Commits on Apr 1, 2024

1. ci/cross-i386: pin Go to 1.21.x …

   Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
   Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

   

   kolyshkin authored and cyphar committed Apr 1, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for ac31da6
   • Browse repository at this point

   Copy the full SHA

   ac31da6 View commit details

   Browse the repository at this point in the history

2. [hotfix] nsenter: refuse to build with Go 1.22 on glibc …

   We will almost certainly need to eventually rework nsenter to:
   
    1. Figure out a way to make pthread_self() not break after nsenter runs
       (probably not possible, because the core issue is likely that we are
       ignoring the rules of signal-safety(7)); or
    2. Do an other re-exec of /proc/self/exe to execute the Go half of
       "runc init" -- after we've done the nsenter setup. This would reset
       all of the process state and ensure we have a clean glibc state for
       Go, but it would make runc slower...
   
   For now, just block Go 1.22 builds to avoid having broken runcs floating
   around until we resolve the issue. It seems possible for musl to also
   have an issue, but it appears to work and so for now just block glibc
   builds.
   
   Note that this will only block builds for anything that uses nsenter --
   so users of our (internal) libcontainer libraries should be fine. Only
   users that are starting containers using nsenter to actually start
   containers will see the error (which is precisely what we want).
   
   Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

   

   cyphar committed Apr 1, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for e377e16
   • Browse repository at this point

   Copy the full SHA

   e377e16 View commit details

   Browse the repository at this point in the history