diff --git a/0001-do-not-mkdir-of-isulad-if-no-controller-found.patch b/0001-do-not-mkdir-of-isulad-if-no-controller-found.patch index 512252a..6c43cb4 100644 --- a/0001-do-not-mkdir-of-isulad-if-no-controller-found.patch +++ b/0001-do-not-mkdir-of-isulad-if-no-controller-found.patch @@ -1,7 +1,7 @@ From 9837be14200fecb32db0337652e60532f1adb7be Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Mon, 23 May 2022 17:06:19 +0800 -Subject: [PATCH 01/13] do not mkdir of isulad if no controller found +Subject: [PATCH 01/22] do not mkdir of isulad if no controller found If selinux disable the capibility DAC_OVERRIDE, mkdir isulad may fail when run container. diff --git a/0002-fix-install-error-when-android.patch b/0002-fix-install-error-when-android.patch index a5984eb..4f154d0 100644 --- a/0002-fix-install-error-when-android.patch +++ b/0002-fix-install-error-when-android.patch @@ -1,7 +1,7 @@ From 426a282802b8b81c66e6857857a745583f816c0a Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 24 May 2022 16:51:02 +0800 -Subject: [PATCH 02/13] fix install error when android +Subject: [PATCH 02/22] fix install error when android Signed-off-by: WangFengTu --- diff --git a/0003-imp-fuzz-for-pw-gr-parser.patch b/0003-imp-fuzz-for-pw-gr-parser.patch index 457e8f7..cc17686 100644 --- a/0003-imp-fuzz-for-pw-gr-parser.patch +++ b/0003-imp-fuzz-for-pw-gr-parser.patch @@ -1,7 +1,7 @@ From 9ccb30fa430c7b98ecab4406dabe8498c74db8c3 Mon Sep 17 00:00:00 2001 From: chegJH Date: Thu, 12 May 2022 16:40:41 +0800 -Subject: [PATCH 03/13] imp fuzz for pw gr parser +Subject: [PATCH 03/22] imp fuzz for pw gr parser Signed-off-by: chegJH --- diff --git a/0004-improve-fuzz-test.patch b/0004-improve-fuzz-test.patch index c23f310..e8c79db 100644 --- a/0004-improve-fuzz-test.patch +++ b/0004-improve-fuzz-test.patch @@ -1,7 +1,7 @@ From 31a92265a6bd29dc8f98179947406f1bb56ac5a8 Mon Sep 17 00:00:00 2001 From: haozi007 Date: Thu, 26 May 2022 13:53:09 +0100 -Subject: [PATCH 04/13] improve fuzz test +Subject: [PATCH 04/22] improve fuzz test Signed-off-by: haozi007 --- diff --git a/0005-Seccomp-optimization.patch b/0005-Seccomp-optimization.patch index e148e5f..20965ce 100644 --- a/0005-Seccomp-optimization.patch +++ b/0005-Seccomp-optimization.patch @@ -1,7 +1,7 @@ From 02167555e702316fe14cc963f9e978e9f66f59ba Mon Sep 17 00:00:00 2001 From: chengzrz Date: Fri, 24 Dec 2021 10:47:31 +0800 -Subject: [PATCH 05/13] Seccomp optimization +Subject: [PATCH 05/22] Seccomp optimization Signed-off-by: chengzrz --- diff --git a/0006-fix-different-type-convert.patch b/0006-fix-different-type-convert.patch index f86dfd9..13ef160 100644 --- a/0006-fix-different-type-convert.patch +++ b/0006-fix-different-type-convert.patch @@ -1,7 +1,7 @@ From 1db2941da2eba089f3ed07c59f4925c857860023 Mon Sep 17 00:00:00 2001 From: haozi007 Date: Tue, 31 May 2022 03:33:16 +0100 -Subject: [PATCH 06/13] fix different type convert +Subject: [PATCH 06/22] fix different type convert Signed-off-by: haozi007 --- diff --git a/0007-add-pointer-parameters-NULL-check.patch b/0007-add-pointer-parameters-NULL-check.patch index 6e54add..c4aa643 100644 --- a/0007-add-pointer-parameters-NULL-check.patch +++ b/0007-add-pointer-parameters-NULL-check.patch @@ -1,7 +1,7 @@ From 17b6015d5abe3500a5a89d171af79698e57545f2 Mon Sep 17 00:00:00 2001 From: zhangxiaoyu Date: Tue, 31 May 2022 19:35:35 +0800 -Subject: [PATCH 07/13] add pointer parameters NULL check +Subject: [PATCH 07/22] add pointer parameters NULL check Signed-off-by: zhangxiaoyu Signed-off-by: haozi007 diff --git a/0008-add-check-to-arguments.patch b/0008-add-check-to-arguments.patch index 8945480..624e8f8 100644 --- a/0008-add-check-to-arguments.patch +++ b/0008-add-check-to-arguments.patch @@ -1,7 +1,7 @@ From 56c2a6a98d51ea893939079cc31e3a7897fa5aba Mon Sep 17 00:00:00 2001 From: haozi007 Date: Tue, 31 May 2022 12:53:10 +0100 -Subject: [PATCH 08/13] add check to arguments +Subject: [PATCH 08/22] add check to arguments Signed-off-by: haozi007 --- diff --git a/0009-remove-static-of-strlncat.patch b/0009-remove-static-of-strlncat.patch index aa7afd3..ebca5f4 100644 --- a/0009-remove-static-of-strlncat.patch +++ b/0009-remove-static-of-strlncat.patch @@ -1,7 +1,7 @@ From 9133e2159e9e69434b41e9649762f8eaed191f37 Mon Sep 17 00:00:00 2001 From: zhangxiaoyu Date: Tue, 31 May 2022 22:39:44 +0800 -Subject: [PATCH 09/13] remove static of strlncat +Subject: [PATCH 09/22] remove static of strlncat Signed-off-by: zhangxiaoyu --- diff --git a/0010-remove-check-parameter-label_opts-in-init_label.patch b/0010-remove-check-parameter-label_opts-in-init_label.patch index 6679782..8cc80e3 100644 --- a/0010-remove-check-parameter-label_opts-in-init_label.patch +++ b/0010-remove-check-parameter-label_opts-in-init_label.patch @@ -1,7 +1,7 @@ From 60715b192de2cb1b4e8fe9ce48ddf081a6d2be53 Mon Sep 17 00:00:00 2001 From: zhangxiaoyu Date: Wed, 1 Jun 2022 09:50:03 +0800 -Subject: [PATCH 10/13] remove check parameter label_opts in init_label +Subject: [PATCH 10/22] remove check parameter label_opts in init_label Signed-off-by: zhangxiaoyu --- diff --git a/0011-update-seccomp-to-Linux-5.10-syscall-list.patch b/0011-update-seccomp-to-Linux-5.10-syscall-list.patch index 92ebf43..28c674a 100644 --- a/0011-update-seccomp-to-Linux-5.10-syscall-list.patch +++ b/0011-update-seccomp-to-Linux-5.10-syscall-list.patch @@ -1,7 +1,7 @@ From 55a4f57232c42a9c2d36a41de5d743ee9ebbe88e Mon Sep 17 00:00:00 2001 From: vegbir Date: Wed, 1 Jun 2022 13:44:37 +0800 -Subject: [PATCH 11/13] update seccomp to Linux 5.10 syscall list +Subject: [PATCH 11/22] update seccomp to Linux 5.10 syscall list Signed-off-by: yangjiaqi --- diff --git a/0012-fix-invalid-convert-and-format.patch b/0012-fix-invalid-convert-and-format.patch index c27a38e..0a9cd44 100644 --- a/0012-fix-invalid-convert-and-format.patch +++ b/0012-fix-invalid-convert-and-format.patch @@ -1,7 +1,7 @@ From 8dcad172ea0241f35cdd464029523253ada7e99f Mon Sep 17 00:00:00 2001 From: haozi007 Date: Wed, 1 Jun 2022 12:53:56 +0100 -Subject: [PATCH 12/13] fix invalid convert and format +Subject: [PATCH 12/22] fix invalid convert and format 1. invalid convert; 2. error print format; diff --git a/0013-fix-get_network_namespace_path-check.patch b/0013-fix-get_network_namespace_path-check.patch index 975224a..1750ad8 100644 --- a/0013-fix-get_network_namespace_path-check.patch +++ b/0013-fix-get_network_namespace_path-check.patch @@ -1,7 +1,7 @@ From a96ad33008671e61bddebb744a7ac0aa3798313b Mon Sep 17 00:00:00 2001 From: zhangxiaoyu Date: Thu, 2 Jun 2022 10:33:07 +0800 -Subject: [PATCH 13/13] fix get_network_namespace_path check +Subject: [PATCH 13/22] fix get_network_namespace_path check Signed-off-by: zhangxiaoyu --- diff --git a/0014-bugfix-for-double-free-and-use-after-free.patch b/0014-bugfix-for-double-free-and-use-after-free.patch new file mode 100644 index 0000000..1de438d --- /dev/null +++ b/0014-bugfix-for-double-free-and-use-after-free.patch @@ -0,0 +1,227 @@ +From 7934311c1b1003021449b92900f3102ff77395e2 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu +Date: Tue, 7 Jun 2022 15:19:20 +0800 +Subject: [PATCH 14/22] bugfix for double free and use after free + +Signed-off-by: zhangxiaoyu +--- + src/client/connect/rest/rest_images_client.c | 2 +- + src/cmd/isula/information/ps.c | 4 ++- + src/daemon/common/sysinfo.c | 3 +- + .../cri_pod_sandbox_manager_service_impl.cc | 3 +- + .../entry/cri/websocket/service/ws_server.h | 19 +++++----- + .../oci/storage/image_store/image_store.c | 36 ++++++++++++++----- + .../oci/storage/layer_store/layer_store.c | 3 +- + src/utils/console/console.c | 2 +- + 8 files changed, 48 insertions(+), 24 deletions(-) + +diff --git a/src/client/connect/rest/rest_images_client.c b/src/client/connect/rest/rest_images_client.c +index 3deeeead..c2fc17f1 100644 +--- a/src/client/connect/rest/rest_images_client.c ++++ b/src/client/connect/rest/rest_images_client.c +@@ -929,7 +929,7 @@ out: + static int rest_image_import(const struct isula_import_request *request, struct isula_import_response *response, + void *arg) + { +- ++ + client_connect_config_t *connect_config = (client_connect_config_t *)arg; + const char *socketname = (const char *)(connect_config->socket); + char *body = NULL; +diff --git a/src/cmd/isula/information/ps.c b/src/cmd/isula/information/ps.c +index 74c2f94a..805cbbd6 100644 +--- a/src/cmd/isula/information/ps.c ++++ b/src/cmd/isula/information/ps.c +@@ -904,14 +904,16 @@ static int append_non_header_item_field(const char *prefix, const char *non_fiel + ret = -1; + goto out; + } ++ + field->name = non_field_string; ++ non_field_string = NULL; + field->is_field = false; ++ + if (append_field(ff, field) != 0) { + ERROR("Failed to append field"); + ret = -1; + goto out; + } +- non_field_string = NULL; + field = NULL; + + out: +diff --git a/src/daemon/common/sysinfo.c b/src/daemon/common/sysinfo.c +index 89ca5225..d52f8767 100644 +--- a/src/daemon/common/sysinfo.c ++++ b/src/daemon/common/sysinfo.c +@@ -1309,7 +1309,8 @@ out: + } + + #ifdef __ANDROID__ +-static bool cgroup2_no_controller() { ++static bool cgroup2_no_controller() ++{ + char *controllers_str = NULL; + + controllers_str = util_read_content_from_file(CGROUP2_CONTROLLERS_PATH); +diff --git a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc +index f0c8e470..4bc9845f 100644 +--- a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc ++++ b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc +@@ -99,7 +99,8 @@ void PodSandboxManagerServiceImpl::ApplySandboxResources(const runtime::v1alpha2 + } + + +-void PodSandboxManagerServiceImpl::SetHostConfigDefaultValue(host_config *hc) { ++void PodSandboxManagerServiceImpl::SetHostConfigDefaultValue(host_config *hc) ++{ + free(hc->network_mode); + hc->network_mode = util_strdup_s(CRI::Constants::namespaceModeFile.c_str()); + } +diff --git a/src/daemon/entry/cri/websocket/service/ws_server.h b/src/daemon/entry/cri/websocket/service/ws_server.h +index 4af54067..b871aabc 100644 +--- a/src/daemon/entry/cri/websocket/service/ws_server.h ++++ b/src/daemon/entry/cri/websocket/service/ws_server.h +@@ -30,8 +30,7 @@ + #include "errors.h" + #include "read_write_lock.h" + +-namespace +-{ ++namespace { + const int MAX_ECHO_PAYLOAD = 4096; + const int MAX_ARRAY_LEN = 2; + const int MAX_PROTOCOL_NUM = 2; +@@ -97,13 +96,15 @@ private: + static struct lws_context *m_context; + volatile int m_forceExit = 0; + std::thread m_pthreadService; +- const struct lws_protocols m_protocols[MAX_PROTOCOL_NUM] = { { +- "channel.k8s.io", +- Callback, +- 0, +- MAX_ECHO_PAYLOAD, +- }, +- { nullptr, nullptr, 0, 0 } }; ++ const struct lws_protocols m_protocols[MAX_PROTOCOL_NUM] = { ++ { ++ "channel.k8s.io", ++ Callback, ++ 0, ++ MAX_ECHO_PAYLOAD, ++ }, ++ { nullptr, nullptr, 0, 0 } ++ }; + RouteCallbackRegister m_handler; + static std::unordered_map m_wsis; + url::URLDatum m_url; +diff --git a/src/daemon/modules/image/oci/storage/image_store/image_store.c b/src/daemon/modules/image/oci/storage/image_store/image_store.c +index 727991fe..edb28b78 100644 +--- a/src/daemon/modules/image/oci/storage/image_store/image_store.c ++++ b/src/daemon/modules/image/oci/storage/image_store/image_store.c +@@ -734,6 +734,7 @@ static int image_store_append_image(const char *id, const char *searchable_diges + { + int ret = 0; + size_t i = 0; ++ size_t record_name_len = 0; + struct linked_list *item = NULL; + + item = util_smart_calloc_s(sizeof(struct linked_list), 1); +@@ -748,33 +749,52 @@ static int image_store_append_image(const char *id, const char *searchable_diges + if (!map_insert(g_image_store->byid, (void *)id, (void *)img)) { + ERROR("Failed to insert image to image store"); + ret = -1; +- goto out; ++ goto list_err_out; + } + + if (append_image_according_to_digest(g_image_store->bydigest, searchable_digest, img) != 0) { + ERROR("Failed to insert image to image store digest index"); + ret = -1; +- goto out; ++ goto id_err_out; + } + + for (i = 0; i < img->simage->names_len; i++) { + if (map_search(g_image_store->byname, (void *)img->simage->names[i]) != NULL) { + ERROR("Image name is already in use : %s", img->simage->names[i]); + ret = -1; +- goto out; ++ goto err_out; + } + if (!map_insert(g_image_store->byname, (void *)img->simage->names[i], (void *)img)) { + ERROR("Failed to insert image to image store's byname"); + ret = -1; +- goto out; ++ goto err_out; + } + } + +-out: +- if (ret != 0) { +- linked_list_del(item); +- free(item); ++ return 0; ++ ++err_out: ++ record_name_len = i; ++ for (i = 0; i < record_name_len; i++) { ++ if (!map_remove(g_image_store->byname, (void *)img->simage->names[i])) { ++ ERROR("Failed to remove image from image store's byname"); ++ } + } ++ ++ if (remove_image_from_digest_index(img, searchable_digest) != 0) { ++ ERROR("Failed to remove image from image store digest index"); ++ } ++ ++id_err_out: ++ if (!map_remove(g_image_store->byid, (void *)id)) { ++ ERROR("Failed to remove image from ids map in image store"); ++ } ++ ++list_err_out: ++ linked_list_del(item); ++ g_image_store->images_list_len--; ++ free(item); ++ + return ret; + } + +diff --git a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +index a35f61ee..bb9e5b94 100644 +--- a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c ++++ b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +@@ -212,6 +212,7 @@ static bool append_layer_into_list(layer_t *l) + return true; + } + ++// only delete item from list, free item->elem by caller + static inline void delete_g_layer_list_item(struct linked_list *item) + { + if (item == NULL) { +@@ -220,8 +221,6 @@ static inline void delete_g_layer_list_item(struct linked_list *item) + + linked_list_del(item); + +- layer_ref_dec((layer_t *)item->elem); +- item->elem = NULL; + free(item); + g_metadata.layers_list_len -= 1; + } +diff --git a/src/utils/console/console.c b/src/utils/console/console.c +index 8492eb4d..b0dc7ee5 100644 +--- a/src/utils/console/console.c ++++ b/src/utils/console/console.c +@@ -253,7 +253,7 @@ int console_fifo_open(const char *fifo_path, int *fdout, int flags) + { + int fd = 0; + +- if (fifo_path ==NULL || fdout == NULL) { ++ if (fifo_path == NULL || fdout == NULL) { + ERROR("Argument must not be NULL"); + return -1; + } +-- +2.25.1 + diff --git a/0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch b/0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch new file mode 100644 index 0000000..8a2ed46 --- /dev/null +++ b/0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch @@ -0,0 +1,73 @@ +From 18db58c919bb9767bbe2f11c7447cfed27312c63 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu +Date: Thu, 9 Jun 2022 21:16:26 +0800 +Subject: [PATCH 15/22] fix isulad-shim coredump when remove ioc fd node + +Signed-off-by: zhangxiaoyu +--- + src/cmd/isulad-shim/process.c | 19 +++++++++++++------ + 1 file changed, 13 insertions(+), 6 deletions(-) + +diff --git a/src/cmd/isulad-shim/process.c b/src/cmd/isulad-shim/process.c +index 21b2523a..6de470f7 100644 +--- a/src/cmd/isulad-shim/process.c ++++ b/src/cmd/isulad-shim/process.c +@@ -195,10 +195,6 @@ static void remove_io_dispatch(io_thread_t *io_thd, int from, int to) + } + io_copy_t *ioc = io_thd->ioc; + +- if (pthread_mutex_lock(&(ioc->mutex))) { +- return; +- } +- + fd_node_t *tmp = NULL; + do { + /* remove src fd */ +@@ -233,7 +229,6 @@ static void remove_io_dispatch(io_thread_t *io_thd, int from, int to) + free(tmp); + tmp = NULL; + } +- pthread_mutex_unlock(&(ioc->mutex)); + } + + static int get_exec_winsize(const char *buf, struct winsize *wsize) +@@ -297,8 +292,14 @@ static void *do_io_copy(void *data) + /* End of file. The remote has closed the connection */ + break; + } else if (ioc->id != EXEC_RESIZE) { ++ if (pthread_mutex_lock(&(ioc->mutex)) != 0) { ++ continue; ++ } ++ + fd_node_t *fn = ioc->fd_to; +- for (; fn != NULL; fn = fn->next) { ++ fd_node_t *next = fn; ++ for (; fn != NULL; fn = next) { ++ next = fn->next; + if (fn->is_log) { + shim_write_container_log_file(io_thd->terminal, ioc->id, buf, r_count); + } else { +@@ -309,7 +310,12 @@ static void *do_io_copy(void *data) + } + } + } ++ pthread_mutex_unlock(&(ioc->mutex)); + } else { ++ if (pthread_mutex_lock(&(ioc->mutex)) != 0) { ++ continue; ++ } ++ + int resize_fd = ioc->fd_to->fd; + struct winsize wsize = { 0x00 }; + if (get_exec_winsize(buf, &wsize) < 0) { +@@ -318,6 +324,7 @@ static void *do_io_copy(void *data) + if (ioctl(resize_fd, TIOCSWINSZ, &wsize) < 0) { + break; + } ++ pthread_mutex_unlock(&(ioc->mutex)); + } + + /* +-- +2.25.1 + diff --git a/0016-do-not-fail-if-pw-is-not-NULL.patch b/0016-do-not-fail-if-pw-is-not-NULL.patch new file mode 100644 index 0000000..1f8cc2c --- /dev/null +++ b/0016-do-not-fail-if-pw-is-not-NULL.patch @@ -0,0 +1,65 @@ +From ae49fce8e19f7544c463cfbff58794f35f44c493 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Thu, 9 Jun 2022 16:17:52 +0800 +Subject: [PATCH 16/22] do not fail if pw is not NULL + +Signed-off-by: WangFengTu +--- + src/utils/cutils/utils_pwgr.c | 7 +------ + test/cutils/utils_pwgr/utils_pwgr_ut.cc | 5 ++--- + 2 files changed, 3 insertions(+), 9 deletions(-) + +diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c +index 01490863..6b83f787 100644 +--- a/src/utils/cutils/utils_pwgr.c ++++ b/src/utils/cutils/utils_pwgr.c +@@ -212,11 +212,6 @@ int util_getpwent_r(FILE *stream, struct passwd *resbuf, char *buffer, size_t bu + return -1; + } + +- if (*result != NULL) { +- ERROR("Result shall point to null to start."); +- return -1; +- } +- + buff_end = buffer + buflen - 1; + flockfile(stream); + +@@ -337,4 +332,4 @@ int util_getgrent_r(FILE *stream, struct group *resbuf, char *buffer, size_t buf + out: + funlockfile(stream); + return ret; +-} +\ No newline at end of file ++} +diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +index 00a32e05..bf9c9f06 100644 +--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc ++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +@@ -44,7 +44,7 @@ TEST(utils_pwgr, test_getpwent_r) + ASSERT_EQ(util_getpwent_r(NULL, &pw, buf, sizeof(buf), &ppw), -1); + ASSERT_EQ(util_getpwent_r(f_pw, &pw, NULL, 0, &ppw), -1); + ASSERT_EQ(util_getpwent_r(f_pw, &pw, invalid_buf, 1, &ppw), -1); +- ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), &ppw_alter), -1); ++ ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), &ppw_alter), 0); + ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), NULL), -1); + + while (!feof(f_pw)) { +@@ -65,7 +65,6 @@ TEST(utils_pwgr, test_getpwent_r) + ASSERT_STREQ(pw.pw_dir, std::get<5>(elem).c_str()); + ASSERT_STREQ(pw.pw_shell, std::get<6>(elem).c_str()); + EXPECT_TRUE(ppw == &pw); +- ppw = nullptr; + pw = {0}; + } + +@@ -134,4 +133,4 @@ TEST(utils_pwgr, test_getgrent_r) + } + + fclose(f_gr); +-} +\ No newline at end of file ++} +-- +2.25.1 + diff --git a/0017-do-not-fail-if-gr-is-NULL.patch b/0017-do-not-fail-if-gr-is-NULL.patch new file mode 100644 index 0000000..29ecc1d --- /dev/null +++ b/0017-do-not-fail-if-gr-is-NULL.patch @@ -0,0 +1,51 @@ +From b4596641a08891bfec9384f87815c8e671d594d4 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Thu, 9 Jun 2022 17:07:40 +0800 +Subject: [PATCH 17/22] do not fail if gr is NULL + +Signed-off-by: WangFengTu +--- + src/utils/cutils/utils_pwgr.c | 5 ----- + test/cutils/utils_pwgr/utils_pwgr_ut.cc | 3 +-- + 2 files changed, 1 insertion(+), 7 deletions(-) + +diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c +index 6b83f787..b3aed14b 100644 +--- a/src/utils/cutils/utils_pwgr.c ++++ b/src/utils/cutils/utils_pwgr.c +@@ -279,11 +279,6 @@ int util_getgrent_r(FILE *stream, struct group *resbuf, char *buffer, size_t buf + return -1; + } + +- if (*result != NULL) { +- ERROR("Result shall point to null to start."); +- return -1; +- } +- + flockfile(stream); + buff_end = buffer + buflen - 1; + +diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +index bf9c9f06..c289e2b9 100644 +--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc ++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +@@ -106,7 +106,7 @@ TEST(utils_pwgr, test_getgrent_r) + ASSERT_EQ(util_getgrent_r(NULL, &gr, buf, sizeof(buf), &pgr), -1); + ASSERT_EQ(util_getgrent_r(f_gr, &gr, NULL, 0, &pgr), -1); + ASSERT_EQ(util_getgrent_r(f_gr, &gr, invalid_buf, 1, &pgr), -1); +- ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), &pgr_alter), -1); ++ ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), &pgr_alter), 0); + ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), NULL), -1); + + while (!feof(f_gr)) { +@@ -129,7 +129,6 @@ TEST(utils_pwgr, test_getgrent_r) + } + EXPECT_TRUE(pgr == &gr); + gr = {0}; +- pgr = nullptr; + } + + fclose(f_gr); +-- +2.25.1 + diff --git a/0018-fix-memory-leak-of-remove-layer.patch b/0018-fix-memory-leak-of-remove-layer.patch new file mode 100644 index 0000000..bb67c56 --- /dev/null +++ b/0018-fix-memory-leak-of-remove-layer.patch @@ -0,0 +1,56 @@ +From eb168d32053f9204336c37af98210810957cedd2 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Fri, 10 Jun 2022 04:10:39 +0100 +Subject: [PATCH 18/22] fix memory leak of remove layer + +Signed-off-by: haozi007 +--- + .../image/oci/storage/layer_store/layer_store.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +index bb9e5b94..7e95a52f 100644 +--- a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c ++++ b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c +@@ -213,7 +213,7 @@ static bool append_layer_into_list(layer_t *l) + } + + // only delete item from list, free item->elem by caller +-static inline void delete_g_layer_list_item(struct linked_list *item) ++static inline void delete_g_layer_list_item(struct linked_list *item, bool rm_val) + { + if (item == NULL) { + return; +@@ -221,6 +221,11 @@ static inline void delete_g_layer_list_item(struct linked_list *item) + + linked_list_del(item); + ++ if (rm_val) { ++ layer_ref_dec((layer_t *)item->elem); ++ item->elem = NULL; ++ } ++ + free(item); + g_metadata.layers_list_len -= 1; + } +@@ -235,7 +240,7 @@ void remove_layer_list_tail() + + item = g_metadata.layers_list.prev; + +- delete_g_layer_list_item(item); ++ delete_g_layer_list_item(item, false); + } + + static bool init_from_conf(const struct storage_module_init_options *conf) +@@ -725,7 +730,7 @@ static int remove_memory_stores(const char *id) + if (strcmp(tl->slayer->id, id) != 0) { + continue; + } +- delete_g_layer_list_item(item); ++ delete_g_layer_list_item(item, true); + break; + } + +-- +2.25.1 + diff --git a/0019-add-null-terminal-at-end-of-gr-mem-list.patch b/0019-add-null-terminal-at-end-of-gr-mem-list.patch new file mode 100644 index 0000000..8d5d26c --- /dev/null +++ b/0019-add-null-terminal-at-end-of-gr-mem-list.patch @@ -0,0 +1,56 @@ +From 12bbd939c1c2c55d0906b5a53a0b9b26b616c56b Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Fri, 10 Jun 2022 04:16:48 +0100 +Subject: [PATCH 19/22] add null terminal at end of gr mem list + +Signed-off-by: haozi007 +--- + src/utils/cutils/utils_pwgr.c | 4 +++- + test/cutils/utils_pwgr/utils_pwgr_ut.cc | 9 +++++++-- + 2 files changed, 10 insertions(+), 3 deletions(-) + +diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c +index b3aed14b..a3c41dd5 100644 +--- a/src/utils/cutils/utils_pwgr.c ++++ b/src/utils/cutils/utils_pwgr.c +@@ -144,7 +144,7 @@ static char **hold_string_list(char **line, char *buf_start, char *buf_end, cons + + for (; walker < (char **)buf_end; ++walker) { + if (**line == '\0') { +- return result; ++ goto out; + } + + (void)util_trim_space(*line); +@@ -155,6 +155,8 @@ static char **hold_string_list(char **line, char *buf_start, char *buf_end, cons + } + } + ++out: ++ *walker = NULL; + return result; + } + +diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +index c289e2b9..2a6b7e08 100644 +--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc ++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc +@@ -123,8 +123,13 @@ TEST(utils_pwgr, test_getgrent_r) + ASSERT_STREQ(gr.gr_passwd, std::get<1>(testcase[i]).c_str()); + ASSERT_EQ(gr.gr_gid, std::get<2>(testcase[i])); + if (string_list[i].size()) { +- for (j = 0; j < string_list[i].size(); ++j) { +- EXPECT_TRUE(strcmp(gr.gr_mem[j], string_list[i][j].c_str()) == 0); ++ char **walker = gr.gr_mem; ++ j = 0; ++ // use pointer to ensure gr_mem has end null pointer ++ while (walker != NULL && *walker != NULL) { ++ EXPECT_TRUE(strcmp(*walker, string_list[i][j].c_str()) == 0); ++ walker++; ++ j++; + } + } + EXPECT_TRUE(pgr == &gr); +-- +2.25.1 + diff --git a/0020-fix-shm-size-set-invalid-when-reboot.patch b/0020-fix-shm-size-set-invalid-when-reboot.patch new file mode 100644 index 0000000..70da476 --- /dev/null +++ b/0020-fix-shm-size-set-invalid-when-reboot.patch @@ -0,0 +1,246 @@ +From