struct { - FluentPort int `json:"fluent_port"` - FluentHost string `json:"fluent_host"` - FluentNetwork string `json:"fluent_network"` - FluentSocketPath string `json:"fluent_socket_path"` - Timeout time.Duration `json:"timeout"` - WriteTimeout time.Duration `json:"write_timeout"` - BufferLimit int `json:"buffer_limit"` - RetryWait int `json:"retry_wait"` - MaxRetry int `json:"max_retry"` - MaxRetryWait int `json:"max_retry_wait"` - TagPrefix string `json:"tag_prefix"` - Async bool `json:"async"` - ForceStopAsyncSend bool `json:"force_stop_async_send"` + FluentPort int `json:"fluent_port"` + FluentHost string `json:"fluent_host"` + FluentNetwork string `json:"fluent_network"` + FluentSocketPath string `json:"fluent_socket_path"` + Timeout time.Duration `json:"timeout"` + WriteTimeout time.Duration `json:"write_timeout"` + BufferLimit int `json:"buffer_limit"` + RetryWait int `json:"retry_wait"` + MaxRetry int `json:"max_retry"` + MaxRetryWait int `json:"max_retry_wait"` + TagPrefix string `json:"tag_prefix"` + Async bool `json:"async"` + ForceStopAsyncSend bool `json:"force_stop_async_send"` + AsyncResultCallback func(data []byte, err error) // Deprecated: Use Async instead AsyncConnect bool `json:"async_connect"` MarshalAsJSON bool `json:"marshal_as_json"` @@ -63,6 +73,9 @@ type Config struct { // respond with an acknowledgement. This option improves the reliability // of the message transmission. RequestAck bool `json:"request_ack"` + + // Flag to skip verifying insecure certs on TLS connections + TlsInsecureSkipVerify bool `json: "tls_insecure_skip_verify"` } type ErrUnknownNetwork struct { @@ -85,17 +98,24 @@ type msgToSend struct { type Fluent struct { Config - dialer dialer - stopRunning chan bool - pending chan *msgToSend - pendingMutex sync.RWMutex - chanClosed bool - wg sync.WaitGroup - - muconn sync.Mutex + dialer dialer + // stopRunning is used in async mode to signal to run() it should abort. + stopRunning chan struct{} + // cancelDialings is used by Close() to stop any in-progress dialing. + cancelDialings context.CancelFunc + pending chan *msgToSend + pendingMutex sync.RWMutex + closed bool + wg sync.WaitGroup + + muconn sync.RWMutex conn net.Conn } +type dialer interface { + DialContext(ctx context.Context, network, address string) (net.Conn, error) +} + // New creates a new Logger. func New(config Config) (*Fluent, error) { if config.Timeout == 0 { @@ -106,10 +126,6 @@ func New(config Config) (*Fluent, error) { }) } -type dialer interface { - Dial(string, string) (net.Conn, error) -} - func newWithDialer(config Config, d dialer) (f *Fluent, err error) { if config.FluentNetwork == "" { config.FluentNetwork = defaultNetwork @@ -138,27 +154,36 @@ func newWithDialer(config Config, d dialer) (f *Fluent, err error) { if config.MaxRetryWait == 0 { config.MaxRetryWait = defaultMaxRetryWait } + if !config.TlsInsecureSkipVerify { + config.TlsInsecureSkipVerify = defaultTlsInsecureSkipVerify + } if config.AsyncConnect { fmt.Fprintf(os.Stderr, "fluent#New: AsyncConnect is now deprecated, please use Async instead") config.Async = config.Async || config.AsyncConnect } if config.Async { + ctx, cancel := context.WithCancel(context.Background()) + f = &Fluent{ - Config: config, - dialer: d, - pending: make(chan *msgToSend, config.BufferLimit), - pendingMutex: sync.RWMutex{}, - stopRunning: make(chan bool, 1), + Config: config, + dialer: d, + stopRunning: make(chan struct{}), + cancelDialings: cancel, + pending: make(chan *msgToSend, config.BufferLimit), + pendingMutex: sync.RWMutex{}, + muconn: sync.RWMutex{}, } + f.wg.Add(1) - go f.run() + go f.run(ctx) } else { f = &Fluent{ Config: config, dialer: d, + muconn: sync.RWMutex{}, } - err = f.connect() + err = f.connect(context.Background()) } return } @@ -211,13 +236,18 @@ func (f *Fluent) PostWithTime(tag string, tm time.Time, message interface{}) err fields := msgtype.NumField() for i := 0; i < fields; i++ { field := msgtype.Field(i) + value := msg.FieldByIndex(field.Index) + // ignore unexported fields + if !value.CanInterface() { + continue + } name := field.Name if n1 := field.Tag.Get("msg"); n1 != "" { name = n1 } else if n2 := field.Tag.Get("codec"); n2 != "" { name = n2 } - kv[name] = msg.FieldByIndex(field.Index).Interface() + kv[name] = value.Interface() } return f.EncodeAndPostData(tag, tm, kv) } @@ -254,8 +284,12 @@ func (f *Fluent) postRawData(msg *msgToSend) error { if f.Config.Async { return f.appendBuffer(msg) } + // Synchronous write - return f.write(msg) + if f.closed { + return fmt.Errorf("fluent#postRawData: Logger already closed") + } + return f.writeWithRetry(context.Background(), msg) } // For sending forward protocol adopted JSON @@ -289,7 +323,7 @@ func getUniqueID(timeUnix int64) (string, error) { enc.Close() return "", err } - if err := binary.Write(enc, binary.LittleEndian, rand.Uint64()); err != nil { + if err := binary.Write(enc, binary.LittleEndian, randomGenerator()); err != nil { enc.Close() return "", err } @@ -325,32 +359,53 @@ func (f *Fluent) EncodeData(tag string, tm time.Time, message interface{}) (msg return } -// Close closes the connection, waiting for pending logs to be sent +// Close closes the connection, waiting for pending logs to be sent. If the client is +// running in async mode, the run() goroutine exits before Close() returns. func (f *Fluent) Close() (err error) { - defer f.close(f.conn) if f.Config.Async { f.pendingMutex.Lock() - if f.chanClosed { + if f.closed { f.pendingMutex.Unlock() return nil } - f.chanClosed = true + f.closed = true f.pendingMutex.Unlock() + if f.Config.ForceStopAsyncSend { - f.stopRunning <- true close(f.stopRunning) + f.cancelDialings() } + close(f.pending) + // If ForceStopAsyncSend is false, all logs in the channel have to be sent + // before closing the connection. At this point closed is true so no more + // logs are written to the channel and f.pending has been closed, so run() + // goroutine will exit as soon as all logs in the channel are sent. + if !f.Config.ForceStopAsyncSend { + f.wg.Wait() + } + } + + f.muconn.Lock() + f.close() + f.closed = true + f.muconn.Unlock() + + // If ForceStopAsyncSend is true, we shall close the connection before waiting for + // run() goroutine to exit to be sure we aren't waiting on ack message that might + // never come (eg. because fluentd server is down). However we want to be sure the + // run() goroutine stops before returning from Close(). + if f.Config.ForceStopAsyncSend { f.wg.Wait() } - return nil + return } // appendBuffer appends data to buffer with lock. func (f *Fluent) appendBuffer(msg *msgToSend) error { f.pendingMutex.RLock() defer f.pendingMutex.RUnlock() - if f.chanClosed { + if f.closed { return fmt.Errorf("fluent#appendBuffer: Logger already closed") } select { @@ -361,58 +416,114 @@ func (f *Fluent) appendBuffer(msg *msgToSend) error { return nil } -// close closes the connection. -func (f *Fluent) close(c net.Conn) { - f.muconn.Lock() - if f.conn != nil && f.conn == c { +// close closes the connection. Callers should take care of locking muconn first. +func (f *Fluent) close() { + if f.conn != nil { f.conn.Close() f.conn = nil } - f.muconn.Unlock() } -// connect establishes a new connection using the specified transport. -func (f *Fluent) connect() (err error) { +// connect establishes a new connection using the specified transport. Caller should +// take care of locking muconn first. +func (f *Fluent) connect(ctx context.Context) (err error) { switch f.Config.FluentNetwork { case "tcp": - f.conn, err = f.dialer.Dial( + f.conn, err = f.dialer.DialContext(ctx, f.Config.FluentNetwork, f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort)) + case "tls": + tlsConfig := &tls.Config{InsecureSkipVerify: f.Config.TlsInsecureSkipVerify} + f.conn, err = tls.DialWithDialer( + &net.Dialer{Timeout: f.Config.Timeout}, + "tcp", + f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort), tlsConfig, + ) case "unix": - f.conn, err = f.dialer.Dial( + f.conn, err = f.dialer.DialContext(ctx, f.Config.FluentNetwork, f.Config.FluentSocketPath) default: err = NewErrUnknownNetwork(f.Config.FluentNetwork) } + return err } -func (f *Fluent) run() { - drainEvents := false - var emitEventDrainMsg sync.Once +var errIsClosing = errors.New("fluent logger is closing") + +// Caller should take care of locking muconn first. +func (f *Fluent) connectWithRetry(ctx context.Context) error { + // A Time channel is used instead of time.Sleep() to avoid blocking this + // goroutine during way too much time (because of the exponential back-off + // retry). + // time.NewTimer() is used instead of time.After() to avoid leaking the + // timer channel (cf. https://pkg.go.dev/time#After). + timeout := time.NewTimer(time.Duration(0)) + defer func() { + // timeout.Stop() is called in a function literal instead of being + // defered directly as it's re-assigned below when the retry loop spins. + timeout.Stop() + }() + + for i := 0; i < f.Config.MaxRetry; i++ { + select { + case <-timeout.C: + err := f.connect(ctx) + if err == nil { + return nil + } + + if _, ok := err.(*ErrUnknownNetwork); ok { + return err + } + if err == context.Canceled { + return errIsClosing + } + + waitTime := f.Config.RetryWait * e(defaultReconnectWaitIncreRate, float64(i-1)) + if waitTime > f.Config.MaxRetryWait { + waitTime = f.Config.MaxRetryWait + } + + timeout = time.NewTimer(time.Duration(waitTime) * time.Millisecond) + case <-ctx.Done(): + return errIsClosing + } + } + + return fmt.Errorf("could not connect to fluentd after %d retries", f.Config.MaxRetry) +} + +// run is the goroutine used to unqueue and write logs in async mode. That +// goroutine is meant to run during the whole life of the Fluent logger. +func (f *Fluent) run(ctx context.Context) { for { select { case entry, ok := <-f.pending: + // f.stopRunning is closed before f.pending only when ForceStopAsyncSend + // is enabled. Otherwise, f.pending is closed when Close() is called. if !ok { f.wg.Done() return } - if drainEvents { - emitEventDrainMsg.Do(func() { fmt.Fprintf(os.Stderr, "[%s] Discarding queued events...\n", time.Now().Format(time.RFC3339)) }) - continue - } - err := f.write(entry) - if err != nil { + + err := f.writeWithRetry(ctx, entry) + if err != nil && err != errIsClosing { fmt.Fprintf(os.Stderr, "[%s] Unable to send logs to fluentd, reconnecting...\n", time.Now().Format(time.RFC3339)) } - } - select { - case stopRunning, ok := <-f.stopRunning: - if stopRunning || !ok { - drainEvents = true + if f.AsyncResultCallback != nil { + var data []byte + if entry != nil { + data = entry.data + } + f.AsyncResultCallback(data, err) } - default: + case <-f.stopRunning: + fmt.Fprintf(os.Stderr, "[%s] Discarding queued events...\n", time.Now().Format(time.RFC3339)) + + f.wg.Done() + return } } } @@ -421,63 +532,85 @@ func e(x, y float64) int { return int(math.Pow(x, y)) } -func (f *Fluent) write(msg *msgToSend) error { - var c net.Conn +func (f *Fluent) writeWithRetry(ctx context.Context, msg *msgToSend) error { for i := 0; i < f.Config.MaxRetry; i++ { - c = f.conn - // Connect if needed - if c == nil { - f.muconn.Lock() - if f.conn == nil { - err := f.connect() - if err != nil { - f.muconn.Unlock() - - if _, ok := err.(*ErrUnknownNetwork); ok { - // do not retry on unknown network error - break - } - waitTime := f.Config.RetryWait * e(defaultReconnectWaitIncreRate, float64(i-1)) - if waitTime > f.Config.MaxRetryWait { - waitTime = f.Config.MaxRetryWait - } - time.Sleep(time.Duration(waitTime) * time.Millisecond) - continue - } - } - c = f.conn - f.muconn.Unlock() + if retry, err := f.write(ctx, msg); !retry { + return err + } + } + + return fmt.Errorf("fluent#write: failed to write after %d attempts", f.Config.MaxRetry) +} + +// write writes the provided msg to fluentd server. Its first return values is +// a bool indicating whether the write should be retried. +// This method relies on function literals to execute muconn.Unlock or +// muconn.RUnlock in deferred calls to ensure the mutex is unlocked even in +// the case of panic recovering. +func (f *Fluent) write(ctx context.Context, msg *msgToSend) (bool, error) { + closer := func() { + f.muconn.Lock() + defer f.muconn.Unlock() + + f.close() + } + + if err := func() (err error) { + f.muconn.Lock() + defer f.muconn.Unlock() + + if f.conn == nil { + err = f.connectWithRetry(ctx) + } + + return err + }(); err != nil { + // Here, we don't want to retry the write since connectWithRetry already + // retries Config.MaxRetry times to connect. + return false, fmt.Errorf("fluent#write: %v", err) + } + + if err := func() (err error) { + f.muconn.RLock() + defer f.muconn.RUnlock() + + if f.conn == nil { + return fmt.Errorf("connection has been closed before writing to it") } - // We're connected, write msg t := f.Config.WriteTimeout if time.Duration(0) < t { - c.SetWriteDeadline(time.Now().Add(t)) + f.conn.SetWriteDeadline(time.Now().Add(t)) } else { - c.SetWriteDeadline(time.Time{}) + f.conn.SetWriteDeadline(time.Time{}) } - _, err := c.Write(msg.data) - if err != nil { - f.close(c) + + _, err = f.conn.Write(msg.data) + return err + }(); err != nil { + closer() + return true, fmt.Errorf("fluent#write: %v", err) + } + + // Acknowledgment check + if msg.ack != "" { + resp := &AckResp{} + var err error + if f.Config.MarshalAsJSON { + dec := json.NewDecoder(f.conn) + err = dec.Decode(resp) } else { - // Acknowledgment check - if msg.ack != "" { - resp := &AckResp{} - if f.Config.MarshalAsJSON { - dec := json.NewDecoder(c) - err = dec.Decode(resp) - } else { - r := msgp.NewReader(c) - err = resp.DecodeMsg(r) - } - if err != nil || resp.Ack != msg.ack { - f.close(c) - continue - } - } - return err + r := msgp.NewReader(f.conn) + err = resp.DecodeMsg(r) + } + + if err != nil || resp.Ack != msg.ack { + fmt.Fprintf(os.Stderr, "fluent#write: message ack (%s) doesn't match expected one (%s). Closing connection...", resp.Ack, msg.ack) + + closer() + return true, err } } - return fmt.Errorf("fluent#write: failed to reconnect, max retry: %v", f.Config.MaxRetry) + return false, nil } From f9df098e7684fb42287860377dcd6931cca62a73 Mon Sep 17 00:00:00 2001 From: Albin Kerouanton Date: Mon, 1 Nov 2021 10:44:07 +0100 Subject: [PATCH 176/252] fluentd: Turn ForceStopAsyncSend true when async connect is used The flag ForceStopAsyncSend was added to fluent logger lib in v1.5.0 (at this time named AsyncStop) to tell fluentd to abort sending logs asynchronously as soon as possible, when its Close() method is called. However this flag was broken because of the way the lib was handling it (basically, the lib could be stucked in retry-connect loop without checking this flag). Since fluent logger lib v1.7.0, calling Close() (when ForceStopAsyncSend is true) will really stop all ongoing send/connect procedure, wherever it's stucked. Signed-off-by: Albin Kerouanton (cherry picked from commit bd61629b6b009b5fa50e31c180e86cede86ce9de) Signed-off-by: Wesley --- daemon/logger/fluentd/fluentd.go | 1 + 1 file changed, 1 insertion(+) diff --git a/daemon/logger/fluentd/fluentd.go b/daemon/logger/fluentd/fluentd.go index 829b606c9f3f8..997c01c65257e 100644 --- a/daemon/logger/fluentd/fluentd.go +++ b/daemon/logger/fluentd/fluentd.go @@ -242,6 +242,7 @@ func parseConfig(cfg map[string]string) (fluent.Config, error) { AsyncConnect: asyncConnect, SubSecondPrecision: subSecondPrecision, RequestAck: requestAck, + ForceStopAsyncSend: async || asyncConnect, } return config, nil From aa92e697cb4d43aa17944934b31579e440224bfb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 16:44:11 +0100 Subject: [PATCH 177/252] [20.10] update Go to 1.16.13 go1.16.13 (released 2022-01-06) includes fixes to the compiler, linker, runtime, and the net/http package. See the Go 1.16.13 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.13+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 839d437552cfd..e8a3dc24a06b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 9a00d8c09fb7c..7ed2b98764473 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index fa1f78899e5ba..c948e76fcdfe9 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 00de2b0941d8e..29d91282966da 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.12 +ARG GO_VERSION=1.16.13 ARG GOTESTSUM_COMMIT=v0.5.3 # Environment variable notes: From 13de46fd4b41edeb447d2d8b6b63dbef0bd257a4 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:12:45 +0100 Subject: [PATCH 178/252] Revert "[20.10] update containerd binary to v1.4.12" This reverts commit d47de2a4c7f9638ab4db17ad8c4d149e771954b9. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index e6f5b238dd3f9..92547b6d9b9f3 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=7b11cfaabd73bb80907dd23182b9347b4245eb5d}" # v1.4.12 +: "${CONTAINERD_COMMIT:=5b46e404f6b9f661a205e28d59c982d3634148f8}" # v1.4.11 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 79fd9c15414e40c793976eb5c2a7f81b69e85bcb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:12:59 +0100 Subject: [PATCH 179/252] Revert "[20.10] update containerd binary to v1.4.11" This reverts commit 129a2000cf752e0afbe935d9e258f916becf8367. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 92547b6d9b9f3..ad774c2e1756e 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=5b46e404f6b9f661a205e28d59c982d3634148f8}" # v1.4.11 +: "${CONTAINERD_COMMIT:=8848fdb7c4ae3815afcc990a8a99d663dda1b590}" # v1.4.10 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 4e838e50eaa6ad6bfa7103a91e338d3b16891827 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:13:10 +0100 Subject: [PATCH 180/252] Revert "[20.10] update containerd binary to v1.4.10" This reverts commit 6835d15f5523063f0a04a86d4810a637c6010d62. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index ad774c2e1756e..47fbf06d1d428 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=8848fdb7c4ae3815afcc990a8a99d663dda1b590}" # v1.4.10 +: "${CONTAINERD_COMMIT:=e25210fe30a0a703442421b0f60afac609f950a3}" # v1.4.9 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From eb2acf2fb32cd6898e49a659bd13288f65c9a1e9 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:13:21 +0100 Subject: [PATCH 181/252] Revert "[20.10] update containerd binary to v1.4.9" This reverts commit e8fb8f7acd461db932bce5d7752c33fc9d75020d. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 47fbf06d1d428..803a22b7f108d 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=e25210fe30a0a703442421b0f60afac609f950a3}" # v1.4.9 +: "${CONTAINERD_COMMIT:=7eba5930496d9bbe375fdf71603e610ad737d2b2}" # v1.4.8 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 9e36f775772fabf3ac51c7207ae98572bf7f8f53 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:13:32 +0100 Subject: [PATCH 182/252] Revert "[20.10] update containerd binary v1.4.8" This reverts commit 067918a8c3018580c86e6c6e6326f68add162876. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 803a22b7f108d..95c1822f693b7 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=7eba5930496d9bbe375fdf71603e610ad737d2b2}" # v1.4.8 +: "${CONTAINERD_COMMIT:=3194fb46e8311ae0eeae5a7a5843573adfebb16d}" # v1.4.7 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From de656f9da45fdb10d3a273aa99a87d921a4eea88 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:13:42 +0100 Subject: [PATCH 183/252] Revert "[20.10] update containerd binary to v1.4.7" This reverts commit 793340a33a33088f9d5f76031a59062e7e290eba. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 95c1822f693b7..d68e9bd948f3e 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=3194fb46e8311ae0eeae5a7a5843573adfebb16d}" # v1.4.7 +: "${CONTAINERD_COMMIT:=d71fcd7d8303cbf684402823e425e9dd2e99285d}" # v1.4.6 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From b097d29705fcbbf27f8dffa2a6e1e70662835e48 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:13:52 +0100 Subject: [PATCH 184/252] Revert "[20.10] update containerd binary to v1.4.6" This reverts commit 56541eca9a9ec79fefb750605285d3d88899fb00. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index d68e9bd948f3e..c323cdf421c64 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=d71fcd7d8303cbf684402823e425e9dd2e99285d}" # v1.4.6 +: "${CONTAINERD_COMMIT:=8263eb3eaee447b16856eeb8839d5df4c9cca71a}" # v1.4.5 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 1dd37750a6699b26c57484fe992b28510ffd4d47 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 13 Jan 2022 11:14:00 +0100 Subject: [PATCH 185/252] Revert "[20.10] update containerd binary to v1.4.5" This reverts commit 01f734cb4f432760fc94a0fb6f64207628ca0662. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index c323cdf421c64..e7c6488096da2 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=8263eb3eaee447b16856eeb8839d5df4c9cca71a}" # v1.4.5 +: "${CONTAINERD_COMMIT:=05f951a3781f4f2c1911b05e61c160e9c30eaa8e}" # v1.4.4 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From f036a34c5b8f0f206491f811ef6872e824e0bdeb Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 15 Mar 2021 20:58:21 +0100 Subject: [PATCH 186/252] update containerd binary to v1.5.0 Welcome to the v1.5.0 release of containerd! The sixth major release of containerd includes many stability improvements and code organization changes to make contribution easier and make future features cleaner to develop. This includes bringing CRI development into the main containerd repository and switching to Go modules. This release also brings support for the Node Resource Interface (NRI). Highlights -------------------------------------------------------------------------------- *Project Organization* - Merge containerd/cri codebase into containerd/containerd - Move to Go modules - Remove selinux build tag - Add json log format output option for daemon log *Snapshots* - Add configurable overlayfs path - Separate overlay implementation from plugin - Native snapshotter configuration and plugin separation - Devmapper snapshotter configuration and plugin separation - AUFS snapshotter configuration and plugin separation - ZFS snapshotter configuration and plugin separation - Pass custom snapshot labels when creating snapshot - Add platform check for snapshotter support when unpacking - Handle loopback mounts - Support userxattr mount option for overlay in user namespace - ZFS snapshotter implementation of usage *Distribution* - Improve registry response errors - Improve image pull performance over HTTP 1.1 - Registry configuration package - Add support for layers compressed with zstd - Allow arm64 to fallback to arm (v8, v7, v6, v5) *Runtime* - Add annotations to containerd task update API - Add logging binary support when terminal is true - Runtime support on FreeBSD *Windows* - Implement windowsDiff.Compare to allow outputting OCI images - Optimize WCOW snapshotter to commit writable layers as read-only parent layers - Optimize LCOW snapshotter use of scratch layers *CRI* - Add NRI injection points cri#1552 - Add support for registry host directory configuration - Update privileged containers to use current capabilities instead of known capabilities - Add pod annotations to CNI call - Enable ocicrypt by default - Support PID NamespaceMode_TARGET Impactful Client Updates -------------------------------------------------------------------------------- This release has changes which may affect projects which import containerd. *Switch to Go modules* containerd and all containerd sub-repositories are now using Go modules. This should help make importing easier for handling transitive dependencies. As of this release, containerd still does not guarantee client library compatibility for 1.x versions, although best effort is made to minimize impact from changes to exported Go packages. *CRI plugin moved to main repository* With the CRI plugin moving into the main repository, imports under github.com/containerd/cri/ can now be found github.com/containerd/containerd/pkg/cri/. There are no changes required for end users of CRI. *Library changes* oci The WithAllCapabilities has been removed and replaced with WithAllCurrentCapabilities and WithAllKnownCapabilities. WithAllKnownCapabilities has similar functionality to the previous WithAllCapabilities with added support for newer capabilities. WithAllCurrentCapabilities can be used to give privileged containers the same set of permissions as the calling process, preventing errors when privileged containers attempt to get more permissions than given to the caller. *Configuration changes* New registry.config_path for CRI plugin registry.config_path specifies a directory to look for registry hosts configuration. When resolving an image name during pull operations, the CRI plugin will look in the // directory for host configuration. An optional hosts.toml file in that directory may be used to configure which hosts will be used for the pull operation as well host-specific configurations. Updates under that directory do not require restarting the containerd daemon. Enable registry.config_path in the containerd configuration file. [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" Configure registry hosts, such as /etc/containerd/certs.d/docker.io/hosts.toml for any image under the docker.io namespace (any image on Docker Hub). server = "https://registry-1.docker.io" [host."https://public-mirror.example.com"] capabilities = ["pull"] [host."https://docker-mirror.internal"] capabilities = ["pull", "resolve"] ca = "docker-mirror.crt" If no hosts.toml configuration exists in the host directory, it will fallback to check certificate files based on Docker's certificate file pattern (".crt" files for CA certificates and ".cert"/".key" files for client certificates). *Deprecation of registry.mirrors and registry.configs in CRI plugin* Mirroring and TLS can now be configured using the new registry.config_path option. Existing configurations may be migrated to new host directory configuration. These fields are only deprecated with no planned removal, however, these configurations cannot be used while registry.config_path is defined. *Version 1 schema is deprecated* Version 2 of the containerd configuration toml is recommended format and the default. Starting this version, a deprecation warning will be logged when version 1 is used. To check version, see the version value in the containerd toml configuration. version=2 FreeBSD Runtime Support (Experimental) -------------------------------------------------------------------------------- This release includes changes that allow containerd to run on FreeBSD with a compatible runtime, such as runj. This support should be considered experimental and currently there are no official binary releases for FreeBSD. The runtimes used by containerd are maintained separately and have their own stability guarantees. The containerd project strives to be compatible with any runtime which aims to implement containerd's shim API and OCI runtime specification. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 9b2f55bc1ca1544e407082bbfc626c4bf1745d7c) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index e7c6488096da2..a00e8162cbedf 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=05f951a3781f4f2c1911b05e61c160e9c30eaa8e}" # v1.4.4 +: "${CONTAINERD_COMMIT:=8c906ff108ac28da23f69cc7b74f8e7a470d1df0}" # v1.5.0 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 23f23c99edf0c2a0771c53c04237ce089871881d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 17 May 2021 15:03:10 +0200 Subject: [PATCH 187/252] update containerd binary to v1.5.1 full diff: https://github.com/containerd/containerd/compare/v1.5.0...v1.5.1 Notable Updates - Update runc to rc94 - Fix registry mirror authorization logic in CRI plugin - Fix regression in cri-cni-release to include cri tools Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 22c0291333281e2b5d3f39b3c7bf5a31db829522) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index a00e8162cbedf..59f573fb62595 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=8c906ff108ac28da23f69cc7b74f8e7a470d1df0}" # v1.5.0 +: "${CONTAINERD_COMMIT:=12dca9790f4cb6b18a6a7a027ce420145cb98ee7}" # v1.5.1 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 5f09d5c76a8c07f95cfba64ae39ba09058f67b26 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 19 May 2021 20:41:16 +0200 Subject: [PATCH 188/252] update containerd binary to v1.5.2 full diff: https://github.com/containerd/containerd/compare/v1.5.1...v1.5.2 The second patch release for containerd 1.5 is a security release to update runc for CVE-2021-30465 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8e3186fc8f05569200129ee5fd055eb6f25bba20) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 59f573fb62595..55c81ce54081a 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=12dca9790f4cb6b18a6a7a027ce420145cb98ee7}" # v1.5.1 +: "${CONTAINERD_COMMIT:=36cc874494a56a253cd181a1a685b44b58a2e34a}" # v1.5.2 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 1cd13dcb6c8c962a7c144d877cdb63f32cec5582 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 13 Jul 2021 23:17:29 +0200 Subject: [PATCH 189/252] Update containerd binary to v1.5.3 full diff: https://github.com/containerd/containerd/compare/v1.5.2...v1.5.3 Welcome to the v1.5.3 release of containerd! The third patch release for containerd 1.5 updates runc to 1.0.0 and contains various other fixes. Notable Updates - Update runc binary to 1.0.0 - Send pod UID to CNI plugins as K8S_POD_UID - Fix invalid validation error checking - Fix error on image pull resume - Fix User Agent sent to registry authentication server - Fix symlink resolution for disk mounts on Windows Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 5ae2af41eebab4e54c730d2b987bd6889dde432c) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 55c81ce54081a..a950e5dc75508 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=36cc874494a56a253cd181a1a685b44b58a2e34a}" # v1.5.2 +: "${CONTAINERD_COMMIT:=0e8719f54c6dc6571fc1170da75a85e86c17636b}" # v1.5.3 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From 302114634c4473ec5f96f93be446bff799bc6695 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 19 Jul 2021 21:10:57 +0200 Subject: [PATCH 190/252] update containerd binary v1.4.8 Update to containerd 1.4.8 to address [CVE-2021-32760][1]. [1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit cf1328cd46987b07285fdb9f60b1b7da631f672d) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index a950e5dc75508..b7dbb5bf72aa2 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=0e8719f54c6dc6571fc1170da75a85e86c17636b}" # v1.5.3 +: "${CONTAINERD_COMMIT:=69107e47a62e1d690afa2b9b1d43f8ece3ff4483}" # v1.5.4 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From fd32c70031996b90ecd153bd8d535840b14c04fc Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 29 Jul 2021 19:53:26 +0200 Subject: [PATCH 191/252] update containerd binary to v1.5.5 Welcome to the v1.5.5 release of containerd! The fifth patch release for containerd 1.5 updates runc to 1.0.1 and contains other minor updates. Notable Updates - Update runc binary to 1.0.1 - Update pull logic to try next mirror on non-404 response - Update pull authorization logic on redirect Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 4a07b89e9a23f61de06a9390e49a3e16283f3672) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index b7dbb5bf72aa2..cf96e6988703c 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -4,7 +4,7 @@ set -e # containerd is also pinned in vendor.conf. When updating the binary # version you may also need to update the vendor version to pick up bug # fixes or new APIs. -: "${CONTAINERD_COMMIT:=69107e47a62e1d690afa2b9b1d43f8ece3ff4483}" # v1.5.4 +: "${CONTAINERD_COMMIT:=72cec4be58a9eb6b2910f5d10f1c01ca47d231c0}" # v1.5.5 install_containerd() ( echo "Install containerd version $CONTAINERD_COMMIT" From fb45fe614dcba60e5d2876c52d3631b4f6a58f81 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Aug 2021 13:19:31 +0200 Subject: [PATCH 192/252] info: remove "expected" check for tini version These checks were added when we required a specific version of containerd and runc (different versions were known to be incompatible). I don't think we had a similar requirement for tini, so this check was redundant. Let's remove the check altogether. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit b585c64e2b01f924fc358fe059871baa469bb460) Signed-off-by: Sebastiaan van Stijn --- daemon/info_unix.go | 30 +++++++++--------------------- dockerversion/version_lib.go | 1 - hack/make/.go-autogen | 1 - 3 files changed, 9 insertions(+), 23 deletions(-) diff --git a/daemon/info_unix.go b/daemon/info_unix.go index 704bd26c674e8..42a81fe8c8725 100644 --- a/daemon/info_unix.go +++ b/daemon/info_unix.go @@ -11,7 +11,6 @@ import ( "github.com/docker/docker/api/types" containertypes "github.com/docker/docker/api/types/container" - "github.com/docker/docker/dockerversion" "github.com/docker/docker/pkg/sysinfo" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -40,55 +39,44 @@ func (daemon *Daemon) fillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo) v.Runtimes = daemon.configStore.GetAllRuntimes() v.DefaultRuntime = daemon.configStore.GetDefaultRuntimeName() v.InitBinary = daemon.configStore.GetInitPath() + v.RuncCommit.ID = "N/A" + v.ContainerdCommit.ID = "N/A" + v.InitCommit.ID = "N/A" defaultRuntimeBinary := daemon.configStore.GetRuntime(v.DefaultRuntime).Path if rv, err := exec.Command(defaultRuntimeBinary, "--version").Output(); err == nil { if _, _, commit, err := parseRuntimeVersion(string(rv)); err != nil { logrus.Warnf("failed to parse %s version: %v", defaultRuntimeBinary, err) - v.RuncCommit.ID = "N/A" } else { v.RuncCommit.ID = commit } } else { logrus.Warnf("failed to retrieve %s version: %v", defaultRuntimeBinary, err) - v.RuncCommit.ID = "N/A" } - // runc is now shipped as a separate package. Set "expected" to same value - // as "ID" to prevent clients from reporting a version-mismatch - v.RuncCommit.Expected = v.RuncCommit.ID - if rv, err := daemon.containerd.Version(context.Background()); err == nil { v.ContainerdCommit.ID = rv.Revision } else { logrus.Warnf("failed to retrieve containerd version: %v", err) - v.ContainerdCommit.ID = "N/A" } - // containerd is now shipped as a separate package. Set "expected" to same - // value as "ID" to prevent clients from reporting a version-mismatch - v.ContainerdCommit.Expected = v.ContainerdCommit.ID - - // TODO is there still a need to check the expected version for tini? - // if not, we can change this, and just set "Expected" to v.InitCommit.ID - v.InitCommit.Expected = dockerversion.InitCommitID - defaultInitBinary := daemon.configStore.GetInitPath() if rv, err := exec.Command(defaultInitBinary, "--version").Output(); err == nil { if _, commit, err := parseInitVersion(string(rv)); err != nil { logrus.Warnf("failed to parse %s version: %s", defaultInitBinary, err) - v.InitCommit.ID = "N/A" } else { v.InitCommit.ID = commit - if len(dockerversion.InitCommitID) > len(commit) { - v.InitCommit.Expected = dockerversion.InitCommitID[0:len(commit)] - } } } else { logrus.Warnf("failed to retrieve %s version: %s", defaultInitBinary, err) - v.InitCommit.ID = "N/A" } + // Set expected and actual commits to the same value to prevent the client + // showing that the version does not match the "expected" version/commit. + v.RuncCommit.Expected = v.RuncCommit.ID + v.ContainerdCommit.Expected = v.ContainerdCommit.ID + v.InitCommit.Expected = v.InitCommit.ID + if v.CgroupDriver == cgroupNoneDriver { if v.CgroupVersion == "2" { v.Warnings = append(v.Warnings, "WARNING: Running in rootless-mode without cgroups. Systemd is required to enable cgroups in rootless-mode.") diff --git a/dockerversion/version_lib.go b/dockerversion/version_lib.go index e383aca843596..a42eafcef8630 100644 --- a/dockerversion/version_lib.go +++ b/dockerversion/version_lib.go @@ -10,7 +10,6 @@ var ( Version = "library-import" BuildTime = "library-import" IAmStatic = "library-import" - InitCommitID = "library-import" PlatformName = "" ProductName = "" DefaultProductLicense = "" diff --git a/hack/make/.go-autogen b/hack/make/.go-autogen index a48b64a20e9ef..5fe33555a5346 100644 --- a/hack/make/.go-autogen +++ b/hack/make/.go-autogen @@ -14,7 +14,6 @@ LDFLAGS="${LDFLAGS} \ -X \"github.com/docker/docker/dockerversion.PlatformName=${PLATFORM}\" \ -X \"github.com/docker/docker/dockerversion.ProductName=${PRODUCT}\" \ -X \"github.com/docker/docker/dockerversion.DefaultProductLicense=${DEFAULT_PRODUCT_LICENSE}\" \ - -X \"github.com/docker/docker/dockerversion.InitCommitID=${TINI_COMMIT}\" \ " # Compile the Windows resources into the sources From 0f925d5d3d60096ecdee0eacb1c4a01823f284b1 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 23 Aug 2021 10:16:11 +0200 Subject: [PATCH 193/252] remove deprecated "nokmem" build-tag for runc This build-tag was removed in https://github.com/opencontainers/runc/commit/52390d68040637dfc77f9fda6bbe70952423d380, which is part of runc v1.0.0-rc94 and up, so no longer relevant. the kmem options are now always disabled in runc. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 3c7c18a4992138ccd6e1d2a63b5ca44327f663bd) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index b7ad9eb502428..d73534846d9c6 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -1,4 +1,5 @@ #!/bin/sh +set -e # When updating RUNC_COMMIT, also update runc in vendor.conf accordingly # The version of runc should match the version that is used by the containerd @@ -7,13 +8,7 @@ : ${RUNC_COMMIT:=52b36a2dd837e8462de8e01458bf02cf9eea47dd} # v1.0.2 install_runc() { - # If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting - if uname -r | grep -q '^3\.10\.0.*\.el7\.'; then - : ${RUNC_NOKMEM='nokmem'} - fi - - # Do not build with ambient capabilities support - RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp $RUNC_NOKMEM"}" + RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}" echo "Install runc version $RUNC_COMMIT (build tags: $RUNC_BUILDTAGS)" git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" From 2a18825cdf8026052ea5629decbd3d8f54193898 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Jul 2021 14:59:05 +0200 Subject: [PATCH 194/252] Dockerfile: remove GOPROXY override (was for go < 1.14) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 3cec4b8cd42179e67dcfdda2adce03516c6a5cd1) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/rootlesskit.installer | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index fe1b8d88dddf4..1d8e7d9ed9087 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -31,11 +31,6 @@ _install_rootlesskit() ( cd "$GOPATH/src/github.com/rootless-containers/rootlesskit" || exit 1 git checkout -q "$ROOTLESSKIT_COMMIT" export GO111MODULE=on - # TODO remove GOPROXY override once we updated to Go 1.14+ - # Using goproxy instead of "direct" to work around an issue in go mod - # on Go 1.13 not working with older git versions (default version on - # CentOS 7 is git 1.8), see https://github.com/golang/go/issues/38373 - export GOPROXY="https://proxy.golang.org" for f in rootlesskit rootlesskit-docker-proxy; do go build $BUILD_MODE -ldflags="$ROOTLESSKIT_LDFLAGS" -o "${PREFIX}/$f" github.com/rootless-containers/rootlesskit/cmd/$f done From b35a1707e35aa8382ab001ea6892e35b9a0349b4 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Jul 2021 14:48:52 +0200 Subject: [PATCH 195/252] Dockerfile: use version for some utilities instead of commit-sha The golangci-lint, gotestsum, shfmt, and vndr utilities should generally be ok to be pinned by version instead of a specific sha. Also rename the corresponding env-vars / build-args accordingly: - GOLANGCI_LINT_COMMIT -> GOLANGCI_LINT_VERSION - GOTESTSUM_COMMIT -> GOTESTSUM_VERSION - SHFMT_COMMIT -> SHFMT_VERSION - VNDR_COMMIT -> VNDR_VERSION - CONTAINERD_COMMIT -> CONTAINERD_VERSION - RUNC_COMMIT -> RUNC_VERSION - ROOTLESS_COMMIT -> ROOTLESS_VERSION Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a7a7c732c0dc02ee5b5515f4ca868ef50cafa4a1) Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 16 ++++++------- Dockerfile.windows | 8 +++---- hack/dockerfile/install/containerd.installer | 23 ++++++++++++++----- .../install/golangci_lint.installer | 4 ++-- hack/dockerfile/install/gotestsum.installer | 4 ++-- hack/dockerfile/install/rootlesskit.installer | 11 +++------ hack/dockerfile/install/runc.installer | 12 ++++++---- hack/dockerfile/install/shfmt.installer | 6 ++--- hack/dockerfile/install/tini.installer | 9 +++++--- hack/dockerfile/install/vndr.installer | 6 ++--- 10 files changed, 56 insertions(+), 43 deletions(-) diff --git a/Dockerfile b/Dockerfile index e8a3dc24a06b0..d6f0af84dd8c3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -159,7 +159,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ PREFIX=/build /tmp/install/install.sh tomlv FROM base AS vndr -ARG VNDR_COMMIT +ARG VNDR_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ @@ -171,7 +171,7 @@ RUN --mount=type=cache,sharing=locked,id=moby-containerd-aptlib,target=/var/lib/ --mount=type=cache,sharing=locked,id=moby-containerd-aptcache,target=/var/cache/apt \ apt-get update && apt-get install -y --no-install-recommends \ libbtrfs-dev -ARG CONTAINERD_COMMIT +ARG CONTAINERD_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ @@ -185,21 +185,21 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ PREFIX=/build /tmp/install/install.sh proxy FROM base AS golangci_lint -ARG GOLANGCI_LINT_COMMIT +ARG GOLANGCI_LINT_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ PREFIX=/build /tmp/install/install.sh golangci_lint FROM base AS gotestsum -ARG GOTESTSUM_COMMIT +ARG GOTESTSUM_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ PREFIX=/build /tmp/install/install.sh gotestsum FROM base AS shfmt -ARG SHFMT_COMMIT +ARG SHFMT_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ @@ -214,7 +214,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ PREFIX=/build /tmp/install/install.sh dockercli FROM runtime-dev AS runc -ARG RUNC_COMMIT +ARG RUNC_VERSION ARG RUNC_BUILDTAGS RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ @@ -223,7 +223,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ FROM dev-base AS tini ARG DEBIAN_FRONTEND -ARG TINI_COMMIT +ARG TINI_VERSION RUN --mount=type=cache,sharing=locked,id=moby-tini-aptlib,target=/var/lib/apt \ --mount=type=cache,sharing=locked,id=moby-tini-aptcache,target=/var/cache/apt \ apt-get update && apt-get install -y --no-install-recommends \ @@ -235,7 +235,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ PREFIX=/build /tmp/install/install.sh tini FROM dev-base AS rootlesskit -ARG ROOTLESSKIT_COMMIT +ARG ROOTLESSKIT_VERSION RUN --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg/mod \ --mount=type=bind,src=hack/dockerfile/install,target=/tmp/install \ diff --git a/Dockerfile.windows b/Dockerfile.windows index 29d91282966da..6ebf4cd5e9b3b 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -166,7 +166,7 @@ FROM microsoft/windowsservercore SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] ARG GO_VERSION=1.16.13 -ARG GOTESTSUM_COMMIT=v0.5.3 +ARG GOTESTSUM_VERSION=v0.5.3 # Environment variable notes: # - GO_VERSION must be consistent with 'Dockerfile' used by Linux. @@ -176,7 +176,7 @@ ENV GO_VERSION=${GO_VERSION} ` GOPATH=C:\gopath ` GO111MODULE=off ` FROM_DOCKERFILE=1 ` - GOTESTSUM_COMMIT=${GOTESTSUM_COMMIT} + GOTESTSUM_VERSION=${GOTESTSUM_VERSION} RUN ` Function Test-Nano() { ` @@ -262,11 +262,11 @@ RUN ` RUN ` Function Build-GoTestSum() { ` - Write-Host "INFO: Building gotestsum version $Env:GOTESTSUM_COMMIT in $Env:GOPATH"; ` + Write-Host "INFO: Building gotestsum version $Env:GOTESTSUM_VERSION in $Env:GOPATH"; ` $Env:GO111MODULE = 'on'; ` $tmpGobin = "${Env:GOBIN_TMP}"; ` $Env:GOBIN = """${Env:GOPATH}`\bin"""; ` - &go get -buildmode=exe "gotest.tools/gotestsum@${Env:GOTESTSUM_COMMIT}"; ` + &go get -buildmode=exe "gotest.tools/gotestsum@${Env:GOTESTSUM_VERSION}"; ` $Env:GOBIN = "${tmpGobin}"; ` $Env:GO111MODULE = 'off'; ` if ($LASTEXITCODE -ne 0) { ` diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index cf96e6988703c..77f6790814730 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -1,16 +1,27 @@ #!/bin/sh set -e -# containerd is also pinned in vendor.conf. When updating the binary -# version you may also need to update the vendor version to pick up bug -# fixes or new APIs. -: "${CONTAINERD_COMMIT:=72cec4be58a9eb6b2910f5d10f1c01ca47d231c0}" # v1.5.5 +# CONTAINERD_VERSION specifies the version of the containerd runtime binary +# to install from the https://github.com/containerd/containerd repository. +# +# This version is used to build statically compiled containerd binaries, and +# used for the integration tests. The distributed docker .deb and .rpm packages +# depend on a separate (containerd.io) package, which may be a different version +# as is specified here. +# +# Generally, the commit specified here should match a tagged release. +# +# The containerd golang package is also pinned in vendor.conf. When updating +# the binary version you may also need to update the vendor version to pick up +# bug fixes or new APIs, however, usually the Go packages are built from a +# commit from the master branch. +: "${CONTAINERD_VERSION:=v1.5.5}" install_containerd() ( - echo "Install containerd version $CONTAINERD_COMMIT" + echo "Install containerd version $CONTAINERD_VERSION" git clone https://github.com/containerd/containerd.git "$GOPATH/src/github.com/containerd/containerd" cd "$GOPATH/src/github.com/containerd/containerd" - git checkout -q "$CONTAINERD_COMMIT" + git checkout -q "$CONTAINERD_VERSION" export BUILDTAGS='netgo osusergo static_build' export EXTRA_FLAGS=${GO_BUILDMODE} diff --git a/hack/dockerfile/install/golangci_lint.installer b/hack/dockerfile/install/golangci_lint.installer index 01d87c242a701..1bd43b581645e 100755 --- a/hack/dockerfile/install/golangci_lint.installer +++ b/hack/dockerfile/install/golangci_lint.installer @@ -1,10 +1,10 @@ #!/bin/sh -: "${GOLANGCI_LINT_COMMIT=v1.23.8}" +: "${GOLANGCI_LINT_VERSION=v1.23.8}" install_golangci_lint() { set -e export GO111MODULE=on - GOBIN="${PREFIX}" go get "github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_COMMIT}" + GOBIN="${PREFIX}" go get "github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}" "${PREFIX}"/golangci-lint --version } diff --git a/hack/dockerfile/install/gotestsum.installer b/hack/dockerfile/install/gotestsum.installer index ea10be814cb9b..21a8bbe2ba84f 100755 --- a/hack/dockerfile/install/gotestsum.installer +++ b/hack/dockerfile/install/gotestsum.installer @@ -1,9 +1,9 @@ #!/bin/sh -: ${GOTESTSUM_COMMIT:=v0.5.3} +: ${GOTESTSUM_VERSION:=v0.5.3} install_gotestsum() ( set -e export GO111MODULE=on - GOBIN="${PREFIX}" go get "gotest.tools/gotestsum@${GOTESTSUM_COMMIT}" + GOBIN="${PREFIX}" go get "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" ) diff --git a/hack/dockerfile/install/rootlesskit.installer b/hack/dockerfile/install/rootlesskit.installer index 1d8e7d9ed9087..2968f5b72284a 100755 --- a/hack/dockerfile/install/rootlesskit.installer +++ b/hack/dockerfile/install/rootlesskit.installer @@ -1,7 +1,6 @@ #!/bin/sh -# v0.14.4 -: "${ROOTLESSKIT_COMMIT:=87d443683ac1e8aba4110b8081f15aaae432aaa2}" +: "${ROOTLESSKIT_VERSION:=v0.14.4}" install_rootlesskit() { case "$1" in @@ -26,12 +25,8 @@ install_rootlesskit_dynamic() { } _install_rootlesskit() ( - echo "Install rootlesskit version $ROOTLESSKIT_COMMIT" - git clone https://github.com/rootless-containers/rootlesskit.git "$GOPATH/src/github.com/rootless-containers/rootlesskit" - cd "$GOPATH/src/github.com/rootless-containers/rootlesskit" || exit 1 - git checkout -q "$ROOTLESSKIT_COMMIT" - export GO111MODULE=on + echo "Install rootlesskit version ${ROOTLESSKIT_VERSION}" for f in rootlesskit rootlesskit-docker-proxy; do - go build $BUILD_MODE -ldflags="$ROOTLESSKIT_LDFLAGS" -o "${PREFIX}/$f" github.com/rootless-containers/rootlesskit/cmd/$f + GOBIN="${PREFIX}" GO111MODULE=on go install ${BUILD_MODE} -ldflags="$ROOTLESSKIT_LDFLAGS" "github.com/rootless-containers/rootlesskit/cmd/${f}@${ROOTLESSKIT_VERSION}" done ) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index d73534846d9c6..99b99e5b873cf 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -1,19 +1,23 @@ #!/bin/sh set -e -# When updating RUNC_COMMIT, also update runc in vendor.conf accordingly +# RUNC_VERSION specifies the version of runc to install from the +# https://github.com/opencontainers/runc repository. +# # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: ${RUNC_COMMIT:=52b36a2dd837e8462de8e01458bf02cf9eea47dd} # v1.0.2 +# +# When updating RUNC_VERSION, consider updating runc in vendor.conf accordingly +: "${RUNC_VERSION:=v1.0.2}" install_runc() { RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}" - echo "Install runc version $RUNC_COMMIT (build tags: $RUNC_BUILDTAGS)" + echo "Install runc version $RUNC_VERSION (build tags: $RUNC_BUILDTAGS)" git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" cd "$GOPATH/src/github.com/opencontainers/runc" - git checkout -q "$RUNC_COMMIT" + git checkout -q "$RUNC_VERSION" if [ -z "$1" ]; then target=static else diff --git a/hack/dockerfile/install/shfmt.installer b/hack/dockerfile/install/shfmt.installer index a2096522c360a..4c73727d0486f 100755 --- a/hack/dockerfile/install/shfmt.installer +++ b/hack/dockerfile/install/shfmt.installer @@ -1,11 +1,11 @@ #!/bin/sh -: "${SHFMT_COMMIT:=01725bdd30658db1fe1b9e02173c3060061fe86f}" # v3.0.2 +: "${SHFMT_VERSION:=v3.0.2}" install_shfmt() { - echo "Install shfmt version $SHFMT_COMMIT" + echo "Install shfmt version $SHFMT_VERSION" git clone https://github.com/mvdan/sh.git "$GOPATH/src/github.com/mvdan/sh" cd "$GOPATH/src/github.com/mvdan/sh" || exit 1 - git checkout -q "$SHFMT_COMMIT" + git checkout -q "$SHFMT_VERSION" GO111MODULE=on go build ${GO_BUILDMODE} -v -o "${PREFIX}/shfmt" ./cmd/shfmt } diff --git a/hack/dockerfile/install/tini.installer b/hack/dockerfile/install/tini.installer index 7b6debbfc7546..febceb15eb2a0 100755 --- a/hack/dockerfile/install/tini.installer +++ b/hack/dockerfile/install/tini.installer @@ -1,12 +1,15 @@ #!/bin/sh -: ${TINI_COMMIT:=de40ad007797e0dcd8b7126f27bb87401d224240} # v0.19.0 +# TINI_VERSION specifies the version of tini (docker-init) to build, and install +# from the https://github.com/krallin/tini repository. This binary is used +# when starting containers with the `--init` option. +: "${TINI_VERSION:=v0.19.0}" install_tini() { - echo "Install tini version $TINI_COMMIT" + echo "Install tini version $TINI_VERSION" git clone https://github.com/krallin/tini.git "$GOPATH/tini" cd "$GOPATH/tini" - git checkout -q "$TINI_COMMIT" + git checkout -q "$TINI_VERSION" cmake . make tini-static mkdir -p "${PREFIX}" diff --git a/hack/dockerfile/install/vndr.installer b/hack/dockerfile/install/vndr.installer index c644e6b48ce16..00ac6ea89c78c 100755 --- a/hack/dockerfile/install/vndr.installer +++ b/hack/dockerfile/install/vndr.installer @@ -1,11 +1,11 @@ #!/bin/sh -: "${VNDR_COMMIT:=f12b881cb8f081a5058408a58f429b9014833fc6}" # v0.1.2 +: "${VNDR_VERSION:=v0.1.2}" install_vndr() { - echo "Install vndr version $VNDR_COMMIT" + echo "Install vndr version $VNDR_VERSION" git clone https://github.com/LK4D4/vndr.git "$GOPATH/src/github.com/LK4D4/vndr" cd "$GOPATH/src/github.com/LK4D4/vndr" || exit 1 - git checkout -q "$VNDR_COMMIT" + git checkout -q "$VNDR_VERSION" go build ${GO_BUILDMODE} -v -o "${PREFIX}/vndr" . } From 2716336abdbc013aee56dc19ebb2f3f14a822e78 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Jul 2021 14:56:29 +0200 Subject: [PATCH 196/252] Dockerfile: use "go install" to install utilities Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 14ff070469d8a1e1f1ea61df9593281f3147e238) Signed-off-by: Sebastiaan van Stijn --- Dockerfile.windows | 11 +++++------ hack/dockerfile/install/golangci_lint.installer | 4 ++-- hack/dockerfile/install/gotestsum.installer | 4 ++-- hack/dockerfile/install/shfmt.installer | 5 +---- hack/dockerfile/install/vndr.installer | 5 +---- 5 files changed, 11 insertions(+), 18 deletions(-) diff --git a/Dockerfile.windows b/Dockerfile.windows index 6ebf4cd5e9b3b..e2ddfd9aca333 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -261,21 +261,20 @@ RUN ` C:\git\cmd\git config --global core.autocrlf true; RUN ` - Function Build-GoTestSum() { ` - Write-Host "INFO: Building gotestsum version $Env:GOTESTSUM_VERSION in $Env:GOPATH"; ` + Function Install-GoTestSum() { ` $Env:GO111MODULE = 'on'; ` $tmpGobin = "${Env:GOBIN_TMP}"; ` $Env:GOBIN = """${Env:GOPATH}`\bin"""; ` - &go get -buildmode=exe "gotest.tools/gotestsum@${Env:GOTESTSUM_VERSION}"; ` + Write-Host "INFO: Installing gotestsum version $Env:GOTESTSUM_VERSION in $Env:GOBIN"; ` + &go install "gotest.tools/gotestsum@${Env:GOTESTSUM_VERSION}"; ` $Env:GOBIN = "${tmpGobin}"; ` $Env:GO111MODULE = 'off'; ` if ($LASTEXITCODE -ne 0) { ` - Throw '"gotestsum build failed..."'; ` + Throw '"gotestsum install failed..."'; ` } ` - Write-Host "INFO: Build done for gotestsum..."; ` } ` ` - Build-GoTestSum + Install-GoTestSum # Make PowerShell the default entrypoint ENTRYPOINT ["powershell.exe"] diff --git a/hack/dockerfile/install/golangci_lint.installer b/hack/dockerfile/install/golangci_lint.installer index 1bd43b581645e..bcce308e157c7 100755 --- a/hack/dockerfile/install/golangci_lint.installer +++ b/hack/dockerfile/install/golangci_lint.installer @@ -4,7 +4,7 @@ install_golangci_lint() { set -e - export GO111MODULE=on - GOBIN="${PREFIX}" go get "github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}" + echo "Install golangci-lint version ${GOLANGCI_LINT_VERSION}" + GOBIN="${PREFIX}" GO111MODULE=on go install "github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}" "${PREFIX}"/golangci-lint --version } diff --git a/hack/dockerfile/install/gotestsum.installer b/hack/dockerfile/install/gotestsum.installer index 21a8bbe2ba84f..0a86b054d38ed 100755 --- a/hack/dockerfile/install/gotestsum.installer +++ b/hack/dockerfile/install/gotestsum.installer @@ -4,6 +4,6 @@ install_gotestsum() ( set -e - export GO111MODULE=on - GOBIN="${PREFIX}" go get "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" + echo "Install gotestsum version ${GOTESTSUM_VERSION}" + GOBIN="${PREFIX}" GO111MODULE=on go install "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" ) diff --git a/hack/dockerfile/install/shfmt.installer b/hack/dockerfile/install/shfmt.installer index 4c73727d0486f..b9a125cfe6881 100755 --- a/hack/dockerfile/install/shfmt.installer +++ b/hack/dockerfile/install/shfmt.installer @@ -4,8 +4,5 @@ install_shfmt() { echo "Install shfmt version $SHFMT_VERSION" - git clone https://github.com/mvdan/sh.git "$GOPATH/src/github.com/mvdan/sh" - cd "$GOPATH/src/github.com/mvdan/sh" || exit 1 - git checkout -q "$SHFMT_VERSION" - GO111MODULE=on go build ${GO_BUILDMODE} -v -o "${PREFIX}/shfmt" ./cmd/shfmt + GOBIN="${PREFIX}" GO111MODULE=on go install "mvdan.cc/sh/v3/cmd/shfmt@${SHFMT_VERSION}" } diff --git a/hack/dockerfile/install/vndr.installer b/hack/dockerfile/install/vndr.installer index 00ac6ea89c78c..5611e3c9d8ed6 100755 --- a/hack/dockerfile/install/vndr.installer +++ b/hack/dockerfile/install/vndr.installer @@ -4,8 +4,5 @@ install_vndr() { echo "Install vndr version $VNDR_VERSION" - git clone https://github.com/LK4D4/vndr.git "$GOPATH/src/github.com/LK4D4/vndr" - cd "$GOPATH/src/github.com/LK4D4/vndr" || exit 1 - git checkout -q "$VNDR_VERSION" - go build ${GO_BUILDMODE} -v -o "${PREFIX}/vndr" . + GOBIN="${PREFIX}" GO111MODULE=on go install "github.com/LK4D4/vndr@${VNDR_VERSION}" } From 0f37f2989b73ab00b8b25dfdbb5d1976f329f3db Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 26 Jul 2021 14:57:42 +0200 Subject: [PATCH 197/252] Dockerfile: update gotestsum to v1.7.0 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 1b8db067856387b4cc80bd5813993475382993b6) Signed-off-by: Sebastiaan van Stijn --- Dockerfile.windows | 2 +- hack/dockerfile/install/gotestsum.installer | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile.windows b/Dockerfile.windows index e2ddfd9aca333..2cf7b02f0f20d 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -166,7 +166,7 @@ FROM microsoft/windowsservercore SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] ARG GO_VERSION=1.16.13 -ARG GOTESTSUM_VERSION=v0.5.3 +ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: # - GO_VERSION must be consistent with 'Dockerfile' used by Linux. diff --git a/hack/dockerfile/install/gotestsum.installer b/hack/dockerfile/install/gotestsum.installer index 0a86b054d38ed..5024179958354 100755 --- a/hack/dockerfile/install/gotestsum.installer +++ b/hack/dockerfile/install/gotestsum.installer @@ -1,6 +1,6 @@ #!