diff --git a/go.mod b/go.mod index 0a93718e4..6a27e7235 100644 --- a/go.mod +++ b/go.mod @@ -37,7 +37,7 @@ require ( github.com/containerd/cgroups/v3 v3.1.2 // indirect github.com/containerd/containerd/api v1.10.0 // indirect github.com/containerd/containerd/v2 v2.2.4 // indirect - github.com/containerd/continuity v0.4.5 // indirect + github.com/containerd/continuity v0.5.0 // indirect github.com/containerd/errdefs/pkg v0.3.0 // indirect github.com/containerd/fifo v1.1.0 // indirect github.com/containerd/log v0.1.0 // indirect diff --git a/go.sum b/go.sum index e307fe795..d2d5ff5c7 100644 --- a/go.sum +++ b/go.sum @@ -111,8 +111,8 @@ github.com/containerd/containerd/api v1.10.0 h1:5n0oHYVBwN4VhoX9fFykCV9dF1/BvAXe github.com/containerd/containerd/api v1.10.0/go.mod h1:NBm1OAk8ZL+LG8R0ceObGxT5hbUYj7CzTmR3xh0DlMM= github.com/containerd/containerd/v2 v2.2.4 h1:8x2UdXqww7NYqGNabQ7i1nAgB5LegzjC9KQzO/900iA= github.com/containerd/containerd/v2 v2.2.4/go.mod h1:YBcTO8D9149QY9zNmUjy04Mhuc4DlrZQ8FIOwKZEM7o= -github.com/containerd/continuity v0.4.5 h1:ZRoN1sXq9u7V6QoHMcVWGhOwDFqZ4B9i5H6un1Wh0x4= -github.com/containerd/continuity v0.4.5/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= +github.com/containerd/continuity v0.5.0 h1:7a85HZpCSs+1Zps0Ee3DPSuAWY+0SJM1JNM51nlEVDg= +github.com/containerd/continuity v0.5.0/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M= github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE= diff --git a/vendor/github.com/containerd/continuity/devices/devices_unix.go b/vendor/github.com/containerd/continuity/devices/devices_unix.go index 451979b7e..741cf47e8 100644 --- a/vendor/github.com/containerd/continuity/devices/devices_unix.go +++ b/vendor/github.com/containerd/continuity/devices/devices_unix.go @@ -38,14 +38,14 @@ func DeviceInfo(fi os.FileInfo) (uint64, uint64, error) { } // mknod provides a shortcut for syscall.Mknod -func Mknod(p string, mode os.FileMode, maj, min int) error { +func Mknod(p string, mode os.FileMode, major, minor int) error { var ( m = syscallMode(mode.Perm()) dev uint64 ) if mode&os.ModeDevice != 0 { - dev = unix.Mkdev(uint32(maj), uint32(min)) + dev = unix.Mkdev(uint32(major), uint32(minor)) if mode&os.ModeCharDevice != 0 { m |= unix.S_IFCHR diff --git a/vendor/github.com/containerd/continuity/fs/copy_linux.go b/vendor/github.com/containerd/continuity/fs/copy_linux.go index 739461cb3..880650565 100644 --- a/vendor/github.com/containerd/continuity/fs/copy_linux.go +++ b/vendor/github.com/containerd/continuity/fs/copy_linux.go @@ -26,6 +26,122 @@ import ( "golang.org/x/sys/unix" ) +// maxCopyChunk is the maximum size passed to copy_file_range per call, +// avoiding int overflow on 32-bit architectures. +const maxCopyChunk = 1 << 30 // 1 GiB + +// copyFile copies a file from source to target preserving sparse file holes. +// +// If the filesystem does not support SEEK_DATA/SEEK_HOLE, it falls back +// to a plain io.Copy. +func copyFile(target, source string) error { + src, err := os.Open(source) + if err != nil { + return fmt.Errorf("failed to open source %s: %w", source, err) + } + defer src.Close() + + fi, err := src.Stat() + if err != nil { + return fmt.Errorf("failed to stat source %s: %w", source, err) + } + size := fi.Size() + + tgt, err := os.Create(target) + if err != nil { + return fmt.Errorf("failed to open target %s: %w", target, err) + } + defer tgt.Close() + + if err := tgt.Truncate(size); err != nil { + return fmt.Errorf("failed to truncate target %s: %w", target, err) + } + + srcFd := int(src.Fd()) + + // Try a SEEK_DATA to check if the filesystem supports it. + // If not, fall back to a plain copy. + if _, err := unix.Seek(srcFd, 0, unix.SEEK_DATA); err != nil { + // ENXIO means no data in the file at all. In other words it's entirely sparse. + // The truncated target is already correct. + if errors.Is(err, syscall.ENXIO) { + return nil + } + + if errors.Is(err, syscall.EOPNOTSUPP) || errors.Is(err, syscall.ENOTSUP) || errors.Is(err, syscall.EINVAL) { + // Filesystem doesn't support SEEK_DATA/SEEK_HOLE. Fall back to a plain copy. + src.Close() + tgt.Close() + return openAndCopyFile(target, source) + } + + return fmt.Errorf("failed to seek data in source %s: %w", source, err) + } + + // Copy data regions from source to target, skipping holes. + var offset int64 + tgtFd := int(tgt.Fd()) + + for offset < size { + dataStart, err := unix.Seek(srcFd, offset, unix.SEEK_DATA) + if