!367 sync from upstream

From: @chengzrz 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian

0001-do-not-mkdir-of-isulad-if-no-controller-found.patch

@@ -1,7 +1,7 @@
 From 9837be14200fecb32db0337652e60532f1adb7be Mon Sep 17 00:00:00 2001
 From: WangFengTu <wangfengtu@huawei.com>
 Date: Mon, 23 May 2022 17:06:19 +0800
-Subject: [PATCH 01/13] do not mkdir of isulad if no controller found
+Subject: [PATCH 01/22] do not mkdir of isulad if no controller found
 
 If selinux disable the capibility DAC_OVERRIDE,
 mkdir isulad may fail when run container.

0002-fix-install-error-when-android.patch

@@ -1,7 +1,7 @@
 From 426a282802b8b81c66e6857857a745583f816c0a Mon Sep 17 00:00:00 2001
 From: WangFengTu <wangfengtu@huawei.com>
 Date: Tue, 24 May 2022 16:51:02 +0800
-Subject: [PATCH 02/13] fix install error when android
+Subject: [PATCH 02/22] fix install error when android
 
 Signed-off-by: WangFengTu <wangfengtu@huawei.com>
 ---

0003-imp-fuzz-for-pw-gr-parser.patch

@@ -1,7 +1,7 @@
 From 9ccb30fa430c7b98ecab4406dabe8498c74db8c3 Mon Sep 17 00:00:00 2001
 From: chegJH <hejunjie10@huawei.com>
 Date: Thu, 12 May 2022 16:40:41 +0800
-Subject: [PATCH 03/13] imp fuzz for pw gr parser
+Subject: [PATCH 03/22] imp fuzz for pw gr parser
 
 Signed-off-by: chegJH <hejunjie10@huawei.com>
 ---

0004-improve-fuzz-test.patch

@@ -1,7 +1,7 @@
 From 31a92265a6bd29dc8f98179947406f1bb56ac5a8 Mon Sep 17 00:00:00 2001
 From: haozi007 <liuhao27@huawei.com>
 Date: Thu, 26 May 2022 13:53:09 +0100
-Subject: [PATCH 04/13] improve fuzz test
+Subject: [PATCH 04/22] improve fuzz test
 
 Signed-off-by: haozi007 <liuhao27@huawei.com>
 ---

0005-Seccomp-optimization.patch

@@ -1,7 +1,7 @@
 From 02167555e702316fe14cc963f9e978e9f66f59ba Mon Sep 17 00:00:00 2001
 From: chengzrz <czrzrichard@gmail.com>
 Date: Fri, 24 Dec 2021 10:47:31 +0800
-Subject: [PATCH 05/13] Seccomp optimization
+Subject: [PATCH 05/22] Seccomp optimization
 
 Signed-off-by: chengzrz <czrzrichard@gmail.com>
 ---

0006-fix-different-type-convert.patch

@@ -1,7 +1,7 @@
 From 1db2941da2eba089f3ed07c59f4925c857860023 Mon Sep 17 00:00:00 2001
 From: haozi007 <liuhao27@huawei.com>
 Date: Tue, 31 May 2022 03:33:16 +0100
-Subject: [PATCH 06/13] fix different type convert
+Subject: [PATCH 06/22] fix different type convert
 
 Signed-off-by: haozi007 <liuhao27@huawei.com>
 ---

0007-add-pointer-parameters-NULL-check.patch

@@ -1,7 +1,7 @@
 From 17b6015d5abe3500a5a89d171af79698e57545f2 Mon Sep 17 00:00:00 2001
 From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 Date: Tue, 31 May 2022 19:35:35 +0800
-Subject: [PATCH 07/13] add pointer parameters NULL check
+Subject: [PATCH 07/22] add pointer parameters NULL check
 
 Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 Signed-off-by: haozi007 <liuhao27@huawei.com>

0008-add-check-to-arguments.patch

@@ -1,7 +1,7 @@
 From 56c2a6a98d51ea893939079cc31e3a7897fa5aba Mon Sep 17 00:00:00 2001
 From: haozi007 <liuhao27@huawei.com>
 Date: Tue, 31 May 2022 12:53:10 +0100
-Subject: [PATCH 08/13] add check to arguments
+Subject: [PATCH 08/22] add check to arguments
 
 Signed-off-by: haozi007 <liuhao27@huawei.com>
 ---

0009-remove-static-of-strlncat.patch

@@ -1,7 +1,7 @@
 From 9133e2159e9e69434b41e9649762f8eaed191f37 Mon Sep 17 00:00:00 2001
 From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 Date: Tue, 31 May 2022 22:39:44 +0800
-Subject: [PATCH 09/13] remove static of strlncat
+Subject: [PATCH 09/22] remove static of strlncat
 
 Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 ---

0010-remove-check-parameter-label_opts-in-init_label.patch

@@ -1,7 +1,7 @@
 From 60715b192de2cb1b4e8fe9ce48ddf081a6d2be53 Mon Sep 17 00:00:00 2001
 From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 Date: Wed, 1 Jun 2022 09:50:03 +0800
-Subject: [PATCH 10/13] remove check parameter label_opts in init_label
+Subject: [PATCH 10/22] remove check parameter label_opts in init_label
 
 Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 ---

0011-update-seccomp-to-Linux-5.10-syscall-list.patch

@@ -1,7 +1,7 @@
 From 55a4f57232c42a9c2d36a41de5d743ee9ebbe88e Mon Sep 17 00:00:00 2001
 From: vegbir <yangjiaqi16@huawei.com>
 Date: Wed, 1 Jun 2022 13:44:37 +0800
-Subject: [PATCH 11/13] update seccomp to Linux 5.10 syscall list
+Subject: [PATCH 11/22] update seccomp to Linux 5.10 syscall list
 
 Signed-off-by: yangjiaqi <yangjiaqi16@huawei.com>
 ---

0012-fix-invalid-convert-and-format.patch

@@ -1,7 +1,7 @@
 From 8dcad172ea0241f35cdd464029523253ada7e99f Mon Sep 17 00:00:00 2001
 From: haozi007 <liuhao27@huawei.com>
 Date: Wed, 1 Jun 2022 12:53:56 +0100
-Subject: [PATCH 12/13] fix invalid convert and format
+Subject: [PATCH 12/22] fix invalid convert and format
 
 1. invalid convert;
 2. error print format;

0013-fix-get_network_namespace_path-check.patch

@@ -1,7 +1,7 @@
 From a96ad33008671e61bddebb744a7ac0aa3798313b Mon Sep 17 00:00:00 2001
 From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 Date: Thu, 2 Jun 2022 10:33:07 +0800
-Subject: [PATCH 13/13] fix get_network_namespace_path check
+Subject: [PATCH 13/22] fix get_network_namespace_path check
 
 Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
 ---

0014-bugfix-for-double-free-and-use-after-free.patch

@@ -0,0 +1,227 @@
+From 7934311c1b1003021449b92900f3102ff77395e2 Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Tue, 7 Jun 2022 15:19:20 +0800
+Subject: [PATCH 14/22] bugfix for double free and use after free
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ src/client/connect/rest/rest_images_client.c  |  2 +-
+ src/cmd/isula/information/ps.c                |  4 ++-
+ src/daemon/common/sysinfo.c                   |  3 +-
+ .../cri_pod_sandbox_manager_service_impl.cc   |  3 +-
+ .../entry/cri/websocket/service/ws_server.h   | 19 +++++-----
+ .../oci/storage/image_store/image_store.c     | 36 ++++++++++++++-----
+ .../oci/storage/layer_store/layer_store.c     |  3 +-
+ src/utils/console/console.c                   |  2 +-
+ 8 files changed, 48 insertions(+), 24 deletions(-)
+
+diff --git a/src/client/connect/rest/rest_images_client.c b/src/client/connect/rest/rest_images_client.c
+index 3deeeead..c2fc17f1 100644
+--- a/src/client/connect/rest/rest_images_client.c
++++ b/src/client/connect/rest/rest_images_client.c
+@@ -929,7 +929,7 @@ out:
+ static int rest_image_import(const struct isula_import_request *request, struct isula_import_response *response,
+                              void *arg)
+ {
+- 
++
+     client_connect_config_t *connect_config = (client_connect_config_t *)arg;
+     const char *socketname = (const char *)(connect_config->socket);
+     char *body = NULL;
+diff --git a/src/cmd/isula/information/ps.c b/src/cmd/isula/information/ps.c
+index 74c2f94a..805cbbd6 100644
+--- a/src/cmd/isula/information/ps.c
++++ b/src/cmd/isula/information/ps.c
+@@ -904,14 +904,16 @@ static int append_non_header_item_field(const char *prefix, const char *non_fiel
+         ret = -1;
+         goto out;
+     }
++
+     field->name = non_field_string;
++    non_field_string = NULL;
+     field->is_field = false;
++
+     if (append_field(ff, field) != 0) {
+         ERROR("Failed to append field");
+         ret = -1;
+         goto out;
+     }
+-    non_field_string = NULL;
+     field = NULL;
+ 
+ out:
+diff --git a/src/daemon/common/sysinfo.c b/src/daemon/common/sysinfo.c
+index 89ca5225..d52f8767 100644
+--- a/src/daemon/common/sysinfo.c
++++ b/src/daemon/common/sysinfo.c
+@@ -1309,7 +1309,8 @@ out:
+ }
+ 
+ #ifdef __ANDROID__
+-static bool cgroup2_no_controller() {
++static bool cgroup2_no_controller()
++{
+     char *controllers_str = NULL;
+ 
+     controllers_str = util_read_content_from_file(CGROUP2_CONTROLLERS_PATH);
+diff --git a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
+index f0c8e470..4bc9845f 100644
+--- a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
++++ b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
+@@ -99,7 +99,8 @@ void PodSandboxManagerServiceImpl::ApplySandboxResources(const runtime::v1alpha2
+ }
+ 
+ 
+-void PodSandboxManagerServiceImpl::SetHostConfigDefaultValue(host_config *hc) {
++void PodSandboxManagerServiceImpl::SetHostConfigDefaultValue(host_config *hc)
++{
+     free(hc->network_mode);
+     hc->network_mode = util_strdup_s(CRI::Constants::namespaceModeFile.c_str());
+ }
+diff --git a/src/daemon/entry/cri/websocket/service/ws_server.h b/src/daemon/entry/cri/websocket/service/ws_server.h
+index 4af54067..b871aabc 100644
+--- a/src/daemon/entry/cri/websocket/service/ws_server.h
++++ b/src/daemon/entry/cri/websocket/service/ws_server.h
+@@ -30,8 +30,7 @@
+ #include "errors.h"
+ #include "read_write_lock.h"
+ 
+-namespace
+-{
++namespace {
+ const int MAX_ECHO_PAYLOAD = 4096;
+ const int MAX_ARRAY_LEN = 2;
+ const int MAX_PROTOCOL_NUM = 2;
+@@ -97,13 +96,15 @@ private:
+     static struct lws_context *m_context;
+     volatile int m_forceExit = 0;
+     std::thread m_pthreadService;
+-    const struct lws_protocols m_protocols[MAX_PROTOCOL_NUM] = { {
+-                                                                         "channel.k8s.io",
+-                                                                         Callback,
+-                                                                         0,
+-                                                                         MAX_ECHO_PAYLOAD,
+-                                                                 },
+-                                                                 { nullptr, nullptr, 0, 0 } };
++    const struct lws_protocols m_protocols[MAX_PROTOCOL_NUM] = {
++        {
++            "channel.k8s.io",
++            Callback,
++            0,
++            MAX_ECHO_PAYLOAD,
++        },
++        { nullptr, nullptr, 0, 0 }
++    };
+     RouteCallbackRegister m_handler;
+     static std::unordered_map<int, SessionData *> m_wsis;
+     url::URLDatum m_url;
+diff --git a/src/daemon/modules/image/oci/storage/image_store/image_store.c b/src/daemon/modules/image/oci/storage/image_store/image_store.c
+index 727991fe..edb28b78 100644
+--- a/src/daemon/modules/image/oci/storage/image_store/image_store.c
++++ b/src/daemon/modules/image/oci/storage/image_store/image_store.c
+@@ -734,6 +734,7 @@ static int image_store_append_image(const char *id, const char *searchable_diges
+ {
+     int ret = 0;
+     size_t i = 0;
++    size_t record_name_len = 0;
+     struct linked_list *item = NULL;
+ 
+     item = util_smart_calloc_s(sizeof(struct linked_list), 1);
+@@ -748,33 +749,52 @@ static int image_store_append_image(const char *id, const char *searchable_diges
+     if (!map_insert(g_image_store->byid, (void *)id, (void *)img)) {
+         ERROR("Failed to insert image to image store");
+         ret = -1;
+-        goto out;
++        goto list_err_out;
+     }
+ 
+     if (append_image_according_to_digest(g_image_store->bydigest, searchable_digest, img) != 0) {
+         ERROR("Failed to insert image to image store digest index");
+         ret = -1;
+-        goto out;
++        goto id_err_out;
+     }
+ 
+     for (i = 0; i < img->simage->names_len; i++) {
+         if (map_search(g_image_store->byname, (void *)img->simage->names[i]) != NULL) {
+             ERROR("Image name is already in use : %s", img->simage->names[i]);
+             ret = -1;
+-            goto out;
++            goto err_out;
+         }
+         if (!map_insert(g_image_store->byname, (void *)img->simage->names[i], (void *)img)) {
+             ERROR("Failed to insert image to image store's byname");
+             ret = -1;
+-            goto out;
++            goto err_out;
+         }
+     }
+ 
+-out:
+-    if (ret != 0) {
+-        linked_list_del(item);
+-        free(item);
++    return 0;
++
++err_out:
++    record_name_len = i;
++    for (i = 0; i < record_name_len; i++) {
++        if (!map_remove(g_image_store->byname, (void *)img->simage->names[i])) {
++            ERROR("Failed to remove image from image store's byname");
++        }
+     }
++
++    if (remove_image_from_digest_index(img, searchable_digest) != 0) {
++        ERROR("Failed to remove image from image store digest index");
++    }
++
++id_err_out:
++    if (!map_remove(g_image_store->byid, (void *)id)) {
++        ERROR("Failed to remove image from ids map in image store");
++    }
++
++list_err_out:
++    linked_list_del(item);
++    g_image_store->images_list_len--;
++    free(item);
++
+     return ret;
+ }
+ 
+diff --git a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
+index a35f61ee..bb9e5b94 100644
+--- a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
++++ b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
+@@ -212,6 +212,7 @@ static bool append_layer_into_list(layer_t *l)
+     return true;
+ }
+ 
++// only delete item from list, free item->elem by caller
+ static inline void delete_g_layer_list_item(struct linked_list *item)
+ {
+     if (item == NULL) {
+@@ -220,8 +221,6 @@ static inline void delete_g_layer_list_item(struct linked_list *item)
+ 
+     linked_list_del(item);
+ 
+-    layer_ref_dec((layer_t *)item->elem);
+-    item->elem = NULL;
+     free(item);
+     g_metadata.layers_list_len -= 1;
+ }
+diff --git a/src/utils/console/console.c b/src/utils/console/console.c
+index 8492eb4d..b0dc7ee5 100644
+--- a/src/utils/console/console.c
++++ b/src/utils/console/console.c
+@@ -253,7 +253,7 @@ int console_fifo_open(const char *fifo_path, int *fdout, int flags)
+ {
+     int fd = 0;
+ 
+-    if (fifo_path ==NULL || fdout == NULL) {
++    if (fifo_path == NULL || fdout == NULL) {
+         ERROR("Argument must not be NULL");
+         return -1;
+     }
+-- 
+2.25.1
+