b289a6b384ac5ba474dd477b2a92b89244b27c24 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu +Date: Mon, 13 Jun 2022 14:35:46 +0800 +Subject: [PATCH 20/22] fix shm size set invalid when reboot + +Signed-off-by: zhangxiaoyu +--- + .../modules/service/service_container.c | 8 +++ + src/daemon/modules/spec/specs_mount.c | 63 +++++++++++++++---- + src/daemon/modules/spec/specs_mount.h | 2 + + .../image/oci/oci_config_merge/CMakeLists.txt | 1 + + test/specs/specs/CMakeLists.txt | 1 + + test/specs/specs_extend/CMakeLists.txt | 1 + + 6 files changed, 63 insertions(+), 13 deletions(-) + +diff --git a/src/daemon/modules/service/service_container.c b/src/daemon/modules/service/service_container.c +index c3c4fc1c..43a4a0c9 100644 +--- a/src/daemon/modules/service/service_container.c ++++ b/src/daemon/modules/service/service_container.c +@@ -43,6 +43,7 @@ + #include "events_sender_api.h" + #include "image_api.h" + #include "specs_api.h" ++#include "specs_mount.h" + #include "isulad_config.h" + #include "verify.h" + #include "plugin_api.h" +@@ -735,6 +736,13 @@ static int do_start_container(container_t *cont, const char *console_fifos[], bo + goto close_exit_fd; + } + ++ nret = setup_ipc_dirs(cont->hostconfig, cont->common_config); ++ if (nret != 0) { ++ ERROR("Failed to setup ipc dirs"); ++ ret = -1; ++ goto close_exit_fd; ++ } ++ + // embedded conainter is readonly, create mtab link will fail + // kata-runtime container's qemu donot support to create mtab in host + if (strcmp(IMAGE_TYPE_EMBEDDED, cont->common_config->image_type) != 0 && strcmp(KATA_RUNTIME, cont->runtime) != 0) { +diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c +index b35061d8..e55832c5 100644 +--- a/src/daemon/modules/spec/specs_mount.c ++++ b/src/daemon/modules/spec/specs_mount.c +@@ -49,6 +49,7 @@ + #include "utils_file.h" + #include "utils_string.h" + #include "utils_verify.h" ++#include "utils_fs.h" + #include "image_api.h" + #include "volume_api.h" + #include "parse_volume.h" +@@ -2574,10 +2575,11 @@ static int chown_for_shm(const char *shm_path, const char *user_remap) + + static char *get_prepare_share_shm_path(const char *truntime, const char *cid) + { +-#define SHM_MOUNT_FILE_NAME "/mounts/shm/" ++#define SHM_MOUNT_FILE_NAME "/mounts/shm" + char *c_root_path = NULL; + size_t slen = 0; + char *spath = NULL; ++ char real_root_path[PATH_MAX] = { 0 }; + int nret = 0; + + if (truntime == NULL) { +@@ -2588,19 +2590,24 @@ static char *get_prepare_share_shm_path(const char *truntime, const char *cid) + goto err_out; + } + +- // c_root_path + "/" + cid + "/mounts/shm" +- if (strlen(c_root_path) > (((PATH_MAX - strlen(cid)) - 1) - strlen(SHM_MOUNT_FILE_NAME)) - 1) { ++ if (realpath(c_root_path, real_root_path) == NULL) { ++ ERROR("Failed to get %s realpath", c_root_path); ++ goto err_out; ++ } ++ ++ // real_root_path + "/" + cid + "/mounts/shm" ++ if (strlen(real_root_path) > (((PATH_MAX - strlen(cid)) - 1) - strlen(SHM_MOUNT_FILE_NAME)) - 1) { + ERROR("Too large path"); + goto err_out; + } +- slen = strlen(c_root_path) + 1 + strlen(cid) + strlen(SHM_MOUNT_FILE_NAME) + 1; ++ slen = strlen(real_root_path) + 1 + strlen(cid) + strlen(SHM_MOUNT_FILE_NAME) + 1; + spath = util_smart_calloc_s(sizeof(char), slen); + if (spath == NULL) { + ERROR("Out of memory"); + goto err_out; + } + +- nret = snprintf(spath, slen, "%s/%s/mounts/shm/", c_root_path, cid); ++ nret = snprintf(spath, slen, "%s/%s/mounts/shm", real_root_path, cid); + if (nret < 0 || nret >= slen) { + ERROR("Sprintf failed"); + goto err_out; +@@ -2637,7 +2644,7 @@ out: + return ret; + } + +-static int prepare_share_shm(host_config *host_spec, container_config_v2_common_config *v2_spec) ++int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec) + { + #define MAX_PROPERTY_LEN 64 + char shmproperty[MAX_PROPERTY_LEN] = { 0 }; +@@ -2650,14 +2657,26 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_ + char *p = NULL; + char *userns_remap = NULL; + #endif +- // has mount for /dev/shm +- if (has_mount_shm(host_spec, v2_spec)) { ++ ++ // ignore shm of system container ++ if (host_spec->system_container) { ++ return 0; ++ } ++ // setup shareable dirs ++ if (host_spec->ipc_mode != NULL && !namespace_is_shareable(host_spec->ipc_mode)) { + return 0; + } + + spath = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id); + if (spath == NULL) { +- goto out; ++ return -1; ++ } ++ ++ // container shm has been mounted ++ if (util_detect_mounted(spath)) { ++ DEBUG("shm path %s has been mounted", spath); ++ free(spath); ++ return 0; + } + + nret = util_mkdir_p(spath, 0700); +@@ -2683,7 +2702,6 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_ + goto out; + } + +- v2_spec->shm_path = spath; + #ifdef ENABLE_USERNS_REMAP + userns_remap = conf_get_isulad_userns_remap(); + +@@ -2716,7 +2734,6 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_ + } + #endif + +- spath = NULL; + ret = 0; + out: + if (ret != 0 && has_mount) { +@@ -2777,8 +2794,22 @@ out_free: + return ret; + } + ++static int set_share_shm(const host_config *host_spec, container_config_v2_common_config *v2_spec) ++{ ++ char *spath = NULL; ++ ++ spath = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id); ++ if (spath == NULL) { ++ return -1; ++ } ++ ++ v2_spec->shm_path = spath; ++ ++ return 0; ++} ++ + #define SHM_MOUNT_POINT "/dev/shm" +-static int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec) ++static int set_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec) + { + int ret = 0; + container_t *cont = NULL; +@@ -2791,7 +2822,7 @@ static int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_con + } + // setup shareable dirs + if (host_spec->ipc_mode == NULL || namespace_is_shareable(host_spec->ipc_mode)) { +- return prepare_share_shm(host_spec, v2_spec); ++ return set_share_shm(host_spec, v2_spec); + } + + if (namespace_is_container(host_spec->ipc_mode)) { +@@ -3334,6 +3365,12 @@ int merge_conf_mounts(oci_runtime_spec *oci_spec, host_config *host_spec, contai + goto out; + } + ++ if (set_shm_path(host_spec, v2_spec) != 0) { ++ ERROR("Failed to set shm path"); ++ ret = -1; ++ goto out; ++ } ++ + /* add ipc mount */ + if (v2_spec->shm_path != NULL) { + // check whether duplication +diff --git a/src/daemon/modules/spec/specs_mount.h b/src/daemon/modules/spec/specs_mount.h +index b1e987e5..07c07a37 100644 +--- a/src/daemon/modules/spec/specs_mount.h ++++ b/src/daemon/modules/spec/specs_mount.h +@@ -41,4 +41,6 @@ bool mount_run_tmpfs(oci_runtime_spec *container, const host_config *host_spec, + + int merge_conf_device(oci_runtime_spec *oci_spec, host_config *host_spec); + ++int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec); ++ + #endif +diff --git a/test/image/oci/oci_config_merge/CMakeLists.txt b/test/image/oci/oci_config_merge/CMakeLists.txt +index 36dc3ead..88047fde 100644 +--- a/test/image/oci/oci_config_merge/CMakeLists.txt ++++ b/test/image/oci/oci_config_merge/CMakeLists.txt +@@ -13,6 +13,7 @@ add_executable(${EXE} + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_convert.