summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSebastian Hamann <code@ares-macrotechnology.com>2020-06-13 15:03:52 +0200
committerJoonas Niilola <juippis@gentoo.org>2020-09-07 21:18:33 +0300
commit69eb27243a3c16d35dab1ed185ba59dce21ac25a (patch)
tree1e8e7a37b81559f1f7f27538f14054415ff7da30 /app-emulation/firecracker-bin
parentdev-util/gtk-doc: ppc64 stable (bug #736727) (diff)
downloadgentoo-69eb27243a3c16d35dab1ed185ba59dce21ac25a.tar.gz
gentoo-69eb27243a3c16d35dab1ed185ba59dce21ac25a.tar.bz2
gentoo-69eb27243a3c16d35dab1ed185ba59dce21ac25a.zip
app-emulation/firecracker-bin: new package
Install upsteam's firecracker and jailer binaries (statically linked against musl). As of version 0.22.0, seccomp filters only work on musl builds. Closes: https://bugs.gentoo.org/728124 Signed-off-by: Sebastian Hamann <code@ares-macrotechnology.com> Closes: https://github.com/gentoo/gentoo/pull/16219 Signed-off-by: Joonas Niilola <juippis@gentoo.org>
Diffstat (limited to 'app-emulation/firecracker-bin')
-rw-r--r--app-emulation/firecracker-bin/Manifest4
-rw-r--r--app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild82
-rw-r--r--app-emulation/firecracker-bin/metadata.xml12
3 files changed, 98 insertions, 0 deletions
diff --git a/app-emulation/firecracker-bin/Manifest b/app-emulation/firecracker-bin/Manifest
new file mode 100644
index 000000000000..a7c0eeefd34d
--- /dev/null
+++ b/app-emulation/firecracker-bin/Manifest
@@ -0,0 +1,4 @@
+DIST firecracker-v0.22.0-aarch64 1615168 BLAKE2B 56965a1999038e9b59e37230177812b936ad1b3cba91b6f805a1a6ecc81903f093c13b75ff78c8720d67596bdd71378cc757bda0b6061e3fb4d62607e299b065 SHA512 fb42bc5ecd0af487490f2c4bd3804d2430263740bbdec66c063d9b6c865d6b9c42b31cafb78d4a0cc40c11cc5242608b9d30676e55ac2b8dcb05d5f3db535bdf
+DIST firecracker-v0.22.0-x86_64 1657736 BLAKE2B 84dbe8db596017e312fad1cd3c72d1b5d7306ad400a320431c8cae5b901b534f2735ac75cb5b9133c6c6f2603b877e4842d54165972a46df4193fbbc513c3b2d SHA512 ac9544e8b770ff7a0c9234feb3154522bd6163f3903993cd019cc4abaa90ad24447f18e65e1022aafb7274ca97281286f898a50ac9f27c7f661d48df52d7fd08
+DIST jailer-v0.22.0-aarch64 1322088 BLAKE2B 72db7eba02371af2a53b6ebd8c9fb909bd027cdd2b4207e0b2a02febe587780f9aa3be665b37580907ab8a58d8745cbcda90a85bda56a42b2eb8be9a931af13f SHA512 86ca629b3060cefa9e31292844486c6d9b6fa0538b6d515e4cbb07fa4a675ce93d5f87fcd769f62aea0df029cdbd7a5055a282b8344ed35d895606aca7f22a14
+DIST jailer-v0.22.0-x86_64 1427600 BLAKE2B 7ab09cce8963c89dae7c89c3a2d1dc582fdf8c11c3e051deb08c70fd2995a2154c493432e39851bebc62c1f6a9f98cfc9a9fa4107c5d9cf8ba940d4bb3349d86 SHA512 f2dcaee775cd1cdea4c1c1f6e89b82ba6636ab065291b704faaa836f864f14802a56af76ce397d7f98e9420d55720dc4459ae4443babfc7bb16d64dde11cb854
diff --git a/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild
new file mode 100644
index 000000000000..a54445d88b2c
--- /dev/null
+++ b/app-emulation/firecracker-bin/firecracker-bin-0.22.0.ebuild
@@ -0,0 +1,82 @@
+# Copyright 2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit linux-info