0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch

@@ -0,0 +1,73 @@
+From 18db58c919bb9767bbe2f11c7447cfed27312c63 Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Thu, 9 Jun 2022 21:16:26 +0800
+Subject: [PATCH 15/22] fix isulad-shim coredump when remove ioc fd node
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ src/cmd/isulad-shim/process.c | 19 +++++++++++++------
+ 1 file changed, 13 insertions(+), 6 deletions(-)
+
+diff --git a/src/cmd/isulad-shim/process.c b/src/cmd/isulad-shim/process.c
+index 21b2523a..6de470f7 100644
+--- a/src/cmd/isulad-shim/process.c
++++ b/src/cmd/isulad-shim/process.c
+@@ -195,10 +195,6 @@ static void remove_io_dispatch(io_thread_t *io_thd, int from, int to)
+     }
+     io_copy_t *ioc = io_thd->ioc;
+ 
+-    if (pthread_mutex_lock(&(ioc->mutex))) {
+-        return;
+-    }
+-
+     fd_node_t *tmp = NULL;
+     do {
+         /* remove src fd */
+@@ -233,7 +229,6 @@ static void remove_io_dispatch(io_thread_t *io_thd, int from, int to)
+         free(tmp);
+         tmp = NULL;
+     }
+-    pthread_mutex_unlock(&(ioc->mutex));
+ }
+ 
+ static int get_exec_winsize(const char *buf, struct winsize *wsize)
+@@ -297,8 +292,14 @@ static void *do_io_copy(void *data)
+             /* End of file. The remote has closed the connection */
+             break;
+         } else if (ioc->id != EXEC_RESIZE) {
++            if (pthread_mutex_lock(&(ioc->mutex)) != 0) {
++                continue;
++            }
++
+             fd_node_t *fn = ioc->fd_to;
+-            for (; fn != NULL; fn = fn->next) {
++            fd_node_t *next = fn;
++            for (; fn != NULL; fn = next) {
++                next = fn->next;
+                 if (fn->is_log) {
+                     shim_write_container_log_file(io_thd->terminal, ioc->id, buf, r_count);
+                 } else {
+@@ -309,7 +310,12 @@ static void *do_io_copy(void *data)
+                     }
+                 }
+             }
++            pthread_mutex_unlock(&(ioc->mutex));
+         } else {
++            if (pthread_mutex_lock(&(ioc->mutex)) != 0) {
++                continue;
++            }
++
+             int resize_fd = ioc->fd_to->fd;
+             struct winsize wsize = { 0x00 };
+             if (get_exec_winsize(buf, &wsize) < 0) {
+@@ -318,6 +324,7 @@ static void *do_io_copy(void *data)
+             if (ioctl(resize_fd, TIOCSWINSZ, &wsize) < 0) {
+                 break;
+             }
++            pthread_mutex_unlock(&(ioc->mutex));
+         }
+ 
+         /*
+-- 
+2.25.1
+

