vendor: Update govmm

Update to commit 3c64244cbb, in particular to get these fixes which
are needed to work with qemu-6.0 and later:

https://github.com/kata-containers/govmm/pull/192
https://github.com/kata-containers/govmm/pull/194

Git log

d27256f (qmp: Don't use deprecated 'props' field for object-add, 2021-08-03)
d8cdf9a (qemu: Drop support for versions older than 5.0, 2021-08-03)
1b02192 (Use 'host_device' driver for blockdev backends, 2021-07-29)
9518675 (add support for "sandbox" feature to qemu, 2021-07-20)
335fa81 (qemu: fix golangci-lint errors, 2021-07-21)
61b6378 (.github/workflows: reimplement github actions CI, 2021-07-21)
9d6e797 (go: support go modules, 2021-07-21)
0d21263 (qemu: support read-only nvdimm, 2021-07-21)

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

src/runtime/go.mod

@@ -24,7 +24,7 @@ require (
 	github.com/gogo/protobuf v1.3.2
 	github.com/hashicorp/go-multierror v1.0.0
 	github.com/intel-go/cpuid v0.0.0-20210602155658-5747e5cec0d9
-	github.com/kata-containers/govmm v0.0.0-20210722115311-0173713ea912
+	github.com/kata-containers/govmm v0.0.0-20210804035756-3c64244cbb48
 	github.com/mdlayher/vsock v0.0.0-20191108225356-d9c65923cb8f
 	github.com/opencontainers/runc v1.0.1
 	github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417

src/runtime/go.sum

@@ -364,8 +364,8 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/kata-containers/govmm v0.0.0-20210722115311-0173713ea912 h1:Ejn4L5OXYbdgnh1ghmlKvTPEC1b415PQDsNhzA2kWLQ=
-github.com/kata-containers/govmm v0.0.0-20210722115311-0173713ea912/go.mod h1:A6QaNB6N6PRQ9mTRpFtUxiF5T5CJpzLALjxBrUQPlFI=
+github.com/kata-containers/govmm v0.0.0-20210804035756-3c64244cbb48 h1:+tb5btBYMjZ1C5zBqK7ygCb03yqZtC5Mz0W6riq6T5k=
+github.com/kata-containers/govmm v0.0.0-20210804035756-3c64244cbb48/go.mod h1:A6QaNB6N6PRQ9mTRpFtUxiF5T5CJpzLALjxBrUQPlFI=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=

src/runtime/vendor/github.com/kata-containers/govmm/qemu/qemu.go

@@ -2448,6 +2448,9 @@ type Config struct {
 	// CPUModel is the CPU model to be used by qemu.
 	CPUModel string
 
+	// SeccompSandbox is the qemu function which enables the seccomp feature
+	SeccompSandbox string
+
 	// Machine
 	Machine Machine
 
@@ -2524,6 +2527,13 @@ func (config *Config) appendFDs(fds []*os.File) []int {
 	return fdInts
 }
 
+func (config *Config) appendSeccompSandbox() {
+	if config.SeccompSandbox != "" {
+		config.qemuParams = append(config.qemuParams, "-sandbox")
+		config.qemuParams = append(config.qemuParams, config.SeccompSandbox)
+	}
+}
+
 func (config *Config) appendName() {
 	if config.Name != "" {
 		config.qemuParams = append(config.qemuParams, "-name")
@@ -2877,6 +2887,7 @@ func LaunchQemu(config Config, logger QMPLog) (string, error) {
 	config.appendPidFile()
 	config.appendLogFile()
 	config.appendFwCfg(logger)
+	config.appendSeccompSandbox()
 
 	if err := config.appendCPUs(); err != nil {
 		return "", err

src/runtime/vendor/github.com/kata-containers/govmm/qemu/qmp.go

@@ -719,6 +719,10 @@ func QMPStart(ctx context.Context, socket string, cfg QMPConfig, disconnectedCh
 		}
 	}
 
+	if q.version.Major < 5 {
+		return nil, nil, fmt.Errorf("govmm requires qemu version 5.0 or later, this is qemu (%d.%d)", q.version.Major, q.version.Minor)
+	}
+
 	return q, q.version, nil
 }
 
@@ -775,20 +779,13 @@ func (q *QMP) blockdevAddBaseArgs(device, blockdevID string, ro bool) (map[strin
 		"driver":    "raw",
 		"read-only": ro,
 		"file": map[string]interface{}{
-			"driver":   "file",
+			"driver":   "host_device",
 			"filename": device,
 		},
 	}
 
-	if q.version.Major > 2 || (q.version.Major == 2 && q.version.Minor >= 8) {
-		blockdevArgs["node-name"] = blockdevID
-		args = blockdevArgs
-	} else {
-		blockdevArgs["id"] = blockdevID
-		args = map[string]interface{}{
-			"options": blockdevArgs,
-		}
-	}
+	blockdevArgs["node-name"] = blockdevID
+	args = blockdevArgs
 
 	return args, blockdevArgs
 }
@@ -813,11 +810,6 @@ func (q *QMP) ExecuteBlockdevAdd(ctx context.Context, device, blockdevID string,
 func (q *QMP) ExecuteBlockdevAddWithCache(ctx context.Context, device, blockdevID string, direct, noFlush, ro bool) error {
 	args, blockdevArgs := q.blockdevAddBaseArgs(device, blockdevID, ro)
 
-	if q.version.Major < 2 || (q.version.Major == 2 && q.version.Minor < 9) {
-		return fmt.Errorf("versions of qemu (%d.%d) older than 2.9 do not support set cache-related options for block devices",
-			q.version.Major, q.version.Minor)
-	}
-
 	blockdevArgs["cache"] = map[string]interface{}{
 		"direct":   direct,
 		"no-flush": noFlush,
@@ -850,7 +842,7 @@ func (q *QMP) ExecuteDeviceAdd(ctx context.Context, blockdevID, devID, driver, b
 		args["bus"] = bus
 	}
 
