1 |
commit: 69eb27243a3c16d35dab1ed185ba59dce21ac25a |
2 |
Author: Sebastian Hamann <code <AT> ares-macrotechnology <DOT> com> |
3 |
AuthorDate: Sat Jun 13 13:03:52 2020 +0000 |
4 |
Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Sep 7 18:18:33 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69eb2724 |
7 |
|
8 |
app-emulation/firecracker-bin: new package |
9 |
|
10 |
Install upsteam's firecracker and jailer binaries (statically linked |
11 |
against musl). |
12 |
As of version 0.22.0, seccomp filters only work on musl builds. |
13 |
|
14 |
Closes: https://bugs.gentoo.org/728124 |
15 |
Signed-off-by: Sebastian Hamann <code <AT> ares-macrotechnology.com> |
16 |
Closes: https://github.com/gentoo/gentoo/pull/16219 |
17 |
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> |
18 |
|
19 |
app-emulation/firecracker-bin/Manifest | 4 ++ |
20 |
.../firecracker-bin/firecracker-bin-0.22.0.ebuild | 82 ++++++++++++++++++++++ |
21 |
app-emulation/firecracker-bin/metadata.xml | 12 ++++ |
22 |
3 files changed, 98 insertions(+) |
23 |
|
24 |
diff --git a/app-emulation/firecracker-bin/Manifest b/app-emulation/firecracker-bin/Manifest |
25 |
new file mode 100644 |
26 |
index 00000000000..a7c0eeefd34 |
27 |
--- /dev/null |
28 |
+++ b/app-emulation/firecracker-bin/Manifest |
29 |
@@ -0,0 +1,4 @@ |
30 |
+DIST firecracker-v0.22.0-aarch64 1615168 BLAKE2B 56965a1999038e9b59e37230177812b936ad1b3cba91b6f805a1a6ecc81903f093c13b75ff78c8720d67596bdd71378cc757bda0b6061e3fb4d62607e299b065 SHA512 fb42bc5ecd0af487490f2c4bd3804d2430263740bbdec66c063d9b6c865d6b9c42b31cafb78d4a0cc40c11cc5242608b9d30676e55ac2b8dcb05d5f3db535bdf |
31 |
+DIST firecracker-v0.22.0-x86_64 1657736 BLAKE2B 84dbe8db596017e312fad1cd3c72d1b5d7306ad400a320431c8cae5b901b534f2735ac75cb5b9133c6c6f2603b877e4842d54165972a46df4193fbbc513c3b2d SHA512 ac9544e8b770ff7a0c9234feb3154522bd6163f3903993cd019cc4abaa90ad24447f18e65e1022aafb7274ca97281286f898a50ac9f27c7f661d48df52d7fd08 |
32 |
+DIST jailer-v0.22.0-aarch64 1322088 BLAKE2B 72db7eba02371af2a53b6ebd8c9fb909bd027cdd2b4207e0b2a02febe587780f9aa3be665b37580907ab8a58d8745cbcda90a85bda56a42b2eb8be9a931af13f SHA512 86ca629b3060cefa9e31292844486c6d9b6fa0538b6d515e4cbb07fa4a675ce93d5f87fcd769f62aea0df029cdbd7a5055a282b8344ed35d895606aca7f22a14 |
33 |
+DIST jailer-v0.22.0-x86_64 1427600 BLAKE2B 7ab09cce8963c89dae7c89c3a2d1dc582fdf8c11c3e051deb08c70fd2995a2154c493432e39851bebc62c1f6a9f98cfc9a9fa4107c5d9cf8ba940d4bb3349d86 SHA512 f2dcaee775cd1cdea4c1c1f6e89b82ba6636ab065291b704faaa836f864f14802a56af76ce397d7f98e9420d55720dc4459ae4443babfc7bb16d64dde11cb854 |
34 |
|
35 |
diff --git a/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild |
36 |
new file mode 100644 |
37 |
index 00000000000..a54445d88b2 |
38 |
--- /dev/null |
39 |
+++ b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild |
40 |
@@ -0,0 +1,82 @@ |
41 |
+# Copyright 2020 Gentoo Authors |
42 |
+# Distributed under the terms of the GNU General Public License v2 |
43 |
+ |
44 |
+EAPI=7 |
45 |
+ |
46 |
+inherit linux-info |
47 |
+ |
48 |
+DESCRIPTION="Secure and fast microVMs for serverless computing (static build)" |
49 |
+HOMEPAGE="https://firecracker-microvm.github.io https://github.com/firecracker-microvm/firecracker" |
50 |
+SRC_URI=" |
51 |
+ amd64? ( |
52 |
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-x86_64 |
53 |