0016-do-not-fail-if-pw-is-not-NULL.patch

@@ -0,0 +1,65 @@
+From ae49fce8e19f7544c463cfbff58794f35f44c493 Mon Sep 17 00:00:00 2001
+From: WangFengTu <wangfengtu@huawei.com>
+Date: Thu, 9 Jun 2022 16:17:52 +0800
+Subject: [PATCH 16/22] do not fail if pw is not NULL
+
+Signed-off-by: WangFengTu <wangfengtu@huawei.com>
+---
+ src/utils/cutils/utils_pwgr.c           | 7 +------
+ test/cutils/utils_pwgr/utils_pwgr_ut.cc | 5 ++---
+ 2 files changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c
+index 01490863..6b83f787 100644
+--- a/src/utils/cutils/utils_pwgr.c
++++ b/src/utils/cutils/utils_pwgr.c
+@@ -212,11 +212,6 @@ int util_getpwent_r(FILE *stream, struct passwd *resbuf, char *buffer, size_t bu
+         return -1;
+     }
+ 
+-    if (*result != NULL) {
+-        ERROR("Result shall point to null to start.");
+-        return -1;
+-    }
+-
+     buff_end = buffer + buflen - 1;
+     flockfile(stream);
+ 
+@@ -337,4 +332,4 @@ int util_getgrent_r(FILE *stream, struct group *resbuf, char *buffer, size_t buf
+ out:
+     funlockfile(stream);
+     return ret;
+-}
+\ No newline at end of file
++}
+diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+index 00a32e05..bf9c9f06 100644
+--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc
++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+@@ -44,7 +44,7 @@ TEST(utils_pwgr, test_getpwent_r)
+     ASSERT_EQ(util_getpwent_r(NULL, &pw, buf, sizeof(buf), &ppw), -1);
+     ASSERT_EQ(util_getpwent_r(f_pw, &pw, NULL, 0, &ppw), -1);
+     ASSERT_EQ(util_getpwent_r(f_pw, &pw, invalid_buf, 1, &ppw), -1);
+-    ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), &ppw_alter), -1);
++    ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), &ppw_alter), 0);
+     ASSERT_EQ(util_getpwent_r(f_pw, &pw, buf, sizeof(buf), NULL), -1);
+ 
+     while (!feof(f_pw)) {
+@@ -65,7 +65,6 @@ TEST(utils_pwgr, test_getpwent_r)
+         ASSERT_STREQ(pw.pw_dir, std::get<5>(elem).c_str());
+         ASSERT_STREQ(pw.pw_shell, std::get<6>(elem).c_str());
+         EXPECT_TRUE(ppw == &pw);
+-        ppw = nullptr;
+         pw = {0};
+     }
+ 
+@@ -134,4 +133,4 @@ TEST(utils_pwgr, test_getgrent_r)
+     }
+ 
+     fclose(f_gr);
+-}
+\ No newline at end of file
++}
+-- 
+2.25.1
+

0017-do-not-fail-if-gr-is-NULL.patch

@@ -0,0 +1,51 @@
+From b4596641a08891bfec9384f87815c8e671d594d4 Mon Sep 17 00:00:00 2001
+From: WangFengTu <wangfengtu@huawei.com>
+Date: Thu, 9 Jun 2022 17:07:40 +0800
+Subject: [PATCH 17/22] do not fail if gr is NULL
+
+Signed-off-by: WangFengTu <wangfengtu@huawei.com>
+---
+ src/utils/cutils/utils_pwgr.c           | 5 -----
+ test/cutils/utils_pwgr/utils_pwgr_ut.cc | 3 +--
+ 2 files changed, 1 insertion(+), 7 deletions(-)
+
+diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c
+index 6b83f787..b3aed14b 100644
+--- a/src/utils/cutils/utils_pwgr.c
++++ b/src/utils/cutils/utils_pwgr.c
+@@ -279,11 +279,6 @@ int util_getgrent_r(FILE *stream, struct group *resbuf, char *buffer, size_t buf
+         return -1;
+     }
+ 
+-    if (*result != NULL) {
+-        ERROR("Result shall point to null to start.");
+-        return -1;
+-    }
+-
+     flockfile(stream);
+     buff_end = buffer + buflen - 1;
+ 
+diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+index bf9c9f06..c289e2b9 100644
+--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc
++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+@@ -106,7 +106,7 @@ TEST(utils_pwgr, test_getgrent_r)
+     ASSERT_EQ(util_getgrent_r(NULL, &gr, buf, sizeof(buf), &pgr), -1);
+     ASSERT_EQ(util_getgrent_r(f_gr, &gr, NULL, 0, &pgr), -1);
+     ASSERT_EQ(util_getgrent_r(f_gr, &gr, invalid_buf, 1, &pgr), -1);
+-    ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), &pgr_alter), -1);
++    ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), &pgr_alter), 0);
+     ASSERT_EQ(util_getgrent_r(f_gr, &gr, buf, sizeof(buf), NULL), -1);
+ 
+     while (!feof(f_gr)) {
+@@ -129,7 +129,6 @@ TEST(utils_pwgr, test_getgrent_r)
+         }
+         EXPECT_TRUE(pgr == &gr);
+         gr = {0};
+-        pgr = nullptr;
+     }
+ 
+     fclose(f_gr);
+-- 
+2.25.1
+

0018-fix-memory-leak-of-remove-layer.patch

@@ -0,0 +1,56 @@
+From eb168d32053f9204336c37af98210810957cedd2 Mon Sep 17 00:00:00 2001
+From: haozi007 <liuhao27@huawei.com>
+Date: Fri, 10 Jun 2022 04:10:39 +0100
+Subject: [PATCH 18/22] fix memory leak of remove layer
+
+Signed-off-by: haozi007 <liuhao27@huawei.com>
+---
+ .../image/oci/storage/layer_store/layer_store.c       | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
+index bb9e5b94..7e95a52f 100644
+--- a/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
++++ b/src/daemon/modules/image/oci/storage/layer_store/layer_store.c
+@@ -213,7 +213,7 @@ static bool append_layer_into_list(layer_t *l)
+ }
+ 
+ // only delete item from list, free item->elem by caller
+-static inline void delete_g_layer_list_item(struct linked_list *item)
++static inline void delete_g_layer_list_item(struct linked_list *item, bool rm_val)
+ {
+     if (item == NULL) {
+         return;
+@@ -221,6 +221,11 @@ static inline void delete_g_layer_list_item(struct linked_list *item)
+ 
+     linked_list_del(item);
+ 
++    if (rm_val) {
++        layer_ref_dec((layer_t *)item->elem);
++        item->elem = NULL;
++    }
++
+     free(item);
+     g_metadata.layers_list_len -= 1;
+ }
+@@ -235,7 +240,7 @@ void remove_layer_list_tail()
+ 
+     item = g_metadata.layers_list.prev;
+ 
+-    delete_g_layer_list_item(item);
++    delete_g_layer_list_item(item, false);
+ }
+ 
+ static bool init_from_conf(const struct storage_module_init_options *conf)
+@@ -725,7 +730,7 @@ static int remove_memory_stores(const char *id)
+         if (strcmp(tl->slayer->id, id) != 0) {
+             continue;
+         }
+-        delete_g_layer_list_item(item);
++        delete_g_layer_list_item(item, true);
+         break;
+     }
+ 
+-- 
+2.25.1
+