-	if shared && (q.version.Major > 2 || (q.version.Major == 2 && q.version.Minor >= 10)) {
+	if shared {
 		args["share-rw"] = "on"
 	}
 	if transport.isVirtioPCI(nil) {
@@ -904,32 +896,22 @@ func (q *QMP) ExecuteSCSIDeviceAdd(ctx context.Context, blockdevID, devID, drive
 	if lun >= 0 {
 		args["lun"] = lun
 	}
-	if shared && (q.version.Major > 2 || (q.version.Major == 2 && q.version.Minor >= 10)) {
+	if shared {
 		args["share-rw"] = "on"
 	}
 
 	return q.executeCommand(ctx, "device_add", args, nil)
 }
 
-// ExecuteBlockdevDel deletes a block device by sending a x-blockdev-del command
-// for qemu versions < 2.9. It sends the updated blockdev-del command for qemu>=2.9.
-// blockdevID is the id of the block device to be deleted.  Typically, this will
-// match the id passed to ExecuteBlockdevAdd.  It must be a valid QMP id.
+// ExecuteBlockdevDel deletes a block device by sending blockdev-del
+// command.  blockdevID is the id of the block device to be deleted.
+// Typically, this will match the id passed to ExecuteBlockdevAdd.  It
+// must be a valid QMP id.
 func (q *QMP) ExecuteBlockdevDel(ctx context.Context, blockdevID string) error {
 	args := map[string]interface{}{}
 
-	if q.version.Major > 2 || (q.version.Major == 2 && q.version.Minor >= 9) {
-		args["node-name"] = blockdevID
-		return q.executeCommand(ctx, "blockdev-del", args, nil)
-	}
-
-	if q.version.Major == 2 && q.version.Minor == 8 {
-		args["node-name"] = blockdevID
-	} else {
-		args["id"] = blockdevID
-	}
-
-	return q.executeCommand(ctx, "x-blockdev-del", args, nil)
+	args["node-name"] = blockdevID
+	return q.executeCommand(ctx, "blockdev-del", args, nil)
 }
 
 // ExecuteChardevDel deletes a char device by sending a chardev-remove command.
@@ -1104,7 +1086,7 @@ func (q *QMP) ExecutePCIDeviceAdd(ctx context.Context, blockdevID, devID, driver
 	if bus != "" {
 		args["bus"] = bus
 	}
-	if shared && (q.version.Major > 2 || (q.version.Major == 2 && q.version.Minor >= 10)) {
+	if shared {
 		args["share-rw"] = "on"
 	}
 	if queues > 0 {
@@ -1240,10 +1222,7 @@ func isThreadIDSupported(driver string) bool {
 
 // isDieIDSupported returns if the cpu driver and the qemu version support the die id option
 func (q *QMP) isDieIDSupported(driver string) bool {
-	if (q.version.Major > 4 || (q.version.Major == 4 && q.version.Minor >= 1)) && driver == "host-x86_64-cpu" {
-		return true
-	}
-	return false
+	return driver == "host-x86_64-cpu"
 }
 
 // ExecuteCPUDeviceAdd adds a CPU to a QEMU instance using the device_add command.
@@ -1387,17 +1366,16 @@ func (q *QMP) ExecQueryCpusFast(ctx context.Context) ([]CPUInfoFast, error) {
 
 // ExecMemdevAdd adds size of MiB memory device to the guest
 func (q *QMP) ExecMemdevAdd(ctx context.Context, qomtype, id, mempath string, size int, share bool, driver, driverID, addr, bus string) error {
-	props := map[string]interface{}{"size": uint64(size) << 20}
 	args := map[string]interface{}{
 		"qom-type": qomtype,
 		"id":       id,
-		"props":    props,
+		"size":     uint64(size) << 20,
 	}
 	if mempath != "" {
-		props["mem-path"] = mempath
+		args["mem-path"] = mempath
 	}
 	if share {
-		props["share"] = true
+		args["share"] = true
 	}
 	err := q.executeCommand(ctx, "object-add", args, nil)
 	if err != nil {
@@ -1447,18 +1425,13 @@ func (q *QMP) ExecuteNVDIMMDeviceAdd(ctx context.Context, id, mempath string, si
 	args := map[string]interface{}{
 		"qom-type": "memory-backend-file",
 		"id":       "nvdimmbackmem" + id,
-		"props": map[string]interface{}{
-			"mem-path": mempath,
-			"size":     size,
-			"share":    true,
-		},
+		"mem-path": mempath,
+		"size":     size,
+		"share":    true,
 	}
 
-	if q.version.Major > 4 || (q.version.Major == 4 && q.version.Minor >= 1) {
-		if pmem != nil {
-			props := args["props"].(map[string]interface{})
-			props["pmem"] = *pmem
-		}
+	if pmem != nil {
+		args["pmem"] = *pmem
 	}
 
 	err := q.executeCommand(ctx, "object-add", args, nil)

src/runtime/vendor/modules.txt

@@ -249,7 +249,7 @@ github.com/imdario/mergo
 # github.com/intel-go/cpuid v0.0.0-20210602155658-5747e5cec0d9
 ## explicit
 github.com/intel-go/cpuid
-# github.com/kata-containers/govmm v0.0.0-20210722115311-0173713ea912
+# github.com/kata-containers/govmm v0.0.0-20210804035756-3c64244cbb48
 ## explicit
 github.com/kata-containers/govmm/qemu
 # github.com/klauspost/compress v1.11.13