diff --git a/0001-config-remove-unused-config.patch b/0000-config-remove-unused-config.patch similarity index 100% rename from 0001-config-remove-unused-config.patch rename to 0000-config-remove-unused-config.patch diff --git a/0001-fix-modify-quota-log-level-to-warning.patch b/0001-fix-modify-quota-log-level-to-warning.patch new file mode 100644 index 0000000..f9d65aa --- /dev/null +++ b/0001-fix-modify-quota-log-level-to-warning.patch @@ -0,0 +1,26 @@ +From bff7af04d7bcc17297196ee5e9620fd3c4c52427 Mon Sep 17 00:00:00 2001 +From: lifeng68 +Date: Fri, 18 Sep 2020 11:26:57 +0800 +Subject: [PATCH 01/10] fix: modify quota log level to warning + +Signed-off-by: lifeng68 +--- + .../oci/storage/layer_store/graphdriver/quota/project_quota.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/quota/project_quota.c b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/quota/project_quota.c +index 8efe709..c7526b7 100644 +--- a/src/daemon/modules/image/oci/storage/layer_store/graphdriver/quota/project_quota.c ++++ b/src/daemon/modules/image/oci/storage/layer_store/graphdriver/quota/project_quota.c +@@ -334,7 +334,7 @@ static int get_quota_stat(const char *backing_fs_blockdev) + + ret = quotactl(QCMD(Q_XGETQSTAT, FS_PROJ_QUOTA), backing_fs_blockdev, 0, (caddr_t)&fs_quota_stat_info); + if (ret != 0) { +- SYSERROR("Failed to get quota stat on %s", backing_fs_blockdev); ++ SYSWARN("Failed to get quota stat on %s", backing_fs_blockdev); + return ret; + } + +-- +2.25.1 + diff --git a/0002-fix-memory-leak.patch b/0002-fix-memory-leak.patch new file mode 100644 index 0000000..456ac1f --- /dev/null +++ b/0002-fix-memory-leak.patch @@ -0,0 +1,35 @@ +From 1c292f4e0cd854a08051bbaae205d7868966058b Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Fri, 11 Sep 2020 10:07:17 +0800 +Subject: [PATCH 02/10] fix memory leak + +Signed-off-by: WangFengTu +--- + src/daemon/modules/image/oci/registry/certs.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/daemon/modules/image/oci/registry/certs.c b/src/daemon/modules/image/oci/registry/certs.c +index 68ad549..7808d3f 100644 +--- a/src/daemon/modules/image/oci/registry/certs.c ++++ b/src/daemon/modules/image/oci/registry/certs.c +@@ -79,7 +79,7 @@ static int load_certs(const char *path, const char *name, bool use_decrypted_key + return -1; + } + +- if (ca_file != NULL && util_has_suffix(name, CA_SUFFIX)) { ++ if (*ca_file != NULL && util_has_suffix(name, CA_SUFFIX)) { + *ca_file = util_path_join(path, name); + if (*ca_file == NULL) { + ret = -1; +@@ -87,7 +87,7 @@ static int load_certs(const char *path, const char *name, bool use_decrypted_key + goto out; + } + goto out; +- } else if (cert_file != NULL && *cert_file == NULL && util_has_suffix(name, CLIENT_CERT_SUFFIX)) { ++ } else if (*cert_file != NULL && *key_file == NULL && util_has_suffix(name, CLIENT_CERT_SUFFIX)) { + key_name = corresponding_key_name(name); + if (key_name == NULL) { + ERROR("find corresponding key name for cert failed"); +-- +2.25.1 + diff --git a/0003-fix-security-opt-parsing-access-out-of-bounds.patch b/0003-fix-security-opt-parsing-access-out-of-bounds.patch new file mode 100644 index 0000000..016d0a9 --- /dev/null +++ b/0003-fix-security-opt-parsing-access-out-of-bounds.patch @@ -0,0 +1,76 @@ +From 3d1e3499794efe10891fe656a6e0b8847fee6558 Mon Sep 17 00:00:00 2001 +From: wujing +Date: Fri, 11 Sep 2020 09:45:20 +0800 +Subject: [PATCH 03/10] fix: security-opt parsing access out of bounds + +Signed-off-by: wujing +--- + src/client/connect/pack_config.c | 43 +++++--------------------------- + 1 file changed, 6 insertions(+), 37 deletions(-) + +diff --git a/src/client/connect/pack_config.c b/src/client/connect/pack_config.c +index fbcd7b4..0e4224d 100644 +--- a/src/client/connect/pack_config.c ++++ b/src/client/connect/pack_config.c +@@ -1178,25 +1178,10 @@ erro_out: + } + static int append_no_new_privileges_to_security_opts(host_config *dstconfig) + { +- int ret = 0; +- size_t new_size, old_size; +- char **tmp_security_opt = NULL; +- +- if (dstconfig->security_opt_len > (SIZE_MAX / sizeof(char *)) - 1) { +- COMMAND_ERROR("Out of memory"); +- return -1; +- } +- new_size = (dstconfig->security_opt_len + 1) * sizeof(char *); +- old_size = dstconfig->security_opt_len * sizeof(char *); +- ret = mem_realloc((void **)(&tmp_security_opt), new_size, (void *)dstconfig->security_opt, old_size); +- if (ret != 0) { +- COMMAND_ERROR("Out of memory"); +- return ret; +- } +- dstconfig->security_opt = tmp_security_opt; +- dstconfig->security_opt[dstconfig->security_opt_len++] = util_strdup_s("no-new-privileges"); ++ dstconfig->security_opt[dstconfig->security_opt_len] = util_strdup_s("no-new-privileges"); ++ dstconfig->security_opt_len++; + +- return ret; ++ return 0; + } + + static int append_seccomp_to_security_opts(const char *full_opt, const char *seccomp_file, host_config *dstconfig) +@@ -1264,26 +1249,10 @@ out: + + static int append_selinux_label_to_security_opts(const char *selinux_label, host_config *dstconfig) + { +- int ret = 0; +- size_t new_size; +- size_t old_size; +- char **tmp_security_opt = NULL; +- +- if (dstconfig->security_opt_len > (SIZE_MAX / sizeof(char *)) - 1) { +- COMMAND_ERROR("Too large security options"); +- return -1; +- } +- new_size = (dstconfig->security_opt_len + 1) * sizeof(char *); +- old_size = dstconfig->security_opt_len * sizeof(char *); +- ret = mem_realloc((void **)(&tmp_security_opt), new_size, (void *)dstconfig->security_opt, old_size); +- if (ret != 0) { +- COMMAND_ERROR("Out of memory"); +- return ret; +- } +- dstconfig->security_opt = tmp_security_opt; +- dstconfig->security_opt[dstconfig->security_opt_len++] = util_strdup_s(selinux_label); ++ dstconfig->security_opt[dstconfig->security_opt_len] = util_strdup_s(selinux_label); ++ dstconfig->security_opt_len++; + +- return ret; ++ return 0; + } + + static int parse_security_opts(const isula_host_config_t *srcconfig, host_config *dstconfig) +-- +2.25.1 + diff --git a/0004-fix-delete-rootfs-dir-when-rootfs-load-failed.patch b/0004-fix-delete-rootfs-dir-when-rootfs-load-failed.patch new file mode 100644 index 0000000..2f43fd5 --- /dev/null +++ b/0004-fix-delete-rootfs-dir-when-rootfs-load-failed.patch @@ -0,0 +1,47 @@ +From 78bb878f4997b0a067888c13ce8bfc93133a9190 Mon Sep 17 00:00:00 2001 +From: wujing +Date: Fri, 11 Sep 2020 10:56:06 +0800 +Subject: [PATCH 04/10] fix: delete rootfs dir when rootfs load failed + +Signed-off-by: wujing +--- + .../image/oci/storage/rootfs_store/rootfs_store.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c b/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c +index 22a194c..acf4c51 100644 +--- a/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c ++++ b/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c +@@ -218,7 +218,7 @@ static int get_containers_from_json() + + for (i = 0; i < container_dirs_num; i++) { + if (util_reg_match(id_patten, container_dirs[i]) != 0) { +- DEBUG("Container's json is placed inside container's data directory, so skip any other file or directory: %s", ++ WARN("Container's json is placed inside container's data directory, so skip any other file or directory: %s", + container_dirs[i]); + continue; + } +@@ -227,14 +227,15 @@ static int get_containers_from_json() + nret = snprintf(container_path, sizeof(container_path), "%s/%s", g_rootfs_store->dir, container_dirs[i]); + if (nret < 0 || (size_t)nret >= sizeof(container_path)) { + ERROR("Failed to get container path"); +- ret = -1; +- goto out; ++ continue; + } + + if (append_container_by_directory(container_path) != 0) { +- ERROR("Found container path but load json failed: %s", container_dirs[i]); +- ret = -1; +- goto out; ++ ERROR("Found container path but load json failed: %s, deleting...", container_path); ++ if (util_recursive_rmdir(container_path, 0) != 0) { ++ ERROR("Failed to delete rootfs directory : %s", container_path); ++ } ++ continue; + } + } + +-- +2.25.1 + diff --git a/0005-fix-code-review.patch b/0005-fix-code-review.patch new file mode 100644 index 0000000..0585f3d --- /dev/null +++ b/0005-fix-code-review.patch @@ -0,0 +1,79 @@ +From cd6d4fb431a50611b5f401f100a5cb8da9f0a971 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Fri, 11 Sep 2020 11:39:27 +0800 +Subject: [PATCH 05/10] fix code review + +Signed-off-by: WangFengTu +--- + src/client/libisula.c | 5 ++++- + src/cmd/isula/client_arguments.c | 3 +++ + src/cmd/isula/images/login.c | 2 ++ + src/cmd/isula/images/login.h | 4 ++-- + 4 files changed, 11 insertions(+), 3 deletions(-) + +diff --git a/src/client/libisula.c b/src/client/libisula.c +index 12b7ac5..67f44a7 100644 +--- a/src/client/libisula.c ++++ b/src/client/libisula.c +@@ -489,6 +489,9 @@ void isula_top_response_free(struct isula_top_response *response) + free(response->titles); + response->titles = NULL; + ++ free(response->errmsg); ++ response->errmsg = NULL; ++ + if (response->processes_len && response->processes != NULL) { + size_t i; + for (i = 0; i < response->processes_len; i++) { +@@ -1491,4 +1494,4 @@ void container_events_format_free(container_events_format_t *value) + value->annotations = NULL; + + free(value); +-} +\ No newline at end of file ++} +diff --git a/src/cmd/isula/client_arguments.c b/src/cmd/isula/client_arguments.c +index 7160ea7..894a45b 100644 +--- a/src/cmd/isula/client_arguments.c ++++ b/src/cmd/isula/client_arguments.c +@@ -148,6 +148,9 @@ void client_arguments_free(struct client_arguments *args) + return; + } + ++ free_sensitive_string(args->username); ++ free_sensitive_string(args->password); ++ + free(args->name); + args->name = NULL; + +diff --git a/src/cmd/isula/images/login.c b/src/cmd/isula/images/login.c +index 32d6ea9..564097f 100644 +--- a/src/cmd/isula/images/login.c ++++ b/src/cmd/isula/images/login.c +@@ -216,6 +216,8 @@ int cmd_login_main(int argc, const char **argv) + } + + ret = client_login(&g_cmd_login_args); ++ free_sensitive_string(g_cmd_login_args.username); ++ free_sensitive_string(g_cmd_login_args.password); + if (ret != 0) { + exit(exit_code); + } +diff --git a/src/cmd/isula/images/login.h b/src/cmd/isula/images/login.h +index dad619a..5f9a676 100644 +--- a/src/cmd/isula/images/login.h ++++ b/src/cmd/isula/images/login.h +@@ -25,8 +25,8 @@ extern "C" { + #endif + + #define LOGIN_OPTIONS(cmdargs) \ +- { CMD_OPT_TYPE_STRING, false, "username", 'u', &(cmdargs).username, "Username", NULL }, \ +- { CMD_OPT_TYPE_STRING, false, "password", 'p', &(cmdargs).password, "Password", NULL }, \ ++ { CMD_OPT_TYPE_STRING_DUP, false, "username", 'u', &(cmdargs).username, "Username", NULL }, \ ++ { CMD_OPT_TYPE_STRING_DUP, false, "password", 'p', &(cmdargs).password, "Password", NULL }, \ + { CMD_OPT_TYPE_BOOL, \ + false, \ + "password-stdin", \ +-- +2.25.1 + diff --git a/0006-fix-pull-failure-caused-by-link-conflict.patch b/0006-fix-pull-failure-caused-by-link-conflict.patch new file mode 100644 index 0000000..60568d8 --- /dev/null +++ b/0006-fix-pull-failure-caused-by-link-conflict.patch @@ -0,0 +1,26 @@ +From bda70bc306d650060c699154f398226b5c7cc90f Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Mon, 14 Sep 2020 15:56:56 +0800 +Subject: [PATCH 06/10] fix pull failure caused by link conflict + +Signed-off-by: WangFengTu +--- + src/daemon/modules/image/oci/registry/registry.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/daemon/modules/image/oci/registry/registry.c b/src/daemon/modules/image/oci/registry/registry.c +index 77b4d02..c892780 100644 +--- a/src/daemon/modules/image/oci/registry/registry.c ++++ b/src/daemon/modules/image/oci/registry/registry.c +@@ -1212,6 +1212,8 @@ static int add_fetch_task(thread_fetch_info *info) + goto out; + } + } ++ // retry get cached layer after some time of unlock ++ cache = get_cached_layer(info->blob_digest); + } + + ret = add_cached_layer(info->blob_digest, info->file); +-- +2.25.1 + diff --git a/0007-image-clear-memory-if-failed.patch b/0007-image-clear-memory-if-failed.patch new file mode 100644 index 0000000..93bef55 --- /dev/null +++ b/0007-image-clear-memory-if-failed.patch @@ -0,0 +1,34 @@ +From 6e56e6d496ec6e28f9371e21a633f820bb95b141 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Tue, 15 Sep 2020 10:52:20 +0800 +Subject: [PATCH 07/10] image: clear memory if failed + +create layer failed, to clear memory data + +Signed-off-by: haozi007 +--- + .../modules/image/oci/storage/layer_store/layer_store.