0019-add-null-terminal-at-end-of-gr-mem-list.patch

@@ -0,0 +1,56 @@
+From 12bbd939c1c2c55d0906b5a53a0b9b26b616c56b Mon Sep 17 00:00:00 2001
+From: haozi007 <liuhao27@huawei.com>
+Date: Fri, 10 Jun 2022 04:16:48 +0100
+Subject: [PATCH 19/22] add null terminal at end of gr mem list
+
+Signed-off-by: haozi007 <liuhao27@huawei.com>
+---
+ src/utils/cutils/utils_pwgr.c           | 4 +++-
+ test/cutils/utils_pwgr/utils_pwgr_ut.cc | 9 +++++++--
+ 2 files changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/src/utils/cutils/utils_pwgr.c b/src/utils/cutils/utils_pwgr.c
+index b3aed14b..a3c41dd5 100644
+--- a/src/utils/cutils/utils_pwgr.c
++++ b/src/utils/cutils/utils_pwgr.c
+@@ -144,7 +144,7 @@ static char **hold_string_list(char **line, char *buf_start, char *buf_end, cons
+ 
+     for (; walker < (char **)buf_end; ++walker) {
+         if (**line == '\0') {
+-            return result;
++            goto out;
+         }
+ 
+         (void)util_trim_space(*line);
+@@ -155,6 +155,8 @@ static char **hold_string_list(char **line, char *buf_start, char *buf_end, cons
+         }
+     }
+ 
++out:
++    *walker = NULL;
+     return result;
+ }
+ 
+diff --git a/test/cutils/utils_pwgr/utils_pwgr_ut.cc b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+index c289e2b9..2a6b7e08 100644
+--- a/test/cutils/utils_pwgr/utils_pwgr_ut.cc
++++ b/test/cutils/utils_pwgr/utils_pwgr_ut.cc
+@@ -123,8 +123,13 @@ TEST(utils_pwgr, test_getgrent_r)
+         ASSERT_STREQ(gr.gr_passwd, std::get<1>(testcase[i]).c_str());
+         ASSERT_EQ(gr.gr_gid, std::get<2>(testcase[i]));
+         if (string_list[i].size()) {
+-            for (j = 0; j < string_list[i].size(); ++j) {
+-                EXPECT_TRUE(strcmp(gr.gr_mem[j], string_list[i][j].c_str()) == 0);
++            char **walker = gr.gr_mem;
++            j = 0;
++            // use pointer to ensure gr_mem has end null pointer
++            while (walker != NULL && *walker != NULL) {
++                EXPECT_TRUE(strcmp(*walker, string_list[i][j].c_str()) == 0);
++                walker++;
++                j++;
+             }
+         }
+         EXPECT_TRUE(pgr == &gr);
+-- 
+2.25.1
+

