cgroup2: port over eBPF device controller from crun by AkihiroSuda · Pull Request #2145 · opencontainers/runc

AkihiroSuda · 2019-10-17T12:34:07Z

The implementation is based on https://github.com/containers/crun/blob/0.10.2/src/libcrun/ebpf.c

Although ebpf.c is originally licensed under LGPL-3.0-or-later, the author Giuseppe Scrivano agreed to relicense the file in Apache License 2.0: #2144 (comment)

See libcontainer/cgroups/ebpf/devicefilter/devicefilter_test.go for tested configurations.

Close #2144

AkihiroSuda · 2019-10-17T12:55:53Z

~~CI failing for ARM~~ (EDIT: passing now)

CGO_ENABLED=1 GOARCH=arm GOARM=6 CC=arm-linux-gnueabi-gcc go build -buildmode=pie  -ldflags "-X main.gitCommit="bf9519326d3dcc4a78f3cddbc54ac7a78a0aa948" -X main.version=1.0.0-rc9+dev " -tags "seccomp apparmor selinux ambient" -o runc-armel .
# github.com/opencontainers/runc/vendor/github.com/cilium/ebpf
vendor/github.com/cilium/ebpf/syscalls.go:285:17: constant 3405662737 overflows int32
Makefile:125: recipe for target 'localcross' failed

AkihiroSuda · 2019-10-25T10:30:26Z

@giuseppe LGTY?

giuseppe

LGTM

crosbymichael · 2019-10-30T20:32:16Z

LGTM

The implementation is based on https://github.com/containers/crun/blob/0.10.2/src/libcrun/ebpf.c Although ebpf.c is originally licensed under LGPL-3.0-or-later, the author Giuseppe Scrivano agreed to relicense the file in Apache License 2.0: opencontainers#2144 (comment) See libcontainer/cgroups/ebpf/devicefilter/devicefilter_test.go for tested configurations. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>

AkihiroSuda · 2019-10-31T05:03:33Z

rebased

AkihiroSuda · 2019-10-31T06:24:13Z

@dqminh @hqhq PTAL? This is the blocker for supporting cgroup2.

mrunalp · 2019-10-31T17:09:18Z

LGTM

crosbymichael · 2019-10-31T17:10:52Z

LGTM

AkihiroSuda mentioned this pull request Oct 17, 2019

cgroup2: eBPF device controller #2144

Closed

AkihiroSuda mentioned this pull request Oct 17, 2019

Can't be compiled for 32-bit ARM cilium/ebpf#18

Closed

AkihiroSuda force-pushed the ebpf branch 3 times, most recently from 970f501 to ce75263 Compare October 18, 2019 14:48

This was referenced Oct 25, 2019

cgroups v2 Support containerd/containerd#3726

Closed

support cgroup v2 (unified hierarchy) #654

Closed

crosbymichael reviewed Oct 28, 2019

View reviewed changes

Comment thread libcontainer/cgroups/fs/devices_v2.go Outdated

AkihiroSuda force-pushed the ebpf branch from ce75263 to d4550e5 Compare October 29, 2019 04:52

giuseppe approved these changes Oct 30, 2019

View reviewed changes

AkihiroSuda force-pushed the ebpf branch from d4550e5 to faf673e Compare October 31, 2019 05:01

crosbymichael merged commit b133fea into opencontainers:master Oct 31, 2019

rektide mentioned this pull request Dec 21, 2019

Support cgroups v2 k3s-io/k3s#900

Closed

dims mentioned this pull request Jan 28, 2020

Bump dependency opencontainers/runc@v1.0.0-rc10 kubernetes/kubernetes#87516

Merged

kolyshkin mentioned this pull request Nov 20, 2020

Significant binary size increase between rc10 -> rc92 #2589

Open

thaJeztah mentioned this pull request Apr 13, 2021

ebpf: replace deprecated prog.Attach/prog.Detach #2903

Merged

pacoxu mentioned this pull request Apr 27, 2023

dependencies: update cilium/ebpf to v0.11.0 kubernetes/kubernetes#117457

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cgroup2: port over eBPF device controller from crun#2145

cgroup2: port over eBPF device controller from crun#2145
crosbymichael merged 1 commit into
opencontainers:masterfrom
AkihiroSuda:ebpf

AkihiroSuda commented Oct 17, 2019 •

edited

Loading

Uh oh!

AkihiroSuda commented Oct 17, 2019 •

edited

Loading

Uh oh!

AkihiroSuda commented Oct 25, 2019

Uh oh!

Uh oh!

giuseppe left a comment

Uh oh!

crosbymichael commented Oct 30, 2019 •

edited by caniszczyk

Loading

Uh oh!

AkihiroSuda commented Oct 31, 2019

Uh oh!

AkihiroSuda commented Oct 31, 2019

Uh oh!

mrunalp commented Oct 31, 2019 •

edited by caniszczyk

Loading

Uh oh!

crosbymichael commented Oct 31, 2019 •

edited by caniszczyk

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

AkihiroSuda commented Oct 17, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

AkihiroSuda commented Oct 17, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

AkihiroSuda commented Oct 25, 2019

Uh oh!

Uh oh!

giuseppe left a comment

Choose a reason for hiding this comment

Uh oh!

crosbymichael commented Oct 30, 2019 • edited by caniszczyk Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

AkihiroSuda commented Oct 31, 2019

Uh oh!

AkihiroSuda commented Oct 31, 2019

Uh oh!

mrunalp commented Oct 31, 2019 • edited by caniszczyk Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

crosbymichael commented Oct 31, 2019 • edited by caniszczyk Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

AkihiroSuda commented Oct 17, 2019 •

edited

Loading

AkihiroSuda commented Oct 17, 2019 •

edited

Loading

crosbymichael commented Oct 30, 2019 •

edited by caniszczyk

Loading

mrunalp commented Oct 31, 2019 •

edited by caniszczyk

Loading

crosbymichael commented Oct 31, 2019 •

edited by caniszczyk

Loading