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +index 934ec35..cf37bf9 100644 +--- a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c ++++ b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +@@ -1246,12 +1246,12 @@ int layer_store_create(const char *id, const struct layer_opts *opts, const stru + l = lookup(lid); + if (l == NULL) { + ret = -1; +- goto driver_remove; ++ goto clear_memory; + } + l->slayer->incompelte = true; + if (save_layer(l) != 0) { + ret = -1; +- goto driver_remove; ++ goto clear_memory; + } + + ret = apply_diff(l, diff); +-- +2.25.1 + diff --git a/0008-fix-layer-remain-caused-by-hold-flag-not-clean.patch b/0008-fix-layer-remain-caused-by-hold-flag-not-clean.patch new file mode 100644 index 0000000..bb24e1a --- /dev/null +++ b/0008-fix-layer-remain-caused-by-hold-flag-not-clean.patch @@ -0,0 +1,62 @@ +From f953e23087e3de4fd283570f6c1e09f9de5d631e Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Tue, 15 Sep 2020 08:46:54 +0800 +Subject: [PATCH 08/10] fix layer remain caused by hold flag not clean + +Signed-off-by: WangFengTu +--- + src/daemon/modules/image/oci/oci_load.c | 24 ++++++++++++++++-------- + 1 file changed, 16 insertions(+), 8 deletions(-) + +diff --git a/src/daemon/modules/image/oci/oci_load.c b/src/daemon/modules/image/oci/oci_load.c +index f7908b6..6304a1f 100644 +--- a/src/daemon/modules/image/oci/oci_load.c ++++ b/src/daemon/modules/image/oci/oci_load.c +@@ -206,6 +206,19 @@ static void oci_load_free_image(load_image_t *im) + free(im); + } + ++inline static void do_free_load_image(load_image_t *im) ++{ ++ if (im == NULL) { ++ return; ++ } ++ ++ if (im->layer_of_hold_flag != NULL && storage_set_hold_flag(im->layer_of_hold_flag, false) != 0) { ++ ERROR("clear hold flag failed for layer %s", im->layer_of_hold_flag); ++ } ++ ++ oci_load_free_image(im); ++} ++ + static char **str_array_copy(char **arr, size_t len) + { + char **str_arr = NULL; +@@ -1033,7 +1046,8 @@ int oci_do_load(const im_load_request *request) + ret = -1; + goto out; + } +- oci_load_free_image(im); ++ ++ do_free_load_image(im); + im = NULL; + } + +@@ -1048,13 +1062,7 @@ out: + } + free(manifest); + +- if (im != NULL) { +- if (im->layer_of_hold_flag != NULL && storage_set_hold_flag(im->layer_of_hold_flag, false) != 0) { +- ERROR("clear hold flag failed for layer %s", im->layer_of_hold_flag); +- } +- +- oci_load_free_image(im); +- } ++ do_free_load_image(im); + + if (reader.close != NULL) { + reader.close(reader.context, NULL); +-- +2.25.1 + diff --git a/0009-fix-coredump-when-pull-image-with-lock-driver-image-.patch b/0009-fix-coredump-when-pull-image-with-lock-driver-image-.patch new file mode 100644 index 0000000..3945626 --- /dev/null +++ b/0009-fix-coredump-when-pull-image-with-lock-driver-image-.patch @@ -0,0 +1,623 @@ +From 86ccd26287eb9ae8e6e5656d4933ec4518adf24e Mon Sep 17 00:00:00 2001 +From: wujing +Date: Tue, 15 Sep 2020 12:14:32 +0800 +Subject: [PATCH 09/10] fix coredump when pull image with lock ${driver}-image + dir + +Signed-off-by: wujing +--- + .../oci/storage/image_store/image_store.c | 243 ++++++++-------- + .../oci/storage/rootfs_store/rootfs_store.c | 271 +++++++++--------- + 2 files changed, 262 insertions(+), 252 deletions(-) + +diff --git a/src/daemon/modules/image/oci/storage/image_store/image_store.c b/src/daemon/modules/image/oci/storage/image_store/image_store.c +index 1d4add9..a6da9fe 100644 +--- a/src/daemon/modules/image/oci/storage/image_store/image_store.c ++++ b/src/daemon/modules/image/oci/storage/image_store/image_store.c +@@ -1338,91 +1338,6 @@ out: + return im; + } + +-char *image_store_create(const char *id, const char **names, size_t names_len, const char *layer, const char *metadata, +- const types_timestamp_t *time, const char *searchable_digest) +-{ +- int ret = 0; +- char *dst_id = NULL; +- char **unique_names = NULL; +- size_t unique_names_len = 0; +- image_t *img = NULL; +- storage_image *im = NULL; +- +- if (g_image_store == NULL) { +- ERROR("Image store is not ready"); +- return NULL; +- } +- +- if (!image_store_lock(EXCLUSIVE)) { +- ERROR("Failed to lock image store with exclusive lock, not allowed to create new images"); +- return NULL; +- } +- +- if (id == NULL) { +- dst_id = generate_random_image_id(); +- } else { +- dst_id = util_strdup_s(id); +- } +- +- if (dst_id == NULL) { +- ERROR("Out of memory or generate random image id failed"); +- ret = -1; +- goto out; +- } +- +- if (map_search(g_image_store->byid, (void *)dst_id) != NULL) { +- ERROR("ID is already in use: %s", dst_id); +- ret = -1; +- goto out; +- } +- +- if (util_string_array_unique(names, names_len, &unique_names, &unique_names_len) != 0) { +- ERROR("Failed to unique names"); +- ret = -1; +- goto out; +- } +- +- im = new_storage_image(dst_id, searchable_digest, &unique_names, &unique_names_len, time, layer, metadata); +- if (im == NULL) { +- ERROR("Failed to generate new storage image"); +- ret = -1; +- goto out; +- } +- +- img = new_image(im); +- if (img == NULL) { +- ERROR("Out of memory"); +- ret = -1; +- goto out; +- } +- im = NULL; +- +- if (image_store_append_image(dst_id, searchable_digest, img) != 0) { +- ERROR("Failed to append image to image store"); +- ret = -1; +- goto out; +- } +- +- if (save_image(img->simage) != 0) { +- ERROR("Failed to save image"); +- ret = -1; +- goto out; +- } +- +-out: +- if (ret != 0) { +- free(dst_id); +- dst_id = NULL; +- free_storage_image(im); +- im = NULL; +- free_image_t(img); +- img = NULL; +- } +- util_free_array_by_len(unique_names, unique_names_len); +- image_store_unlock(); +- return dst_id; +-} +- + static image_t *get_image_for_store_by_prefix(const char *id) + { + bool ret = true; +@@ -1494,40 +1409,6 @@ found: + return value; + } + +-char *image_store_lookup(const char *id) +-{ +- char *image_id = NULL; +- image_t *img = NULL; +- +- if (id == NULL) { +- ERROR("Invalid input parameter, id is NULL"); +- return NULL; +- } +- +- if (g_image_store == NULL) { +- ERROR("Image store is not ready"); +- return NULL; +- } +- +- if (!image_store_lock(SHARED)) { +- ERROR("Failed to lock image store with shared lock, not allowed to get image id assignments"); +- return NULL; +- } +- +- img = lookup(id); +- if (img == NULL) { +- ERROR("Image not known"); +- goto out; +- } +- +- image_id = util_strdup_s(img->simage->id); +- +-out: +- image_ref_dec(img); +- image_store_unlock(); +- return image_id; +-} +- + static char *get_value_from_json_map_string_string(json_map_string_string *map, const char *key) + { + size_t i; +@@ -1701,6 +1582,130 @@ out: + return ret; + } + ++char *image_store_create(const char *id, const char **names, size_t names_len, const char *layer, const char *metadata, ++ const types_timestamp_t *time, const char *searchable_digest) ++{ ++ int ret = 0; ++ char *dst_id = NULL; ++ char **unique_names = NULL; ++ size_t unique_names_len = 0; ++ image_t *img = NULL; ++ storage_image *im = NULL; ++ ++ if (g_image_store == NULL) { ++ ERROR("Image store is not ready"); ++ return NULL; ++ } ++ ++ if (!image_store_lock(EXCLUSIVE)) { ++ ERROR("Failed to lock image store with exclusive lock, not allowed to create new images"); ++ return NULL; ++ } ++ ++ if (id == NULL) { ++ dst_id = generate_random_image_id(); ++ } else { ++ dst_id = util_strdup_s(id); ++ } ++ ++ if (dst_id == NULL) { ++ ERROR("Out of memory or generate random image id failed"); ++ ret = -1; ++ goto out; ++ } ++ ++ if (map_search(g_image_store->byid, (void *)dst_id) != NULL) { ++ ERROR("ID is already in use: %s", dst_id); ++ ret = -1; ++ goto out; ++ } ++ ++ if (util_string_array_unique(names, names_len, &unique_names, &unique_names_len) != 0) { ++ ERROR("Failed to unique names"); ++ ret = -1; ++ goto out; ++ } ++ ++ im = new_storage_image(dst_id, searchable_digest, &unique_names, &unique_names_len, time, layer, metadata); ++ if (im == NULL) { ++ ERROR("Failed