0020-fix-shm-size-set-invalid-when-reboot.patch

@@ -0,0 +1,246 @@
+From b289a6b384ac5ba474dd477b2a92b89244b27c24 Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Mon, 13 Jun 2022 14:35:46 +0800
+Subject: [PATCH 20/22] fix shm size set invalid when reboot
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ .../modules/service/service_container.c       |  8 +++
+ src/daemon/modules/spec/specs_mount.c         | 63 +++++++++++++++----
+ src/daemon/modules/spec/specs_mount.h         |  2 +
+ .../image/oci/oci_config_merge/CMakeLists.txt |  1 +
+ test/specs/specs/CMakeLists.txt               |  1 +
+ test/specs/specs_extend/CMakeLists.txt        |  1 +
+ 6 files changed, 63 insertions(+), 13 deletions(-)
+
+diff --git a/src/daemon/modules/service/service_container.c b/src/daemon/modules/service/service_container.c
+index c3c4fc1c..43a4a0c9 100644
+--- a/src/daemon/modules/service/service_container.c
++++ b/src/daemon/modules/service/service_container.c
+@@ -43,6 +43,7 @@
+ #include "events_sender_api.h"
+ #include "image_api.h"
+ #include "specs_api.h"
++#include "specs_mount.h"
+ #include "isulad_config.h"
+ #include "verify.h"
+ #include "plugin_api.h"
+@@ -735,6 +736,13 @@ static int do_start_container(container_t *cont, const char *console_fifos[], bo
+         goto close_exit_fd;
+     }
+ 
++    nret = setup_ipc_dirs(cont->hostconfig, cont->common_config);
++    if (nret != 0) {
++        ERROR("Failed to setup ipc dirs");
++        ret = -1;
++        goto close_exit_fd;
++    }
++
+     // embedded conainter is readonly, create mtab link will fail
+     // kata-runtime container's qemu donot support to create mtab in host
+     if (strcmp(IMAGE_TYPE_EMBEDDED, cont->common_config->image_type) != 0 && strcmp(KATA_RUNTIME, cont->runtime) != 0) {
+diff --git a/src/daemon/modules/spec/specs_mount.c b/src/daemon/modules/spec/specs_mount.c
+index b35061d8..e55832c5 100644
+--- a/src/daemon/modules/spec/specs_mount.c
++++ b/src/daemon/modules/spec/specs_mount.c
+@@ -49,6 +49,7 @@
+ #include "utils_file.h"
+ #include "utils_string.h"
+ #include "utils_verify.h"
++#include "utils_fs.h"
+ #include "image_api.h"
+ #include "volume_api.h"
+ #include "parse_volume.h"
+@@ -2574,10 +2575,11 @@ static int chown_for_shm(const char *shm_path, const char *user_remap)
+ 
+ static char *get_prepare_share_shm_path(const char *truntime, const char *cid)
+ {
+-#define SHM_MOUNT_FILE_NAME "/mounts/shm/"
++#define SHM_MOUNT_FILE_NAME "/mounts/shm"
+     char *c_root_path = NULL;
+     size_t slen = 0;
+     char *spath = NULL;
++    char real_root_path[PATH_MAX] = { 0 };
+     int nret = 0;
+ 
+     if (truntime == NULL) {
+@@ -2588,19 +2590,24 @@ static char *get_prepare_share_shm_path(const char *truntime, const char *cid)
+         goto err_out;
+     }
+ 
+-    // c_root_path + "/" + cid + "/mounts/shm"
+-    if (strlen(c_root_path) > (((PATH_MAX - strlen(cid)) - 1) - strlen(SHM_MOUNT_FILE_NAME)) - 1) {
++    if (realpath(c_root_path, real_root_path) == NULL) {
++        ERROR("Failed to get %s realpath", c_root_path);
++        goto err_out;
++    }
++
++    // real_root_path + "/" + cid + "/mounts/shm"
++    if (strlen(real_root_path) > (((PATH_MAX - strlen(cid)) - 1) - strlen(SHM_MOUNT_FILE_NAME)) - 1) {
+         ERROR("Too large path");
+         goto err_out;
+     }
+-    slen = strlen(c_root_path) + 1 + strlen(cid) + strlen(SHM_MOUNT_FILE_NAME) + 1;
++    slen = strlen(real_root_path) + 1 + strlen(cid) + strlen(SHM_MOUNT_FILE_NAME) + 1;
+     spath = util_smart_calloc_s(sizeof(char), slen);
+     if (spath == NULL) {
+         ERROR("Out of memory");
+         goto err_out;
+     }
+ 
+-    nret = snprintf(spath, slen, "%s/%s/mounts/shm/", c_root_path, cid);
++    nret = snprintf(spath, slen, "%s/%s/mounts/shm", real_root_path, cid);
+     if (nret < 0 || nret >= slen) {
+         ERROR("Sprintf failed");
+         goto err_out;
+@@ -2637,7 +2644,7 @@ out:
+     return ret;
+ }
+ 
+-static int prepare_share_shm(host_config *host_spec, container_config_v2_common_config *v2_spec)
++int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec)
+ {
+ #define MAX_PROPERTY_LEN 64
+     char shmproperty[MAX_PROPERTY_LEN] = { 0 };
+@@ -2650,14 +2657,26 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_
+     char *p = NULL;
+     char *userns_remap = NULL;
+ #endif
+-    // has mount for /dev/shm
+-    if (has_mount_shm(host_spec, v2_spec)) {
++
++    // ignore shm of system container
++    if (host_spec->system_container) {
++        return 0;
++    }
++    // setup shareable dirs
++    if (host_spec->ipc_mode != NULL && !namespace_is_shareable(host_spec->ipc_mode)) {
+         return 0;
+     }
+ 
+     spath = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id);
+     if (spath == NULL) {
+-        goto out;
++        return -1;
++    }
++
++    // container shm has been mounted
++    if (util_detect_mounted(spath)) {
++        DEBUG("shm path %s has been mounted", spath);
++        free(spath);
++        return 0;
+     }
+ 
+     nret = util_mkdir_p(spath, 0700);
+@@ -2683,7 +2702,6 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_
+         goto out;
+     }
+ 
+-    v2_spec->shm_path = spath;
+ #ifdef ENABLE_USERNS_REMAP
+     userns_remap = conf_get_isulad_userns_remap();
+ 
+@@ -2716,7 +2734,6 @@ static int prepare_share_shm(host_config *host_spec, container_config_v2_common_
+     }
+ #endif
+ 
+-    spath = NULL;
+     ret = 0;
+ out:
+     if (ret != 0 && has_mount) {
+@@ -2777,8 +2794,22 @@ out_free:
+     return ret;
+ }
+ 
++static int set_share_shm(const host_config *host_spec, container_config_v2_common_config *v2_spec)
++{
++    char *spath = NULL;
++
++    spath = get_prepare_share_shm_path(host_spec->runtime, v2_spec->id);
++    if (spath == NULL) {
++        return -1;
++    }
++
++    v2_spec->shm_path = spath;
++
++    return 0;
++}
++
+ #define SHM_MOUNT_POINT "/dev/shm"
+-static int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec)
++static int set_shm_path(host_config *host_spec, container_config_v2_common_config *v2_spec)
+ {
+     int ret = 0;
+     container_t *cont = NULL;
+@@ -2791,7 +2822,7 @@ static int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_con
+     }
+     // setup shareable dirs
+     if (host_spec->ipc_mode == NULL || namespace_is_shareable(host_spec->ipc_mode)) {
+-        return prepare_share_shm(host_spec, v2_spec);
++        return set_share_shm(host_spec, v2_spec);
+     }
+ 
+     if (namespace_is_container(host_spec->ipc_mode)) {
+@@ -3334,6 +3365,12 @@ int merge_conf_mounts(oci_runtime_spec *oci_spec, host_config *host_spec, contai
+         goto out;
+     }
+ 
++    if (set_shm_path(host_spec, v2_spec) != 0) {
++        ERROR("Failed to set shm path");
++        ret = -1;
++        goto out;
++    }
++
+     /* add ipc mount */
+     if (v2_spec->shm_path != NULL) {
+         // check whether duplication
+diff --git a/src/daemon/modules/spec/specs_mount.h b/src/daemon/modules/spec/specs_mount.h
+index b1e987e5..07c07a37 100644
+--- a/src/daemon/modules/spec/specs_mount.h
++++ b/src/daemon/modules/spec/specs_mount.h
+@@ -41,4 +41,6 @@ bool mount_run_tmpfs(oci_runtime_spec *container, const host_config *host_spec,
+ 
+ int merge_conf_device(oci_runtime_spec *oci_spec, host_config *host_spec);
+ 
++int setup_ipc_dirs(host_config *host_spec, container_config_v2_common_config *v2_spec);
++
+ #endif
+diff --git a/test/image/oci/oci_config_merge/CMakeLists.txt b/test/image/oci/oci_config_merge/CMakeLists.txt
+index 36dc3ead..88047fde 100644
+--- a/test/image/oci/oci_config_merge/CMakeLists.txt
++++ b/test/image/oci/oci_config_merge/CMakeLists.txt
+@@ -13,6 +13,7 @@ add_executable(${EXE}
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_convert.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_file.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_timestamp.c
++    ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_fs.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/map.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/rb_tree.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/util_atomic.c
+diff --git a/test/specs/specs/CMakeLists.txt b/test/specs/specs/CMakeLists.txt
+index e0031e08..b730959c 100644
+--- a/test/specs/specs/CMakeLists.txt
++++ b/test/specs/specs/CMakeLists.txt
+@@ -13,6 +13,7 @@ add_executable(${EXE}
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_timestamp.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/util_atomic.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_mount_spec.c
++    ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_fs.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/sha256/sha256.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/path.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/map/map.c
+diff --git a/test/specs/specs_extend/CMakeLists.txt b/test/specs/specs_extend/CMakeLists.txt
+index 45b21ecd..7d05deb4 100644
+--- a/test/specs/specs_extend/CMakeLists.txt
++++ b/test/specs/specs_extend/CMakeLists.txt
+@@ -13,6 +13,7 @@ add_executable(${EXE}
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_timestamp.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/util_atomic.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_mount_spec.c
++    ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/utils_fs.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/sha256/sha256.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/path.c
+     ${CMAKE_CURRENT_SOURCE_DIR}/../../../src/utils/cutils/map/map.c
+-- 
+2.25.1
+

