diff --git a/go.mod b/go.mod index ef932bec33..824468de95 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/mogensen/kubernetes-split-yaml v0.4.0 github.com/nxadm/tail v1.4.8 github.com/opencontainers/image-spec v1.1.0-rc4 - github.com/opencontainers/runc v1.1.7 + github.com/opencontainers/runc v1.1.8 github.com/opencontainers/runtime-spec v1.1.0-rc.3 github.com/openshift/api v0.0.0-20221205111557-f2fbb1d1cd5e github.com/pjbgf/go-apparmor v0.1.2 diff --git a/go.sum b/go.sum index 7cc24c1c1c..ecc70f5b2f 100644 --- a/go.sum +++ b/go.sum @@ -748,8 +748,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYBTS5Y4x/Cgeo1E0= github.com/opencontainers/image-spec v1.1.0-rc4/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= -github.com/opencontainers/runc v1.1.7 h1:y2EZDS8sNng4Ksf0GUYNhKbTShZJPJg1FiXJNH/uoCk= -github.com/opencontainers/runc v1.1.7/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50= +github.com/opencontainers/runc v1.1.8 h1:zICRlc+C1XzivLc3nzE+cbJV4LIi8tib6YG0MqC6OqA= +github.com/opencontainers/runc v1.1.8/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50= github.com/opencontainers/runtime-spec v1.1.0-rc.3 h1:l04uafi6kxByhbxev7OWiuUv0LZxEsYUfDWZ6bztAuU= github.com/opencontainers/runtime-spec v1.1.0-rc.3/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-tools v0.9.1-0.20230317050512-e931285f4b69 h1:NL4xDvl68WWqQ+8WPMM3l5PsZTxaT7Z4K3VSKDRuAGs= diff --git a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/config.go b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/config.go index 98e08e8f0b..2b15576ac9 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/config.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/config.go @@ -66,6 +66,7 @@ var archs = map[string]string{ "SCMP_ARCH_PPC": "ppc", "SCMP_ARCH_PPC64": "ppc64", "SCMP_ARCH_PPC64LE": "ppc64le", + "SCMP_ARCH_RISCV64": "riscv64", "SCMP_ARCH_S390": "s390", "SCMP_ARCH_S390X": "s390x", } diff --git a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/patchbpf/enosys_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/patchbpf/enosys_linux.go index 7d4ec6a42e..6376512b08 100644 --- a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/patchbpf/enosys_linux.go +++ b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/patchbpf/enosys_linux.go @@ -48,6 +48,13 @@ const uintptr_t C_FILTER_FLAG_LOG = SECCOMP_FILTER_FLAG_LOG; #endif const uintptr_t C_FILTER_FLAG_NEW_LISTENER = SECCOMP_FILTER_FLAG_NEW_LISTENER; +#ifndef AUDIT_ARCH_RISCV64 +#ifndef EM_RISCV +#define EM_RISCV 243 +#endif +#define AUDIT_ARCH_RISCV64 (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) +#endif + // We use the AUDIT_ARCH_* values because those are the ones used by the kernel // and SCMP_ARCH_* sometimes has fake values (such as SCMP_ARCH_X32). But we // use so we get libseccomp's fallback definitions of AUDIT_ARCH_*. @@ -67,6 +74,7 @@ const uint32_t C_AUDIT_ARCH_PPC64 = AUDIT_ARCH_PPC64; const uint32_t C_AUDIT_ARCH_PPC64LE = AUDIT_ARCH_PPC64LE; const uint32_t C_AUDIT_ARCH_S390 = AUDIT_ARCH_S390; const uint32_t C_AUDIT_ARCH_S390X = AUDIT_ARCH_S390X; +const uint32_t C_AUDIT_ARCH_RISCV64 = AUDIT_ARCH_RISCV64; */ import "C" @@ -202,6 +210,8 @@ func archToNative(arch libseccomp.ScmpArch) (nativeArch, error) { return nativeArch(C.C_AUDIT_ARCH_S390), nil case libseccomp.ArchS390X: return nativeArch(C.C_AUDIT_ARCH_S390X), nil + case libseccomp.ArchRISCV64: + return nativeArch(C.C_AUDIT_ARCH_RISCV64), nil default: return invalidArch, fmt.Errorf("unknown architecture: %v", arch) } diff --git a/vendor/modules.txt b/vendor/modules.txt index ddb80bad97..f0d070c4f6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -879,7 +879,7 @@ github.com/opencontainers/go-digest ## explicit; go 1.18 github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go/v1 -# github.com/opencontainers/runc v1.1.7 +# github.com/opencontainers/runc v1.1.8 ## explicit; go 1.17 github.com/opencontainers/runc/libcontainer/cgroups github.com/opencontainers/runc/libcontainer/configs