From ae89a54aa7fb48a468f70c1135cb9ab4aa804e25 Mon Sep 17 00:00:00 2001 From: Gavin Inglis Date: Tue, 12 May 2026 21:53:01 +0000 Subject: [PATCH] containerd-2.2: update to 2.2.3 Signed-off-by: Gavin Inglis --- ...yfs-whiteouts-during-parallel-unpack.patch | 158 ------------------ packages/containerd-2.2/Cargo.toml | 4 +- packages/containerd-2.2/containerd-2.2.spec | 6 +- 3 files changed, 4 insertions(+), 164 deletions(-) delete mode 100644 packages/containerd-2.2/1004-fix-overlayfs-whiteouts-during-parallel-unpack.patch diff --git a/packages/containerd-2.2/1004-fix-overlayfs-whiteouts-during-parallel-unpack.patch b/packages/containerd-2.2/1004-fix-overlayfs-whiteouts-during-parallel-unpack.patch deleted file mode 100644 index ea4b5727d..000000000 --- a/packages/containerd-2.2/1004-fix-overlayfs-whiteouts-during-parallel-unpack.patch +++ /dev/null @@ -1,158 +0,0 @@ -From 90439f0e1ecaaf452d42b177d1c444061a477e1e Mon Sep 17 00:00:00 2001 -From: Wei Fu -Date: Wed, 25 Mar 2026 22:51:58 +0000 -Subject: [PATCH] Tweak mount info for overlayfs in case of parallel unpack - -Signed-off-by: Yutong Sun ---- - core/unpack/unpacker.go | 29 ++++++++++++ - core/unpack/unpacker_test.go | 86 ++++++++++++++++++++++++++++++++++++ - 2 files changed, 115 insertions(+) - -diff --git a/core/unpack/unpacker.go b/core/unpack/unpacker.go -index d964580c81..a5763edeb8 100644 ---- a/core/unpack/unpacker.go -+++ b/core/unpack/unpacker.go -@@ -524,6 +524,15 @@ func (u *Unpacker) unpack( - case <-fetchC[i-fetchOffset]: - } - -+ // In case of parallel unpack, the parent snapshot isn't provided to the snapshotter. -+ // The overlayfs will return bind mounts for all layers, we need to convert them -+ // to overlay mounts for the applier to perform whiteout conversion correctly. -+ // TODO: this is a temporary workaround until #13053 lands. -+ // See: https://github.com/containerd/containerd/issues/13030 -+ if i > 0 && parallel && unpack.SnapshotterKey == "overlayfs" { -+ mounts = bindToOverlay(mounts) -+ } -+ - diff, err := a.Apply(ctx, desc, mounts, unpack.ApplyOpts...) - if err != nil { - cleanup.Do(ctx, abort) -@@ -747,3 +756,23 @@ func uniquePart() string { - rand.Read(b[:]) - return fmt.Sprintf("%d-%s", t.Nanosecond(), base64.URLEncoding.EncodeToString(b[:])) - } -+ -+// TODO: this is a temporary workaround until #13053 lands. -+func bindToOverlay(mounts []mount.Mount) []mount.Mount { -+ if len(mounts) != 1 || mounts[0].Type != "bind" { -+ return mounts -+ } -+ -+ m := mount.Mount{ -+ Type: "overlay", -+ Source: "overlay", -+ } -+ for _, o := range mounts[0].Options { -+ if o != "rbind" { -+ m.Options = append(m.Options, o) -+ } -+ } -+ m.Options = append(m.Options, "upperdir="+mounts[0].Source) -+ -+ return []mount.Mount{m} -+} -diff --git a/core/unpack/unpacker_test.go b/core/unpack/unpacker_test.go -index 32581dbd18..48636d6f9f 100644 ---- a/core/unpack/unpacker_test.go -+++ b/core/unpack/unpacker_test.go -@@ -19,8 +19,10 @@ package unpack - import ( - "crypto/rand" - "fmt" -+ "reflect" - "testing" - -+ "github.com/containerd/containerd/v2/core/mount" - "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/identity" - ) -@@ -91,3 +93,87 @@ func BenchmarkUnpackWithChainIDs(b *testing.B) { - }) - } - } -+ -+func TestBindToOverlay(t *testing.T) { -+ testCases := []struct { -+ name string -+ mounts []mount.Mount -+ expect []mount.Mount -+ }{ -+ { -+ name: "single bind mount", -+ mounts: []mount.Mount{ -+ { -+ Type: "bind", -+ Source: "/path/to/source", -+ Options: []string{"ro", "rbind"}, -+ }, -+ }, -+ expect: []mount.Mount{ -+ { -+ Type: "overlay", -+ Source: "overlay", -+ Options: []string{ -+ "ro", -+ "upperdir=/path/to/source", -+ }, -+ }, -+ }, -+ }, -+ { -+ name: "overlay mount", -+ mounts: []mount.Mount{ -+ { -+ Type: "overlay", -+ Source: "overlay", -+ Options: []string{ -+ "lowerdir=/path/to/lower", -+ "upperdir=/path/to/upper", -+ }, -+ }, -+ }, -+ expect: []mount.Mount{ -+ { -+ Type: "overlay", -+ Source: "overlay", -+ Options: []string{ -+ "lowerdir=/path/to/lower", -+ "upperdir=/path/to/upper", -+ }, -+ }, -+ }, -+ }, -+ { -+ name: "multiple mounts", -+ mounts: []mount.Mount{ -+ { -+ Type: "bind", -+ Source: "/path/to/source1", -+ }, -+ { -+ Type: "bind", -+ Source: "/path/to/source2", -+ }, -+ }, -+ expect: []mount.Mount{ -+ { -+ Type: "bind", -+ Source: "/path/to/source1", -+ }, -+ { -+ Type: "bind", -+ Source: "/path/to/source2", -+ }, -+ }, -+ }, -+ } -+ -+ for _, tc := range testCases { -+ t.Run(tc.name, func(t *testing.T) { -+ result := bindToOverlay(tc.mounts) -+ if !reflect.DeepEqual(result, tc.expect) { -+ t.Errorf("unexpected result: got %v, want %v", result, tc.expect) -+ } -+ }) -+ } -+} diff --git a/packages/containerd-2.2/Cargo.toml b/packages/containerd-2.2/Cargo.toml index 62a89b25b..4f1ab1edb 100644 --- a/packages/containerd-2.2/Cargo.toml +++ b/packages/containerd-2.2/Cargo.toml @@ -13,8 +13,8 @@ package-name = "containerd-2.2" releases-url = "https://github.com/containerd/containerd/releases" [[package.metadata.build-package.external-files]] -url = "https://github.com/containerd/containerd/archive/v2.2.2/containerd-2.2.2.tar.gz" -sha512 = "4471047360cd1430a189829a74d605dbe89abe092f0e0ba53ad5954269f253c7c277b8097c5d12acb9e0592a39e50e1808c92e73596e3d2d97cf945f15063ca0" +url = "https://github.com/containerd/containerd/archive/v2.2.3/containerd-2.2.3.tar.gz" +sha512 = "3e8563095c3859f2f58d0f7c5bbe6ba1c3265623ccc89ac7ff163818369097a60f58e133a6eebf5adea5f5308f95e01c43da5c3d4ab99413f0e5fd51c6904432" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/containerd-2.2/containerd-2.2.spec b/packages/containerd-2.2/containerd-2.2.spec index 6d96d9e2f..0ad664008 100644 --- a/packages/containerd-2.2/containerd-2.2.spec +++ b/packages/containerd-2.2/containerd-2.2.spec @@ -2,9 +2,9 @@ %global gorepo containerd %global goimport %{goproject}/%{gorepo} -%global gover 2.2.2 +%global gover 2.2.3 %global rpmver %{gover} -%global gitrev 301b2dac98f15c27117da5c8af12118a041a31d9 +%global gitrev 77c84241c7cbdd9b4eca2591793e3d4f4317c590 %global package_priority_epoch 0 %global _dwz_low_mem_die_limit 0 @@ -42,8 +42,6 @@ Patch1001: 1001-Revert-Don-t-allow-io_uring-related-syscalls-in-the-.patch Patch1002: 1002-transfer-service-fallback-to-credentials.toml-for-re.patch # Patch to make ctr use hosts.toml for registry mirrors by default Patch1003: 1003-ctr-default-hosts-dir-to-etc-containerd-certs.d.patch -# Patch to fix whiteouts ignored during parallel unpack with overlayfs -Patch1004: 1004-fix-overlayfs-whiteouts-during-parallel-unpack.patch BuildRequires: git BuildRequires: %{_cross_os}glibc-devel