0021-set-the-name-of-each-container-and-image-operation-t.patch

@@ -0,0 +1,338 @@
+From 8878630c20163dc9b716e2fdc35cae23b8aec6d1 Mon Sep 17 00:00:00 2001
+From: wujing <wujing50@huawei.com>
+Date: Tue, 14 Jun 2022 15:30:49 +0800
+Subject: [PATCH 21/22] set the name of each container and image operation
+ thread
+
+Signed-off-by: wujing <wujing50@huawei.com>
+---
+ .../connect/grpc/grpc_containers_service.cc   | 54 +++++++++++++++++++
+ .../entry/connect/grpc/grpc_images_service.cc | 16 ++++++
+ 2 files changed, 70 insertions(+)
+
+diff --git a/src/daemon/entry/connect/grpc/grpc_containers_service.cc b/src/daemon/entry/connect/grpc/grpc_containers_service.cc
+index f3066af4..62aeb05a 100644
+--- a/src/daemon/entry/connect/grpc/grpc_containers_service.cc
++++ b/src/daemon/entry/connect/grpc/grpc_containers_service.cc
+@@ -153,6 +153,8 @@ Status ContainerServiceImpl::Version(ServerContext *context, const VersionReques
+     container_version_request *container_req = nullptr;
+     container_version_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "VersionOp");
++
+     auto status = GrpcServerTlsAuth::auth(context, "docker_version");
+     if (!status.ok()) {
+         return status;
+@@ -185,6 +187,8 @@ Status ContainerServiceImpl::Info(ServerContext *context, const InfoRequest *req
+     host_info_request *container_req = nullptr;
+     host_info_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "InfoOp");
++
+     auto status = GrpcServerTlsAuth::auth(context, "docker_info");
+     if (!status.ok()) {
+         return status;
+@@ -217,6 +221,8 @@ Status ContainerServiceImpl::Create(ServerContext *context, const CreateRequest
+     container_create_response *container_res = nullptr;
+     container_create_request *container_req = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContCreate");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_create");
+     if (!status.ok()) {
+         return status;
+@@ -249,6 +255,8 @@ Status ContainerServiceImpl::Start(ServerContext *context, const StartRequest *r
+     container_start_request *req = nullptr;
+     container_start_response *res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContStart");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_start");
+     if (!status.ok()) {
+         return status;
+@@ -327,6 +335,8 @@ Status ContainerServiceImpl::RemoteStart(ServerContext *context,
+     container_start_response *container_res = nullptr;
+     sem_t sem;
+ 
++    prctl(PR_SET_NAME, "ContRStart");
++
+     cb = get_service_executor();
+     if (cb == nullptr || cb->container.start == nullptr) {
+         return Status(StatusCode::UNIMPLEMENTED, "Unimplemented callback");
+@@ -402,6 +412,8 @@ Status ContainerServiceImpl::Top(ServerContext *context, const TopRequest *reque
+     container_top_request *req = nullptr;
+     container_top_response *res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContTop");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_top");
+     if (!status.ok()) {
+         return status;
+@@ -434,6 +446,8 @@ Status ContainerServiceImpl::Stop(ServerContext *context, const StopRequest *req
+     container_stop_request *container_req = nullptr;
+     container_stop_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContStop");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_stop");
+     if (!status.ok()) {
+         return status;
+@@ -466,6 +480,8 @@ Status ContainerServiceImpl::Restart(ServerContext *context, const RestartReques
+     container_restart_request *container_req = nullptr;
+     container_restart_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContRestart");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_restart");
+     if (!status.ok()) {
+         return status;
+@@ -498,6 +514,8 @@ Status ContainerServiceImpl::Kill(ServerContext *context, const KillRequest *req
+     container_kill_request *container_req = nullptr;
+     container_kill_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContKill");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_kill");
+     if (!status.ok()) {
+         return status;
+@@ -530,6 +548,8 @@ Status ContainerServiceImpl::Delete(ServerContext *context, const DeleteRequest
+     container_delete_request *container_req = nullptr;
+     container_delete_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContDelete");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_delete");
+     if (!status.ok()) {
+         return status;
+@@ -562,6 +582,8 @@ Status ContainerServiceImpl::Exec(ServerContext *context, const ExecRequest *req
+     container_exec_request *container_req = nullptr;
+     container_exec_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContExec");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_exec_create");
+     if (!status.ok()) {
+         return status;
+@@ -665,6 +687,8 @@ Status ContainerServiceImpl::RemoteExec(ServerContext *context,
+     container_exec_request *container_req = nullptr;
+     container_exec_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContRExec");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_exec_create");
+     if (!status.ok()) {
+         return status;
+@@ -739,6 +763,8 @@ Status ContainerServiceImpl::Inspect(ServerContext *context, const InspectContai
+     container_inspect_request *container_req = nullptr;
+     container_inspect_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContInspect");
++
+     Status status = GrpcServerTlsAuth::auth(context, "container_inspect");
+     if (!status.ok()) {
+         return status;
+@@ -772,6 +798,8 @@ Status ContainerServiceImpl::List(ServerContext *context, const ListRequest *req
+     container_list_request *container_req = nullptr;
+     container_list_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContList");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_list");
+     if (!status.ok()) {
+         return status;
+@@ -884,6 +912,8 @@ Status ContainerServiceImpl::Attach(ServerContext *context, ServerReaderWriter<A
+     sem_t sem_stderr;
+     int pipefd[2] = { -1, -1 };
+ 
++    prctl(PR_SET_NAME, "ContAttach");
++
+     auto status = AttachInit(context, &cb, &container_req, &container_res, &sem_stderr, pipefd);
+     if (!status.ok()) {
+         return status;
+@@ -944,6 +974,8 @@ Status ContainerServiceImpl::Pause(ServerContext *context, const PauseRequest *r
+     container_pause_request *container_req = nullptr;
+     container_pause_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContPause");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_pause");
+     if (!status.ok()) {
+         return status;
+@@ -976,6 +1008,8 @@ Status ContainerServiceImpl::Resume(ServerContext *context, const ResumeRequest
+     container_resume_request *container_req = nullptr;
+     container_resume_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContResume");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_unpause");
+     if (!status.ok()) {
