4df5d394e8
Done as follows:
find -name build.yml | xargs dirname | while read d ; do
t=$(linuxkit pkg show-tag $d)
./scripts/update-component-sha.sh --image ${t%:*} ${t#*:}
done
git commit -s test pkg tools blueprints examples projects/kubernetes projects/swarmd docs linuxkit.yml Makefile src
This explicitly excludes projects/* which I did not know whether to update.
Then:
git reset --hard
for i in init runc containerd ca-certificates sysctl dhcpcd getty rngd ; do
o=$(git grep -h "\(image:\|-\) *linuxkit/$i:[0-9a-f]\{40\}" origin/master:linuxkit.yml | awk '// { print $2 }')
n=$(linuxkit pkg show-tag pkg/$i)
./scripts/update-component-sha.sh "$o" "$n"
done
git commit --amend projects
This updates any projects which were using components with the same hash as the
top-level linuxkit.yml.
Signed-off-by: Ian Campbell <ijc@docker.com>
Memorizer
Memorizer is a tool to trace fine-grained intra-kernel operations. The goal is to track interactions with memory objects for the purpose of analyzing fine-grained interactions amongst components and execution contexts. Memorizer tracks the following object operations: creation (alloc), destruction (free), modify (store), access (load), call, and return.
Nathan D. ([@ndauten]) presented the umbrella project, Opportunistic Privilege Separation (OPS), and Memorizer at the 7/9/17 LinuxKit SIG and slides
Usage
See manual usage docs. Be careful though because if the event queues are not drained then the system will run out of memory.
For controlled use see script + readme. This script is not automatically inserted into the runtime yet.
Issues
-
KASAN is reporting some errors within itself. This is noisy. Can reduce the console log output level to < 3, e.g.,
echo 3 > /proc/sys/kernel/printk -
Source should be included soon, but for now there is an image on Docker Hub.