/bin/sh -: ${GOTESTSUM_VERSION:=v0.5.3} +: ${GOTESTSUM_VERSION:=v1.7.0} install_gotestsum() ( set -e From 3700adb70ad56ccdc0ba4cc23583a1f093577652 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 1 Oct 2021 10:19:38 +0200 Subject: [PATCH 198/252] Update containerd binary to v1.5.6 - Install apparmor parser for arm64 and update seccomp to 2.5.1 - Update runc binary to 1.0.2 - Update hcsshim to v0.8.21 to fix layer issue on Windows Server 2019 - Add support for 'clone3' syscall to fix issue with certain images when seccomp is enabled - Add image config labels in CRI container creation - Fix panic in metadata content writer on copy error Signed-off-by: Sebastiaan van Stijn (cherry picked from commit b746a2bf9b2a86a1072e7be719f1207a64a576fb) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 77f6790814730..3660c32d55c8f 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.5}" +: "${CONTAINERD_VERSION:=v1.5.6}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From 3fd0b8d6ebea596934dc041bc43674d80558a06f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 5 Oct 2021 09:51:39 +0200 Subject: [PATCH 199/252] Update containerd binary to v1.5.7 The seventh patch release for containerd 1.5 is a security release to fix CVE-2021-41103. Notable Updates: - Fix insufficiently restricted permissions on container root and plugin directories GHSA-c2h3-6mxw-7mvq Signed-off-by: Sebastiaan van Stijn (cherry picked from commit fa4a9702be2a2707e7d7345272d58ff9e381f393) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 3660c32d55c8f..94e82cfdc1ffd 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.6}" +: "${CONTAINERD_VERSION:=v1.5.7}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From bd42e172842dde8d94ad1753cd9a0ec5a624b56a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 17 Nov 2021 21:25:05 +0100 Subject: [PATCH 200/252] update containerd binary to v1.5.8 The eighth patch release for containerd 1.5 contains a mitigation for CVE-2021-41190 as well as several fixes and updates. Notable Updates * Handle ambiguous OCI manifest parsing * Filter selinux xattr for image volumes in CRI plugin * Use DeactiveLayer to unlock layers that cannot be renamed in Windows snapshotter * Fix pull failure on unexpected EOF * Close task IO before waiting on delete * Log a warning for ignored invalid image labels rather than erroring * Update pull to handle of non-https urls in descriptors See the changelog for complete list of changes Signed-off-by: Sebastiaan van Stijn (cherry picked from commit aef782f34844e70c79481cbecd35b01c9bb25ffa) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 94e82cfdc1ffd..ca5cc7cce039c 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.7}" +: "${CONTAINERD_VERSION:=v1.5.8}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From 3e5eea41927098ffb2ce9db36ef32498456a82de Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Mon, 6 Dec 2021 15:10:27 +0900 Subject: [PATCH 201/252] update runc binary to v1.0.3 Signed-off-by: Akihiro Suda (cherry picked from commit 53397ac5391c49ebd534d06cc57b6a2a12a739d3) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 99b99e5b873cf..bd07d74e82dd8 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -9,7 +9,7 @@ set -e # the containerd project first, and update both after that is merged. # # When updating RUNC_VERSION, consider updating runc in vendor.conf accordingly -: "${RUNC_VERSION:=v1.0.2}" +: "${RUNC_VERSION:=v1.0.3}" install_runc() { RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}" From 829f071228420fba9bc48184df4bf81b2a10d9a2 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 10 Jan 2022 16:58:55 +0100 Subject: [PATCH 202/252] update containerd binary to v1.5.9 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit df3ea5da03fcff55a47277a8190967e91b7363fa) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index ca5cc7cce039c..59247fbf8c7f6 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.8}" +: "${CONTAINERD_VERSION:=v1.5.9}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From ada1b01de1c9fb71bff4795393b242bfdcd93d2a Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Mon, 22 Nov 2021 09:36:11 -0800 Subject: [PATCH 203/252] daemon/logger: read the length header correctly Before this change, if Decode() couldn't read a log record fully, the subsequent invocation of Decode() would read the record's non-header part as a header and cause a huge heap allocation. This change prevents such a case by having the intermediate buffer in the decoder struct. Fixes #42125. Signed-off-by: Kazuyoshi Kato (cherry picked from commit 48d387a757570245b4549cc46d96017630baf32f) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/local/read.go | 119 ++++++++++++++++----------- daemon/logger/local/read_test.go | 52 ++++++++++++ daemon/logger/loggerutils/logfile.go | 1 + 3 files changed, 124 insertions(+), 48 deletions(-) create mode 100644 daemon/logger/local/read_test.go diff --git a/daemon/logger/local/read.go b/daemon/logger/local/read.go index b28aa90651bc3..d517995cff58d 100644 --- a/daemon/logger/local/read.go +++ b/daemon/logger/local/read.go @@ -1,12 +1,12 @@ package local import ( + "bytes" "context" "encoding/binary" + "fmt" "io" - "bytes" - "github.com/docker/docker/api/types/plugins/logdriver" "github.com/docker/docker/daemon/logger" "github.com/docker/docker/daemon/logger/loggerutils" @@ -14,6 +14,10 @@ import ( "github.com/pkg/errors" ) +// maxMsgLen is the maximum size of the logger.Message after serialization. +// logger.defaultBufSize caps the size of Line field. +const maxMsgLen int = 1e6 // 1MB. + func (d *driver) ReadLogs(config logger.ReadConfig) *logger.LogWatcher { logWatcher := logger.NewLogWatcher() @@ -99,7 +103,35 @@ func getTailReader(ctx context.Context, r loggerutils.SizeReaderAt, req int) (io type decoder struct { rdr io.Reader proto *logdriver.LogEntry - buf []byte + // buf keeps bytes from rdr. + buf []byte + // offset is the position in buf. + // If offset > 0, buf[offset:] has bytes which are read but haven't used. + offset int + // nextMsgLen is the length of the next log message. + // If nextMsgLen = 0, a new value must be read from rdr. + nextMsgLen int +} + +func (d *decoder) readRecord(size int) error { + var err error + for i := 0; i < maxDecodeRetry; i++ { + var n int + n, err = io.ReadFull(d.rdr, d.buf[d.offset:size]) + d.offset += n + if err != nil { + if err != io.ErrUnexpectedEOF { + return err + } + continue + } + break + } + if err != nil { + return err + } + d.offset = 0 + return nil } func (d *decoder) Decode() (*logger.Message, error) { @@ -111,44 +143,35 @@ func (d *decoder) Decode() (*logger.Message, error) { if d.buf == nil { d.buf = make([]byte, initialBufSize) } - var ( - read int - err error - ) - for i := 0; i < maxDecodeRetry; i++ { - var n int - n, err = io.ReadFull(d.rdr, d.buf[read:encodeBinaryLen]) + if d.nextMsgLen == 0 { + msgLen, err := d.decodeSizeHeader() if err != nil { - if err != io.ErrUnexpectedEOF { - return nil, errors.Wrap(err, "error reading log message length") - } - read += n - continue + return nil, err } - read += n - break - } - if err != nil { - return nil, errors.Wrapf(err, "could not read log message length: read: %d, expected: %d", read, encodeBinaryLen) - } - msgLen := int(binary.BigEndian.Uint32(d.buf[:read])) + if msgLen > maxMsgLen { + return nil, fmt.Errorf("log message is too large (%d > %d)", msgLen, maxMsgLen) + } - if len(d.buf) < msgLen+encodeBinaryLen { - d.buf = make([]byte, msgLen+encodeBinaryLen) - } else { - if msgLen <= initialBufSize { + if len(d.buf) < msgLen+encodeBinaryLen { + d.buf = make([]byte, msgLen+encodeBinaryLen) + } else if msgLen <= initialBufSize { d.buf = d.buf[:initialBufSize] } else { d.buf = d.buf[:msgLen+encodeBinaryLen] } - } - return decodeLogEntry(d.rdr, d.proto, d.buf, msgLen) + d.nextMsgLen = msgLen + } + return d.decodeLogEntry() } func (d *decoder) Reset(rdr io.Reader) { + if d.rdr == rdr { + return + } + d.rdr = rdr if d.proto != nil { resetProto(d.proto) @@ -156,6 +179,8 @@ func (d *decoder) Reset(rdr io.Reader) { if d.buf != nil { d.buf = d.buf[:initialBufSize] } + d.offset = 0 + d.nextMsgLen = 0 } func (d *decoder) Close() { @@ -171,34 +196,32 @@ func decodeFunc(rdr io.Reader) loggerutils.Decoder { return &decoder{rdr: rdr} } -func decodeLogEntry(rdr io.Reader, proto *logdriver.LogEntry, buf []byte, msgLen int) (*logger.Message, error) { - var ( - read int - err error - ) - for i := 0; i < maxDecodeRetry; i++ { - var n int - n, err = io.ReadFull(rdr, buf[read:msgLen+encodeBinaryLen]) - if err != nil { - if err != io.ErrUnexpectedEOF { - return nil, errors.Wrap(err, "could not decode log entry") - } - read += n - continue - } - break +func (d *decoder) decodeSizeHeader() (int, error) { + err := d.readRecord(encodeBinaryLen) + if err != nil { + return 0, errors.Wrap(err, "could not read a size header") } + + msgLen := int(binary.BigEndian.Uint32(d.buf[:encodeBinaryLen])) + return msgLen, nil +} + +func (d *decoder) decodeLogEntry() (*logger.Message, error) { + msgLen := d.nextMsgLen + err := d.readRecord(msgLen + encodeBinaryLen) if err != nil { - return nil, errors.Wrapf(err, "could not decode entry: read %d, expected: %d", read, msgLen) + return nil, errors.Wrapf(err, "could not read a log entry (size=%d+%d)", msgLen, encodeBinaryLen) } + d.nextMsgLen = 0 - if err := proto.Unmarshal(buf[:msgLen]); err != nil { - return nil, errors.Wrap(err, "error unmarshalling log entry") + if err := d.proto.Unmarshal(d.buf[:msgLen]); err != nil { + return nil, errors.Wrapf(err, "error unmarshalling log entry (size=%d)", msgLen) } - msg := protoToMessage(proto) + msg := protoToMessage(d.proto) if msg.PLogMetaData == nil { msg.Line = append(msg.Line, '\n') } + return msg, nil } diff --git a/daemon/logger/local/read_test.go b/daemon/logger/local/read_test.go new file mode 100644 index 0000000000000..21d8603649a25 --- /dev/null +++ b/daemon/logger/local/read_test.go @@ -0,0 +1,52 @@ +package local + +import ( + "io" + "io/ioutil" + "os" + "testing" + + "github.com/docker/docker/daemon/logger" + "github.com/pkg/errors" + "gotest.tools/v3/assert" +) + +func TestDecode(t *testing.T) { + marshal := makeMarshaller() + + buf, err := marshal(&logger.Message{Line: []byte("hello")}) + assert.NilError(t, err) + + for i := 0; i < len(buf); i++ { + testDecode(t, buf, i) + } +} + +func testDecode(t *testing.T, buf []byte, split int) { + fw, err := ioutil.TempFile("", t.Name()) + assert.NilError(t, err) + defer os.Remove(fw.Name()) + + fr, err := os.Open(fw.Name()) + assert.NilError(t, err) + + d := &decoder{rdr: fr} + + if split > 0 { + _, err = fw.Write(buf[0:split]) + assert.NilError(t, err) + + _, err = d.Decode() + assert.Assert(t, errors.Is(err, io.EOF)) + + _, err = fw.Write(buf[split:]) + assert.NilError(t, err) + } else { + _, err = fw.Write(buf) + assert.NilError(t, err) + } + + message, err := d.Decode() + assert.NilError(t, err) + assert.Equal(t, "hello\n", string(message.Line)) +} diff --git a/daemon/logger/loggerutils/logfile.go b/daemon/logger/loggerutils/logfile.go index 6b42d9dd30d72..8817934946a69 100644 --- a/daemon/logger/loggerutils/logfile.go +++ b/daemon/logger/loggerutils/logfile.go @@ -715,6 +715,7 @@ func followLogs(f *os.File, logWatcher *logger.LogWatcher, notifyRotate, notifyE defer func() { oldSize = size }() if size < oldSize { // truncated f.Seek(0, 0) + dec.Reset(f) return nil } } else { From 39519221c280989b0a14c629a9870aaf527e4deb Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Thu, 9 Dec 2021 13:26:39 -0800 Subject: [PATCH 204/252] daemon/logger: test followLogs' handleDecodeErr case Signed-off-by: Kazuyoshi Kato (cherry picked from commit f2e458ebc509c4b714742c2d831b08e84ba6b992) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/loggerutils/logfile_test.go | 73 +++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/daemon/logger/loggerutils/logfile_test.go b/daemon/logger/loggerutils/logfile_test.go index af951c75f5051..f9e67e94677a0 100644 --- a/daemon/logger/loggerutils/logfile_test.go +++ b/daemon/logger/loggerutils/logfile_test.go @@ -4,12 +4,14 @@ import ( "bufio" "bytes" "context" + "errors" "fmt" "io" "io/ioutil" "os" "path/filepath" "strings" + "sync" "sync/atomic" "testing" "text/tabwriter" @@ -245,6 +247,77 @@ func TestFollowLogsProducerGone(t *testing.T) { } } +type lineDecoder struct { + r *bufio.Reader + resetCount int +} + +func (d *lineDecoder) Decode() (*logger.Message, error) { + line, err := d.r.ReadString('\n') + if err != nil { + return nil, err + } + m := logger.NewMessage() + m.Line = []byte(line) + return m, nil +} + +func (d *lineDecoder) Reset(r io.Reader) { + d.r = bufio.NewReader(r) + d.resetCount++ +} + +func (d *lineDecoder) Close() { +} + +func TestFollowLogsHandleDecodeErr(t *testing.T) { + lw := logger.NewLogWatcher() + defer lw.ConsumerGone() + + fw, err := os.CreateTemp("", t.Name()) + assert.NilError(t, err) + defer os.Remove(fw.Name()) + + fr, err := os.Open(fw.Name()) + assert.NilError(t, err) + + dec := &lineDecoder{} + dec.Reset(fr) + + var since, until time.Time + rotate := make(chan interface{}) + evict := make(chan interface{}) + + var wg sync.WaitGroup + wg.Add(1) + go func() { + defer wg.Done() + followLogs(fr, lw, rotate, evict, dec, since, until) + }() + + sendReceive := func(f io.Writer, message string) { + _, err = f.Write([]byte(message)) + assert.NilError(t, err) + m := <-lw.Msg + assert.Equal(t, message, string(m.Line)) + } + + sendReceive(fw, "log1\n") + sendReceive(fw, "log2\n") + + ft, err := os.OpenFile(fw.Name(), os.O_WRONLY|os.O_TRUNC, 0600) + assert.NilError(t, err) + + sendReceive(ft, "log3\n") + + evict <- errors.New("stop followLogs") + wg.Wait() + + // followLogs calls Reset() in the beginning, + // each 3 writes result Reset(), then handleDecodeErr() calles Reset(). + assert.Equal(t, 5, dec.resetCount) +} + func TestCheckCapacityAndRotate(t *testing.T) { dir, err := ioutil.TempDir("", t.Name()) assert.NilError(t, err) From 78d0b936b82cc89e95ad6baadb46696924e30302 Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Thu, 23 Dec 2021 21:35:31 -0800 Subject: [PATCH 205/252] daemon/logger: refactor followLogs to write more unit tests followLogs() is getting really long (170+ lines) and complex. The function has multiple inner functions that mutate its variables. To refactor the function, this change introduces follow{} struct. The inner functions are now defined as ordinal methods, which are accessible from tests. Signed-off-by: Kazuyoshi Kato (cherry picked from commit 7a10f5a5586bf6754943ccd14c75cb50c9e76f4a) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/loggerutils/follow.go | 211 +++++++++++++++++++++++++++ daemon/logger/loggerutils/logfile.go | 175 ---------------------- 2 files changed, 211 insertions(+), 175 deletions(-) create mode 100644 daemon/logger/loggerutils/follow.go diff --git a/daemon/logger/loggerutils/follow.go b/daemon/logger/loggerutils/follow.go new file mode 100644 index 0000000000000..755a483d7a10a --- /dev/null +++ b/daemon/logger/loggerutils/follow.go @@ -0,0 +1,211 @@ +package loggerutils // import "github.com/docker/docker/daemon/logger/loggerutils" + +import ( + "io" + "os" + "time" + + "github.com/docker/docker/daemon/logger" + "github.com/docker/docker/pkg/filenotify" + "github.com/fsnotify/fsnotify" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" +) + +var errRetry = errors.New("retry") +var errDone = errors.New("done") + +type follow struct { + file *os.File + dec Decoder + fileWatcher filenotify.FileWatcher + logWatcher *logger.LogWatcher + notifyRotate, notifyEvict chan interface{} + oldSize int64 + retries int +} + +func (fl *follow) handleRotate() error { + name := fl.file.Name() + + fl.file.Close() + fl.fileWatcher.Remove(name) + + // retry when the file doesn't exist + var err error + for retries := 0; retries <= 5; retries++ { + f, err := open(name) + if err == nil || !os.IsNotExist(err) { + fl.file = f + break + } + } + if err != nil { + return err + } + if err := fl.fileWatcher.Add(name); err != nil { + return err + } + fl.dec.Reset(fl.file) + return nil +} + +func (fl *follow) handleMustClose(evictErr error) { + fl.file.Close() + fl.dec.Close() + fl.logWatcher.Err <- errors.Wrap(evictErr, "log reader evicted due to errors") + logrus.WithField("file", fl.file.Name()).Error("Log reader notified that it must re-open log file, some log data may not be streamed to the client.") +} + +func (fl *follow) waitRead() error { + select { + case e := <-fl.notifyEvict: + if e != nil { + err := e.(error) + fl.handleMustClose(err) + } + return errDone + case e := <-fl.fileWatcher.Events(): + switch e.Op { + case fsnotify.Write: + fl.dec.Reset(fl.file) + return nil + case fsnotify.Rename, fsnotify.Remove: + select { + case <-fl.notifyRotate: + case <-fl.logWatcher.WatchProducerGone(): + return errDone + case <-fl.logWatcher.WatchConsumerGone(): + return errDone + } + if err := fl.handleRotate(); err != nil { + return err + } + return nil + } + return errRetry + case err := <-fl.fileWatcher.Errors(): + logrus.Debugf("logger got error watching file: %v", err) + // Something happened, let's try and stay alive and create a new watcher + if fl.retries <= 5 { + fl.fileWatcher.Close() + fl.fileWatcher, err = watchFile(fl.file.Name()) + if err != nil { + return err + } + fl.retries++ + return errRetry + } + return err + case <-fl.logWatcher.WatchProducerGone(): + return errDone + case <-fl.logWatcher.WatchConsumerGone(): + return errDone + } +} + +func (fl *follow) handleDecodeErr(err error) error { + if !errors.Is(err, io.EOF) { + return err + } + + // Handle special case (#39235): max-file=1 and file was truncated + st, stErr := fl.file.Stat() + if stErr == nil { + size := st.Size() + defer func() { fl.oldSize = size }() + if size < fl.oldSize { // truncated + fl.file.Seek(0, 0) + fl.dec.Reset(fl.file) + return nil + } + } else { + logrus.WithError(stErr).Warn("logger: stat error") + } + + for { + err := fl.waitRead() + if err == nil { + break + } + if err == errRetry { + continue + } + return err + } + return nil +} + +func (fl *follow) mainLoop(since, until time.Time) { + for { + select { + case err := <-fl.notifyEvict: + if err != nil { + fl.handleMustClose(err.(error)) + } + return + default: + } + msg, err := fl.dec.Decode() + if err != nil { + if err := fl.handleDecodeErr(err); err != nil { + if err == errDone { + return + } + // we got an unrecoverable error, so return + fl.logWatcher.Err <- err + return + } + // ready to try again + continue + } + + fl.retries = 0 // reset retries since we've succeeded + if !since.IsZero() && msg.Timestamp.Before(since) { + continue + } + if !until.IsZero() && msg.Timestamp.After(until) { + return + } + // send the message, unless the consumer is gone + select { + case e := <-fl.notifyEvict: + if e != nil { + err := e.(error) + logrus.WithError(err).Debug("Reader evicted while sending log message") + fl.logWatcher.Err <- err + } + return + case fl.logWatcher.Msg <- msg: + case <-fl.logWatcher.WatchConsumerGone(): + return + } + } +} + +func followLogs(f *os.File, logWatcher *logger.LogWatcher, notifyRotate, notifyEvict chan interface{}, dec Decoder, since, until time.Time) { + dec.Reset(f) + + name := f.Name() + fileWatcher, err := watchFile(name) + if err != nil { + logWatcher.Err <- err + return + } + defer func() { + f.Close() + dec.Close() + fileWatcher.Close() + }() + + fl := &follow{ + file: f, + oldSize: -1, + logWatcher: logWatcher, + fileWatcher: fileWatcher, + notifyRotate: notifyRotate, + notifyEvict: notifyEvict, + dec: dec, + } + fl.mainLoop(since, until) +} diff --git a/daemon/logger/loggerutils/logfile.go b/daemon/logger/loggerutils/logfile.go index 8817934946a69..d4f3f5e149b5b 100644 --- a/daemon/logger/loggerutils/logfile.go +++ b/daemon/logger/loggerutils/logfile.go @@ -17,7 +17,6 @@ import ( "github.com/docker/docker/pkg/filenotify" "github.com/docker/docker/pkg/pools" "github.com/docker/docker/pkg/pubsub" - "github.com/fsnotify/fsnotify" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -608,180 +607,6 @@ func tailFiles(files []SizeReaderAt, watcher *logger.LogWatcher, dec Decoder, ge } } -func followLogs(f *os.File, logWatcher *logger.LogWatcher, notifyRotate, notifyEvict chan interface{}, dec Decoder, since, until time.Time) { - dec.Reset(f) - - name := f.Name() - fileWatcher, err := watchFile(name) - if err != nil { - logWatcher.Err <- err - return - } - defer func() { - f.Close() - dec.Close() - fileWatcher.Close() - }() - - var retries int - handleRotate := func() error { - f.Close() - fileWatcher.Remove(name) - - // retry when the file doesn't exist - for retries := 0; retries <= 5; retries++ { - f, err = open(name) - if err == nil || !os.IsNotExist(err) { - break - } - } - if err != nil { - return err - } - if err := fileWatcher.Add(name); err != nil { - return err - } - dec.Reset(f) - return nil - } - - errRetry := errors.New("retry") - errDone := errors.New("done") - - handleMustClose := func(evictErr error) { - f.Close() - dec.Close() - logWatcher.Err <- errors.Wrap(err, "log reader evicted due to errors") - logrus.WithField("file", f.Name()).Error("Log reader notified that it must re-open log file, some log data may not be streamed to the client.") - } - - waitRead := func() error { - select { - case e := <-notifyEvict: - if e != nil { - err := e.(error) - handleMustClose(err) - } - return errDone - case e := <-fileWatcher.Events(): - switch e.Op { - case fsnotify.Write: - dec.Reset(f) - return nil - case fsnotify.Rename, fsnotify.Remove: - select { - case <-notifyRotate: - case <-logWatcher.WatchProducerGone(): - return errDone - case <-logWatcher.WatchConsumerGone(): - return errDone - } - if err := handleRotate(); err != nil { - return err - } - return nil - } - return errRetry - case err := <-fileWatcher.Errors(): - logrus.Debugf("logger got error watching file: %v", err) - // Something happened, let's try and stay alive and create a new watcher - if retries <= 5 { - fileWatcher.Close() - fileWatcher, err = watchFile(name) - if err != nil { - return err - } - retries++ - return errRetry - } - return err - case <-logWatcher.WatchProducerGone(): - return errDone - case <-logWatcher.WatchConsumerGone(): - return errDone - } - } - - oldSize := int64(-1) - handleDecodeErr := func(err error) error { - if !errors.Is(err, io.EOF) { - return err - } - - // Handle special case (#39235): max-file=1 and file was truncated - st, stErr := f.Stat() - if stErr == nil { - size := st.Size() - defer func() { oldSize = size }() - if size < oldSize { // truncated - f.Seek(0, 0) - dec.Reset(f) - return nil - } - } else { - logrus.WithError(stErr).Warn("logger: stat error") - } - - for { - err := waitRead() - if err == nil { - break - } - if err == errRetry { - continue - } - return err - } - return nil - } - - // main loop - for { - select { - case err := <-notifyEvict: - if err != nil { - handleMustClose(err.(error)) - } - return - default: - } - msg, err := dec.Decode() - if err != nil { - if err := handleDecodeErr(err); err != nil { - if err == errDone { - return - } - // we got an unrecoverable error, so return - logWatcher.Err <- err - return - } - // ready to try again - continue - } - - retries = 0 // reset retries since we've succeeded - if !since.IsZero() && msg.Timestamp.Before(since) { - continue - } - if !until.IsZero() && msg.Timestamp.After(until) { - return - } - // send the message, unless the consumer is gone - select { - case e := <-notifyEvict: - if e != nil { - err := e.(error) - logrus.WithError(err).Debug("Reader evicted while sending log message") - logWatcher.Err <- err - } - return - case logWatcher.Msg <- msg: - case <-logWatcher.WatchConsumerGone(): - return - } - } -} - func watchFile(name string) (filenotify.FileWatcher, error) { var fileWatcher filenotify.FileWatcher From 8268f70ebbd442fff8fe7b7e8cf49a1d4c531eb8 Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Thu, 23 Dec 2021 22:03:39 -0800 Subject: [PATCH 206/252] daemon/logger: replace flaky TestFollowLogsHandleDecodeErr Signed-off-by: Kazuyoshi Kato (cherry picked from commit c91e09bee27fe4e4e106c4959400eb12d8adbedb) Signed-off-by: Sebastiaan van Stijn --- daemon/logger/loggerutils/follow_test.go | 37 +++++++++++ daemon/logger/loggerutils/logfile_test.go | 79 ++--------------------- 2 files changed, 41 insertions(+), 75 deletions(-) create mode 100644 daemon/logger/loggerutils/follow_test.go diff --git a/daemon/logger/loggerutils/follow_test.go b/daemon/logger/loggerutils/follow_test.go new file mode 100644 index 0000000000000..224cd192e9eb1 --- /dev/null +++ b/daemon/logger/loggerutils/follow_test.go @@ -0,0 +1,37 @@ +package loggerutils // import "github.com/docker/docker/daemon/logger/loggerutils" + +import ( + "io" + "os" + "testing" + + "gotest.tools/v3/assert" +) + +func TestHandleDecoderErr(t *testing.T) { + f, err := os.CreateTemp("", t.Name()) + assert.NilError(t, err) + defer os.Remove(f.Name()) + + _, err = f.Write([]byte("hello")) + assert.NilError(t, err) + + pos, err := f.Seek(0, io.SeekCurrent) + assert.NilError(t, err) + assert.Assert(t, pos != 0) + + dec := &testDecoder{} + + // Simulate "turncate" case, where the file was bigger before. + fl := &follow{file: f, dec: dec, oldSize: 100} + err = fl.handleDecodeErr(io.EOF) + assert.NilError(t, err) + + // handleDecodeErr seeks to zero. + pos, err = f.Seek(0, io.SeekCurrent) + assert.NilError(t, err) + assert.Equal(t, int64(0), pos) + + // Reset is called. + assert.Equal(t, 1, dec.resetCount) +} diff --git a/daemon/logger/loggerutils/logfile_test.go b/daemon/logger/loggerutils/logfile_test.go index f9e67e94677a0..7578b425d9494 100644 --- a/daemon/logger/loggerutils/logfile_test.go +++ b/daemon/logger/loggerutils/logfile_test.go @@ -4,14 +4,12 @@ import ( "bufio" "bytes" "context" - "errors" "fmt" "io" "io/ioutil" "os" "path/filepath" "strings" - "sync" "sync/atomic" "testing" "text/tabwriter" @@ -25,8 +23,9 @@ import ( ) type testDecoder struct { - rdr io.Reader - scanner *bufio.Scanner + rdr io.Reader + scanner *bufio.Scanner + resetCount int } func (d *testDecoder) Decode() (*logger.Message, error) { @@ -43,6 +42,7 @@ func (d *testDecoder) Decode() (*logger.Message, error) { func (d *testDecoder) Reset(rdr io.Reader) { d.rdr = rdr d.scanner = bufio.NewScanner(rdr) + d.resetCount++ } func (d *testDecoder) Close() { @@ -247,77 +247,6 @@ func TestFollowLogsProducerGone(t *testing.T) { } } -type lineDecoder struct { - r *bufio.Reader - resetCount int -} - -func (d *lineDecoder) Decode() (*logger.Message, error) { - line, err := d.r.ReadString('\n') - if err != nil { - return nil, err - } - m := logger.NewMessage() - m.Line = []byte(line) - return m, nil -} - -func (d *lineDecoder) Reset(r io.Reader) { - d.r = bufio.NewReader(r) - d.resetCount++ -} - -func (d *lineDecoder) Close() { -} - -func TestFollowLogsHandleDecodeErr(t *testing.T) { - lw := logger.NewLogWatcher() - defer lw.ConsumerGone() - - fw, err := os.CreateTemp("", t.Name()) - assert.NilError(t, err) - defer os.Remove(fw.Name()) - - fr, err := os.Open(fw.Name()) - assert.NilError(t, err) - - dec := &lineDecoder{} - dec.Reset(fr) - - var since, until time.Time - rotate := make(chan interface{}) - evict := make(chan interface{}) - - var wg sync.WaitGroup - wg.Add(1) - go func() { - defer wg.Done() - followLogs(fr, lw, rotate, evict, dec, since, until) - }() - - sendReceive := func(f io.Writer, message string) { - _, err = f.Write([]byte(message)) - assert.NilError(t, err) - m := <-lw.Msg - assert.Equal(t, message, string(m.Line)) - } - - sendReceive(fw, "log1\n") - sendReceive(fw, "log2\n") - - ft, err := os.OpenFile(fw.Name(), os.O_WRONLY|os.O_TRUNC, 0600) - assert.NilError(t, err) - - sendReceive(ft, "log3\n") - - evict <- errors.New("stop followLogs") - wg.Wait() - - // followLogs calls Reset() in the beginning, - // each 3 writes result Reset(), then handleDecodeErr() calles Reset(). - assert.Equal(t, 5, dec.resetCount) -} - func TestCheckCapacityAndRotate(t *testing.T) { dir, err := ioutil.TempDir("", t.Name()) assert.NilError(t, err) From b2684c18573508394bed07199152e5eda6f1d6ff Mon Sep 17 00:00:00 2001 From: "dmytro.iakovliev" Date: Mon, 8 Feb 2021 12:57:00 +0200 Subject: [PATCH 207/252] Fix for lack of syncromization in daemon/update.go Signed-off-by: dmytro.iakovliev (cherry picked from commit 58825ffc3243f13795b36f430726ae8e3e14bed0) Signed-off-by: Sebastiaan van Stijn --- daemon/update.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/daemon/update.go b/daemon/update.go index ce2376a24875d..65ea6885e6b48 100644 --- a/daemon/update.go +++ b/daemon/update.go @@ -42,20 +42,25 @@ func (daemon *Daemon) update(name string, hostConfig *container.HostConfig) erro restoreConfig := false backupHostConfig := *ctr.HostConfig + defer func() { if restoreConfig { ctr.Lock() - ctr.HostConfig = &backupHostConfig - ctr.CheckpointTo(daemon.containersReplica) + if !ctr.RemovalInProgress && !ctr.Dead { + ctr.HostConfig = &backupHostConfig + ctr.CheckpointTo(daemon.containersReplica) + } ctr.Unlock() } }() + ctr.Lock() + if ctr.RemovalInProgress || ctr.Dead { + ctr.Unlock() return errCannotUpdate(ctr.ID, fmt.Errorf("container is marked for removal and cannot be \"update\"")) } - ctr.Lock() if err := ctr.UpdateContainer(hostConfig); err != nil { restoreConfig = true ctr.Unlock() @@ -66,6 +71,7 @@ func (daemon *Daemon) update(name string, hostConfig *container.HostConfig) erro ctr.Unlock() return errCannotUpdate(ctr.ID, err) } + ctr.Unlock() // if Restart Policy changed, we need to update container monitor From ad21bcd94e956d64f4ca0539e0d077664fe5c780 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 12 Jan 2022 00:26:58 +0100 Subject: [PATCH 208/252] Jenkinsfile: remove Windows RS1 as it reached end of support It was already disabled by default, but removing it now that it reached end of the line. Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 9326ea5b99aeaeff05df7bfe8d2b5cedb4c798dd) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 68 ----------------------------------------------------- 1 file changed, 68 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 87e7a40c4d559..8b0b3a1cd61a1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -16,7 +16,6 @@ pipeline { booleanParam(name: 'arm64', defaultValue: true, description: 'ARM (arm64) Build/Test') booleanParam(name: 's390x', defaultValue: false, description: 'IBM Z (s390x) Build/Test') booleanParam(name: 'ppc64le', defaultValue: false, description: 'PowerPC (ppc64le) Build/Test') - booleanParam(name: 'windowsRS1', defaultValue: false, description: 'Windows 2016 (RS1) Build/Test') booleanParam(name: 'windowsRS5', defaultValue: true, description: 'Windows 2019 (RS5) Build/Test') booleanParam(name: 'dco', defaultValue: true, description: 'Run the DCO check') } @@ -1048,73 +1047,6 @@ pipeline { } } } - stage('win-RS1') { - when { - beforeAgent true - // Skip this stage on PRs unless the windowsRS1 checkbox is selected - anyOf { - not { changeRequest() } - expression { params.windowsRS1 } - } - } - environment { - DOCKER_BUILDKIT = '0' - DOCKER_DUT_DEBUG = '1' - SKIP_VALIDATION_TESTS = '1' - SOURCES_DRIVE = 'd' - SOURCES_SUBDIR = 'gopath' - TESTRUN_DRIVE = 'd' - TESTRUN_SUBDIR = "CI" - WINDOWS_BASE_IMAGE = 'mcr.microsoft.com/windows/servercore' - WINDOWS_BASE_IMAGE_TAG = 'ltsc2016' - } - agent { - node { - customWorkspace 'd:\\gopath\\src\\github.com\\docker\\docker' - label 'windows-2016' - } - } - stages { - stage("Print info") { - steps { - sh 'docker version' - sh 'docker info' - } - } - stage("Run tests") { - steps { - powershell ''' - $ErrorActionPreference = 'Stop' - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - Invoke-WebRequest https://github.com/moby/docker-ci-zap/blob/master/docker-ci-zap.exe?raw=true -OutFile C:/Windows/System32/docker-ci-zap.exe - ./hack/ci/windows.ps1 - exit $LastExitCode - ''' - } - } - } - post { - always { - junit testResults: 'bundles/junit-report-*.xml', allowEmptyResults: true - catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE', message: 'Failed to create bundles.tar.gz') { - powershell ''' - cd $env:WORKSPACE - $bundleName="windowsRS1-integration" - Write-Host -ForegroundColor Green "Creating ${bundleName}-bundles.zip" - - # archiveArtifacts does not support env-vars to , so save the artifacts in a fixed location - Compress-Archive -Path "bundles/CIDUT.out", "bundles/CIDUT.err", "bundles/junit-report-*.xml" -CompressionLevel Optimal -DestinationPath "${bundleName}-bundles.zip" - ''' - - archiveArtifacts artifacts: '*-bundles.zip', allowEmptyArchive: true - } - } - cleanup { - sh 'make clean' - deleteDir() - } - } - } stage('win-RS5') { when { beforeAgent true From a961b76aefee4a4859961891dbb2af67d2138ac0 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:43:45 +0200 Subject: [PATCH 209/252] Add RestartPolicy "no" to swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 90294e9bdbfd3edd6d5bbbdcfdc26c27481482a8) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index bada4a8e3c876..87989b048d1cd 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -382,11 +382,13 @@ definitions: type: "string" description: | - Empty string means not to restart + - `no` Do not automatically restart - `always` Always restart - `unless-stopped` Restart always except when the user has manually stopped the container - `on-failure` Restart only when the container exit code is non-zero enum: - "" + - "no" - "always" - "unless-stopped" - "on-failure" From 751cf68e36d437098b98f8ec4ca462738047450a Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:46:19 +0200 Subject: [PATCH 210/252] Add "changes" query parameter for /image/create to swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 050f5f29f74daccf381c62d9af76abeb6138f89a) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 87989b048d1cd..8e39a16cb55b9 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -7502,6 +7502,18 @@ paths: Refer to the [authentication section](#section/Authentication) for details. type: "string" + - name: "changes" + in: "query" + description: | + Apply `Dockerfile` instructions to the image that is created, + for example: `changes=ENV DEBUG=true`. + Note that `ENV DEBUG=true` should be URI component encoded. + + Supported `Dockerfile` instructions: + `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR` + type: "array" + items: + type: "string" - name: "platform" in: "query" description: "Platform in the format os[/arch[/variant]]" From 8a5240a8aa3efb8909741033ea3f00987d0106d9 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:48:34 +0200 Subject: [PATCH 211/252] Fix ContainerSummary swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 9ac2d04617170341546fb6909af64287b4049cf8) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 130 ++++++++++++++++++++++---------------------- 1 file changed, 65 insertions(+), 65 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 8e39a16cb55b9..cf4a84482168c 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -4024,73 +4024,71 @@ definitions: Warning: "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" ContainerSummary: - type: "array" - items: - type: "object" - properties: - Id: - description: "The ID of this container" - type: "string" - x-go-name: "ID" - Names: - description: "The names that this container has been given" - type: "array" - items: - type: "string" - Image: - description: "The name of the image used when creating this container" - type: "string" - ImageID: - description: "The ID of the image that this container was created from" + type: "object" + properties: + Id: + description: "The ID of this container" + type: "string" + x-go-name: "ID" + Names: + description: "The names that this container has been given" + type: "array" + items: type: "string" - Command: - description: "Command to run when starting the container" + Image: + description: "The name of the image used when creating this container" + type: "string" + ImageID: + description: "The ID of the image that this container was created from" + type: "string" + Command: + description: "Command to run when starting the container" + type: "string" + Created: + description: "When the container was created" + type: "integer" + format: "int64" + Ports: + description: "The ports exposed by this container" + type: "array" + items: + $ref: "#/definitions/Port" + SizeRw: + description: "The size of files that have been created or changed by this container" + type: "integer" + format: "int64" + SizeRootFs: + description: "The total size of all the files in this container" + type: "integer" + format: "int64" + Labels: + description: "User-defined key/value metadata." + type: "object" + additionalProperties: type: "string" - Created: - description: "When the container was created" - type: "integer" - format: "int64" - Ports: - description: "The ports exposed by this container" - type: "array" - items: - $ref: "#/definitions/Port" - SizeRw: - description: "The size of files that have been created or changed by this container" - type: "integer" - format: "int64" - SizeRootFs: - description: "The total size of all the files in this container" - type: "integer" - format: "int64" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: + State: + description: "The state of this container (e.g. `Exited`)" + type: "string" + Status: + description: "Additional human-readable status of this container (e.g. `Exit 0`)" + type: "string" + HostConfig: + type: "object" + properties: + NetworkMode: type: "string" - State: - description: "The state of this container (e.g. `Exited`)" - type: "string" - Status: - description: "Additional human-readable status of this container (e.g. `Exit 0`)" - type: "string" - HostConfig: - type: "object" - properties: - NetworkMode: - type: "string" - NetworkSettings: - description: "A summary of the container's network settings" - type: "object" - properties: - Networks: - type: "object" - additionalProperties: - $ref: "#/definitions/EndpointSettings" - Mounts: - type: "array" - items: - $ref: "#/definitions/Mount" + NetworkSettings: + description: "A summary of the container's network settings" + type: "object" + properties: + Networks: + type: "object" + additionalProperties: + $ref: "#/definitions/EndpointSettings" + Mounts: + type: "array" + items: + $ref: "#/definitions/Mount" Driver: description: "Driver represents a driver (network, logging, secrets)." @@ -5263,7 +5261,9 @@ paths: 200: description: "no error" schema: - $ref: "#/definitions/ContainerSummary" + type: "array" + items: + $ref: "#/definitions/ContainerSummary" examples: application/json: - Id: "8dfafdbc3a40" From 621bfddd6ee34cd123460c40ac2b2269296089ce Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:50:07 +0200 Subject: [PATCH 212/252] Use explicit object names for improved swagger based code generation Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 6e421a1823dfd978dbdb37d4515e4642d082aa1b) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index cf4a84482168c..8a3c56dee50c2 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -4366,7 +4366,6 @@ definitions: type: "string" example: "2020-06-22T15:49:27.000000000+00:00" - SystemInfo: type: "object" properties: @@ -8507,6 +8506,7 @@ paths: description: "Exec configuration" schema: type: "object" + title: "ExecConfig" properties: AttachStdin: type: "boolean" @@ -8597,6 +8597,7 @@ paths: in: "body" schema: type: "object" + title: "ExecStartConfig" properties: Detach: type: "boolean" @@ -9131,6 +9132,7 @@ paths: required: true schema: type: "object" + title: "NetworkCreateRequest" required: ["Name"] properties: Name: @@ -9241,6 +9243,7 @@ paths: required: true schema: type: "object" + title: "NetworkDisconnectRequest" properties: Container: type: "string" @@ -9287,6 +9290,7 @@ paths: required: true schema: type: "object" + title: "NetworkConnectRequest" properties: Container: type: "string" @@ -9946,6 +9950,7 @@ paths: required: true schema: type: "object" + title: "SwarmInitRequest" properties: ListenAddr: description: | @@ -10044,6 +10049,7 @@ paths: required: true schema: type: "object" + title: "SwarmJoinRequest" properties: ListenAddr: description: | @@ -10204,6 +10210,7 @@ paths: required: true schema: type: "object" + title: "SwarmUnlockRequest" properties: UnlockKey: description: "The swarm's unlock key." From 2c38a2a63503044f3a515466aa03ff3d11146b6d Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Thu, 19 Aug 2021 20:25:16 +0200 Subject: [PATCH 213/252] Extract PluginPrivilegeItem as explicit type definition Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 7248ebcd7ebd5b11ef3e4acfe93886898627f4cc) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 75 +++++++++++++-------------------------------- 1 file changed, 22 insertions(+), 53 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 8a3c56dee50c2..31998eac16d87 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -2190,6 +2190,24 @@ definitions: type: "string" x-nullable: false + PluginPrivilegeItem: + description: | + Describes a permission the user has to accept upon installing + the plugin. + type: "object" + properties: + Name: + type: "string" + example: "network" + Description: + type: "string" + Value: + type: "array" + items: + type: "string" + example: + - "host" + Plugin: description: "A plugin for the Engine API" type: "object" @@ -2972,19 +2990,7 @@ definitions: PluginPrivilege: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" ContainerSpec: type: "object" description: | @@ -9375,20 +9381,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission the user has to accept upon installing - the plugin. - type: "object" - title: "PluginPrivilegeItem" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" @@ -9464,19 +9457,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" @@ -9648,19 +9629,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" From b4b469eac2ca9eda1b91fd10ebd6c2998e2c84ca Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:54:23 +0200 Subject: [PATCH 214/252] Fix swagger docs to match the opencontainers image-spec Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit c0bc82cef1c7124540ddf67ef3cab3292e39cca9) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 31998eac16d87..2fc5562643871 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -11301,14 +11301,14 @@ paths: description: | A descriptor struct containing digest, media type, and size. properties: - MediaType: + mediaType: type: "string" - Size: + size: type: "integer" format: "int64" - Digest: + digest: type: "string" - URLs: + urls: type: "array" items: type: "string" @@ -11319,17 +11319,17 @@ paths: items: type: "object" properties: - Architecture: + architecture: type: "string" - OS: + os: type: "string" - OSVersion: + os.version: type: "string" - OSFeatures: + os.features: type: "array" items: type: "string" - Variant: + variant: type: "string" Features: type: "array" @@ -11344,12 +11344,12 @@ paths: URLs: - "" Platforms: - - Architecture: "amd64" - OS: "linux" - OSVersion: "" - OSFeatures: + - architecture: "amd64" + os: "linux" + os.version: "" + os.features: - "" - Variant: "" + variant: "" Features: - "" 401: From adf1e470a1139a125c9a2bc35b158a68a5cef221 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:43:45 +0200 Subject: [PATCH 215/252] Add RestartPolicy "no" to swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit d3d78c1ae3bf6f243c0bbee7160343a203a9d3c7) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index d9b424c6ebe26..b69140a5b4882 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -382,11 +382,13 @@ definitions: type: "string" description: | - Empty string means not to restart + - `no` Do not automatically restart - `always` Always restart - `unless-stopped` Restart always except when the user has manually stopped the container - `on-failure` Restart only when the container exit code is non-zero enum: - "" + - "no" - "always" - "unless-stopped" - "on-failure" From 7092a6091cf3f24e6d212a2e83d2dc1197e84b40 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:46:19 +0200 Subject: [PATCH 216/252] Add "changes" query parameter for /image/create to swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 0e719f8a00e345c3595f5e21c3e4c1e71f924e2f) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index b69140a5b4882..d827441a1b0db 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -7334,6 +7334,18 @@ paths: Refer to the [authentication section](#section/Authentication) for details. type: "string" + - name: "changes" + in: "query" + description: | + Apply `Dockerfile` instructions to the image that is created, + for example: `changes=ENV DEBUG=true`. + Note that `ENV DEBUG=true` should be URI component encoded. + + Supported `Dockerfile` instructions: + `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR` + type: "array" + items: + type: "string" - name: "platform" in: "query" description: "Platform in the format os[/arch[/variant]]" From b8bee972c491d62847c032e44459421d1a3acab0 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:48:34 +0200 Subject: [PATCH 217/252] Fix ContainerSummary swagger docs Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 8168d1877d6ae8f0a6803530104c50759254848b) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 130 ++++++++++++++++++++++---------------------- 1 file changed, 65 insertions(+), 65 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index d827441a1b0db..380aaed2be7e4 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -3871,73 +3871,71 @@ definitions: Warning: "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" ContainerSummary: - type: "array" - items: - type: "object" - properties: - Id: - description: "The ID of this container" - type: "string" - x-go-name: "ID" - Names: - description: "The names that this container has been given" - type: "array" - items: - type: "string" - Image: - description: "The name of the image used when creating this container" - type: "string" - ImageID: - description: "The ID of the image that this container was created from" + type: "object" + properties: + Id: + description: "The ID of this container" + type: "string" + x-go-name: "ID" + Names: + description: "The names that this container has been given" + type: "array" + items: type: "string" - Command: - description: "Command to run when starting the container" + Image: + description: "The name of the image used when creating this container" + type: "string" + ImageID: + description: "The ID of the image that this container was created from" + type: "string" + Command: + description: "Command to run when starting the container" + type: "string" + Created: + description: "When the container was created" + type: "integer" + format: "int64" + Ports: + description: "The ports exposed by this container" + type: "array" + items: + $ref: "#/definitions/Port" + SizeRw: + description: "The size of files that have been created or changed by this container" + type: "integer" + format: "int64" + SizeRootFs: + description: "The total size of all the files in this container" + type: "integer" + format: "int64" + Labels: + description: "User-defined key/value metadata." + type: "object" + additionalProperties: type: "string" - Created: - description: "When the container was created" - type: "integer" - format: "int64" - Ports: - description: "The ports exposed by this container" - type: "array" - items: - $ref: "#/definitions/Port" - SizeRw: - description: "The size of files that have been created or changed by this container" - type: "integer" - format: "int64" - SizeRootFs: - description: "The total size of all the files in this container" - type: "integer" - format: "int64" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: + State: + description: "The state of this container (e.g. `Exited`)" + type: "string" + Status: + description: "Additional human-readable status of this container (e.g. `Exit 0`)" + type: "string" + HostConfig: + type: "object" + properties: + NetworkMode: type: "string" - State: - description: "The state of this container (e.g. `Exited`)" - type: "string" - Status: - description: "Additional human-readable status of this container (e.g. `Exit 0`)" - type: "string" - HostConfig: - type: "object" - properties: - NetworkMode: - type: "string" - NetworkSettings: - description: "A summary of the container's network settings" - type: "object" - properties: - Networks: - type: "object" - additionalProperties: - $ref: "#/definitions/EndpointSettings" - Mounts: - type: "array" - items: - $ref: "#/definitions/Mount" + NetworkSettings: + description: "A summary of the container's network settings" + type: "object" + properties: + Networks: + type: "object" + additionalProperties: + $ref: "#/definitions/EndpointSettings" + Mounts: + type: "array" + items: + $ref: "#/definitions/Mount" Driver: description: "Driver represents a driver (network, logging, secrets)." @@ -5105,7 +5103,9 @@ paths: 200: description: "no error" schema: - $ref: "#/definitions/ContainerSummary" + type: "array" + items: + $ref: "#/definitions/ContainerSummary" examples: application/json: - Id: "8dfafdbc3a40" From 8fbcf0611bb7f9f280b6b7e1470ea351bf840b96 Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:50:07 +0200 Subject: [PATCH 218/252] Use explicit object names for improved swagger based code generation Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit be93e50a581ee74d202e85c2f9610d2c78f4e496) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index 380aaed2be7e4..db22dc9537d7b 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -4213,7 +4213,6 @@ definitions: type: "string" example: "2020-06-22T15:49:27.000000000+00:00" - SystemInfo: type: "object" properties: @@ -8337,6 +8336,7 @@ paths: description: "Exec configuration" schema: type: "object" + title: "ExecConfig" properties: AttachStdin: type: "boolean" @@ -8427,6 +8427,7 @@ paths: in: "body" schema: type: "object" + title: "ExecStartConfig" properties: Detach: type: "boolean" @@ -8961,6 +8962,7 @@ paths: required: true schema: type: "object" + title: "NetworkCreateRequest" required: ["Name"] properties: Name: @@ -9071,6 +9073,7 @@ paths: required: true schema: type: "object" + title: "NetworkDisconnectRequest" properties: Container: type: "string" @@ -9117,6 +9120,7 @@ paths: required: true schema: type: "object" + title: "NetworkConnectRequest" properties: Container: type: "string" @@ -9776,6 +9780,7 @@ paths: required: true schema: type: "object" + title: "SwarmJoinRequest" properties: ListenAddr: description: | @@ -9874,6 +9879,7 @@ paths: required: true schema: type: "object" + title: "SwarmInitRequest" properties: ListenAddr: description: | @@ -10034,6 +10040,7 @@ paths: required: true schema: type: "object" + title: "SwarmUnlockRequest" properties: UnlockKey: description: "The swarm's unlock key." From 13cbf7fbb7d07ef691ad45406a7349891b672bbf Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Thu, 19 Aug 2021 20:25:16 +0200 Subject: [PATCH 219/252] Extract PluginPrivilegeItem as explicit type definition Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 6153c2f08d9043fd0f436b390aaf608867ebc7df) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 75 +++++++++++++-------------------------------- 1 file changed, 22 insertions(+), 53 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index db22dc9537d7b..bb7d60fcfafe1 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -2159,6 +2159,24 @@ definitions: type: "string" x-nullable: false + PluginPrivilegeItem: + description: | + Describes a permission the user has to accept upon installing + the plugin. + type: "object" + properties: + Name: + type: "string" + example: "network" + Description: + type: "string" + Value: + type: "array" + items: + type: "string" + example: + - "host" + Plugin: description: "A plugin for the Engine API" type: "object" @@ -2941,19 +2959,7 @@ definitions: PluginPrivilege: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" ContainerSpec: type: "object" description: | @@ -9205,20 +9211,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission the user has to accept upon installing - the plugin. - type: "object" - title: "PluginPrivilegeItem" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" @@ -9294,19 +9287,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" @@ -9478,19 +9459,7 @@ paths: schema: type: "array" items: - description: | - Describes a permission accepted by the user upon installing the - plugin. - type: "object" - properties: - Name: - type: "string" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" + $ref: "#/definitions/PluginPrivilegeItem" example: - Name: "network" Description: "" From 012fdff916da0638f9ba7ebf2838636544cc1a0b Mon Sep 17 00:00:00 2001 From: Tobias Gesellchen Date: Sun, 11 Jul 2021 22:54:23 +0200 Subject: [PATCH 220/252] Fix swagger docs to match the opencontainers image-spec Signed-off-by: Tobias Gesellchen Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 62cf748df92a918cf38b17850c5b728f42c014c9) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index bb7d60fcfafe1..da29747b05c8d 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -11126,14 +11126,14 @@ paths: description: | A descriptor struct containing digest, media type, and size. properties: - MediaType: + mediaType: type: "string" - Size: + size: type: "integer" format: "int64" - Digest: + digest: type: "string" - URLs: + urls: type: "array" items: type: "string" @@ -11144,17 +11144,17 @@ paths: items: type: "object" properties: - Architecture: + architecture: type: "string" - OS: + os: type: "string" - OSVersion: + os.version: type: "string" - OSFeatures: + os.features: type: "array" items: type: "string" - Variant: + variant: type: "string" Features: type: "array" @@ -11169,12 +11169,12 @@ paths: URLs: - "" Platforms: - - Architecture: "amd64" - OS: "linux" - OSVersion: "" - OSFeatures: + - architecture: "amd64" + os: "linux" + os.version: "" + os.features: - "" - Variant: "" + variant: "" Features: - "" 401: From 5e38ae84b23726ec48b5ac27858a69dd91adb97e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 20:58:25 +0200 Subject: [PATCH 221/252] api/swagger: fix up event-types and move to definitions Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 92ed6ca3566c79cf29f9f4fc9360833d7a0fa8f6) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 94 +++++++++++++++++++++++++++------------------ 1 file changed, 56 insertions(+), 38 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 2fc5562643871..e7b2f8c3d82d1 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -5204,6 +5204,61 @@ definitions: additionalProperties: type: "string" + EventActor: + description: | + Actor describes something that generates events, like a container, network, + or a volume. + type: "object" + properties: + ID: + description: "The ID of the object emitting the event" + type: "string" + example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" + Attributes: + description: | + Various key/value attributes of the object, depending on its type. + type: "object" + additionalProperties: + type: "string" + example: + com.example.some-label: "some-label-value" + image: "alpine:latest" + name: "my-container" + + EventMessage: + description: | + EventMessage represents the information an event contains. + type: "object" + title: "SystemEventsResponse" + properties: + Type: + description: "The type of object emitting the event" + type: "string" + enum: ["builder", "config", "container", "daemon", "image", "network", "node", "plugin", "secret", "service", "volume"] + example: "container" + Action: + description: "The type of event" + type: "string" + example: "create" + Actor: + $ref: "#/definitions/EventActor" + scope: + description: | + Scope of the event. Engine events are `local` scope. Cluster (Swarm) + events are `swarm` scope. + type: "string" + enum: ["local", "swarm"] + time: + description: "Timestamp of event" + type: "integer" + format: "int64" + example: 1629574695 + timeNano: + description: "Timestamp of event, with nanosecond accuracy" + type: "integer" + format: "int64" + example: 1629574695515050031 + paths: /containers/json: get: @@ -8193,44 +8248,7 @@ paths: 200: description: "no error" schema: - type: "object" - title: "SystemEventsResponse" - properties: - Type: - description: "The type of object emitting the event" - type: "string" - Action: - description: "The type of event" - type: "string" - Actor: - type: "object" - properties: - ID: - description: "The ID of the object emitting the event" - type: "string" - Attributes: - description: "Various key/value attributes of the object, depending on its type" - type: "object" - additionalProperties: - type: "string" - time: - description: "Timestamp of event" - type: "integer" - timeNano: - description: "Timestamp of event, with nanosecond accuracy" - type: "integer" - format: "int64" - examples: - application/json: - Type: "container" - Action: "create" - Actor: - ID: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" - Attributes: - com.example.some-label: "some-label-value" - image: "alpine" - name: "my-container" - time: 1461943101 + $ref: "#/definitions/EventMessage" 400: description: "bad parameter" schema: From d445d248041f302dbded61119477636710082c70 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 23:38:30 +0200 Subject: [PATCH 222/252] api/swagger: rename PluginPrivilegeItem to PluginPrivilege To match the name in Go Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 24a43d934c9f8b696d6a60a3fc3b28a89f7294f2) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index e7b2f8c3d82d1..866b4e0f826d5 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -2190,11 +2190,12 @@ definitions: type: "string" x-nullable: false - PluginPrivilegeItem: + PluginPrivilege: description: | Describes a permission the user has to accept upon installing the plugin. type: "object" + x-go-name: "PluginPrivilege" properties: Name: type: "string" @@ -2990,7 +2991,7 @@ definitions: PluginPrivilege: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" ContainerSpec: type: "object" description: | @@ -9399,7 +9400,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" @@ -9475,7 +9476,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" @@ -9647,7 +9648,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" From e6739a2884f046ba389073527e221c3d1e48200f Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 23:40:44 +0200 Subject: [PATCH 223/252] api/swagger: move DistributionInspect to definitions Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a65804adc47a29d99eff2babca03ce90b169bc8b) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.41.yaml | 159 +++++++++++++++++++++++++++----------------- 1 file changed, 98 insertions(+), 61 deletions(-) diff --git a/docs/api/v1.41.yaml b/docs/api/v1.41.yaml index 866b4e0f826d5..d7a544a7ee689 100644 --- a/docs/api/v1.41.yaml +++ b/docs/api/v1.41.yaml @@ -5260,6 +5260,103 @@ definitions: format: "int64" example: 1629574695515050031 + OCIDescriptor: + type: "object" + x-go-name: Descriptor + description: | + A descriptor struct containing digest, media type, and size, as defined in + the [OCI Content Descriptors Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md). + properties: + mediaType: + description: | + The media type of the object this schema refers to. + type: "string" + example: "application/vnd.docker.distribution.manifest.v2+json" + digest: + description: | + The digest of the targeted content. + type: "string" + example: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" + size: + description: | + The size in bytes of the blob. + type: "integer" + format: "int64" + example: 3987495 + # TODO Not yet including these fields for now, as they are nil / omitted in our response. + # urls: + # description: | + # List of URLs from which this object MAY be downloaded. + # type: "array" + # items: + # type: "string" + # format: "uri" + # annotations: + # description: | + # Arbitrary metadata relating to the targeted content. + # type: "object" + # additionalProperties: + # type: "string" + # platform: + # $ref: "#/definitions/OCIPlatform" + + OCIPlatform: + type: "object" + x-go-name: Platform + description: | + Describes the platform which the image in the manifest runs on, as defined + in the [OCI Image Index Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/image-index.md). + properties: + architecture: + description: | + The CPU architecture, for example `amd64` or `ppc64`. + type: "string" + example: "arm" + os: + description: | + The operating system, for example `linux` or `windows`. + type: "string" + example: "windows" + os.version: + description: | + Optional field specifying the operating system version, for example on + Windows `10.0.19041.1165`. + type: "string" + example: "10.0.19041.1165" + os.features: + description: | + Optional field specifying an array of strings, each listing a required + OS feature (for example on Windows `win32k`). + type: "array" + items: + type: "string" + example: + - "win32k" + variant: + description: | + Optional field specifying a variant of the CPU, for example `v7` to + specify ARMv7 when architecture is `arm`. + type: "string" + example: "v7" + + DistributionInspect: + type: "object" + x-go-name: DistributionInspect + title: "DistributionInspectResponse" + required: [Descriptor, Platforms] + description: | + Describes the result obtained from contacting the registry to retrieve + image metadata. + properties: + Descriptor: + $ref: "#/definitions/OCIDescriptor" + Platforms: + type: "array" + description: | + An array containing all platforms supported by the image. + items: + $ref: "#/definitions/OCIPlatform" + paths: /containers/json: get: @@ -11310,67 +11407,7 @@ paths: 200: description: "descriptor and platform information" schema: - type: "object" - x-go-name: DistributionInspect - title: "DistributionInspectResponse" - required: [Descriptor, Platforms] - properties: - Descriptor: - type: "object" - description: | - A descriptor struct containing digest, media type, and size. - properties: - mediaType: - type: "string" - size: - type: "integer" - format: "int64" - digest: - type: "string" - urls: - type: "array" - items: - type: "string" - Platforms: - type: "array" - description: | - An array containing all platforms supported by the image. - items: - type: "object" - properties: - architecture: - type: "string" - os: - type: "string" - os.version: - type: "string" - os.features: - type: "array" - items: - type: "string" - variant: - type: "string" - Features: - type: "array" - items: - type: "string" - examples: - application/json: - Descriptor: - MediaType: "application/vnd.docker.distribution.manifest.v2+json" - Digest: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" - Size: 3987495 - URLs: - - "" - Platforms: - - architecture: "amd64" - os: "linux" - os.version: "" - os.features: - - "" - variant: "" - Features: - - "" + $ref: "#/definitions/DistributionInspect" 401: description: "Failed authentication or no image found" schema: From 7f9760e10c6d36cdcfe0a80b66399833e3d5b648 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 20:58:25 +0200 Subject: [PATCH 224/252] api/swagger: fix up event-types and move to definitions Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 0b5a2e3c871eb86ff9a0284a0ab7406884a2b3b3) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 94 +++++++++++++++++++++++++++------------------ 1 file changed, 56 insertions(+), 38 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index da29747b05c8d..4730e06e0e4d9 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -5046,6 +5046,61 @@ definitions: additionalProperties: type: "string" + EventActor: + description: | + Actor describes something that generates events, like a container, network, + or a volume. + type: "object" + properties: + ID: + description: "The ID of the object emitting the event" + type: "string" + example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" + Attributes: + description: | + Various key/value attributes of the object, depending on its type. + type: "object" + additionalProperties: + type: "string" + example: + com.example.some-label: "some-label-value" + image: "alpine:latest" + name: "my-container" + + EventMessage: + description: | + EventMessage represents the information an event contains. + type: "object" + title: "SystemEventsResponse" + properties: + Type: + description: "The type of object emitting the event" + type: "string" + enum: ["builder", "config", "container", "daemon", "image", "network", "node", "plugin", "secret", "service", "volume"] + example: "container" + Action: + description: "The type of event" + type: "string" + example: "create" + Actor: + $ref: "#/definitions/EventActor" + scope: + description: | + Scope of the event. Engine events are `local` scope. Cluster (Swarm) + events are `swarm` scope. + type: "string" + enum: ["local", "swarm"] + time: + description: "Timestamp of event" + type: "integer" + format: "int64" + example: 1629574695 + timeNano: + description: "Timestamp of event, with nanosecond accuracy" + type: "integer" + format: "int64" + example: 1629574695515050031 + paths: /containers/json: get: @@ -8023,44 +8078,7 @@ paths: 200: description: "no error" schema: - type: "object" - title: "SystemEventsResponse" - properties: - Type: - description: "The type of object emitting the event" - type: "string" - Action: - description: "The type of event" - type: "string" - Actor: - type: "object" - properties: - ID: - description: "The ID of the object emitting the event" - type: "string" - Attributes: - description: "Various key/value attributes of the object, depending on its type" - type: "object" - additionalProperties: - type: "string" - time: - description: "Timestamp of event" - type: "integer" - timeNano: - description: "Timestamp of event, with nanosecond accuracy" - type: "integer" - format: "int64" - examples: - application/json: - Type: "container" - Action: "create" - Actor: - ID: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" - Attributes: - com.example.some-label: "some-label-value" - image: "alpine" - name: "my-container" - time: 1461943101 + $ref: "#/definitions/EventMessage" 400: description: "bad parameter" schema: From 13cb9d972389897d9900eb04f4de31f1d120957c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 23:38:30 +0200 Subject: [PATCH 225/252] api/swagger: rename PluginPrivilegeItem to PluginPrivilege To match the name in Go Signed-off-by: Sebastiaan van Stijn (cherry picked from commit ebd709f80c222ce326233b7d9607186d6df353b8) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index 4730e06e0e4d9..cb82636082490 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -2159,11 +2159,12 @@ definitions: type: "string" x-nullable: false - PluginPrivilegeItem: + PluginPrivilege: description: | Describes a permission the user has to accept upon installing the plugin. type: "object" + x-go-name: "PluginPrivilege" properties: Name: type: "string" @@ -2959,7 +2960,7 @@ definitions: PluginPrivilege: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" ContainerSpec: type: "object" description: | @@ -9229,7 +9230,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" @@ -9305,7 +9306,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" @@ -9477,7 +9478,7 @@ paths: schema: type: "array" items: - $ref: "#/definitions/PluginPrivilegeItem" + $ref: "#/definitions/PluginPrivilege" example: - Name: "network" Description: "" From f9344b45fe983d37dde95be858f5126662e3fdcc Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 21 Aug 2021 23:40:44 +0200 Subject: [PATCH 226/252] api/swagger: move DistributionInspect to definitions Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 16cb04c2e8aabb7dbae0cc71fa56d0182a83e361) Signed-off-by: Sebastiaan van Stijn --- docs/api/v1.40.yaml | 159 +++++++++++++++++++++++++++----------------- 1 file changed, 98 insertions(+), 61 deletions(-) diff --git a/docs/api/v1.40.yaml b/docs/api/v1.40.yaml index cb82636082490..e6f33451facb4 100644 --- a/docs/api/v1.40.yaml +++ b/docs/api/v1.40.yaml @@ -5102,6 +5102,103 @@ definitions: format: "int64" example: 1629574695515050031 + OCIDescriptor: + type: "object" + x-go-name: Descriptor + description: | + A descriptor struct containing digest, media type, and size, as defined in + the [OCI Content Descriptors Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md). + properties: + mediaType: + description: | + The media type of the object this schema refers to. + type: "string" + example: "application/vnd.docker.distribution.manifest.v2+json" + digest: + description: | + The digest of the targeted content. + type: "string" + example: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" + size: + description: | + The size in bytes of the blob. + type: "integer" + format: "int64" + example: 3987495 + # TODO Not yet including these fields for now, as they are nil / omitted in our response. + # urls: + # description: | + # List of URLs from which this object MAY be downloaded. + # type: "array" + # items: + # type: "string" + # format: "uri" + # annotations: + # description: | + # Arbitrary metadata relating to the targeted content. + # type: "object" + # additionalProperties: + # type: "string" + # platform: + # $ref: "#/definitions/OCIPlatform" + + OCIPlatform: + type: "object" + x-go-name: Platform + description: | + Describes the platform which the image in the manifest runs on, as defined + in the [OCI Image Index Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/image-index.md). + properties: + architecture: + description: | + The CPU architecture, for example `amd64` or `ppc64`. + type: "string" + example: "arm" + os: + description: | + The operating system, for example `linux` or `windows`. + type: "string" + example: "windows" + os.version: + description: | + Optional field specifying the operating system version, for example on + Windows `10.0.19041.1165`. + type: "string" + example: "10.0.19041.1165" + os.features: + description: | + Optional field specifying an array of strings, each listing a required + OS feature (for example on Windows `win32k`). + type: "array" + items: + type: "string" + example: + - "win32k" + variant: + description: | + Optional field specifying a variant of the CPU, for example `v7` to + specify ARMv7 when architecture is `arm`. + type: "string" + example: "v7" + + DistributionInspect: + type: "object" + x-go-name: DistributionInspect + title: "DistributionInspectResponse" + required: [Descriptor, Platforms] + description: | + Describes the result obtained from contacting the registry to retrieve + image metadata. + properties: + Descriptor: + $ref: "#/definitions/OCIDescriptor" + Platforms: + type: "array" + description: | + An array containing all platforms supported by the image. + items: + $ref: "#/definitions/OCIPlatform" + paths: /containers/json: get: @@ -11135,67 +11232,7 @@ paths: 200: description: "descriptor and platform information" schema: - type: "object" - x-go-name: DistributionInspect - title: "DistributionInspectResponse" - required: [Descriptor, Platforms] - properties: - Descriptor: - type: "object" - description: | - A descriptor struct containing digest, media type, and size. - properties: - mediaType: - type: "string" - size: - type: "integer" - format: "int64" - digest: - type: "string" - urls: - type: "array" - items: - type: "string" - Platforms: - type: "array" - description: | - An array containing all platforms supported by the image. - items: - type: "object" - properties: - architecture: - type: "string" - os: - type: "string" - os.version: - type: "string" - os.features: - type: "array" - items: - type: "string" - variant: - type: "string" - Features: - type: "array" - items: - type: "string" - examples: - application/json: - Descriptor: - MediaType: "application/vnd.docker.distribution.manifest.v2+json" - Digest: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" - Size: 3987495 - URLs: - - "" - Platforms: - - architecture: "amd64" - os: "linux" - os.version: "" - os.features: - - "" - variant: "" - Features: - - "" + $ref: "#/definitions/DistributionInspect" 401: description: "Failed authentication or no image found" schema: From d1b3497bfa7d44e2b494ffea7368605250f43ced Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 21 Jan 2022 18:13:37 +0100 Subject: [PATCH 227/252] [20.10] vendor: github.com/docker/distribution v2.8.0 full diff: https://github.com/thajeztah/distribution/compare/58f99e93b767ebacbf8e62a9074844712d31a177...distribution:v2.8.0 (taking my own fork for the diff link, as the samuelkarp fork didn't have a reference to the upstream) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 2 +- vendor/github.com/docker/distribution/README.md | 2 +- vendor/github.com/docker/distribution/blobs.go | 2 +- .../distribution/manifest/manifestlist/manifestlist.go | 2 +- .../docker/distribution/manifest/ocischema/builder.go | 2 +- .../docker/distribution/manifest/ocischema/manifest.go | 2 +- .../docker/distribution/registry/client/repository.go | 9 +++++++-- vendor/github.com/docker/distribution/vendor.conf | 6 +++--- 8 files changed, 16 insertions(+), 11 deletions(-) diff --git a/vendor.conf b/vendor.conf index 503c9d229d7a7..e1ca33ce5c945 100644 --- a/vendor.conf +++ b/vendor.conf @@ -76,7 +76,7 @@ github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d30 go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 # get graph and distribution packages -github.com/docker/distribution 58f99e93b767ebacbf8e62a9074844712d31a177 https://github.com/samuelkarp/docker-distribution.git +github.com/docker/distribution dcf66392d606f50bf3a9286dcb4bdcdfb7c0e83a # v2.8.0 github.com/vbatts/tar-split 620714a4c508c880ac1bdda9c8370a2b19af1a55 # v0.11.1 github.com/opencontainers/go-digest ea51bea511f75cfa3ef6098cc253c5c3609b037a # v1.0.0 diff --git a/vendor/github.com/docker/distribution/README.md b/vendor/github.com/docker/distribution/README.md index 998878850cde3..e513c18e969c8 100644 --- a/vendor/github.com/docker/distribution/README.md +++ b/vendor/github.com/docker/distribution/README.md @@ -2,7 +2,7 @@ The Docker toolset to pack, ship, store, and deliver content. -This repository's main product is the Docker Registry 2.0 implementation +This repository provides the Docker Registry 2.0 implementation for storing and distributing Docker images. It supersedes the [docker/docker-registry](https://github.com/docker/docker-registry) project with a new API design, focused around security and performance. diff --git a/vendor/github.com/docker/distribution/blobs.go b/vendor/github.com/docker/distribution/blobs.go index c0e9261be9321..2a659eaa36830 100644 --- a/vendor/github.com/docker/distribution/blobs.go +++ b/vendor/github.com/docker/distribution/blobs.go @@ -10,7 +10,7 @@ import ( "github.com/docker/distribution/reference" "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go/v1" + v1 "github.com/opencontainers/image-spec/specs-go/v1" ) var ( diff --git a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go index 09b3609737456..bea2341c76b93 100644 --- a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go +++ b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go @@ -8,7 +8,7 @@ import ( "github.com/docker/distribution" "github.com/docker/distribution/manifest" "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go/v1" + v1 "github.com/opencontainers/image-spec/specs-go/v1" ) const ( diff --git a/vendor/github.com/docker/distribution/manifest/ocischema/builder.go b/vendor/github.com/docker/distribution/manifest/ocischema/builder.go index d90453bcf8671..b89bf5b714076 100644 --- a/vendor/github.com/docker/distribution/manifest/ocischema/builder.go +++ b/vendor/github.com/docker/distribution/manifest/ocischema/builder.go @@ -7,7 +7,7 @@ import ( "github.com/docker/distribution" "github.com/docker/distribution/manifest" "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go/v1" + v1 "github.com/opencontainers/image-spec/specs-go/v1" ) // Builder is a type for constructing manifests. diff --git a/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go b/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go index 910a64afb42c7..d51f8debb1291 100644 --- a/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go +++ b/vendor/github.com/docker/distribution/manifest/ocischema/manifest.go @@ -8,7 +8,7 @@ import ( "github.com/docker/distribution" "github.com/docker/distribution/manifest" "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go/v1" + v1 "github.com/opencontainers/image-spec/specs-go/v1" ) var ( diff --git a/vendor/github.com/docker/distribution/registry/client/repository.go b/vendor/github.com/docker/distribution/registry/client/repository.go index aa442e654064c..3e2ae66d3cf8c 100644 --- a/vendor/github.com/docker/distribution/registry/client/repository.go +++ b/vendor/github.com/docker/distribution/registry/client/repository.go @@ -16,7 +16,7 @@ import ( "github.com/docker/distribution" "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/v2" + v2 "github.com/docker/distribution/registry/api/v2" "github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/storage/cache" "github.com/docker/distribution/registry/storage/cache/memory" @@ -736,7 +736,12 @@ func (bs *blobs) Create(ctx context.Context, options ...distribution.BlobCreateO return nil, err } - resp, err := bs.client.Post(u, "", nil) + req, err := http.NewRequest("POST", u, nil) + if err != nil { + return nil, err + } + + resp, err := bs.client.Do(req) if err != nil { return nil, err } diff --git a/vendor/github.com/docker/distribution/vendor.conf b/vendor/github.com/docker/distribution/vendor.conf index 12f71672f3964..bd1b4bff61cc2 100644 --- a/vendor/github.com/docker/distribution/vendor.conf +++ b/vendor/github.com/docker/distribution/vendor.conf @@ -7,8 +7,8 @@ github.com/beorn7/perks 4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9 github.com/bugsnag/bugsnag-go b1d153021fcd90ca3f080db36bec96dc690fb274 github.com/bugsnag/osext 0dd3f918b21bec95ace9dc86c7e70266cfc5c702 github.com/bugsnag/panicwrap e2c28503fcd0675329da73bf48b33404db873782 -github.com/denverdino/aliyungo 6df11717a253d9c7d4141f9af4deaa7c580cd531 -github.com/dgrijalva/jwt-go a601269ab70c205d26370c16f7c81e9017c14e04 +github.com/denverdino/aliyungo afedced274aa9a7fcdd47ac97018f0f8db4e5de2 +github.com/dgrijalva/jwt-go 4bbdd8ac624fc7a9ef7aec841c43d99b5fe65a29 https://github.com/golang-jwt/jwt.git # v3.2.2 github.com/docker/go-metrics 399ea8c73916000c64c2c76e8da00ca82f8387ab github.com/docker/libtrust fa567046d9b14f6aa788882a950d69651d230b21 github.com/garyburd/redigo 535138d7bcd717d6531c701ef5933d98b1866257 @@ -48,4 +48,4 @@ gopkg.in/square/go-jose.v1 40d457b439244b546f023d056628e5184136899b gopkg.in/yaml.v2 v2.2.1 rsc.io/letsencrypt e770c10b0f1a64775ae91d240407ce00d1a5bdeb https://github.com/dmcgowan/letsencrypt.git github.com/opencontainers/go-digest a6d0ee40d4207ea02364bd3b9e8e77b9159ba1eb -github.com/opencontainers/image-spec ab7389ef9f50030c9b245bc16b981c7ddf192882 +github.com/opencontainers/image-spec 67d2d5658fe0476ab9bf414cec164077ebff3920 # v1.0.2 From 878b9de9350159700b1fe02b7000613a9e9191ad Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 28 Jan 2022 12:39:17 +0100 Subject: [PATCH 228/252] daemon/graphdriver/fuse-overlayfs: Init(): fix directory permissions (staticcheck) daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go:101:63: SA9002: file mode '700' evaluates to 01274; did you mean '0700'? (staticcheck) if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 700, currentID); err != nil { ^ Signed-off-by: Sebastiaan van Stijn (cherry picked from commit f9fb5d4f25b8dd539e23e4a82ba2b7ae42677219) Signed-off-by: Sebastiaan van Stijn --- daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go index 1bf30f42980ab..8aab5cf922e0e 100644 --- a/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go +++ b/daemon/graphdriver/fuse-overlayfs/fuseoverlayfs.go @@ -98,7 +98,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap if err := idtools.MkdirAllAndChown(home, 0710, dirID); err != nil { return nil, err } - if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 700, currentID); err != nil { + if err := idtools.MkdirAllAndChown(path.Join(home, linkDir), 0700, currentID); err != nil { return nil, err } From 9502dec32f438955b08e9c926f1a81277158c7ef Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 15 Feb 2022 16:21:26 +0100 Subject: [PATCH 229/252] [20.10] Update Go to 1.16.14 Includes security fixes for crypto/elliptic (CVE-2022-23806), math/big (CVE-2022-23772), and cmd/go (CVE-2022-23773). go1.16.14 (released 2022-02-10) includes security fixes to the crypto/elliptic, math/big packages and to the go command, as well as bug fixes to the compiler, linker, runtime, the go command, and the debug/macho, debug/pe, net/http/httptest, and testing packages. See the Go 1.16.14 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.14+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.16.13...go1.16.14 Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 2 +- Dockerfile.e2e | 2 +- Dockerfile.simple | 2 +- Dockerfile.windows | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index d6f0af84dd8c3..b6a5bcb555f99 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG CROSS="false" ARG SYSTEMD="false" # IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 ARG DEBIAN_FRONTEND=noninteractive ARG VPNKIT_VERSION=0.5.0 ARG DOCKER_BUILDTAGS="apparmor seccomp" diff --git a/Dockerfile.e2e b/Dockerfile.e2e index 7ed2b98764473..f5f5507816ea9 100644 --- a/Dockerfile.e2e +++ b/Dockerfile.e2e @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 FROM golang:${GO_VERSION}-alpine AS base ENV GO111MODULE=off diff --git a/Dockerfile.simple b/Dockerfile.simple index c948e76fcdfe9..eef8247d88ec5 100644 --- a/Dockerfile.simple +++ b/Dockerfile.simple @@ -5,7 +5,7 @@ # This represents the bare minimum required to build and test Docker. -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 FROM golang:${GO_VERSION}-buster ENV GO111MODULE=off diff --git a/Dockerfile.windows b/Dockerfile.windows index 2cf7b02f0f20d..7696bb555ad61 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -165,7 +165,7 @@ FROM microsoft/windowsservercore # Use PowerShell as the default shell SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -ARG GO_VERSION=1.16.13 +ARG GO_VERSION=1.16.14 ARG GOTESTSUM_VERSION=v1.7.0 # Environment variable notes: From df6a53619331f5be717f1f3346db34e7e05c1456 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 6 Apr 2021 12:04:11 +0200 Subject: [PATCH 230/252] vendor: github.com/coreos/etcd v3.3.25 full diff: https://github.com/coreos/etcd/compare/v3.3.12...v3.3.25 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 2bef937507e77b976ffb2baf22d20c15edf24391) Signed-off-by: Sebastiaan van Stijn --- vendor.conf | 6 +- vendor/github.com/coreos/etcd/client/json.go | 72 + .../coreos/etcd/client/keys.generated.go | 5218 --- vendor/github.com/coreos/etcd/client/keys.go | 7 +- .../coreos/etcd/pkg/fileutil/dir_unix.go | 5 + .../coreos/etcd/pkg/fileutil/dir_windows.go | 5 + .../coreos/etcd/pkg/fileutil/fileutil.go | 43 +- .../coreos/etcd/pkg/fileutil/purge.go | 14 +- .../coreos/etcd/pkg/ioutil/pagewriter.go | 17 +- vendor/github.com/coreos/etcd/raft/logger.go | 2 +- vendor/github.com/coreos/etcd/raft/raft.go | 1 + .../coreos/etcd/raft/raftpb/raft.pb.go | 1069 +- .../coreos/etcd/snap/snappb/snap.pb.go | 159 +- .../coreos/etcd/snap/snapshotter.go | 82 +- .../github.com/coreos/etcd/version/version.go | 2 +- vendor/github.com/coreos/etcd/wal/decoder.go | 8 + vendor/github.com/coreos/etcd/wal/encoder.go | 12 +- vendor/github.com/coreos/etcd/wal/metrics.go | 7 + vendor/github.com/coreos/etcd/wal/repair.go | 5 + vendor/github.com/coreos/etcd/wal/wal.go | 256 +- .../coreos/etcd/wal/walpb/record.pb.go | 260 +- .../{ugorji => json-iterator}/go/LICENSE | 5 +- vendor/github.com/json-iterator/go/README.md | 87 + vendor/github.com/json-iterator/go/adapter.go | 150 + vendor/github.com/json-iterator/go/any.go | 325 + .../github.com/json-iterator/go/any_array.go | 278 + .../github.com/json-iterator/go/any_bool.go | 137 + .../github.com/json-iterator/go/any_float.go | 83 + .../github.com/json-iterator/go/any_int32.go | 74 + .../github.com/json-iterator/go/any_int64.go | 74 + .../json-iterator/go/any_invalid.go | 82 + vendor/github.com/json-iterator/go/any_nil.go | 69 + .../github.com/json-iterator/go/any_number.go | 123 + .../github.com/json-iterator/go/any_object.go | 374 + vendor/github.com/json-iterator/go/any_str.go | 166 + .../github.com/json-iterator/go/any_uint32.go | 74 + .../github.com/json-iterator/go/any_uint64.go | 74 + vendor/github.com/json-iterator/go/config.go | 375 + vendor/github.com/json-iterator/go/go.mod | 11 + vendor/github.com/json-iterator/go/iter.go | 349 + .../github.com/json-iterator/go/iter_array.go | 64 + .../github.com/json-iterator/go/iter_float.go | 339 + .../github.com/json-iterator/go/iter_int.go | 345 + .../json-iterator/go/iter_object.go | 267 + .../github.com/json-iterator/go/iter_skip.go | 130 + .../json-iterator/go/iter_skip_sloppy.go | 163 + .../json-iterator/go/iter_skip_strict.go | 99 + .../github.com/json-iterator/go/iter_str.go | 215 + .../github.com/json-iterator/go/jsoniter.go | 18 + vendor/github.com/json-iterator/go/pool.go | 42 + vendor/github.com/json-iterator/go/reflect.go | 337 + .../json-iterator/go/reflect_array.go | 104 + .../json-iterator/go/reflect_dynamic.go | 70 + .../json-iterator/go/reflect_extension.go | 483 + .../json-iterator/go/reflect_json_number.go | 112 + .../go/reflect_json_raw_message.go | 60 + .../json-iterator/go/reflect_map.go | 346 + .../json-iterator/go/reflect_marshaler.go | 225 + .../json-iterator/go/reflect_native.go | 453 + .../json-iterator/go/reflect_optional.go | 129 + .../json-iterator/go/reflect_slice.go | 99 + .../go/reflect_struct_decoder.go | 1092 + .../go/reflect_struct_encoder.go | 211 + vendor/github.com/json-iterator/go/stream.go | 210 + .../json-iterator/go/stream_float.go | 111 + .../github.com/json-iterator/go/stream_int.go | 190 + .../github.com/json-iterator/go/stream_str.go | 372 + .../github.com/modern-go/concurrent/LICENSE | 201 + .../github.com/modern-go/concurrent/README.md | 49 + .../modern-go/concurrent/executor.go | 14 + .../modern-go/concurrent/go_above_19.go | 15 + .../modern-go/concurrent/go_below_19.go | 33 + vendor/github.com/modern-go/concurrent/log.go | 13 + .../concurrent/unbounded_executor.go | 119 + vendor/github.com/modern-go/reflect2/LICENSE | 201 + .../github.com/modern-go/reflect2/README.md | 71 + .../modern-go/reflect2/go_above_17.go | 8 + .../modern-go/reflect2/go_above_19.go | 14 + .../modern-go/reflect2/go_below_17.go | 9 + .../modern-go/reflect2/go_below_19.go | 14 + .../github.com/modern-go/reflect2/reflect2.go | 298 + .../modern-go/reflect2/reflect2_amd64.s | 0 .../modern-go/reflect2/reflect2_kind.go | 30 + .../modern-go/reflect2/relfect2_386.s | 0 .../modern-go/reflect2/relfect2_amd64p32.s | 0 .../modern-go/reflect2/relfect2_arm.s | 0 .../modern-go/reflect2/relfect2_arm64.s | 0 .../modern-go/reflect2/relfect2_mips64x.s | 0 .../modern-go/reflect2/relfect2_mipsx.s | 0 .../modern-go/reflect2/relfect2_ppc64x.s | 0 .../modern-go/reflect2/relfect2_s390x.s | 0 .../modern-go/reflect2/safe_field.go | 58 + .../github.com/modern-go/reflect2/safe_map.go | 101 + .../modern-go/reflect2/safe_slice.go | 92 + .../modern-go/reflect2/safe_struct.go | 29 + .../modern-go/reflect2/safe_type.go | 78 + .../github.com/modern-go/reflect2/type_map.go | 113 + .../modern-go/reflect2/unsafe_array.go | 65 + .../modern-go/reflect2/unsafe_eface.go | 59 + .../modern-go/reflect2/unsafe_field.go | 74 + .../modern-go/reflect2/unsafe_iface.go | 64 + .../modern-go/reflect2/unsafe_link.go | 70 + .../modern-go/reflect2/unsafe_map.go | 138 + .../modern-go/reflect2/unsafe_ptr.go | 46 + .../modern-go/reflect2/unsafe_slice.go | 177 + .../modern-go/reflect2/unsafe_struct.go | 59 + .../modern-go/reflect2/unsafe_type.go | 85 + vendor/github.com/ugorji/go/README.md | 31 - vendor/github.com/ugorji/go/codec/0doc.go | 264 - vendor/github.com/ugorji/go/codec/README.md | 206 - vendor/github.com/ugorji/go/codec/binc.go | 1168 - vendor/github.com/ugorji/go/codec/cbor.go | 756 - vendor/github.com/ugorji/go/codec/decode.go | 2552 -- vendor/github.com/ugorji/go/codec/encode.go | 1375 - .../ugorji/go/codec/fast-path.generated.go | 34522 ---------------- .../ugorji/go/codec/fast-path.not.go | 47 - .../ugorji/go/codec/gen-helper.generated.go | 335 - .../ugorji/go/codec/gen.generated.go | 164 - vendor/github.com/ugorji/go/codec/gen.go | 2139 - .../go/codec/goversion_arrayof_gte_go15.go | 14 - .../go/codec/goversion_arrayof_lt_go15.go | 14 - .../go/codec/goversion_makemap_gte_go19.go | 15 - .../go/codec/goversion_makemap_lt_go19.go | 12 - ...version_unexportedembeddedptr_gte_go110.go | 8 - ...oversion_unexportedembeddedptr_lt_go110.go | 8 - .../go/codec/goversion_unsupported_lt_go14.go | 17 - .../go/codec/goversion_vendor_eq_go15.go | 10 - .../go/codec/goversion_vendor_eq_go16.go | 10 - .../go/codec/goversion_vendor_gte_go17.go | 8 - .../go/codec/goversion_vendor_lt_go15.go | 8 - vendor/github.com/ugorji/go/codec/helper.go | 2414 -- .../ugorji/go/codec/helper_internal.go | 121 - .../ugorji/go/codec/helper_not_unsafe.go | 272 - .../ugorji/go/codec/helper_unsafe.go | 639 - vendor/github.com/ugorji/go/codec/json.go | 1423 - vendor/github.com/ugorji/go/codec/msgpack.go | 1092 - vendor/github.com/ugorji/go/codec/rpc.go | 232 - vendor/github.com/ugorji/go/codec/simple.go | 652 - 138 files changed, 13047 insertions(+), 56324 deletions(-) create mode 100644 vendor/github.com/coreos/etcd/client/json.go delete mode 100644 vendor/github.com/coreos/etcd/client/keys.generated.go rename vendor/github.com/{ugorji => json-iterator}/go/LICENSE (92%) create mode 100644 vendor/github.com/json-iterator/go/README.md create mode 100644 vendor/github.com/json-iterator/go/adapter.go create mode 100644 vendor/github.com/json-iterator/go/any.go create mode 100644 vendor/github.com/json-iterator/go/any_array.go create mode 100644 vendor/github.com/json-iterator/go/any_bool.go create mode 100644 vendor/github.com/json-iterator/go/any_float.go create mode 100644 vendor/github.com/json-iterator/go/any_int32.go create mode 100644 vendor/github.com/json-iterator/go/any_int64.go create mode 100644 vendor/github.com/json-iterator/go/any_invalid.go create mode 100644 vendor/github.com/json-iterator/go/any_nil.go create mode 100644 vendor/github.com/json-iterator/go/any_number.go create mode 100644 vendor/github.com/json-iterator/go/any_object.go create mode 100644 vendor/github.com/json-iterator/go/any_str.go create mode 100644 vendor/github.com/json-iterator/go/any_uint32.go create mode 100644 vendor/github.com/json-iterator/go/any_uint64.go create mode 100644 vendor/github.com/json-iterator/go/config.go create mode 100644 vendor/github.com/json-iterator/go/go.mod create mode 100644 vendor/github.com/json-iterator/go/iter.go create mode 100644 vendor/github.com/json-iterator/go/iter_array.go create mode 100644 vendor/github.com/json-iterator/go/iter_float.go create mode 100644 vendor/github.com/json-iterator/go/iter_int.go create mode 100644 vendor/github.com/json-iterator/go/iter_object.go create mode 100644 vendor/github.com/json-iterator/go/iter_skip.go create mode 100644 vendor/github.com/json-iterator/go/iter_skip_sloppy.go create mode 100644 vendor/github.com/json-iterator/go/iter_skip_strict.go create mode 100644 vendor/github.com/json-iterator/go/iter_str.go create mode 100644 vendor/github.com/json-iterator/go/jsoniter.go create mode 100644 vendor/github.com/json-iterator/go/pool.go create mode 100644 vendor/github.com/json-iterator/go/reflect.go create mode 100644 vendor/github.com/json-iterator/go/reflect_array.go create mode 100644 vendor/github.com/json-iterator/go/reflect_dynamic.go create mode 100644 vendor/github.com/json-iterator/go/reflect_extension.go create mode 100644 vendor/github.com/json-iterator/go/reflect_json_number.go create mode 100644 vendor/github.com/json-iterator/go/reflect_json_raw_message.go create mode 100644 vendor/github.com/json-iterator/go/reflect_map.go create mode 100644 vendor/github.com/json-iterator/go/reflect_marshaler.go create mode 100644 vendor/github.com/json-iterator/go/reflect_native.go create mode 100644 vendor/github.com/json-iterator/go/reflect_optional.go create mode 100644 vendor/github.com/json-iterator/go/reflect_slice.go create mode 100644 vendor/github.com/json-iterator/go/reflect_struct_decoder.go create mode 100644 vendor/github.com/json-iterator/go/reflect_struct_encoder.go create mode 100644 vendor/github.com/json-iterator/go/stream.go create mode 100644 vendor/github.com/json-iterator/go/stream_float.go create mode 100644 vendor/github.com/json-iterator/go/stream_int.go create mode 100644 vendor/github.com/json-iterator/go/stream_str.go create mode 100644 vendor/github.com/modern-go/concurrent/LICENSE create mode 100644 vendor/github.com/modern-go/concurrent/README.md create mode 100644 vendor/github.com/modern-go/concurrent/executor.go create mode 100644 vendor/github.com/modern-go/concurrent/go_above_19.go create mode 100644 vendor/github.com/modern-go/concurrent/go_below_19.go create mode 100644 vendor/github.com/modern-go/concurrent/log.go create mode 100644 vendor/github.com/modern-go/concurrent/unbounded_executor.go create mode 100644 vendor/github.com/modern-go/reflect2/LICENSE create mode 100644 vendor/github.com/modern-go/reflect2/README.md create mode 100644 vendor/github.com/modern-go/reflect2/go_above_17.go create mode 100644 vendor/github.com/modern-go/reflect2/go_above_19.go create mode 100644 vendor/github.com/modern-go/reflect2/go_below_17.go create mode 100644 vendor/github.com/modern-go/reflect2/go_below_19.go create mode 100644 vendor/github.com/modern-go/reflect2/reflect2.go create mode 100644 vendor/github.com/modern-go/reflect2/reflect2_amd64.s create mode 100644 vendor/github.com/modern-go/reflect2/reflect2_kind.go create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_386.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_amd64p32.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_arm.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_arm64.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_mips64x.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_mipsx.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_ppc64x.s create mode 100644 vendor/github.com/modern-go/reflect2/relfect2_s390x.s create mode 100644 vendor/github.com/modern-go/reflect2/safe_field.go create mode 100644 vendor/github.com/modern-go/reflect2/safe_map.go create mode 100644 vendor/github.com/modern-go/reflect2/safe_slice.go create mode 100644 vendor/github.com/modern-go/reflect2/safe_struct.go create mode 100644 vendor/github.com/modern-go/reflect2/safe_type.go create mode 100644 vendor/github.com/modern-go/reflect2/type_map.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_array.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_eface.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_field.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_iface.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_link.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_map.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_ptr.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_slice.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_struct.go create mode 100644 vendor/github.com/modern-go/reflect2/unsafe_type.go delete mode 100644 vendor/github.com/ugorji/go/README.md delete mode 100644 vendor/github.com/ugorji/go/codec/0doc.go delete mode 100644 vendor/github.com/ugorji/go/codec/README.md delete mode 100644 vendor/github.com/ugorji/go/codec/binc.go delete mode 100644 vendor/github.com/ugorji/go/codec/cbor.go delete mode 100644 vendor/github.com/ugorji/go/codec/decode.go delete mode 100644 vendor/github.com/ugorji/go/codec/encode.go delete mode 100644 vendor/github.com/ugorji/go/codec/fast-path.generated.go delete mode 100644 vendor/github.com/ugorji/go/codec/fast-path.not.go delete mode 100644 vendor/github.com/ugorji/go/codec/gen-helper.generated.go delete mode 100644 vendor/github.com/ugorji/go/codec/gen.generated.go delete mode 100644 vendor/github.com/ugorji/go/codec/gen.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_arrayof_gte_go15.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_arrayof_lt_go15.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_makemap_gte_go19.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_makemap_lt_go19.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_unexportedembeddedptr_gte_go110.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_unexportedembeddedptr_lt_go110.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_unsupported_lt_go14.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_vendor_eq_go15.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_vendor_eq_go16.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_vendor_gte_go17.go delete mode 100644 vendor/github.com/ugorji/go/codec/goversion_vendor_lt_go15.go delete mode 100644 vendor/github.com/ugorji/go/codec/helper.go delete mode 100644 vendor/github.com/ugorji/go/codec/helper_internal.go delete mode 100644 vendor/github.com/ugorji/go/codec/helper_not_unsafe.go delete mode 100644 vendor/github.com/ugorji/go/codec/helper_unsafe.go delete mode 100644 vendor/github.com/ugorji/go/codec/json.go delete mode 100644 vendor/github.com/ugorji/go/codec/msgpack.go delete mode 100644 vendor/github.com/ugorji/go/codec/rpc.go delete mode 100644 vendor/github.com/ugorji/go/codec/simple.go diff --git a/vendor.conf b/vendor.conf index e1ca33ce5c945..ec8aefd8f32c2 100644 --- a/vendor.conf +++ b/vendor.conf @@ -67,13 +67,15 @@ github.com/moby/ipvs 4566ccea0e08d68e9614c3e7a64a github.com/BurntSushi/toml 3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005 # v0.3.1 github.com/samuel/go-zookeeper d0e0d8e11f318e000a8cc434616d69e329edc374 github.com/deckarep/golang-set ef32fa3046d9f249d399f98ebaf9be944430fd1d -github.com/coreos/etcd d57e8b8d97adfc4a6c224fe116714bf1a1f3beb9 # v3.3.12 +github.com/coreos/etcd 2c834459e1aab78a5d5219c7dfe42335fc4b617a # v3.3.25 github.com/coreos/go-semver 8ab6407b697782a06568d4b7f1db25550ec2e4c6 # v0.2.0 -github.com/ugorji/go b4c50a2b199d93b13dc15e78929cfb23bfdf21ab # v1.1.1 github.com/hashicorp/consul 9a9cc9341bb487651a0399e3fc5e1e8a42e62dd9 # v0.5.2 github.com/miekg/dns 6c0c4e6581f8e173cc562c8b3363ab984e4ae071 # v1.1.27 github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be go.etcd.io/bbolt 232d8fc87f50244f9c808f4745759e08a304c029 # v1.3.5 +github.com/json-iterator/go a1ca0830781e007c66b225121d2cdb3a649421f6 # v1.1.10 +github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3 +github.com/modern-go/reflect2 94122c33edd36123c84d5368cfb2b69df93a0ec8 # v1.0.1 # get graph and distribution packages github.com/docker/distribution dcf66392d606f50bf3a9286dcb4bdcdfb7c0e83a # v2.8.0 diff --git a/vendor/github.com/coreos/etcd/client/json.go b/vendor/github.com/coreos/etcd/client/json.go new file mode 100644 index 0000000000000..97cdbcd7cfa57 --- /dev/null +++ b/vendor/github.com/coreos/etcd/client/json.go @@ -0,0 +1,72 @@ +// Copyright 2019 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package client + +import ( + "github.com/json-iterator/go" + "github.com/modern-go/reflect2" + "strconv" + "unsafe" +) + +type customNumberExtension struct { + jsoniter.DummyExtension +} + +func (cne *customNumberExtension) CreateDecoder(typ reflect2.Type) jsoniter.ValDecoder { + if typ.String() == "interface {}" { + return customNumberDecoder{} + } + return nil +} + +type customNumberDecoder struct { +} + +func (customNumberDecoder) Decode(ptr unsafe.Pointer, iter *jsoniter.Iterator) { + switch iter.WhatIsNext() { + case jsoniter.NumberValue: + var number jsoniter.Number + iter.ReadVal(&number) + i64, err := strconv.ParseInt(string(number), 10, 64) + if err == nil { + *(*interface{})(ptr) = i64 + return + } + f64, err := strconv.ParseFloat(string(number), 64) + if err == nil { + *(*interface{})(ptr) = f64 + return + } + iter.ReportError("DecodeNumber", err.Error()) + default: + *(*interface{})(ptr) = iter.Read() + } +} + +// caseSensitiveJsonIterator returns a jsoniterator API that's configured to be +// case-sensitive when unmarshalling, and otherwise compatible with +// the encoding/json standard library. +func caseSensitiveJsonIterator() jsoniter.API { + config := jsoniter.Config{ + EscapeHTML: true, + SortMapKeys: true, + ValidateJsonRawMessage: true, + CaseSensitive: true, + }.Froze() + // Force jsoniter to decode number to interface{} via int64/float64, if possible. + config.RegisterExtension(&customNumberExtension{}) + return config +} diff --git a/vendor/github.com/coreos/etcd/client/keys.generated.go b/vendor/github.com/coreos/etcd/client/keys.generated.go deleted file mode 100644 index 237fdbe8ffd17..0000000000000 --- a/vendor/github.com/coreos/etcd/client/keys.generated.go +++ /dev/null @@ -1,5218 +0,0 @@ -// ************************************************************ -// DO NOT EDIT. -// THIS FILE IS AUTO-GENERATED BY codecgen. -// ************************************************************ - -package client - -import ( - "errors" - "fmt" - "reflect" - "runtime" - time "time" - - codec1978 "github.com/ugorji/go/codec" -) - -const ( - // ----- content types ---- - codecSelferC_UTF87612 = 1 - codecSelferC_RAW7612 = 0 - // ----- value types used ---- - codecSelferValueTypeArray7612 = 10 - codecSelferValueTypeMap7612 = 9 - // ----- containerStateValues ---- - codecSelfer_containerMapKey7612 = 2 - codecSelfer_containerMapValue7612 = 3 - codecSelfer_containerMapEnd7612 = 4 - codecSelfer_containerArrayElem7612 = 6 - codecSelfer_containerArrayEnd7612 = 7 -) - -var ( - codecSelferBitsize7612 = uint8(reflect.TypeOf(uint(0)).Bits()) - codecSelferOnlyMapOrArrayEncodeToStructErr7612 = errors.New(`only encoded map or array can be decoded into a struct`) -) - -type codecSelfer7612 struct{} - -func init() { - if codec1978.GenVersion != 8 { - _, file, _, _ := runtime.Caller(0) - err := fmt.Errorf("codecgen version mismatch: current: %v, need %v. Re-generate file: %v", - 8, codec1978.GenVersion, file) - panic(err) - } - if false { // reference the types, but skip this branch at build/run time - var v0 time.Duration - _ = v0 - } -} - -func (x *Error) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(4) - } else { - r.WriteMapStart(4) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeInt(int64(x.Code)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("errorCode")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeInt(int64(x.Code)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Message)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("message")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Message)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Cause)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("cause")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Cause)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeUint(uint64(x.Index)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("index")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeUint(uint64(x.Index)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *Error) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *Error) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "errorCode": - if r.TryDecodeAsNil() { - x.Code = 0 - } else { - yyv4 := &x.Code - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*int)(yyv4)) = int(r.DecodeInt(codecSelferBitsize7612)) - } - } - case "message": - if r.TryDecodeAsNil() { - x.Message = "" - } else { - yyv6 := &x.Message - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "cause": - if r.TryDecodeAsNil() { - x.Cause = "" - } else { - yyv8 := &x.Cause - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*string)(yyv8)) = r.DecodeString() - } - } - case "index": - if r.TryDecodeAsNil() { - x.Index = 0 - } else { - yyv10 := &x.Index - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*uint64)(yyv10)) = uint64(r.DecodeUint(64)) - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *Error) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj12 int - var yyb12 bool - var yyhl12 bool = l >= 0 - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Code = 0 - } else { - yyv13 := &x.Code - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*int)(yyv13)) = int(r.DecodeInt(codecSelferBitsize7612)) - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Message = "" - } else { - yyv15 := &x.Message - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*string)(yyv15)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Cause = "" - } else { - yyv17 := &x.Cause - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*string)(yyv17)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Index = 0 - } else { - yyv19 := &x.Index - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*uint64)(yyv19)) = uint64(r.DecodeUint(64)) - } - } - for { - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj12-1, "") - } - r.ReadArrayEnd() -} - -func (x PrevExistType) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x)) - } -} - -func (x *PrevExistType) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - *((*string)(x)) = r.DecodeString() - } -} - -func (x *WatcherOptions) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(2) - } else { - r.WriteMapStart(2) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeUint(uint64(x.AfterIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("AfterIndex")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeUint(uint64(x.AfterIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *WatcherOptions) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *WatcherOptions) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "AfterIndex": - if r.TryDecodeAsNil() { - x.AfterIndex = 0 - } else { - yyv4 := &x.AfterIndex - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*uint64)(yyv4)) = uint64(r.DecodeUint(64)) - } - } - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv6 := &x.Recursive - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*bool)(yyv6)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *WatcherOptions) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj8 int - var yyb8 bool - var yyhl8 bool = l >= 0 - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.AfterIndex = 0 - } else { - yyv9 := &x.AfterIndex - yym10 := z.DecBinary() - _ = yym10 - if false { - } else { - *((*uint64)(yyv9)) = uint64(r.DecodeUint(64)) - } - } - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv11 := &x.Recursive - yym12 := z.DecBinary() - _ = yym12 - if false { - } else { - *((*bool)(yyv11)) = r.DecodeBool() - } - } - for { - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj8-1, "") - } - r.ReadArrayEnd() -} - -func (x *CreateInOrderOptions) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(1) - } else { - r.WriteMapStart(1) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("TTL")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *CreateInOrderOptions) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *CreateInOrderOptions) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "TTL": - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv4 := &x.TTL - yym5 := z.DecBinary() - _ = yym5 - if false { - } else if z.HasExtensions() && z.DecExt(yyv4) { - } else { - *((*int64)(yyv4)) = int64(r.DecodeInt(64)) - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *CreateInOrderOptions) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj6 int - var yyb6 bool - var yyhl6 bool = l >= 0 - yyj6++ - if yyhl6 { - yyb6 = yyj6 > l - } else { - yyb6 = r.CheckBreak() - } - if yyb6 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv7 := &x.TTL - yym8 := z.DecBinary() - _ = yym8 - if false { - } else if z.HasExtensions() && z.DecExt(yyv7) { - } else { - *((*int64)(yyv7)) = int64(r.DecodeInt(64)) - } - } - for { - yyj6++ - if yyhl6 { - yyb6 = yyj6 > l - } else { - yyb6 = r.CheckBreak() - } - if yyb6 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj6-1, "") - } - r.ReadArrayEnd() -} - -func (x *SetOptions) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(7) - } else { - r.WriteMapStart(7) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevValue")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevIndex")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - x.PrevExist.CodecEncodeSelf(e) - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevExist")) - r.WriteMapElemValue() - x.PrevExist.CodecEncodeSelf(e) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("TTL")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeBool(bool(x.Refresh)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Refresh")) - r.WriteMapElemValue() - yym17 := z.EncBinary() - _ = yym17 - if false { - } else { - r.EncodeBool(bool(x.Refresh)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym19 := z.EncBinary() - _ = yym19 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Dir")) - r.WriteMapElemValue() - yym20 := z.EncBinary() - _ = yym20 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym22 := z.EncBinary() - _ = yym22 - if false { - } else { - r.EncodeBool(bool(x.NoValueOnSuccess)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("NoValueOnSuccess")) - r.WriteMapElemValue() - yym23 := z.EncBinary() - _ = yym23 - if false { - } else { - r.EncodeBool(bool(x.NoValueOnSuccess)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *SetOptions) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *SetOptions) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "PrevValue": - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv4 := &x.PrevValue - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "PrevIndex": - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv6 := &x.PrevIndex - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*uint64)(yyv6)) = uint64(r.DecodeUint(64)) - } - } - case "PrevExist": - if r.TryDecodeAsNil() { - x.PrevExist = "" - } else { - yyv8 := &x.PrevExist - yyv8.CodecDecodeSelf(d) - } - case "TTL": - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv9 := &x.TTL - yym10 := z.DecBinary() - _ = yym10 - if false { - } else if z.HasExtensions() && z.DecExt(yyv9) { - } else { - *((*int64)(yyv9)) = int64(r.DecodeInt(64)) - } - } - case "Refresh": - if r.TryDecodeAsNil() { - x.Refresh = false - } else { - yyv11 := &x.Refresh - yym12 := z.DecBinary() - _ = yym12 - if false { - } else { - *((*bool)(yyv11)) = r.DecodeBool() - } - } - case "Dir": - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv13 := &x.Dir - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*bool)(yyv13)) = r.DecodeBool() - } - } - case "NoValueOnSuccess": - if r.TryDecodeAsNil() { - x.NoValueOnSuccess = false - } else { - yyv15 := &x.NoValueOnSuccess - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*bool)(yyv15)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *SetOptions) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj17 int - var yyb17 bool - var yyhl17 bool = l >= 0 - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv18 := &x.PrevValue - yym19 := z.DecBinary() - _ = yym19 - if false { - } else { - *((*string)(yyv18)) = r.DecodeString() - } - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv20 := &x.PrevIndex - yym21 := z.DecBinary() - _ = yym21 - if false { - } else { - *((*uint64)(yyv20)) = uint64(r.DecodeUint(64)) - } - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevExist = "" - } else { - yyv22 := &x.PrevExist - yyv22.CodecDecodeSelf(d) - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv23 := &x.TTL - yym24 := z.DecBinary() - _ = yym24 - if false { - } else if z.HasExtensions() && z.DecExt(yyv23) { - } else { - *((*int64)(yyv23)) = int64(r.DecodeInt(64)) - } - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Refresh = false - } else { - yyv25 := &x.Refresh - yym26 := z.DecBinary() - _ = yym26 - if false { - } else { - *((*bool)(yyv25)) = r.DecodeBool() - } - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv27 := &x.Dir - yym28 := z.DecBinary() - _ = yym28 - if false { - } else { - *((*bool)(yyv27)) = r.DecodeBool() - } - } - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.NoValueOnSuccess = false - } else { - yyv29 := &x.NoValueOnSuccess - yym30 := z.DecBinary() - _ = yym30 - if false { - } else { - *((*bool)(yyv29)) = r.DecodeBool() - } - } - for { - yyj17++ - if yyhl17 { - yyb17 = yyj17 > l - } else { - yyb17 = r.CheckBreak() - } - if yyb17 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj17-1, "") - } - r.ReadArrayEnd() -} - -func (x *GetOptions) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(3) - } else { - r.WriteMapStart(3) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeBool(bool(x.Sort)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Sort")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeBool(bool(x.Sort)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeBool(bool(x.Quorum)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Quorum")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeBool(bool(x.Quorum)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *GetOptions) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *GetOptions) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv4 := &x.Recursive - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*bool)(yyv4)) = r.DecodeBool() - } - } - case "Sort": - if r.TryDecodeAsNil() { - x.Sort = false - } else { - yyv6 := &x.Sort - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*bool)(yyv6)) = r.DecodeBool() - } - } - case "Quorum": - if r.TryDecodeAsNil() { - x.Quorum = false - } else { - yyv8 := &x.Quorum - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*bool)(yyv8)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *GetOptions) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj10 int - var yyb10 bool - var yyhl10 bool = l >= 0 - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l - } else { - yyb10 = r.CheckBreak() - } - if yyb10 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv11 := &x.Recursive - yym12 := z.DecBinary() - _ = yym12 - if false { - } else { - *((*bool)(yyv11)) = r.DecodeBool() - } - } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l - } else { - yyb10 = r.CheckBreak() - } - if yyb10 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Sort = false - } else { - yyv13 := &x.Sort - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*bool)(yyv13)) = r.DecodeBool() - } - } - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l - } else { - yyb10 = r.CheckBreak() - } - if yyb10 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Quorum = false - } else { - yyv15 := &x.Quorum - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*bool)(yyv15)) = r.DecodeBool() - } - } - for { - yyj10++ - if yyhl10 { - yyb10 = yyj10 > l - } else { - yyb10 = r.CheckBreak() - } - if yyb10 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj10-1, "") - } - r.ReadArrayEnd() -} - -func (x *DeleteOptions) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(4) - } else { - r.WriteMapStart(4) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevValue")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevIndex")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Dir")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *DeleteOptions) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *DeleteOptions) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "PrevValue": - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv4 := &x.PrevValue - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "PrevIndex": - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv6 := &x.PrevIndex - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*uint64)(yyv6)) = uint64(r.DecodeUint(64)) - } - } - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv8 := &x.Recursive - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*bool)(yyv8)) = r.DecodeBool() - } - } - case "Dir": - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv10 := &x.Dir - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*bool)(yyv10)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *DeleteOptions) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj12 int - var yyb12 bool - var yyhl12 bool = l >= 0 - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv13 := &x.PrevValue - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*string)(yyv13)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv15 := &x.PrevIndex - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*uint64)(yyv15)) = uint64(r.DecodeUint(64)) - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv17 := &x.Recursive - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*bool)(yyv17)) = r.DecodeBool() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv19 := &x.Dir - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*bool)(yyv19)) = r.DecodeBool() - } - } - for { - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj12-1, "") - } - r.ReadArrayEnd() -} - -func (x *Response) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(3) - } else { - r.WriteMapStart(3) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Action)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("action")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Action)) - } - } - var yyn6 bool - if x.Node == nil { - yyn6 = true - goto LABEL6 - } - LABEL6: - if yyr2 || yy2arr2 { - if yyn6 { - r.WriteArrayElem() - r.EncodeNil() - } else { - r.WriteArrayElem() - if x.Node == nil { - r.EncodeNil() - } else { - x.Node.CodecEncodeSelf(e) - } - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("node")) - r.WriteMapElemValue() - if yyn6 { - r.EncodeNil() - } else { - if x.Node == nil { - r.EncodeNil() - } else { - x.Node.CodecEncodeSelf(e) - } - } - } - var yyn9 bool - if x.PrevNode == nil { - yyn9 = true - goto LABEL9 - } - LABEL9: - if yyr2 || yy2arr2 { - if yyn9 { - r.WriteArrayElem() - r.EncodeNil() - } else { - r.WriteArrayElem() - if x.PrevNode == nil { - r.EncodeNil() - } else { - x.PrevNode.CodecEncodeSelf(e) - } - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("prevNode")) - r.WriteMapElemValue() - if yyn9 { - r.EncodeNil() - } else { - if x.PrevNode == nil { - r.EncodeNil() - } else { - x.PrevNode.CodecEncodeSelf(e) - } - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *Response) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *Response) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "action": - if r.TryDecodeAsNil() { - x.Action = "" - } else { - yyv4 := &x.Action - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "node": - if x.Node == nil { - x.Node = new(Node) - } - if r.TryDecodeAsNil() { - if x.Node != nil { - x.Node = nil - } - } else { - if x.Node == nil { - x.Node = new(Node) - } - x.Node.CodecDecodeSelf(d) - } - case "prevNode": - if x.PrevNode == nil { - x.PrevNode = new(Node) - } - if r.TryDecodeAsNil() { - if x.PrevNode != nil { - x.PrevNode = nil - } - } else { - if x.PrevNode == nil { - x.PrevNode = new(Node) - } - x.PrevNode.CodecDecodeSelf(d) - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *Response) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj8 int - var yyb8 bool - var yyhl8 bool = l >= 0 - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Action = "" - } else { - yyv9 := &x.Action - yym10 := z.DecBinary() - _ = yym10 - if false { - } else { - *((*string)(yyv9)) = r.DecodeString() - } - } - if x.Node == nil { - x.Node = new(Node) - } - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - if x.Node != nil { - x.Node = nil - } - } else { - if x.Node == nil { - x.Node = new(Node) - } - x.Node.CodecDecodeSelf(d) - } - if x.PrevNode == nil { - x.PrevNode = new(Node) - } - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - if x.PrevNode != nil { - x.PrevNode = nil - } - } else { - if x.PrevNode == nil { - x.PrevNode = new(Node) - } - x.PrevNode.CodecDecodeSelf(d) - } - for { - yyj8++ - if yyhl8 { - yyb8 = yyj8 > l - } else { - yyb8 = r.CheckBreak() - } - if yyb8 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj8-1, "") - } - r.ReadArrayEnd() -} - -func (x *Node) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - var yyq2 [8]bool - _ = yyq2 - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - yyq2[1] = x.Dir != false - yyq2[6] = x.Expiration != nil - yyq2[7] = x.TTL != 0 - if yyr2 || yy2arr2 { - r.WriteArrayStart(8) - } else { - var yynn2 = 5 - for _, b := range yyq2 { - if b { - yynn2++ - } - } - r.WriteMapStart(yynn2) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("key")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - if yyq2[1] { - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } else { - r.EncodeBool(false) - } - } else { - if yyq2[1] { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("dir")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("value")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - if x.Nodes == nil { - r.EncodeNil() - } else { - x.Nodes.CodecEncodeSelf(e) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("nodes")) - r.WriteMapElemValue() - if x.Nodes == nil { - r.EncodeNil() - } else { - x.Nodes.CodecEncodeSelf(e) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeUint(uint64(x.CreatedIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("createdIndex")) - r.WriteMapElemValue() - yym17 := z.EncBinary() - _ = yym17 - if false { - } else { - r.EncodeUint(uint64(x.CreatedIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym19 := z.EncBinary() - _ = yym19 - if false { - } else { - r.EncodeUint(uint64(x.ModifiedIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("modifiedIndex")) - r.WriteMapElemValue() - yym20 := z.EncBinary() - _ = yym20 - if false { - } else { - r.EncodeUint(uint64(x.ModifiedIndex)) - } - } - var yyn21 bool - if x.Expiration == nil { - yyn21 = true - goto LABEL21 - } - LABEL21: - if yyr2 || yy2arr2 { - if yyn21 { - r.WriteArrayElem() - r.EncodeNil() - } else { - r.WriteArrayElem() - if yyq2[6] { - if x.Expiration == nil { - r.EncodeNil() - } else { - yym22 := z.EncBinary() - _ = yym22 - if false { - } else if yym23 := z.TimeRtidIfBinc(); yym23 != 0 { - r.EncodeBuiltin(yym23, x.Expiration) - } else if z.HasExtensions() && z.EncExt(x.Expiration) { - } else if yym22 { - z.EncBinaryMarshal(x.Expiration) - } else if !yym22 && z.IsJSONHandle() { - z.EncJSONMarshal(x.Expiration) - } else { - z.EncFallback(x.Expiration) - } - } - } else { - r.EncodeNil() - } - } - } else { - if yyq2[6] { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("expiration")) - r.WriteMapElemValue() - if yyn21 { - r.EncodeNil() - } else { - if x.Expiration == nil { - r.EncodeNil() - } else { - yym24 := z.EncBinary() - _ = yym24 - if false { - } else if yym25 := z.TimeRtidIfBinc(); yym25 != 0 { - r.EncodeBuiltin(yym25, x.Expiration) - } else if z.HasExtensions() && z.EncExt(x.Expiration) { - } else if yym24 { - z.EncBinaryMarshal(x.Expiration) - } else if !yym24 && z.IsJSONHandle() { - z.EncJSONMarshal(x.Expiration) - } else { - z.EncFallback(x.Expiration) - } - } - } - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - if yyq2[7] { - yym27 := z.EncBinary() - _ = yym27 - if false { - } else { - r.EncodeInt(int64(x.TTL)) - } - } else { - r.EncodeInt(0) - } - } else { - if yyq2[7] { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("ttl")) - r.WriteMapElemValue() - yym28 := z.EncBinary() - _ = yym28 - if false { - } else { - r.EncodeInt(int64(x.TTL)) - } - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *Node) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *Node) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "key": - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv4 := &x.Key - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "dir": - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv6 := &x.Dir - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*bool)(yyv6)) = r.DecodeBool() - } - } - case "value": - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv8 := &x.Value - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*string)(yyv8)) = r.DecodeString() - } - } - case "nodes": - if r.TryDecodeAsNil() { - x.Nodes = nil - } else { - yyv10 := &x.Nodes - yyv10.CodecDecodeSelf(d) - } - case "createdIndex": - if r.TryDecodeAsNil() { - x.CreatedIndex = 0 - } else { - yyv11 := &x.CreatedIndex - yym12 := z.DecBinary() - _ = yym12 - if false { - } else { - *((*uint64)(yyv11)) = uint64(r.DecodeUint(64)) - } - } - case "modifiedIndex": - if r.TryDecodeAsNil() { - x.ModifiedIndex = 0 - } else { - yyv13 := &x.ModifiedIndex - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*uint64)(yyv13)) = uint64(r.DecodeUint(64)) - } - } - case "expiration": - if x.Expiration == nil { - x.Expiration = new(time.Time) - } - if r.TryDecodeAsNil() { - if x.Expiration != nil { - x.Expiration = nil - } - } else { - if x.Expiration == nil { - x.Expiration = new(time.Time) - } - yym16 := z.DecBinary() - _ = yym16 - if false { - } else if yym17 := z.TimeRtidIfBinc(); yym17 != 0 { - r.DecodeBuiltin(yym17, x.Expiration) - } else if z.HasExtensions() && z.DecExt(x.Expiration) { - } else if yym16 { - z.DecBinaryUnmarshal(x.Expiration) - } else if !yym16 && z.IsJSONHandle() { - z.DecJSONUnmarshal(x.Expiration) - } else { - z.DecFallback(x.Expiration, false) - } - } - case "ttl": - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv18 := &x.TTL - yym19 := z.DecBinary() - _ = yym19 - if false { - } else { - *((*int64)(yyv18)) = int64(r.DecodeInt(64)) - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *Node) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj20 int - var yyb20 bool - var yyhl20 bool = l >= 0 - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv21 := &x.Key - yym22 := z.DecBinary() - _ = yym22 - if false { - } else { - *((*string)(yyv21)) = r.DecodeString() - } - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv23 := &x.Dir - yym24 := z.DecBinary() - _ = yym24 - if false { - } else { - *((*bool)(yyv23)) = r.DecodeBool() - } - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv25 := &x.Value - yym26 := z.DecBinary() - _ = yym26 - if false { - } else { - *((*string)(yyv25)) = r.DecodeString() - } - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Nodes = nil - } else { - yyv27 := &x.Nodes - yyv27.CodecDecodeSelf(d) - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.CreatedIndex = 0 - } else { - yyv28 := &x.CreatedIndex - yym29 := z.DecBinary() - _ = yym29 - if false { - } else { - *((*uint64)(yyv28)) = uint64(r.DecodeUint(64)) - } - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.ModifiedIndex = 0 - } else { - yyv30 := &x.ModifiedIndex - yym31 := z.DecBinary() - _ = yym31 - if false { - } else { - *((*uint64)(yyv30)) = uint64(r.DecodeUint(64)) - } - } - if x.Expiration == nil { - x.Expiration = new(time.Time) - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - if x.Expiration != nil { - x.Expiration = nil - } - } else { - if x.Expiration == nil { - x.Expiration = new(time.Time) - } - yym33 := z.DecBinary() - _ = yym33 - if false { - } else if yym34 := z.TimeRtidIfBinc(); yym34 != 0 { - r.DecodeBuiltin(yym34, x.Expiration) - } else if z.HasExtensions() && z.DecExt(x.Expiration) { - } else if yym33 { - z.DecBinaryUnmarshal(x.Expiration) - } else if !yym33 && z.IsJSONHandle() { - z.DecJSONUnmarshal(x.Expiration) - } else { - z.DecFallback(x.Expiration, false) - } - } - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv35 := &x.TTL - yym36 := z.DecBinary() - _ = yym36 - if false { - } else { - *((*int64)(yyv35)) = int64(r.DecodeInt(64)) - } - } - for { - yyj20++ - if yyhl20 { - yyb20 = yyj20 > l - } else { - yyb20 = r.CheckBreak() - } - if yyb20 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj20-1, "") - } - r.ReadArrayEnd() -} - -func (x Nodes) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - h.encNodes((Nodes)(x), e) - } - } -} - -func (x *Nodes) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - h.decNodes((*Nodes)(x), d) - } -} - -func (x *httpKeysAPI) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(0) - } else { - r.WriteMapStart(0) - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *httpKeysAPI) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *httpKeysAPI) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *httpKeysAPI) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj4 int - var yyb4 bool - var yyhl4 bool = l >= 0 - for { - yyj4++ - if yyhl4 { - yyb4 = yyj4 > l - } else { - yyb4 = r.CheckBreak() - } - if yyb4 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj4-1, "") - } - r.ReadArrayEnd() -} - -func (x *httpWatcher) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(0) - } else { - r.WriteMapStart(0) - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *httpWatcher) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *httpWatcher) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *httpWatcher) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj4 int - var yyb4 bool - var yyhl4 bool = l >= 0 - for { - yyj4++ - if yyhl4 { - yyb4 = yyj4 > l - } else { - yyb4 = r.CheckBreak() - } - if yyb4 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj4-1, "") - } - r.ReadArrayEnd() -} - -func (x *getAction) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(5) - } else { - r.WriteMapStart(5) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Prefix")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Key")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeBool(bool(x.Sorted)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Sorted")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeBool(bool(x.Sorted)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeBool(bool(x.Quorum)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Quorum")) - r.WriteMapElemValue() - yym17 := z.EncBinary() - _ = yym17 - if false { - } else { - r.EncodeBool(bool(x.Quorum)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *getAction) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *getAction) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Prefix": - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv4 := &x.Prefix - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "Key": - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv6 := &x.Key - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv8 := &x.Recursive - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*bool)(yyv8)) = r.DecodeBool() - } - } - case "Sorted": - if r.TryDecodeAsNil() { - x.Sorted = false - } else { - yyv10 := &x.Sorted - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*bool)(yyv10)) = r.DecodeBool() - } - } - case "Quorum": - if r.TryDecodeAsNil() { - x.Quorum = false - } else { - yyv12 := &x.Quorum - yym13 := z.DecBinary() - _ = yym13 - if false { - } else { - *((*bool)(yyv12)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *getAction) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj14 int - var yyb14 bool - var yyhl14 bool = l >= 0 - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv15 := &x.Prefix - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*string)(yyv15)) = r.DecodeString() - } - } - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv17 := &x.Key - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*string)(yyv17)) = r.DecodeString() - } - } - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv19 := &x.Recursive - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*bool)(yyv19)) = r.DecodeBool() - } - } - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Sorted = false - } else { - yyv21 := &x.Sorted - yym22 := z.DecBinary() - _ = yym22 - if false { - } else { - *((*bool)(yyv21)) = r.DecodeBool() - } - } - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Quorum = false - } else { - yyv23 := &x.Quorum - yym24 := z.DecBinary() - _ = yym24 - if false { - } else { - *((*bool)(yyv23)) = r.DecodeBool() - } - } - for { - yyj14++ - if yyhl14 { - yyb14 = yyj14 > l - } else { - yyb14 = r.CheckBreak() - } - if yyb14 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj14-1, "") - } - r.ReadArrayEnd() -} - -func (x *waitAction) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(4) - } else { - r.WriteMapStart(4) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Prefix")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Key")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeUint(uint64(x.WaitIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("WaitIndex")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeUint(uint64(x.WaitIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *waitAction) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *waitAction) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Prefix": - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv4 := &x.Prefix - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "Key": - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv6 := &x.Key - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "WaitIndex": - if r.TryDecodeAsNil() { - x.WaitIndex = 0 - } else { - yyv8 := &x.WaitIndex - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*uint64)(yyv8)) = uint64(r.DecodeUint(64)) - } - } - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv10 := &x.Recursive - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*bool)(yyv10)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *waitAction) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj12 