New Upstream Release - golang-github-moby-sys

Ready changes

Summary

Merged new upstream version: 0.0~git20230117.c161267 (was: 0.0~git20220606.416188a).

Resulting package

Built on 2023-07-01T14:36 (took 6m35s)

The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:

apt install -t fresh-releases golang-github-moby-sys-dev

Lintian Result

Diff

diff --git a/.ci/Vagrantfile.fedora b/.ci/Vagrantfile.fedora
deleted file mode 100644
index 56b4f66..0000000
--- a/.ci/Vagrantfile.fedora
+++ /dev/null
@@ -1,31 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant.configure("2") do |config|
-# Fedora box is used for testing cgroup v2 support
-  config.vm.box = "fedora/35-cloud-base"
-  config.vm.provider :virtualbox do |v|
-    v.memory = 2048
-    v.cpus = 2
-  end
-  config.vm.provider :libvirt do |v|
-    v.memory = 2048
-    v.cpus = 2
-  end
-  config.vm.provision "shell", inline: <<-SHELL
-    set -e -u -o pipefail
-    # Work around dnf mirror failures by retrying a few times
-    for i in $(seq 0 2); do
-      sleep $i
-      cat << EOF | dnf -y shell && break
-config exclude kernel,kernel-core
-config install_weak_deps false
-update
-install make golang-go libseccomp-devel git-core
-ts run
-EOF
-    done
-    dnf clean all
-
-  SHELL
-end
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 3a4c41b..07d3d2a 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -5,7 +5,7 @@ jobs:
     strategy:
       matrix:
         go-version: [1.17.x, 1.18.x]
-        platform: [ubuntu-20.04, windows-latest, macos-11]
+        platform: [ubuntu-20.04, ubuntu-22.04, windows-latest, macos-11]
     runs-on: ${{ matrix.platform }}
     steps:
     - name: Install Go
@@ -24,23 +24,7 @@ jobs:
       if: ${{ runner.os == 'Linux' }}
       run: make cross
     - name: Test
-      run: make test
-
-  # some features, like openat2, require a newer kernel
-  fedora:
-    # nested virtualization is only available on macOS hosts
-    runs-on: macos-10.15
-    steps:
-      - uses: actions/checkout@v3
-      - name: prepare vagrant
-        run: |
-          ln -sf .ci/Vagrantfile.fedora Vagrantfile
-          # Retry if it fails (download.fedoraproject.org returns 404 sometimes)
-          vagrant up || vagrant up
-          vagrant ssh-config >> ~/.ssh/config
-
-      - name: system info
-        run: ssh default 'sh -exc "uname -a && df -T"'
+      run: |
+        uname -a
+        make test
 
-      - name: tests
-        run: ssh default 'cd /vagrant && make test'
diff --git a/Makefile b/Makefile
index 389e09d..80c6ee9 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-PACKAGES ?= mountinfo mount signal symlink
+PACKAGES ?= mountinfo mount sequential signal symlink
 BINDIR ?= _build/bin
 CROSS ?= linux/arm linux/arm64 linux/ppc64le linux/s390x \
 	freebsd/amd64 openbsd/amd64 darwin/amd64 darwin/arm64 windows/amd64
diff --git a/debian/changelog b/debian/changelog
index 12ff360..cd15129 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+golang-github-moby-sys (0.0~git20230117.c161267-1) UNRELEASED; urgency=low
+
+  * New upstream snapshot.
+
+ -- Debian Janitor <janitor@jelmer.uk>  Sat, 01 Jul 2023 14:30:52 -0000
+
 golang-github-moby-sys (0.0~git20220606.416188a-1) unstable; urgency=medium
 
