commit: 69eb27243a3c16d35dab1ed185ba59dce21ac25a Author: Sebastian Hamann <code <AT> ares-macrotechnology <DOT> com> AuthorDate: Sat Jun 13 13:03:52 2020 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Mon Sep 7 18:18:33 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69eb2724
app-emulation/firecracker-bin: new package Install upsteam's firecracker and jailer binaries (statically linked against musl). As of version 0.22.0, seccomp filters only work on musl builds. Closes: https://bugs.gentoo.org/728124 Signed-off-by: Sebastian Hamann <code <AT> ares-macrotechnology.com> Closes: https://github.com/gentoo/gentoo/pull/16219 Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> app-emulation/firecracker-bin/Manifest | 4 ++ .../firecracker-bin/firecracker-bin-0.22.0.ebuild | 82 ++++++++++++++++++++++ app-emulation/firecracker-bin/metadata.xml | 12 ++++ 3 files changed, 98 insertions(+) diff --git a/app-emulation/firecracker-bin/Manifest b/app-emulation/firecracker-bin/Manifest new file mode 100644 index 00000000000..a7c0eeefd34 --- /dev/null +++ b/app-emulation/firecracker-bin/Manifest @@ -0,0 +1,4 @@ +DIST firecracker-v0.22.0-aarch64 1615168 BLAKE2B 56965a1999038e9b59e37230177812b936ad1b3cba91b6f805a1a6ecc81903f093c13b75ff78c8720d67596bdd71378cc757bda0b6061e3fb4d62607e299b065 SHA512 fb42bc5ecd0af487490f2c4bd3804d2430263740bbdec66c063d9b6c865d6b9c42b31cafb78d4a0cc40c11cc5242608b9d30676e55ac2b8dcb05d5f3db535bdf +DIST firecracker-v0.22.0-x86_64 1657736 BLAKE2B 84dbe8db596017e312fad1cd3c72d1b5d7306ad400a320431c8cae5b901b534f2735ac75cb5b9133c6c6f2603b877e4842d54165972a46df4193fbbc513c3b2d SHA512 ac9544e8b770ff7a0c9234feb3154522bd6163f3903993cd019cc4abaa90ad24447f18e65e1022aafb7274ca97281286f898a50ac9f27c7f661d48df52d7fd08 +DIST jailer-v0.22.0-aarch64 1322088 BLAKE2B 72db7eba02371af2a53b6ebd8c9fb909bd027cdd2b4207e0b2a02febe587780f9aa3be665b37580907ab8a58d8745cbcda90a85bda56a42b2eb8be9a931af13f SHA512 86ca629b3060cefa9e31292844486c6d9b6fa0538b6d515e4cbb07fa4a675ce93d5f87fcd769f62aea0df029cdbd7a5055a282b8344ed35d895606aca7f22a14 +DIST jailer-v0.22.0-x86_64 1427600 BLAKE2B 7ab09cce8963c89dae7c89c3a2d1dc582fdf8c11c3e051deb08c70fd2995a2154c493432e39851bebc62c1f6a9f98cfc9a9fa4107c5d9cf8ba940d4bb3349d86 SHA512 f2dcaee775cd1cdea4c1c1f6e89b82ba6636ab065291b704faaa836f864f14802a56af76ce397d7f98e9420d55720dc4459ae4443babfc7bb16d64dde11cb854 diff --git a/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild new file mode 100644 index 00000000000..a54445d88b2 --- /dev/null +++ b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild @@ -0,0 +1,82 @@ +# Copyright 2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit linux-info + +DESCRIPTION="Secure and fast microVMs for serverless computing (static build)" +HOMEPAGE="https://firecracker-microvm.github.io https://github.com/firecracker-microvm/firecracker"; +SRC_URI=" + amd64? ( + https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-x86_64 + https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-x86_64 + ) + arm64? ( + https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-aarch64 + https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-aarch64 + )" + +LICENSE="|| ( Apache-2.0 MIT Apache-2.0-with-LLVM-exceptions ) MPL-2.0" +SLOT="0" +KEYWORDS="-* ~amd64" + +RESTRICT="test strip" + +RDEPEND="!app-emulation/firecracker + acct-group/kvm" + +QA_PREBUILT="/usr/bin/firecracker + /usr/bin/jailer" + +S="${WORKDIR}" + +pkg_pretend() { + if use kernel_linux && kernel_is lt 4 14; then + eerror "Firecracker requires a host kernel of 4.14 or higher." + elif use kernel_linux; then + if ! linux_config_exists; then + eerror "Unable to check your kernel for KVM support" + else + CONFIG_CHECK="~KVM ~TUN ~BRIDGE ~VHOST_VSOCK" + ERROR_KVM="You must enable KVM in your kernel to continue" + ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in" + ERROR_KVM_AMD+=" your kernel configuration." + ERROR_KVM_INTEL="If you have an Intel CPU, you must enable" + ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration." + ERROR_TUN="You will need the Universal TUN/TAP driver compiled" + ERROR_TUN+=" into your kernel or loaded as a module to use" + ERROR_TUN+=" virtual network devices." + ERROR_BRIDGE="You will also need support for 802.1d" + ERROR_BRIDGE+=" Ethernet Bridging for some network configurations." + ERROR_VHOST_VSOCK="To use AF_VSOCK sockets for communication" + ERROR_VHOST_VSOCK+=" between host and guest, you will need to enable" + ERROR_VHOST_VSOCK+=" the vhost virtio-vsock driver in your kernel." + + if use amd64 || use amd64-linux; then + if grep -q AuthenticAMD /proc/cpuinfo; then + CONFIG_CHECK+=" ~KVM_AMD" + elif grep -q GenuineIntel /proc/cpuinfo; then + CONFIG_CHECK+=" ~KVM_INTEL" + fi + fi + + # Now do the actual checks setup above + check_extra_config + fi + fi +} + +src_unpack() { :; } +src_compile() { :; } + +src_install() { + if use amd64; then + my_arch=x86_64 + elif use arm64; then + my_arch=aarch64 + fi + + newbin "${DISTDIR}/firecracker-v${PV}-${my_arch}" firecracker + newbin "${DISTDIR}/jailer-v${PV}-${my_arch}" jailer +} diff --git a/app-emulation/firecracker-bin/metadata.xml b/app-emulation/firecracker-bin/metadata.xml new file mode 100644 index 00000000000..7f6b797d9b1 --- /dev/null +++ b/app-emulation/firecracker-bin/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> + <maintainer type="person"> + <email>gentoo-b...@ares-macrotechnology.com</email> + <name>Sebastian Hamann</name> + </maintainer> + <maintainer type="project"> + <email>proxy-ma...@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> +</pkgmetadata>