int - var yyb12 bool - var yyhl12 bool = l >= 0 - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv13 := &x.Prefix - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*string)(yyv13)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv15 := &x.Key - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*string)(yyv15)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.WaitIndex = 0 - } else { - yyv17 := &x.WaitIndex - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*uint64)(yyv17)) = uint64(r.DecodeUint(64)) - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv19 := &x.Recursive - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*bool)(yyv19)) = r.DecodeBool() - } - } - for { - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj12-1, "") - } - r.ReadArrayEnd() -} - -func (x *setAction) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(10) - } else { - r.WriteMapStart(10) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Prefix")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Key")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Value")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevValue")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevIndex")) - r.WriteMapElemValue() - yym17 := z.EncBinary() - _ = yym17 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - x.PrevExist.CodecEncodeSelf(e) - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevExist")) - r.WriteMapElemValue() - x.PrevExist.CodecEncodeSelf(e) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym22 := z.EncBinary() - _ = yym22 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("TTL")) - r.WriteMapElemValue() - yym23 := z.EncBinary() - _ = yym23 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym25 := z.EncBinary() - _ = yym25 - if false { - } else { - r.EncodeBool(bool(x.Refresh)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Refresh")) - r.WriteMapElemValue() - yym26 := z.EncBinary() - _ = yym26 - if false { - } else { - r.EncodeBool(bool(x.Refresh)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym28 := z.EncBinary() - _ = yym28 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Dir")) - r.WriteMapElemValue() - yym29 := z.EncBinary() - _ = yym29 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym31 := z.EncBinary() - _ = yym31 - if false { - } else { - r.EncodeBool(bool(x.NoValueOnSuccess)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("NoValueOnSuccess")) - r.WriteMapElemValue() - yym32 := z.EncBinary() - _ = yym32 - if false { - } else { - r.EncodeBool(bool(x.NoValueOnSuccess)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *setAction) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *setAction) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Prefix": - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv4 := &x.Prefix - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "Key": - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv6 := &x.Key - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "Value": - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv8 := &x.Value - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*string)(yyv8)) = r.DecodeString() - } - } - case "PrevValue": - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv10 := &x.PrevValue - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*string)(yyv10)) = r.DecodeString() - } - } - case "PrevIndex": - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv12 := &x.PrevIndex - yym13 := z.DecBinary() - _ = yym13 - if false { - } else { - *((*uint64)(yyv12)) = uint64(r.DecodeUint(64)) - } - } - case "PrevExist": - if r.TryDecodeAsNil() { - x.PrevExist = "" - } else { - yyv14 := &x.PrevExist - yyv14.CodecDecodeSelf(d) - } - case "TTL": - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv15 := &x.TTL - yym16 := z.DecBinary() - _ = yym16 - if false { - } else if z.HasExtensions() && z.DecExt(yyv15) { - } else { - *((*int64)(yyv15)) = int64(r.DecodeInt(64)) - } - } - case "Refresh": - if r.TryDecodeAsNil() { - x.Refresh = false - } else { - yyv17 := &x.Refresh - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*bool)(yyv17)) = r.DecodeBool() - } - } - case "Dir": - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv19 := &x.Dir - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*bool)(yyv19)) = r.DecodeBool() - } - } - case "NoValueOnSuccess": - if r.TryDecodeAsNil() { - x.NoValueOnSuccess = false - } else { - yyv21 := &x.NoValueOnSuccess - yym22 := z.DecBinary() - _ = yym22 - if false { - } else { - *((*bool)(yyv21)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *setAction) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj23 int - var yyb23 bool - var yyhl23 bool = l >= 0 - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv24 := &x.Prefix - yym25 := z.DecBinary() - _ = yym25 - if false { - } else { - *((*string)(yyv24)) = r.DecodeString() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv26 := &x.Key - yym27 := z.DecBinary() - _ = yym27 - if false { - } else { - *((*string)(yyv26)) = r.DecodeString() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv28 := &x.Value - yym29 := z.DecBinary() - _ = yym29 - if false { - } else { - *((*string)(yyv28)) = r.DecodeString() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv30 := &x.PrevValue - yym31 := z.DecBinary() - _ = yym31 - if false { - } else { - *((*string)(yyv30)) = r.DecodeString() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv32 := &x.PrevIndex - yym33 := z.DecBinary() - _ = yym33 - if false { - } else { - *((*uint64)(yyv32)) = uint64(r.DecodeUint(64)) - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevExist = "" - } else { - yyv34 := &x.PrevExist - yyv34.CodecDecodeSelf(d) - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv35 := &x.TTL - yym36 := z.DecBinary() - _ = yym36 - if false { - } else if z.HasExtensions() && z.DecExt(yyv35) { - } else { - *((*int64)(yyv35)) = int64(r.DecodeInt(64)) - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Refresh = false - } else { - yyv37 := &x.Refresh - yym38 := z.DecBinary() - _ = yym38 - if false { - } else { - *((*bool)(yyv37)) = r.DecodeBool() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv39 := &x.Dir - yym40 := z.DecBinary() - _ = yym40 - if false { - } else { - *((*bool)(yyv39)) = r.DecodeBool() - } - } - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.NoValueOnSuccess = false - } else { - yyv41 := &x.NoValueOnSuccess - yym42 := z.DecBinary() - _ = yym42 - if false { - } else { - *((*bool)(yyv41)) = r.DecodeBool() - } - } - for { - yyj23++ - if yyhl23 { - yyb23 = yyj23 > l - } else { - yyb23 = r.CheckBreak() - } - if yyb23 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj23-1, "") - } - r.ReadArrayEnd() -} - -func (x *deleteAction) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(6) - } else { - r.WriteMapStart(6) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Prefix")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Key")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Key)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevValue")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.PrevValue)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("PrevIndex")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else { - r.EncodeUint(uint64(x.PrevIndex)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym16 := z.EncBinary() - _ = yym16 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Dir")) - r.WriteMapElemValue() - yym17 := z.EncBinary() - _ = yym17 - if false { - } else { - r.EncodeBool(bool(x.Dir)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym19 := z.EncBinary() - _ = yym19 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Recursive")) - r.WriteMapElemValue() - yym20 := z.EncBinary() - _ = yym20 - if false { - } else { - r.EncodeBool(bool(x.Recursive)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *deleteAction) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *deleteAction) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Prefix": - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv4 := &x.Prefix - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "Key": - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv6 := &x.Key - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "PrevValue": - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv8 := &x.PrevValue - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*string)(yyv8)) = r.DecodeString() - } - } - case "PrevIndex": - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv10 := &x.PrevIndex - yym11 := z.DecBinary() - _ = yym11 - if false { - } else { - *((*uint64)(yyv10)) = uint64(r.DecodeUint(64)) - } - } - case "Dir": - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv12 := &x.Dir - yym13 := z.DecBinary() - _ = yym13 - if false { - } else { - *((*bool)(yyv12)) = r.DecodeBool() - } - } - case "Recursive": - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv14 := &x.Recursive - yym15 := z.DecBinary() - _ = yym15 - if false { - } else { - *((*bool)(yyv14)) = r.DecodeBool() - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *deleteAction) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj16 int - var yyb16 bool - var yyhl16 bool = l >= 0 - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv17 := &x.Prefix - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*string)(yyv17)) = r.DecodeString() - } - } - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Key = "" - } else { - yyv19 := &x.Key - yym20 := z.DecBinary() - _ = yym20 - if false { - } else { - *((*string)(yyv19)) = r.DecodeString() - } - } - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevValue = "" - } else { - yyv21 := &x.PrevValue - yym22 := z.DecBinary() - _ = yym22 - if false { - } else { - *((*string)(yyv21)) = r.DecodeString() - } - } - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.PrevIndex = 0 - } else { - yyv23 := &x.PrevIndex - yym24 := z.DecBinary() - _ = yym24 - if false { - } else { - *((*uint64)(yyv23)) = uint64(r.DecodeUint(64)) - } - } - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = false - } else { - yyv25 := &x.Dir - yym26 := z.DecBinary() - _ = yym26 - if false { - } else { - *((*bool)(yyv25)) = r.DecodeBool() - } - } - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Recursive = false - } else { - yyv27 := &x.Recursive - yym28 := z.DecBinary() - _ = yym28 - if false { - } else { - *((*bool)(yyv27)) = r.DecodeBool() - } - } - for { - yyj16++ - if yyhl16 { - yyb16 = yyj16 > l - } else { - yyb16 = r.CheckBreak() - } - if yyb16 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj16-1, "") - } - r.ReadArrayEnd() -} - -func (x *createInOrderAction) CodecEncodeSelf(e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - if x == nil { - r.EncodeNil() - } else { - yym1 := z.EncBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.EncExt(x) { - } else { - yysep2 := !z.EncBinary() - yy2arr2 := z.EncBasicHandle().StructToArray - _, _ = yysep2, yy2arr2 - const yyr2 bool = false - if yyr2 || yy2arr2 { - r.WriteArrayStart(4) - } else { - r.WriteMapStart(4) - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym4 := z.EncBinary() - _ = yym4 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Prefix")) - r.WriteMapElemValue() - yym5 := z.EncBinary() - _ = yym5 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Prefix)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym7 := z.EncBinary() - _ = yym7 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Dir)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Dir")) - r.WriteMapElemValue() - yym8 := z.EncBinary() - _ = yym8 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Dir)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym10 := z.EncBinary() - _ = yym10 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("Value")) - r.WriteMapElemValue() - yym11 := z.EncBinary() - _ = yym11 - if false { - } else { - r.EncodeString(codecSelferC_UTF87612, string(x.Value)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayElem() - yym13 := z.EncBinary() - _ = yym13 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } else { - r.WriteMapElemKey() - r.EncodeString(codecSelferC_UTF87612, string("TTL")) - r.WriteMapElemValue() - yym14 := z.EncBinary() - _ = yym14 - if false { - } else if z.HasExtensions() && z.EncExt(x.TTL) { - } else { - r.EncodeInt(int64(x.TTL)) - } - } - if yyr2 || yy2arr2 { - r.WriteArrayEnd() - } else { - r.WriteMapEnd() - } - } - } -} - -func (x *createInOrderAction) CodecDecodeSelf(d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - yym1 := z.DecBinary() - _ = yym1 - if false { - } else if z.HasExtensions() && z.DecExt(x) { - } else { - yyct2 := r.ContainerType() - if yyct2 == codecSelferValueTypeMap7612 { - yyl2 := r.ReadMapStart() - if yyl2 == 0 { - r.ReadMapEnd() - } else { - x.codecDecodeSelfFromMap(yyl2, d) - } - } else if yyct2 == codecSelferValueTypeArray7612 { - yyl2 := r.ReadArrayStart() - if yyl2 == 0 { - r.ReadArrayEnd() - } else { - x.codecDecodeSelfFromArray(yyl2, d) - } - } else { - panic(codecSelferOnlyMapOrArrayEncodeToStructErr7612) - } - } -} - -func (x *createInOrderAction) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yys3Slc = z.DecScratchBuffer() // default slice to decode into - _ = yys3Slc - var yyhl3 bool = l >= 0 - for yyj3 := 0; ; yyj3++ { - if yyhl3 { - if yyj3 >= l { - break - } - } else { - if r.CheckBreak() { - break - } - } - r.ReadMapElemKey() - yys3Slc = r.DecodeStringAsBytes() - yys3 := string(yys3Slc) - r.ReadMapElemValue() - switch yys3 { - case "Prefix": - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv4 := &x.Prefix - yym5 := z.DecBinary() - _ = yym5 - if false { - } else { - *((*string)(yyv4)) = r.DecodeString() - } - } - case "Dir": - if r.TryDecodeAsNil() { - x.Dir = "" - } else { - yyv6 := &x.Dir - yym7 := z.DecBinary() - _ = yym7 - if false { - } else { - *((*string)(yyv6)) = r.DecodeString() - } - } - case "Value": - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv8 := &x.Value - yym9 := z.DecBinary() - _ = yym9 - if false { - } else { - *((*string)(yyv8)) = r.DecodeString() - } - } - case "TTL": - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv10 := &x.TTL - yym11 := z.DecBinary() - _ = yym11 - if false { - } else if z.HasExtensions() && z.DecExt(yyv10) { - } else { - *((*int64)(yyv10)) = int64(r.DecodeInt(64)) - } - } - default: - z.DecStructFieldNotFound(-1, yys3) - } // end switch yys3 - } // end for yyj3 - r.ReadMapEnd() -} - -func (x *createInOrderAction) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - var yyj12 int - var yyb12 bool - var yyhl12 bool = l >= 0 - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Prefix = "" - } else { - yyv13 := &x.Prefix - yym14 := z.DecBinary() - _ = yym14 - if false { - } else { - *((*string)(yyv13)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Dir = "" - } else { - yyv15 := &x.Dir - yym16 := z.DecBinary() - _ = yym16 - if false { - } else { - *((*string)(yyv15)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.Value = "" - } else { - yyv17 := &x.Value - yym18 := z.DecBinary() - _ = yym18 - if false { - } else { - *((*string)(yyv17)) = r.DecodeString() - } - } - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - r.ReadArrayEnd() - return - } - r.ReadArrayElem() - if r.TryDecodeAsNil() { - x.TTL = 0 - } else { - yyv19 := &x.TTL - yym20 := z.DecBinary() - _ = yym20 - if false { - } else if z.HasExtensions() && z.DecExt(yyv19) { - } else { - *((*int64)(yyv19)) = int64(r.DecodeInt(64)) - } - } - for { - yyj12++ - if yyhl12 { - yyb12 = yyj12 > l - } else { - yyb12 = r.CheckBreak() - } - if yyb12 { - break - } - r.ReadArrayElem() - z.DecStructFieldNotFound(yyj12-1, "") - } - r.ReadArrayEnd() -} - -func (x codecSelfer7612) encNodes(v Nodes, e *codec1978.Encoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperEncoder(e) - _, _, _ = h, z, r - r.WriteArrayStart(len(v)) - for _, yyv1 := range v { - r.WriteArrayElem() - if yyv1 == nil { - r.EncodeNil() - } else { - yyv1.CodecEncodeSelf(e) - } - } - r.WriteArrayEnd() -} - -func (x codecSelfer7612) decNodes(v *Nodes, d *codec1978.Decoder) { - var h codecSelfer7612 - z, r := codec1978.GenHelperDecoder(d) - _, _, _ = h, z, r - - yyv1 := *v - yyh1, yyl1 := z.DecSliceHelperStart() - var yyc1 bool - _ = yyc1 - if yyl1 == 0 { - if yyv1 == nil { - yyv1 = []*Node{} - yyc1 = true - } else if len(yyv1) != 0 { - yyv1 = yyv1[:0] - yyc1 = true - } - } else { - yyhl1 := yyl1 > 0 - var yyrl1 int - _ = yyrl1 - if yyhl1 { - if yyl1 > cap(yyv1) { - yyrl1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 8) - if yyrl1 <= cap(yyv1) { - yyv1 = yyv1[:yyrl1] - } else { - yyv1 = make([]*Node, yyrl1) - } - yyc1 = true - } else if yyl1 != len(yyv1) { - yyv1 = yyv1[:yyl1] - yyc1 = true - } - } - var yyj1 int - // var yydn1 bool - for ; (yyhl1 && yyj1 < yyl1) || !(yyhl1 || r.CheckBreak()); yyj1++ { - if yyj1 == 0 && len(yyv1) == 0 { - if yyhl1 { - yyrl1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 8) - } else { - yyrl1 = 8 - } - yyv1 = make([]*Node, yyrl1) - yyc1 = true - } - yyh1.ElemContainerState(yyj1) - // yydn1 = r.TryDecodeAsNil() - - // if indefinite, etc, then expand the slice if necessary - var yydb1 bool - if yyj1 >= len(yyv1) { - yyv1 = append(yyv1, nil) - yyc1 = true - - } - if yydb1 { - z.DecSwallow() - } else { - if r.TryDecodeAsNil() { - if yyv1[yyj1] != nil { - *yyv1[yyj1] = Node{} - } - } else { - if yyv1[yyj1] == nil { - yyv1[yyj1] = new(Node) - } - yyw2 := yyv1[yyj1] - yyw2.CodecDecodeSelf(d) - } - - } - - } - if yyj1 < len(yyv1) { - yyv1 = yyv1[:yyj1] - yyc1 = true - } else if yyj1 == 0 && yyv1 == nil { - yyv1 = make([]*Node, 0) - yyc1 = true - } - } - yyh1.End() - if yyc1 { - *v = yyv1 - } - -} diff --git a/vendor/github.com/coreos/etcd/client/keys.go b/vendor/github.com/coreos/etcd/client/keys.go index 8b9fd3f87a496..f8f2c7b186c22 100644 --- a/vendor/github.com/coreos/etcd/client/keys.go +++ b/vendor/github.com/coreos/etcd/client/keys.go @@ -14,8 +14,6 @@ package client -//go:generate codecgen -d 1819 -r "Node|Response|Nodes" -o keys.generated.go keys.go - import ( "context" "encoding/json" @@ -28,7 +26,6 @@ import ( "time" "github.com/coreos/etcd/pkg/pathutil" - "github.com/ugorji/go/codec" ) const ( @@ -656,9 +653,11 @@ func unmarshalHTTPResponse(code int, header http.Header, body []byte) (res *Resp return res, err } +var jsonIterator = caseSensitiveJsonIterator() + func unmarshalSuccessfulKeysResponse(header http.Header, body []byte) (*Response, error) { var res Response - err := codec.NewDecoderBytes(body, new(codec.JsonHandle)).Decode(&res) + err := jsonIterator.Unmarshal(body, &res) if err != nil { return nil, ErrInvalidJSON } diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/dir_unix.go b/vendor/github.com/coreos/etcd/pkg/fileutil/dir_unix.go index 58a77dfc1a99d..4ce15dc6bcf1f 100644 --- a/vendor/github.com/coreos/etcd/pkg/fileutil/dir_unix.go +++ b/vendor/github.com/coreos/etcd/pkg/fileutil/dir_unix.go @@ -18,5 +18,10 @@ package fileutil import "os" +const ( + // PrivateDirMode grants owner to make/remove files inside the directory. + PrivateDirMode = 0700 +) + // OpenDir opens a directory for syncing. func OpenDir(path string) (*os.File, error) { return os.Open(path) } diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/dir_windows.go b/vendor/github.com/coreos/etcd/pkg/fileutil/dir_windows.go index c123395c0040e..a10a90583c798 100644 --- a/vendor/github.com/coreos/etcd/pkg/fileutil/dir_windows.go +++ b/vendor/github.com/coreos/etcd/pkg/fileutil/dir_windows.go @@ -21,6 +21,11 @@ import ( "syscall" ) +const ( + // PrivateDirMode grants owner to make/remove files inside the directory. + PrivateDirMode = 0777 +) + // OpenDir opens a directory in windows with write access for syncing. func OpenDir(path string) (*os.File, error) { fd, err := openDir(path) diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go b/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go index fce5126c6956d..3c73916a1e1c6 100644 --- a/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go +++ b/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go @@ -29,8 +29,6 @@ import ( const ( // PrivateFileMode grants owner to read/write a file. PrivateFileMode = 0600 - // PrivateDirMode grants owner to make/remove files inside the directory. - PrivateDirMode = 0700 ) var ( @@ -65,14 +63,22 @@ func ReadDir(dirpath string) ([]string, error) { // TouchDirAll is similar to os.MkdirAll. It creates directories with 0700 permission if any directory // does not exists. TouchDirAll also ensures the given directory is writable. func TouchDirAll(dir string) error { - // If path is already a directory, MkdirAll does nothing - // and returns nil. - err := os.MkdirAll(dir, PrivateDirMode) - if err != nil { - // if mkdirAll("a/text") and "text" is not - // a directory, this will return syscall.ENOTDIR - return err + // If path is already a directory, MkdirAll does nothing and returns nil, so, + // first check if dir exist with an expected permission mode. + if Exist(dir) { + err := CheckDirPermission(dir, PrivateDirMode) + if err != nil { + plog.Warningf("check file permission: %v", err) + } + } else { + err := os.MkdirAll(dir, PrivateDirMode) + if err != nil { + // if mkdirAll("a/text") and "text" is not + // a directory, this will return syscall.ENOTDIR + return err + } } + return IsDirWriteable(dir) } @@ -120,3 +126,22 @@ func ZeroToEnd(f *os.File) error { _, err = f.Seek(off, io.SeekStart) return err } + +// CheckDirPermission checks permission on an existing dir. +// Returns error if dir is empty or exist with a different permission than specified. +func CheckDirPermission(dir string, perm os.FileMode) error { + if !Exist(dir) { + return fmt.Errorf("directory %q empty, cannot check permission.", dir) + } + //check the existing permission on the directory + dirInfo, err := os.Stat(dir) + if err != nil { + return err + } + dirMode := dirInfo.Mode().Perm() + if dirMode != perm { + err = fmt.Errorf("directory %q exist, but the permission is %q. The recommended permission is %q to prevent possible unprivileged access to the data.", dir, dirInfo.Mode(), os.FileMode(PrivateDirMode)) + return err + } + return nil +} diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/purge.go b/vendor/github.com/coreos/etcd/pkg/fileutil/purge.go index 92fceab017f31..c97368069198f 100644 --- a/vendor/github.com/coreos/etcd/pkg/fileutil/purge.go +++ b/vendor/github.com/coreos/etcd/pkg/fileutil/purge.go @@ -23,13 +23,23 @@ import ( ) func PurgeFile(dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}) <-chan error { - return purgeFile(dirname, suffix, max, interval, stop, nil) + return purgeFile(dirname, suffix, max, interval, stop, nil, nil) +} + +func PurgeFileWithDoneNotify(dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}) (<-chan struct{}, <-chan error) { + doneC := make(chan struct{}) + errC := purgeFile(dirname, suffix, max, interval, stop, nil, doneC) + return doneC, errC } // purgeFile is the internal implementation for PurgeFile which can post purged files to purgec if non-nil. -func purgeFile(dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}, purgec chan<- string) <-chan error { +// if donec is non-nil, the function closes it to notify its exit. +func purgeFile(dirname string, suffix string, max uint, interval time.Duration, stop <-chan struct{}, purgec chan<- string, donec chan<- struct{}) <-chan error { errC := make(chan error, 1) go func() { + if donec != nil { + defer close(donec) + } for { fnames, err := ReadDir(dirname) if err != nil { diff --git a/vendor/github.com/coreos/etcd/pkg/ioutil/pagewriter.go b/vendor/github.com/coreos/etcd/pkg/ioutil/pagewriter.go index 72de1593d3adf..cf9a8dc664dcd 100644 --- a/vendor/github.com/coreos/etcd/pkg/ioutil/pagewriter.go +++ b/vendor/github.com/coreos/etcd/pkg/ioutil/pagewriter.go @@ -95,12 +95,23 @@ func (pw *PageWriter) Write(p []byte) (n int, err error) { return n, werr } +// Flush flushes buffered data. func (pw *PageWriter) Flush() error { + _, err := pw.flush() + return err +} + +// FlushN flushes buffered data and returns the number of written bytes. +func (pw *PageWriter) FlushN() (int, error) { + return pw.flush() +} + +func (pw *PageWriter) flush() (int, error) { if pw.bufferedBytes == 0 { - return nil + return 0, nil } - _, err := pw.w.Write(pw.buf[:pw.bufferedBytes]) + n, err := pw.w.Write(pw.buf[:pw.bufferedBytes]) pw.pageOffset = (pw.pageOffset + pw.bufferedBytes) % pw.pageBytes pw.bufferedBytes = 0 - return err + return n, err } diff --git a/vendor/github.com/coreos/etcd/raft/logger.go b/vendor/github.com/coreos/etcd/raft/logger.go index 92e55b373e1d4..426a77d344548 100644 --- a/vendor/github.com/coreos/etcd/raft/logger.go +++ b/vendor/github.com/coreos/etcd/raft/logger.go @@ -114,7 +114,7 @@ func (l *DefaultLogger) Fatalf(format string, v ...interface{}) { } func (l *DefaultLogger) Panic(v ...interface{}) { - l.Logger.Panic(v) + l.Logger.Panic(v...) } func (l *DefaultLogger) Panicf(format string, v ...interface{}) { diff --git a/vendor/github.com/coreos/etcd/raft/raft.go b/vendor/github.com/coreos/etcd/raft/raft.go index b4c0f0248ca28..22ff138e9c495 100644 --- a/vendor/github.com/coreos/etcd/raft/raft.go +++ b/vendor/github.com/coreos/etcd/raft/raft.go @@ -663,6 +663,7 @@ func (r *raft) becomePreCandidate() { r.step = stepCandidate r.votes = make(map[uint64]bool) r.tick = r.tickElection + r.lead = None r.state = StatePreCandidate r.logger.Infof("%x became pre-candidate at term %d", r.id, r.Term) } diff --git a/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go b/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go index fd9ee3729ecb6..753bd84ac6217 100644 --- a/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go +++ b/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go @@ -1,33 +1,16 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: raft.proto -/* - Package raftpb is a generated protocol buffer package. - - It is generated from these files: - raft.proto - - It has these top-level messages: - Entry - SnapshotMetadata - Snapshot - Message - HardState - ConfState - ConfChange -*/ package raftpb import ( - "fmt" - - proto "github.com/golang/protobuf/proto" - + fmt "fmt" + io "io" math "math" + math_bits "math/bits" _ "github.com/gogo/protobuf/gogoproto" - - io "io" + proto "github.com/golang/protobuf/proto" ) // Reference imports to suppress errors if they are not otherwise used. @@ -52,6 +35,7 @@ var EntryType_name = map[int32]string{ 0: "EntryNormal", 1: "EntryConfChange", } + var EntryType_value = map[string]int32{ "EntryNormal": 0, "EntryConfChange": 1, @@ -62,9 +46,11 @@ func (x EntryType) Enum() *EntryType { *p = x return p } + func (x EntryType) String() string { return proto.EnumName(EntryType_name, int32(x)) } + func (x *EntryType) UnmarshalJSON(data []byte) error { value, err := proto.UnmarshalJSONEnum(EntryType_value, data, "EntryType") if err != nil { @@ -73,7 +59,10 @@ func (x *EntryType) UnmarshalJSON(data []byte) error { *x = EntryType(value) return nil } -func (EntryType) EnumDescriptor() ([]byte, []int) { return fileDescriptorRaft, []int{0} } + +func (EntryType) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{0} +} type MessageType int32 @@ -120,6 +109,7 @@ var MessageType_name = map[int32]string{ 17: "MsgPreVote", 18: "MsgPreVoteResp", } + var MessageType_value = map[string]int32{ "MsgHup": 0, "MsgBeat": 1, @@ -147,9 +137,11 @@ func (x MessageType) Enum() *MessageType { *p = x return p } + func (x MessageType) String() string { return proto.EnumName(MessageType_name, int32(x)) } + func (x *MessageType) UnmarshalJSON(data []byte) error { value, err := proto.UnmarshalJSONEnum(MessageType_value, data, "MessageType") if err != nil { @@ -158,7 +150,10 @@ func (x *MessageType) UnmarshalJSON(data []byte) error { *x = MessageType(value) return nil } -func (MessageType) EnumDescriptor() ([]byte, []int) { return fileDescriptorRaft, []int{1} } + +func (MessageType) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{1} +} type ConfChangeType int32 @@ -175,6 +170,7 @@ var ConfChangeType_name = map[int32]string{ 2: "ConfChangeUpdateNode", 3: "ConfChangeAddLearnerNode", } + var ConfChangeType_value = map[string]int32{ "ConfChangeAddNode": 0, "ConfChangeRemoveNode": 1, @@ -187,9 +183,11 @@ func (x ConfChangeType) Enum() *ConfChangeType { *p = x return p } + func (x ConfChangeType) String() string { return proto.EnumName(ConfChangeType_name, int32(x)) } + func (x *ConfChangeType) UnmarshalJSON(data []byte) error { value, err := proto.UnmarshalJSONEnum(ConfChangeType_value, data, "ConfChangeType") if err != nil { @@ -198,102 +196,318 @@ func (x *ConfChangeType) UnmarshalJSON(data []byte) error { *x = ConfChangeType(value) return nil } -func (ConfChangeType) EnumDescriptor() ([]byte, []int) { return fileDescriptorRaft, []int{2} } + +func (ConfChangeType) EnumDescriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{2} +} type Entry struct { - Term uint64 `protobuf:"varint,2,opt,name=Term" json:"Term"` - Index uint64 `protobuf:"varint,3,opt,name=Index" json:"Index"` - Type EntryType `protobuf:"varint,1,opt,name=Type,enum=raftpb.EntryType" json:"Type"` - Data []byte `protobuf:"bytes,4,opt,name=Data" json:"Data,omitempty"` - XXX_unrecognized []byte `json:"-"` + Term uint64 `protobuf:"varint,2,opt,name=Term" json:"Term"` + Index uint64 `protobuf:"varint,3,opt,name=Index" json:"Index"` + Type EntryType `protobuf:"varint,1,opt,name=Type,enum=raftpb.EntryType" json:"Type"` + Data []byte `protobuf:"bytes,4,opt,name=Data" json:"Data,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *Entry) Reset() { *m = Entry{} } -func (m *Entry) String() string { return proto.CompactTextString(m) } -func (*Entry) ProtoMessage() {} -func (*Entry) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{0} } +func (m *Entry) Reset() { *m = Entry{} } +func (m *Entry) String() string { return proto.CompactTextString(m) } +func (*Entry) ProtoMessage() {} +func (*Entry) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{0} +} +func (m *Entry) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Entry) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Entry.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Entry) XXX_Merge(src proto.Message) { + xxx_messageInfo_Entry.Merge(m, src) +} +func (m *Entry) XXX_Size() int { + return m.Size() +} +func (m *Entry) XXX_DiscardUnknown() { + xxx_messageInfo_Entry.DiscardUnknown(m) +} + +var xxx_messageInfo_Entry proto.InternalMessageInfo type SnapshotMetadata struct { - ConfState ConfState `protobuf:"bytes,1,opt,name=conf_state,json=confState" json:"conf_state"` - Index uint64 `protobuf:"varint,2,opt,name=index" json:"index"` - Term uint64 `protobuf:"varint,3,opt,name=term" json:"term"` - XXX_unrecognized []byte `json:"-"` + ConfState ConfState `protobuf:"bytes,1,opt,name=conf_state,json=confState" json:"conf_state"` + Index uint64 `protobuf:"varint,2,opt,name=index" json:"index"` + Term uint64 `protobuf:"varint,3,opt,name=term" json:"term"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *SnapshotMetadata) Reset() { *m = SnapshotMetadata{} } -func (m *SnapshotMetadata) String() string { return proto.CompactTextString(m) } -func (*SnapshotMetadata) ProtoMessage() {} -func (*SnapshotMetadata) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{1} } +func (m *SnapshotMetadata) Reset() { *m = SnapshotMetadata{} } +func (m *SnapshotMetadata) String() string { return proto.CompactTextString(m) } +func (*SnapshotMetadata) ProtoMessage() {} +func (*SnapshotMetadata) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{1} +} +func (m *SnapshotMetadata) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *SnapshotMetadata) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_SnapshotMetadata.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *SnapshotMetadata) XXX_Merge(src proto.Message) { + xxx_messageInfo_SnapshotMetadata.Merge(m, src) +} +func (m *SnapshotMetadata) XXX_Size() int { + return m.Size() +} +func (m *SnapshotMetadata) XXX_DiscardUnknown() { + xxx_messageInfo_SnapshotMetadata.DiscardUnknown(m) +} + +var xxx_messageInfo_SnapshotMetadata proto.InternalMessageInfo type Snapshot struct { - Data []byte `protobuf:"bytes,1,opt,name=data" json:"data,omitempty"` - Metadata SnapshotMetadata `protobuf:"bytes,2,opt,name=metadata" json:"metadata"` - XXX_unrecognized []byte `json:"-"` + Data []byte `protobuf:"bytes,1,opt,name=data" json:"data,omitempty"` + Metadata SnapshotMetadata `protobuf:"bytes,2,opt,name=metadata" json:"metadata"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *Snapshot) Reset() { *m = Snapshot{} } -func (m *Snapshot) String() string { return proto.CompactTextString(m) } -func (*Snapshot) ProtoMessage() {} -func (*Snapshot) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{2} } +func (m *Snapshot) Reset() { *m = Snapshot{} } +func (m *Snapshot) String() string { return proto.CompactTextString(m) } +func (*Snapshot) ProtoMessage() {} +func (*Snapshot) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{2} +} +func (m *Snapshot) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Snapshot) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Snapshot.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Snapshot) XXX_Merge(src proto.Message) { + xxx_messageInfo_Snapshot.Merge(m, src) +} +func (m *Snapshot) XXX_Size() int { + return m.Size() +} +func (m *Snapshot) XXX_DiscardUnknown() { + xxx_messageInfo_Snapshot.DiscardUnknown(m) +} + +var xxx_messageInfo_Snapshot proto.InternalMessageInfo type Message struct { - Type MessageType `protobuf:"varint,1,opt,name=type,enum=raftpb.MessageType" json:"type"` - To uint64 `protobuf:"varint,2,opt,name=to" json:"to"` - From uint64 `protobuf:"varint,3,opt,name=from" json:"from"` - Term uint64 `protobuf:"varint,4,opt,name=term" json:"term"` - LogTerm uint64 `protobuf:"varint,5,opt,name=logTerm" json:"logTerm"` - Index uint64 `protobuf:"varint,6,opt,name=index" json:"index"` - Entries []Entry `protobuf:"bytes,7,rep,name=entries" json:"entries"` - Commit uint64 `protobuf:"varint,8,opt,name=commit" json:"commit"` - Snapshot Snapshot `protobuf:"bytes,9,opt,name=snapshot" json:"snapshot"` - Reject bool `protobuf:"varint,10,opt,name=reject" json:"reject"` - RejectHint uint64 `protobuf:"varint,11,opt,name=rejectHint" json:"rejectHint"` - Context []byte `protobuf:"bytes,12,opt,name=context" json:"context,omitempty"` - XXX_unrecognized []byte `json:"-"` -} - -func (m *Message) Reset() { *m = Message{} } -func (m *Message) String() string { return proto.CompactTextString(m) } -func (*Message) ProtoMessage() {} -func (*Message) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{3} } + Type MessageType `protobuf:"varint,1,opt,name=type,enum=raftpb.MessageType" json:"type"` + To uint64 `protobuf:"varint,2,opt,name=to" json:"to"` + From uint64 `protobuf:"varint,3,opt,name=from" json:"from"` + Term uint64 `protobuf:"varint,4,opt,name=term" json:"term"` + LogTerm uint64 `protobuf:"varint,5,opt,name=logTerm" json:"logTerm"` + Index uint64 `protobuf:"varint,6,opt,name=index" json:"index"` + Entries []Entry `protobuf:"bytes,7,rep,name=entries" json:"entries"` + Commit uint64 `protobuf:"varint,8,opt,name=commit" json:"commit"` + Snapshot Snapshot `protobuf:"bytes,9,opt,name=snapshot" json:"snapshot"` + Reject bool `protobuf:"varint,10,opt,name=reject" json:"reject"` + RejectHint uint64 `protobuf:"varint,11,opt,name=rejectHint" json:"rejectHint"` + Context []byte `protobuf:"bytes,12,opt,name=context" json:"context,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Message) Reset() { *m = Message{} } +func (m *Message) String() string { return proto.CompactTextString(m) } +func (*Message) ProtoMessage() {} +func (*Message) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{3} +} +func (m *Message) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Message) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Message.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Message) XXX_Merge(src proto.Message) { + xxx_messageInfo_Message.Merge(m, src) +} +func (m *Message) XXX_Size() int { + return m.Size() +} +func (m *Message) XXX_DiscardUnknown() { + xxx_messageInfo_Message.DiscardUnknown(m) +} + +var xxx_messageInfo_Message proto.InternalMessageInfo type HardState struct { - Term uint64 `protobuf:"varint,1,opt,name=term" json:"term"` - Vote uint64 `protobuf:"varint,2,opt,name=vote" json:"vote"` - Commit uint64 `protobuf:"varint,3,opt,name=commit" json:"commit"` - XXX_unrecognized []byte `json:"-"` + Term uint64 `protobuf:"varint,1,opt,name=term" json:"term"` + Vote uint64 `protobuf:"varint,2,opt,name=vote" json:"vote"` + Commit uint64 `protobuf:"varint,3,opt,name=commit" json:"commit"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *HardState) Reset() { *m = HardState{} } -func (m *HardState) String() string { return proto.CompactTextString(m) } -func (*HardState) ProtoMessage() {} -func (*HardState) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{4} } +func (m *HardState) Reset() { *m = HardState{} } +func (m *HardState) String() string { return proto.CompactTextString(m) } +func (*HardState) ProtoMessage() {} +func (*HardState) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{4} +} +func (m *HardState) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *HardState) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_HardState.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *HardState) XXX_Merge(src proto.Message) { + xxx_messageInfo_HardState.Merge(m, src) +} +func (m *HardState) XXX_Size() int { + return m.Size() +} +func (m *HardState) XXX_DiscardUnknown() { + xxx_messageInfo_HardState.DiscardUnknown(m) +} + +var xxx_messageInfo_HardState proto.InternalMessageInfo type ConfState struct { - Nodes []uint64 `protobuf:"varint,1,rep,name=nodes" json:"nodes,omitempty"` - Learners []uint64 `protobuf:"varint,2,rep,name=learners" json:"learners,omitempty"` - XXX_unrecognized []byte `json:"-"` + Nodes []uint64 `protobuf:"varint,1,rep,name=nodes" json:"nodes,omitempty"` + Learners []uint64 `protobuf:"varint,2,rep,name=learners" json:"learners,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *ConfState) Reset() { *m = ConfState{} } -func (m *ConfState) String() string { return proto.CompactTextString(m) } -func (*ConfState) ProtoMessage() {} -func (*ConfState) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{5} } +func (m *ConfState) Reset() { *m = ConfState{} } +func (m *ConfState) String() string { return proto.CompactTextString(m) } +func (*ConfState) ProtoMessage() {} +func (*ConfState) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{5} +} +func (m *ConfState) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *ConfState) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_ConfState.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *ConfState) XXX_Merge(src proto.Message) { + xxx_messageInfo_ConfState.Merge(m, src) +} +func (m *ConfState) XXX_Size() int { + return m.Size() +} +func (m *ConfState) XXX_DiscardUnknown() { + xxx_messageInfo_ConfState.DiscardUnknown(m) +} + +var xxx_messageInfo_ConfState proto.InternalMessageInfo type ConfChange struct { - ID uint64 `protobuf:"varint,1,opt,name=ID" json:"ID"` - Type ConfChangeType `protobuf:"varint,2,opt,name=Type,enum=raftpb.ConfChangeType" json:"Type"` - NodeID uint64 `protobuf:"varint,3,opt,name=NodeID" json:"NodeID"` - Context []byte `protobuf:"bytes,4,opt,name=Context" json:"Context,omitempty"` - XXX_unrecognized []byte `json:"-"` + ID uint64 `protobuf:"varint,1,opt,name=ID" json:"ID"` + Type ConfChangeType `protobuf:"varint,2,opt,name=Type,enum=raftpb.ConfChangeType" json:"Type"` + NodeID uint64 `protobuf:"varint,3,opt,name=NodeID" json:"NodeID"` + Context []byte `protobuf:"bytes,4,opt,name=Context" json:"Context,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *ConfChange) Reset() { *m = ConfChange{} } +func (m *ConfChange) String() string { return proto.CompactTextString(m) } +func (*ConfChange) ProtoMessage() {} +func (*ConfChange) Descriptor() ([]byte, []int) { + return fileDescriptor_b042552c306ae59b, []int{6} +} +func (m *ConfChange) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *ConfChange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_ConfChange.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *ConfChange) XXX_Merge(src proto.Message) { + xxx_messageInfo_ConfChange.Merge(m, src) +} +func (m *ConfChange) XXX_Size() int { + return m.Size() +} +func (m *ConfChange) XXX_DiscardUnknown() { + xxx_messageInfo_ConfChange.DiscardUnknown(m) } -func (m *ConfChange) Reset() { *m = ConfChange{} } -func (m *ConfChange) String() string { return proto.CompactTextString(m) } -func (*ConfChange) ProtoMessage() {} -func (*ConfChange) Descriptor() ([]byte, []int) { return fileDescriptorRaft, []int{6} } +var xxx_messageInfo_ConfChange proto.InternalMessageInfo func init() { + proto.RegisterEnum("raftpb.EntryType", EntryType_name, EntryType_value) + proto.RegisterEnum("raftpb.MessageType", MessageType_name, MessageType_value) + proto.RegisterEnum("raftpb.ConfChangeType", ConfChangeType_name, ConfChangeType_value) proto.RegisterType((*Entry)(nil), "raftpb.Entry") proto.RegisterType((*SnapshotMetadata)(nil), "raftpb.SnapshotMetadata") proto.RegisterType((*Snapshot)(nil), "raftpb.Snapshot") @@ -301,14 +515,69 @@ func init() { proto.RegisterType((*HardState)(nil), "raftpb.HardState") proto.RegisterType((*ConfState)(nil), "raftpb.ConfState") proto.RegisterType((*ConfChange)(nil), "raftpb.ConfChange") - proto.RegisterEnum("raftpb.EntryType", EntryType_name, EntryType_value) - proto.RegisterEnum("raftpb.MessageType", MessageType_name, MessageType_value) - proto.RegisterEnum("raftpb.ConfChangeType", ConfChangeType_name, ConfChangeType_value) } + +func init() { proto.RegisterFile("raft.proto", fileDescriptor_b042552c306ae59b) } + +var fileDescriptor_b042552c306ae59b = []byte{ + // 816 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x54, 0xcd, 0x6e, 0x23, 0x45, + 0x10, 0xf6, 0x8c, 0xc7, 0x7f, 0x35, 0x8e, 0xd3, 0xa9, 0x35, 0xa8, 0x15, 0x45, 0xc6, 0xb2, 0x38, + 0x58, 0x41, 0x1b, 0x20, 0x07, 0x0e, 0x48, 0x1c, 0x36, 0x09, 0x52, 0x22, 0xad, 0xa3, 0xc5, 0x9b, + 0xe5, 0x80, 0x84, 0x50, 0xc7, 0x53, 0x9e, 0x18, 0x32, 0xd3, 0xa3, 0x9e, 0xf6, 0xb2, 0xb9, 0x20, + 0x1e, 0x80, 0x07, 0xe0, 0xc2, 0xfb, 0xe4, 0xb8, 0x12, 0x77, 0xc4, 0x86, 0x17, 0x41, 0xdd, 0xd3, + 0x63, 0xcf, 0x24, 0xb7, 0xae, 0xaf, 0x6a, 0xbe, 0xfa, 0xbe, 0xea, 0xea, 0x01, 0x50, 0x62, 0xa9, + 0x8f, 0x32, 0x25, 0xb5, 0xc4, 0xb6, 0x39, 0x67, 0xd7, 0xfb, 0xc3, 0x58, 0xc6, 0xd2, 0x42, 0x9f, + 0x9b, 0x53, 0x91, 0x9d, 0xfc, 0x06, 0xad, 0x6f, 0x53, 0xad, 0xee, 0x90, 0x43, 0x70, 0x45, 0x2a, + 0xe1, 0xfe, 0xd8, 0x9b, 0x06, 0x27, 0xc1, 0xfd, 0x3f, 0x9f, 0x34, 0xe6, 0x16, 0xc1, 0x7d, 0x68, + 0x5d, 0xa4, 0x11, 0xbd, 0xe3, 0xcd, 0x4a, 0xaa, 0x80, 0xf0, 0x33, 0x08, 0xae, 0xee, 0x32, 0xe2, + 0xde, 0xd8, 0x9b, 0x0e, 0x8e, 0xf7, 0x8e, 0x8a, 0x5e, 0x47, 0x96, 0xd2, 0x24, 0x36, 0x44, 0x77, + 0x19, 0x21, 0x42, 0x70, 0x26, 0xb4, 0xe0, 0xc1, 0xd8, 0x9b, 0xf6, 0xe7, 0xf6, 0x3c, 0xf9, 0xdd, + 0x03, 0xf6, 0x3a, 0x15, 0x59, 0x7e, 0x23, 0xf5, 0x8c, 0xb4, 0x88, 0x84, 0x16, 0xf8, 0x15, 0xc0, + 0x42, 0xa6, 0xcb, 0x9f, 0x72, 0x2d, 0x74, 0xc1, 0x1d, 0x6e, 0xb9, 0x4f, 0x65, 0xba, 0x7c, 0x6d, + 0x12, 0x8e, 0xbb, 0xb7, 0x28, 0x01, 0xa3, 0x74, 0x65, 0x95, 0x56, 0x4d, 0x14, 0x90, 0xf1, 0xa7, + 0x8d, 0xbf, 0xaa, 0x09, 0x8b, 0x4c, 0x7e, 0x80, 0x6e, 0xa9, 0xc0, 0x48, 0x34, 0x0a, 0x6c, 0xcf, + 0xfe, 0xdc, 0x9e, 0xf1, 0x6b, 0xe8, 0x26, 0x4e, 0x99, 0x25, 0x0e, 0x8f, 0x79, 0xa9, 0xe5, 0xb1, + 0x72, 0xc7, 0xbb, 0xa9, 0x9f, 0xfc, 0xd5, 0x84, 0xce, 0x8c, 0xf2, 0x5c, 0xc4, 0x84, 0xcf, 0x21, + 0xd0, 0xdb, 0x59, 0x3d, 0x2b, 0x39, 0x5c, 0xba, 0x3a, 0x2d, 0x53, 0x86, 0x43, 0xf0, 0xb5, 0xac, + 0x39, 0xf1, 0xb5, 0x34, 0x36, 0x96, 0x4a, 0x3e, 0xb2, 0x61, 0x90, 0x8d, 0xc1, 0xe0, 0xb1, 0x41, + 0x1c, 0x41, 0xe7, 0x56, 0xc6, 0xf6, 0x76, 0x5b, 0x95, 0x64, 0x09, 0x6e, 0xc7, 0xd6, 0x7e, 0x3a, + 0xb6, 0xe7, 0xd0, 0xa1, 0x54, 0xab, 0x15, 0xe5, 0xbc, 0x33, 0x6e, 0x4e, 0xc3, 0xe3, 0x9d, 0xda, + 0x1d, 0x97, 0x54, 0xae, 0x06, 0x0f, 0xa0, 0xbd, 0x90, 0x49, 0xb2, 0xd2, 0xbc, 0x5b, 0xe1, 0x72, + 0x18, 0x1e, 0x43, 0x37, 0x77, 0x13, 0xe3, 0x3d, 0x3b, 0x49, 0xf6, 0x78, 0x92, 0xe5, 0x04, 0xcb, + 0x3a, 0xc3, 0xa8, 0xe8, 0x67, 0x5a, 0x68, 0x0e, 0x63, 0x6f, 0xda, 0x2d, 0x19, 0x0b, 0x0c, 0x3f, + 0x05, 0x28, 0x4e, 0xe7, 0xab, 0x54, 0xf3, 0xb0, 0xd2, 0xb3, 0x82, 0x23, 0x87, 0xce, 0x42, 0xa6, + 0x9a, 0xde, 0x69, 0xde, 0xb7, 0x17, 0x5b, 0x86, 0x93, 0x1f, 0xa1, 0x77, 0x2e, 0x54, 0x54, 0xac, + 0x4f, 0x39, 0x41, 0xef, 0xc9, 0x04, 0x39, 0x04, 0x6f, 0xa5, 0xa6, 0xfa, 0xe3, 0x30, 0x48, 0xc5, + 0x70, 0xf3, 0xa9, 0xe1, 0xc9, 0x37, 0xd0, 0xdb, 0xac, 0x2b, 0x0e, 0xa1, 0x95, 0xca, 0x88, 0x72, + 0xee, 0x8d, 0x9b, 0xd3, 0x60, 0x5e, 0x04, 0xb8, 0x0f, 0xdd, 0x5b, 0x12, 0x2a, 0x25, 0x95, 0x73, + 0xdf, 0x26, 0x36, 0xf1, 0xe4, 0x0f, 0x0f, 0xc0, 0x7c, 0x7f, 0x7a, 0x23, 0xd2, 0xd8, 0x6e, 0xc4, + 0xc5, 0x59, 0x4d, 0x9d, 0x7f, 0x71, 0x86, 0x5f, 0xb8, 0x27, 0xe8, 0xdb, 0xb5, 0xfa, 0xb8, 0xfa, + 0x4c, 0x8a, 0xef, 0x9e, 0xbc, 0xc3, 0x03, 0x68, 0x5f, 0xca, 0x88, 0x2e, 0xce, 0xea, 0x9a, 0x0b, + 0xcc, 0x0c, 0xeb, 0xd4, 0x0d, 0xab, 0x78, 0xa8, 0x65, 0x78, 0xf8, 0x25, 0xf4, 0x36, 0x0f, 0x1b, + 0x77, 0x21, 0xb4, 0xc1, 0xa5, 0x54, 0x89, 0xb8, 0x65, 0x0d, 0x7c, 0x06, 0xbb, 0x16, 0xd8, 0x36, + 0x66, 0xde, 0xe1, 0xdf, 0x3e, 0x84, 0x95, 0x05, 0x47, 0x80, 0xf6, 0x2c, 0x8f, 0xcf, 0xd7, 0x19, + 0x6b, 0x60, 0x08, 0x9d, 0x59, 0x1e, 0x9f, 0x90, 0xd0, 0xcc, 0x73, 0xc1, 0x2b, 0x25, 0x33, 0xe6, + 0xbb, 0xaa, 0x17, 0x59, 0xc6, 0x9a, 0x38, 0x00, 0x28, 0xce, 0x73, 0xca, 0x33, 0x16, 0xb8, 0xc2, + 0xef, 0xa5, 0x26, 0xd6, 0x32, 0x22, 0x5c, 0x60, 0xb3, 0x6d, 0x97, 0x35, 0xcb, 0xc4, 0x3a, 0xc8, + 0xa0, 0x6f, 0x9a, 0x91, 0x50, 0xfa, 0xda, 0x74, 0xe9, 0xe2, 0x10, 0x58, 0x15, 0xb1, 0x1f, 0xf5, + 0x10, 0x61, 0x30, 0xcb, 0xe3, 0x37, 0xa9, 0x22, 0xb1, 0xb8, 0x11, 0xd7, 0xb7, 0xc4, 0x00, 0xf7, + 0x60, 0xc7, 0x11, 0x99, 0xcb, 0x5b, 0xe7, 0x2c, 0x74, 0x65, 0xa7, 0x37, 0xb4, 0xf8, 0xe5, 0xbb, + 0xb5, 0x54, 0xeb, 0x84, 0xf5, 0xf1, 0x23, 0xd8, 0x9b, 0xe5, 0xf1, 0x95, 0x12, 0x69, 0xbe, 0x24, + 0xf5, 0x92, 0x44, 0x44, 0x8a, 0xed, 0xb8, 0xaf, 0xaf, 0x56, 0x09, 0xc9, 0xb5, 0xbe, 0x94, 0xbf, + 0xb2, 0x81, 0x13, 0x33, 0x27, 0x11, 0xd9, 0x3f, 0x27, 0xdb, 0x75, 0x62, 0x36, 0x88, 0x15, 0xc3, + 0x9c, 0xdf, 0x57, 0x8a, 0xac, 0xc5, 0x3d, 0xd7, 0xd5, 0xc5, 0xb6, 0x06, 0x0f, 0xef, 0x60, 0x50, + 0xbf, 0x5e, 0xa3, 0x63, 0x8b, 0xbc, 0x88, 0x22, 0x73, 0x97, 0xac, 0x81, 0x1c, 0x86, 0x5b, 0x78, + 0x4e, 0x89, 0x7c, 0x4b, 0x36, 0xe3, 0xd5, 0x33, 0x6f, 0xb2, 0x48, 0xe8, 0x22, 0xe3, 0xe3, 0x01, + 0xf0, 0x1a, 0xd5, 0xcb, 0x62, 0x1b, 0x6d, 0xb6, 0x79, 0xc2, 0xef, 0x3f, 0x8c, 0x1a, 0xef, 0x3f, + 0x8c, 0x1a, 0xf7, 0x0f, 0x23, 0xef, 0xfd, 0xc3, 0xc8, 0xfb, 0xf7, 0x61, 0xe4, 0xfd, 0xf9, 0xdf, + 0xa8, 0xf1, 0x7f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x30, 0xe1, 0x02, 0x69, 0x74, 0x06, 0x00, 0x00, +} + func (m *Entry) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -316,35 +585,42 @@ func (m *Entry) Marshal() (dAtA []byte, err error) { } func (m *Entry) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Entry) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Type)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Term)) - dAtA[i] = 0x18 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Index)) + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } if m.Data != nil { - dAtA[i] = 0x22 - i++ + i -= len(m.Data) + copy(dAtA[i:], m.Data) i = encodeVarintRaft(dAtA, i, uint64(len(m.Data))) - i += copy(dAtA[i:], m.Data) - } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x22 } - return i, nil + i = encodeVarintRaft(dAtA, i, uint64(m.Index)) + i-- + dAtA[i] = 0x18 + i = encodeVarintRaft(dAtA, i, uint64(m.Term)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRaft(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func (m *SnapshotMetadata) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -352,34 +628,42 @@ func (m *SnapshotMetadata) Marshal() (dAtA []byte, err error) { } func (m *SnapshotMetadata) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *SnapshotMetadata) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0xa - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.ConfState.Size())) - n1, err := m.ConfState.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } - i += n1 - dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Index)) - dAtA[i] = 0x18 - i++ i = encodeVarintRaft(dAtA, i, uint64(m.Term)) - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x18 + i = encodeVarintRaft(dAtA, i, uint64(m.Index)) + i-- + dAtA[i] = 0x10 + { + size, err := m.ConfState.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintRaft(dAtA, i, uint64(size)) } - return i, nil + i-- + dAtA[i] = 0xa + return len(dAtA) - i, nil } func (m *Snapshot) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -387,34 +671,43 @@ func (m *Snapshot) Marshal() (dAtA []byte, err error) { } func (m *Snapshot) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Snapshot) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - if m.Data != nil { - dAtA[i] = 0xa - i++ - i = encodeVarintRaft(dAtA, i, uint64(len(m.Data))) - i += copy(dAtA[i:], m.Data) + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } - dAtA[i] = 0x12 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Metadata.Size())) - n2, err := m.Metadata.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err + { + size, err := m.Metadata.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintRaft(dAtA, i, uint64(size)) } - i += n2 - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x12 + if m.Data != nil { + i -= len(m.Data) + copy(dAtA[i:], m.Data) + i = encodeVarintRaft(dAtA, i, uint64(len(m.Data))) + i-- + dAtA[i] = 0xa } - return i, nil + return len(dAtA) - i, nil } func (m *Message) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -422,78 +715,89 @@ func (m *Message) Marshal() (dAtA []byte, err error) { } func (m *Message) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Message) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Type)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.To)) - dAtA[i] = 0x18 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.From)) - dAtA[i] = 0x20 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Term)) - dAtA[i] = 0x28 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.LogTerm)) - dAtA[i] = 0x30 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Index)) - if len(m.Entries) > 0 { - for _, msg := range m.Entries { - dAtA[i] = 0x3a - i++ - i = encodeVarintRaft(dAtA, i, uint64(msg.Size())) - n, err := msg.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err - } - i += n - } + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } - dAtA[i] = 0x40 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Commit)) - dAtA[i] = 0x4a - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Snapshot.Size())) - n3, err := m.Snapshot.MarshalTo(dAtA[i:]) - if err != nil { - return 0, err + if m.Context != nil { + i -= len(m.Context) + copy(dAtA[i:], m.Context) + i = encodeVarintRaft(dAtA, i, uint64(len(m.Context))) + i-- + dAtA[i] = 0x62 } - i += n3 - dAtA[i] = 0x50 - i++ + i = encodeVarintRaft(dAtA, i, uint64(m.RejectHint)) + i-- + dAtA[i] = 0x58 + i-- if m.Reject { dAtA[i] = 1 } else { dAtA[i] = 0 } - i++ - dAtA[i] = 0x58 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.RejectHint)) - if m.Context != nil { - dAtA[i] = 0x62 - i++ - i = encodeVarintRaft(dAtA, i, uint64(len(m.Context))) - i += copy(dAtA[i:], m.Context) + i-- + dAtA[i] = 0x50 + { + size, err := m.Snapshot.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintRaft(dAtA, i, uint64(size)) } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x4a + i = encodeVarintRaft(dAtA, i, uint64(m.Commit)) + i-- + dAtA[i] = 0x40 + if len(m.Entries) > 0 { + for iNdEx := len(m.Entries) - 1; iNdEx >= 0; iNdEx-- { + { + size, err := m.Entries[iNdEx].MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintRaft(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x3a + } } - return i, nil + i = encodeVarintRaft(dAtA, i, uint64(m.Index)) + i-- + dAtA[i] = 0x30 + i = encodeVarintRaft(dAtA, i, uint64(m.LogTerm)) + i-- + dAtA[i] = 0x28 + i = encodeVarintRaft(dAtA, i, uint64(m.Term)) + i-- + dAtA[i] = 0x20 + i = encodeVarintRaft(dAtA, i, uint64(m.From)) + i-- + dAtA[i] = 0x18 + i = encodeVarintRaft(dAtA, i, uint64(m.To)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRaft(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func (m *HardState) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -501,29 +805,35 @@ func (m *HardState) Marshal() (dAtA []byte, err error) { } func (m *HardState) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *HardState) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Term)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Vote)) - dAtA[i] = 0x18 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Commit)) if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } - return i, nil + i = encodeVarintRaft(dAtA, i, uint64(m.Commit)) + i-- + dAtA[i] = 0x18 + i = encodeVarintRaft(dAtA, i, uint64(m.Vote)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRaft(dAtA, i, uint64(m.Term)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func (m *ConfState) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -531,34 +841,40 @@ func (m *ConfState) Marshal() (dAtA []byte, err error) { } func (m *ConfState) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *ConfState) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - if len(m.Nodes) > 0 { - for _, num := range m.Nodes { - dAtA[i] = 0x8 - i++ - i = encodeVarintRaft(dAtA, i, uint64(num)) - } + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } if len(m.Learners) > 0 { - for _, num := range m.Learners { + for iNdEx := len(m.Learners) - 1; iNdEx >= 0; iNdEx-- { + i = encodeVarintRaft(dAtA, i, uint64(m.Learners[iNdEx])) + i-- dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(num)) } } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + if len(m.Nodes) > 0 { + for iNdEx := len(m.Nodes) - 1; iNdEx >= 0; iNdEx-- { + i = encodeVarintRaft(dAtA, i, uint64(m.Nodes[iNdEx])) + i-- + dAtA[i] = 0x8 + } } - return i, nil + return len(dAtA) - i, nil } func (m *ConfChange) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -566,41 +882,53 @@ func (m *ConfChange) Marshal() (dAtA []byte, err error) { } func (m *ConfChange) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *ConfChange) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.ID)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.Type)) - dAtA[i] = 0x18 - i++ - i = encodeVarintRaft(dAtA, i, uint64(m.NodeID)) + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } if m.Context != nil { - dAtA[i] = 0x22 - i++ + i -= len(m.Context) + copy(dAtA[i:], m.Context) i = encodeVarintRaft(dAtA, i, uint64(len(m.Context))) - i += copy(dAtA[i:], m.Context) - } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x22 } - return i, nil + i = encodeVarintRaft(dAtA, i, uint64(m.NodeID)) + i-- + dAtA[i] = 0x18 + i = encodeVarintRaft(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRaft(dAtA, i, uint64(m.ID)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func encodeVarintRaft(dAtA []byte, offset int, v uint64) int { + offset -= sovRaft(v) + base := offset for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) v >>= 7 offset++ } dAtA[offset] = uint8(v) - return offset + 1 + return base } func (m *Entry) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRaft(uint64(m.Type)) @@ -617,6 +945,9 @@ func (m *Entry) Size() (n int) { } func (m *SnapshotMetadata) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l l = m.ConfState.Size() @@ -630,6 +961,9 @@ func (m *SnapshotMetadata) Size() (n int) { } func (m *Snapshot) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l if m.Data != nil { @@ -645,6 +979,9 @@ func (m *Snapshot) Size() (n int) { } func (m *Message) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRaft(uint64(m.Type)) @@ -675,6 +1012,9 @@ func (m *Message) Size() (n int) { } func (m *HardState) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRaft(uint64(m.Term)) @@ -687,6 +1027,9 @@ func (m *HardState) Size() (n int) { } func (m *ConfState) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l if len(m.Nodes) > 0 { @@ -706,6 +1049,9 @@ func (m *ConfState) Size() (n int) { } func (m *ConfChange) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRaft(uint64(m.ID)) @@ -722,14 +1068,7 @@ func (m *ConfChange) Size() (n int) { } func sovRaft(x uint64) (n int) { - for { - n++ - x >>= 7 - if x == 0 { - break - } - } - return n + return (math_bits.Len64(x|1) + 6) / 7 } func sozRaft(x uint64) (n int) { return sovRaft(uint64((x << 1) ^ uint64((int64(x) >> 63)))) @@ -749,7 +1088,7 @@ func (m *Entry) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -777,7 +1116,7 @@ func (m *Entry) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Type |= (EntryType(b) & 0x7F) << shift + m.Type |= EntryType(b&0x7F) << shift if b < 0x80 { break } @@ -796,7 +1135,7 @@ func (m *Entry) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Term |= (uint64(b) & 0x7F) << shift + m.Term |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -815,7 +1154,7 @@ func (m *Entry) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Index |= (uint64(b) & 0x7F) << shift + m.Index |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -834,7 +1173,7 @@ func (m *Entry) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -843,6 +1182,9 @@ func (m *Entry) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -860,6 +1202,9 @@ func (m *Entry) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -888,7 +1233,7 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -916,7 +1261,7 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -925,6 +1270,9 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -946,7 +1294,7 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Index |= (uint64(b) & 0x7F) << shift + m.Index |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -965,7 +1313,7 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Term |= (uint64(b) & 0x7F) << shift + m.Term |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -979,6 +1327,9 @@ func (m *SnapshotMetadata) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1007,7 +1358,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1035,7 +1386,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1044,6 +1395,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1066,7 +1420,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1075,6 +1429,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1091,6 +1448,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1119,7 +1479,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1147,7 +1507,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Type |= (MessageType(b) & 0x7F) << shift + m.Type |= MessageType(b&0x7F) << shift if b < 0x80 { break } @@ -1166,7 +1526,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.To |= (uint64(b) & 0x7F) << shift + m.To |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1185,7 +1545,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.From |= (uint64(b) & 0x7F) << shift + m.From |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1204,7 +1564,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Term |= (uint64(b) & 0x7F) << shift + m.Term |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1223,7 +1583,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.LogTerm |= (uint64(b) & 0x7F) << shift + m.LogTerm |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1242,7 +1602,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Index |= (uint64(b) & 0x7F) << shift + m.Index |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1261,7 +1621,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1270,6 +1630,9 @@ func (m *Message) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1292,7 +1655,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Commit |= (uint64(b) & 0x7F) << shift + m.Commit |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1311,7 +1674,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= (int(b) & 0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1320,6 +1683,9 @@ func (m *Message) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1341,7 +1707,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (int(b) & 0x7F) << shift + v |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1361,7 +1727,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.RejectHint |= (uint64(b) & 0x7F) << shift + m.RejectHint |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1380,7 +1746,7 @@ func (m *Message) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1389,6 +1755,9 @@ func (m *Message) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1406,6 +1775,9 @@ func (m *Message) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1434,7 +1806,7 @@ func (m *HardState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1462,7 +1834,7 @@ func (m *HardState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Term |= (uint64(b) & 0x7F) << shift + m.Term |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1481,7 +1853,7 @@ func (m *HardState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Vote |= (uint64(b) & 0x7F) << shift + m.Vote |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1500,7 +1872,7 @@ func (m *HardState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Commit |= (uint64(b) & 0x7F) << shift + m.Commit |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1514,6 +1886,9 @@ func (m *HardState) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1542,7 +1917,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1568,7 +1943,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (uint64(b) & 0x7F) << shift + v |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1585,7 +1960,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - packedLen |= (int(b) & 0x7F) << shift + packedLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1594,9 +1969,23 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + packedLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } + var elementCount int + var count int + for _, integer := range dAtA[iNdEx:postIndex] { + if integer < 128 { + count++ + } + } + elementCount = count + if elementCount != 0 && len(m.Nodes) == 0 { + m.Nodes = make([]uint64, 0, elementCount) + } for iNdEx < postIndex { var v uint64 for shift := uint(0); ; shift += 7 { @@ -1608,7 +1997,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (uint64(b) & 0x7F) << shift + v |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1630,7 +2019,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (uint64(b) & 0x7F) << shift + v |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1647,7 +2036,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - packedLen |= (int(b) & 0x7F) << shift + packedLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1656,9 +2045,23 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + packedLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } + var elementCount int + var count int + for _, integer := range dAtA[iNdEx:postIndex] { + if integer < 128 { + count++ + } + } + elementCount = count + if elementCount != 0 && len(m.Learners) == 0 { + m.Learners = make([]uint64, 0, elementCount) + } for iNdEx < postIndex { var v uint64 for shift := uint(0); ; shift += 7 { @@ -1670,7 +2073,7 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= (uint64(b) & 0x7F) << shift + v |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1689,6 +2092,9 @@ func (m *ConfState) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1717,7 +2123,7 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1745,7 +2151,7 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.ID |= (uint64(b) & 0x7F) << shift + m.ID |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1764,7 +2170,7 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Type |= (ConfChangeType(b) & 0x7F) << shift + m.Type |= ConfChangeType(b&0x7F) << shift if b < 0x80 { break } @@ -1783,7 +2189,7 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.NodeID |= (uint64(b) & 0x7F) << shift + m.NodeID |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -1802,7 +2208,7 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -1811,6 +2217,9 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRaft } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthRaft + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -1828,6 +2237,9 @@ func (m *ConfChange) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRaft } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRaft + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -1895,10 +2307,13 @@ func skipRaft(dAtA []byte) (n int, err error) { break } } - iNdEx += length if length < 0 { return 0, ErrInvalidLengthRaft } + iNdEx += length + if iNdEx < 0 { + return 0, ErrInvalidLengthRaft + } return iNdEx, nil case 3: for { @@ -1927,6 +2342,9 @@ func skipRaft(dAtA []byte) (n int, err error) { return 0, err } iNdEx = start + next + if iNdEx < 0 { + return 0, ErrInvalidLengthRaft + } } return iNdEx, nil case 4: @@ -1945,60 +2363,3 @@ var ( ErrInvalidLengthRaft = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowRaft = fmt.Errorf("proto: integer overflow") ) - -func init() { proto.RegisterFile("raft.proto", fileDescriptorRaft) } - -var fileDescriptorRaft = []byte{ - // 815 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x54, 0xcd, 0x6e, 0x23, 0x45, - 0x10, 0xf6, 0x8c, 0xc7, 0x7f, 0x35, 0x8e, 0xd3, 0xa9, 0x35, 0xa8, 0x15, 0x45, 0xc6, 0xb2, 0x38, - 0x58, 0x41, 0x1b, 0x20, 0x07, 0x0e, 0x48, 0x1c, 0x36, 0x09, 0x52, 0x22, 0xad, 0xa3, 0xc5, 0x9b, - 0xe5, 0x80, 0x84, 0x50, 0xc7, 0x53, 0x9e, 0x18, 0x32, 0xd3, 0xa3, 0x9e, 0xf6, 0xb2, 0xb9, 0x20, - 0x1e, 0x80, 0x07, 0xe0, 0xc2, 0xfb, 0xe4, 0xb8, 0x12, 0x77, 0xc4, 0x86, 0x17, 0x41, 0xdd, 0xd3, - 0x63, 0xcf, 0x24, 0xb7, 0xae, 0xef, 0xab, 0xae, 0xfa, 0xea, 0xeb, 0x9a, 0x01, 0x50, 0x62, 0xa9, - 0x8f, 0x32, 0x25, 0xb5, 0xc4, 0xb6, 0x39, 0x67, 0xd7, 0xfb, 0xc3, 0x58, 0xc6, 0xd2, 0x42, 0x9f, - 0x9b, 0x53, 0xc1, 0x4e, 0x7e, 0x83, 0xd6, 0xb7, 0xa9, 0x56, 0x77, 0xf8, 0x19, 0x04, 0x57, 0x77, - 0x19, 0x71, 0x6f, 0xec, 0x4d, 0x07, 0xc7, 0x7b, 0x47, 0xc5, 0xad, 0x23, 0x4b, 0x1a, 0xe2, 0x24, - 0xb8, 0xff, 0xe7, 0x93, 0xc6, 0xdc, 0x26, 0x21, 0x87, 0xe0, 0x8a, 0x54, 0xc2, 0xfd, 0xb1, 0x37, - 0x0d, 0x36, 0x0c, 0xa9, 0x04, 0xf7, 0xa1, 0x75, 0x91, 0x46, 0xf4, 0x8e, 0x37, 0x2b, 0x54, 0x01, - 0x21, 0x42, 0x70, 0x26, 0xb4, 0xe0, 0xc1, 0xd8, 0x9b, 0xf6, 0xe7, 0xf6, 0x3c, 0xf9, 0xdd, 0x03, - 0xf6, 0x3a, 0x15, 0x59, 0x7e, 0x23, 0xf5, 0x8c, 0xb4, 0x88, 0x84, 0x16, 0xf8, 0x15, 0xc0, 0x42, - 0xa6, 0xcb, 0x9f, 0x72, 0x2d, 0x74, 0xa1, 0x28, 0xdc, 0x2a, 0x3a, 0x95, 0xe9, 0xf2, 0xb5, 0x21, - 0x5c, 0xf1, 0xde, 0xa2, 0x04, 0x4c, 0xf3, 0x95, 0x6d, 0x5e, 0xd5, 0x55, 0x40, 0x46, 0xb2, 0x36, - 0x92, 0xab, 0xba, 0x2c, 0x32, 0xf9, 0x01, 0xba, 0xa5, 0x02, 0x23, 0xd1, 0x28, 0xb0, 0x3d, 0xfb, - 0x73, 0x7b, 0xc6, 0xaf, 0xa1, 0x9b, 0x38, 0x65, 0xb6, 0x70, 0x78, 0xcc, 0x4b, 0x2d, 0x8f, 0x95, - 0xbb, 0xba, 0x9b, 0xfc, 0xc9, 0x5f, 0x4d, 0xe8, 0xcc, 0x28, 0xcf, 0x45, 0x4c, 0xf8, 0x1c, 0x02, - 0xbd, 0x75, 0xf8, 0x59, 0x59, 0xc3, 0xd1, 0x55, 0x8f, 0x4d, 0x1a, 0x0e, 0xc1, 0xd7, 0xb2, 0x36, - 0x89, 0xaf, 0xa5, 0x19, 0x63, 0xa9, 0xe4, 0xa3, 0x31, 0x0c, 0xb2, 0x19, 0x30, 0x78, 0x3c, 0x20, - 0x8e, 0xa0, 0x73, 0x2b, 0x63, 0xfb, 0x60, 0xad, 0x0a, 0x59, 0x82, 0x5b, 0xdb, 0xda, 0x4f, 0x6d, - 0x7b, 0x0e, 0x1d, 0x4a, 0xb5, 0x5a, 0x51, 0xce, 0x3b, 0xe3, 0xe6, 0x34, 0x3c, 0xde, 0xa9, 0x6d, - 0x46, 0x59, 0xca, 0xe5, 0xe0, 0x01, 0xb4, 0x17, 0x32, 0x49, 0x56, 0x9a, 0x77, 0x2b, 0xb5, 0x1c, - 0x86, 0xc7, 0xd0, 0xcd, 0x9d, 0x63, 0xbc, 0x67, 0x9d, 0x64, 0x8f, 0x9d, 0x2c, 0x1d, 0x2c, 0xf3, - 0x4c, 0x45, 0x45, 0x3f, 0xd3, 0x42, 0x73, 0x18, 0x7b, 0xd3, 0x6e, 0x59, 0xb1, 0xc0, 0xf0, 0x53, - 0x80, 0xe2, 0x74, 0xbe, 0x4a, 0x35, 0x0f, 0x2b, 0x3d, 0x2b, 0x38, 0x72, 0xe8, 0x2c, 0x64, 0xaa, - 0xe9, 0x9d, 0xe6, 0x7d, 0xfb, 0xb0, 0x65, 0x38, 0xf9, 0x11, 0x7a, 0xe7, 0x42, 0x45, 0xc5, 0xfa, - 0x94, 0x0e, 0x7a, 0x4f, 0x1c, 0xe4, 0x10, 0xbc, 0x95, 0x9a, 0xea, 0xfb, 0x6e, 0x90, 0xca, 0xc0, - 0xcd, 0xa7, 0x03, 0x4f, 0xbe, 0x81, 0xde, 0x66, 0x5d, 0x71, 0x08, 0xad, 0x54, 0x46, 0x94, 0x73, - 0x6f, 0xdc, 0x9c, 0x06, 0xf3, 0x22, 0xc0, 0x7d, 0xe8, 0xde, 0x92, 0x50, 0x29, 0xa9, 0x9c, 0xfb, - 0x96, 0xd8, 0xc4, 0x93, 0x3f, 0x3c, 0x00, 0x73, 0xff, 0xf4, 0x46, 0xa4, 0xb1, 0xdd, 0x88, 0x8b, - 0xb3, 0x9a, 0x3a, 0xff, 0xe2, 0x0c, 0xbf, 0x70, 0x1f, 0xae, 0x6f, 0xd7, 0xea, 0xe3, 0xea, 0x67, - 0x52, 0xdc, 0x7b, 0xf2, 0xf5, 0x1e, 0x40, 0xfb, 0x52, 0x46, 0x74, 0x71, 0x56, 0xd7, 0x5c, 0x60, - 0xc6, 0xac, 0x53, 0x67, 0x56, 0xf1, 0xa1, 0x96, 0xe1, 0xe1, 0x97, 0xd0, 0xdb, 0xfc, 0x0e, 0x70, - 0x17, 0x42, 0x1b, 0x5c, 0x4a, 0x95, 0x88, 0x5b, 0xd6, 0xc0, 0x67, 0xb0, 0x6b, 0x81, 0x6d, 0x63, - 0xe6, 0x1d, 0xfe, 0xed, 0x43, 0x58, 0x59, 0x70, 0x04, 0x68, 0xcf, 0xf2, 0xf8, 0x7c, 0x9d, 0xb1, - 0x06, 0x86, 0xd0, 0x99, 0xe5, 0xf1, 0x09, 0x09, 0xcd, 0x3c, 0x17, 0xbc, 0x52, 0x32, 0x63, 0xbe, - 0xcb, 0x7a, 0x91, 0x65, 0xac, 0x89, 0x03, 0x80, 0xe2, 0x3c, 0xa7, 0x3c, 0x63, 0x81, 0x4b, 0xfc, - 0x5e, 0x6a, 0x62, 0x2d, 0x23, 0xc2, 0x05, 0x96, 0x6d, 0x3b, 0xd6, 0x2c, 0x13, 0xeb, 0x20, 0x83, - 0xbe, 0x69, 0x46, 0x42, 0xe9, 0x6b, 0xd3, 0xa5, 0x8b, 0x43, 0x60, 0x55, 0xc4, 0x5e, 0xea, 0x21, - 0xc2, 0x60, 0x96, 0xc7, 0x6f, 0x52, 0x45, 0x62, 0x71, 0x23, 0xae, 0x6f, 0x89, 0x01, 0xee, 0xc1, - 0x8e, 0x2b, 0x64, 0x1e, 0x6f, 0x9d, 0xb3, 0xd0, 0xa5, 0x9d, 0xde, 0xd0, 0xe2, 0x97, 0xef, 0xd6, - 0x52, 0xad, 0x13, 0xd6, 0xc7, 0x8f, 0x60, 0x6f, 0x96, 0xc7, 0x57, 0x4a, 0xa4, 0xf9, 0x92, 0xd4, - 0x4b, 0x12, 0x11, 0x29, 0xb6, 0xe3, 0x6e, 0x5f, 0xad, 0x12, 0x92, 0x6b, 0x7d, 0x29, 0x7f, 0x65, - 0x03, 0x27, 0x66, 0x4e, 0x22, 0xb2, 0x3f, 0x43, 0xb6, 0xeb, 0xc4, 0x6c, 0x10, 0x2b, 0x86, 0xb9, - 0x79, 0x5f, 0x29, 0xb2, 0x23, 0xee, 0xb9, 0xae, 0x2e, 0xb6, 0x39, 0x78, 0x78, 0x07, 0x83, 0xfa, - 0xf3, 0x1a, 0x1d, 0x5b, 0xe4, 0x45, 0x14, 0x99, 0xb7, 0x64, 0x0d, 0xe4, 0x30, 0xdc, 0xc2, 0x73, - 0x4a, 0xe4, 0x5b, 0xb2, 0x8c, 0x57, 0x67, 0xde, 0x64, 0x91, 0xd0, 0x05, 0xe3, 0xe3, 0x01, 0xf0, - 0x5a, 0xa9, 0x97, 0xc5, 0x36, 0x5a, 0xb6, 0x79, 0xc2, 0xef, 0x3f, 0x8c, 0x1a, 0xef, 0x3f, 0x8c, - 0x1a, 0xf7, 0x0f, 0x23, 0xef, 0xfd, 0xc3, 0xc8, 0xfb, 0xf7, 0x61, 0xe4, 0xfd, 0xf9, 0xdf, 0xa8, - 0xf1, 0x7f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x86, 0x52, 0x5b, 0xe0, 0x74, 0x06, 0x00, 0x00, -} diff --git a/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go b/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go index e72b577f5b8d7..46897b45e16c2 100644 --- a/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go +++ b/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go @@ -1,27 +1,16 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: snap.proto -/* - Package snappb is a generated protocol buffer package. - - It is generated from these files: - snap.proto - - It has these top-level messages: - Snapshot -*/ package snappb import ( - "fmt" - - proto "github.com/golang/protobuf/proto" - + fmt "fmt" + io "io" math "math" + math_bits "math/bits" _ "github.com/gogo/protobuf/gogoproto" - - io "io" + proto "github.com/golang/protobuf/proto" ) // Reference imports to suppress errors if they are not otherwise used. @@ -36,23 +25,68 @@ var _ = math.Inf const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package type Snapshot struct { - Crc uint32 `protobuf:"varint,1,opt,name=crc" json:"crc"` - Data []byte `protobuf:"bytes,2,opt,name=data" json:"data,omitempty"` - XXX_unrecognized []byte `json:"-"` + Crc uint32 `protobuf:"varint,1,opt,name=crc" json:"crc"` + Data []byte `protobuf:"bytes,2,opt,name=data" json:"data,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Snapshot) Reset() { *m = Snapshot{} } +func (m *Snapshot) String() string { return proto.CompactTextString(m) } +func (*Snapshot) ProtoMessage() {} +func (*Snapshot) Descriptor() ([]byte, []int) { + return fileDescriptor_f2e3c045ebf84d00, []int{0} +} +func (m *Snapshot) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Snapshot) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Snapshot.