   * New upstream snapshot
diff --git a/mountinfo/mountinfo_linux.go b/mountinfo/mountinfo_linux.go
index 59332b0..b9a14ef 100644
--- a/mountinfo/mountinfo_linux.go
+++ b/mountinfo/mountinfo_linux.go
@@ -158,10 +158,10 @@ func PidMountInfo(pid int) ([]*Info, error) {
 // A few specific characters in mountinfo path entries (root and mountpoint)
 // are escaped using a backslash followed by a character's ascii code in octal.
 //
-//   space              -- as \040
-//   tab (aka \t)       -- as \011
-//   newline (aka \n)   -- as \012
-//   backslash (aka \\) -- as \134
+//	space              -- as \040
+//	tab (aka \t)       -- as \011
+//	newline (aka \n)   -- as \012
+//	backslash (aka \\) -- as \134
 //
 // This function converts path from mountinfo back, i.e. it unescapes the above sequences.
 func unescape(path string) (string, error) {
diff --git a/sequential/doc.go b/sequential/doc.go
new file mode 100644
index 0000000..af28175
--- /dev/null
+++ b/sequential/doc.go
@@ -0,0 +1,15 @@
+// Package sequential provides a set of functions for managing sequential
+// files on Windows.
+//
+// The origin of these functions are the golang OS and windows packages,
+// slightly modified to only cope with files, not directories due to the
+// specific use case.
+//
+// The alteration is to allow a file on Windows to be opened with
+// FILE_FLAG_SEQUENTIAL_SCAN (particular for docker load), to avoid eating
+// the standby list, particularly when accessing large files such as layer.tar.
+//
+// For non-Windows platforms, the package provides wrappers for the equivalents
+// in the os packages. They are passthrough on Unix platforms, and only relevant
+// on Windows.
+package sequential
diff --git a/sequential/go.mod b/sequential/go.mod
new file mode 100644
index 0000000..59c2412
--- /dev/null
+++ b/sequential/go.mod
@@ -0,0 +1,5 @@
+module github.com/moby/sys/sequential
+
+go 1.17
+
+require golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a
diff --git a/sequential/go.sum b/sequential/go.sum
new file mode 100644
index 0000000..af14a66
--- /dev/null
+++ b/sequential/go.sum
@@ -0,0 +1,2 @@
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/sequential/sequential_unix.go b/sequential/sequential_unix.go
new file mode 100644
index 0000000..a3c7340
--- /dev/null
+++ b/sequential/sequential_unix.go
@@ -0,0 +1,45 @@
+//go:build !windows
+// +build !windows
+
+package sequential
+
+import "os"
+
+// Create creates the named file with mode 0666 (before umask), truncating
+// it if it already exists. If successful, methods on the returned
+// File can be used for I/O; the associated file descriptor has mode
+// O_RDWR.
+// If there is an error, it will be of type *PathError.
+func Create(name string) (*os.File, error) {
+	return os.Create(name)
+}
+
+// Open opens the named file for reading. If successful, methods on
+// the returned file can be used for reading; the associated file
+// descriptor has mode O_RDONLY.
+// If there is an error, it will be of type *PathError.
+func Open(name string) (*os.File, error) {
+	return os.Open(name)
+}
+
+// OpenFile is the generalized open call; most users will use Open
+// or Create instead. It opens the named file with specified flag
+// (O_RDONLY etc.) and perm, (0666 etc.) if applicable. If successful,
+// methods on the returned File can be used for I/O.
+// If there is an error, it will be of type *PathError.
+func OpenFile(name string, flag int, perm os.FileMode) (*os.File, error) {
+	return os.OpenFile(name, flag, perm)
+}
+
+// CreateTemp creates a new temporary file in the directory dir
+// with a name beginning with prefix, opens the file for reading
+// and writing, and returns the resulting *os.File.
+// If dir is the empty string, TempFile uses the default directory
+// for temporary files (see os.TempDir).
+// Multiple programs calling TempFile simultaneously
+// will not choose the same file. The caller can use f.Name()
+// to find the pathname of the file. It is the caller's responsibility
+// to remove the file when no longer needed.
+func CreateTemp(dir, prefix string) (f *os.File, err error) {
+	return os.CreateTemp(dir, prefix)
+}
diff --git a/sequential/sequential_windows.go b/sequential/sequential_windows.go
new file mode 100644
index 0000000..2d52707
--- /dev/null
+++ b/sequential/sequential_windows.go
@@ -0,0 +1,160 @@
+package sequential
+
+import (
+	"os"
+	"path/filepath"
+	"strconv"
+	"sync"
+	"syscall"
+	"time"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+// Create creates the named file with mode 0666 (before umask), truncating
+// it if it already exists. If successful, methods on the returned
+// File can be used for I/O; the associated file descriptor has mode
+// O_RDWR.
+// If there is an error, it will be of type *PathError.
+func Create(name string) (*os.File, error) {
+	return OpenFile(name, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0)
+}
+
+// Open opens the named file for reading. If successful, methods on
+// the returned file can be used for reading; the associated file
+// descriptor has mode O_RDONLY.
+// If there is an error, it will be of type *PathError.
+func Open(name string) (*os.File, error) {
+	return OpenFile(name, os.O_RDONLY, 0)
+}
+
+// OpenFile is the generalized open call; most users will use Open
+// or Create instead.