to generate new storage image"); ++ ret = -1; ++ goto out; ++ } ++ ++ img = new_image(im); ++ if (img == NULL) { ++ ERROR("Out of memory"); ++ ret = -1; ++ goto out; ++ } ++ im = NULL; ++ ++ if (image_store_append_image(dst_id, searchable_digest, img) != 0) { ++ ERROR("Failed to append image to image store"); ++ ret = -1; ++ goto out; ++ } ++ ++ if (save_image(img->simage) != 0) { ++ ERROR("Failed to save image"); ++ if (do_delete_image_info(dst_id) != 0) { ++ ERROR("Failed to delete image info"); ++ } ++ im = NULL; ++ img = NULL; ++ ret = -1; ++ goto out; ++ } ++ ++out: ++ if (ret != 0) { ++ free(dst_id); ++ dst_id = NULL; ++ free_storage_image(im); ++ im = NULL; ++ free_image_t(img); ++ img = NULL; ++ } ++ util_free_array_by_len(unique_names, unique_names_len); ++ image_store_unlock(); ++ return dst_id; ++} ++ ++char *image_store_lookup(const char *id) ++{ ++ char *image_id = NULL; ++ image_t *img = NULL; ++ ++ if (id == NULL) { ++ ERROR("Invalid input parameter, id is NULL"); ++ return NULL; ++ } ++ ++ if (g_image_store == NULL) { ++ ERROR("Image store is not ready"); ++ return NULL; ++ } ++ ++ if (!image_store_lock(SHARED)) { ++ ERROR("Failed to lock image store with shared lock, not allowed to get image id assignments"); ++ return NULL; ++ } ++ ++ img = lookup(id); ++ if (img == NULL) { ++ ERROR("Image not known"); ++ goto out; ++ } ++ ++ image_id = util_strdup_s(img->simage->id); ++ ++out: ++ image_ref_dec(img); ++ image_store_unlock(); ++ return image_id; ++} ++ + int image_store_delete(const char *id) + { + int ret = 0; +diff --git a/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c b/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c +index acf4c51..070fdff 100644 +--- a/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c ++++ b/src/daemon/modules/image/oci/storage/rootfs_store/rootfs_store.c +@@ -728,90 +728,6 @@ out: + return ret; + } + +-char *rootfs_store_create(const char *id, const char **names, size_t names_len, const char *image, const char *layer, +- const char *metadata, struct storage_rootfs_options *rootfs_opts) +-{ +- int ret = 0; +- char *dst_id = NULL; +- char **unique_names = NULL; +- size_t unique_names_len = 0; +- cntrootfs_t *cntr = NULL; +- storage_rootfs *c = NULL; +- +- if (g_rootfs_store == NULL) { +- ERROR("Container store is not ready"); +- return NULL; +- } +- +- if (!rootfs_store_lock(EXCLUSIVE)) { +- ERROR("Failed to lock container store, not allowed to create new containers"); +- return NULL; +- } +- +- if (id == NULL) { +- dst_id = generate_random_container_id(); +- } else { +- dst_id = util_strdup_s(id); +- } +- +- if (dst_id == NULL) { +- ERROR("Out of memory or generate random container id failed"); +- ret = -1; +- goto out; +- } +- +- if (map_search(g_rootfs_store->byid, (void *)dst_id) != NULL) { +- ERROR("ID is already in use: %s", dst_id); +- ret = -1; +- goto out; +- } +- +- if (util_string_array_unique(names, names_len, &unique_names, &unique_names_len) != 0) { +- ERROR("Failed to unique names"); +- ret = -1; +- goto out; +- } +- +- c = new_storage_rootfs(dst_id, image, unique_names, unique_names_len, layer, metadata, rootfs_opts); +- if (c == NULL) { +- ERROR("Failed to generate new storage container"); +- ret = -1; +- goto out; +- } +- +- cntr = new_rootfs(c); +- if (cntr == NULL) { +- ERROR("Out of memory"); +- ret = -1; +- goto out; +- } +- c = NULL; +- +- if (rootfs_store_append_container_rootfs(dst_id, layer, (const char **)unique_names, unique_names_len, cntr) != 0) { +- ERROR("Failed to append container to container store"); +- ret = -1; +- goto out; +- } +- +- if (save_rootfs(cntr) != 0) { +- ERROR("Failed to save container"); +- ret = -1; +- goto out; +- } +- +-out: +- if (ret != 0) { +- free(dst_id); +- dst_id = NULL; +- free_storage_rootfs(c); +- c = NULL; +- free_rootfs_t(cntr); +- cntr = NULL; +- } +- rootfs_store_unlock(); +- return dst_id; +-} +- + static cntrootfs_t *get_rootfs_for_store_by_prefix(const char *id) + { + bool ret = true; +@@ -883,39 +799,6 @@ found: + return value; + } + +-char *rootfs_store_lookup(const char *id) +-{ +- char *container_id = NULL; +- cntrootfs_t *cntr = NULL; +- +- if (id == NULL) { +- ERROR("Invalid input parameter, id is NULL"); +- return NULL; +- } +- +- if (g_rootfs_store == NULL) { +- ERROR("Container store is not ready"); +- return NULL; +- } +- +- if (!rootfs_store_lock(SHARED)) { +- ERROR("Failed to lock rootfs store, not allowed to lookup rootfs id assginments"); +- return NULL; +- } +- +- cntr = lookup(id); +- if (cntr == NULL) { +- ERROR("Container not known"); +- return NULL; +- } +- +- container_id = util_strdup_s(cntr->srootfs->id); +- rootfs_ref_dec(cntr); +- rootfs_store_unlock(); +- +- return container_id; +-} +- + static int remove_rootfs_from_memory(const char *id) + { + struct linked_list *item = NULL; +@@ -985,13 +868,13 @@ static int remove_rootfs_dir(const char *id) + return 0; + } + +-int rootfs_store_delete(const char *id) ++static int delete_rootfs_from_store_without_lock(const char *id) + { +- cntrootfs_t *cntr = NULL; + int ret = 0; ++ cntrootfs_t *cntr = NULL; + + if (id == NULL) { +- ERROR("Invalid input parameter, id is NULL"); ++ ERROR("Invalid input parameter: empty id"); + return -1; + } + +@@ -1000,16 +883,10 @@ int rootfs_store_delete(const char *id) + return -1; + } + +- if (!rootfs_store_lock(EXCLUSIVE)) { +- ERROR("Failed to lock rootfs store"); +- return -1; +- } +- + cntr = lookup(id); + if (cntr == NULL) { +- WARN("rootfs %s not exists already, return success", id); +- ret = 0; +- goto out; ++ ERROR("Rootfs %s not known", id); ++ return -1; + } + + if (remove_rootfs_from_memory(cntr->srootfs->id) != 0) { +@@ -1026,17 +903,138 @@ int rootfs_store_delete(const char *id) + + out: + rootfs_ref_dec(cntr); +- rootfs_store_unlock(); + return ret; + } + +-static int delete_rootfs_from_store_without_lock(const char *id) ++char *rootfs_store_create(const char *id, const char **names, size_t names_len, const char *image, const char *layer, ++ const char *metadata, struct storage_rootfs_options *rootfs_opts) + { + int ret = 0; ++ char *dst_id = NULL; ++ char **unique_names = NULL; ++ size_t unique_names_len = 0; + cntrootfs_t *cntr = NULL; ++ storage_rootfs *c = NULL; ++ ++ if (g_rootfs_store == NULL) { ++ ERROR("Container store is not ready"); ++ return NULL; ++ } ++ ++ if (!rootfs_store_lock(EXCLUSIVE)) { ++ ERROR("Failed to lock container store, not allowed to create new containers"); ++ return NULL; ++ } + + if (id == NULL) { +- ERROR("Invalid input parameter: empty id"); ++ dst_id = generate_random_container_id(); ++ } else { ++ dst_id = util_strdup_s(id); ++ } ++ ++ if (dst_id == NULL) { ++ ERROR("Out of memory or generate random container id failed"); ++ ret = -1; ++ goto out; ++ } ++ ++ if (map_search(g_rootfs_store->byid, (void *)dst_id) != NULL) { ++ ERROR("ID is already in use: %s", dst_id); ++ ret = -1; ++ goto out; ++ } ++ ++ if (util_string_array_unique(names, names_len, &unique_names, &unique_names_len) != 0) { ++ ERROR("Failed to unique names"); ++ ret = -1; ++ goto out; ++ } ++ ++ c = new_storage_rootfs(dst_id, image, unique_names, unique_names_len, layer, metadata, rootfs_opts); ++ if (c == NULL) { ++ ERROR("Failed to generate new storage container"); ++ ret = -1; ++ goto out; ++ } ++ ++ cntr = new_rootfs(c); ++ if (cntr == NULL) { ++ ERROR("Out of memory"); ++ ret = -1; ++ goto out; ++ } ++ c = NULL; ++ ++ if (rootfs_store_append_container_rootfs(dst_id, layer, (const char **)unique_names, unique_names_len, cntr) != 0) { ++ ERROR("Failed to append container to container store"); ++ ret = -1; ++ goto out; ++ } ++ ++ if (save_rootfs(cntr) != 0) { ++ ERROR("Failed to save container"); ++ if (delete_rootfs_from_store_without_lock(dst_id) != 0) { ++ ERROR("Failed to delete rootfs from store"); ++ } ++ c = NULL; ++ cntr = NULL; ++ ret = -1; ++ goto out; ++ } ++ ++out: ++ if (ret != 0) { ++ free(dst_id); ++ dst_id = NULL; ++ free_storage_rootfs(c); ++ c = NULL; ++ free_rootfs_t(cntr); ++ cntr = NULL; ++ } ++ rootfs_store_unlock(); ++ return dst_id; ++} ++ ++char *rootfs_store_lookup(const char *id) ++{ ++ char *container_id = NULL; ++ cntrootfs_t *cntr = NULL; ++ ++ if (id == NULL) { ++ ERROR("Invalid input parameter, id is NULL"); ++ return NULL; ++ } ++ ++ if (g_rootfs_store == NULL) { ++ ERROR("Container store is not ready"); ++ return NULL; ++ } ++ ++ if (!rootfs_store_lock(SHARED)) { ++ ERROR("Failed to lock rootfs store, not allowed to lookup rootfs id assginments"); ++ return NULL; ++ } ++ ++ cntr = lookup(id); ++ if (cntr == NULL) { ++ ERROR("Container not known"); ++ return NULL; ++ } ++ ++ container_id = util_strdup_s(cntr->srootfs->id); ++ rootfs_ref_dec(cntr); ++ rootfs_store_unlock(); ++ ++ return container_id; ++} ++ ++int rootfs_store_delete(const char *id) ++{ ++ cntrootfs_t *cntr = NULL; ++ int ret = 0; ++ ++ if (id == NULL) { ++ ERROR("Invalid input parameter, id is NULL"); + return -1; + } + +@@ -1045,10 +1043,16 @@ static int delete_rootfs_from_store_without_lock(const char *id) + return -1; + } + ++ if (!rootfs_store_lock(EXCLUSIVE)) { ++ ERROR("Failed to lock rootfs store"); ++ return -1; ++ } ++ + cntr = lookup(id); + if (cntr == NULL) { +- ERROR("Rootfs %s not known", id); +- return -1; ++ WARN("rootfs %s not exists already, return success", id); ++ ret = 0; ++ goto out; + } + + if (remove_rootfs_from_memory(cntr->srootfs->id) != 0) { +@@ -1065,6 +1069,7 @@ static int delete_rootfs_from_store_without_lock(const char *id) + + out: + rootfs_ref_dec(cntr); ++ rootfs_store_unlock(); + return ret; + } + +-- +2.25.1 + diff --git a/0010-fix-bad-formatting-placeholder-in-http-parse-module.patch b/0010-fix-bad-formatting-placeholder-in-http-parse-module.patch new file mode 100644 index 0000000..4aff9dc --- /dev/null +++ b/0010-fix-bad-formatting-placeholder-in-http-parse-module.patch @@ -0,0 +1,26 @@ +From 05fee32dd6faaa154d7a8a2e44b6b6153515f223 Mon Sep 17 00:00:00 2001 +From: wujing +Date: Tue, 15 Sep 2020 16:43:18 +0800 +Subject: [PATCH 10/10] fix: bad formatting placeholder in http parse module + +Signed-off-by: wujing +--- + src/utils/http/parser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/utils/http/parser.c b/src/utils/http/parser.c +index ec4ae43..2a69fed 100644 +--- a/src/utils/http/parser.c ++++ b/src/utils/http/parser.c +@@ -303,7 +303,7 @@ int parse_http(const char *buf, size_t len, struct parsed_http_message *m, + + nparsed = parse(buf, len, parser); + if (nparsed != len) { +- ERROR("Failed to parse it, parsed :%ld, intput:%ld \n", nparsed, len); ++ ERROR("Failed to parse it, parsed :%zu, intput:%zu \n", nparsed, len); + ret = -1; + goto free_out; + } +-- +2.25.1 + diff --git a/iSulad.spec b/iSulad.spec index c7ed27f..00b12e1 100644 --- a/iSulad.spec +++ b/iSulad.spec @@ -1,5 +1,5 @@ %global _version 2.0.5 -%global _release 20200914.172527.gitae86920a +%global _release 20200918.112827.git9aea9b75 %global is_systemd 1 Name: iSulad @@ -12,7 +12,17 @@ Source: https://gitee.com/openeuler/iSulad/repository/archive/v%{version}.tar BuildRoot: {_tmppath}/iSulad-%{version} ExclusiveArch: x86_64 aarch64 -Patch6000: 0001-config-remove-unused-config.patch +Patch6000: 0000-config-remove-unused-config.patch +Patch6001: 0001-fix-modify-quota-log-level-to-warning.patch +Patch6002: 0002-fix-memory-leak.patch +Patch6003: 0003-fix-security-opt-parsing-access-out-of-bounds.patch +Patch6004: 0004-fix-delete-rootfs-dir-when-rootfs-load-failed.patch +Patch6005: 0005-fix-code-review.patch +Patch6006: 0006-fix-pull-failure-caused-by-link-conflict.patch +Patch6007: 0007-image-clear-memory-if-failed.patch +Patch6008: 0008-fix-layer-remain-caused-by-hold-flag-not-clean.patch +Patch6009: 0009-fix-coredump-when-pull-image-with-lock-driver-image-.patch +Patch6010: 0010-fix-bad-formatting-placeholder-in-http-parse-module.patch %ifarch x86_64 aarch64 Provides: libhttpclient.so()(64bit) @@ -220,6 +230,12 @@ fi %endif %changelog ++* Fri Sep 18 2020 - 2.0.5-20200918.112827.git9aea9b75 ++- Type:bugfix ++- ID:NA ++- SUG:NA ++- DESC: modify log level to warn + +* Mon Sep 14 2020 - 2.0.5-20200914.172527.gitae86920a +- Type:bugfix +- ID:NA