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Snapshot) XXX_Merge(src proto.Message) { + xxx_messageInfo_Snapshot.Merge(m, src) +} +func (m *Snapshot) XXX_Size() int { + return m.Size() +} +func (m *Snapshot) XXX_DiscardUnknown() { + xxx_messageInfo_Snapshot.DiscardUnknown(m) } -func (m *Snapshot) Reset() { *m = Snapshot{} } -func (m *Snapshot) String() string { return proto.CompactTextString(m) } -func (*Snapshot) ProtoMessage() {} -func (*Snapshot) Descriptor() ([]byte, []int) { return fileDescriptorSnap, []int{0} } +var xxx_messageInfo_Snapshot proto.InternalMessageInfo func init() { proto.RegisterType((*Snapshot)(nil), "snappb.snapshot") } + +func init() { proto.RegisterFile("snap.proto", fileDescriptor_f2e3c045ebf84d00) } + +var fileDescriptor_f2e3c045ebf84d00 = []byte{ + // 126 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2a, 0xce, 0x4b, 0x2c, + 0xd0, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x03, 0xb1, 0x0b, 0x92, 0xa4, 0x44, 0xd2, 0xf3, + 0xd3, 0xf3, 0xc1, 0x42, 0xfa, 0x20, 0x16, 0x44, 0x56, 0xc9, 0x8c, 0x8b, 0x03, 0x24, 0x5f, 0x9c, + 0x91, 0x5f, 0x22, 0x24, 0xc6, 0xc5, 0x9c, 0x5c, 0x94, 0x2c, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0xeb, + 0xc4, 0x72, 0xe2, 0x9e, 0x3c, 0x43, 0x10, 0x48, 0x40, 0x48, 0x88, 0x8b, 0x25, 0x25, 0xb1, 0x24, + 0x51, 0x82, 0x49, 0x81, 0x51, 0x83, 0x27, 0x08, 0xcc, 0x76, 0x12, 0x39, 0xf1, 0x50, 0x8e, 0xe1, + 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, 0x9c, 0xf1, 0x58, 0x8e, + 0x01, 0x10, 0x00, 0x00, 0xff, 0xff, 0xd8, 0x0f, 0x32, 0xb2, 0x78, 0x00, 0x00, 0x00, +} + func (m *Snapshot) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -60,35 +94,47 @@ func (m *Snapshot) Marshal() (dAtA []byte, err error) { } func (m *Snapshot) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Snapshot) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintSnap(dAtA, i, uint64(m.Crc)) + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } if m.Data != nil { - dAtA[i] = 0x12 - i++ + i -= len(m.Data) + copy(dAtA[i:], m.Data) i = encodeVarintSnap(dAtA, i, uint64(len(m.Data))) - i += copy(dAtA[i:], m.Data) - } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x12 } - return i, nil + i = encodeVarintSnap(dAtA, i, uint64(m.Crc)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func encodeVarintSnap(dAtA []byte, offset int, v uint64) int { + offset -= sovSnap(v) + base := offset for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) v >>= 7 offset++ } dAtA[offset] = uint8(v) - return offset + 1 + return base } func (m *Snapshot) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovSnap(uint64(m.Crc)) @@ -103,14 +149,7 @@ func (m *Snapshot) Size() (n int) { } func sovSnap(x uint64) (n int) { - for { - n++ - x >>= 7 - if x == 0 { - break - } - } - return n + return (math_bits.Len64(x|1) + 6) / 7 } func sozSnap(x uint64) (n int) { return sovSnap(uint64((x << 1) ^ uint64((int64(x) >> 63)))) @@ -130,7 +169,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -158,7 +197,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Crc |= (uint32(b) & 0x7F) << shift + m.Crc |= uint32(b&0x7F) << shift if b < 0x80 { break } @@ -177,7 +216,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -186,6 +225,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { return ErrInvalidLengthSnap } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthSnap + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -203,6 +245,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthSnap } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthSnap + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -270,10 +315,13 @@ func skipSnap(dAtA []byte) (n int, err error) { break } } - iNdEx += length if length < 0 { return 0, ErrInvalidLengthSnap } + iNdEx += length + if iNdEx < 0 { + return 0, ErrInvalidLengthSnap + } return iNdEx, nil case 3: for { @@ -302,6 +350,9 @@ func skipSnap(dAtA []byte) (n int, err error) { return 0, err } iNdEx = start + next + if iNdEx < 0 { + return 0, ErrInvalidLengthSnap + } } return iNdEx, nil case 4: @@ -320,17 +371,3 @@ var ( ErrInvalidLengthSnap = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowSnap = fmt.Errorf("proto: integer overflow") ) - -func init() { proto.RegisterFile("snap.proto", fileDescriptorSnap) } - -var fileDescriptorSnap = []byte{ - // 126 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2a, 0xce, 0x4b, 0x2c, - 0xd0, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x03, 0xb1, 0x0b, 0x92, 0xa4, 0x44, 0xd2, 0xf3, - 0xd3, 0xf3, 0xc1, 0x42, 0xfa, 0x20, 0x16, 0x44, 0x56, 0xc9, 0x8c, 0x8b, 0x03, 0x24, 0x5f, 0x9c, - 0x91, 0x5f, 0x22, 0x24, 0xc6, 0xc5, 0x9c, 0x5c, 0x94, 0x2c, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0xeb, - 0xc4, 0x72, 0xe2, 0x9e, 0x3c, 0x43, 0x10, 0x48, 0x40, 0x48, 0x88, 0x8b, 0x25, 0x25, 0xb1, 0x24, - 0x51, 0x82, 0x49, 0x81, 0x51, 0x83, 0x27, 0x08, 0xcc, 0x76, 0x12, 0x39, 0xf1, 0x50, 0x8e, 0xe1, - 0xc4, 0x23, 0x39, 0xc6, 0x0b, 0x8f, 0xe4, 0x18, 0x1f, 0x3c, 0x92, 0x63, 0x9c, 0xf1, 0x58, 0x8e, - 0x01, 0x10, 0x00, 0x00, 0xff, 0xff, 0xd8, 0x0f, 0x32, 0xb2, 0x78, 0x00, 0x00, 0x00, -} diff --git a/vendor/github.com/coreos/etcd/snap/snapshotter.go b/vendor/github.com/coreos/etcd/snap/snapshotter.go index 0075559212954..1d73a1c2a2717 100644 --- a/vendor/github.com/coreos/etcd/snap/snapshotter.go +++ b/vendor/github.com/coreos/etcd/snap/snapshotter.go @@ -23,6 +23,7 @@ import ( "os" "path/filepath" "sort" + "strconv" "strings" "time" @@ -31,7 +32,7 @@ import ( "github.com/coreos/etcd/raft" "github.com/coreos/etcd/raft/raftpb" "github.com/coreos/etcd/snap/snappb" - + "github.com/coreos/etcd/wal/walpb" "github.com/coreos/pkg/capnslog" ) @@ -80,9 +81,8 @@ func (s *Snapshotter) save(snapshot *raftpb.Snapshot) error { d, err := snap.Marshal() if err != nil { return err - } else { - marshallingDurations.Observe(float64(time.Since(start)) / float64(time.Second)) } + marshallingDurations.Observe(float64(time.Since(start)) / float64(time.Second)) err = pioutil.WriteAndSyncFile(filepath.Join(s.dir, fname), d, 0666) if err == nil { @@ -97,20 +97,35 @@ func (s *Snapshotter) save(snapshot *raftpb.Snapshot) error { } func (s *Snapshotter) Load() (*raftpb.Snapshot, error) { + return s.loadMatching(func(*raftpb.Snapshot) bool { return true }) +} + +// LoadNewestAvailable loads the newest snapshot available that is in walSnaps. +func (s *Snapshotter) LoadNewestAvailable(walSnaps []walpb.Snapshot) (*raftpb.Snapshot, error) { + return s.loadMatching(func(snapshot *raftpb.Snapshot) bool { + m := snapshot.Metadata + for i := len(walSnaps) - 1; i >= 0; i-- { + if m.Term == walSnaps[i].Term && m.Index == walSnaps[i].Index { + return true + } + } + return false + }) +} + +// loadMatching returns the newest snapshot where matchFn returns true. +func (s *Snapshotter) loadMatching(matchFn func(*raftpb.Snapshot) bool) (*raftpb.Snapshot, error) { names, err := s.snapNames() if err != nil { return nil, err } var snap *raftpb.Snapshot for _, name := range names { - if snap, err = loadSnap(s.dir, name); err == nil { - break + if snap, err = loadSnap(s.dir, name); err == nil && matchFn(snap) { + return snap, nil } } - if err != nil { - return nil, ErrNoSnapshot - } - return snap, nil + return nil, ErrNoSnapshot } func loadSnap(dir, name string) (*raftpb.Snapshot, error) { @@ -172,6 +187,10 @@ func (s *Snapshotter) snapNames() ([]string, error) { if err != nil { return nil, err } + names, err = s.cleanupSnapdir(names) + if err != nil { + return nil, err + } snaps := checkSuffix(names) if len(snaps) == 0 { return nil, ErrNoSnapshot @@ -202,3 +221,48 @@ func renameBroken(path string) { plog.Warningf("cannot rename broken snapshot file %v to %v: %v", path, brokenPath, err) } } + +// cleanupSnapdir removes any files that should not be in the snapshot directory: +// - db.tmp prefixed files that can be orphaned by defragmentation +func (s *Snapshotter) cleanupSnapdir(filenames []string) (names []string, err error) { + for _, filename := range filenames { + if strings.HasPrefix(filename, "db.tmp") { + plog.Infof("found orphaned defragmentation file; deleting: %s", filename) + if rmErr := os.Remove(filepath.Join(s.dir, filename)); rmErr != nil && !os.IsNotExist(rmErr) { + return nil, fmt.Errorf("failed to remove orphaned defragmentation file %s: %v", filename, rmErr) + } + continue + } + names = append(names, filename) + } + return names, nil +} + +func (s *Snapshotter) ReleaseSnapDBs(snap raftpb.Snapshot) error { + dir, err := os.Open(s.dir) + if err != nil { + return err + } + defer dir.Close() + filenames, err := dir.Readdirnames(-1) + if err != nil { + return err + } + for _, filename := range filenames { + if strings.HasSuffix(filename, ".snap.db") { + hexIndex := strings.TrimSuffix(filepath.Base(filename), ".snap.db") + index, err := strconv.ParseUint(hexIndex, 16, 64) + if err != nil { + plog.Warningf("failed to parse index from filename: %s (%v)", filename, err) + continue + } + if index < snap.Metadata.Index { + plog.Infof("found orphaned .snap.db file; deleting %q", filename) + if rmErr := os.Remove(filepath.Join(s.dir, filename)); rmErr != nil && !os.IsNotExist(rmErr) { + plog.Warningf("failed to remove orphaned .snap.db file: %s (%v)", filename, rmErr) + } + } + } + } + return nil +} diff --git a/vendor/github.com/coreos/etcd/version/version.go b/vendor/github.com/coreos/etcd/version/version.go index 4bf2fd2dd518d..aa96ffad492fa 100644 --- a/vendor/github.com/coreos/etcd/version/version.go +++ b/vendor/github.com/coreos/etcd/version/version.go @@ -26,7 +26,7 @@ import ( var ( // MinClusterVersion is the min cluster version this etcd binary is compatible with. MinClusterVersion = "3.0.0" - Version = "3.3.12" + Version = "3.3.25" APIVersion = "unknown" // Git SHA Value will be set during build diff --git a/vendor/github.com/coreos/etcd/wal/decoder.go b/vendor/github.com/coreos/etcd/wal/decoder.go index 6a217f897b01f..f2f0b26fd076f 100644 --- a/vendor/github.com/coreos/etcd/wal/decoder.go +++ b/vendor/github.com/coreos/etcd/wal/decoder.go @@ -59,6 +59,11 @@ func (d *decoder) decode(rec *walpb.Record) error { return d.decodeRecord(rec) } +// raft max message size is set to 1 MB in etcd server +// assume projects set reasonable message size limit, +// thus entry size should never exceed 10 MB +const maxWALEntrySizeLimit = int64(10 * 1024 * 1024) + func (d *decoder) decodeRecord(rec *walpb.Record) error { if len(d.brs) == 0 { return io.EOF @@ -79,6 +84,9 @@ func (d *decoder) decodeRecord(rec *walpb.Record) error { } recBytes, padBytes := decodeFrameSize(l) + if recBytes >= maxWALEntrySizeLimit-padBytes { + return ErrMaxWALEntrySizeLimitExceeded + } data := make([]byte, recBytes+padBytes) if _, err = io.ReadFull(d.brs[0], data); err != nil { diff --git a/vendor/github.com/coreos/etcd/wal/encoder.go b/vendor/github.com/coreos/etcd/wal/encoder.go index e8040b8dff138..e8890d88a9b8b 100644 --- a/vendor/github.com/coreos/etcd/wal/encoder.go +++ b/vendor/github.com/coreos/etcd/wal/encoder.go @@ -92,7 +92,8 @@ func (e *encoder) encode(rec *walpb.Record) error { if padBytes != 0 { data = append(data, make([]byte, padBytes)...) } - _, err = e.bw.Write(data) + n, err = e.bw.Write(data) + walWriteBytes.Add(float64(n)) return err } @@ -108,13 +109,16 @@ func encodeFrameSize(dataBytes int) (lenField uint64, padBytes int) { func (e *encoder) flush() error { e.mu.Lock() - defer e.mu.Unlock() - return e.bw.Flush() + n, err := e.bw.FlushN() + e.mu.Unlock() + walWriteBytes.Add(float64(n)) + return err } func writeUint64(w io.Writer, n uint64, buf []byte) error { // http://golang.org/src/encoding/binary/binary.go binary.LittleEndian.PutUint64(buf, n) - _, err := w.Write(buf) + nv, err := w.Write(buf) + walWriteBytes.Add(float64(nv)) return err } diff --git a/vendor/github.com/coreos/etcd/wal/metrics.go b/vendor/github.com/coreos/etcd/wal/metrics.go index 9e089d380f9b0..7261544165ac1 100644 --- a/vendor/github.com/coreos/etcd/wal/metrics.go +++ b/vendor/github.com/coreos/etcd/wal/metrics.go @@ -24,8 +24,15 @@ var ( Help: "The latency distributions of fsync called by wal.", Buckets: prometheus.ExponentialBuckets(0.001, 2, 14), }) + walWriteBytes = prometheus.NewGauge(prometheus.GaugeOpts{ + Namespace: "etcd", + Subsystem: "disk", + Name: "wal_write_bytes_total", + Help: "Total number of bytes written in WAL.", + }) ) func init() { prometheus.MustRegister(syncDurations) + prometheus.MustRegister(walWriteBytes) } diff --git a/vendor/github.com/coreos/etcd/wal/repair.go b/vendor/github.com/coreos/etcd/wal/repair.go index 091036b57b9ae..f1e507683c3c4 100644 --- a/vendor/github.com/coreos/etcd/wal/repair.go +++ b/vendor/github.com/coreos/etcd/wal/repair.go @@ -18,6 +18,7 @@ import ( "io" "os" "path/filepath" + "time" "github.com/coreos/etcd/pkg/fileutil" "github.com/coreos/etcd/wal/walpb" @@ -76,10 +77,14 @@ func Repair(dirpath string) bool { plog.Errorf("could not repair %v, failed to truncate file", f.Name()) return false } + + start := time.Now() if err = fileutil.Fsync(f.File); err != nil { plog.Errorf("could not repair %v, failed to sync file", f.Name()) return false } + syncDurations.Observe(time.Since(start).Seconds()) + return true default: plog.Errorf("could not repair error (%v)", err) diff --git a/vendor/github.com/coreos/etcd/wal/wal.go b/vendor/github.com/coreos/etcd/wal/wal.go index 96d01a23af69f..f1ffc4326b652 100644 --- a/vendor/github.com/coreos/etcd/wal/wal.go +++ b/vendor/github.com/coreos/etcd/wal/wal.go @@ -55,12 +55,15 @@ var ( plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "wal") - ErrMetadataConflict = errors.New("wal: conflicting metadata found") - ErrFileNotFound = errors.New("wal: file not found") - ErrCRCMismatch = errors.New("wal: crc mismatch") - ErrSnapshotMismatch = errors.New("wal: snapshot mismatch") - ErrSnapshotNotFound = errors.New("wal: snapshot not found") - crcTable = crc32.MakeTable(crc32.Castagnoli) + ErrMetadataConflict = errors.New("wal: conflicting metadata found") + ErrFileNotFound = errors.New("wal: file not found") + ErrCRCMismatch = errors.New("wal: crc mismatch") + ErrSnapshotMismatch = errors.New("wal: snapshot mismatch") + ErrSnapshotNotFound = errors.New("wal: snapshot not found") + ErrSliceOutOfRange = errors.New("wal: slice bounds out of range") + ErrMaxWALEntrySizeLimitExceeded = errors.New("wal: max entry size limit exceeded") + ErrDecoderNotFound = errors.New("wal: decoder not found") + crcTable = crc32.MakeTable(crc32.Castagnoli) ) // WAL is a logical representation of the stable storage. @@ -90,7 +93,8 @@ type WAL struct { } // Create creates a WAL ready for appending records. The given metadata is -// recorded at the head of each WAL file, and can be retrieved with ReadAll. +// recorded at the head of each WAL file, and can be retrieved with ReadAll +// after the file is Open. func Create(dirpath string, metadata []byte) (*WAL, error) { if Exist(dirpath) { return nil, os.ErrExist @@ -147,9 +151,13 @@ func Create(dirpath string, metadata []byte) (*WAL, error) { if perr != nil { return nil, perr } + + start := time.Now() if perr = fileutil.Fsync(pdir); perr != nil { return nil, perr } + syncDurations.Observe(time.Since(start).Seconds()) + if perr = pdir.Close(); err != nil { return nil, perr } @@ -223,17 +231,55 @@ func OpenForRead(dirpath string, snap walpb.Snapshot) (*WAL, error) { } func openAtIndex(dirpath string, snap walpb.Snapshot, write bool) (*WAL, error) { - names, err := readWalNames(dirpath) + names, nameIndex, err := selectWALFiles(dirpath, snap) + if err != nil { + return nil, err + } + + rs, ls, closer, err := openWALFiles(dirpath, names, nameIndex, write) if err != nil { return nil, err } + // create a WAL ready for reading + w := &WAL{ + dir: dirpath, + start: snap, + decoder: newDecoder(rs...), + readClose: closer, + locks: ls, + } + + if write { + // write reuses the file descriptors from read; don't close so + // WAL can append without dropping the file lock + w.readClose = nil + if _, _, err := parseWalName(filepath.Base(w.tail().Name())); err != nil { + closer() + return nil, err + } + w.fp = newFilePipeline(w.dir, SegmentSizeBytes) + } + + return w, nil +} + +func selectWALFiles(dirpath string, snap walpb.Snapshot) ([]string, int, error) { + names, err := readWalNames(dirpath) + if err != nil { + return nil, -1, err + } + nameIndex, ok := searchIndex(names, snap.Index) if !ok || !isValidSeq(names[nameIndex:]) { - return nil, ErrFileNotFound + err = ErrFileNotFound + return nil, -1, err } - // open the wal files + return names, nameIndex, nil +} + +func openWALFiles(dirpath string, names []string, nameIndex int, write bool) ([]io.Reader, []*fileutil.LockedFile, func() error, error) { rcs := make([]io.ReadCloser, 0) rs := make([]io.Reader, 0) ls := make([]*fileutil.LockedFile, 0) @@ -243,7 +289,7 @@ func openAtIndex(dirpath string, snap walpb.Snapshot, write bool) (*WAL, error) l, err := fileutil.TryLockFile(p, os.O_RDWR, fileutil.PrivateFileMode) if err != nil { closeAll(rcs...) - return nil, err + return nil, nil, nil, err } ls = append(ls, l) rcs = append(rcs, l) @@ -251,7 +297,7 @@ func openAtIndex(dirpath string, snap walpb.Snapshot, write bool) (*WAL, error) rf, err := os.OpenFile(p, os.O_RDONLY, fileutil.PrivateFileMode) if err != nil { closeAll(rcs...) - return nil, err + return nil, nil, nil, err } ls = append(ls, nil) rcs = append(rcs, rf) @@ -261,27 +307,7 @@ func openAtIndex(dirpath string, snap walpb.Snapshot, write bool) (*WAL, error) closer := func() error { return closeAll(rcs...) } - // create a WAL ready for reading - w := &WAL{ - dir: dirpath, - start: snap, - decoder: newDecoder(rs...), - readClose: closer, - locks: ls, - } - - if write { - // write reuses the file descriptors from read; don't close so - // WAL can append without dropping the file lock - w.readClose = nil - if _, _, err := parseWalName(filepath.Base(w.tail().Name())); err != nil { - closer() - return nil, err - } - w.fp = newFilePipeline(w.dir, SegmentSizeBytes) - } - - return w, nil + return rs, ls, closer, nil } // ReadAll reads out records of the current WAL. @@ -299,6 +325,10 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. defer w.mu.Unlock() rec := &walpb.Record{} + + if w.decoder == nil { + return nil, state, nil, ErrDecoderNotFound + } decoder := w.decoder var match bool @@ -306,8 +336,15 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. switch rec.Type { case entryType: e := mustUnmarshalEntry(rec.Data) + // 0 <= e.Index-w.start.Index - 1 < len(ents) if e.Index > w.start.Index { - ents = append(ents[:e.Index-w.start.Index-1], e) + // prevent "panic: runtime error: slice bounds out of range [:13038096702221461992] with capacity 0" + up := e.Index - w.start.Index - 1 + if up > uint64(len(ents)) { + // return error before append call causes runtime panic + return nil, state, nil, ErrSliceOutOfRange + } + ents = append(ents[:up], e) } w.enti = e.Index case stateType: @@ -398,6 +435,150 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb. return metadata, state, ents, err } +// ValidSnapshotEntries returns all the valid snapshot entries in the wal logs in the given directory. +// Snapshot entries are valid if their index is less than or equal to the most recent committed hardstate. +func ValidSnapshotEntries(walDir string) ([]walpb.Snapshot, error) { + var snaps []walpb.Snapshot + var state raftpb.HardState + var err error + + rec := &walpb.Record{} + names, err := readWalNames(walDir) + if err != nil { + return nil, err + } + + // open wal files in read mode, so that there is no conflict + // when the same WAL is opened elsewhere in write mode + rs, _, closer, err := openWALFiles(walDir, names, 0, false) + if err != nil { + return nil, err + } + defer func() { + if closer != nil { + closer() + } + }() + + // create a new decoder from the readers on the WAL files + decoder := newDecoder(rs...) + + for err = decoder.decode(rec); err == nil; err = decoder.decode(rec) { + switch rec.Type { + case snapshotType: + var loadedSnap walpb.Snapshot + pbutil.MustUnmarshal(&loadedSnap, rec.Data) + snaps = append(snaps, loadedSnap) + case stateType: + state = mustUnmarshalState(rec.Data) + case crcType: + crc := decoder.crc.Sum32() + // current crc of decoder must match the crc of the record. + // do no need to match 0 crc, since the decoder is a new one at this case. + if crc != 0 && rec.Validate(crc) != nil { + return nil, ErrCRCMismatch + } + decoder.updateCRC(rec.Crc) + } + } + // We do not have to read out all the WAL entries + // as the decoder is opened in read mode. + if err != io.EOF && err != io.ErrUnexpectedEOF { + return nil, err + } + + // filter out any snaps that are newer than the committed hardstate + n := 0 + for _, s := range snaps { + if s.Index <= state.Commit { + snaps[n] = s + n++ + } + } + snaps = snaps[:n:n] + + return snaps, nil +} + +// Verify reads through the given WAL and verifies that it is not corrupted. +// It creates a new decoder to read through the records of the given WAL. +// It does not conflict with any open WAL, but it is recommended not to +// call this function after opening the WAL for writing. +// If it cannot read out the expected snap, it will return ErrSnapshotNotFound. +// If the loaded snap doesn't match with the expected one, it will +// return error ErrSnapshotMismatch. +func Verify(walDir string, snap walpb.Snapshot) error { + var metadata []byte + var err error + var match bool + + rec := &walpb.Record{} + + names, nameIndex, err := selectWALFiles(walDir, snap) + if err != nil { + return err + } + + // open wal files in read mode, so that there is no conflict + // when the same WAL is opened elsewhere in write mode + rs, _, closer, err := openWALFiles(walDir, names, nameIndex, false) + if err != nil { + return err + } + + // create a new decoder from the readers on the WAL files + decoder := newDecoder(rs...) + + for err = decoder.decode(rec); err == nil; err = decoder.decode(rec) { + switch rec.Type { + case metadataType: + if metadata != nil && !bytes.Equal(metadata, rec.Data) { + return ErrMetadataConflict + } + metadata = rec.Data + case crcType: + crc := decoder.crc.Sum32() + // Current crc of decoder must match the crc of the record. + // We need not match 0 crc, since the decoder is a new one at this point. + if crc != 0 && rec.Validate(crc) != nil { + return ErrCRCMismatch + } + decoder.updateCRC(rec.Crc) + case snapshotType: + var loadedSnap walpb.Snapshot + pbutil.MustUnmarshal(&loadedSnap, rec.Data) + if loadedSnap.Index == snap.Index { + if loadedSnap.Term != snap.Term { + return ErrSnapshotMismatch + } + match = true + } + // We ignore all entry and state type records as these + // are not necessary for validating the WAL contents + case entryType: + case stateType: + default: + return fmt.Errorf("unexpected block type %d", rec.Type) + } + } + + if closer != nil { + closer() + } + + // We do not have to read out all the WAL entries + // as the decoder is opened in read mode. + if err != io.EOF && err != io.ErrUnexpectedEOF { + return err + } + + if !match { + return ErrSnapshotNotFound + } + + return nil +} + // cut closes current file written and creates a new one ready to append. // cut first creates a temp wal file and writes necessary headers into it. // Then cut atomically rename temp wal file to a wal file. @@ -451,9 +632,12 @@ func (w *WAL) cut() error { if err = os.Rename(newTail.Name(), fpath); err != nil { return err } + + start := time.Now() if err = fileutil.Fsync(w.dirFile); err != nil { return err } + syncDurations.Observe(time.Since(start).Seconds()) // reopen newTail with its new path so calls to Name() match the wal filename format newTail.Close() @@ -495,6 +679,10 @@ func (w *WAL) sync() error { return err } +func (w *WAL) Sync() error { + return w.sync() +} + // ReleaseLockTo releases the locks, which has smaller index than the given index // except the largest one among them. // For example, if WAL is holding lock 1,2,3,4,5,6, ReleaseLockTo(4) will release diff --git a/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go b/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go index 3ce63ddc2eb6a..10ee41702efe1 100644 --- a/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go +++ b/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go @@ -1,28 +1,16 @@ // Code generated by protoc-gen-gogo. DO NOT EDIT. // source: record.proto -/* - Package walpb is a generated protocol buffer package. - - It is generated from these files: - record.proto - - It has these top-level messages: - Record - Snapshot -*/ package walpb import ( - "fmt" - - proto "github.com/golang/protobuf/proto" - + fmt "fmt" + io "io" math "math" + math_bits "math/bits" _ "github.com/gogo/protobuf/gogoproto" - - io "io" + proto "github.com/golang/protobuf/proto" ) // Reference imports to suppress errors if they are not otherwise used. @@ -37,36 +25,115 @@ var _ = math.Inf const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package type Record struct { - Type int64 `protobuf:"varint,1,opt,name=type" json:"type"` - Crc uint32 `protobuf:"varint,2,opt,name=crc" json:"crc"` - Data []byte `protobuf:"bytes,3,opt,name=data" json:"data,omitempty"` - XXX_unrecognized []byte `json:"-"` + Type int64 `protobuf:"varint,1,opt,name=type" json:"type"` + Crc uint32 `protobuf:"varint,2,opt,name=crc" json:"crc"` + Data []byte `protobuf:"bytes,3,opt,name=data" json:"data,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } -func (m *Record) Reset() { *m = Record{} } -func (m *Record) String() string { return proto.CompactTextString(m) } -func (*Record) ProtoMessage() {} -func (*Record) Descriptor() ([]byte, []int) { return fileDescriptorRecord, []int{0} } +func (m *Record) Reset() { *m = Record{} } +func (m *Record) String() string { return proto.CompactTextString(m) } +func (*Record) ProtoMessage() {} +func (*Record) Descriptor() ([]byte, []int) { + return fileDescriptor_bf94fd919e302a1d, []int{0} +} +func (m *Record) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Record) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Record.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Record) XXX_Merge(src proto.Message) { + xxx_messageInfo_Record.Merge(m, src) +} +func (m *Record) XXX_Size() int { + return m.Size() +} +func (m *Record) XXX_DiscardUnknown() { + xxx_messageInfo_Record.DiscardUnknown(m) +} + +var xxx_messageInfo_Record proto.InternalMessageInfo type Snapshot struct { - Index uint64 `protobuf:"varint,1,opt,name=index" json:"index"` - Term uint64 `protobuf:"varint,2,opt,name=term" json:"term"` - XXX_unrecognized []byte `json:"-"` + Index uint64 `protobuf:"varint,1,opt,name=index" json:"index"` + Term uint64 `protobuf:"varint,2,opt,name=term" json:"term"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *Snapshot) Reset() { *m = Snapshot{} } +func (m *Snapshot) String() string { return proto.CompactTextString(m) } +func (*Snapshot) ProtoMessage() {} +func (*Snapshot) Descriptor() ([]byte, []int) { + return fileDescriptor_bf94fd919e302a1d, []int{1} +} +func (m *Snapshot) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *Snapshot) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_Snapshot.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *Snapshot) XXX_Merge(src proto.Message) { + xxx_messageInfo_Snapshot.Merge(m, src) +} +func (m *Snapshot) XXX_Size() int { + return m.Size() +} +func (m *Snapshot) XXX_DiscardUnknown() { + xxx_messageInfo_Snapshot.DiscardUnknown(m) } -func (m *Snapshot) Reset() { *m = Snapshot{} } -func (m *Snapshot) String() string { return proto.CompactTextString(m) } -func (*Snapshot) ProtoMessage() {} -func (*Snapshot) Descriptor() ([]byte, []int) { return fileDescriptorRecord, []int{1} } +var xxx_messageInfo_Snapshot proto.InternalMessageInfo func init() { proto.RegisterType((*Record)(nil), "walpb.Record") proto.RegisterType((*Snapshot)(nil), "walpb.Snapshot") } + +func init() { proto.RegisterFile("record.proto", fileDescriptor_bf94fd919e302a1d) } + +var fileDescriptor_bf94fd919e302a1d = []byte{ + // 186 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x29, 0x4a, 0x4d, 0xce, + 0x2f, 0x4a, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x2d, 0x4f, 0xcc, 0x29, 0x48, 0x92, + 0x12, 0x49, 0xcf, 0x4f, 0xcf, 0x07, 0x8b, 0xe8, 0x83, 0x58, 0x10, 0x49, 0x25, 0x3f, 0x2e, 0xb6, + 0x20, 0xb0, 0x62, 0x21, 0x09, 0x2e, 0x96, 0x92, 0xca, 0x82, 0x54, 0x09, 0x46, 0x05, 0x46, 0x0d, + 0x66, 0x27, 0x96, 0x13, 0xf7, 0xe4, 0x19, 0x82, 0xc0, 0x22, 0x42, 0x62, 0x5c, 0xcc, 0xc9, 0x45, + 0xc9, 0x12, 0x4c, 0x0a, 0x8c, 0x1a, 0xbc, 0x50, 0x09, 0x90, 0x80, 0x90, 0x10, 0x17, 0x4b, 0x4a, + 0x62, 0x49, 0xa2, 0x04, 0xb3, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, 0xad, 0xe4, 0xc0, 0xc5, 0x11, + 0x9c, 0x97, 0x58, 0x50, 0x9c, 0x91, 0x5f, 0x22, 0x24, 0xc5, 0xc5, 0x9a, 0x99, 0x97, 0x92, 0x5a, + 0x01, 0x36, 0x92, 0x05, 0xaa, 0x13, 0x22, 0x04, 0xb6, 0x2d, 0xb5, 0x28, 0x17, 0x6c, 0x28, 0x0b, + 0xdc, 0xb6, 0xd4, 0xa2, 0x5c, 0x27, 0x91, 0x13, 0x0f, 0xe5, 0x18, 0x4e, 0x3c, 0x92, 0x63, 0xbc, + 0xf0, 0x48, 0x8e, 0xf1, 0xc1, 0x23, 0x39, 0xc6, 0x19, 0x8f, 0xe5, 0x18, 0x00, 0x01, 0x00, 0x00, + 0xff, 0xff, 0x7f, 0x5e, 0x5c, 0x46, 0xd3, 0x00, 0x00, 0x00, +} + func (m *Record) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -74,32 +141,39 @@ func (m *Record) Marshal() (dAtA []byte, err error) { } func (m *Record) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Record) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRecord(dAtA, i, uint64(m.Type)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRecord(dAtA, i, uint64(m.Crc)) + if m.XXX_unrecognized != nil { + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) + } if m.Data != nil { - dAtA[i] = 0x1a - i++ + i -= len(m.Data) + copy(dAtA[i:], m.Data) i = encodeVarintRecord(dAtA, i, uint64(len(m.Data))) - i += copy(dAtA[i:], m.Data) - } - if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i-- + dAtA[i] = 0x1a } - return i, nil + i = encodeVarintRecord(dAtA, i, uint64(m.Crc)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRecord(dAtA, i, uint64(m.Type)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func (m *Snapshot) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) - n, err := m.MarshalTo(dAtA) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) if err != nil { return nil, err } @@ -107,32 +181,43 @@ func (m *Snapshot) Marshal() (dAtA []byte, err error) { } func (m *Snapshot) MarshalTo(dAtA []byte) (int, error) { - var i int + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *Snapshot) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) _ = i var l int _ = l - dAtA[i] = 0x8 - i++ - i = encodeVarintRecord(dAtA, i, uint64(m.Index)) - dAtA[i] = 0x10 - i++ - i = encodeVarintRecord(dAtA, i, uint64(m.Term)) if m.XXX_unrecognized != nil { - i += copy(dAtA[i:], m.XXX_unrecognized) + i -= len(m.XXX_unrecognized) + copy(dAtA[i:], m.XXX_unrecognized) } - return i, nil + i = encodeVarintRecord(dAtA, i, uint64(m.Term)) + i-- + dAtA[i] = 0x10 + i = encodeVarintRecord(dAtA, i, uint64(m.Index)) + i-- + dAtA[i] = 0x8 + return len(dAtA) - i, nil } func encodeVarintRecord(dAtA []byte, offset int, v uint64) int { + offset -= sovRecord(v) + base := offset for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) v >>= 7 offset++ } dAtA[offset] = uint8(v) - return offset + 1 + return base } func (m *Record) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRecord(uint64(m.Type)) @@ -148,6 +233,9 @@ func (m *Record) Size() (n int) { } func (m *Snapshot) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l n += 1 + sovRecord(uint64(m.Index)) @@ -159,14 +247,7 @@ func (m *Snapshot) Size() (n int) { } func sovRecord(x uint64) (n int) { - for { - n++ - x >>= 7 - if x == 0 { - break - } - } - return n + return (math_bits.Len64(x|1) + 6) / 7 } func sozRecord(x uint64) (n int) { return sovRecord(uint64((x << 1) ^ uint64((int64(x) >> 63)))) @@ -186,7 +267,7 @@ func (m *Record) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -214,7 +295,7 @@ func (m *Record) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Type |= (int64(b) & 0x7F) << shift + m.Type |= int64(b&0x7F) << shift if b < 0x80 { break } @@ -233,7 +314,7 @@ func (m *Record) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Crc |= (uint32(b) & 0x7F) << shift + m.Crc |= uint32(b&0x7F) << shift if b < 0x80 { break } @@ -252,7 +333,7 @@ func (m *Record) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - byteLen |= (int(b) & 0x7F) << shift + byteLen |= int(b&0x7F) << shift if b < 0x80 { break } @@ -261,6 +342,9 @@ func (m *Record) Unmarshal(dAtA []byte) error { return ErrInvalidLengthRecord } postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthRecord + } if postIndex > l { return io.ErrUnexpectedEOF } @@ -278,6 +362,9 @@ func (m *Record) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRecord } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRecord + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -306,7 +393,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - wire |= (uint64(b) & 0x7F) << shift + wire |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -334,7 +421,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Index |= (uint64(b) & 0x7F) << shift + m.Index |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -353,7 +440,7 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - m.Term |= (uint64(b) & 0x7F) << shift + m.Term |= uint64(b&0x7F) << shift if b < 0x80 { break } @@ -367,6 +454,9 @@ func (m *Snapshot) Unmarshal(dAtA []byte) error { if skippy < 0 { return ErrInvalidLengthRecord } + if (iNdEx + skippy) < 0 { + return ErrInvalidLengthRecord + } if (iNdEx + skippy) > l { return io.ErrUnexpectedEOF } @@ -434,10 +524,13 @@ func skipRecord(dAtA []byte) (n int, err error) { break } } - iNdEx += length if length < 0 { return 0, ErrInvalidLengthRecord } + iNdEx += length + if iNdEx < 0 { + return 0, ErrInvalidLengthRecord + } return iNdEx, nil case 3: for { @@ -466,6 +559,9 @@ func skipRecord(dAtA []byte) (n int, err error) { return 0, err } iNdEx = start + next + if iNdEx < 0 { + return 0, ErrInvalidLengthRecord + } } return iNdEx, nil case 4: @@ -484,21 +580,3 @@ var ( ErrInvalidLengthRecord = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowRecord = fmt.Errorf("proto: integer overflow") ) - -func init() { proto.RegisterFile("record.proto", fileDescriptorRecord) } - -var fileDescriptorRecord = []byte{ - // 186 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x29, 0x4a, 0x4d, 0xce, - 0x2f, 0x4a, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x2d, 0x4f, 0xcc, 0x29, 0x48, 0x92, - 0x12, 0x49, 0xcf, 0x4f, 0xcf, 0x07, 0x8b, 0xe8, 0x83, 0x58, 0x10, 0x49, 0x25, 0x3f, 0x2e, 0xb6, - 0x20, 0xb0, 0x62, 0x21, 0x09, 0x2e, 0x96, 0x92, 0xca, 0x82, 0x54, 0x09, 0x46, 0x05, 0x46, 0x0d, - 0x66, 0x27, 0x96, 0x13, 0xf7, 0xe4, 0x19, 0x82, 0xc0, 0x22, 0x42, 0x62, 0x5c, 0xcc, 0xc9, 0x45, - 0xc9, 0x12, 0x4c, 0x0a, 0x8c, 0x1a, 0xbc, 0x50, 0x09, 0x90, 0x80, 0x90, 0x10, 0x17, 0x4b, 0x4a, - 0x62, 0x49, 0xa2, 0x04, 0xb3, 0x02, 0xa3, 0x06, 0x4f, 0x10, 0x98, 0xad, 0xe4, 0xc0, 0xc5, 0x11, - 0x9c, 0x97, 0x58, 0x50, 0x9c, 0x91, 0x5f, 0x22, 0x24, 0xc5, 0xc5, 0x9a, 0x99, 0x97, 0x92, 0x5a, - 0x01, 0x36, 0x92, 0x05, 0xaa, 0x13, 0x22, 0x04, 0xb6, 0x2d, 0xb5, 0x28, 0x17, 0x6c, 0x28, 0x0b, - 0xdc, 0xb6, 0xd4, 0xa2, 0x5c, 0x27, 0x91, 0x13, 0x0f, 0xe5, 0x18, 0x4e, 0x3c, 0x92, 0x63, 0xbc, - 0xf0, 0x48, 0x8e, 0xf1, 0xc1, 0x23, 0x39, 0xc6, 0x19, 0x8f, 0xe5, 0x18, 0x00, 0x01, 0x00, 0x00, - 0xff, 0xff, 0x7f, 0x5e, 0x5c, 0x46, 0xd3, 0x00, 0x00, 0x00, -} diff --git a/vendor/github.com/ugorji/go/LICENSE b/vendor/github.com/json-iterator/go/LICENSE similarity index 92% rename from vendor/github.com/ugorji/go/LICENSE rename to vendor/github.com/json-iterator/go/LICENSE index 95a0f0541cdaa..2cf4f5ab28e9c 100644 --- a/vendor/github.com/ugorji/go/LICENSE +++ b/vendor/github.com/json-iterator/go/LICENSE @@ -1,7 +1,6 @@ -The MIT License (MIT) +MIT License -Copyright (c) 2012-2015 Ugorji Nwoke. -All rights reserved. +Copyright (c) 2016 json-iterator Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/vendor/github.com/json-iterator/go/README.md b/vendor/github.com/json-iterator/go/README.md new file mode 100644 index 0000000000000..52b111d5f36ef --- /dev/null +++ b/vendor/github.com/json-iterator/go/README.md @@ -0,0 +1,87 @@ +[![Sourcegraph](https://sourcegraph.com/github.com/json-iterator/go/-/badge.svg)](https://sourcegraph.com/github.com/json-iterator/go?badge) +[![GoDoc](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)](https://pkg.go.dev/github.com/json-iterator/go) +[![Build Status](https://travis-ci.org/json-iterator/go.svg?branch=master)](https://travis-ci.org/json-iterator/go) +[![codecov](https://codecov.io/gh/json-iterator/go/branch/master/graph/badge.svg)](https://codecov.io/gh/json-iterator/go) +[![rcard](https://goreportcard.com/badge/github.com/json-iterator/go)](https://goreportcard.com/report/github.com/json-iterator/go) +[![License](http://img.shields.io/badge/license-mit-blue.svg?style=flat-square)](https://raw.githubusercontent.com/json-iterator/go/master/LICENSE) +[![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/json-iterator/Lobby) + +A high-performance 100% compatible drop-in replacement of "encoding/json" + +You can also use thrift like JSON using [thrift-iterator](https://github.com/thrift-iterator/go) + +# Benchmark + +![benchmark](http://jsoniter.com/benchmarks/go-benchmark.png) + +Source code: https://github.com/json-iterator/go-benchmark/blob/master/src/github.com/json-iterator/go-benchmark/benchmark_medium_payload_test.go + +Raw Result (easyjson requires static code generation) + +| | ns/op | allocation bytes | allocation times | +| --------------- | ----------- | ---------------- | ---------------- | +| std decode | 35510 ns/op | 1960 B/op | 99 allocs/op | +| easyjson decode | 8499 ns/op | 160 B/op | 4 allocs/op | +| jsoniter decode | 5623 ns/op | 160 B/op | 3 allocs/op | +| std encode | 2213 ns/op | 712 B/op | 5 allocs/op | +| easyjson encode | 883 ns/op | 576 B/op | 3 allocs/op | +| jsoniter encode | 837 ns/op | 384 B/op | 4 allocs/op | + +Always benchmark with your own workload. +The result depends heavily on the data input. + +# Usage + +100% compatibility with standard lib + +Replace + +```go +import "encoding/json" +json.Marshal(&data) +``` + +with + +```go +import jsoniter "github.com/json-iterator/go" + +var json = jsoniter.ConfigCompatibleWithStandardLibrary +json.Marshal(&data) +``` + +Replace + +```go +import "encoding/json" +json.Unmarshal(input, &data) +``` + +with + +```go +import jsoniter "github.com/json-iterator/go" + +var json = jsoniter.ConfigCompatibleWithStandardLibrary +json.Unmarshal(input, &data) +``` + +[More documentation](http://jsoniter.com/migrate-from-go-std.html) + +# How to get + +``` +go get github.com/json-iterator/go +``` + +# Contribution Welcomed ! + +Contributors + +- [thockin](https://github.com/thockin) +- [mattn](https://github.com/mattn) +- [cch123](https://github.com/cch123) +- [Oleg Shaldybin](https://github.com/olegshaldybin) +- [Jason Toffaletti](https://github.com/toffaletti) + +Report issue or pull request, or email taowen@gmail.com, or [![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/json-iterator/Lobby) diff --git a/vendor/github.com/json-iterator/go/adapter.go b/vendor/github.com/json-iterator/go/adapter.go new file mode 100644 index 0000000000000..92d2cc4a3dd5c --- /dev/null +++ b/vendor/github.com/json-iterator/go/adapter.go @@ -0,0 +1,150 @@ +package jsoniter + +import ( + "bytes" + "io" +) + +// RawMessage to make replace json with jsoniter +type RawMessage []byte + +// Unmarshal adapts to json/encoding Unmarshal API +// +// Unmarshal parses the JSON-encoded data and stores the result in the value pointed to by v. +// Refer to https://godoc.org/encoding/json#Unmarshal for more information +func Unmarshal(data []byte, v interface{}) error { + return ConfigDefault.Unmarshal(data, v) +} + +// UnmarshalFromString is a convenient method to read from string instead of []byte +func UnmarshalFromString(str string, v interface{}) error { + return ConfigDefault.UnmarshalFromString(str, v) +} + +// Get quick method to get value from deeply nested JSON structure +func Get(data []byte, path ...interface{}) Any { + return ConfigDefault.Get(data, path...) +} + +// Marshal adapts to json/encoding Marshal API +// +// Marshal returns the JSON encoding of v, adapts to json/encoding Marshal API +// Refer to https://godoc.org/encoding/json#Marshal for more information +func Marshal(v interface{}) ([]byte, error) { + return ConfigDefault.Marshal(v) +} + +// MarshalIndent same as json.MarshalIndent. Prefix is not supported. +func MarshalIndent(v interface{}, prefix, indent string) ([]byte, error) { + return ConfigDefault.MarshalIndent(v, prefix, indent) +} + +// MarshalToString convenient method to write as string instead of []byte +func MarshalToString(v interface{}) (string, error) { + return ConfigDefault.MarshalToString(v) +} + +// NewDecoder adapts to json/stream NewDecoder API. +// +// NewDecoder returns a new decoder that reads from r. +// +// Instead of a json/encoding Decoder, an Decoder is returned +// Refer to https://godoc.org/encoding/json#NewDecoder for more information +func NewDecoder(reader io.Reader) *Decoder { + return ConfigDefault.NewDecoder(reader) +} + +// Decoder reads and decodes JSON values from an input stream. +// Decoder provides identical APIs with json/stream Decoder (Token() and UseNumber() are in progress) +type Decoder struct { + iter *Iterator +} + +// Decode decode JSON into interface{} +func (adapter *Decoder) Decode(obj interface{}) error { + if adapter.iter.head == adapter.iter.tail && adapter.iter.reader != nil { + if !adapter.iter.loadMore() { + return io.EOF + } + } + adapter.iter.ReadVal(obj) + err := adapter.iter.Error + if err == io.EOF { + return nil + } + return adapter.iter.Error +} + +// More is there more? +func (adapter *Decoder) More() bool { + iter := adapter.iter + if iter.Error != nil { + return false + } + c := iter.nextToken() + if c == 0 { + return false + } + iter.unreadByte() + return c != ']' && c != '}' +} + +// Buffered remaining buffer +func (adapter *Decoder) Buffered() io.Reader { + remaining := adapter.iter.buf[adapter.iter.head:adapter.iter.tail] + return bytes.NewReader(remaining) +} + +// UseNumber causes the Decoder to unmarshal a number into an interface{} as a +// Number instead of as a float64. +func (adapter *Decoder) UseNumber() { + cfg := adapter.iter.cfg.configBeforeFrozen + cfg.UseNumber = true + adapter.iter.cfg = cfg.frozeWithCacheReuse(adapter.iter.cfg.extraExtensions) +} + +// DisallowUnknownFields causes the Decoder to return an error when the destination +// is a struct and the input contains object keys which do not match any +// non-ignored, exported fields in the destination. +func (adapter *Decoder) DisallowUnknownFields() { + cfg := adapter.iter.cfg.configBeforeFrozen + cfg.DisallowUnknownFields = true + adapter.iter.cfg = cfg.frozeWithCacheReuse(adapter.iter.cfg.extraExtensions) +} + +// NewEncoder same as json.NewEncoder +func NewEncoder(writer io.Writer) *Encoder { + return ConfigDefault.NewEncoder(writer) +} + +// Encoder same as json.Encoder +type Encoder struct { + stream *Stream +} + +// Encode encode interface{} as JSON to io.Writer +func (adapter *Encoder) Encode(val interface{}) error { + adapter.stream.WriteVal(val) + adapter.stream.WriteRaw("\n") + adapter.stream.Flush() + return adapter.stream.Error +} + +// SetIndent set the indention. Prefix is not supported +func (adapter *Encoder) SetIndent(prefix, indent string) { + config := adapter.stream.cfg.configBeforeFrozen + config.IndentionStep = len(indent) + adapter.stream.cfg = config.frozeWithCacheReuse(adapter.stream.cfg.extraExtensions) +} + +// SetEscapeHTML escape html by default, set to false to disable +func (adapter *Encoder) SetEscapeHTML(escapeHTML bool) { + config := adapter.stream.cfg.configBeforeFrozen + config.EscapeHTML = escapeHTML + adapter.stream.cfg = config.frozeWithCacheReuse(adapter.stream.cfg.extraExtensions) +} + +// Valid reports whether data is a valid JSON encoding. +func Valid(data []byte) bool { + return ConfigDefault.Valid(data) +} diff --git a/vendor/github.com/json-iterator/go/any.go b/vendor/github.com/json-iterator/go/any.go new file mode 100644 index 0000000000000..f6b8aeab0a12d --- /dev/null +++ b/vendor/github.com/json-iterator/go/any.go @@ -0,0 +1,325 @@ +package jsoniter + +import ( + "errors" + "fmt" + "github.com/modern-go/reflect2" + "io" + "reflect" + "strconv" + "unsafe" +) + +// Any generic object representation. +// The lazy json implementation holds []byte and parse lazily. +type Any interface { + LastError() error + ValueType() ValueType + MustBeValid() Any + ToBool() bool + ToInt() int + ToInt32() int32 + ToInt64() int64 + ToUint() uint + ToUint32() uint32 + ToUint64() uint64 + ToFloat32() float32 + ToFloat64() float64 + ToString() string + ToVal(val interface{}) + Get(path ...interface{}) Any + Size() int + Keys() []string + GetInterface() interface{} + WriteTo(stream *Stream) +} + +type baseAny struct{} + +func (any *baseAny) Get(path ...interface{}) Any { + return &invalidAny{baseAny{}, fmt.Errorf("GetIndex %v from simple value", path)} +} + +func (any *baseAny) Size() int { + return 0 +} + +func (any *baseAny) Keys() []string { + return []string{} +} + +func (any *baseAny) ToVal(obj interface{}) { + panic("not implemented") +} + +// WrapInt32 turn int32 into Any interface +func WrapInt32(val int32) Any { + return &int32Any{baseAny{}, val} +} + +// WrapInt64 turn int64 into Any interface +func WrapInt64(val int64) Any { + return &int64Any{baseAny{}, val} +} + +// WrapUint32 turn uint32 into Any interface +func WrapUint32(val uint32) Any { + return &uint32Any{baseAny{}, val} +} + +// WrapUint64 turn uint64 into Any interface +func WrapUint64(val uint64) Any { + return &uint64Any{baseAny{}, val} +} + +// WrapFloat64 turn float64 into Any interface +func WrapFloat64(val float64) Any { + return &floatAny{baseAny{}, val} +} + +// WrapString turn string into Any interface +func WrapString(val string) Any { + return &stringAny{baseAny{}, val} +} + +// Wrap turn a go object into Any interface +func Wrap(val interface{}) Any { + if val == nil { + return &nilAny{} + } + asAny, isAny := val.(Any) + if isAny { + return asAny + } + typ := reflect2.TypeOf(val) + switch typ.Kind() { + case reflect.Slice: + return wrapArray(val) + case reflect.Struct: + return wrapStruct(val) + case reflect.Map: + return wrapMap(val) + case reflect.String: + return WrapString(val.(string)) + case reflect.Int: + if strconv.IntSize == 32 { + return WrapInt32(int32(val.(int))) + } + return WrapInt64(int64(val.(int))) + case reflect.Int8: + return WrapInt32(int32(val.(int8))) + case reflect.Int16: + return WrapInt32(int32(val.(int16))) + case reflect.Int32: + return WrapInt32(val.(int32)) + case reflect.Int64: + return WrapInt64(val.(int64)) + case reflect.Uint: + if strconv.IntSize == 32 { + return WrapUint32(uint32(val.(uint))) + } + return WrapUint64(uint64(val.(uint))) + case reflect.Uintptr: + if ptrSize == 32 { + return WrapUint32(uint32(val.(uintptr))) + } + return WrapUint64(uint64(val.(uintptr))) + case reflect.Uint8: + return WrapUint32(uint32(val.(uint8))) + case reflect.Uint16: + return WrapUint32(uint32(val.(uint16))) + case reflect.Uint32: + return WrapUint32(uint32(val.(uint32))) + case reflect.Uint64: + return WrapUint64(val.(uint64)) + case reflect.Float32: + return WrapFloat64(float64(val.(float32))) + case reflect.Float64: + return WrapFloat64(val.(float64)) + case reflect.Bool: + if val.(bool) == true { + return &trueAny{} + } + return &falseAny{} + } + return &invalidAny{baseAny{}, fmt.Errorf("unsupported type: %v", typ)} +} + +// ReadAny read next JSON element as an Any object. It is a better json.RawMessage. +func (iter *Iterator) ReadAny() Any { + return iter.readAny() +} + +func (iter *Iterator) readAny() Any { + c := iter.nextToken() + switch c { + case '"': + iter.unreadByte() + return &stringAny{baseAny{}, iter.ReadString()} + case 'n': + iter.skipThreeBytes('u', 'l', 'l') // null + return &nilAny{} + case 't': + iter.skipThreeBytes('r', 'u', 'e') // true + return &trueAny{} + case 'f': + iter.skipFourBytes('a', 'l', 's', 'e') // false + return &falseAny{} + case '{': + return iter.readObjectAny() + case '[': + return iter.readArrayAny() + case '-': + return iter.readNumberAny(false) + case 0: + return &invalidAny{baseAny{}, errors.New("input is empty")} + default: + return iter.readNumberAny(true) + } +} + +func (iter *Iterator) readNumberAny(positive bool) Any { + iter.startCapture(iter.head - 1) + iter.skipNumber() + lazyBuf := iter.stopCapture() + return &numberLazyAny{baseAny{}, iter.cfg, lazyBuf, nil} +} + +func (iter *Iterator) readObjectAny() Any { + iter.startCapture(iter.head - 1) + iter.skipObject() + lazyBuf := iter.stopCapture() + return &objectLazyAny{baseAny{}, iter.cfg, lazyBuf, nil} +} + +func (iter *Iterator) readArrayAny() Any { + iter.startCapture(iter.head - 1) + iter.skipArray() + lazyBuf := iter.stopCapture() + return &arrayLazyAny{baseAny{}, iter.cfg, lazyBuf, nil} +} + +func locateObjectField(iter *Iterator, target string) []byte { + var found []byte + iter.ReadObjectCB(func(iter *Iterator, field string) bool { + if field == target { + found = iter.SkipAndReturnBytes() + return false + } + iter.Skip() + return true + }) + return found +} + +func locateArrayElement(iter *Iterator, target int) []byte { + var found []byte + n := 0 + iter.ReadArrayCB(func(iter *Iterator) bool { + if n == target { + found = iter.SkipAndReturnBytes() + return false + } + iter.Skip() + n++ + return true + }) + return found +} + +func locatePath(iter *Iterator, path []interface{}) Any { + for i, pathKeyObj := range path { + switch pathKey := pathKeyObj.(type) { + case string: + valueBytes := locateObjectField(iter, pathKey) + if valueBytes == nil { + return newInvalidAny(path[i:]) + } + iter.ResetBytes(valueBytes) + case int: + valueBytes := locateArrayElement(iter, pathKey) + if valueBytes == nil { + return newInvalidAny(path[i:]) + } + iter.ResetBytes(valueBytes) + case int32: + if '*' == pathKey { + return iter.readAny().Get(path[i:]...) + } + return newInvalidAny(path[i:]) + default: + return newInvalidAny(path[i:]) + } + } + if iter.Error != nil && iter.Error != io.EOF { + return &invalidAny{baseAny{}, iter.Error} + } + return iter.readAny() +} + +var anyType = reflect2.TypeOfPtr((*Any)(nil)).Elem() + +func createDecoderOfAny(ctx *ctx, typ reflect2.Type) ValDecoder { + if typ == anyType { + return &directAnyCodec{} + } + if typ.Implements(anyType) { + return &anyCodec{ + valType: typ, + } + } + return nil +} + +func createEncoderOfAny(ctx *ctx, typ reflect2.Type) ValEncoder { + if typ == anyType { + return &directAnyCodec{} + } + if typ.Implements(anyType) { + return &anyCodec{ + valType: typ, + } + } + return nil +} + +type anyCodec struct { + valType reflect2.Type +} + +func (codec *anyCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + panic("not implemented") +} + +func (codec *anyCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + obj := codec.valType.UnsafeIndirect(ptr) + any := obj.(Any) + any.WriteTo(stream) +} + +func (codec *anyCodec) IsEmpty(ptr unsafe.Pointer) bool { + obj := codec.valType.UnsafeIndirect(ptr) + any := obj.(Any) + return any.Size() == 0 +} + +type directAnyCodec struct { +} + +func (codec *directAnyCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + *(*Any)(ptr) = iter.readAny() +} + +func (codec *directAnyCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + any := *(*Any)(ptr) + if any == nil { + stream.WriteNil() + return + } + any.WriteTo(stream) +} + +func (codec *directAnyCodec) IsEmpty(ptr unsafe.Pointer) bool { + any := *(*Any)(ptr) + return any.Size() == 0 +} diff --git a/vendor/github.com/json-iterator/go/any_array.go b/vendor/github.com/json-iterator/go/any_array.go new file mode 100644 index 0000000000000..0449e9aa428ae --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_array.go @@ -0,0 +1,278 @@ +package jsoniter + +import ( + "reflect" + "unsafe" +) + +type arrayLazyAny struct { + baseAny + cfg *frozenConfig + buf []byte + err error +} + +func (any *arrayLazyAny) ValueType() ValueType { + return ArrayValue +} + +func (any *arrayLazyAny) MustBeValid() Any { + return any +} + +func (any *arrayLazyAny) LastError() error { + return any.err +} + +func (any *arrayLazyAny) ToBool() bool { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + return iter.ReadArray() +} + +func (any *arrayLazyAny) ToInt() int { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToInt32() int32 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToInt64() int64 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToUint() uint { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToUint32() uint32 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToUint64() uint64 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToFloat32() float32 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToFloat64() float64 { + if any.ToBool() { + return 1 + } + return 0 +} + +func (any *arrayLazyAny) ToString() string { + return *(*string)(unsafe.Pointer(&any.buf)) +} + +func (any *arrayLazyAny) ToVal(val interface{}) { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadVal(val) +} + +func (any *arrayLazyAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + switch firstPath := path[0].(type) { + case int: + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + valueBytes := locateArrayElement(iter, firstPath) + if valueBytes == nil { + return newInvalidAny(path) + } + iter.ResetBytes(valueBytes) + return locatePath(iter, path[1:]) + case int32: + if '*' == firstPath { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + arr := make([]Any, 0) + iter.ReadArrayCB(func(iter *Iterator) bool { + found := iter.readAny().Get(path[1:]...) + if found.ValueType() != InvalidValue { + arr = append(arr, found) + } + return true + }) + return wrapArray(arr) + } + return newInvalidAny(path) + default: + return newInvalidAny(path) + } +} + +func (any *arrayLazyAny) Size() int { + size := 0 + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadArrayCB(func(iter *Iterator) bool { + size++ + iter.Skip() + return true + }) + return size +} + +func (any *arrayLazyAny) WriteTo(stream *Stream) { + stream.Write(any.buf) +} + +func (any *arrayLazyAny) GetInterface() interface{} { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + return iter.Read() +} + +type arrayAny struct { + baseAny + val reflect.Value +} + +func wrapArray(val interface{}) *arrayAny { + return &arrayAny{baseAny{}, reflect.ValueOf(val)} +} + +func (any *arrayAny) ValueType() ValueType { + return ArrayValue +} + +func (any *arrayAny) MustBeValid() Any { + return any +} + +func (any *arrayAny) LastError() error { + return nil +} + +func (any *arrayAny) ToBool() bool { + return any.val.Len() != 0 +} + +func (any *arrayAny) ToInt() int { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToInt32() int32 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToInt64() int64 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToUint() uint { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToUint32() uint32 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToUint64() uint64 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToFloat32() float32 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToFloat64() float64 { + if any.val.Len() == 0 { + return 0 + } + return 1 +} + +func (any *arrayAny) ToString() string { + str, _ := MarshalToString(any.val.Interface()) + return str +} + +func (any *arrayAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + switch firstPath := path[0].