err != nil { + // No more data past offset. Remainder of file is a hole. + if errors.Is(err, syscall.ENXIO) { + break + } + return fmt.Errorf("SEEK_DATA failed at offset %d: %w", offset, err) + } + + // Find the end of this data region (start of next hole). + holeStart, err := unix.Seek(srcFd, dataStart, unix.SEEK_HOLE) + if err != nil { + // ENXIO shouldn't happen after a successful SEEK_DATA, but + // treat it as data extending to end of file. + if errors.Is(err, syscall.ENXIO) { + holeStart = size + } else { + return fmt.Errorf("SEEK_HOLE failed at offset %d: %w", dataStart, err) + } + } + + // Copy the data region [dataStart, holeStart). + srcOff := dataStart + tgtOff := dataStart + remain := holeStart - dataStart + + for remain > 0 { + chunk := remain + if chunk > maxCopyChunk { + chunk = maxCopyChunk + } + + n, err := unix.CopyFileRange(srcFd, &srcOff, tgtFd, &tgtOff, int(chunk), 0) + if err != nil { + // Fall back to a plain copy if copy_file_range is not supported + // across the source and target filesystems. + if errors.Is(err, syscall.EXDEV) || errors.Is(err, syscall.ENOSYS) || errors.Is(err, syscall.EOPNOTSUPP) { + src.Close() + tgt.Close() + return openAndCopyFile(target, source) + } + return fmt.Errorf("copy_file_range failed: %w", err) + } + if n == 0 { + return fmt.Errorf("copy_file_range returned 0 with %d bytes remaining", remain) + } + remain -= int64(n) + } + + offset = holeStart + } + + if err := tgt.Sync(); err != nil { + return fmt.Errorf("failed to sync target %s: %w", target, err) + } + + return nil +} + func copyFileInfo(fi os.FileInfo, src, name string) error { st := fi.Sys().(*syscall.Stat_t) if err := os.Lchown(name, int(st.Uid), int(st.Gid)); err != nil { diff --git a/vendor/github.com/containerd/continuity/fs/copy_nondarwin.go b/vendor/github.com/containerd/continuity/fs/copy_nondarwin.go index 5f893d230..84a9d3fcc 100644 --- a/vendor/github.com/containerd/continuity/fs/copy_nondarwin.go +++ b/vendor/github.com/containerd/continuity/fs/copy_nondarwin.go @@ -1,4 +1,4 @@ -//go:build !darwin +//go:build !darwin && !linux /* Copyright The containerd Authors. diff --git a/vendor/github.com/containerd/continuity/fs/diff_linux.go b/vendor/github.com/containerd/continuity/fs/diff_linux.go index 376f13c2b..e8c670249 100644 --- a/vendor/github.com/containerd/continuity/fs/diff_linux.go +++ b/vendor/github.com/containerd/continuity/fs/diff_linux.go @@ -51,11 +51,11 @@ func overlayFSWhiteoutConvert(diffDir, path string, f os.FileInfo, changeFn Chan return false, nil } - maj, min, err := devices.DeviceInfo(f) + major, minor, err := devices.DeviceInfo(f) if err != nil { return false, err } - return (maj == 0 && min == 0), nil + return (major == 0 && minor == 0), nil } if f.IsDir() { diff --git a/vendor/github.com/containerd/continuity/fs/diff_unix.go b/vendor/github.com/containerd/continuity/fs/diff_unix.go index fe1b35dc6..44d652130 100644 --- a/vendor/github.com/containerd/continuity/fs/diff_unix.go +++ b/vendor/github.com/containerd/continuity/fs/diff_unix.go @@ -20,11 +20,13 @@ package fs import ( "bytes" + "errors" "fmt" "os" "syscall" "github.com/containerd/continuity/sysx" + "golang.org/x/sys/unix" ) // compareSysStat returns whether the stats are equivalent, @@ -45,11 +47,11 @@ func compareSysStat(s1, s2 interface{}) (bool, error) { func compareCapabilities(p1, p2 string) (bool, error) { c1, err := sysx.LGetxattr(p1, "security.capability") - if err != nil && err != sysx.ENODATA { + if err != nil && !errors.Is(err, unix.ENOTSUP) && !errors.Is(err, sysx.ENODATA) { return false, fmt.Errorf("failed to get xattr for %s: %w", p1, err) } c2, err := sysx.LGetxattr(p2, "security.capability") - if err != nil && err != sysx.ENODATA { + if err != nil && !errors.Is(err, unix.ENOTSUP) && !errors.Is(err, sysx.ENODATA) { return false, fmt.Errorf("failed to get xattr for %s: %w", p2, err) } return bytes.Equal(c1, c2), nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 0c3a77d7a..0e4beb330 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -160,7 +160,7 @@ github.com/containerd/containerd/v2/pkg/tracing github.com/containerd/containerd/v2/plugins github.com/containerd/containerd/v2/plugins/services github.com/containerd/containerd/v2/version -# github.com/containerd/continuity v0.4.5 +# github.com/containerd/continuity v0.5.0 ## explicit; go 1.21 github.com/containerd/continuity/devices github.com/containerd/continuity/fs