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_file.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_timestamp.c ++ ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_fs.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/map.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/rb_tree.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/util_atomic.c +diff --git a/test/specs/specs/CMakeLists.txt b/test/specs/specs/CMakeLists.txt +index e0031e08..b730959c 100644 +--- a/test/specs/specs/CMakeLists.txt ++++ b/test/specs/specs/CMakeLists.txt +@@ -13,6 +13,7 @@ add_executable(${EXE} + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_timestamp.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/util_atomic.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_mount_spec.c ++ ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_fs.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/sha256/sha256.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/path.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/map/map.c +diff --git a/test/specs/specs_extend/CMakeLists.txt b/test/specs/specs_extend/CMakeLists.txt +index 45b21ecd..7d05deb4 100644 +--- a/test/specs/specs_extend/CMakeLists.txt ++++ b/test/specs/specs_extend/CMakeLists.txt +@@ -13,6 +13,7 @@ add_executable(${EXE} + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_timestamp.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/util_atomic.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_mount_spec.c ++ ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_fs.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/sha256/sha256.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/path.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/map/map.c +-- +2.25.1 + diff --git a/0021-set-the-name-of-each-container-and-image-operation-t.patch b/0021-set-the-name-of-each-container-and-image-operation-t.patch new file mode 100644 index 0000000..ed468d3 --- /dev/null +++ b/0021-set-the-name-of-each-container-and-image-operation-t.patch @@ -0,0 +1,338 @@ +From 8878630c20163dc9b716e2fdc35cae23b8aec6d1 Mon Sep 17 00:00:00 2001 +From: wujing +Date: Tue, 14 Jun 2022 15:30:49 +0800 +Subject: [PATCH 21/22] set the name of each container and image operation + thread + +Signed-off-by: wujing +--- + .../connect/grpc/grpc_containers_service.cc | 54 +++++++++++++++++++ + .../entry/connect/grpc/grpc_images_service.cc | 16 ++++++ + 2 files changed, 70 insertions(+) + +diff --git a/src/daemon/entry/connect/grpc/grpc_containers_service.cc b/src/daemon/entry/connect/grpc/grpc_containers_service.cc +index f3066af4..62aeb05a 100644 +--- a/src/daemon/entry/connect/grpc/grpc_containers_service.cc ++++ b/src/daemon/entry/connect/grpc/grpc_containers_service.cc +@@ -153,6 +153,8 @@ Status ContainerServiceImpl::Version(ServerContext *context, const VersionReques + container_version_request *container_req = nullptr; + container_version_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "VersionOp"); ++ + auto status = GrpcServerTlsAuth::auth(context, "docker_version"); + if (!status.ok()) { + return status; +@@ -185,6 +187,8 @@ Status ContainerServiceImpl::Info(ServerContext *context, const InfoRequest *req + host_info_request *container_req = nullptr; + host_info_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "InfoOp"); ++ + auto status = GrpcServerTlsAuth::auth(context, "docker_info"); + if (!status.ok()) { + return status; +@@ -217,6 +221,8 @@ Status ContainerServiceImpl::Create(ServerContext *context, const CreateRequest + container_create_response *container_res = nullptr; + container_create_request *container_req = nullptr; + ++ prctl(PR_SET_NAME, "ContCreate"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_create"); + if (!status.ok()) { + return status; +@@ -249,6 +255,8 @@ Status ContainerServiceImpl::Start(ServerContext *context, const StartRequest *r + container_start_request *req = nullptr; + container_start_response *res = nullptr; + ++ prctl(PR_SET_NAME, "ContStart"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_start"); + if (!status.ok()) { + return status; +@@ -327,6 +335,8 @@ Status ContainerServiceImpl::RemoteStart(ServerContext *context, + container_start_response *container_res = nullptr; + sem_t sem; + ++ prctl(PR_SET_NAME, "ContRStart"); ++ + cb = get_service_executor(); + if (cb == nullptr || cb->container.start == nullptr) { + return Status(StatusCode::UNIMPLEMENTED, "Unimplemented callback"); +@@ -402,6 +412,8 @@ Status ContainerServiceImpl::Top(ServerContext *context, const TopRequest *reque + container_top_request *req = nullptr; + container_top_response *res = nullptr; + ++ prctl(PR_SET_NAME, "ContTop"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_top"); + if (!status.ok()) { + return status; +@@ -434,6 +446,8 @@ Status ContainerServiceImpl::Stop(ServerContext *context, const StopRequest *req + container_stop_request *container_req = nullptr; + container_stop_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContStop"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_stop"); + if (!status.ok()) { + return status; +@@ -466,6 +480,8 @@ Status ContainerServiceImpl::Restart(ServerContext *context, const RestartReques + container_restart_request *container_req = nullptr; + container_restart_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContRestart"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_restart"); + if (!status.ok()) { + return status; +@@ -498,6 +514,8 @@ Status ContainerServiceImpl::Kill(ServerContext *context, const KillRequest *req + container_kill_request *container_req = nullptr; + container_kill_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContKill"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_kill"); + if (!status.ok()) { + return status; +@@ -530,6 +548,8 @@ Status ContainerServiceImpl::Delete(ServerContext *context, const DeleteRequest + container_delete_request *container_req = nullptr; + container_delete_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContDelete"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_delete"); + if (!status.ok()) { + return status; +@@ -562,6 +582,8 @@ Status ContainerServiceImpl::Exec(ServerContext *context, const ExecRequest *req + container_exec_request *container_req = nullptr; + container_exec_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContExec"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_exec_create"); + if (!status.ok()) { + return status; +@@ -665,6 +687,8 @@ Status ContainerServiceImpl::RemoteExec(ServerContext *context, + container_exec_request *container_req = nullptr; + container_exec_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContRExec"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_exec_create"); + if (!status.ok()) { + return status; +@@ -739,6 +763,8 @@ Status ContainerServiceImpl::Inspect(ServerContext *context, const InspectContai + container_inspect_request *container_req = nullptr; + container_inspect_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContInspect"); ++ + Status status = GrpcServerTlsAuth::auth(context, "container_inspect"); + if (!status.ok()) { + return status; +@@ -772,6 +798,8 @@ Status ContainerServiceImpl::List(ServerContext *context, const ListRequest *req + container_list_request *container_req = nullptr; + container_list_response *container_res = nullptr; + ++ prctl(PR_SET_NAME, "ContList"); ++ + auto status = GrpcServerTlsAuth::auth(context, "container_list"); + if (!status.ok()) { + return status; +@@ -884,6 +912,8 @@ Status ContainerServiceImpl::Attach(ServerContext *context, ServerReaderWriter +Date: Tue, 14 Jun 2022 18:54:02 +0800 +Subject: [PATCH 22/22] set the name of each container and image operation + thread for restful version + +Signed-off-by: wujing +--- + .../connect/rest/rest_containers_service.c | 36 +++++++++++++++++++ + .../entry/connect/rest/rest_images_service.c | 19 ++++++++++ + 2 files changed, 55 insertions(+) + +diff --git a/src/daemon/entry/connect/rest/rest_containers_service.c b/src/daemon/entry/connect/rest/rest_containers_service.c +index a7c32500..9c822324 100644 +--- a/src/daemon/entry/connect/rest/rest_containers_service.c ++++ b/src/daemon/entry/connect/rest/rest_containers_service.c +@@ -522,6 +522,8 @@ static void rest_create_cb(evhtp_request_t *req, void *arg) + container_create_response *cresponse = NULL; + container_create_request *crequest = NULL; + ++ prctl(PR_SET_NAME, "ContCreate"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -557,6 +559,8 @@ static void rest_start_cb(evhtp_request_t *req, void *arg) + container_start_response *cresponse = NULL; + container_start_request *crequest = NULL; + ++ prctl(PR_SET_NAME, "ContStart"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -592,6 +596,8 @@ static void rest_wait_cb(evhtp_request_t *req, void *arg) + container_wait_request *crequest = NULL; + container_wait_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContWait"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -654,6 +660,8 @@ static void rest_stop_cb(evhtp_request_t *req, void *arg) + container_stop_request *crequest = NULL; + container_stop_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContStop"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -715,6 +723,8 @@ static void rest_restart_cb(evhtp_request_t *req, void *arg) + container_restart_request *crequest = NULL; + container_restart_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContRestart"); ++ + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); + return; +@@ -771,6 +781,8 @@ static void rest_version_cb(evhtp_request_t *req, void *arg) + container_version_request *crequest = NULL; + container_version_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "VersionOp"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -833,6 +845,8 @@ static void rest_info_cb(evhtp_request_t *req, void *arg) + host_info_request *crequest = NULL; + host_info_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "InfoOp"); ++ + // only deal with post request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -896,6 +910,8 @@ static void rest_update_cb(evhtp_request_t *req, void *arg) + container_update_request *container_req = NULL; + container_update_response *container_res = NULL; + ++ prctl(PR_SET_NAME, "ContUpdate"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -957,6 +973,8 @@ static void rest_kill_cb(evhtp_request_t *req, void *arg) + container_kill_request *crequest = NULL; + container_kill_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContKill"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1020,6 +1038,8 @@ static void rest_container_inspect_cb(evhtp_request_t *req, void *arg) + container_inspect_request *crequest = NULL; + container_inspect_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContInspect"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1082,6 +1102,8 @@ static void rest_exec_cb(evhtp_request_t *req, void *arg) + container_exec_request *crequest = NULL; + container_exec_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContExec"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1145,6 +1167,8 @@ static void rest_attach_cb(evhtp_request_t *req, void *arg) + container_attach_request *crequest = NULL; + container_attach_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContAttach"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1206,6 +1230,8 @@ static void rest_remove_cb(evhtp_request_t *req, void *arg) + container_delete_request *crequest = NULL; + container_delete_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContRemove"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1241,6 +1267,8 @@ static void rest_list_cb(evhtp_request_t *req, void *arg) + container_list_request *crequest = NULL; + container_list_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContList"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -1303,6 +1331,8 @@ static void rest_export_cb(evhtp_request_t *req, void *arg) + container_export_request *crequest = NULL; + container_export_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContExport"); ++ + // only deal with post request + if (evhtp_request_get_method(req) != htp_method_POST) { + ERROR("Only deal with post request"); +@@ -1367,6 +1397,8 @@ static void rest_pause_cb(evhtp_request_t *req, void *arg) + container_pause_request *crequest = NULL; + container_pause_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContPause"); ++ + // only deal with post request + if (evhtp_request_get_method(req) != htp_method_POST) { + ERROR("Only deal with post request: pause()"); +@@ -1431,6 +1463,8 @@ static void rest_resume_cb(evhtp_request_t *req, void *arg) + container_resume_request *crequest = NULL; + container_resume_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ContResume"); ++ + // only deal with post request + if (evhtp_request_get_method(req) != htp_method_POST) { + ERROR("Only deal with post request: resume()"); +@@ -1501,6 +1535,8 @@ static void rest_rename_cb(evhtp_request_t *req, void *arg) + struct isulad_container_rename_request isuladreq = { 0 }; + struct isulad_container_rename_response *isuladres = NULL; + ++ prctl(PR_SET_NAME, "ContRename"); ++ + // only deal with post request + if (evhtp_request_get_method(req) != htp_method_POST) { + ERROR("Only deal with post request: rename()"); +diff --git a/src/daemon/entry/connect/rest/rest_images_service.c b/src/daemon/entry/connect/rest/rest_images_service.c +index 7107d255..bd367f29 100644 +--- a/src/daemon/entry/connect/rest/rest_images_service.c ++++ b/src/daemon/entry/connect/rest/rest_images_service.c +@@ -14,6 +14,7 @@ + ******************************************************************************/ + #include "rest_images_service.h" + #include ++#include + + #include "isula_libutils/log.h" + #include "callback.h" +@@ -276,6 +277,8 @@ static void rest_image_load_cb(evhtp_request_t *req, void *arg) + image_load_image_request *crequest = NULL; + image_load_image_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageLoad"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -311,6 +314,8 @@ static void rest_image_list_cb(evhtp_request_t *req, void *arg) + image_list_images_request *crequest = NULL; + image_list_images_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageList"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -346,6 +351,8 @@ static void rest_image_delete_cb(evhtp_request_t *req, void *arg) + image_delete_image_request *crequest = NULL; + image_delete_image_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageDelete"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -381,6 +388,8 @@ static void rest_image_inspect_cb(evhtp_request_t *req, void *arg) + image_inspect_request *crequest = NULL; + image_inspect_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageInspect"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -481,6 +490,8 @@ static void rest_image_pull_cb(evhtp_request_t *req, void *arg) + image_pull_image_request *crequest = NULL; + image_pull_image_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImagePull"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -592,6 +603,8 @@ static void rest_image_login_cb(evhtp_request_t *req, void *arg) + image_login_request *crequest = NULL; + image_login_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "RegistryLogin"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -686,6 +699,8 @@ static void rest_image_logout_cb(evhtp_request_t *req, void *arg) + image_logout_request *crequest = NULL; + image_logout_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "RegistryLogout"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -769,6 +784,8 @@ static void rest_image_tag_cb(evhtp_request_t *req, void *arg) + image_tag_image_request *crequest = NULL; + image_tag_image_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageTag"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +@@ -852,6 +869,8 @@ static void rest_image_import_cb(evhtp_request_t *req, void *arg) + image_import_request *crequest = NULL; + image_import_response *cresponse = NULL; + ++ prctl(PR_SET_NAME, "ImageImport"); ++ + // only deal with POST request + if (evhtp_request_get_method(req) != htp_method_POST) { + evhtp_send_reply(req, RESTFUL_RES_NOTIMPL); +-- +2.25.1 + diff --git a/iSulad.spec b/iSulad.spec index 1310d00..202cbeb 100644 --- a/iSulad.spec +++ b/iSulad.spec @@ -1,5 +1,5 @@ %global _version 2.0.14 -%global _release 7 +%global _release 8 %global is_systemd 1 %global enable_shimv2 1 %global is_embedded 1 @@ -26,6 +26,15 @@ Patch0010: 0010-remove-check-parameter-label_opts-in-init_label.patch Patch0011: 0011-update-seccomp-to-Linux-5.10-syscall-list.patch Patch0012: 0012-fix-invalid-convert-and-format.patch Patch0013: 0013-fix-get_network_namespace_path-check.patch +Patch0014: 0014-bugfix-for-double-free-and-use-after-free.patch +Patch0015: 0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch +Patch0016: 0016-do-not-fail-if-pw-is-not-NULL.patch +Patch0017: 0017-do-not-fail-if-gr-is-NULL.patch +Patch0018: 0018-fix-memory-leak-of-remove-layer.patch +Patch0019: 0019-add-null-terminal-at-end-of-gr-mem-list.patch +Patch0020: 0020-fix-shm-size-set-invalid-when-reboot.patch +Patch0021: 0021-set-the-name-of-each-container-and-image-operation-t.patch +Patch0022: 0022-set-the-name-of-each-container-and-image-operation-t.patch %ifarch x86_64 aarch64 Provides: libhttpclient.so()(64bit) @@ -253,6 +262,12 @@ fi %endif %changelog +* Wed Jun 15 2022 chengzeruizhi - 2.0.14-8 +- Type: enhancement +- ID: NA +- SUG: NA +- DESC: sync from upstream openeuler/iSulad + * Tue May 31 2022 zhangxiaoyu - 2.0.14-7 - Type: enhancement - ID: NA