(type) { + case int: + if firstPath < 0 || firstPath >= any.val.Len() { + return newInvalidAny(path) + } + return Wrap(any.val.Index(firstPath).Interface()) + case int32: + if '*' == firstPath { + mappedAll := make([]Any, 0) + for i := 0; i < any.val.Len(); i++ { + mapped := Wrap(any.val.Index(i).Interface()).Get(path[1:]...) + if mapped.ValueType() != InvalidValue { + mappedAll = append(mappedAll, mapped) + } + } + return wrapArray(mappedAll) + } + return newInvalidAny(path) + default: + return newInvalidAny(path) + } +} + +func (any *arrayAny) Size() int { + return any.val.Len() +} + +func (any *arrayAny) WriteTo(stream *Stream) { + stream.WriteVal(any.val) +} + +func (any *arrayAny) GetInterface() interface{} { + return any.val.Interface() +} diff --git a/vendor/github.com/json-iterator/go/any_bool.go b/vendor/github.com/json-iterator/go/any_bool.go new file mode 100644 index 0000000000000..9452324af5b17 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_bool.go @@ -0,0 +1,137 @@ +package jsoniter + +type trueAny struct { + baseAny +} + +func (any *trueAny) LastError() error { + return nil +} + +func (any *trueAny) ToBool() bool { + return true +} + +func (any *trueAny) ToInt() int { + return 1 +} + +func (any *trueAny) ToInt32() int32 { + return 1 +} + +func (any *trueAny) ToInt64() int64 { + return 1 +} + +func (any *trueAny) ToUint() uint { + return 1 +} + +func (any *trueAny) ToUint32() uint32 { + return 1 +} + +func (any *trueAny) ToUint64() uint64 { + return 1 +} + +func (any *trueAny) ToFloat32() float32 { + return 1 +} + +func (any *trueAny) ToFloat64() float64 { + return 1 +} + +func (any *trueAny) ToString() string { + return "true" +} + +func (any *trueAny) WriteTo(stream *Stream) { + stream.WriteTrue() +} + +func (any *trueAny) Parse() *Iterator { + return nil +} + +func (any *trueAny) GetInterface() interface{} { + return true +} + +func (any *trueAny) ValueType() ValueType { + return BoolValue +} + +func (any *trueAny) MustBeValid() Any { + return any +} + +type falseAny struct { + baseAny +} + +func (any *falseAny) LastError() error { + return nil +} + +func (any *falseAny) ToBool() bool { + return false +} + +func (any *falseAny) ToInt() int { + return 0 +} + +func (any *falseAny) ToInt32() int32 { + return 0 +} + +func (any *falseAny) ToInt64() int64 { + return 0 +} + +func (any *falseAny) ToUint() uint { + return 0 +} + +func (any *falseAny) ToUint32() uint32 { + return 0 +} + +func (any *falseAny) ToUint64() uint64 { + return 0 +} + +func (any *falseAny) ToFloat32() float32 { + return 0 +} + +func (any *falseAny) ToFloat64() float64 { + return 0 +} + +func (any *falseAny) ToString() string { + return "false" +} + +func (any *falseAny) WriteTo(stream *Stream) { + stream.WriteFalse() +} + +func (any *falseAny) Parse() *Iterator { + return nil +} + +func (any *falseAny) GetInterface() interface{} { + return false +} + +func (any *falseAny) ValueType() ValueType { + return BoolValue +} + +func (any *falseAny) MustBeValid() Any { + return any +} diff --git a/vendor/github.com/json-iterator/go/any_float.go b/vendor/github.com/json-iterator/go/any_float.go new file mode 100644 index 0000000000000..35fdb09497fa8 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_float.go @@ -0,0 +1,83 @@ +package jsoniter + +import ( + "strconv" +) + +type floatAny struct { + baseAny + val float64 +} + +func (any *floatAny) Parse() *Iterator { + return nil +} + +func (any *floatAny) ValueType() ValueType { + return NumberValue +} + +func (any *floatAny) MustBeValid() Any { + return any +} + +func (any *floatAny) LastError() error { + return nil +} + +func (any *floatAny) ToBool() bool { + return any.ToFloat64() != 0 +} + +func (any *floatAny) ToInt() int { + return int(any.val) +} + +func (any *floatAny) ToInt32() int32 { + return int32(any.val) +} + +func (any *floatAny) ToInt64() int64 { + return int64(any.val) +} + +func (any *floatAny) ToUint() uint { + if any.val > 0 { + return uint(any.val) + } + return 0 +} + +func (any *floatAny) ToUint32() uint32 { + if any.val > 0 { + return uint32(any.val) + } + return 0 +} + +func (any *floatAny) ToUint64() uint64 { + if any.val > 0 { + return uint64(any.val) + } + return 0 +} + +func (any *floatAny) ToFloat32() float32 { + return float32(any.val) +} + +func (any *floatAny) ToFloat64() float64 { + return any.val +} + +func (any *floatAny) ToString() string { + return strconv.FormatFloat(any.val, 'E', -1, 64) +} + +func (any *floatAny) WriteTo(stream *Stream) { + stream.WriteFloat64(any.val) +} + +func (any *floatAny) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/any_int32.go b/vendor/github.com/json-iterator/go/any_int32.go new file mode 100644 index 0000000000000..1b56f399150d9 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_int32.go @@ -0,0 +1,74 @@ +package jsoniter + +import ( + "strconv" +) + +type int32Any struct { + baseAny + val int32 +} + +func (any *int32Any) LastError() error { + return nil +} + +func (any *int32Any) ValueType() ValueType { + return NumberValue +} + +func (any *int32Any) MustBeValid() Any { + return any +} + +func (any *int32Any) ToBool() bool { + return any.val != 0 +} + +func (any *int32Any) ToInt() int { + return int(any.val) +} + +func (any *int32Any) ToInt32() int32 { + return any.val +} + +func (any *int32Any) ToInt64() int64 { + return int64(any.val) +} + +func (any *int32Any) ToUint() uint { + return uint(any.val) +} + +func (any *int32Any) ToUint32() uint32 { + return uint32(any.val) +} + +func (any *int32Any) ToUint64() uint64 { + return uint64(any.val) +} + +func (any *int32Any) ToFloat32() float32 { + return float32(any.val) +} + +func (any *int32Any) ToFloat64() float64 { + return float64(any.val) +} + +func (any *int32Any) ToString() string { + return strconv.FormatInt(int64(any.val), 10) +} + +func (any *int32Any) WriteTo(stream *Stream) { + stream.WriteInt32(any.val) +} + +func (any *int32Any) Parse() *Iterator { + return nil +} + +func (any *int32Any) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/any_int64.go b/vendor/github.com/json-iterator/go/any_int64.go new file mode 100644 index 0000000000000..c440d72b6d3ae --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_int64.go @@ -0,0 +1,74 @@ +package jsoniter + +import ( + "strconv" +) + +type int64Any struct { + baseAny + val int64 +} + +func (any *int64Any) LastError() error { + return nil +} + +func (any *int64Any) ValueType() ValueType { + return NumberValue +} + +func (any *int64Any) MustBeValid() Any { + return any +} + +func (any *int64Any) ToBool() bool { + return any.val != 0 +} + +func (any *int64Any) ToInt() int { + return int(any.val) +} + +func (any *int64Any) ToInt32() int32 { + return int32(any.val) +} + +func (any *int64Any) ToInt64() int64 { + return any.val +} + +func (any *int64Any) ToUint() uint { + return uint(any.val) +} + +func (any *int64Any) ToUint32() uint32 { + return uint32(any.val) +} + +func (any *int64Any) ToUint64() uint64 { + return uint64(any.val) +} + +func (any *int64Any) ToFloat32() float32 { + return float32(any.val) +} + +func (any *int64Any) ToFloat64() float64 { + return float64(any.val) +} + +func (any *int64Any) ToString() string { + return strconv.FormatInt(any.val, 10) +} + +func (any *int64Any) WriteTo(stream *Stream) { + stream.WriteInt64(any.val) +} + +func (any *int64Any) Parse() *Iterator { + return nil +} + +func (any *int64Any) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/any_invalid.go b/vendor/github.com/json-iterator/go/any_invalid.go new file mode 100644 index 0000000000000..1d859eac3274a --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_invalid.go @@ -0,0 +1,82 @@ +package jsoniter + +import "fmt" + +type invalidAny struct { + baseAny + err error +} + +func newInvalidAny(path []interface{}) *invalidAny { + return &invalidAny{baseAny{}, fmt.Errorf("%v not found", path)} +} + +func (any *invalidAny) LastError() error { + return any.err +} + +func (any *invalidAny) ValueType() ValueType { + return InvalidValue +} + +func (any *invalidAny) MustBeValid() Any { + panic(any.err) +} + +func (any *invalidAny) ToBool() bool { + return false +} + +func (any *invalidAny) ToInt() int { + return 0 +} + +func (any *invalidAny) ToInt32() int32 { + return 0 +} + +func (any *invalidAny) ToInt64() int64 { + return 0 +} + +func (any *invalidAny) ToUint() uint { + return 0 +} + +func (any *invalidAny) ToUint32() uint32 { + return 0 +} + +func (any *invalidAny) ToUint64() uint64 { + return 0 +} + +func (any *invalidAny) ToFloat32() float32 { + return 0 +} + +func (any *invalidAny) ToFloat64() float64 { + return 0 +} + +func (any *invalidAny) ToString() string { + return "" +} + +func (any *invalidAny) WriteTo(stream *Stream) { +} + +func (any *invalidAny) Get(path ...interface{}) Any { + if any.err == nil { + return &invalidAny{baseAny{}, fmt.Errorf("get %v from invalid", path)} + } + return &invalidAny{baseAny{}, fmt.Errorf("%v, get %v from invalid", any.err, path)} +} + +func (any *invalidAny) Parse() *Iterator { + return nil +} + +func (any *invalidAny) GetInterface() interface{} { + return nil +} diff --git a/vendor/github.com/json-iterator/go/any_nil.go b/vendor/github.com/json-iterator/go/any_nil.go new file mode 100644 index 0000000000000..d04cb54c11c1e --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_nil.go @@ -0,0 +1,69 @@ +package jsoniter + +type nilAny struct { + baseAny +} + +func (any *nilAny) LastError() error { + return nil +} + +func (any *nilAny) ValueType() ValueType { + return NilValue +} + +func (any *nilAny) MustBeValid() Any { + return any +} + +func (any *nilAny) ToBool() bool { + return false +} + +func (any *nilAny) ToInt() int { + return 0 +} + +func (any *nilAny) ToInt32() int32 { + return 0 +} + +func (any *nilAny) ToInt64() int64 { + return 0 +} + +func (any *nilAny) ToUint() uint { + return 0 +} + +func (any *nilAny) ToUint32() uint32 { + return 0 +} + +func (any *nilAny) ToUint64() uint64 { + return 0 +} + +func (any *nilAny) ToFloat32() float32 { + return 0 +} + +func (any *nilAny) ToFloat64() float64 { + return 0 +} + +func (any *nilAny) ToString() string { + return "" +} + +func (any *nilAny) WriteTo(stream *Stream) { + stream.WriteNil() +} + +func (any *nilAny) Parse() *Iterator { + return nil +} + +func (any *nilAny) GetInterface() interface{} { + return nil +} diff --git a/vendor/github.com/json-iterator/go/any_number.go b/vendor/github.com/json-iterator/go/any_number.go new file mode 100644 index 0000000000000..9d1e901a66ad3 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_number.go @@ -0,0 +1,123 @@ +package jsoniter + +import ( + "io" + "unsafe" +) + +type numberLazyAny struct { + baseAny + cfg *frozenConfig + buf []byte + err error +} + +func (any *numberLazyAny) ValueType() ValueType { + return NumberValue +} + +func (any *numberLazyAny) MustBeValid() Any { + return any +} + +func (any *numberLazyAny) LastError() error { + return any.err +} + +func (any *numberLazyAny) ToBool() bool { + return any.ToFloat64() != 0 +} + +func (any *numberLazyAny) ToInt() int { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadInt() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToInt32() int32 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadInt32() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToInt64() int64 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadInt64() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToUint() uint { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadUint() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToUint32() uint32 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadUint32() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToUint64() uint64 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadUint64() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToFloat32() float32 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadFloat32() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToFloat64() float64 { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + val := iter.ReadFloat64() + if iter.Error != nil && iter.Error != io.EOF { + any.err = iter.Error + } + return val +} + +func (any *numberLazyAny) ToString() string { + return *(*string)(unsafe.Pointer(&any.buf)) +} + +func (any *numberLazyAny) WriteTo(stream *Stream) { + stream.Write(any.buf) +} + +func (any *numberLazyAny) GetInterface() interface{} { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + return iter.Read() +} diff --git a/vendor/github.com/json-iterator/go/any_object.go b/vendor/github.com/json-iterator/go/any_object.go new file mode 100644 index 0000000000000..c44ef5c989a46 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_object.go @@ -0,0 +1,374 @@ +package jsoniter + +import ( + "reflect" + "unsafe" +) + +type objectLazyAny struct { + baseAny + cfg *frozenConfig + buf []byte + err error +} + +func (any *objectLazyAny) ValueType() ValueType { + return ObjectValue +} + +func (any *objectLazyAny) MustBeValid() Any { + return any +} + +func (any *objectLazyAny) LastError() error { + return any.err +} + +func (any *objectLazyAny) ToBool() bool { + return true +} + +func (any *objectLazyAny) ToInt() int { + return 0 +} + +func (any *objectLazyAny) ToInt32() int32 { + return 0 +} + +func (any *objectLazyAny) ToInt64() int64 { + return 0 +} + +func (any *objectLazyAny) ToUint() uint { + return 0 +} + +func (any *objectLazyAny) ToUint32() uint32 { + return 0 +} + +func (any *objectLazyAny) ToUint64() uint64 { + return 0 +} + +func (any *objectLazyAny) ToFloat32() float32 { + return 0 +} + +func (any *objectLazyAny) ToFloat64() float64 { + return 0 +} + +func (any *objectLazyAny) ToString() string { + return *(*string)(unsafe.Pointer(&any.buf)) +} + +func (any *objectLazyAny) ToVal(obj interface{}) { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadVal(obj) +} + +func (any *objectLazyAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + switch firstPath := path[0].(type) { + case string: + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + valueBytes := locateObjectField(iter, firstPath) + if valueBytes == nil { + return newInvalidAny(path) + } + iter.ResetBytes(valueBytes) + return locatePath(iter, path[1:]) + case int32: + if '*' == firstPath { + mappedAll := map[string]Any{} + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadMapCB(func(iter *Iterator, field string) bool { + mapped := locatePath(iter, path[1:]) + if mapped.ValueType() != InvalidValue { + mappedAll[field] = mapped + } + return true + }) + return wrapMap(mappedAll) + } + return newInvalidAny(path) + default: + return newInvalidAny(path) + } +} + +func (any *objectLazyAny) Keys() []string { + keys := []string{} + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadMapCB(func(iter *Iterator, field string) bool { + iter.Skip() + keys = append(keys, field) + return true + }) + return keys +} + +func (any *objectLazyAny) Size() int { + size := 0 + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + iter.ReadObjectCB(func(iter *Iterator, field string) bool { + iter.Skip() + size++ + return true + }) + return size +} + +func (any *objectLazyAny) WriteTo(stream *Stream) { + stream.Write(any.buf) +} + +func (any *objectLazyAny) GetInterface() interface{} { + iter := any.cfg.BorrowIterator(any.buf) + defer any.cfg.ReturnIterator(iter) + return iter.Read() +} + +type objectAny struct { + baseAny + err error + val reflect.Value +} + +func wrapStruct(val interface{}) *objectAny { + return &objectAny{baseAny{}, nil, reflect.ValueOf(val)} +} + +func (any *objectAny) ValueType() ValueType { + return ObjectValue +} + +func (any *objectAny) MustBeValid() Any { + return any +} + +func (any *objectAny) Parse() *Iterator { + return nil +} + +func (any *objectAny) LastError() error { + return any.err +} + +func (any *objectAny) ToBool() bool { + return any.val.NumField() != 0 +} + +func (any *objectAny) ToInt() int { + return 0 +} + +func (any *objectAny) ToInt32() int32 { + return 0 +} + +func (any *objectAny) ToInt64() int64 { + return 0 +} + +func (any *objectAny) ToUint() uint { + return 0 +} + +func (any *objectAny) ToUint32() uint32 { + return 0 +} + +func (any *objectAny) ToUint64() uint64 { + return 0 +} + +func (any *objectAny) ToFloat32() float32 { + return 0 +} + +func (any *objectAny) ToFloat64() float64 { + return 0 +} + +func (any *objectAny) ToString() string { + str, err := MarshalToString(any.val.Interface()) + any.err = err + return str +} + +func (any *objectAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + switch firstPath := path[0].(type) { + case string: + field := any.val.FieldByName(firstPath) + if !field.IsValid() { + return newInvalidAny(path) + } + return Wrap(field.Interface()) + case int32: + if '*' == firstPath { + mappedAll := map[string]Any{} + for i := 0; i < any.val.NumField(); i++ { + field := any.val.Field(i) + if field.CanInterface() { + mapped := Wrap(field.Interface()).Get(path[1:]...) + if mapped.ValueType() != InvalidValue { + mappedAll[any.val.Type().Field(i).Name] = mapped + } + } + } + return wrapMap(mappedAll) + } + return newInvalidAny(path) + default: + return newInvalidAny(path) + } +} + +func (any *objectAny) Keys() []string { + keys := make([]string, 0, any.val.NumField()) + for i := 0; i < any.val.NumField(); i++ { + keys = append(keys, any.val.Type().Field(i).Name) + } + return keys +} + +func (any *objectAny) Size() int { + return any.val.NumField() +} + +func (any *objectAny) WriteTo(stream *Stream) { + stream.WriteVal(any.val) +} + +func (any *objectAny) GetInterface() interface{} { + return any.val.Interface() +} + +type mapAny struct { + baseAny + err error + val reflect.Value +} + +func wrapMap(val interface{}) *mapAny { + return &mapAny{baseAny{}, nil, reflect.ValueOf(val)} +} + +func (any *mapAny) ValueType() ValueType { + return ObjectValue +} + +func (any *mapAny) MustBeValid() Any { + return any +} + +func (any *mapAny) Parse() *Iterator { + return nil +} + +func (any *mapAny) LastError() error { + return any.err +} + +func (any *mapAny) ToBool() bool { + return true +} + +func (any *mapAny) ToInt() int { + return 0 +} + +func (any *mapAny) ToInt32() int32 { + return 0 +} + +func (any *mapAny) ToInt64() int64 { + return 0 +} + +func (any *mapAny) ToUint() uint { + return 0 +} + +func (any *mapAny) ToUint32() uint32 { + return 0 +} + +func (any *mapAny) ToUint64() uint64 { + return 0 +} + +func (any *mapAny) ToFloat32() float32 { + return 0 +} + +func (any *mapAny) ToFloat64() float64 { + return 0 +} + +func (any *mapAny) ToString() string { + str, err := MarshalToString(any.val.Interface()) + any.err = err + return str +} + +func (any *mapAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + switch firstPath := path[0].(type) { + case int32: + if '*' == firstPath { + mappedAll := map[string]Any{} + for _, key := range any.val.MapKeys() { + keyAsStr := key.String() + element := Wrap(any.val.MapIndex(key).Interface()) + mapped := element.Get(path[1:]...) + if mapped.ValueType() != InvalidValue { + mappedAll[keyAsStr] = mapped + } + } + return wrapMap(mappedAll) + } + return newInvalidAny(path) + default: + value := any.val.MapIndex(reflect.ValueOf(firstPath)) + if !value.IsValid() { + return newInvalidAny(path) + } + return Wrap(value.Interface()) + } +} + +func (any *mapAny) Keys() []string { + keys := make([]string, 0, any.val.Len()) + for _, key := range any.val.MapKeys() { + keys = append(keys, key.String()) + } + return keys +} + +func (any *mapAny) Size() int { + return any.val.Len() +} + +func (any *mapAny) WriteTo(stream *Stream) { + stream.WriteVal(any.val) +} + +func (any *mapAny) GetInterface() interface{} { + return any.val.Interface() +} diff --git a/vendor/github.com/json-iterator/go/any_str.go b/vendor/github.com/json-iterator/go/any_str.go new file mode 100644 index 0000000000000..1f12f6612de98 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_str.go @@ -0,0 +1,166 @@ +package jsoniter + +import ( + "fmt" + "strconv" +) + +type stringAny struct { + baseAny + val string +} + +func (any *stringAny) Get(path ...interface{}) Any { + if len(path) == 0 { + return any + } + return &invalidAny{baseAny{}, fmt.Errorf("GetIndex %v from simple value", path)} +} + +func (any *stringAny) Parse() *Iterator { + return nil +} + +func (any *stringAny) ValueType() ValueType { + return StringValue +} + +func (any *stringAny) MustBeValid() Any { + return any +} + +func (any *stringAny) LastError() error { + return nil +} + +func (any *stringAny) ToBool() bool { + str := any.ToString() + if str == "0" { + return false + } + for _, c := range str { + switch c { + case ' ', '\n', '\r', '\t': + default: + return true + } + } + return false +} + +func (any *stringAny) ToInt() int { + return int(any.ToInt64()) + +} + +func (any *stringAny) ToInt32() int32 { + return int32(any.ToInt64()) +} + +func (any *stringAny) ToInt64() int64 { + if any.val == "" { + return 0 + } + + flag := 1 + startPos := 0 + if any.val[0] == '+' || any.val[0] == '-' { + startPos = 1 + } + + if any.val[0] == '-' { + flag = -1 + } + + endPos := startPos + for i := startPos; i < len(any.val); i++ { + if any.val[i] >= '0' && any.val[i] <= '9' { + endPos = i + 1 + } else { + break + } + } + parsed, _ := strconv.ParseInt(any.val[startPos:endPos], 10, 64) + return int64(flag) * parsed +} + +func (any *stringAny) ToUint() uint { + return uint(any.ToUint64()) +} + +func (any *stringAny) ToUint32() uint32 { + return uint32(any.ToUint64()) +} + +func (any *stringAny) ToUint64() uint64 { + if any.val == "" { + return 0 + } + + startPos := 0 + + if any.val[0] == '-' { + return 0 + } + if any.val[0] == '+' { + startPos = 1 + } + + endPos := startPos + for i := startPos; i < len(any.val); i++ { + if any.val[i] >= '0' && any.val[i] <= '9' { + endPos = i + 1 + } else { + break + } + } + parsed, _ := strconv.ParseUint(any.val[startPos:endPos], 10, 64) + return parsed +} + +func (any *stringAny) ToFloat32() float32 { + return float32(any.ToFloat64()) +} + +func (any *stringAny) ToFloat64() float64 { + if len(any.val) == 0 { + return 0 + } + + // first char invalid + if any.val[0] != '+' && any.val[0] != '-' && (any.val[0] > '9' || any.val[0] < '0') { + return 0 + } + + // extract valid num expression from string + // eg 123true => 123, -12.12xxa => -12.12 + endPos := 1 + for i := 1; i < len(any.val); i++ { + if any.val[i] == '.' || any.val[i] == 'e' || any.val[i] == 'E' || any.val[i] == '+' || any.val[i] == '-' { + endPos = i + 1 + continue + } + + // end position is the first char which is not digit + if any.val[i] >= '0' && any.val[i] <= '9' { + endPos = i + 1 + } else { + endPos = i + break + } + } + parsed, _ := strconv.ParseFloat(any.val[:endPos], 64) + return parsed +} + +func (any *stringAny) ToString() string { + return any.val +} + +func (any *stringAny) WriteTo(stream *Stream) { + stream.WriteString(any.val) +} + +func (any *stringAny) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/any_uint32.go b/vendor/github.com/json-iterator/go/any_uint32.go new file mode 100644 index 0000000000000..656bbd33d7ee9 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_uint32.go @@ -0,0 +1,74 @@ +package jsoniter + +import ( + "strconv" +) + +type uint32Any struct { + baseAny + val uint32 +} + +func (any *uint32Any) LastError() error { + return nil +} + +func (any *uint32Any) ValueType() ValueType { + return NumberValue +} + +func (any *uint32Any) MustBeValid() Any { + return any +} + +func (any *uint32Any) ToBool() bool { + return any.val != 0 +} + +func (any *uint32Any) ToInt() int { + return int(any.val) +} + +func (any *uint32Any) ToInt32() int32 { + return int32(any.val) +} + +func (any *uint32Any) ToInt64() int64 { + return int64(any.val) +} + +func (any *uint32Any) ToUint() uint { + return uint(any.val) +} + +func (any *uint32Any) ToUint32() uint32 { + return any.val +} + +func (any *uint32Any) ToUint64() uint64 { + return uint64(any.val) +} + +func (any *uint32Any) ToFloat32() float32 { + return float32(any.val) +} + +func (any *uint32Any) ToFloat64() float64 { + return float64(any.val) +} + +func (any *uint32Any) ToString() string { + return strconv.FormatInt(int64(any.val), 10) +} + +func (any *uint32Any) WriteTo(stream *Stream) { + stream.WriteUint32(any.val) +} + +func (any *uint32Any) Parse() *Iterator { + return nil +} + +func (any *uint32Any) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/any_uint64.go b/vendor/github.com/json-iterator/go/any_uint64.go new file mode 100644 index 0000000000000..7df2fce33ba97 --- /dev/null +++ b/vendor/github.com/json-iterator/go/any_uint64.go @@ -0,0 +1,74 @@ +package jsoniter + +import ( + "strconv" +) + +type uint64Any struct { + baseAny + val uint64 +} + +func (any *uint64Any) LastError() error { + return nil +} + +func (any *uint64Any) ValueType() ValueType { + return NumberValue +} + +func (any *uint64Any) MustBeValid() Any { + return any +} + +func (any *uint64Any) ToBool() bool { + return any.val != 0 +} + +func (any *uint64Any) ToInt() int { + return int(any.val) +} + +func (any *uint64Any) ToInt32() int32 { + return int32(any.val) +} + +func (any *uint64Any) ToInt64() int64 { + return int64(any.val) +} + +func (any *uint64Any) ToUint() uint { + return uint(any.val) +} + +func (any *uint64Any) ToUint32() uint32 { + return uint32(any.val) +} + +func (any *uint64Any) ToUint64() uint64 { + return any.val +} + +func (any *uint64Any) ToFloat32() float32 { + return float32(any.val) +} + +func (any *uint64Any) ToFloat64() float64 { + return float64(any.val) +} + +func (any *uint64Any) ToString() string { + return strconv.FormatUint(any.val, 10) +} + +func (any *uint64Any) WriteTo(stream *Stream) { + stream.WriteUint64(any.val) +} + +func (any *uint64Any) Parse() *Iterator { + return nil +} + +func (any *uint64Any) GetInterface() interface{} { + return any.val +} diff --git a/vendor/github.com/json-iterator/go/config.go b/vendor/github.com/json-iterator/go/config.go new file mode 100644 index 0000000000000..2adcdc3b790e5 --- /dev/null +++ b/vendor/github.com/json-iterator/go/config.go @@ -0,0 +1,375 @@ +package jsoniter + +import ( + "encoding/json" + "io" + "reflect" + "sync" + "unsafe" + + "github.com/modern-go/concurrent" + "github.com/modern-go/reflect2" +) + +// Config customize how the API should behave. +// The API is created from Config by Froze. +type Config struct { + IndentionStep int + MarshalFloatWith6Digits bool + EscapeHTML bool + SortMapKeys bool + UseNumber bool + DisallowUnknownFields bool + TagKey string + OnlyTaggedField bool + ValidateJsonRawMessage bool + ObjectFieldMustBeSimpleString bool + CaseSensitive bool +} + +// API the public interface of this package. +// Primary Marshal and Unmarshal. +type API interface { + IteratorPool + StreamPool + MarshalToString(v interface{}) (string, error) + Marshal(v interface{}) ([]byte, error) + MarshalIndent(v interface{}, prefix, indent string) ([]byte, error) + UnmarshalFromString(str string, v interface{}) error + Unmarshal(data []byte, v interface{}) error + Get(data []byte, path ...interface{}) Any + NewEncoder(writer io.Writer) *Encoder + NewDecoder(reader io.Reader) *Decoder + Valid(data []byte) bool + RegisterExtension(extension Extension) + DecoderOf(typ reflect2.Type) ValDecoder + EncoderOf(typ reflect2.Type) ValEncoder +} + +// ConfigDefault the default API +var ConfigDefault = Config{ + EscapeHTML: true, +}.Froze() + +// ConfigCompatibleWithStandardLibrary tries to be 100% compatible with standard library behavior +var ConfigCompatibleWithStandardLibrary = Config{ + EscapeHTML: true, + SortMapKeys: true, + ValidateJsonRawMessage: true, +}.Froze() + +// ConfigFastest marshals float with only 6 digits precision +var ConfigFastest = Config{ + EscapeHTML: false, + MarshalFloatWith6Digits: true, // will lose precession + ObjectFieldMustBeSimpleString: true, // do not unescape object field +}.Froze() + +type frozenConfig struct { + configBeforeFrozen Config + sortMapKeys bool + indentionStep int + objectFieldMustBeSimpleString bool + onlyTaggedField bool + disallowUnknownFields bool + decoderCache *concurrent.Map + encoderCache *concurrent.Map + encoderExtension Extension + decoderExtension Extension + extraExtensions []Extension + streamPool *sync.Pool + iteratorPool *sync.Pool + caseSensitive bool +} + +func (cfg *frozenConfig) initCache() { + cfg.decoderCache = concurrent.NewMap() + cfg.encoderCache = concurrent.NewMap() +} + +func (cfg *frozenConfig) addDecoderToCache(cacheKey uintptr, decoder ValDecoder) { + cfg.decoderCache.Store(cacheKey, decoder) +} + +func (cfg *frozenConfig) addEncoderToCache(cacheKey uintptr, encoder ValEncoder) { + cfg.encoderCache.Store(cacheKey, encoder) +} + +func (cfg *frozenConfig) getDecoderFromCache(cacheKey uintptr) ValDecoder { + decoder, found := cfg.decoderCache.Load(cacheKey) + if found { + return decoder.(ValDecoder) + } + return nil +} + +func (cfg *frozenConfig) getEncoderFromCache(cacheKey uintptr) ValEncoder { + encoder, found := cfg.encoderCache.Load(cacheKey) + if found { + return encoder.(ValEncoder) + } + return nil +} + +var cfgCache = concurrent.NewMap() + +func getFrozenConfigFromCache(cfg Config) *frozenConfig { + obj, found := cfgCache.Load(cfg) + if found { + return obj.(*frozenConfig) + } + return nil +} + +func addFrozenConfigToCache(cfg Config, frozenConfig *frozenConfig) { + cfgCache.Store(cfg, frozenConfig) +} + +// Froze forge API from config +func (cfg Config) Froze() API { + api := &frozenConfig{ + sortMapKeys: cfg.SortMapKeys, + indentionStep: cfg.IndentionStep, + objectFieldMustBeSimpleString: cfg.ObjectFieldMustBeSimpleString, + onlyTaggedField: cfg.OnlyTaggedField, + disallowUnknownFields: cfg.DisallowUnknownFields, + caseSensitive: cfg.CaseSensitive, + } + api.streamPool = &sync.Pool{ + New: func() interface{} { + return NewStream(api, nil, 512) + }, + } + api.iteratorPool = &sync.Pool{ + New: func() interface{} { + return NewIterator(api) + }, + } + api.initCache() + encoderExtension := EncoderExtension{} + decoderExtension := DecoderExtension{} + if cfg.MarshalFloatWith6Digits { + api.marshalFloatWith6Digits(encoderExtension) + } + if cfg.EscapeHTML { + api.escapeHTML(encoderExtension) + } + if cfg.UseNumber { + api.useNumber(decoderExtension) + } + if cfg.ValidateJsonRawMessage { + api.validateJsonRawMessage(encoderExtension) + } + api.encoderExtension = encoderExtension + api.decoderExtension = decoderExtension + api.configBeforeFrozen = cfg + return api +} + +func (cfg Config) frozeWithCacheReuse(extraExtensions []Extension) *frozenConfig { + api := getFrozenConfigFromCache(cfg) + if api != nil { + return api + } + api = cfg.Froze().(*frozenConfig) + for _, extension := range extraExtensions { + api.RegisterExtension(extension) + } + addFrozenConfigToCache(cfg, api) + return api +} + +func (cfg *frozenConfig) validateJsonRawMessage(extension EncoderExtension) { + encoder := &funcEncoder{func(ptr unsafe.Pointer, stream *Stream) { + rawMessage := *(*json.RawMessage)(ptr) + iter := cfg.BorrowIterator([]byte(rawMessage)) + defer cfg.ReturnIterator(iter) + iter.Read() + if iter.Error != nil && iter.Error != io.EOF { + stream.WriteRaw("null") + } else { + stream.WriteRaw(string(rawMessage)) + } + }, func(ptr unsafe.Pointer) bool { + return len(*((*json.RawMessage)(ptr))) == 0 + }} + extension[reflect2.TypeOfPtr((*json.RawMessage)(nil)).Elem()] = encoder + extension[reflect2.TypeOfPtr((*RawMessage)(nil)).Elem()] = encoder +} + +func (cfg *frozenConfig) useNumber(extension DecoderExtension) { + extension[reflect2.TypeOfPtr((*interface{})(nil)).Elem()] = &funcDecoder{func(ptr unsafe.Pointer, iter *Iterator) { + exitingValue := *((*interface{})(ptr)) + if exitingValue != nil && reflect.TypeOf(exitingValue).Kind() == reflect.Ptr { + iter.ReadVal(exitingValue) + return + } + if iter.WhatIsNext() == NumberValue { + *((*interface{})(ptr)) = json.Number(iter.readNumberAsString()) + } else { + *((*interface{})(ptr)) = iter.Read() + } + }} +} +func (cfg *frozenConfig) getTagKey() string { + tagKey := cfg.configBeforeFrozen.TagKey + if tagKey == "" { + return "json" + } + return tagKey +} + +func (cfg *frozenConfig) RegisterExtension(extension Extension) { + cfg.extraExtensions = append(cfg.extraExtensions, extension) + copied := cfg.configBeforeFrozen + cfg.configBeforeFrozen = copied +} + +type lossyFloat32Encoder struct { +} + +func (encoder *lossyFloat32Encoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteFloat32Lossy(*((*float32)(ptr))) +} + +func (encoder *lossyFloat32Encoder) IsEmpty(ptr unsafe.Pointer) bool { + return *((*float32)(ptr)) == 0 +} + +type lossyFloat64Encoder struct { +} + +func (encoder *lossyFloat64Encoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteFloat64Lossy(*((*float64)(ptr))) +} + +func (encoder *lossyFloat64Encoder) IsEmpty(ptr unsafe.Pointer) bool { + return *((*float64)(ptr)) == 0 +} + +// EnableLossyFloatMarshalling keeps 10**(-6) precision +// for float variables for better performance. +func (cfg *frozenConfig) marshalFloatWith6Digits(extension EncoderExtension) { + // for better performance + extension[reflect2.TypeOfPtr((*float32)(nil)).Elem()] = &lossyFloat32Encoder{} + extension[reflect2.TypeOfPtr((*float64)(nil)).Elem()] = &lossyFloat64Encoder{} +} + +type htmlEscapedStringEncoder struct { +} + +func (encoder *htmlEscapedStringEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + str := *((*string)(ptr)) + stream.WriteStringWithHTMLEscaped(str) +} + +func (encoder *htmlEscapedStringEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return *((*string)(ptr)) == "" +} + +func (cfg *frozenConfig) escapeHTML(encoderExtension EncoderExtension) { + encoderExtension[reflect2.TypeOfPtr((*string)(nil)).Elem()] = &htmlEscapedStringEncoder{} +} + +func (cfg *frozenConfig) cleanDecoders() { + typeDecoders = map[string]ValDecoder{} + fieldDecoders = map[string]ValDecoder{} + *cfg = *(cfg.configBeforeFrozen.Froze().(*frozenConfig)) +} + +func (cfg *frozenConfig) cleanEncoders() { + typeEncoders = map[string]ValEncoder{} + fieldEncoders = map[string]ValEncoder{} + *cfg = *(cfg.configBeforeFrozen.Froze().(*frozenConfig)) +} + +func (cfg *frozenConfig) MarshalToString(v interface{}) (string, error) { + stream := cfg.BorrowStream(nil) + defer cfg.ReturnStream(stream) + stream.WriteVal(v) + if stream.Error != nil { + return "", stream.Error + } + return string(stream.Buffer()), nil +} + +func (cfg *frozenConfig) Marshal(v interface{}) ([]byte, error) { + stream := cfg.BorrowStream(nil) + defer cfg.ReturnStream(stream) + stream.WriteVal(v) + if stream.Error != nil { + return nil, stream.Error + } + result := stream.Buffer() + copied := make([]byte, len(result)) + copy(copied, result) + return copied, nil +} + +func (cfg *frozenConfig) MarshalIndent(v interface{}, prefix, indent string) ([]byte, error) { + if prefix != "" { + panic("prefix is not supported") + } + for _, r := range indent { + if r != ' ' { + panic("indent can only be space") + } + } + newCfg := cfg.configBeforeFrozen + newCfg.IndentionStep = len(indent) + return newCfg.frozeWithCacheReuse(cfg.extraExtensions).Marshal(v) +} + +func (cfg *frozenConfig) UnmarshalFromString(str string, v interface{}) error { + data := []byte(str) + iter := cfg.BorrowIterator(data) + defer cfg.ReturnIterator(iter) + iter.ReadVal(v) + c := iter.nextToken() + if c == 0 { + if iter.Error == io.EOF { + return nil + } + return iter.Error + } + iter.ReportError("Unmarshal", "there are bytes left after unmarshal") + return iter.Error +} + +func (cfg *frozenConfig) Get(data []byte, path ...interface{}) Any { + iter := cfg.BorrowIterator(data) + defer cfg.ReturnIterator(iter) + return locatePath(iter, path) +} + +func (cfg *frozenConfig) Unmarshal(data []byte, v interface{}) error { + iter := cfg.BorrowIterator(data) + defer cfg.ReturnIterator(iter) + iter.ReadVal(v) + c := iter.nextToken() + if c == 0 { + if iter.Error == io.EOF { + return nil + } + return iter.Error + } + iter.ReportError("Unmarshal", "there are bytes left after unmarshal") + return iter.Error +} + +func (cfg *frozenConfig) NewEncoder(writer io.Writer) *Encoder { + stream := NewStream(cfg, writer, 512) + return &Encoder{stream} +} + +func (cfg *frozenConfig) NewDecoder(reader io.Reader) *Decoder { + iter := Parse(cfg, reader, 512) + return &Decoder{iter} +} + +func (cfg *frozenConfig) Valid(data []byte) bool { + iter := cfg.BorrowIterator(data) + defer cfg.ReturnIterator(iter) + iter.Skip() + return iter.Error == nil +} diff --git a/vendor/github.com/json-iterator/go/go.mod b/vendor/github.com/json-iterator/go/go.mod new file mode 100644 index 0000000000000..e05c42ff58b81 --- /dev/null +++ b/vendor/github.com/json-iterator/go/go.mod @@ -0,0 +1,11 @@ +module github.com/json-iterator/go + +go 1.12 + +require ( + github.com/davecgh/go-spew v1.1.1 + github.com/google/gofuzz v1.0.0 + github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 + github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 + github.com/stretchr/testify v1.3.0 +) diff --git a/vendor/github.com/json-iterator/go/iter.go b/vendor/github.com/json-iterator/go/iter.go new file mode 100644 index 0000000000000..29b31cf789506 --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter.go @@ -0,0 +1,349 @@ +package jsoniter + +import ( + "encoding/json" + "fmt" + "io" +) + +// ValueType the type for JSON element +type ValueType int + +const ( + // InvalidValue invalid JSON element + InvalidValue ValueType = iota + // StringValue JSON element "string" + StringValue + // NumberValue JSON element 100 or 0.10 + NumberValue + // NilValue JSON element null + NilValue + // BoolValue JSON element true or false + BoolValue + // ArrayValue JSON element [] + ArrayValue + // ObjectValue JSON element {} + ObjectValue +) + +var hexDigits []byte +var valueTypes []ValueType + +func init() { + hexDigits = make([]byte, 256) + for i := 0; i < len(hexDigits); i++ { + hexDigits[i] = 255 + } + for i := '0'; i <= '9'; i++ { + hexDigits[i] = byte(i - '0') + } + for i := 'a'; i <= 'f'; i++ { + hexDigits[i] = byte((i - 'a') + 10) + } + for i := 'A'; i <= 'F'; i++ { + hexDigits[i] = byte((i - 'A') + 10) + } + valueTypes = make([]ValueType, 256) + for i := 0; i < len(valueTypes); i++ { + valueTypes[i] = InvalidValue + } + valueTypes['"'] = StringValue + valueTypes['-'] = NumberValue + valueTypes['0'] = NumberValue + valueTypes['1'] = NumberValue + valueTypes['2'] = NumberValue + valueTypes['3'] = NumberValue + valueTypes['4'] = NumberValue + valueTypes['5'] = NumberValue + valueTypes['6'] = NumberValue + valueTypes['7'] = NumberValue + valueTypes['8'] = NumberValue + valueTypes['9'] = NumberValue + valueTypes['t'] = BoolValue + valueTypes['f'] = BoolValue + valueTypes['n'] = NilValue + valueTypes['['] = ArrayValue + valueTypes['{'] = ObjectValue +} + +// Iterator is a io.Reader like object, with JSON specific read functions. +// Error is not returned as return value, but stored as Error member on this iterator instance. +type Iterator struct { + cfg *frozenConfig + reader io.Reader + buf []byte + head int + tail int + depth int + captureStartedAt int + captured []byte + Error error + Attachment interface{} // open for customized decoder +} + +// NewIterator creates an empty Iterator instance +func NewIterator(cfg API) *Iterator { + return &Iterator{ + cfg: cfg.(*frozenConfig), + reader: nil, + buf: nil, + head: 0, + tail: 0, + depth: 0, + } +} + +// Parse creates an Iterator instance from io.Reader +func Parse(cfg API, reader io.Reader, bufSize int) *Iterator { + return &Iterator{ + cfg: cfg.(*frozenConfig), + reader: reader, + buf: make([]byte, bufSize), + head: 0, + tail: 0, + depth: 0, + } +} + +// ParseBytes creates an Iterator instance from byte array +func ParseBytes(cfg API, input []byte) *Iterator { + return &Iterator{ + cfg: cfg.(*frozenConfig), + reader: nil, + buf: input, + head: 0, + tail: len(input), + depth: 0, + } +} + +// ParseString creates an Iterator instance from string +func ParseString(cfg API, input string) *Iterator { + return ParseBytes(cfg, []byte(input)) +} + +// Pool returns a pool can provide more iterator with same configuration +func (iter *Iterator) Pool() IteratorPool { + return iter.cfg +} + +// Reset reuse iterator instance by specifying another reader +func (iter *Iterator) Reset(reader io.Reader) *Iterator { + iter.reader = reader + iter.head = 0 + iter.tail = 0 + iter.depth = 0 + return iter +} + +// ResetBytes reuse iterator instance by specifying another byte array as input +func (iter *Iterator) ResetBytes(input []byte) *Iterator { + iter.reader = nil + iter.buf = input + iter.head = 0 + iter.tail = len(input) + iter.depth = 0 + return iter +} + +// WhatIsNext gets ValueType of relatively next json element +func (iter *Iterator) WhatIsNext() ValueType { + valueType := valueTypes[iter.nextToken()] + iter.unreadByte() + return valueType +} + +func (iter *Iterator) skipWhitespacesWithoutLoadMore() bool { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + switch c { + case ' ', '\n', '\t', '\r': + continue + } + iter.head = i + return false + } + return true +} + +func (iter *Iterator) isObjectEnd() bool { + c := iter.nextToken() + if c == ',' { + return false + } + if c == '}' { + return true + } + iter.ReportError("isObjectEnd", "object ended prematurely, unexpected char "+string([]byte{c})) + return true +} + +func (iter *Iterator) nextToken() byte { + // a variation of skip whitespaces, returning the next non-whitespace token + for { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + switch c { + case ' ', '\n', '\t', '\r': + continue + } + iter.head = i + 1 + return c + } + if !iter.loadMore() { + return 0 + } + } +} + +// ReportError record a error in iterator instance with current position. +func (iter *Iterator) ReportError(operation string, msg string) { + if iter.Error != nil { + if iter.Error != io.EOF { + return + } + } + peekStart := iter.head - 10 + if peekStart < 0 { + peekStart = 0 + } + peekEnd := iter.head + 10 + if peekEnd > iter.tail { + peekEnd = iter.tail + } + parsing := string(iter.buf[peekStart:peekEnd]) + contextStart := iter.head - 50 + if contextStart < 0 { + contextStart = 0 + } + contextEnd := iter.head + 50 + if contextEnd > iter.tail { + contextEnd = iter.tail + } + context := string(iter.buf[contextStart:contextEnd]) + iter.Error = fmt.Errorf("%s: %s, error found in #%v byte of ...|%s|..., bigger context ...|%s|...", + operation, msg, iter.head-peekStart, parsing, context) +} + +// CurrentBuffer gets current buffer as string for debugging purpose +func (iter *Iterator) CurrentBuffer() string { + peekStart := iter.head - 10 + if peekStart < 0 { + peekStart = 0 + } + return fmt.Sprintf("parsing #%v byte, around ...|%s|..., whole buffer ...|%s|...", iter.head, + string(iter.buf[peekStart:iter.head]), string(iter.buf[0:iter.tail])) +} + +func (iter *Iterator) readByte() (ret byte) { + if iter.head == iter.tail { + if iter.loadMore() { + ret = iter.buf[iter.head] + iter.head++ + return ret + } + return 0 + } + ret = iter.buf[iter.head] + iter.head++ + return ret +} + +func (iter *Iterator) loadMore() bool { + if iter.reader == nil { + if iter.Error == nil { + iter.head = iter.tail + iter.Error = io.EOF + } + return false + } + if iter.captured != nil { + iter.captured = append(iter.captured, + iter.buf[iter.captureStartedAt:iter.tail]...) + iter.captureStartedAt = 0 + } + for { + n, err := iter.reader.Read(iter.buf) + if n == 0 { + if err != nil { + if iter.Error == nil { + iter.Error = err + } + return false + } + } else { + iter.head = 0 + iter.tail = n + return true + } + } +} + +func (iter *Iterator) unreadByte() { + if iter.Error != nil { + return + } + iter.head-- + return +} + +// Read read the next JSON element as generic interface{}. +func (iter *Iterator) Read() interface{} { + valueType := iter.WhatIsNext() + switch valueType { + case StringValue: + return iter.ReadString() + case NumberValue: + if iter.cfg.configBeforeFrozen.UseNumber { + return json.Number(iter.readNumberAsString()) + } + return iter.ReadFloat64() + case NilValue: + iter.skipFourBytes('n', 'u', 'l', 'l') + return nil + case BoolValue: + return iter.ReadBool() + case ArrayValue: + arr := []interface{}{} + iter.ReadArrayCB(func(iter *Iterator) bool { + var elem interface{} + iter.ReadVal(&elem) + arr = append(arr, elem) + return true + }) + return arr + case ObjectValue: + obj := map[string]interface{}{} + iter.ReadMapCB(func(Iter *Iterator, field string) bool { + var elem interface{} + iter.ReadVal(&elem) + obj[field] = elem + return true + }) + return obj + default: + iter.ReportError("Read", fmt.Sprintf("unexpected value type: %v", valueType)) + return nil + } +} + +// limit maximum depth of nesting, as allowed by https://tools.ietf.org/html/rfc7159#section-9 +const maxDepth = 10000 + +func (iter *Iterator) incrementDepth() (success bool) { + iter.depth++ + if iter.depth <= maxDepth { + return true + } + iter.ReportError("incrementDepth", "exceeded max depth") + return false +} + +func (iter *Iterator) decrementDepth() (success bool) { + iter.depth-- + if iter.depth >= 0 { + return true + } + iter.ReportError("decrementDepth", "unexpected negative nesting") + return false +} diff --git a/vendor/github.com/json-iterator/go/iter_array.go b/vendor/github.com/json-iterator/go/iter_array.go new file mode 100644 index 0000000000000..204fe0e0922aa --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_array.go @@ -0,0 +1,64 @@ +package jsoniter + +// ReadArray read array element, tells if the array has more element to read. +func (iter *Iterator) ReadArray() (ret bool) { + c := iter.nextToken() + switch c { + case 'n': + iter.skipThreeBytes('u', 'l', 'l') + return false // null + case '[': + c = iter.nextToken() + if c != ']' { + iter.unreadByte() + return true + } + return false + case ']': + return false + case ',': + return true + default: + iter.ReportError("ReadArray", "expect [ or , or ] or n, but found "+string([]byte{c})) + return + } +} + +// ReadArrayCB read array with callback +func (iter *Iterator) ReadArrayCB(callback func(*Iterator) bool) (ret bool) { + c := iter.nextToken() + if c == '[' { + if !iter.incrementDepth() { + return false + } + c = iter.nextToken() + if c != ']' { + iter.unreadByte() + if !callback(iter) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + for c == ',' { + if !callback(iter) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + } + if c != ']' { + iter.ReportError("ReadArrayCB", "expect ] in the end, but found "+string([]byte{c})) + iter.decrementDepth() + return false + } + return iter.decrementDepth() + } + return iter.decrementDepth() + } + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return true // null + } + iter.ReportError("ReadArrayCB", "expect [ or n, but found "+string([]byte{c})) + return false +} diff --git a/vendor/github.com/json-iterator/go/iter_float.go b/vendor/github.com/json-iterator/go/iter_float.go new file mode 100644 index 0000000000000..b9754638e8886 --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_float.go @@ -0,0 +1,339 @@ +package jsoniter + +import ( + "encoding/json" + "io" + "math/big" + "strconv" + "strings" + "unsafe" +) + +var floatDigits []int8 + +const invalidCharForNumber = int8(-1) +const endOfNumber = int8(-2) +const dotInNumber = int8(-3) + +func init() { + floatDigits = make([]int8, 256) + for i := 0; i < len(floatDigits); i++ { + floatDigits[i] = invalidCharForNumber + } + for i := int8('0'); i <= int8('9'); i++ { + floatDigits[i] = i - int8('0') + } + floatDigits[','] = endOfNumber + floatDigits[']'] = endOfNumber + floatDigits['}'] = endOfNumber + floatDigits[' '] = endOfNumber + floatDigits['\t'] = endOfNumber + floatDigits['\n'] = endOfNumber + floatDigits['.'] = dotInNumber +} + +// ReadBigFloat read big.Float +func (iter *Iterator) ReadBigFloat() (ret *big.Float) { + str := iter.readNumberAsString() + if iter.Error != nil && iter.Error != io.EOF { + return nil + } + prec := 64 + if len(str) > prec { + prec = len(str) + } + val, _, err := big.ParseFloat(str, 10, uint(prec), big.ToZero) + if err != nil { + iter.Error = err + return nil + } + return val +} + +// ReadBigInt read big.Int +func (iter *Iterator) ReadBigInt() (ret *big.Int) { + str := iter.readNumberAsString() + if iter.Error != nil && iter.Error != io.EOF { + return nil + } + ret = big.NewInt(0) + var success bool + ret, success = ret.SetString(str, 10) + if !success { + iter.ReportError("ReadBigInt", "invalid big int") + return nil + } + return ret +} + +//ReadFloat32 read float32 +func (iter *Iterator) ReadFloat32() (ret float32) { + c := iter.nextToken() + if c == '-' { + return -iter.readPositiveFloat32() + } + iter.unreadByte() + return iter.readPositiveFloat32() +} + +func (iter *Iterator) readPositiveFloat32() (ret float32) { + i := iter.head + // first char + if i == iter.tail { + return iter.readFloat32SlowPath() + } + c := iter.buf[i] + i++ + ind := floatDigits[c] + switch ind { + case invalidCharForNumber: + return iter.readFloat32SlowPath() + case endOfNumber: + iter.ReportError("readFloat32", "empty number") + return + case dotInNumber: + iter.ReportError("readFloat32", "leading dot is invalid") + return + case 0: + if i == iter.tail { + return iter.readFloat32SlowPath() + } + c = iter.buf[i] + switch c { + case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + iter.ReportError("readFloat32", "leading zero is invalid") + return + } + } + value := uint64(ind) + // chars before dot +non_decimal_loop: + for ; i < iter.tail; i++ { + c = iter.buf[i] + ind := floatDigits[c] + switch ind { + case invalidCharForNumber: + return iter.readFloat32SlowPath() + case endOfNumber: + iter.head = i + return float32(value) + case dotInNumber: + break non_decimal_loop + } + if value > uint64SafeToMultiple10 { + return iter.readFloat32SlowPath() + } + value = (value << 3) + (value << 1) + uint64(ind) // value = value * 10 + ind; + } + // chars after dot + if c == '.' { + i++ + decimalPlaces := 0 + if i == iter.tail { + return iter.readFloat32SlowPath() + } + for ; i < iter.tail; i++ { + c = iter.buf[i] + ind := floatDigits[c] + switch ind { + case endOfNumber: + if decimalPlaces > 0 && decimalPlaces < len(pow10) { + iter.head = i + return float32(float64(value) / float64(pow10[decimalPlaces])) + } + // too many decimal places + return iter.readFloat32SlowPath() + case invalidCharForNumber, dotInNumber: + return iter.readFloat32SlowPath() + } + decimalPlaces++ + if value > uint64SafeToMultiple10 { + return iter.readFloat32SlowPath() + } + value = (value << 3) + (value << 1) + uint64(ind) + } + } + return iter.readFloat32SlowPath() +} + +func (iter *Iterator) readNumberAsString() (ret string) { + strBuf := [16]byte{} + str := strBuf[0:0] +load_loop: + for { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + switch c { + case '+', '-', '.', 'e', 'E', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + str = append(str, c) + continue + default: + iter.head = i + break load_loop + } + } + if !iter.loadMore() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF { + return + } + if len(str) == 0 { + iter.ReportError("readNumberAsString", "invalid number") + } + return *(*string)(unsafe.Pointer(&str)) +} + +func (iter *Iterator) readFloat32SlowPath() (ret float32) { + str := iter.readNumberAsString() + if iter.Error != nil && iter.Error != io.EOF { + return + } + errMsg := validateFloat(str) + if errMsg != "" { + iter.ReportError("readFloat32SlowPath", errMsg) + return + } + val, err := strconv.ParseFloat(str, 32) + if err != nil { + iter.Error = err + return + } + return float32(val) +} + +// ReadFloat64 read float64 +func (iter *Iterator) ReadFloat64() (ret float64) { + c := iter.nextToken() + if c == '-' { + return -iter.readPositiveFloat64() + } + iter.unreadByte() + return iter.readPositiveFloat64() +} + +func (iter *Iterator) readPositiveFloat64() (ret float64) { + i := iter.head + // first char + if i == iter.tail { + return iter.readFloat64SlowPath() + } + c := iter.buf[i] + i++ + ind := floatDigits[c] + switch ind { + case invalidCharForNumber: + return iter.readFloat64SlowPath() + case endOfNumber: + iter.ReportError("readFloat64", "empty number") + return + case dotInNumber: + iter.ReportError("readFloat64", "leading dot is invalid") + return + case 0: + if i == iter.tail { + return iter.readFloat64SlowPath() + } + c = iter.buf[i] + switch c { + case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + iter.ReportError("readFloat64", "leading zero is invalid") + return + } + } + value := uint64(ind) + // chars before dot +non_decimal_loop: + for ; i < iter.tail; i++ { + c = iter.buf[i] + ind := floatDigits[c] + switch ind { + case invalidCharForNumber: + return iter.readFloat64SlowPath() + case endOfNumber: + iter.head = i + return float64(value) + case dotInNumber: + break non_decimal_loop + } + if value > uint64SafeToMultiple10 { + return iter.readFloat64SlowPath() + } + value = (value << 3) + (value << 1) + uint64(ind) // value = value * 10 + ind; + } + // chars after dot + if c == '.' { + i++ + decimalPlaces := 0 + if i == iter.tail { + return iter.readFloat64SlowPath() + } + for ; i < iter.tail; i++ { + c = iter.buf[i] + ind := floatDigits[c] + switch ind { + case endOfNumber: + if decimalPlaces > 0 && decimalPlaces < len(pow10) { + iter.head = i + return float64(value) / float64(pow10[decimalPlaces]) + } + // too many decimal places + return iter.readFloat64SlowPath() + case invalidCharForNumber, dotInNumber: + return iter.readFloat64SlowPath() + } + decimalPlaces++ + if value > uint64SafeToMultiple10 { + return iter.readFloat64SlowPath() + } + value = (value << 3) + (value << 1) + uint64(ind) + } + } + return iter.readFloat64SlowPath() +} + +func (iter *Iterator) readFloat64SlowPath() (ret float64) { + str := iter.readNumberAsString() + if iter.Error != nil && iter.Error != io.EOF { + return + } + errMsg := validateFloat(str) + if errMsg != "" { + iter.ReportError("readFloat64SlowPath", errMsg) + return + } + val, err := strconv.ParseFloat(str, 64) + if err != nil { + iter.Error = err + return + } + return val +} + +func validateFloat(str string) string { + // strconv.ParseFloat is not validating `1.