+
+DESCRIPTION="Secure and fast microVMs for serverless computing (static build)"
+HOMEPAGE="https://firecracker-microvm.github.io https://github.com/firecracker-microvm/firecracker"
+SRC_URI="
+ amd64? (
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-x86_64
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-x86_64
+ )
+ arm64? (
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/firecracker-v${PV}-aarch64
+ https://github.com/firecracker-microvm/firecracker/releases/download/v${PV}/jailer-v${PV}-aarch64
+ )"
+
+LICENSE="|| ( Apache-2.0 MIT Apache-2.0-with-LLVM-exceptions ) MPL-2.0"
+SLOT="0"
+KEYWORDS="-* ~amd64"
+
+RESTRICT="test strip"
+
+RDEPEND="!app-emulation/firecracker
+ acct-group/kvm"
+
+QA_PREBUILT="/usr/bin/firecracker
+ /usr/bin/jailer"
+
+S="${WORKDIR}"
+
+pkg_pretend() {
+ if use kernel_linux && kernel_is lt 4 14; then
+ eerror "Firecracker requires a host kernel of 4.14 or higher."
+ elif use kernel_linux; then
+ if ! linux_config_exists; then
+ eerror "Unable to check your kernel for KVM support"
+ else
+ CONFIG_CHECK="~KVM ~TUN ~BRIDGE ~VHOST_VSOCK"
+ ERROR_KVM="You must enable KVM in your kernel to continue"
+ ERROR_KVM_AMD="If you have an AMD CPU, you must enable KVM_AMD in"
+ ERROR_KVM_AMD+=" your kernel configuration."
+ ERROR_KVM_INTEL="If you have an Intel CPU, you must enable"
+ ERROR_KVM_INTEL+=" KVM_INTEL in your kernel configuration."
+ ERROR_TUN="You will need the Universal TUN/TAP driver compiled"
+ ERROR_TUN+=" into your kernel or loaded as a module to use"
+ ERROR_TUN+=" virtual network devices."
+ ERROR_BRIDGE="You will also need support for 802.1d"
+ ERROR_BRIDGE+=" Ethernet Bridging for some network configurations."
+ ERROR_VHOST_VSOCK="To use AF_VSOCK sockets for communication"
+ ERROR_VHOST_VSOCK+=" between host and guest, you will need to enable"
+ ERROR_VHOST_VSOCK+=" the vhost virtio-vsock driver in your kernel."
+
+ if use amd64 || use amd64-linux; then
+ if grep -q AuthenticAMD /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_AMD"
+ elif grep -q GenuineIntel /proc/cpuinfo; then
+ CONFIG_CHECK+=" ~KVM_INTEL"
+ fi
+ fi
+
+ # Now do the actual checks setup above
+ check_extra_config
+ fi
+ fi
+}
+
+src_unpack() { :; }
+src_compile() { :; }
+
+src_install() {
+ if use amd64; then
+ my_arch=x86_64
+ elif use arm64; then
+ my_arch=aarch64
+ fi
+
+ newbin "${DISTDIR}/firecracker-v${PV}-${my_arch}" firecracker
+ newbin "${DISTDIR}/jailer-v${PV}-${my_arch}" jailer
+}
diff --git a/app-emulation/firecracker-bin/metadata.xml b/app-emulation/firecracker-bin/metadata.xml
new file mode 100644
index 000000000000..7f6b797d9b1f
--- /dev/null
+++ b/app-emulation/firecracker-bin/metadata.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>gentoo-bugs@ares-macrotechnology.com</email>
+ <name>Sebastian Hamann</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-maint@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+</pkgmetadata>