+// If there is an error, it will be of type *PathError.
+func OpenFile(name string, flag int, _ os.FileMode) (*os.File, error) {
+	if name == "" {
+		return nil, &os.PathError{Op: "open", Path: name, Err: syscall.ENOENT}
+	}
+	r, err := openFileSequential(name, flag, 0)
+	if err == nil {
+		return r, nil
+	}
+	return nil, &os.PathError{Op: "open", Path: name, Err: err}
+}
+
+func openFileSequential(name string, flag int, _ os.FileMode) (file *os.File, err error) {
+	r, e := openSequential(name, flag|windows.O_CLOEXEC, 0)
+	if e != nil {
+		return nil, e
+	}
+	return os.NewFile(uintptr(r), name), nil
+}
+
+func makeInheritSa() *windows.SecurityAttributes {
+	var sa windows.SecurityAttributes
+	sa.Length = uint32(unsafe.Sizeof(sa))
+	sa.InheritHandle = 1
+	return &sa
+}
+
+func openSequential(path string, mode int, _ uint32) (fd windows.Handle, err error) {
+	if len(path) == 0 {
+		return windows.InvalidHandle, windows.ERROR_FILE_NOT_FOUND
+	}
+	pathp, err := windows.UTF16PtrFromString(path)
+	if err != nil {
+		return windows.InvalidHandle, err
+	}
+	var access uint32
+	switch mode & (windows.O_RDONLY | windows.O_WRONLY | windows.O_RDWR) {
+	case windows.O_RDONLY:
+		access = windows.GENERIC_READ
+	case windows.O_WRONLY:
+		access = windows.GENERIC_WRITE
+	case windows.O_RDWR:
+		access = windows.GENERIC_READ | windows.GENERIC_WRITE
+	}
+	if mode&windows.O_CREAT != 0 {
+		access |= windows.GENERIC_WRITE
+	}
+	if mode&windows.O_APPEND != 0 {
+		access &^= windows.GENERIC_WRITE
+		access |= windows.FILE_APPEND_DATA
+	}
+	sharemode := uint32(windows.FILE_SHARE_READ | windows.FILE_SHARE_WRITE)
+	var sa *windows.SecurityAttributes
+	if mode&windows.O_CLOEXEC == 0 {
+		sa = makeInheritSa()
+	}
+	var createmode uint32
+	switch {
+	case mode&(windows.O_CREAT|windows.O_EXCL) == (windows.O_CREAT | windows.O_EXCL):
+		createmode = windows.CREATE_NEW
+	case mode&(windows.O_CREAT|windows.O_TRUNC) == (windows.O_CREAT | windows.O_TRUNC):
+		createmode = windows.CREATE_ALWAYS
+	case mode&windows.O_CREAT == windows.O_CREAT:
+		createmode = windows.OPEN_ALWAYS
+	case mode&windows.O_TRUNC == windows.O_TRUNC:
+		createmode = windows.TRUNCATE_EXISTING
+	default:
+		createmode = windows.OPEN_EXISTING
+	}
+	// Use FILE_FLAG_SEQUENTIAL_SCAN rather than FILE_ATTRIBUTE_NORMAL as implemented in golang.
+	// https://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v=vs.85).aspx
+	h, e := windows.CreateFile(pathp, access, sharemode, sa, createmode, windows.FILE_FLAG_SEQUENTIAL_SCAN, 0)
+	return h, e
+}
+
+// Helpers for CreateTemp
+var rand uint32
+var randmu sync.Mutex
+
+func reseed() uint32 {
+	return uint32(time.Now().UnixNano() + int64(os.Getpid()))
+}
+
+func nextSuffix() string {
+	randmu.Lock()
+	r := rand
+	if r == 0 {
+		r = reseed()
+	}
+	r = r*1664525 + 1013904223 // constants from Numerical Recipes
+	rand = r
+	randmu.Unlock()
+	return strconv.Itoa(int(1e9 + r%1e9))[1:]
+}
+
+// CreateTemp is a copy of os.CreateTemp, modified to use sequential
+// file access. Below is the original comment from golang:
+// TempFile creates a new temporary file in the directory dir
+// with a name beginning with prefix, opens the file for reading
+// and writing, and returns the resulting *os.File.
+// If dir is the empty string, TempFile uses the default directory
+// for temporary files (see os.TempDir).
+// Multiple programs calling TempFile simultaneously
+// will not choose the same file. The caller can use f.Name()
+// to find the pathname of the file. It is the caller's responsibility
+// to remove the file when no longer needed.
+func CreateTemp(dir, prefix string) (f *os.File, err error) {
+	if dir == "" {
+		dir = os.TempDir()
+	}
+
+	nconflict := 0
+	for i := 0; i < 10000; i++ {
+		name := filepath.Join(dir, prefix+nextSuffix())
+		f, err = OpenFile(name, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0o600)
+		if os.IsExist(err) {
+			if nconflict++; nconflict > 10 {
+				randmu.Lock()
+				rand = reseed()
+				randmu.Unlock()
+			}
+			continue
+		}
+		break
+	}
+	return
+}
diff --git a/symlink/fs.go b/symlink/fs.go
index 244b009..ac26ca1 100644
--- a/symlink/fs.go
+++ b/symlink/fs.go
@@ -37,8 +37,9 @@ func FollowSymlinkInScope(path, root string) (string, error) {
 // Trying to break out from `root` does not constitute an error.
 //
 // Example:
-//   If /foo/bar -> /outside,
-//   FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/outside"
+//
+//	If /foo/bar -> /outside,
+//	FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/outside"
 //
 // IMPORTANT: it is the caller's responsibility to call evalSymlinksInScope *after* relevant symlinks
 // are created and not to create subsequently, additional symlinks that could potentially make a

Debdiff

[The following lists of changes regard files as different if they have different names, permissions or owners.]

Files in second set of .debs but not in first

-rw-r--r--  root/root   /usr/share/gocode/src/github.com/moby/sys/sequential/doc.go
-rw-r--r--  root/root   /usr/share/gocode/src/github.com/moby/sys/sequential/go.mod
-rw-r--r--  root/root   /usr/share/gocode/src/github.com/moby/sys/sequential/sequential_unix.go
-rw-r--r--  root/root   /usr/share/gocode/src/github.com/moby/sys/sequential/sequential_windows.go

No differences were encountered in the control files

More details

Full run details