` or `1.e1` + if len(str) == 0 { + return "empty number" + } + if str[0] == '-' { + return "-- is not valid" + } + dotPos := strings.IndexByte(str, '.') + if dotPos != -1 { + if dotPos == len(str)-1 { + return "dot can not be last character" + } + switch str[dotPos+1] { + case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + default: + return "missing digit after dot" + } + } + return "" +} + +// ReadNumber read json.Number +func (iter *Iterator) ReadNumber() (ret json.Number) { + return json.Number(iter.readNumberAsString()) +} diff --git a/vendor/github.com/json-iterator/go/iter_int.go b/vendor/github.com/json-iterator/go/iter_int.go new file mode 100644 index 0000000000000..2142320355e87 --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_int.go @@ -0,0 +1,345 @@ +package jsoniter + +import ( + "math" + "strconv" +) + +var intDigits []int8 + +const uint32SafeToMultiply10 = uint32(0xffffffff)/10 - 1 +const uint64SafeToMultiple10 = uint64(0xffffffffffffffff)/10 - 1 + +func init() { + intDigits = make([]int8, 256) + for i := 0; i < len(intDigits); i++ { + intDigits[i] = invalidCharForNumber + } + for i := int8('0'); i <= int8('9'); i++ { + intDigits[i] = i - int8('0') + } +} + +// ReadUint read uint +func (iter *Iterator) ReadUint() uint { + if strconv.IntSize == 32 { + return uint(iter.ReadUint32()) + } + return uint(iter.ReadUint64()) +} + +// ReadInt read int +func (iter *Iterator) ReadInt() int { + if strconv.IntSize == 32 { + return int(iter.ReadInt32()) + } + return int(iter.ReadInt64()) +} + +// ReadInt8 read int8 +func (iter *Iterator) ReadInt8() (ret int8) { + c := iter.nextToken() + if c == '-' { + val := iter.readUint32(iter.readByte()) + if val > math.MaxInt8+1 { + iter.ReportError("ReadInt8", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return -int8(val) + } + val := iter.readUint32(c) + if val > math.MaxInt8 { + iter.ReportError("ReadInt8", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return int8(val) +} + +// ReadUint8 read uint8 +func (iter *Iterator) ReadUint8() (ret uint8) { + val := iter.readUint32(iter.nextToken()) + if val > math.MaxUint8 { + iter.ReportError("ReadUint8", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return uint8(val) +} + +// ReadInt16 read int16 +func (iter *Iterator) ReadInt16() (ret int16) { + c := iter.nextToken() + if c == '-' { + val := iter.readUint32(iter.readByte()) + if val > math.MaxInt16+1 { + iter.ReportError("ReadInt16", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return -int16(val) + } + val := iter.readUint32(c) + if val > math.MaxInt16 { + iter.ReportError("ReadInt16", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return int16(val) +} + +// ReadUint16 read uint16 +func (iter *Iterator) ReadUint16() (ret uint16) { + val := iter.readUint32(iter.nextToken()) + if val > math.MaxUint16 { + iter.ReportError("ReadUint16", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return uint16(val) +} + +// ReadInt32 read int32 +func (iter *Iterator) ReadInt32() (ret int32) { + c := iter.nextToken() + if c == '-' { + val := iter.readUint32(iter.readByte()) + if val > math.MaxInt32+1 { + iter.ReportError("ReadInt32", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return -int32(val) + } + val := iter.readUint32(c) + if val > math.MaxInt32 { + iter.ReportError("ReadInt32", "overflow: "+strconv.FormatInt(int64(val), 10)) + return + } + return int32(val) +} + +// ReadUint32 read uint32 +func (iter *Iterator) ReadUint32() (ret uint32) { + return iter.readUint32(iter.nextToken()) +} + +func (iter *Iterator) readUint32(c byte) (ret uint32) { + ind := intDigits[c] + if ind == 0 { + iter.assertInteger() + return 0 // single zero + } + if ind == invalidCharForNumber { + iter.ReportError("readUint32", "unexpected character: "+string([]byte{byte(ind)})) + return + } + value := uint32(ind) + if iter.tail-iter.head > 10 { + i := iter.head + ind2 := intDigits[iter.buf[i]] + if ind2 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value + } + i++ + ind3 := intDigits[iter.buf[i]] + if ind3 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*10 + uint32(ind2) + } + //iter.head = i + 1 + //value = value * 100 + uint32(ind2) * 10 + uint32(ind3) + i++ + ind4 := intDigits[iter.buf[i]] + if ind4 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*100 + uint32(ind2)*10 + uint32(ind3) + } + i++ + ind5 := intDigits[iter.buf[i]] + if ind5 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*1000 + uint32(ind2)*100 + uint32(ind3)*10 + uint32(ind4) + } + i++ + ind6 := intDigits[iter.buf[i]] + if ind6 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*10000 + uint32(ind2)*1000 + uint32(ind3)*100 + uint32(ind4)*10 + uint32(ind5) + } + i++ + ind7 := intDigits[iter.buf[i]] + if ind7 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*100000 + uint32(ind2)*10000 + uint32(ind3)*1000 + uint32(ind4)*100 + uint32(ind5)*10 + uint32(ind6) + } + i++ + ind8 := intDigits[iter.buf[i]] + if ind8 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*1000000 + uint32(ind2)*100000 + uint32(ind3)*10000 + uint32(ind4)*1000 + uint32(ind5)*100 + uint32(ind6)*10 + uint32(ind7) + } + i++ + ind9 := intDigits[iter.buf[i]] + value = value*10000000 + uint32(ind2)*1000000 + uint32(ind3)*100000 + uint32(ind4)*10000 + uint32(ind5)*1000 + uint32(ind6)*100 + uint32(ind7)*10 + uint32(ind8) + iter.head = i + if ind9 == invalidCharForNumber { + iter.assertInteger() + return value + } + } + for { + for i := iter.head; i < iter.tail; i++ { + ind = intDigits[iter.buf[i]] + if ind == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value + } + if value > uint32SafeToMultiply10 { + value2 := (value << 3) + (value << 1) + uint32(ind) + if value2 < value { + iter.ReportError("readUint32", "overflow") + return + } + value = value2 + continue + } + value = (value << 3) + (value << 1) + uint32(ind) + } + if !iter.loadMore() { + iter.assertInteger() + return value + } + } +} + +// ReadInt64 read int64 +func (iter *Iterator) ReadInt64() (ret int64) { + c := iter.nextToken() + if c == '-' { + val := iter.readUint64(iter.readByte()) + if val > math.MaxInt64+1 { + iter.ReportError("ReadInt64", "overflow: "+strconv.FormatUint(uint64(val), 10)) + return + } + return -int64(val) + } + val := iter.readUint64(c) + if val > math.MaxInt64 { + iter.ReportError("ReadInt64", "overflow: "+strconv.FormatUint(uint64(val), 10)) + return + } + return int64(val) +} + +// ReadUint64 read uint64 +func (iter *Iterator) ReadUint64() uint64 { + return iter.readUint64(iter.nextToken()) +} + +func (iter *Iterator) readUint64(c byte) (ret uint64) { + ind := intDigits[c] + if ind == 0 { + iter.assertInteger() + return 0 // single zero + } + if ind == invalidCharForNumber { + iter.ReportError("readUint64", "unexpected character: "+string([]byte{byte(ind)})) + return + } + value := uint64(ind) + if iter.tail-iter.head > 10 { + i := iter.head + ind2 := intDigits[iter.buf[i]] + if ind2 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value + } + i++ + ind3 := intDigits[iter.buf[i]] + if ind3 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*10 + uint64(ind2) + } + //iter.head = i + 1 + //value = value * 100 + uint32(ind2) * 10 + uint32(ind3) + i++ + ind4 := intDigits[iter.buf[i]] + if ind4 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*100 + uint64(ind2)*10 + uint64(ind3) + } + i++ + ind5 := intDigits[iter.buf[i]] + if ind5 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*1000 + uint64(ind2)*100 + uint64(ind3)*10 + uint64(ind4) + } + i++ + ind6 := intDigits[iter.buf[i]] + if ind6 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*10000 + uint64(ind2)*1000 + uint64(ind3)*100 + uint64(ind4)*10 + uint64(ind5) + } + i++ + ind7 := intDigits[iter.buf[i]] + if ind7 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*100000 + uint64(ind2)*10000 + uint64(ind3)*1000 + uint64(ind4)*100 + uint64(ind5)*10 + uint64(ind6) + } + i++ + ind8 := intDigits[iter.buf[i]] + if ind8 == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value*1000000 + uint64(ind2)*100000 + uint64(ind3)*10000 + uint64(ind4)*1000 + uint64(ind5)*100 + uint64(ind6)*10 + uint64(ind7) + } + i++ + ind9 := intDigits[iter.buf[i]] + value = value*10000000 + uint64(ind2)*1000000 + uint64(ind3)*100000 + uint64(ind4)*10000 + uint64(ind5)*1000 + uint64(ind6)*100 + uint64(ind7)*10 + uint64(ind8) + iter.head = i + if ind9 == invalidCharForNumber { + iter.assertInteger() + return value + } + } + for { + for i := iter.head; i < iter.tail; i++ { + ind = intDigits[iter.buf[i]] + if ind == invalidCharForNumber { + iter.head = i + iter.assertInteger() + return value + } + if value > uint64SafeToMultiple10 { + value2 := (value << 3) + (value << 1) + uint64(ind) + if value2 < value { + iter.ReportError("readUint64", "overflow") + return + } + value = value2 + continue + } + value = (value << 3) + (value << 1) + uint64(ind) + } + if !iter.loadMore() { + iter.assertInteger() + return value + } + } +} + +func (iter *Iterator) assertInteger() { + if iter.head < len(iter.buf) && iter.buf[iter.head] == '.' { + iter.ReportError("assertInteger", "can not decode float as int") + } +} diff --git a/vendor/github.com/json-iterator/go/iter_object.go b/vendor/github.com/json-iterator/go/iter_object.go new file mode 100644 index 0000000000000..58ee89c849e7b --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_object.go @@ -0,0 +1,267 @@ +package jsoniter + +import ( + "fmt" + "strings" +) + +// ReadObject read one field from object. +// If object ended, returns empty string. +// Otherwise, returns the field name. +func (iter *Iterator) ReadObject() (ret string) { + c := iter.nextToken() + switch c { + case 'n': + iter.skipThreeBytes('u', 'l', 'l') + return "" // null + case '{': + c = iter.nextToken() + if c == '"' { + iter.unreadByte() + field := iter.ReadString() + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + return field + } + if c == '}' { + return "" // end of object + } + iter.ReportError("ReadObject", `expect " after {, but found `+string([]byte{c})) + return + case ',': + field := iter.ReadString() + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + return field + case '}': + return "" // end of object + default: + iter.ReportError("ReadObject", fmt.Sprintf(`expect { or , or } or n, but found %s`, string([]byte{c}))) + return + } +} + +// CaseInsensitive +func (iter *Iterator) readFieldHash() int64 { + hash := int64(0x811c9dc5) + c := iter.nextToken() + if c != '"' { + iter.ReportError("readFieldHash", `expect ", but found `+string([]byte{c})) + return 0 + } + for { + for i := iter.head; i < iter.tail; i++ { + // require ascii string and no escape + b := iter.buf[i] + if b == '\\' { + iter.head = i + for _, b := range iter.readStringSlowPath() { + if 'A' <= b && b <= 'Z' && !iter.cfg.caseSensitive { + b += 'a' - 'A' + } + hash ^= int64(b) + hash *= 0x1000193 + } + c = iter.nextToken() + if c != ':' { + iter.ReportError("readFieldHash", `expect :, but found `+string([]byte{c})) + return 0 + } + return hash + } + if b == '"' { + iter.head = i + 1 + c = iter.nextToken() + if c != ':' { + iter.ReportError("readFieldHash", `expect :, but found `+string([]byte{c})) + return 0 + } + return hash + } + if 'A' <= b && b <= 'Z' && !iter.cfg.caseSensitive { + b += 'a' - 'A' + } + hash ^= int64(b) + hash *= 0x1000193 + } + if !iter.loadMore() { + iter.ReportError("readFieldHash", `incomplete field name`) + return 0 + } + } +} + +func calcHash(str string, caseSensitive bool) int64 { + if !caseSensitive { + str = strings.ToLower(str) + } + hash := int64(0x811c9dc5) + for _, b := range []byte(str) { + hash ^= int64(b) + hash *= 0x1000193 + } + return int64(hash) +} + +// ReadObjectCB read object with callback, the key is ascii only and field name not copied +func (iter *Iterator) ReadObjectCB(callback func(*Iterator, string) bool) bool { + c := iter.nextToken() + var field string + if c == '{' { + if !iter.incrementDepth() { + return false + } + c = iter.nextToken() + if c == '"' { + iter.unreadByte() + field = iter.ReadString() + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + if !callback(iter, field) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + for c == ',' { + field = iter.ReadString() + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + if !callback(iter, field) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + } + if c != '}' { + iter.ReportError("ReadObjectCB", `object not ended with }`) + iter.decrementDepth() + return false + } + return iter.decrementDepth() + } + if c == '}' { + return iter.decrementDepth() + } + iter.ReportError("ReadObjectCB", `expect " after {, but found `+string([]byte{c})) + iter.decrementDepth() + return false + } + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return true // null + } + iter.ReportError("ReadObjectCB", `expect { or n, but found `+string([]byte{c})) + return false +} + +// ReadMapCB read map with callback, the key can be any string +func (iter *Iterator) ReadMapCB(callback func(*Iterator, string) bool) bool { + c := iter.nextToken() + if c == '{' { + if !iter.incrementDepth() { + return false + } + c = iter.nextToken() + if c == '"' { + iter.unreadByte() + field := iter.ReadString() + if iter.nextToken() != ':' { + iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c})) + iter.decrementDepth() + return false + } + if !callback(iter, field) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + for c == ',' { + field = iter.ReadString() + if iter.nextToken() != ':' { + iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c})) + iter.decrementDepth() + return false + } + if !callback(iter, field) { + iter.decrementDepth() + return false + } + c = iter.nextToken() + } + if c != '}' { + iter.ReportError("ReadMapCB", `object not ended with }`) + iter.decrementDepth() + return false + } + return iter.decrementDepth() + } + if c == '}' { + return iter.decrementDepth() + } + iter.ReportError("ReadMapCB", `expect " after {, but found `+string([]byte{c})) + iter.decrementDepth() + return false + } + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return true // null + } + iter.ReportError("ReadMapCB", `expect { or n, but found `+string([]byte{c})) + return false +} + +func (iter *Iterator) readObjectStart() bool { + c := iter.nextToken() + if c == '{' { + c = iter.nextToken() + if c == '}' { + return false + } + iter.unreadByte() + return true + } else if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return false + } + iter.ReportError("readObjectStart", "expect { or n, but found "+string([]byte{c})) + return false +} + +func (iter *Iterator) readObjectFieldAsBytes() (ret []byte) { + str := iter.ReadStringAsSlice() + if iter.skipWhitespacesWithoutLoadMore() { + if ret == nil { + ret = make([]byte, len(str)) + copy(ret, str) + } + if !iter.loadMore() { + return + } + } + if iter.buf[iter.head] != ':' { + iter.ReportError("readObjectFieldAsBytes", "expect : after object field, but found "+string([]byte{iter.buf[iter.head]})) + return + } + iter.head++ + if iter.skipWhitespacesWithoutLoadMore() { + if ret == nil { + ret = make([]byte, len(str)) + copy(ret, str) + } + if !iter.loadMore() { + return + } + } + if ret == nil { + return str + } + return ret +} diff --git a/vendor/github.com/json-iterator/go/iter_skip.go b/vendor/github.com/json-iterator/go/iter_skip.go new file mode 100644 index 0000000000000..e91eefb15becf --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_skip.go @@ -0,0 +1,130 @@ +package jsoniter + +import "fmt" + +// ReadNil reads a json object as nil and +// returns whether it's a nil or not +func (iter *Iterator) ReadNil() (ret bool) { + c := iter.nextToken() + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') // null + return true + } + iter.unreadByte() + return false +} + +// ReadBool reads a json object as BoolValue +func (iter *Iterator) ReadBool() (ret bool) { + c := iter.nextToken() + if c == 't' { + iter.skipThreeBytes('r', 'u', 'e') + return true + } + if c == 'f' { + iter.skipFourBytes('a', 'l', 's', 'e') + return false + } + iter.ReportError("ReadBool", "expect t or f, but found "+string([]byte{c})) + return +} + +// SkipAndReturnBytes skip next JSON element, and return its content as []byte. +// The []byte can be kept, it is a copy of data. +func (iter *Iterator) SkipAndReturnBytes() []byte { + iter.startCapture(iter.head) + iter.Skip() + return iter.stopCapture() +} + +// SkipAndAppendBytes skips next JSON element and appends its content to +// buffer, returning the result. +func (iter *Iterator) SkipAndAppendBytes(buf []byte) []byte { + iter.startCaptureTo(buf, iter.head) + iter.Skip() + return iter.stopCapture() +} + +func (iter *Iterator) startCaptureTo(buf []byte, captureStartedAt int) { + if iter.captured != nil { + panic("already in capture mode") + } + iter.captureStartedAt = captureStartedAt + iter.captured = buf +} + +func (iter *Iterator) startCapture(captureStartedAt int) { + iter.startCaptureTo(make([]byte, 0, 32), captureStartedAt) +} + +func (iter *Iterator) stopCapture() []byte { + if iter.captured == nil { + panic("not in capture mode") + } + captured := iter.captured + remaining := iter.buf[iter.captureStartedAt:iter.head] + iter.captureStartedAt = -1 + iter.captured = nil + return append(captured, remaining...) +} + +// Skip skips a json object and positions to relatively the next json object +func (iter *Iterator) Skip() { + c := iter.nextToken() + switch c { + case '"': + iter.skipString() + case 'n': + iter.skipThreeBytes('u', 'l', 'l') // null + case 't': + iter.skipThreeBytes('r', 'u', 'e') // true + case 'f': + iter.skipFourBytes('a', 'l', 's', 'e') // false + case '0': + iter.unreadByte() + iter.ReadFloat32() + case '-', '1', '2', '3', '4', '5', '6', '7', '8', '9': + iter.skipNumber() + case '[': + iter.skipArray() + case '{': + iter.skipObject() + default: + iter.ReportError("Skip", fmt.Sprintf("do not know how to skip: %v", c)) + return + } +} + +func (iter *Iterator) skipFourBytes(b1, b2, b3, b4 byte) { + if iter.readByte() != b1 { + iter.ReportError("skipFourBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3, b4}))) + return + } + if iter.readByte() != b2 { + iter.ReportError("skipFourBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3, b4}))) + return + } + if iter.readByte() != b3 { + iter.ReportError("skipFourBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3, b4}))) + return + } + if iter.readByte() != b4 { + iter.ReportError("skipFourBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3, b4}))) + return + } +} + +func (iter *Iterator) skipThreeBytes(b1, b2, b3 byte) { + if iter.readByte() != b1 { + iter.ReportError("skipThreeBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3}))) + return + } + if iter.readByte() != b2 { + iter.ReportError("skipThreeBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3}))) + return + } + if iter.readByte() != b3 { + iter.ReportError("skipThreeBytes", fmt.Sprintf("expect %s", string([]byte{b1, b2, b3}))) + return + } +} diff --git a/vendor/github.com/json-iterator/go/iter_skip_sloppy.go b/vendor/github.com/json-iterator/go/iter_skip_sloppy.go new file mode 100644 index 0000000000000..9303de41e4005 --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_skip_sloppy.go @@ -0,0 +1,163 @@ +//+build jsoniter_sloppy + +package jsoniter + +// sloppy but faster implementation, do not validate the input json + +func (iter *Iterator) skipNumber() { + for { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + switch c { + case ' ', '\n', '\r', '\t', ',', '}', ']': + iter.head = i + return + } + } + if !iter.loadMore() { + return + } + } +} + +func (iter *Iterator) skipArray() { + level := 1 + if !iter.incrementDepth() { + return + } + for { + for i := iter.head; i < iter.tail; i++ { + switch iter.buf[i] { + case '"': // If inside string, skip it + iter.head = i + 1 + iter.skipString() + i = iter.head - 1 // it will be i++ soon + case '[': // If open symbol, increase level + level++ + if !iter.incrementDepth() { + return + } + case ']': // If close symbol, increase level + level-- + if !iter.decrementDepth() { + return + } + + // If we have returned to the original level, we're done + if level == 0 { + iter.head = i + 1 + return + } + } + } + if !iter.loadMore() { + iter.ReportError("skipObject", "incomplete array") + return + } + } +} + +func (iter *Iterator) skipObject() { + level := 1 + if !iter.incrementDepth() { + return + } + + for { + for i := iter.head; i < iter.tail; i++ { + switch iter.buf[i] { + case '"': // If inside string, skip it + iter.head = i + 1 + iter.skipString() + i = iter.head - 1 // it will be i++ soon + case '{': // If open symbol, increase level + level++ + if !iter.incrementDepth() { + return + } + case '}': // If close symbol, increase level + level-- + if !iter.decrementDepth() { + return + } + + // If we have returned to the original level, we're done + if level == 0 { + iter.head = i + 1 + return + } + } + } + if !iter.loadMore() { + iter.ReportError("skipObject", "incomplete object") + return + } + } +} + +func (iter *Iterator) skipString() { + for { + end, escaped := iter.findStringEnd() + if end == -1 { + if !iter.loadMore() { + iter.ReportError("skipString", "incomplete string") + return + } + if escaped { + iter.head = 1 // skip the first char as last char read is \ + } + } else { + iter.head = end + return + } + } +} + +// adapted from: https://github.com/buger/jsonparser/blob/master/parser.go +// Tries to find the end of string +// Support if string contains escaped quote symbols. +func (iter *Iterator) findStringEnd() (int, bool) { + escaped := false + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + if c == '"' { + if !escaped { + return i + 1, false + } + j := i - 1 + for { + if j < iter.head || iter.buf[j] != '\\' { + // even number of backslashes + // either end of buffer, or " found + return i + 1, true + } + j-- + if j < iter.head || iter.buf[j] != '\\' { + // odd number of backslashes + // it is \" or \\\" + break + } + j-- + } + } else if c == '\\' { + escaped = true + } + } + j := iter.tail - 1 + for { + if j < iter.head || iter.buf[j] != '\\' { + // even number of backslashes + // either end of buffer, or " found + return -1, false // do not end with \ + } + j-- + if j < iter.head || iter.buf[j] != '\\' { + // odd number of backslashes + // it is \" or \\\" + break + } + j-- + + } + return -1, true // end with \ +} diff --git a/vendor/github.com/json-iterator/go/iter_skip_strict.go b/vendor/github.com/json-iterator/go/iter_skip_strict.go new file mode 100644 index 0000000000000..6cf66d0438dbe --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_skip_strict.go @@ -0,0 +1,99 @@ +//+build !jsoniter_sloppy + +package jsoniter + +import ( + "fmt" + "io" +) + +func (iter *Iterator) skipNumber() { + if !iter.trySkipNumber() { + iter.unreadByte() + if iter.Error != nil && iter.Error != io.EOF { + return + } + iter.ReadFloat64() + if iter.Error != nil && iter.Error != io.EOF { + iter.Error = nil + iter.ReadBigFloat() + } + } +} + +func (iter *Iterator) trySkipNumber() bool { + dotFound := false + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + switch c { + case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + case '.': + if dotFound { + iter.ReportError("validateNumber", `more than one dot found in number`) + return true // already failed + } + if i+1 == iter.tail { + return false + } + c = iter.buf[i+1] + switch c { + case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9': + default: + iter.ReportError("validateNumber", `missing digit after dot`) + return true // already failed + } + dotFound = true + default: + switch c { + case ',', ']', '}', ' ', '\t', '\n', '\r': + if iter.head == i { + return false // if - without following digits + } + iter.head = i + return true // must be valid + } + return false // may be invalid + } + } + return false +} + +func (iter *Iterator) skipString() { + if !iter.trySkipString() { + iter.unreadByte() + iter.ReadString() + } +} + +func (iter *Iterator) trySkipString() bool { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + if c == '"' { + iter.head = i + 1 + return true // valid + } else if c == '\\' { + return false + } else if c < ' ' { + iter.ReportError("trySkipString", + fmt.Sprintf(`invalid control character found: %d`, c)) + return true // already failed + } + } + return false +} + +func (iter *Iterator) skipObject() { + iter.unreadByte() + iter.ReadObjectCB(func(iter *Iterator, field string) bool { + iter.Skip() + return true + }) +} + +func (iter *Iterator) skipArray() { + iter.unreadByte() + iter.ReadArrayCB(func(iter *Iterator) bool { + iter.Skip() + return true + }) +} diff --git a/vendor/github.com/json-iterator/go/iter_str.go b/vendor/github.com/json-iterator/go/iter_str.go new file mode 100644 index 0000000000000..adc487ea80483 --- /dev/null +++ b/vendor/github.com/json-iterator/go/iter_str.go @@ -0,0 +1,215 @@ +package jsoniter + +import ( + "fmt" + "unicode/utf16" +) + +// ReadString read string from iterator +func (iter *Iterator) ReadString() (ret string) { + c := iter.nextToken() + if c == '"' { + for i := iter.head; i < iter.tail; i++ { + c := iter.buf[i] + if c == '"' { + ret = string(iter.buf[iter.head:i]) + iter.head = i + 1 + return ret + } else if c == '\\' { + break + } else if c < ' ' { + iter.ReportError("ReadString", + fmt.Sprintf(`invalid control character found: %d`, c)) + return + } + } + return iter.readStringSlowPath() + } else if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return "" + } + iter.ReportError("ReadString", `expects " or n, but found `+string([]byte{c})) + return +} + +func (iter *Iterator) readStringSlowPath() (ret string) { + var str []byte + var c byte + for iter.Error == nil { + c = iter.readByte() + if c == '"' { + return string(str) + } + if c == '\\' { + c = iter.readByte() + str = iter.readEscapedChar(c, str) + } else { + str = append(str, c) + } + } + iter.ReportError("readStringSlowPath", "unexpected end of input") + return +} + +func (iter *Iterator) readEscapedChar(c byte, str []byte) []byte { + switch c { + case 'u': + r := iter.readU4() + if utf16.IsSurrogate(r) { + c = iter.readByte() + if iter.Error != nil { + return nil + } + if c != '\\' { + iter.unreadByte() + str = appendRune(str, r) + return str + } + c = iter.readByte() + if iter.Error != nil { + return nil + } + if c != 'u' { + str = appendRune(str, r) + return iter.readEscapedChar(c, str) + } + r2 := iter.readU4() + if iter.Error != nil { + return nil + } + combined := utf16.DecodeRune(r, r2) + if combined == '\uFFFD' { + str = appendRune(str, r) + str = appendRune(str, r2) + } else { + str = appendRune(str, combined) + } + } else { + str = appendRune(str, r) + } + case '"': + str = append(str, '"') + case '\\': + str = append(str, '\\') + case '/': + str = append(str, '/') + case 'b': + str = append(str, '\b') + case 'f': + str = append(str, '\f') + case 'n': + str = append(str, '\n') + case 'r': + str = append(str, '\r') + case 't': + str = append(str, '\t') + default: + iter.ReportError("readEscapedChar", + `invalid escape char after \`) + return nil + } + return str +} + +// ReadStringAsSlice read string from iterator without copying into string form. +// The []byte can not be kept, as it will change after next iterator call. +func (iter *Iterator) ReadStringAsSlice() (ret []byte) { + c := iter.nextToken() + if c == '"' { + for i := iter.head; i < iter.tail; i++ { + // require ascii string and no escape + // for: field name, base64, number + if iter.buf[i] == '"' { + // fast path: reuse the underlying buffer + ret = iter.buf[iter.head:i] + iter.head = i + 1 + return ret + } + } + readLen := iter.tail - iter.head + copied := make([]byte, readLen, readLen*2) + copy(copied, iter.buf[iter.head:iter.tail]) + iter.head = iter.tail + for iter.Error == nil { + c := iter.readByte() + if c == '"' { + return copied + } + copied = append(copied, c) + } + return copied + } + iter.ReportError("ReadStringAsSlice", `expects " or n, but found `+string([]byte{c})) + return +} + +func (iter *Iterator) readU4() (ret rune) { + for i := 0; i < 4; i++ { + c := iter.readByte() + if iter.Error != nil { + return + } + if c >= '0' && c <= '9' { + ret = ret*16 + rune(c-'0') + } else if c >= 'a' && c <= 'f' { + ret = ret*16 + rune(c-'a'+10) + } else if c >= 'A' && c <= 'F' { + ret = ret*16 + rune(c-'A'+10) + } else { + iter.ReportError("readU4", "expects 0~9 or a~f, but found "+string([]byte{c})) + return + } + } + return ret +} + +const ( + t1 = 0x00 // 0000 0000 + tx = 0x80 // 1000 0000 + t2 = 0xC0 // 1100 0000 + t3 = 0xE0 // 1110 0000 + t4 = 0xF0 // 1111 0000 + t5 = 0xF8 // 1111 1000 + + maskx = 0x3F // 0011 1111 + mask2 = 0x1F // 0001 1111 + mask3 = 0x0F // 0000 1111 + mask4 = 0x07 // 0000 0111 + + rune1Max = 1<<7 - 1 + rune2Max = 1<<11 - 1 + rune3Max = 1<<16 - 1 + + surrogateMin = 0xD800 + surrogateMax = 0xDFFF + + maxRune = '\U0010FFFF' // Maximum valid Unicode code point. + runeError = '\uFFFD' // the "error" Rune or "Unicode replacement character" +) + +func appendRune(p []byte, r rune) []byte { + // Negative values are erroneous. Making it unsigned addresses the problem. + switch i := uint32(r); { + case i <= rune1Max: + p = append(p, byte(r)) + return p + case i <= rune2Max: + p = append(p, t2|byte(r>>6)) + p = append(p, tx|byte(r)&maskx) + return p + case i > maxRune, surrogateMin <= i && i <= surrogateMax: + r = runeError + fallthrough + case i <= rune3Max: + p = append(p, t3|byte(r>>12)) + p = append(p, tx|byte(r>>6)&maskx) + p = append(p, tx|byte(r)&maskx) + return p + default: + p = append(p, t4|byte(r>>18)) + p = append(p, tx|byte(r>>12)&maskx) + p = append(p, tx|byte(r>>6)&maskx) + p = append(p, tx|byte(r)&maskx) + return p + } +} diff --git a/vendor/github.com/json-iterator/go/jsoniter.go b/vendor/github.com/json-iterator/go/jsoniter.go new file mode 100644 index 0000000000000..c2934f916eb30 --- /dev/null +++ b/vendor/github.com/json-iterator/go/jsoniter.go @@ -0,0 +1,18 @@ +// Package jsoniter implements encoding and decoding of JSON as defined in +// RFC 4627 and provides interfaces with identical syntax of standard lib encoding/json. +// Converting from encoding/json to jsoniter is no more than replacing the package with jsoniter +// and variable type declarations (if any). +// jsoniter interfaces gives 100% compatibility with code using standard lib. +// +// "JSON and Go" +// (https://golang.org/doc/articles/json_and_go.html) +// gives a description of how Marshal/Unmarshal operate +// between arbitrary or predefined json objects and bytes, +// and it applies to jsoniter.Marshal/Unmarshal as well. +// +// Besides, jsoniter.Iterator provides a different set of interfaces +// iterating given bytes/string/reader +// and yielding parsed elements one by one. +// This set of interfaces reads input as required and gives +// better performance. +package jsoniter diff --git a/vendor/github.com/json-iterator/go/pool.go b/vendor/github.com/json-iterator/go/pool.go new file mode 100644 index 0000000000000..e2389b56cfff3 --- /dev/null +++ b/vendor/github.com/json-iterator/go/pool.go @@ -0,0 +1,42 @@ +package jsoniter + +import ( + "io" +) + +// IteratorPool a thread safe pool of iterators with same configuration +type IteratorPool interface { + BorrowIterator(data []byte) *Iterator + ReturnIterator(iter *Iterator) +} + +// StreamPool a thread safe pool of streams with same configuration +type StreamPool interface { + BorrowStream(writer io.Writer) *Stream + ReturnStream(stream *Stream) +} + +func (cfg *frozenConfig) BorrowStream(writer io.Writer) *Stream { + stream := cfg.streamPool.Get().(*Stream) + stream.Reset(writer) + return stream +} + +func (cfg *frozenConfig) ReturnStream(stream *Stream) { + stream.out = nil + stream.Error = nil + stream.Attachment = nil + cfg.streamPool.Put(stream) +} + +func (cfg *frozenConfig) BorrowIterator(data []byte) *Iterator { + iter := cfg.iteratorPool.Get().(*Iterator) + iter.ResetBytes(data) + return iter +} + +func (cfg *frozenConfig) ReturnIterator(iter *Iterator) { + iter.Error = nil + iter.Attachment = nil + cfg.iteratorPool.Put(iter) +} diff --git a/vendor/github.com/json-iterator/go/reflect.go b/vendor/github.com/json-iterator/go/reflect.go new file mode 100644 index 0000000000000..74974ba74b067 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect.go @@ -0,0 +1,337 @@ +package jsoniter + +import ( + "fmt" + "reflect" + "unsafe" + + "github.com/modern-go/reflect2" +) + +// ValDecoder is an internal type registered to cache as needed. +// Don't confuse jsoniter.ValDecoder with json.Decoder. +// For json.Decoder's adapter, refer to jsoniter.AdapterDecoder(todo link). +// +// Reflection on type to create decoders, which is then cached +// Reflection on value is avoided as we can, as the reflect.Value itself will allocate, with following exceptions +// 1. create instance of new value, for example *int will need a int to be allocated +// 2. append to slice, if the existing cap is not enough, allocate will be done using Reflect.New +// 3. assignment to map, both key and value will be reflect.Value +// For a simple struct binding, it will be reflect.Value free and allocation free +type ValDecoder interface { + Decode(ptr unsafe.Pointer, iter *Iterator) +} + +// ValEncoder is an internal type registered to cache as needed. +// Don't confuse jsoniter.ValEncoder with json.Encoder. +// For json.Encoder's adapter, refer to jsoniter.AdapterEncoder(todo godoc link). +type ValEncoder interface { + IsEmpty(ptr unsafe.Pointer) bool + Encode(ptr unsafe.Pointer, stream *Stream) +} + +type checkIsEmpty interface { + IsEmpty(ptr unsafe.Pointer) bool +} + +type ctx struct { + *frozenConfig + prefix string + encoders map[reflect2.Type]ValEncoder + decoders map[reflect2.Type]ValDecoder +} + +func (b *ctx) caseSensitive() bool { + if b.frozenConfig == nil { + // default is case-insensitive + return false + } + return b.frozenConfig.caseSensitive +} + +func (b *ctx) append(prefix string) *ctx { + return &ctx{ + frozenConfig: b.frozenConfig, + prefix: b.prefix + " " + prefix, + encoders: b.encoders, + decoders: b.decoders, + } +} + +// ReadVal copy the underlying JSON into go interface, same as json.Unmarshal +func (iter *Iterator) ReadVal(obj interface{}) { + depth := iter.depth + cacheKey := reflect2.RTypeOf(obj) + decoder := iter.cfg.getDecoderFromCache(cacheKey) + if decoder == nil { + typ := reflect2.TypeOf(obj) + if typ.Kind() != reflect.Ptr { + iter.ReportError("ReadVal", "can only unmarshal into pointer") + return + } + decoder = iter.cfg.DecoderOf(typ) + } + ptr := reflect2.PtrOf(obj) + if ptr == nil { + iter.ReportError("ReadVal", "can not read into nil pointer") + return + } + decoder.Decode(ptr, iter) + if iter.depth != depth { + iter.ReportError("ReadVal", "unexpected mismatched nesting") + return + } +} + +// WriteVal copy the go interface into underlying JSON, same as json.Marshal +func (stream *Stream) WriteVal(val interface{}) { + if nil == val { + stream.WriteNil() + return + } + cacheKey := reflect2.RTypeOf(val) + encoder := stream.cfg.getEncoderFromCache(cacheKey) + if encoder == nil { + typ := reflect2.TypeOf(val) + encoder = stream.cfg.EncoderOf(typ) + } + encoder.Encode(reflect2.PtrOf(val), stream) +} + +func (cfg *frozenConfig) DecoderOf(typ reflect2.Type) ValDecoder { + cacheKey := typ.RType() + decoder := cfg.getDecoderFromCache(cacheKey) + if decoder != nil { + return decoder + } + ctx := &ctx{ + frozenConfig: cfg, + prefix: "", + decoders: map[reflect2.Type]ValDecoder{}, + encoders: map[reflect2.Type]ValEncoder{}, + } + ptrType := typ.(*reflect2.UnsafePtrType) + decoder = decoderOfType(ctx, ptrType.Elem()) + cfg.addDecoderToCache(cacheKey, decoder) + return decoder +} + +func decoderOfType(ctx *ctx, typ reflect2.Type) ValDecoder { + decoder := getTypeDecoderFromExtension(ctx, typ) + if decoder != nil { + return decoder + } + decoder = createDecoderOfType(ctx, typ) + for _, extension := range extensions { + decoder = extension.DecorateDecoder(typ, decoder) + } + decoder = ctx.decoderExtension.DecorateDecoder(typ, decoder) + for _, extension := range ctx.extraExtensions { + decoder = extension.DecorateDecoder(typ, decoder) + } + return decoder +} + +func createDecoderOfType(ctx *ctx, typ reflect2.Type) ValDecoder { + decoder := ctx.decoders[typ] + if decoder != nil { + return decoder + } + placeholder := &placeholderDecoder{} + ctx.decoders[typ] = placeholder + decoder = _createDecoderOfType(ctx, typ) + placeholder.decoder = decoder + return decoder +} + +func _createDecoderOfType(ctx *ctx, typ reflect2.Type) ValDecoder { + decoder := createDecoderOfJsonRawMessage(ctx, typ) + if decoder != nil { + return decoder + } + decoder = createDecoderOfJsonNumber(ctx, typ) + if decoder != nil { + return decoder + } + decoder = createDecoderOfMarshaler(ctx, typ) + if decoder != nil { + return decoder + } + decoder = createDecoderOfAny(ctx, typ) + if decoder != nil { + return decoder + } + decoder = createDecoderOfNative(ctx, typ) + if decoder != nil { + return decoder + } + switch typ.Kind() { + case reflect.Interface: + ifaceType, isIFace := typ.(*reflect2.UnsafeIFaceType) + if isIFace { + return &ifaceDecoder{valType: ifaceType} + } + return &efaceDecoder{} + case reflect.Struct: + return decoderOfStruct(ctx, typ) + case reflect.Array: + return decoderOfArray(ctx, typ) + case reflect.Slice: + return decoderOfSlice(ctx, typ) + case reflect.Map: + return decoderOfMap(ctx, typ) + case reflect.Ptr: + return decoderOfOptional(ctx, typ) + default: + return &lazyErrorDecoder{err: fmt.Errorf("%s%s is unsupported type", ctx.prefix, typ.String())} + } +} + +func (cfg *frozenConfig) EncoderOf(typ reflect2.Type) ValEncoder { + cacheKey := typ.RType() + encoder := cfg.getEncoderFromCache(cacheKey) + if encoder != nil { + return encoder + } + ctx := &ctx{ + frozenConfig: cfg, + prefix: "", + decoders: map[reflect2.Type]ValDecoder{}, + encoders: map[reflect2.Type]ValEncoder{}, + } + encoder = encoderOfType(ctx, typ) + if typ.LikePtr() { + encoder = &onePtrEncoder{encoder} + } + cfg.addEncoderToCache(cacheKey, encoder) + return encoder +} + +type onePtrEncoder struct { + encoder ValEncoder +} + +func (encoder *onePtrEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.encoder.IsEmpty(unsafe.Pointer(&ptr)) +} + +func (encoder *onePtrEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + encoder.encoder.Encode(unsafe.Pointer(&ptr), stream) +} + +func encoderOfType(ctx *ctx, typ reflect2.Type) ValEncoder { + encoder := getTypeEncoderFromExtension(ctx, typ) + if encoder != nil { + return encoder + } + encoder = createEncoderOfType(ctx, typ) + for _, extension := range extensions { + encoder = extension.DecorateEncoder(typ, encoder) + } + encoder = ctx.encoderExtension.DecorateEncoder(typ, encoder) + for _, extension := range ctx.extraExtensions { + encoder = extension.DecorateEncoder(typ, encoder) + } + return encoder +} + +func createEncoderOfType(ctx *ctx, typ reflect2.Type) ValEncoder { + encoder := ctx.encoders[typ] + if encoder != nil { + return encoder + } + placeholder := &placeholderEncoder{} + ctx.encoders[typ] = placeholder + encoder = _createEncoderOfType(ctx, typ) + placeholder.encoder = encoder + return encoder +} +func _createEncoderOfType(ctx *ctx, typ reflect2.Type) ValEncoder { + encoder := createEncoderOfJsonRawMessage(ctx, typ) + if encoder != nil { + return encoder + } + encoder = createEncoderOfJsonNumber(ctx, typ) + if encoder != nil { + return encoder + } + encoder = createEncoderOfMarshaler(ctx, typ) + if encoder != nil { + return encoder + } + encoder = createEncoderOfAny(ctx, typ) + if encoder != nil { + return encoder + } + encoder = createEncoderOfNative(ctx, typ) + if encoder != nil { + return encoder + } + kind := typ.Kind() + switch kind { + case reflect.Interface: + return &dynamicEncoder{typ} + case reflect.Struct: + return encoderOfStruct(ctx, typ) + case reflect.Array: + return encoderOfArray(ctx, typ) + case reflect.Slice: + return encoderOfSlice(ctx, typ) + case reflect.Map: + return encoderOfMap(ctx, typ) + case reflect.Ptr: + return encoderOfOptional(ctx, typ) + default: + return &lazyErrorEncoder{err: fmt.Errorf("%s%s is unsupported type", ctx.prefix, typ.String())} + } +} + +type lazyErrorDecoder struct { + err error +} + +func (decoder *lazyErrorDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if iter.WhatIsNext() != NilValue { + if iter.Error == nil { + iter.Error = decoder.err + } + } else { + iter.Skip() + } +} + +type lazyErrorEncoder struct { + err error +} + +func (encoder *lazyErrorEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if ptr == nil { + stream.WriteNil() + } else if stream.Error == nil { + stream.Error = encoder.err + } +} + +func (encoder *lazyErrorEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return false +} + +type placeholderDecoder struct { + decoder ValDecoder +} + +func (decoder *placeholderDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.decoder.Decode(ptr, iter) +} + +type placeholderEncoder struct { + encoder ValEncoder +} + +func (encoder *placeholderEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + encoder.encoder.Encode(ptr, stream) +} + +func (encoder *placeholderEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.encoder.IsEmpty(ptr) +} diff --git a/vendor/github.com/json-iterator/go/reflect_array.go b/vendor/github.com/json-iterator/go/reflect_array.go new file mode 100644 index 0000000000000..13a0b7b0878cb --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_array.go @@ -0,0 +1,104 @@ +package jsoniter + +import ( + "fmt" + "github.com/modern-go/reflect2" + "io" + "unsafe" +) + +func decoderOfArray(ctx *ctx, typ reflect2.Type) ValDecoder { + arrayType := typ.(*reflect2.UnsafeArrayType) + decoder := decoderOfType(ctx.append("[arrayElem]"), arrayType.Elem()) + return &arrayDecoder{arrayType, decoder} +} + +func encoderOfArray(ctx *ctx, typ reflect2.Type) ValEncoder { + arrayType := typ.(*reflect2.UnsafeArrayType) + if arrayType.Len() == 0 { + return emptyArrayEncoder{} + } + encoder := encoderOfType(ctx.append("[arrayElem]"), arrayType.Elem()) + return &arrayEncoder{arrayType, encoder} +} + +type emptyArrayEncoder struct{} + +func (encoder emptyArrayEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteEmptyArray() +} + +func (encoder emptyArrayEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return true +} + +type arrayEncoder struct { + arrayType *reflect2.UnsafeArrayType + elemEncoder ValEncoder +} + +func (encoder *arrayEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteArrayStart() + elemPtr := unsafe.Pointer(ptr) + encoder.elemEncoder.Encode(elemPtr, stream) + for i := 1; i < encoder.arrayType.Len(); i++ { + stream.WriteMore() + elemPtr = encoder.arrayType.UnsafeGetIndex(ptr, i) + encoder.elemEncoder.Encode(elemPtr, stream) + } + stream.WriteArrayEnd() + if stream.Error != nil && stream.Error != io.EOF { + stream.Error = fmt.Errorf("%v: %s", encoder.arrayType, stream.Error.Error()) + } +} + +func (encoder *arrayEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return false +} + +type arrayDecoder struct { + arrayType *reflect2.UnsafeArrayType + elemDecoder ValDecoder +} + +func (decoder *arrayDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.doDecode(ptr, iter) + if iter.Error != nil && iter.Error != io.EOF { + iter.Error = fmt.Errorf("%v: %s", decoder.arrayType, iter.Error.Error()) + } +} + +func (decoder *arrayDecoder) doDecode(ptr unsafe.Pointer, iter *Iterator) { + c := iter.nextToken() + arrayType := decoder.arrayType + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + return + } + if c != '[' { + iter.ReportError("decode array", "expect [ or n, but found "+string([]byte{c})) + return + } + c = iter.nextToken() + if c == ']' { + return + } + iter.unreadByte() + elemPtr := arrayType.UnsafeGetIndex(ptr, 0) + decoder.elemDecoder.Decode(elemPtr, iter) + length := 1 + for c = iter.nextToken(); c == ','; c = iter.nextToken() { + if length >= arrayType.Len() { + iter.Skip() + continue + } + idx := length + length += 1 + elemPtr = arrayType.UnsafeGetIndex(ptr, idx) + decoder.elemDecoder.Decode(elemPtr, iter) + } + if c != ']' { + iter.ReportError("decode array", "expect ], but found "+string([]byte{c})) + return + } +} diff --git a/vendor/github.com/json-iterator/go/reflect_dynamic.go b/vendor/github.com/json-iterator/go/reflect_dynamic.go new file mode 100644 index 0000000000000..8b6bc8b433286 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_dynamic.go @@ -0,0 +1,70 @@ +package jsoniter + +import ( + "github.com/modern-go/reflect2" + "reflect" + "unsafe" +) + +type dynamicEncoder struct { + valType reflect2.Type +} + +func (encoder *dynamicEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + obj := encoder.valType.UnsafeIndirect(ptr) + stream.WriteVal(obj) +} + +func (encoder *dynamicEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.valType.UnsafeIndirect(ptr) == nil +} + +type efaceDecoder struct { +} + +func (decoder *efaceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + pObj := (*interface{})(ptr) + obj := *pObj + if obj == nil { + *pObj = iter.Read() + return + } + typ := reflect2.TypeOf(obj) + if typ.Kind() != reflect.Ptr { + *pObj = iter.Read() + return + } + ptrType := typ.(*reflect2.UnsafePtrType) + ptrElemType := ptrType.Elem() + if iter.WhatIsNext() == NilValue { + if ptrElemType.Kind() != reflect.Ptr { + iter.skipFourBytes('n', 'u', 'l', 'l') + *pObj = nil + return + } + } + if reflect2.IsNil(obj) { + obj := ptrElemType.New() + iter.ReadVal(obj) + *pObj = obj + return + } + iter.ReadVal(obj) +} + +type ifaceDecoder struct { + valType *reflect2.UnsafeIFaceType +} + +func (decoder *ifaceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if iter.ReadNil() { + decoder.valType.UnsafeSet(ptr, decoder.valType.UnsafeNew()) + return + } + obj := decoder.valType.UnsafeIndirect(ptr) + if reflect2.IsNil(obj) { + iter.ReportError("decode non empty interface", "can not unmarshal into nil") + return + } + iter.ReadVal(obj) +} diff --git a/vendor/github.com/json-iterator/go/reflect_extension.go b/vendor/github.com/json-iterator/go/reflect_extension.go new file mode 100644 index 0000000000000..74a97bfe5abfb --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_extension.go @@ -0,0 +1,483 @@ +package jsoniter + +import ( + "fmt" + "github.com/modern-go/reflect2" + "reflect" + "sort" + "strings" + "unicode" + "unsafe" +) + +var typeDecoders = map[string]ValDecoder{} +var fieldDecoders = map[string]ValDecoder{} +var typeEncoders = map[string]ValEncoder{} +var fieldEncoders = map[string]ValEncoder{} +var extensions = []Extension{} + +// StructDescriptor describe how should we encode/decode the struct +type StructDescriptor struct { + Type reflect2.Type + Fields []*Binding +} + +// GetField get one field from the descriptor by its name. +// Can not use map here to keep field orders. +func (structDescriptor *StructDescriptor) GetField(fieldName string) *Binding { + for _, binding := range structDescriptor.Fields { + if binding.Field.Name() == fieldName { + return binding + } + } + return nil +} + +// Binding describe how should we encode/decode the struct field +type Binding struct { + levels []int + Field reflect2.StructField + FromNames []string + ToNames []string + Encoder ValEncoder + Decoder ValDecoder +} + +// Extension the one for all SPI. Customize encoding/decoding by specifying alternate encoder/decoder. +// Can also rename fields by UpdateStructDescriptor. +type Extension interface { + UpdateStructDescriptor(structDescriptor *StructDescriptor) + CreateMapKeyDecoder(typ reflect2.Type) ValDecoder + CreateMapKeyEncoder(typ reflect2.Type) ValEncoder + CreateDecoder(typ reflect2.Type) ValDecoder + CreateEncoder(typ reflect2.Type) ValEncoder + DecorateDecoder(typ reflect2.Type, decoder ValDecoder) ValDecoder + DecorateEncoder(typ reflect2.Type, encoder ValEncoder) ValEncoder +} + +// DummyExtension embed this type get dummy implementation for all methods of Extension +type DummyExtension struct { +} + +// UpdateStructDescriptor No-op +func (extension *DummyExtension) UpdateStructDescriptor(structDescriptor *StructDescriptor) { +} + +// CreateMapKeyDecoder No-op +func (extension *DummyExtension) CreateMapKeyDecoder(typ reflect2.Type) ValDecoder { + return nil +} + +// CreateMapKeyEncoder No-op +func (extension *DummyExtension) CreateMapKeyEncoder(typ reflect2.Type) ValEncoder { + return nil +} + +// CreateDecoder No-op +func (extension *DummyExtension) CreateDecoder(typ reflect2.Type) ValDecoder { + return nil +} + +// CreateEncoder No-op +func (extension *DummyExtension) CreateEncoder(typ reflect2.Type) ValEncoder { + return nil +} + +// DecorateDecoder No-op +func (extension *DummyExtension) DecorateDecoder(typ reflect2.Type, decoder ValDecoder) ValDecoder { + return decoder +} + +// DecorateEncoder No-op +func (extension *DummyExtension) DecorateEncoder(typ reflect2.Type, encoder ValEncoder) ValEncoder { + return encoder +} + +type EncoderExtension map[reflect2.Type]ValEncoder + +// UpdateStructDescriptor No-op +func (extension EncoderExtension) UpdateStructDescriptor(structDescriptor *StructDescriptor) { +} + +// CreateDecoder No-op +func (extension EncoderExtension) CreateDecoder(typ reflect2.Type) ValDecoder { + return nil +} + +// CreateEncoder get encoder from map +func (extension EncoderExtension) CreateEncoder(typ reflect2.Type) ValEncoder { + return extension[typ] +} + +// CreateMapKeyDecoder No-op +func (extension EncoderExtension) CreateMapKeyDecoder(typ reflect2.Type) ValDecoder { + return nil +} + +// CreateMapKeyEncoder No-op +func (extension EncoderExtension) CreateMapKeyEncoder(typ reflect2.Type) ValEncoder { + return nil +} + +// DecorateDecoder No-op +func (extension EncoderExtension) DecorateDecoder(typ reflect2.Type, decoder ValDecoder) ValDecoder { + return decoder +} + +// DecorateEncoder No-op +func (extension EncoderExtension) DecorateEncoder(typ reflect2.Type, encoder ValEncoder) ValEncoder { + return encoder +} + +type DecoderExtension map[reflect2.Type]ValDecoder + +// UpdateStructDescriptor No-op +func (extension DecoderExtension) UpdateStructDescriptor(structDescriptor *StructDescriptor) { +} + +// CreateMapKeyDecoder No-op +func (extension DecoderExtension) CreateMapKeyDecoder(typ reflect2.Type) ValDecoder { + return nil +} + +// CreateMapKeyEncoder No-op +func (extension DecoderExtension) CreateMapKeyEncoder(typ reflect2.Type) ValEncoder { + return nil +} + +// CreateDecoder get decoder from map +func (extension DecoderExtension) CreateDecoder(typ reflect2.Type) ValDecoder { + return extension[typ] +} + +// CreateEncoder No-op +func (extension DecoderExtension) CreateEncoder(typ reflect2.Type) ValEncoder { + return nil +} + +// DecorateDecoder No-op +func (extension DecoderExtension) DecorateDecoder(typ reflect2.Type, decoder ValDecoder) ValDecoder { + return decoder +} + +// DecorateEncoder No-op +func (extension DecoderExtension) DecorateEncoder(typ reflect2.Type, encoder ValEncoder) ValEncoder { + return encoder +} + +type funcDecoder struct { + fun DecoderFunc +} + +func (decoder *funcDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.fun(ptr, iter) +} + +type funcEncoder struct { + fun EncoderFunc + isEmptyFunc func(ptr unsafe.Pointer) bool +} + +func (encoder *funcEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + encoder.fun(ptr, stream) +} + +func (encoder *funcEncoder) IsEmpty(ptr unsafe.Pointer) bool { + if encoder.isEmptyFunc == nil { + return false + } + return encoder.isEmptyFunc(ptr) +} + +// DecoderFunc the function form of TypeDecoder +type DecoderFunc func(ptr unsafe.Pointer, iter *Iterator) + +// EncoderFunc the function form of TypeEncoder +type EncoderFunc func(ptr unsafe.Pointer, stream *Stream) + +// RegisterTypeDecoderFunc register TypeDecoder for a type with function +func RegisterTypeDecoderFunc(typ string, fun DecoderFunc) { + typeDecoders[typ] = &funcDecoder{fun} +} + +// RegisterTypeDecoder register TypeDecoder for a typ +func RegisterTypeDecoder(typ string, decoder ValDecoder) { + typeDecoders[typ] = decoder +} + +// RegisterFieldDecoderFunc register TypeDecoder for a struct field with function +func RegisterFieldDecoderFunc(typ string, field string, fun DecoderFunc) { + RegisterFieldDecoder(typ, field, &funcDecoder{fun}) +} + +// RegisterFieldDecoder register TypeDecoder for a struct field +func RegisterFieldDecoder(typ string, field string, decoder ValDecoder) { + fieldDecoders[fmt.Sprintf("%s/%s", typ, field)] = decoder +} + +// RegisterTypeEncoderFunc register TypeEncoder for a type with encode/isEmpty function +func RegisterTypeEncoderFunc(typ string, fun EncoderFunc, isEmptyFunc func(unsafe.Pointer) bool) { + typeEncoders[typ] = &funcEncoder{fun, isEmptyFunc} +} + +// RegisterTypeEncoder register TypeEncoder for a type +func RegisterTypeEncoder(typ string, encoder ValEncoder) { + typeEncoders[typ] = encoder +} + +// RegisterFieldEncoderFunc register TypeEncoder for a struct field with encode/isEmpty function +func RegisterFieldEncoderFunc(typ string, field string, fun EncoderFunc, isEmptyFunc func(unsafe.Pointer) bool) { + RegisterFieldEncoder(typ, field, &funcEncoder{fun, isEmptyFunc}) +} + +// RegisterFieldEncoder register TypeEncoder for a struct field +func RegisterFieldEncoder(typ string, field string, encoder ValEncoder) { + fieldEncoders[fmt.Sprintf("%s/%s", typ, field)] = encoder +} + +// RegisterExtension register extension +func RegisterExtension(extension Extension) { + extensions = append(extensions, extension) +} + +func getTypeDecoderFromExtension(ctx *ctx, typ reflect2.Type) ValDecoder { + decoder := _getTypeDecoderFromExtension(ctx, typ) + if decoder != nil { + for _, extension := range extensions { + decoder = extension.DecorateDecoder(typ, decoder) + } + decoder = ctx.decoderExtension.DecorateDecoder(typ, decoder) + for _, extension := range ctx.extraExtensions { + decoder = extension.DecorateDecoder(typ, decoder) + } + } + return decoder +} +func _getTypeDecoderFromExtension(ctx *ctx, typ reflect2.Type) ValDecoder { + for _, extension := range extensions { + decoder := extension.CreateDecoder(typ) + if decoder != nil { + return decoder + } + } + decoder := ctx.decoderExtension.CreateDecoder(typ) + if decoder != nil { + return decoder + } + for _, extension := range ctx.extraExtensions { + decoder := extension.CreateDecoder(typ) + if decoder != nil { + return decoder + } + } + typeName := typ.String() + decoder = typeDecoders[typeName] + if decoder != nil { + return decoder + } + if typ.Kind() == reflect.Ptr { + ptrType := typ.(*reflect2.UnsafePtrType) + decoder := typeDecoders[ptrType.Elem().String()] + if decoder != nil { + return &OptionalDecoder{ptrType.Elem(), decoder} + } + } + return nil +} + +func getTypeEncoderFromExtension(ctx *ctx, typ reflect2.Type) ValEncoder { + encoder := _getTypeEncoderFromExtension(ctx, typ) + if encoder != nil { + for _, extension := range extensions { + encoder = extension.DecorateEncoder(typ, encoder) + } + encoder = ctx.encoderExtension.DecorateEncoder(typ, encoder) + for _, extension := range ctx.extraExtensions { + encoder = extension.DecorateEncoder(typ, encoder) + } + } + return encoder +} + +func _getTypeEncoderFromExtension(ctx *ctx, typ reflect2.Type) ValEncoder { + for _, extension := range extensions { + encoder := extension.CreateEncoder(typ) + if encoder != nil { + return encoder + } + } + encoder := ctx.encoderExtension.CreateEncoder(typ) + if encoder != nil { + return encoder + } + for _, extension := range ctx.extraExtensions { + encoder := extension.CreateEncoder(typ) + if encoder != nil { + return encoder + } + } + typeName := typ.String() + encoder = typeEncoders[typeName] + if encoder != nil { + return encoder + } + if typ.Kind() == reflect.Ptr { + typePtr := typ.(*reflect2.UnsafePtrType) + encoder := typeEncoders[typePtr.Elem().String()] + if encoder != nil { + return &OptionalEncoder{encoder} + } + } + return nil +} + +func describeStruct(ctx *ctx, typ reflect2.Type) *StructDescriptor { + structType := typ.(*reflect2.UnsafeStructType) + embeddedBindings := []*Binding{} + bindings := []*Binding{} + for i := 0; i < structType.NumField(); i++ { + field := structType.Field(i) + tag, hastag := field.Tag().Lookup(ctx.getTagKey()) + if ctx.onlyTaggedField && !hastag && !field.Anonymous() { + continue + } + if tag == "-" || field.Name() == "_" { + continue + } + tagParts := strings.Split(tag, ",") + if field.Anonymous() && (tag == "" || tagParts[0] == "") { + if field.Type().Kind() == reflect.Struct { + structDescriptor := describeStruct(ctx, field.Type()) + for _, binding := range structDescriptor.Fields { + binding.levels = append([]int{i}, binding.levels...) + omitempty := binding.Encoder.(*structFieldEncoder).omitempty + binding.Encoder = &structFieldEncoder{field, binding.Encoder, omitempty} + binding.Decoder = &structFieldDecoder{field, binding.Decoder} + embeddedBindings = append(embeddedBindings, binding) + } + continue + } else if field.Type().Kind() == reflect.Ptr { + ptrType := field.Type().(*reflect2.UnsafePtrType) + if ptrType.Elem().Kind() == reflect.Struct { + structDescriptor := describeStruct(ctx, ptrType.Elem()) + for _, binding := range structDescriptor.Fields { + binding.levels = append([]int{i}, binding.levels...) + omitempty := binding.Encoder.(*structFieldEncoder).omitempty + binding.Encoder = &dereferenceEncoder{binding.Encoder} + binding.Encoder = &structFieldEncoder{field, binding.Encoder, omitempty} + binding.Decoder = &dereferenceDecoder{ptrType.Elem(), binding.Decoder} + binding.Decoder = &structFieldDecoder{field, binding.Decoder} + embeddedBindings = append(embeddedBindings, binding) + } + continue + } + } + } + fieldNames := calcFieldNames(field.Name(), tagParts[0], tag) + fieldCacheKey := fmt.Sprintf("%s/%s", typ.String(), field.Name()) + decoder := fieldDecoders[fieldCacheKey] + if decoder == nil { + decoder = decoderOfType(ctx.append(field.Name()), field.Type()) + } + encoder := fieldEncoders[fieldCacheKey] + if encoder == nil { + encoder = encoderOfType(ctx.append(field.Name()), field.Type()) + } + binding := &Binding{ + Field: field, + FromNames: fieldNames, + ToNames: fieldNames, + Decoder: decoder, + Encoder: encoder, + } + binding.levels = []int{i} + bindings = append(bindings, binding) + } + return createStructDescriptor(ctx, typ, bindings, embeddedBindings) +} +func createStructDescriptor(ctx *ctx, typ reflect2.Type, bindings []*Binding, embeddedBindings []*Binding) *StructDescriptor { + structDescriptor := &StructDescriptor{ + Type: typ, + Fields: bindings, + } + for _, extension := range extensions { + extension.UpdateStructDescriptor(structDescriptor) + } + ctx.encoderExtension.UpdateStructDescriptor(structDescriptor) + ctx.decoderExtension.UpdateStructDescriptor(structDescriptor) + for _, extension := range ctx.extraExtensions { + extension.UpdateStructDescriptor(structDescriptor) + } + processTags(structDescriptor, ctx.frozenConfig) + // merge normal & embedded bindings & sort with original order + allBindings := sortableBindings(append(embeddedBindings, structDescriptor.Fields...)) + sort.Sort(allBindings) + structDescriptor.Fields = allBindings + return structDescriptor +} + +type sortableBindings []*Binding + +func (bindings sortableBindings) Len() int { + return len(bindings) +} + +func (bindings sortableBindings) Less(i, j int) bool { + left := bindings[i].levels + right := bindings[j].levels + k := 0 + for { + if left[k] < right[k] { + return true + } else if left[k] > right[k] { + return false + } + k++ + } +} + +func (bindings sortableBindings) Swap(i, j int) { + bindings[i], bindings[j] = bindings[j], bindings[i] +} + +func processTags(structDescriptor *StructDescriptor, cfg *frozenConfig) { + for _, binding := range structDescriptor.Fields { + shouldOmitEmpty := false + tagParts := strings.Split(binding.Field.Tag().Get(cfg.getTagKey()), ",") + for _, tagPart := range tagParts[1:] { + if tagPart == "omitempty" { + shouldOmitEmpty = true + } else if tagPart == "string" { + if binding.Field.Type().Kind() == reflect.String { + binding.Decoder = &stringModeStringDecoder{binding.Decoder, cfg} + binding.Encoder = &stringModeStringEncoder{binding.Encoder, cfg} + } else { + binding.Decoder = &stringModeNumberDecoder{binding.Decoder} + binding.Encoder = &stringModeNumberEncoder{binding.Encoder} + } + } + } + binding.Decoder = &structFieldDecoder{binding.Field, binding.Decoder} + binding.Encoder = &structFieldEncoder{binding.Field, binding.Encoder, shouldOmitEmpty} + } +} + +func calcFieldNames(originalFieldName string, tagProvidedFieldName string, wholeTag string) []string { + // ignore? + if wholeTag == "-" { + return []string{} + } + // rename? + var fieldNames []string + if tagProvidedFieldName == "" { + fieldNames = []string{originalFieldName} + } else { + fieldNames = []string{tagProvidedFieldName} + } + // private? + isNotExported := unicode.IsLower(rune(originalFieldName[0])) || originalFieldName[0] == '_' + if isNotExported { + fieldNames = []string{} + } + return fieldNames +} diff --git a/vendor/github.com/json-iterator/go/reflect_json_number.go b/vendor/github.com/json-iterator/go/reflect_json_number.go new file mode 100644 index 0000000000000..98d45c1ec2550 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_json_number.go @@ -0,0 +1,112 @@ +package jsoniter + +import ( + "encoding/json" + "github.com/modern-go/reflect2" + "strconv" + "unsafe" +) + +type Number string + +// String returns the literal text of the number. +func (n Number) String() string { return string(n) } + +// Float64 returns the number as a float64. +func (n Number) Float64() (float64, error) { + return strconv.ParseFloat(string(n), 64) +} + +// Int64 returns the number as an int64. +func (n Number) Int64() (int64, error) { + return strconv.ParseInt(string(n), 10, 64) +} + +func CastJsonNumber(val interface{}) (string, bool) { + switch typedVal := val.(type) { + case json.Number: + return string(typedVal), true + case Number: + return string(typedVal), true + } + return "", false +} + +var jsonNumberType = reflect2.TypeOfPtr((*json.Number)(nil)).Elem() +var jsoniterNumberType = reflect2.TypeOfPtr((*Number)(nil)).Elem() + +func createDecoderOfJsonNumber(ctx *ctx, typ reflect2.Type) ValDecoder { + if typ.AssignableTo(jsonNumberType) { + return &jsonNumberCodec{} + } + if typ.AssignableTo(jsoniterNumberType) { + return &jsoniterNumberCodec{} + } + return nil +} + +func createEncoderOfJsonNumber(ctx *ctx, typ reflect2.Type) ValEncoder { + if typ.AssignableTo(jsonNumberType) { + return &jsonNumberCodec{} + } + if typ.AssignableTo(jsoniterNumberType) { + return &jsoniterNumberCodec{} + } + return nil +} + +type jsonNumberCodec struct { +} + +func (codec *jsonNumberCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + switch iter.WhatIsNext() { + case StringValue: + *((*json.Number)(ptr)) = json.Number(iter.ReadString()) + case NilValue: + iter.skipFourBytes('n', 'u', 'l', 'l') + *((*json.Number)(ptr)) = "" + default: + *((*json.Number)(ptr)) = json.Number([]byte(iter.readNumberAsString())) + } +} + +func (codec *jsonNumberCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + number := *((*json.Number)(ptr)) + if len(number) == 0 { + stream.writeByte('0') + } else { + stream.WriteRaw(string(number)) + } +} + +func (codec *jsonNumberCodec) IsEmpty(ptr unsafe.Pointer) bool { + return len(*((*json.Number)(ptr))) == 0 +} + +type jsoniterNumberCodec struct { +} + +func (codec *jsoniterNumberCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + switch iter.WhatIsNext() { + case StringValue: + *((*Number)(ptr)) = Number(iter.ReadString()) + case NilValue: + iter.skipFourBytes('n', 'u', 'l', 'l') + *((*Number)(ptr)) = "" + default: + *((*Number)(ptr)) = Number([]byte(iter.readNumberAsString())) + } +} + +func (codec *jsoniterNumberCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + number := *((*Number)(ptr)) + if len(number) == 0 { + stream.writeByte('0') + } else { + stream.WriteRaw(string(number)) + } +} + +func (codec *jsoniterNumberCodec) IsEmpty(ptr unsafe.Pointer) bool { + return len(*((*Number)(ptr))) == 0 +} diff --git a/vendor/github.com/json-iterator/go/reflect_json_raw_message.go b/vendor/github.com/json-iterator/go/reflect_json_raw_message.go new file mode 100644 index 0000000000000..f2619936c88fd --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_json_raw_message.go @@ -0,0 +1,60 @@ +package jsoniter + +import ( + "encoding/json" + "github.com/modern-go/reflect2" + "unsafe" +) + +var jsonRawMessageType = reflect2.TypeOfPtr((*json.RawMessage)(nil)).Elem() +var jsoniterRawMessageType = reflect2.TypeOfPtr((*RawMessage)(nil)).Elem() + +func createEncoderOfJsonRawMessage(ctx *ctx, typ reflect2.Type) ValEncoder { + if typ == jsonRawMessageType { + return &jsonRawMessageCodec{} + } + if typ == jsoniterRawMessageType { + return &jsoniterRawMessageCodec{} + } + return nil +} + +func createDecoderOfJsonRawMessage(ctx *ctx, typ reflect2.Type) ValDecoder { + if typ == jsonRawMessageType { + return &jsonRawMessageCodec{} + } + if typ == jsoniterRawMessageType { + return &jsoniterRawMessageCodec{} + } + return nil +} + +type jsonRawMessageCodec struct { +} + +func (codec *jsonRawMessageCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + *((*json.RawMessage)(ptr)) = json.RawMessage(iter.SkipAndReturnBytes()) +} + +func (codec *jsonRawMessageCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteRaw(string(*((*json.RawMessage)(ptr)))) +} + +func (codec *jsonRawMessageCodec) IsEmpty(ptr unsafe.Pointer) bool { + return len(*((*json.RawMessage)(ptr))) == 0 +} + +type jsoniterRawMessageCodec struct { +} + +func (codec *jsoniterRawMessageCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + *((*RawMessage)(ptr)) = RawMessage(iter.SkipAndReturnBytes()) +} + +func (codec *jsoniterRawMessageCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteRaw(string(*((*RawMessage)(ptr)))) +} + +func (codec *jsoniterRawMessageCodec) IsEmpty(ptr unsafe.Pointer) bool { + return len(*((*RawMessage)(ptr))) == 0 +} diff --git a/vendor/github.com/json-iterator/go/reflect_map.go b/vendor/github.com/json-iterator/go/reflect_map.go new file mode 100644 index 0000000000000..5829671301353 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_map.go @@ -0,0 +1,346 @@ +package jsoniter + +import ( + "fmt" + "github.com/modern-go/reflect2" + "io" + "reflect" + "sort" + "unsafe" +) + +func decoderOfMap(ctx *ctx, typ reflect2.Type) ValDecoder { + mapType := typ.(*reflect2.UnsafeMapType) + keyDecoder := decoderOfMapKey(ctx.append("[mapKey]"), mapType.Key()) + elemDecoder := decoderOfType(ctx.append("[mapElem]"), mapType.Elem()) + return &mapDecoder{ + mapType: mapType, + keyType: mapType.Key(), + elemType: mapType.Elem(), + keyDecoder: keyDecoder, + elemDecoder: elemDecoder, + } +} + +func encoderOfMap(ctx *ctx, typ reflect2.Type) ValEncoder { + mapType := typ.