Skip to content

Update balena engine to v25.0.14#3828

Draft
klutchell wants to merge 8 commits intomasterfrom
kyle/balena-v25
Draft

Update balena engine to v25.0.14#3828
klutchell wants to merge 8 commits intomasterfrom
kyle/balena-v25

Conversation

@klutchell
Copy link
Copy Markdown
Contributor

@klutchell klutchell commented Mar 24, 2026
edited
Loading

Balena engine v25 requires Go 1.23+. OE-Core skipped 1.23 entirely
(scarthgap=1.22, walnascar=1.24), so we adopt the upstream-validated
walnascar Go 1.24.6 recipes rather than hand-rolling untested 1.23
patches.

This release removes support for aufs to overlay migration.

generic-aarch64 binary sizes

  • /usr/bin/balena-engine is 51,724,928 bytes (~49.3 MiB).

    • Size: 51,724,928 bytes (49.3 MB)
    • Blocks: 101,032 (512-byte blocks)

  • /usr/bin/balena-engine in generic-aarch64-6.12.1-v17.6.3.img: 46,930,320 bytes (~44.8 MiB)

Image Size Delta
generic-aarch64-6.12.1-v17.6.3.img 46,930,320 bytes (44.8 MiB)
balena.img 51,724,928 bytes (49.3 MiB) +4.8 MiB (+10.2%)

Device CI Runs

Raspberry Pi 5

https://github.com/balena-os/balena-raspberrypi/actions/runs/23509631407
https://dashboard.balena-cloud.com/apps/2086169/releases/3973707/summary
balena device os-update <uuid> --version 6.10.24-1774386961231+rev3

Raspberry Pi 4 (64-bit)

  1. https://github.com/balena-os/balena-raspberrypi/actions/runs/23544936579
    https://dashboard.balena-cloud.com/apps/1520936/releases/3975396/summary
    balena device os-update <uuid> --version 6.10.24-1774451131517+rev3

  2. https://github.com/balena-os/balena-raspberrypi/actions/runs/23912572572
    https://dashboard.balena-cloud.com/apps/1520936/releases/3993567/summary
    balena device os-update <uuid> --version 6.12.3-1775172682413

Raspberry Pi 3 (32-bit)

  1. https://github.com/balena-os/balena-raspberrypi/actions/runs/23545071329
    https://dashboard.balena-cloud.com/apps/1520929/releases/3975288/summary
    balena device os-update <uuid> --version 6.10.24-1774449316688+rev3

  2. https://github.com/balena-os/balena-raspberrypi/actions/runs/23759759474
    https://dashboard.balena-cloud.com/apps/1520929/releases/3985989/summary
    balena device os-update <uuid> --version 6.10.24-1774901221084+rev4

IOT-GATE-iMX8PLUS 2G-4G DRAM

https://github.com/balena-os/balena-iot-gate-imx8plus/actions/runs/23509998923
https://dashboard.balena-cloud.com/apps/2025310/releases/3973585/summary
balena device os-update <uuid> --version 6.11.11-1774384416873+rev2

Generic AARCH64

https://github.com/balena-os/balena-generic/actions/runs/23511274177
https://dashboard.balena-cloud.com/apps/1520901/releases/3973901/summary
balena device os-update <uuid> --version 6.12.1-1774396298472

Generic x84-64 GPT

https://github.com/balena-os/balena-generic/actions/runs/23511283788
https://dashboard.balena-cloud.com/apps/1956990/releases/3973775/summary
balena device os-update <uuid> --version 6.12.1-1774389671255

Contributor checklist

Reviewer Guidelines

  • When submitting a review, please pick:
    • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
    • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
    • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)

@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:15 — with GitHub Actions Inactive
@klutchell klutchell had a problem deploying to sign.balena-cloud.com March 24, 2026 14:16 — with GitHub Actions Error
@flowzone-app
Copy link
Copy Markdown
Contributor

flowzone-app bot commented Mar 24, 2026
edited
Loading

Website deployed to CF Pages, 👀 preview link https://b7c7e519.balena-os.pages.dev

@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:29 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:29 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:30 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:30 — with GitHub Actions Inactive
@klutchell klutchell temporarily deployed to balena-cloud.com March 24, 2026 14:30 — with GitHub Actions Inactive
@klutchell
balena: Update dynbinary-use-go-cross-compiler patch for moby v23
4879d9a 
Copied from mickledore branch of meta-virtualization.

Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Update balena-engine to v23.0.18 development branch
564799e 
Includes runc 1.2.8 with security fixes:
- CVE-2025-31133: Fixed race condition in /etc/hosts handling
- CVE-2025-52565: Fixed container breakout via /proc/self/fd
- CVE-2025-52881: Fixed TOCTOU vulnerability in rootfs handling

Includes librsync-go 0.9.0 with performance improvements to delta generation:
- delta: read more than 1 byte when possible
- bufferize signature output

Change-type: minor
Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Update balena engine to v25.0.14
fe1822d 
This release removes support for aufs to overlay migration.

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Update patches from meta-virtualization scarthgap
2d22f21 
Update dynbinary-use-go-cross-compiler patch from the meta-virtualization
scarthgap branch for moby v25 compatibility

Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Set GOTOOLCHAIN=local to disable runtime downloads at build time
8bc5dcf 
Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
go: Upgrade to 1.24.6 from upstream walnascar recipes
ace3cd1 
Balena engine v25 requires Go 1.23+. OE-Core skipped 1.23 entirely
(scarthgap=1.22, walnascar=1.24), so we adopt the upstream-validated
walnascar Go 1.24.6 recipes rather than hand-rolling untested 1.23
patches.

Changes from scarthgap 1.22.12:
- New source checksums and license md5 for Go 1.24.6
- Remove GOROOT_FINAL (Go 1.24 uses dynamic GOROOT discovery)
- Add -trimpath to shared lib install for reproducibility
- Add patch 0010 (GOROOT trimpath fix for shared builds)
- Add patch 6d265b (remove forced binutils-gold on aarch64)
- Drop 14 CVE patches (all fixed upstream in 1.24.6)
- Update line offsets in 9 existing patches

go-crosssdk.inc and go-cross-canadian.inc are intentionally kept at
scarthgap versions to preserve SDK dependency naming compatibility.

Change-type: patch
Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Remove aufs-to-overlay2 storage migration drop-in
c0ea0d9 
Engine v25 removes aufs support entirely, making the
BALENA_MIGRATE_OVERLAY env var a no-op. Remove the systemd drop-in
that set it and its install logic from the recipe.

Change-type: patch
Signed-off-by: Kyle Harding <kyle@balena.io>
@klutchell
balena: Remove aufs as a supported storage driver
7e72607 
Engine v25 drops aufs support. Update the sanity check to only accept
overlay2, remove the conditional aufs-util-auplink dependency from the
packagegroup, and fix the stale comment in balena-os.inc.

Change-type: patch
Signed-off-by: Kyle Harding <kyle@balena.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@klutchell