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-x86_64 |
54 |
+ ) |
55 |
+ arm64? ( |
56 |
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-aarch64 |
57 |
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-aarch64 |
58 |
+ )" |
59 |
+ |
60 |
+LICENSE="|| ( Apache-2.0 MIT Apache-2.0-with-LLVM-exceptions ) MPL-2.0" |
61 |
+SLOT="0" |
62 |
+KEYWORDS="-* ~amd64" |
63 |
+ |
64 |
+RESTRICT="test strip" |
65 |
+ |
66 |
+RDEPEND="!app-emulation/firecracker |
67 |
+ acct-group/kvm" |
68 |
+ |
69 |
+QA_PREBUILT="/usr/bin/firecracker |
70 |
+ /usr/bin/jailer" |
71 |
+ |
72 |
+S="${WORKDIR}" |
73 |
+ |
74 |
+pkg_pretend() { |
75 |
+ if use kernel_linux && kernel_is lt 4 14; then |
76 |
+ eerror "Firecracker requires a host kernel of 4.14 or higher." |
77 |
+ elif use kernel_linux; then |
78 |
+ if ! linux_config_exists; then |
79 |
+ eerror "Unable to check your kernel for KVM support" |
80 |
+ else |
81 |
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE ~VHOST_VSOCK" |
82 |
+ ERROR_KVM="You must enable KVM in your kernel to continue" |
83 |
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in" |
84 |
+ ERROR_KVM_AMD+=" your kernel configuration." |
85 |
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable" |
86 |
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration." |
87 |
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled" |
88 |
+ ERROR_TUN+=" into your kernel or loaded as a module to use" |
89 |
+ ERROR_TUN+=" virtual network devices." |
90 |
+ ERROR_BRIDGE="You will also need support for 802.1d" |
91 |
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations." |
92 |
+ ERROR_VHOST_VSOCK="To use AF_VSOCK sockets for communication" |
93 |
+ ERROR_VHOST_VSOCK+=" between host and guest, you will need to enable" |
94 |
+ ERROR_VHOST_VSOCK+=" the vhost virtio-vsock driver in your kernel." |
95 |
+ |
96 |
+ if use amd64 || use amd64-linux; then |
97 |
+ if grep -q AuthenticAMD /proc/cpuinfo; then |
98 |
+ CONFIG_CHECK+=" ~KVM_AMD" |
99 |
+ elif grep -q GenuineIntel /proc/cpuinfo; then |
100 |
+ CONFIG_CHECK+=" ~KVM_INTEL" |
101 |
+ fi |
102 |
+ fi |
103 |
+ |
104 |
+ # Now do the actual checks setup above |
105 |
+ check_extra_config |
106 |
+ fi |
107 |
+ fi |
108 |
+} |
109 |
+ |
110 |
+src_unpack() { :; } |
111 |
+src_compile() { :; } |
112 |
+ |
113 |
+src_install() { |
114 |
+ if use amd64; then |
115 |
+ my_arch=x86_64 |
116 |
+ elif use arm64; then |
117 |
+ my_arch=aarch64 |
118 |
+ fi |
119 |
+ |
120 |
+ newbin "${DISTDIR}/firecracker-v${PV}-${my_arch}" firecracker |
121 |
+ newbin "${DISTDIR}/jailer-v${PV}-${my_arch}" jailer |
122 |
+} |
123 |
|
124 |
diff --git a/app-emulation/firecracker-bin/metadata.xml b/app-emulation/firecracker-bin/metadata.xml |
125 |
new file mode 100644 |
126 |
index 00000000000..7f6b797d9b1 |
127 |
--- /dev/null |
128 |
+++ b/app-emulation/firecracker-bin/metadata.xml |
129 |
@@ -0,0 +1,12 @@ |
130 |
+<?xml version="1.0" encoding="UTF-8"?> |
131 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
132 |
+<pkgmetadata> |
133 |
+ <maintainer type="person"> |
134 |
+ <email>gentoo-bugs@××××××××××××××××××××.com</email> |
135 |
+ <name>Sebastian Hamann</name> |
136 |
+ </maintainer> |
137 |
+ <maintainer type="project"> |
138 |
+ <email>proxy-maint@g.o</email> |
139 |
+ <name>Proxy Maintainers</name> |
140 |
+ </maintainer> |
141 |
+</pkgmetadata> |