(*reflect2.UnsafeMapType) + if ctx.sortMapKeys { + return &sortKeysMapEncoder{ + mapType: mapType, + keyEncoder: encoderOfMapKey(ctx.append("[mapKey]"), mapType.Key()), + elemEncoder: encoderOfType(ctx.append("[mapElem]"), mapType.Elem()), + } + } + return &mapEncoder{ + mapType: mapType, + keyEncoder: encoderOfMapKey(ctx.append("[mapKey]"), mapType.Key()), + elemEncoder: encoderOfType(ctx.append("[mapElem]"), mapType.Elem()), + } +} + +func decoderOfMapKey(ctx *ctx, typ reflect2.Type) ValDecoder { + decoder := ctx.decoderExtension.CreateMapKeyDecoder(typ) + if decoder != nil { + return decoder + } + for _, extension := range ctx.extraExtensions { + decoder := extension.CreateMapKeyDecoder(typ) + if decoder != nil { + return decoder + } + } + + ptrType := reflect2.PtrTo(typ) + if ptrType.Implements(unmarshalerType) { + return &referenceDecoder{ + &unmarshalerDecoder{ + valType: ptrType, + }, + } + } + if typ.Implements(unmarshalerType) { + return &unmarshalerDecoder{ + valType: typ, + } + } + if ptrType.Implements(textUnmarshalerType) { + return &referenceDecoder{ + &textUnmarshalerDecoder{ + valType: ptrType, + }, + } + } + if typ.Implements(textUnmarshalerType) { + return &textUnmarshalerDecoder{ + valType: typ, + } + } + + switch typ.Kind() { + case reflect.String: + return decoderOfType(ctx, reflect2.DefaultTypeOfKind(reflect.String)) + case reflect.Bool, + reflect.Uint8, reflect.Int8, + reflect.Uint16, reflect.Int16, + reflect.Uint32, reflect.Int32, + reflect.Uint64, reflect.Int64, + reflect.Uint, reflect.Int, + reflect.Float32, reflect.Float64, + reflect.Uintptr: + typ = reflect2.DefaultTypeOfKind(typ.Kind()) + return &numericMapKeyDecoder{decoderOfType(ctx, typ)} + default: + return &lazyErrorDecoder{err: fmt.Errorf("unsupported map key type: %v", typ)} + } +} + +func encoderOfMapKey(ctx *ctx, typ reflect2.Type) ValEncoder { + encoder := ctx.encoderExtension.CreateMapKeyEncoder(typ) + if encoder != nil { + return encoder + } + for _, extension := range ctx.extraExtensions { + encoder := extension.CreateMapKeyEncoder(typ) + if encoder != nil { + return encoder + } + } + + if typ == textMarshalerType { + return &directTextMarshalerEncoder{ + stringEncoder: ctx.EncoderOf(reflect2.TypeOf("")), + } + } + if typ.Implements(textMarshalerType) { + return &textMarshalerEncoder{ + valType: typ, + stringEncoder: ctx.EncoderOf(reflect2.TypeOf("")), + } + } + + switch typ.Kind() { + case reflect.String: + return encoderOfType(ctx, reflect2.DefaultTypeOfKind(reflect.String)) + case reflect.Bool, + reflect.Uint8, reflect.Int8, + reflect.Uint16, reflect.Int16, + reflect.Uint32, reflect.Int32, + reflect.Uint64, reflect.Int64, + reflect.Uint, reflect.Int, + reflect.Float32, reflect.Float64, + reflect.Uintptr: + typ = reflect2.DefaultTypeOfKind(typ.Kind()) + return &numericMapKeyEncoder{encoderOfType(ctx, typ)} + default: + if typ.Kind() == reflect.Interface { + return &dynamicMapKeyEncoder{ctx, typ} + } + return &lazyErrorEncoder{err: fmt.Errorf("unsupported map key type: %v", typ)} + } +} + +type mapDecoder struct { + mapType *reflect2.UnsafeMapType + keyType reflect2.Type + elemType reflect2.Type + keyDecoder ValDecoder + elemDecoder ValDecoder +} + +func (decoder *mapDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + mapType := decoder.mapType + c := iter.nextToken() + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + *(*unsafe.Pointer)(ptr) = nil + mapType.UnsafeSet(ptr, mapType.UnsafeNew()) + return + } + if mapType.UnsafeIsNil(ptr) { + mapType.UnsafeSet(ptr, mapType.UnsafeMakeMap(0)) + } + if c != '{' { + iter.ReportError("ReadMapCB", `expect { or n, but found `+string([]byte{c})) + return + } + c = iter.nextToken() + if c == '}' { + return + } + iter.unreadByte() + key := decoder.keyType.UnsafeNew() + decoder.keyDecoder.Decode(key, iter) + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c})) + return + } + elem := decoder.elemType.UnsafeNew() + decoder.elemDecoder.Decode(elem, iter) + decoder.mapType.UnsafeSetIndex(ptr, key, elem) + for c = iter.nextToken(); c == ','; c = iter.nextToken() { + key := decoder.keyType.UnsafeNew() + decoder.keyDecoder.Decode(key, iter) + c = iter.nextToken() + if c != ':' { + iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c})) + return + } + elem := decoder.elemType.UnsafeNew() + decoder.elemDecoder.Decode(elem, iter) + decoder.mapType.UnsafeSetIndex(ptr, key, elem) + } + if c != '}' { + iter.ReportError("ReadMapCB", `expect }, but found `+string([]byte{c})) + } +} + +type numericMapKeyDecoder struct { + decoder ValDecoder +} + +func (decoder *numericMapKeyDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + c := iter.nextToken() + if c != '"' { + iter.ReportError("ReadMapCB", `expect ", but found `+string([]byte{c})) + return + } + decoder.decoder.Decode(ptr, iter) + c = iter.nextToken() + if c != '"' { + iter.ReportError("ReadMapCB", `expect ", but found `+string([]byte{c})) + return + } +} + +type numericMapKeyEncoder struct { + encoder ValEncoder +} + +func (encoder *numericMapKeyEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.writeByte('"') + encoder.encoder.Encode(ptr, stream) + stream.writeByte('"') +} + +func (encoder *numericMapKeyEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return false +} + +type dynamicMapKeyEncoder struct { + ctx *ctx + valType reflect2.Type +} + +func (encoder *dynamicMapKeyEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + obj := encoder.valType.UnsafeIndirect(ptr) + encoderOfMapKey(encoder.ctx, reflect2.TypeOf(obj)).Encode(reflect2.PtrOf(obj), stream) +} + +func (encoder *dynamicMapKeyEncoder) IsEmpty(ptr unsafe.Pointer) bool { + obj := encoder.valType.UnsafeIndirect(ptr) + return encoderOfMapKey(encoder.ctx, reflect2.TypeOf(obj)).IsEmpty(reflect2.PtrOf(obj)) +} + +type mapEncoder struct { + mapType *reflect2.UnsafeMapType + keyEncoder ValEncoder + elemEncoder ValEncoder +} + +func (encoder *mapEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if *(*unsafe.Pointer)(ptr) == nil { + stream.WriteNil() + return + } + stream.WriteObjectStart() + iter := encoder.mapType.UnsafeIterate(ptr) + for i := 0; iter.HasNext(); i++ { + if i != 0 { + stream.WriteMore() + } + key, elem := iter.UnsafeNext() + encoder.keyEncoder.Encode(key, stream) + if stream.indention > 0 { + stream.writeTwoBytes(byte(':'), byte(' ')) + } else { + stream.writeByte(':') + } + encoder.elemEncoder.Encode(elem, stream) + } + stream.WriteObjectEnd() +} + +func (encoder *mapEncoder) IsEmpty(ptr unsafe.Pointer) bool { + iter := encoder.mapType.UnsafeIterate(ptr) + return !iter.HasNext() +} + +type sortKeysMapEncoder struct { + mapType *reflect2.UnsafeMapType + keyEncoder ValEncoder + elemEncoder ValEncoder +} + +func (encoder *sortKeysMapEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if *(*unsafe.Pointer)(ptr) == nil { + stream.WriteNil() + return + } + stream.WriteObjectStart() + mapIter := encoder.mapType.UnsafeIterate(ptr) + subStream := stream.cfg.BorrowStream(nil) + subStream.Attachment = stream.Attachment + subIter := stream.cfg.BorrowIterator(nil) + keyValues := encodedKeyValues{} + for mapIter.HasNext() { + key, elem := mapIter.UnsafeNext() + subStreamIndex := subStream.Buffered() + encoder.keyEncoder.Encode(key, subStream) + if subStream.Error != nil && subStream.Error != io.EOF && stream.Error == nil { + stream.Error = subStream.Error + } + encodedKey := subStream.Buffer()[subStreamIndex:] + subIter.ResetBytes(encodedKey) + decodedKey := subIter.ReadString() + if stream.indention > 0 { + subStream.writeTwoBytes(byte(':'), byte(' ')) + } else { + subStream.writeByte(':') + } + encoder.elemEncoder.Encode(elem, subStream) + keyValues = append(keyValues, encodedKV{ + key: decodedKey, + keyValue: subStream.Buffer()[subStreamIndex:], + }) + } + sort.Sort(keyValues) + for i, keyValue := range keyValues { + if i != 0 { + stream.WriteMore() + } + stream.Write(keyValue.keyValue) + } + if subStream.Error != nil && stream.Error == nil { + stream.Error = subStream.Error + } + stream.WriteObjectEnd() + stream.cfg.ReturnStream(subStream) + stream.cfg.ReturnIterator(subIter) +} + +func (encoder *sortKeysMapEncoder) IsEmpty(ptr unsafe.Pointer) bool { + iter := encoder.mapType.UnsafeIterate(ptr) + return !iter.HasNext() +} + +type encodedKeyValues []encodedKV + +type encodedKV struct { + key string + keyValue []byte +} + +func (sv encodedKeyValues) Len() int { return len(sv) } +func (sv encodedKeyValues) Swap(i, j int) { sv[i], sv[j] = sv[j], sv[i] } +func (sv encodedKeyValues) Less(i, j int) bool { return sv[i].key < sv[j].key } diff --git a/vendor/github.com/json-iterator/go/reflect_marshaler.go b/vendor/github.com/json-iterator/go/reflect_marshaler.go new file mode 100644 index 0000000000000..3e21f3756717a --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_marshaler.go @@ -0,0 +1,225 @@ +package jsoniter + +import ( + "encoding" + "encoding/json" + "unsafe" + + "github.com/modern-go/reflect2" +) + +var marshalerType = reflect2.TypeOfPtr((*json.Marshaler)(nil)).Elem() +var unmarshalerType = reflect2.TypeOfPtr((*json.Unmarshaler)(nil)).Elem() +var textMarshalerType = reflect2.TypeOfPtr((*encoding.TextMarshaler)(nil)).Elem() +var textUnmarshalerType = reflect2.TypeOfPtr((*encoding.TextUnmarshaler)(nil)).Elem() + +func createDecoderOfMarshaler(ctx *ctx, typ reflect2.Type) ValDecoder { + ptrType := reflect2.PtrTo(typ) + if ptrType.Implements(unmarshalerType) { + return &referenceDecoder{ + &unmarshalerDecoder{ptrType}, + } + } + if ptrType.Implements(textUnmarshalerType) { + return &referenceDecoder{ + &textUnmarshalerDecoder{ptrType}, + } + } + return nil +} + +func createEncoderOfMarshaler(ctx *ctx, typ reflect2.Type) ValEncoder { + if typ == marshalerType { + checkIsEmpty := createCheckIsEmpty(ctx, typ) + var encoder ValEncoder = &directMarshalerEncoder{ + checkIsEmpty: checkIsEmpty, + } + return encoder + } + if typ.Implements(marshalerType) { + checkIsEmpty := createCheckIsEmpty(ctx, typ) + var encoder ValEncoder = &marshalerEncoder{ + valType: typ, + checkIsEmpty: checkIsEmpty, + } + return encoder + } + ptrType := reflect2.PtrTo(typ) + if ctx.prefix != "" && ptrType.Implements(marshalerType) { + checkIsEmpty := createCheckIsEmpty(ctx, ptrType) + var encoder ValEncoder = &marshalerEncoder{ + valType: ptrType, + checkIsEmpty: checkIsEmpty, + } + return &referenceEncoder{encoder} + } + if typ == textMarshalerType { + checkIsEmpty := createCheckIsEmpty(ctx, typ) + var encoder ValEncoder = &directTextMarshalerEncoder{ + checkIsEmpty: checkIsEmpty, + stringEncoder: ctx.EncoderOf(reflect2.TypeOf("")), + } + return encoder + } + if typ.Implements(textMarshalerType) { + checkIsEmpty := createCheckIsEmpty(ctx, typ) + var encoder ValEncoder = &textMarshalerEncoder{ + valType: typ, + stringEncoder: ctx.EncoderOf(reflect2.TypeOf("")), + checkIsEmpty: checkIsEmpty, + } + return encoder + } + // if prefix is empty, the type is the root type + if ctx.prefix != "" && ptrType.Implements(textMarshalerType) { + checkIsEmpty := createCheckIsEmpty(ctx, ptrType) + var encoder ValEncoder = &textMarshalerEncoder{ + valType: ptrType, + stringEncoder: ctx.EncoderOf(reflect2.TypeOf("")), + checkIsEmpty: checkIsEmpty, + } + return &referenceEncoder{encoder} + } + return nil +} + +type marshalerEncoder struct { + checkIsEmpty checkIsEmpty + valType reflect2.Type +} + +func (encoder *marshalerEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + obj := encoder.valType.UnsafeIndirect(ptr) + if encoder.valType.IsNullable() && reflect2.IsNil(obj) { + stream.WriteNil() + return + } + marshaler := obj.(json.Marshaler) + bytes, err := marshaler.MarshalJSON() + if err != nil { + stream.Error = err + } else { + // html escape was already done by jsoniter + // but the extra '\n' should be trimed + l := len(bytes) + if l > 0 && bytes[l-1] == '\n' { + bytes = bytes[:l-1] + } + stream.Write(bytes) + } +} + +func (encoder *marshalerEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.checkIsEmpty.IsEmpty(ptr) +} + +type directMarshalerEncoder struct { + checkIsEmpty checkIsEmpty +} + +func (encoder *directMarshalerEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + marshaler := *(*json.Marshaler)(ptr) + if marshaler == nil { + stream.WriteNil() + return + } + bytes, err := marshaler.MarshalJSON() + if err != nil { + stream.Error = err + } else { + stream.Write(bytes) + } +} + +func (encoder *directMarshalerEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.checkIsEmpty.IsEmpty(ptr) +} + +type textMarshalerEncoder struct { + valType reflect2.Type + stringEncoder ValEncoder + checkIsEmpty checkIsEmpty +} + +func (encoder *textMarshalerEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + obj := encoder.valType.UnsafeIndirect(ptr) + if encoder.valType.IsNullable() && reflect2.IsNil(obj) { + stream.WriteNil() + return + } + marshaler := (obj).(encoding.TextMarshaler) + bytes, err := marshaler.MarshalText() + if err != nil { + stream.Error = err + } else { + str := string(bytes) + encoder.stringEncoder.Encode(unsafe.Pointer(&str), stream) + } +} + +func (encoder *textMarshalerEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.checkIsEmpty.IsEmpty(ptr) +} + +type directTextMarshalerEncoder struct { + stringEncoder ValEncoder + checkIsEmpty checkIsEmpty +} + +func (encoder *directTextMarshalerEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + marshaler := *(*encoding.TextMarshaler)(ptr) + if marshaler == nil { + stream.WriteNil() + return + } + bytes, err := marshaler.MarshalText() + if err != nil { + stream.Error = err + } else { + str := string(bytes) + encoder.stringEncoder.Encode(unsafe.Pointer(&str), stream) + } +} + +func (encoder *directTextMarshalerEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.checkIsEmpty.IsEmpty(ptr) +} + +type unmarshalerDecoder struct { + valType reflect2.Type +} + +func (decoder *unmarshalerDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + valType := decoder.valType + obj := valType.UnsafeIndirect(ptr) + unmarshaler := obj.(json.Unmarshaler) + iter.nextToken() + iter.unreadByte() // skip spaces + bytes := iter.SkipAndReturnBytes() + err := unmarshaler.UnmarshalJSON(bytes) + if err != nil { + iter.ReportError("unmarshalerDecoder", err.Error()) + } +} + +type textUnmarshalerDecoder struct { + valType reflect2.Type +} + +func (decoder *textUnmarshalerDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + valType := decoder.valType + obj := valType.UnsafeIndirect(ptr) + if reflect2.IsNil(obj) { + ptrType := valType.(*reflect2.UnsafePtrType) + elemType := ptrType.Elem() + elem := elemType.UnsafeNew() + ptrType.UnsafeSet(ptr, unsafe.Pointer(&elem)) + obj = valType.UnsafeIndirect(ptr) + } + unmarshaler := (obj).(encoding.TextUnmarshaler) + str := iter.ReadString() + err := unmarshaler.UnmarshalText([]byte(str)) + if err != nil { + iter.ReportError("textUnmarshalerDecoder", err.Error()) + } +} diff --git a/vendor/github.com/json-iterator/go/reflect_native.go b/vendor/github.com/json-iterator/go/reflect_native.go new file mode 100644 index 0000000000000..f88722d14d198 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_native.go @@ -0,0 +1,453 @@ +package jsoniter + +import ( + "encoding/base64" + "reflect" + "strconv" + "unsafe" + + "github.com/modern-go/reflect2" +) + +const ptrSize = 32 << uintptr(^uintptr(0)>>63) + +func createEncoderOfNative(ctx *ctx, typ reflect2.Type) ValEncoder { + if typ.Kind() == reflect.Slice && typ.(reflect2.SliceType).Elem().Kind() == reflect.Uint8 { + sliceDecoder := decoderOfSlice(ctx, typ) + return &base64Codec{sliceDecoder: sliceDecoder} + } + typeName := typ.String() + kind := typ.Kind() + switch kind { + case reflect.String: + if typeName != "string" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*string)(nil)).Elem()) + } + return &stringCodec{} + case reflect.Int: + if typeName != "int" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*int)(nil)).Elem()) + } + if strconv.IntSize == 32 { + return &int32Codec{} + } + return &int64Codec{} + case reflect.Int8: + if typeName != "int8" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*int8)(nil)).Elem()) + } + return &int8Codec{} + case reflect.Int16: + if typeName != "int16" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*int16)(nil)).Elem()) + } + return &int16Codec{} + case reflect.Int32: + if typeName != "int32" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*int32)(nil)).Elem()) + } + return &int32Codec{} + case reflect.Int64: + if typeName != "int64" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*int64)(nil)).Elem()) + } + return &int64Codec{} + case reflect.Uint: + if typeName != "uint" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uint)(nil)).Elem()) + } + if strconv.IntSize == 32 { + return &uint32Codec{} + } + return &uint64Codec{} + case reflect.Uint8: + if typeName != "uint8" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uint8)(nil)).Elem()) + } + return &uint8Codec{} + case reflect.Uint16: + if typeName != "uint16" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uint16)(nil)).Elem()) + } + return &uint16Codec{} + case reflect.Uint32: + if typeName != "uint32" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uint32)(nil)).Elem()) + } + return &uint32Codec{} + case reflect.Uintptr: + if typeName != "uintptr" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uintptr)(nil)).Elem()) + } + if ptrSize == 32 { + return &uint32Codec{} + } + return &uint64Codec{} + case reflect.Uint64: + if typeName != "uint64" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*uint64)(nil)).Elem()) + } + return &uint64Codec{} + case reflect.Float32: + if typeName != "float32" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*float32)(nil)).Elem()) + } + return &float32Codec{} + case reflect.Float64: + if typeName != "float64" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*float64)(nil)).Elem()) + } + return &float64Codec{} + case reflect.Bool: + if typeName != "bool" { + return encoderOfType(ctx, reflect2.TypeOfPtr((*bool)(nil)).Elem()) + } + return &boolCodec{} + } + return nil +} + +func createDecoderOfNative(ctx *ctx, typ reflect2.Type) ValDecoder { + if typ.Kind() == reflect.Slice && typ.(reflect2.SliceType).Elem().Kind() == reflect.Uint8 { + sliceDecoder := decoderOfSlice(ctx, typ) + return &base64Codec{sliceDecoder: sliceDecoder} + } + typeName := typ.String() + switch typ.Kind() { + case reflect.String: + if typeName != "string" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*string)(nil)).Elem()) + } + return &stringCodec{} + case reflect.Int: + if typeName != "int" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*int)(nil)).Elem()) + } + if strconv.IntSize == 32 { + return &int32Codec{} + } + return &int64Codec{} + case reflect.Int8: + if typeName != "int8" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*int8)(nil)).Elem()) + } + return &int8Codec{} + case reflect.Int16: + if typeName != "int16" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*int16)(nil)).Elem()) + } + return &int16Codec{} + case reflect.Int32: + if typeName != "int32" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*int32)(nil)).Elem()) + } + return &int32Codec{} + case reflect.Int64: + if typeName != "int64" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*int64)(nil)).Elem()) + } + return &int64Codec{} + case reflect.Uint: + if typeName != "uint" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uint)(nil)).Elem()) + } + if strconv.IntSize == 32 { + return &uint32Codec{} + } + return &uint64Codec{} + case reflect.Uint8: + if typeName != "uint8" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uint8)(nil)).Elem()) + } + return &uint8Codec{} + case reflect.Uint16: + if typeName != "uint16" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uint16)(nil)).Elem()) + } + return &uint16Codec{} + case reflect.Uint32: + if typeName != "uint32" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uint32)(nil)).Elem()) + } + return &uint32Codec{} + case reflect.Uintptr: + if typeName != "uintptr" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uintptr)(nil)).Elem()) + } + if ptrSize == 32 { + return &uint32Codec{} + } + return &uint64Codec{} + case reflect.Uint64: + if typeName != "uint64" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*uint64)(nil)).Elem()) + } + return &uint64Codec{} + case reflect.Float32: + if typeName != "float32" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*float32)(nil)).Elem()) + } + return &float32Codec{} + case reflect.Float64: + if typeName != "float64" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*float64)(nil)).Elem()) + } + return &float64Codec{} + case reflect.Bool: + if typeName != "bool" { + return decoderOfType(ctx, reflect2.TypeOfPtr((*bool)(nil)).Elem()) + } + return &boolCodec{} + } + return nil +} + +type stringCodec struct { +} + +func (codec *stringCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + *((*string)(ptr)) = iter.ReadString() +} + +func (codec *stringCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + str := *((*string)(ptr)) + stream.WriteString(str) +} + +func (codec *stringCodec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*string)(ptr)) == "" +} + +type int8Codec struct { +} + +func (codec *int8Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*int8)(ptr)) = iter.ReadInt8() + } +} + +func (codec *int8Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteInt8(*((*int8)(ptr))) +} + +func (codec *int8Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*int8)(ptr)) == 0 +} + +type int16Codec struct { +} + +func (codec *int16Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*int16)(ptr)) = iter.ReadInt16() + } +} + +func (codec *int16Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteInt16(*((*int16)(ptr))) +} + +func (codec *int16Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*int16)(ptr)) == 0 +} + +type int32Codec struct { +} + +func (codec *int32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*int32)(ptr)) = iter.ReadInt32() + } +} + +func (codec *int32Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteInt32(*((*int32)(ptr))) +} + +func (codec *int32Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*int32)(ptr)) == 0 +} + +type int64Codec struct { +} + +func (codec *int64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*int64)(ptr)) = iter.ReadInt64() + } +} + +func (codec *int64Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteInt64(*((*int64)(ptr))) +} + +func (codec *int64Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*int64)(ptr)) == 0 +} + +type uint8Codec struct { +} + +func (codec *uint8Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*uint8)(ptr)) = iter.ReadUint8() + } +} + +func (codec *uint8Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteUint8(*((*uint8)(ptr))) +} + +func (codec *uint8Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*uint8)(ptr)) == 0 +} + +type uint16Codec struct { +} + +func (codec *uint16Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*uint16)(ptr)) = iter.ReadUint16() + } +} + +func (codec *uint16Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteUint16(*((*uint16)(ptr))) +} + +func (codec *uint16Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*uint16)(ptr)) == 0 +} + +type uint32Codec struct { +} + +func (codec *uint32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*uint32)(ptr)) = iter.ReadUint32() + } +} + +func (codec *uint32Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteUint32(*((*uint32)(ptr))) +} + +func (codec *uint32Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*uint32)(ptr)) == 0 +} + +type uint64Codec struct { +} + +func (codec *uint64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*uint64)(ptr)) = iter.ReadUint64() + } +} + +func (codec *uint64Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteUint64(*((*uint64)(ptr))) +} + +func (codec *uint64Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*uint64)(ptr)) == 0 +} + +type float32Codec struct { +} + +func (codec *float32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*float32)(ptr)) = iter.ReadFloat32() + } +} + +func (codec *float32Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteFloat32(*((*float32)(ptr))) +} + +func (codec *float32Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*float32)(ptr)) == 0 +} + +type float64Codec struct { +} + +func (codec *float64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*float64)(ptr)) = iter.ReadFloat64() + } +} + +func (codec *float64Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteFloat64(*((*float64)(ptr))) +} + +func (codec *float64Codec) IsEmpty(ptr unsafe.Pointer) bool { + return *((*float64)(ptr)) == 0 +} + +type boolCodec struct { +} + +func (codec *boolCodec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.ReadNil() { + *((*bool)(ptr)) = iter.ReadBool() + } +} + +func (codec *boolCodec) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteBool(*((*bool)(ptr))) +} + +func (codec *boolCodec) IsEmpty(ptr unsafe.Pointer) bool { + return !(*((*bool)(ptr))) +} + +type base64Codec struct { + sliceType *reflect2.UnsafeSliceType + sliceDecoder ValDecoder +} + +func (codec *base64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) { + if iter.ReadNil() { + codec.sliceType.UnsafeSetNil(ptr) + return + } + switch iter.WhatIsNext() { + case StringValue: + src := iter.ReadString() + dst, err := base64.StdEncoding.DecodeString(src) + if err != nil { + iter.ReportError("decode base64", err.Error()) + } else { + codec.sliceType.UnsafeSet(ptr, unsafe.Pointer(&dst)) + } + case ArrayValue: + codec.sliceDecoder.Decode(ptr, iter) + default: + iter.ReportError("base64Codec", "invalid input") + } +} + +func (codec *base64Codec) Encode(ptr unsafe.Pointer, stream *Stream) { + if codec.sliceType.UnsafeIsNil(ptr) { + stream.WriteNil() + return + } + src := *((*[]byte)(ptr)) + encoding := base64.StdEncoding + stream.writeByte('"') + if len(src) != 0 { + size := encoding.EncodedLen(len(src)) + buf := make([]byte, size) + encoding.Encode(buf, src) + stream.buf = append(stream.buf, buf...) + } + stream.writeByte('"') +} + +func (codec *base64Codec) IsEmpty(ptr unsafe.Pointer) bool { + return len(*((*[]byte)(ptr))) == 0 +} diff --git a/vendor/github.com/json-iterator/go/reflect_optional.go b/vendor/github.com/json-iterator/go/reflect_optional.go new file mode 100644 index 0000000000000..fa71f47489121 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_optional.go @@ -0,0 +1,129 @@ +package jsoniter + +import ( + "github.com/modern-go/reflect2" + "unsafe" +) + +func decoderOfOptional(ctx *ctx, typ reflect2.Type) ValDecoder { + ptrType := typ.(*reflect2.UnsafePtrType) + elemType := ptrType.Elem() + decoder := decoderOfType(ctx, elemType) + return &OptionalDecoder{elemType, decoder} +} + +func encoderOfOptional(ctx *ctx, typ reflect2.Type) ValEncoder { + ptrType := typ.(*reflect2.UnsafePtrType) + elemType := ptrType.Elem() + elemEncoder := encoderOfType(ctx, elemType) + encoder := &OptionalEncoder{elemEncoder} + return encoder +} + +type OptionalDecoder struct { + ValueType reflect2.Type + ValueDecoder ValDecoder +} + +func (decoder *OptionalDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if iter.ReadNil() { + *((*unsafe.Pointer)(ptr)) = nil + } else { + if *((*unsafe.Pointer)(ptr)) == nil { + //pointer to null, we have to allocate memory to hold the value + newPtr := decoder.ValueType.UnsafeNew() + decoder.ValueDecoder.Decode(newPtr, iter) + *((*unsafe.Pointer)(ptr)) = newPtr + } else { + //reuse existing instance + decoder.ValueDecoder.Decode(*((*unsafe.Pointer)(ptr)), iter) + } + } +} + +type dereferenceDecoder struct { + // only to deference a pointer + valueType reflect2.Type + valueDecoder ValDecoder +} + +func (decoder *dereferenceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if *((*unsafe.Pointer)(ptr)) == nil { + //pointer to null, we have to allocate memory to hold the value + newPtr := decoder.valueType.UnsafeNew() + decoder.valueDecoder.Decode(newPtr, iter) + *((*unsafe.Pointer)(ptr)) = newPtr + } else { + //reuse existing instance + decoder.valueDecoder.Decode(*((*unsafe.Pointer)(ptr)), iter) + } +} + +type OptionalEncoder struct { + ValueEncoder ValEncoder +} + +func (encoder *OptionalEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if *((*unsafe.Pointer)(ptr)) == nil { + stream.WriteNil() + } else { + encoder.ValueEncoder.Encode(*((*unsafe.Pointer)(ptr)), stream) + } +} + +func (encoder *OptionalEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return *((*unsafe.Pointer)(ptr)) == nil +} + +type dereferenceEncoder struct { + ValueEncoder ValEncoder +} + +func (encoder *dereferenceEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if *((*unsafe.Pointer)(ptr)) == nil { + stream.WriteNil() + } else { + encoder.ValueEncoder.Encode(*((*unsafe.Pointer)(ptr)), stream) + } +} + +func (encoder *dereferenceEncoder) IsEmpty(ptr unsafe.Pointer) bool { + dePtr := *((*unsafe.Pointer)(ptr)) + if dePtr == nil { + return true + } + return encoder.ValueEncoder.IsEmpty(dePtr) +} + +func (encoder *dereferenceEncoder) IsEmbeddedPtrNil(ptr unsafe.Pointer) bool { + deReferenced := *((*unsafe.Pointer)(ptr)) + if deReferenced == nil { + return true + } + isEmbeddedPtrNil, converted := encoder.ValueEncoder.(IsEmbeddedPtrNil) + if !converted { + return false + } + fieldPtr := unsafe.Pointer(deReferenced) + return isEmbeddedPtrNil.IsEmbeddedPtrNil(fieldPtr) +} + +type referenceEncoder struct { + encoder ValEncoder +} + +func (encoder *referenceEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + encoder.encoder.Encode(unsafe.Pointer(&ptr), stream) +} + +func (encoder *referenceEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.encoder.IsEmpty(unsafe.Pointer(&ptr)) +} + +type referenceDecoder struct { + decoder ValDecoder +} + +func (decoder *referenceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.decoder.Decode(unsafe.Pointer(&ptr), iter) +} diff --git a/vendor/github.com/json-iterator/go/reflect_slice.go b/vendor/github.com/json-iterator/go/reflect_slice.go new file mode 100644 index 0000000000000..9441d79df33b4 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_slice.go @@ -0,0 +1,99 @@ +package jsoniter + +import ( + "fmt" + "github.com/modern-go/reflect2" + "io" + "unsafe" +) + +func decoderOfSlice(ctx *ctx, typ reflect2.Type) ValDecoder { + sliceType := typ.(*reflect2.UnsafeSliceType) + decoder := decoderOfType(ctx.append("[sliceElem]"), sliceType.Elem()) + return &sliceDecoder{sliceType, decoder} +} + +func encoderOfSlice(ctx *ctx, typ reflect2.Type) ValEncoder { + sliceType := typ.(*reflect2.UnsafeSliceType) + encoder := encoderOfType(ctx.append("[sliceElem]"), sliceType.Elem()) + return &sliceEncoder{sliceType, encoder} +} + +type sliceEncoder struct { + sliceType *reflect2.UnsafeSliceType + elemEncoder ValEncoder +} + +func (encoder *sliceEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + if encoder.sliceType.UnsafeIsNil(ptr) { + stream.WriteNil() + return + } + length := encoder.sliceType.UnsafeLengthOf(ptr) + if length == 0 { + stream.WriteEmptyArray() + return + } + stream.WriteArrayStart() + encoder.elemEncoder.Encode(encoder.sliceType.UnsafeGetIndex(ptr, 0), stream) + for i := 1; i < length; i++ { + stream.WriteMore() + elemPtr := encoder.sliceType.UnsafeGetIndex(ptr, i) + encoder.elemEncoder.Encode(elemPtr, stream) + } + stream.WriteArrayEnd() + if stream.Error != nil && stream.Error != io.EOF { + stream.Error = fmt.Errorf("%v: %s", encoder.sliceType, stream.Error.Error()) + } +} + +func (encoder *sliceEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.sliceType.UnsafeLengthOf(ptr) == 0 +} + +type sliceDecoder struct { + sliceType *reflect2.UnsafeSliceType + elemDecoder ValDecoder +} + +func (decoder *sliceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.doDecode(ptr, iter) + if iter.Error != nil && iter.Error != io.EOF { + iter.Error = fmt.Errorf("%v: %s", decoder.sliceType, iter.Error.Error()) + } +} + +func (decoder *sliceDecoder) doDecode(ptr unsafe.Pointer, iter *Iterator) { + c := iter.nextToken() + sliceType := decoder.sliceType + if c == 'n' { + iter.skipThreeBytes('u', 'l', 'l') + sliceType.UnsafeSetNil(ptr) + return + } + if c != '[' { + iter.ReportError("decode slice", "expect [ or n, but found "+string([]byte{c})) + return + } + c = iter.nextToken() + if c == ']' { + sliceType.UnsafeSet(ptr, sliceType.UnsafeMakeSlice(0, 0)) + return + } + iter.unreadByte() + sliceType.UnsafeGrow(ptr, 1) + elemPtr := sliceType.UnsafeGetIndex(ptr, 0) + decoder.elemDecoder.Decode(elemPtr, iter) + length := 1 + for c = iter.nextToken(); c == ','; c = iter.nextToken() { + idx := length + length += 1 + sliceType.UnsafeGrow(ptr, length) + elemPtr = sliceType.UnsafeGetIndex(ptr, idx) + decoder.elemDecoder.Decode(elemPtr, iter) + } + if c != ']' { + iter.ReportError("decode slice", "expect ], but found "+string([]byte{c})) + return + } +} diff --git a/vendor/github.com/json-iterator/go/reflect_struct_decoder.go b/vendor/github.com/json-iterator/go/reflect_struct_decoder.go new file mode 100644 index 0000000000000..d7eb0eb5caa85 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_struct_decoder.go @@ -0,0 +1,1092 @@ +package jsoniter + +import ( + "fmt" + "io" + "strings" + "unsafe" + + "github.com/modern-go/reflect2" +) + +func decoderOfStruct(ctx *ctx, typ reflect2.Type) ValDecoder { + bindings := map[string]*Binding{} + structDescriptor := describeStruct(ctx, typ) + for _, binding := range structDescriptor.Fields { + for _, fromName := range binding.FromNames { + old := bindings[fromName] + if old == nil { + bindings[fromName] = binding + continue + } + ignoreOld, ignoreNew := resolveConflictBinding(ctx.frozenConfig, old, binding) + if ignoreOld { + delete(bindings, fromName) + } + if !ignoreNew { + bindings[fromName] = binding + } + } + } + fields := map[string]*structFieldDecoder{} + for k, binding := range bindings { + fields[k] = binding.Decoder.(*structFieldDecoder) + } + + if !ctx.caseSensitive() { + for k, binding := range bindings { + if _, found := fields[strings.ToLower(k)]; !found { + fields[strings.ToLower(k)] = binding.Decoder.(*structFieldDecoder) + } + } + } + + return createStructDecoder(ctx, typ, fields) +} + +func createStructDecoder(ctx *ctx, typ reflect2.Type, fields map[string]*structFieldDecoder) ValDecoder { + if ctx.disallowUnknownFields { + return &generalStructDecoder{typ: typ, fields: fields, disallowUnknownFields: true} + } + knownHash := map[int64]struct{}{ + 0: {}, + } + + switch len(fields) { + case 0: + return &skipObjectDecoder{typ} + case 1: + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + return &oneFieldStructDecoder{typ, fieldHash, fieldDecoder} + } + case 2: + var fieldHash1 int64 + var fieldHash2 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldHash1 == 0 { + fieldHash1 = fieldHash + fieldDecoder1 = fieldDecoder + } else { + fieldHash2 = fieldHash + fieldDecoder2 = fieldDecoder + } + } + return &twoFieldsStructDecoder{typ, fieldHash1, fieldDecoder1, fieldHash2, fieldDecoder2} + case 3: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } + } + return &threeFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3} + case 4: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } + } + return &fourFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4} + case 5: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } + } + return &fiveFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5} + case 6: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldName6 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + var fieldDecoder6 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else if fieldName5 == 0 { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } else { + fieldName6 = fieldHash + fieldDecoder6 = fieldDecoder + } + } + return &sixFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5, + fieldName6, fieldDecoder6} + case 7: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldName6 int64 + var fieldName7 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + var fieldDecoder6 *structFieldDecoder + var fieldDecoder7 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else if fieldName5 == 0 { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } else if fieldName6 == 0 { + fieldName6 = fieldHash + fieldDecoder6 = fieldDecoder + } else { + fieldName7 = fieldHash + fieldDecoder7 = fieldDecoder + } + } + return &sevenFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5, + fieldName6, fieldDecoder6, + fieldName7, fieldDecoder7} + case 8: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldName6 int64 + var fieldName7 int64 + var fieldName8 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + var fieldDecoder6 *structFieldDecoder + var fieldDecoder7 *structFieldDecoder + var fieldDecoder8 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else if fieldName5 == 0 { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } else if fieldName6 == 0 { + fieldName6 = fieldHash + fieldDecoder6 = fieldDecoder + } else if fieldName7 == 0 { + fieldName7 = fieldHash + fieldDecoder7 = fieldDecoder + } else { + fieldName8 = fieldHash + fieldDecoder8 = fieldDecoder + } + } + return &eightFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5, + fieldName6, fieldDecoder6, + fieldName7, fieldDecoder7, + fieldName8, fieldDecoder8} + case 9: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldName6 int64 + var fieldName7 int64 + var fieldName8 int64 + var fieldName9 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + var fieldDecoder6 *structFieldDecoder + var fieldDecoder7 *structFieldDecoder + var fieldDecoder8 *structFieldDecoder + var fieldDecoder9 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else if fieldName5 == 0 { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } else if fieldName6 == 0 { + fieldName6 = fieldHash + fieldDecoder6 = fieldDecoder + } else if fieldName7 == 0 { + fieldName7 = fieldHash + fieldDecoder7 = fieldDecoder + } else if fieldName8 == 0 { + fieldName8 = fieldHash + fieldDecoder8 = fieldDecoder + } else { + fieldName9 = fieldHash + fieldDecoder9 = fieldDecoder + } + } + return &nineFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5, + fieldName6, fieldDecoder6, + fieldName7, fieldDecoder7, + fieldName8, fieldDecoder8, + fieldName9, fieldDecoder9} + case 10: + var fieldName1 int64 + var fieldName2 int64 + var fieldName3 int64 + var fieldName4 int64 + var fieldName5 int64 + var fieldName6 int64 + var fieldName7 int64 + var fieldName8 int64 + var fieldName9 int64 + var fieldName10 int64 + var fieldDecoder1 *structFieldDecoder + var fieldDecoder2 *structFieldDecoder + var fieldDecoder3 *structFieldDecoder + var fieldDecoder4 *structFieldDecoder + var fieldDecoder5 *structFieldDecoder + var fieldDecoder6 *structFieldDecoder + var fieldDecoder7 *structFieldDecoder + var fieldDecoder8 *structFieldDecoder + var fieldDecoder9 *structFieldDecoder + var fieldDecoder10 *structFieldDecoder + for fieldName, fieldDecoder := range fields { + fieldHash := calcHash(fieldName, ctx.caseSensitive()) + _, known := knownHash[fieldHash] + if known { + return &generalStructDecoder{typ, fields, false} + } + knownHash[fieldHash] = struct{}{} + if fieldName1 == 0 { + fieldName1 = fieldHash + fieldDecoder1 = fieldDecoder + } else if fieldName2 == 0 { + fieldName2 = fieldHash + fieldDecoder2 = fieldDecoder + } else if fieldName3 == 0 { + fieldName3 = fieldHash + fieldDecoder3 = fieldDecoder + } else if fieldName4 == 0 { + fieldName4 = fieldHash + fieldDecoder4 = fieldDecoder + } else if fieldName5 == 0 { + fieldName5 = fieldHash + fieldDecoder5 = fieldDecoder + } else if fieldName6 == 0 { + fieldName6 = fieldHash + fieldDecoder6 = fieldDecoder + } else if fieldName7 == 0 { + fieldName7 = fieldHash + fieldDecoder7 = fieldDecoder + } else if fieldName8 == 0 { + fieldName8 = fieldHash + fieldDecoder8 = fieldDecoder + } else if fieldName9 == 0 { + fieldName9 = fieldHash + fieldDecoder9 = fieldDecoder + } else { + fieldName10 = fieldHash + fieldDecoder10 = fieldDecoder + } + } + return &tenFieldsStructDecoder{typ, + fieldName1, fieldDecoder1, + fieldName2, fieldDecoder2, + fieldName3, fieldDecoder3, + fieldName4, fieldDecoder4, + fieldName5, fieldDecoder5, + fieldName6, fieldDecoder6, + fieldName7, fieldDecoder7, + fieldName8, fieldDecoder8, + fieldName9, fieldDecoder9, + fieldName10, fieldDecoder10} + } + return &generalStructDecoder{typ, fields, false} +} + +type generalStructDecoder struct { + typ reflect2.Type + fields map[string]*structFieldDecoder + disallowUnknownFields bool +} + +func (decoder *generalStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + var c byte + for c = ','; c == ','; c = iter.nextToken() { + decoder.decodeOneField(ptr, iter) + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + if c != '}' { + iter.ReportError("struct Decode", `expect }, but found `+string([]byte{c})) + } + iter.decrementDepth() +} + +func (decoder *generalStructDecoder) decodeOneField(ptr unsafe.Pointer, iter *Iterator) { + var field string + var fieldDecoder *structFieldDecoder + if iter.cfg.objectFieldMustBeSimpleString { + fieldBytes := iter.ReadStringAsSlice() + field = *(*string)(unsafe.Pointer(&fieldBytes)) + fieldDecoder = decoder.fields[field] + if fieldDecoder == nil && !iter.cfg.caseSensitive { + fieldDecoder = decoder.fields[strings.ToLower(field)] + } + } else { + field = iter.ReadString() + fieldDecoder = decoder.fields[field] + if fieldDecoder == nil && !iter.cfg.caseSensitive { + fieldDecoder = decoder.fields[strings.ToLower(field)] + } + } + if fieldDecoder == nil { + if decoder.disallowUnknownFields { + msg := "found unknown field: " + field + iter.ReportError("ReadObject", msg) + } + c := iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + iter.Skip() + return + } + c := iter.nextToken() + if c != ':' { + iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c})) + } + fieldDecoder.Decode(ptr, iter) +} + +type skipObjectDecoder struct { + typ reflect2.Type +} + +func (decoder *skipObjectDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + valueType := iter.WhatIsNext() + if valueType != ObjectValue && valueType != NilValue { + iter.ReportError("skipObjectDecoder", "expect object or null") + return + } + iter.Skip() +} + +type oneFieldStructDecoder struct { + typ reflect2.Type + fieldHash int64 + fieldDecoder *structFieldDecoder +} + +func (decoder *oneFieldStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + if iter.readFieldHash() == decoder.fieldHash { + decoder.fieldDecoder.Decode(ptr, iter) + } else { + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type twoFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder +} + +func (decoder *twoFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type threeFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder +} + +func (decoder *threeFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type fourFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder +} + +func (decoder *fourFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type fiveFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder +} + +func (decoder *fiveFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type sixFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder + fieldHash6 int64 + fieldDecoder6 *structFieldDecoder +} + +func (decoder *sixFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + case decoder.fieldHash6: + decoder.fieldDecoder6.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type sevenFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder + fieldHash6 int64 + fieldDecoder6 *structFieldDecoder + fieldHash7 int64 + fieldDecoder7 *structFieldDecoder +} + +func (decoder *sevenFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + case decoder.fieldHash6: + decoder.fieldDecoder6.Decode(ptr, iter) + case decoder.fieldHash7: + decoder.fieldDecoder7.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type eightFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder + fieldHash6 int64 + fieldDecoder6 *structFieldDecoder + fieldHash7 int64 + fieldDecoder7 *structFieldDecoder + fieldHash8 int64 + fieldDecoder8 *structFieldDecoder +} + +func (decoder *eightFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + case decoder.fieldHash6: + decoder.fieldDecoder6.Decode(ptr, iter) + case decoder.fieldHash7: + decoder.fieldDecoder7.Decode(ptr, iter) + case decoder.fieldHash8: + decoder.fieldDecoder8.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type nineFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder + fieldHash6 int64 + fieldDecoder6 *structFieldDecoder + fieldHash7 int64 + fieldDecoder7 *structFieldDecoder + fieldHash8 int64 + fieldDecoder8 *structFieldDecoder + fieldHash9 int64 + fieldDecoder9 *structFieldDecoder +} + +func (decoder *nineFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + case decoder.fieldHash6: + decoder.fieldDecoder6.Decode(ptr, iter) + case decoder.fieldHash7: + decoder.fieldDecoder7.Decode(ptr, iter) + case decoder.fieldHash8: + decoder.fieldDecoder8.Decode(ptr, iter) + case decoder.fieldHash9: + decoder.fieldDecoder9.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type tenFieldsStructDecoder struct { + typ reflect2.Type + fieldHash1 int64 + fieldDecoder1 *structFieldDecoder + fieldHash2 int64 + fieldDecoder2 *structFieldDecoder + fieldHash3 int64 + fieldDecoder3 *structFieldDecoder + fieldHash4 int64 + fieldDecoder4 *structFieldDecoder + fieldHash5 int64 + fieldDecoder5 *structFieldDecoder + fieldHash6 int64 + fieldDecoder6 *structFieldDecoder + fieldHash7 int64 + fieldDecoder7 *structFieldDecoder + fieldHash8 int64 + fieldDecoder8 *structFieldDecoder + fieldHash9 int64 + fieldDecoder9 *structFieldDecoder + fieldHash10 int64 + fieldDecoder10 *structFieldDecoder +} + +func (decoder *tenFieldsStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + if !iter.readObjectStart() { + return + } + if !iter.incrementDepth() { + return + } + for { + switch iter.readFieldHash() { + case decoder.fieldHash1: + decoder.fieldDecoder1.Decode(ptr, iter) + case decoder.fieldHash2: + decoder.fieldDecoder2.Decode(ptr, iter) + case decoder.fieldHash3: + decoder.fieldDecoder3.Decode(ptr, iter) + case decoder.fieldHash4: + decoder.fieldDecoder4.Decode(ptr, iter) + case decoder.fieldHash5: + decoder.fieldDecoder5.Decode(ptr, iter) + case decoder.fieldHash6: + decoder.fieldDecoder6.Decode(ptr, iter) + case decoder.fieldHash7: + decoder.fieldDecoder7.Decode(ptr, iter) + case decoder.fieldHash8: + decoder.fieldDecoder8.Decode(ptr, iter) + case decoder.fieldHash9: + decoder.fieldDecoder9.Decode(ptr, iter) + case decoder.fieldHash10: + decoder.fieldDecoder10.Decode(ptr, iter) + default: + iter.Skip() + } + if iter.isObjectEnd() { + break + } + } + if iter.Error != nil && iter.Error != io.EOF && len(decoder.typ.Type1().Name()) != 0 { + iter.Error = fmt.Errorf("%v.%s", decoder.typ, iter.Error.Error()) + } + iter.decrementDepth() +} + +type structFieldDecoder struct { + field reflect2.StructField + fieldDecoder ValDecoder +} + +func (decoder *structFieldDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + fieldPtr := decoder.field.UnsafeGet(ptr) + decoder.fieldDecoder.Decode(fieldPtr, iter) + if iter.Error != nil && iter.Error != io.EOF { + iter.Error = fmt.Errorf("%s: %s", decoder.field.Name(), iter.Error.Error()) + } +} + +type stringModeStringDecoder struct { + elemDecoder ValDecoder + cfg *frozenConfig +} + +func (decoder *stringModeStringDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + decoder.elemDecoder.Decode(ptr, iter) + str := *((*string)(ptr)) + tempIter := decoder.cfg.BorrowIterator([]byte(str)) + defer decoder.cfg.ReturnIterator(tempIter) + *((*string)(ptr)) = tempIter.ReadString() +} + +type stringModeNumberDecoder struct { + elemDecoder ValDecoder +} + +func (decoder *stringModeNumberDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) { + c := iter.nextToken() + if c != '"' { + iter.ReportError("stringModeNumberDecoder", `expect ", but found `+string([]byte{c})) + return + } + decoder.elemDecoder.Decode(ptr, iter) + if iter.Error != nil { + return + } + c = iter.readByte() + if c != '"' { + iter.ReportError("stringModeNumberDecoder", `expect ", but found `+string([]byte{c})) + return + } +} diff --git a/vendor/github.com/json-iterator/go/reflect_struct_encoder.go b/vendor/github.com/json-iterator/go/reflect_struct_encoder.go new file mode 100644 index 0000000000000..152e3ef5a93c6 --- /dev/null +++ b/vendor/github.com/json-iterator/go/reflect_struct_encoder.go @@ -0,0 +1,211 @@ +package jsoniter + +import ( + "fmt" + "github.com/modern-go/reflect2" + "io" + "reflect" + "unsafe" +) + +func encoderOfStruct(ctx *ctx, typ reflect2.Type) ValEncoder { + type bindingTo struct { + binding *Binding + toName string + ignored bool + } + orderedBindings := []*bindingTo{} + structDescriptor := describeStruct(ctx, typ) + for _, binding := range structDescriptor.Fields { + for _, toName := range binding.ToNames { + new := &bindingTo{ + binding: binding, + toName: toName, + } + for _, old := range orderedBindings { + if old.toName != toName { + continue + } + old.ignored, new.ignored = resolveConflictBinding(ctx.frozenConfig, old.binding, new.binding) + } + orderedBindings = append(orderedBindings, new) + } + } + if len(orderedBindings) == 0 { + return &emptyStructEncoder{} + } + finalOrderedFields := []structFieldTo{} + for _, bindingTo := range orderedBindings { + if !bindingTo.ignored { + finalOrderedFields = append(finalOrderedFields, structFieldTo{ + encoder: bindingTo.binding.Encoder.(*structFieldEncoder), + toName: bindingTo.toName, + }) + } + } + return &structEncoder{typ, finalOrderedFields} +} + +func createCheckIsEmpty(ctx *ctx, typ reflect2.Type) checkIsEmpty { + encoder := createEncoderOfNative(ctx, typ) + if encoder != nil { + return encoder + } + kind := typ.Kind() + switch kind { + case reflect.Interface: + return &dynamicEncoder{typ} + case reflect.Struct: + return &structEncoder{typ: typ} + case reflect.Array: + return &arrayEncoder{} + case reflect.Slice: + return &sliceEncoder{} + case reflect.Map: + return encoderOfMap(ctx, typ) + case reflect.Ptr: + return &OptionalEncoder{} + default: + return &lazyErrorEncoder{err: fmt.Errorf("unsupported type: %v", typ)} + } +} + +func resolveConflictBinding(cfg *frozenConfig, old, new *Binding) (ignoreOld, ignoreNew bool) { + newTagged := new.Field.Tag().Get(cfg.getTagKey()) != "" + oldTagged := old.Field.Tag().Get(cfg.getTagKey()) != "" + if newTagged { + if oldTagged { + if len(old.levels) > len(new.levels) { + return true, false + } else if len(new.levels) > len(old.levels) { + return false, true + } else { + return true, true + } + } else { + return true, false + } + } else { + if oldTagged { + return true, false + } + if len(old.levels) > len(new.levels) { + return true, false + } else if len(new.levels) > len(old.levels) { + return false, true + } else { + return true, true + } + } +} + +type structFieldEncoder struct { + field reflect2.StructField + fieldEncoder ValEncoder + omitempty bool +} + +func (encoder *structFieldEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + fieldPtr := encoder.field.UnsafeGet(ptr) + encoder.fieldEncoder.Encode(fieldPtr, stream) + if stream.Error != nil && stream.Error != io.EOF { + stream.Error = fmt.Errorf("%s: %s", encoder.field.Name(), stream.Error.Error()) + } +} + +func (encoder *structFieldEncoder) IsEmpty(ptr unsafe.Pointer) bool { + fieldPtr := encoder.field.UnsafeGet(ptr) + return encoder.fieldEncoder.IsEmpty(fieldPtr) +} + +func (encoder *structFieldEncoder) IsEmbeddedPtrNil(ptr unsafe.Pointer) bool { + isEmbeddedPtrNil, converted := encoder.fieldEncoder.(IsEmbeddedPtrNil) + if !converted { + return false + } + fieldPtr := encoder.field.UnsafeGet(ptr) + return isEmbeddedPtrNil.IsEmbeddedPtrNil(fieldPtr) +} + +type IsEmbeddedPtrNil interface { + IsEmbeddedPtrNil(ptr unsafe.Pointer) bool +} + +type structEncoder struct { + typ reflect2.Type + fields []structFieldTo +} + +type structFieldTo struct { + encoder *structFieldEncoder + toName string +} + +func (encoder *structEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteObjectStart() + isNotFirst := false + for _, field := range encoder.fields { + if field.encoder.omitempty && field.encoder.IsEmpty(ptr) { + continue + } + if field.encoder.IsEmbeddedPtrNil(ptr) { + continue + } + if isNotFirst { + stream.WriteMore() + } + stream.WriteObjectField(field.toName) + field.encoder.Encode(ptr, stream) + isNotFirst = true + } + stream.WriteObjectEnd() + if stream.Error != nil && stream.Error != io.EOF { + stream.Error = fmt.Errorf("%v.%s", encoder.typ, stream.Error.Error()) + } +} + +func (encoder *structEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return false +} + +type emptyStructEncoder struct { +} + +func (encoder *emptyStructEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.WriteEmptyObject() +} + +func (encoder *emptyStructEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return false +} + +type stringModeNumberEncoder struct { + elemEncoder ValEncoder +} + +func (encoder *stringModeNumberEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + stream.writeByte('"') + encoder.elemEncoder.Encode(ptr, stream) + stream.writeByte('"') +} + +func (encoder *stringModeNumberEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.elemEncoder.IsEmpty(ptr) +} + +type stringModeStringEncoder struct { + elemEncoder ValEncoder + cfg *frozenConfig +} + +func (encoder *stringModeStringEncoder) Encode(ptr unsafe.Pointer, stream *Stream) { + tempStream := encoder.cfg.BorrowStream(nil) + tempStream.Attachment = stream.Attachment + defer encoder.cfg.ReturnStream(tempStream) + encoder.elemEncoder.Encode(ptr, tempStream) + stream.WriteString(string(tempStream.Buffer())) +} + +func (encoder *stringModeStringEncoder) IsEmpty(ptr unsafe.Pointer) bool { + return encoder.elemEncoder.IsEmpty(ptr) +} diff --git a/vendor/github.com/json-iterator/go/stream.go b/vendor/github.com/json-iterator/go/stream.go new file mode 100644 index 0000000000000..23d8a3ad6b126 --- /dev/null +++ b/vendor/github.com/json-iterator/go/stream.go @@ -0,0 +1,210 @@ +package jsoniter + +import ( + "io" +) + +// stream is a io.Writer like object, with JSON specific write functions. +// Error is not returned as return value, but stored as Error member on this stream instance. +type Stream struct { + cfg *frozenConfig + out io.Writer + buf []byte + Error error + indention int + Attachment interface{} // open for customized encoder +} + +// NewStream create new stream instance. +// cfg can be jsoniter.ConfigDefault. +// out can be nil if write to internal buffer. +// bufSize is the initial size for the internal buffer in bytes. +func NewStream(cfg API, out io.Writer, bufSize int) *Stream { + return &Stream{ + cfg: cfg.(*frozenConfig), + out: out, + buf: make([]byte, 0, bufSize), + Error: nil, + indention: 0, + } +} + +// Pool returns a pool can provide more stream with same configuration +func (stream *Stream) Pool() StreamPool { + return stream.cfg +} + +// Reset reuse this stream instance by assign a new writer +func (stream *Stream) Reset(out io.Writer) { + stream.out = out + stream.buf = stream.buf[:0] +} + +// Available returns how many bytes are unused in the buffer. +func (stream *Stream) Available() int { + return cap(stream.buf) - len(stream.buf) +} + +// Buffered returns the number of bytes that have been written into the current buffer. +func (stream *Stream) Buffered() int { + return len(stream.buf) +} + +// Buffer if writer is nil, use this method to take the result +func (stream *Stream) Buffer() []byte { + return stream.buf +} + +// SetBuffer allows to append to the internal buffer directly +func (stream *Stream) SetBuffer(buf []byte) { + stream.buf = buf +} + +// Write writes the contents of p into the buffer. +// It returns the number of bytes written. +// If nn < len(p), it also returns an error explaining +// why the write is short. +func (stream *Stream) Write(p []byte) (nn int, err error) { + stream.buf = append(stream.buf, p...) + if stream.out != nil { + nn, err = stream.out.Write(stream.buf) + stream.buf = stream.buf[nn:] + return + } + return len(p), nil +} + +// WriteByte writes a single byte. +func (stream *Stream) writeByte(c byte) { + stream.buf = append(stream.buf, c) +} + +func (stream *Stream) writeTwoBytes(c1 byte, c2 byte) { + stream.buf = append(stream.buf, c1, c2) +} + +func (stream *Stream) writeThreeBytes(c1 byte, c2 byte, c3 byte) { + stream.buf = append(stream.buf, c1, c2, c3) +} + +func (stream *Stream) writeFourBytes(c1 byte, c2 byte, c3 byte, c4 byte) { + stream.buf = append(stream.buf, c1, c2, c3, c4) +} + +func (stream *Stream) writeFiveBytes(c1 byte, c2 byte, c3 byte, c4 byte, c5 byte) { + stream.buf = append(stream.buf, c1, c2, c3, c4, c5) +} + +// Flush writes any buffered data to the underlying io.Writer. +func (stream *Stream) Flush() error { + if stream.out == nil { + return nil + } + if stream.Error != nil { + return stream.Error + } + _, err := stream.out.Write(stream.buf) + if err != nil { + if stream.Error == nil { + stream.Error = err + } + return err + } + stream.buf = stream.buf[:0] + return nil +} + +// WriteRaw write string out without quotes, just like []byte +func (stream *Stream) WriteRaw(s string) { + stream.buf = append(stream.buf, s...) +} + +// WriteNil write null to stream +func (stream *Stream) WriteNil() { + stream.writeFourBytes('n', 'u', 'l', 'l') +} + +// WriteTrue write true to stream +func (stream *Stream) WriteTrue() { + stream.writeFourBytes('t', 'r', 'u', 'e') +} + +// WriteFalse write false to stream +func (stream *Stream) WriteFalse() { + stream.writeFiveBytes('f', 'a', 'l', 's', 'e') +} + +// WriteBool write true or false into stream +func (stream *Stream) WriteBool(val bool) { + if val { + stream.WriteTrue() + } else { + stream.WriteFalse() + } +} + +// WriteObjectStart write { with possible indention +func (stream *Stream) WriteObjectStart() { + stream.indention += stream.cfg.indentionStep + stream.writeByte('{') + stream.writeIndention(0) +} + +// WriteObjectField write "field": with possible indention +func (stream *Stream) WriteObjectField(field string) { + stream.WriteString(field) + if stream.indention > 0 { + stream.writeTwoBytes(':', ' ') + } else { + stream.writeByte(':') + } +} + +// WriteObjectEnd write } with possible indention +func (stream *Stream) WriteObjectEnd() { + stream.writeIndention(stream.cfg.indentionStep) + stream.indention -= stream.cfg.indentionStep + stream.writeByte('}') +} + +// WriteEmptyObject write {} +func (stream *Stream) WriteEmptyObject() { + stream.writeByte('{') + stream.writeByte('}') +} + +// WriteMore write , with possible indention +func (stream *Stream) WriteMore() { + stream.writeByte(',') + stream.writeIndention(0) +} + +// WriteArrayStart write [ with possible indention +func (stream *Stream) WriteArrayStart() { + stream.indention += stream.cfg.indentionStep + stream.writeByte('[') + stream.writeIndention(0) +} + +// WriteEmptyArray write [] +func (stream *Stream) WriteEmptyArray() { + stream.writeTwoBytes('[', ']') +} + +// WriteArrayEnd write ] with possible indention +func (stream *Stream) WriteArrayEnd() { + stream.writeIndention(stream.cfg.indentionStep) + stream.indention -= stream.cfg.indentionStep + stream.writeByte(']') +} + +func (stream *Stream) writeIndention(delta int) { + if stream.indention == 0 { + return + } + stream.writeByte('\n') + toWrite := stream.indention - delta + for i := 0; i < toWrite; i++ { + stream.buf = append(stream.buf, ' ') + } +} diff --git a/vendor/github.com/json-iterator/go/stream_float.go b/vendor/github.com/json-iterator/go/stream_float.go new file mode 100644 index 0000000000000..826aa594ac6f3 --- /dev/null +++ b/vendor/github.com/json-iterator/go/stream_float.go @@ -0,0 +1,111 @@ +package jsoniter + +import ( + "fmt" + "math" + "strconv" +) + +var pow10 []uint64 + +func init() { + pow10 = []uint64{1, 10, 100, 1000, 10000, 100000, 1000000} +} + +// WriteFloat32 write float32 to stream +func (stream *Stream) WriteFloat32(val float32) { + if math.IsInf(float64(val), 0) || math.IsNaN(float64(val)) { + stream.Error = fmt.Errorf("unsupported value: %f", val) + return + } + abs := math.Abs(float64(val)) + fmt := byte('f') + // Note: Must use float32 comparisons for underlying float32 value to get precise cutoffs right. + if abs != 0 { + if float32(abs) < 1e-6 || float32(abs) >= 1e21 { + fmt = 'e' + } + } + stream.buf = strconv.AppendFloat(stream.buf, float64(val), fmt, -1, 32) +} + +// WriteFloat32Lossy write float32 to stream with ONLY 6 digits precision although much much faster +func (stream *Stream) WriteFloat32Lossy(val float32) { + if math.IsInf(float64(val), 0) || math.IsNaN(float64(val)) { + stream.Error = fmt.Errorf("unsupported value: %f", val) + return + } + if val < 0 { + stream.writeByte('-') + val = -val + } + if val > 0x4ffffff { + stream.WriteFloat32(val) + return + } + precision := 6 + exp := uint64(1000000) // 6 + lval := uint64(float64(val)*float64(exp) + 0.5) + stream.WriteUint64(lval / exp) + fval := lval % exp + if fval == 0 { + return + } + stream.writeByte('.') + for p := precision - 1; p > 0 && fval < pow10[p]; p-- { + stream.writeByte('0') + } + stream.WriteUint64(fval) + for stream.buf[len(stream.buf)-1] == '0' { + stream.buf = stream.buf[:len(stream.buf)-1] + } +} + +// WriteFloat64 write float64 to stream +func (stream *Stream) WriteFloat64(val float64) { + if math.IsInf(val, 0) || math.IsNaN(val) { + stream.Error = fmt.Errorf("unsupported value: %f", val) + return + } + abs := math.Abs(val) + fmt := byte('f') + // Note: Must use float32 comparisons for underlying float32 value to get precise cutoffs right. + if abs != 0 { + if abs < 1e-6 || abs >= 1e21 { + fmt = 'e' + } + } + stream.buf = strconv.AppendFloat(stream.buf, float64(val), fmt, -1, 64) +} + +// WriteFloat64Lossy write float64 to stream with ONLY 6 digits precision although much much faster +func (stream *Stream) WriteFloat64Lossy(val float64) { + if math.IsInf(val, 0) || math.IsNaN(val) { + stream.Error = fmt.Errorf("unsupported value: %f", val) + return + } + if val < 0 { + stream.writeByte('-') + val = -val + } + if val > 0x4ffffff { + stream.WriteFloat64(val) + return + } + precision := 6 + exp := uint64(1000000) // 6 + lval := uint64(val*float64(exp) + 0.5) + stream.WriteUint64(lval / exp) + fval := lval % exp + if fval == 0 { + return + } + stream.writeByte('.') + for p := precision - 1; p > 0 && fval < pow10[p]; p-- { + stream.writeByte('0') + } + stream.WriteUint64(fval) + for stream.buf[len(stream.buf)-1] == '0' { + stream.buf = stream.buf[:len(stream.buf)-1] + } +} diff --git a/vendor/github.com/json-iterator/go/stream_int.go b/vendor/github.com/json-iterator/go/stream_int.go new file mode 100644 index 0000000000000..d1059ee4c20e3 --- /dev/null +++ b/vendor/github.com/json-iterator/go/stream_int.go @@ -0,0 +1,190 @@ +package jsoniter + +var digits []uint32 + +func init() { + digits = make([]uint32, 1000) + for i := uint32(0); i < 1000; i++ { + digits[i] = (((i / 100) + '0') << 16) + ((((i / 10) % 10) + '0') << 8) + i%10 + '0' + if i < 10 { + digits[i] += 2 << 24 + } else if i < 100 { + digits[i] += 1 << 24 + } + } +} + +func writeFirstBuf(space []byte, v uint32) []byte { + start := v >> 24 + if start == 0 { + space = append(space, byte(v>>16), byte(v>>8)) + } else if start == 1 { + space = append(space, byte(v>>8)) + } + space = append(space, byte(v)) + return space +} + +func writeBuf(buf []byte, v uint32) []byte { + return append(buf, byte(v>>16), byte(v>>8), byte(v)) +} + +// WriteUint8 write uint8 to stream +func (stream *Stream) WriteUint8(val uint8) { + stream.buf = writeFirstBuf(stream.buf, digits[val]) +} + +// WriteInt8 write int8 to stream +func (stream *Stream) WriteInt8(nval int8) { + var val uint8 + if nval < 0 { + val = uint8(-nval) + stream.buf = append(stream.buf, '-') + } else { + val = uint8(nval) + } + stream.buf = writeFirstBuf(stream.buf, digits[val]) +} + +// WriteUint16 write uint16 to stream +func (stream *Stream) WriteUint16(val uint16) { + q1 := val / 1000 + if q1 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[val]) + return + } + r1 := val - q1*1000 + stream.buf = writeFirstBuf(stream.buf, digits[q1]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return +} + +// WriteInt16 write int16 to stream +func (stream *Stream) WriteInt16(nval int16) { + var val uint16 + if nval < 0 { + val = uint16(-nval) + stream.buf = append(stream.buf, '-') + } else { + val = uint16(nval) + } + stream.WriteUint16(val) +} + +// WriteUint32 write uint32 to stream +func (stream *Stream) WriteUint32(val uint32) { + q1 := val / 1000 + if q1 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[val]) + return + } + r1 := val - q1*1000 + q2 := q1 / 1000 + if q2 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q1]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return + } + r2 := q1 - q2*1000 + q3 := q2 / 1000 + if q3 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q2]) + } else { + r3 := q2 - q3*1000 + stream.buf = append(stream.buf, byte(q3+'0')) + stream.buf = writeBuf(stream.buf, digits[r3]) + } + stream.buf = writeBuf(stream.buf, digits[r2]) + stream.buf = writeBuf(stream.buf, digits[r1]) +} + +// WriteInt32 write int32 to stream +func (stream *Stream) WriteInt32(nval int32) { + var val uint32 + if nval < 0 { + val = uint32(-nval) + stream.buf = append(stream.buf, '-') + } else { + val = uint32(nval) + } + stream.WriteUint32(val) +} + +// WriteUint64 write uint64 to stream +func (stream *Stream) WriteUint64(val uint64) { + q1 := val / 1000 + if q1 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[val]) + return + } + r1 := val - q1*1000 + q2 := q1 / 1000 + if q2 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q1]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return + } + r2 := q1 - q2*1000 + q3 := q2 / 1000 + if q3 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q2]) + stream.buf = writeBuf(stream.buf, digits[r2]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return + } + r3 := q2 - q3*1000 + q4 := q3 / 1000 + if q4 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q3]) + stream.buf = writeBuf(stream.buf, digits[r3]) + stream.buf = writeBuf(stream.buf, digits[r2]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return + } + r4 := q3 - q4*1000 + q5 := q4 / 1000 + if q5 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q4]) + stream.buf = writeBuf(stream.buf, digits[r4]) + stream.buf = writeBuf(stream.buf, digits[r3]) + stream.buf = writeBuf(stream.buf, digits[r2]) + stream.buf = writeBuf(stream.buf, digits[r1]) + return + } + r5 := q4 - q5*1000 + q6 := q5 / 1000 + if q6 == 0 { + stream.buf = writeFirstBuf(stream.buf, digits[q5]) + } else { + stream.buf = writeFirstBuf(stream.buf, digits[q6]) + r6 := q5 - q6*1000 + stream.buf = writeBuf(stream.buf, digits[r6]) + } + stream.buf = writeBuf(stream.buf, digits[r5]) + stream.buf = writeBuf(stream.buf, digits[r4]) + stream.buf = writeBuf(stream.buf, digits[r3]) + stream.buf = writeBuf(stream.buf, digits[r2]) + stream.buf = writeBuf(stream.buf, digits[r1]) +} + +// WriteInt64 write int64 to stream +func (stream *Stream) WriteInt64(nval int64) { + var val uint64 + if nval < 0 { + val = uint64(-nval) + stream.buf = append(stream.buf, '-') + } else { + val = uint64(nval) + } + stream.WriteUint64(val) +} + +// WriteInt write int to stream +func (stream *Stream) WriteInt(val int) { + stream.WriteInt64(int64(val)) +} + +// WriteUint write uint to stream +func (stream *Stream) WriteUint(val uint) { + stream.WriteUint64(uint64(val)) +} diff --git a/vendor/github.com/json-iterator/go/stream_str.go b/vendor/github.com/json-iterator/go/stream_str.go new file mode 100644 index 0000000000000..54c2ba0b3a2d9 --- /dev/null +++ b/vendor/github.com/json-iterator/go/stream_str.go @@ -0,0 +1,372 @@ +package jsoniter + +import ( + "unicode/utf8" +) + +// htmlSafeSet holds the value true if the ASCII character with the given +// array position can be safely represented inside a JSON string, embedded +// inside of HTML