+         return status;
+@@ -1008,6 +1042,8 @@ Status ContainerServiceImpl::Export(ServerContext *context, const ExportRequest
+     container_export_request *container_req = nullptr;
+     container_export_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContExport");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_export");
+     if (!status.ok()) {
+         return status;
+@@ -1040,6 +1076,8 @@ Status ContainerServiceImpl::Rename(ServerContext *context, const RenameRequest
+     struct isulad_container_rename_request *isuladreq = nullptr;
+     struct isulad_container_rename_response *isuladres = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContRename");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_rename");
+     if (!status.ok()) {
+         return status;
+@@ -1073,6 +1111,8 @@ Status ContainerServiceImpl::Resize(ServerContext *context, const ResizeRequest
+     struct isulad_container_resize_request *isuladreq = nullptr;
+     struct isulad_container_resize_response *isuladres = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContResize");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_resize");
+     if (!status.ok()) {
+         return status;
+@@ -1106,6 +1146,8 @@ Status ContainerServiceImpl::Update(ServerContext *context, const UpdateRequest
+     container_update_request *container_req = nullptr;
+     container_update_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContUpdate");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_update");
+     if (!status.ok()) {
+         return status;
+@@ -1138,6 +1180,8 @@ Status ContainerServiceImpl::Stats(ServerContext *context, const StatsRequest *r
+     container_stats_request *container_req = nullptr;
+     container_stats_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContStats");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_stats");
+     if (!status.ok()) {
+         return status;
+@@ -1170,6 +1214,8 @@ Status ContainerServiceImpl::Wait(ServerContext *context, const WaitRequest *req
+     container_wait_request *container_req = nullptr;
+     container_wait_response *container_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContWait");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_wait");
+     if (!status.ok()) {
+         return status;
+@@ -1202,6 +1248,8 @@ Status ContainerServiceImpl::Events(ServerContext *context, const EventsRequest
+     isulad_events_request *isuladreq = nullptr;
+     stream_func_wrapper stream = { 0 };
+ 
++    prctl(PR_SET_NAME, "ContEvents");
++
+     auto status = GrpcServerTlsAuth::auth(context, "docker_events");
+     if (!status.ok()) {
+         return status;
+@@ -1238,6 +1286,8 @@ Status ContainerServiceImpl::CopyFromContainer(ServerContext *context, const Cop
+     service_executor_t *cb = nullptr;
+     isulad_copy_from_container_request *isuladreq = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContCopyFrom");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_archive");
+     if (!status.ok()) {
+         return status;
+@@ -1280,6 +1330,8 @@ ContainerServiceImpl::CopyToContainer(ServerContext *context,
+     service_executor_t *cb = nullptr;
+     container_copy_to_request *isuladreq = nullptr;
+ 
++    prctl(PR_SET_NAME, "ContCopyTo");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_archive");
+     if (!status.ok()) {
+         return status;
+@@ -1387,6 +1439,8 @@ Status ContainerServiceImpl::Logs(ServerContext *context, const LogsRequest *req
+     struct isulad_logs_response *isulad_response = nullptr;
+     stream_func_wrapper stream = { 0 };
+ 
++    prctl(PR_SET_NAME, "ContLogs");
++
+     auto status = GrpcServerTlsAuth::auth(context, "container_logs");
+     if (!status.ok()) {
+         return status;
+diff --git a/src/daemon/entry/connect/grpc/grpc_images_service.cc b/src/daemon/entry/connect/grpc/grpc_images_service.cc
+index dff07b39..79c4fb7c 100644
+--- a/src/daemon/entry/connect/grpc/grpc_images_service.cc
++++ b/src/daemon/entry/connect/grpc/grpc_images_service.cc
+@@ -248,6 +248,8 @@ void ImagesServiceImpl::inspect_response_to_grpc(const image_inspect_response *r
+ 
+ Status ImagesServiceImpl::List(ServerContext *context, const ListImagesRequest *request, ListImagesResponse *reply)
+ {
++    prctl(PR_SET_NAME, "ImageList");
++
+     auto status = GrpcServerTlsAuth::auth(context, "image_list");
+     if (!status.ok()) {
+         return status;
+@@ -277,6 +279,8 @@ Status ImagesServiceImpl::List(ServerContext *context, const ListImagesRequest *
+ 
+ Status ImagesServiceImpl::Delete(ServerContext *context, const DeleteImageRequest *request, DeleteImageResponse *reply)
+ {
++    prctl(PR_SET_NAME, "ImageDelete");
++
+     auto status = GrpcServerTlsAuth::auth(context, "image_delete");
+     if (!status.ok()) {
+         return status;
+@@ -306,6 +310,8 @@ Status ImagesServiceImpl::Delete(ServerContext *context, const DeleteImageReques
+ 
+ Status ImagesServiceImpl::Tag(ServerContext *context, const TagImageRequest *request, TagImageResponse *reply)
+ {
++    prctl(PR_SET_NAME, "ImageTag");
++
+     auto status = GrpcServerTlsAuth::auth(context, "image_tag");
+     if (!status.ok()) {
+         return status;
+@@ -351,6 +357,8 @@ void ImagesServiceImpl::import_response_to_grpc(const image_import_response *res
+ 
+ Status ImagesServiceImpl::Import(ServerContext *context, const ImportRequest *request, ImportResponse *reply)
+ {
++    prctl(PR_SET_NAME, "ImageImport");
++
+     auto status = GrpcServerTlsAuth::auth(context, "image_import");
+     if (!status.ok()) {
+         return status;
+@@ -380,6 +388,8 @@ Status ImagesServiceImpl::Import(ServerContext *context, const ImportRequest *re
+ 
+ Status ImagesServiceImpl::Load(ServerContext *context, const LoadImageRequest *request, LoadImageResponse *reply)
+ {
++    prctl(PR_SET_NAME, "ImageLoad");
++
+     auto status = GrpcServerTlsAuth::auth(context, "image_load");
+     if (!status.ok()) {
+         return status;
+@@ -415,6 +425,8 @@ Status ImagesServiceImpl::Inspect(ServerContext *context, const InspectImageRequ
+     image_inspect_request *image_req = nullptr;
+     image_inspect_response *image_res = nullptr;
+ 
++    prctl(PR_SET_NAME, "ImageInspect");
++
+     Status status = GrpcServerTlsAuth::auth(context, "image_inspect");
+     if (!status.ok()) {
+         return status;
+@@ -487,6 +499,8 @@ int ImagesServiceImpl::image_logout_request_from_grpc(const LogoutRequest *grequ
+ 
+ Status ImagesServiceImpl::Login(ServerContext *context, const LoginRequest *request, LoginResponse *reply)
+ {
++    prctl(PR_SET_NAME, "RegistryLogin");
++
+     auto status = GrpcServerTlsAuth::auth(context, "login");
+     if (!status.ok()) {
+         return status;
+@@ -516,6 +530,8 @@ Status ImagesServiceImpl::Login(ServerContext *context, const LoginRequest *requ
+ 
+ Status ImagesServiceImpl::Logout(ServerContext *context, const LogoutRequest *request, LogoutResponse *reply)
+ {
++    prctl(PR_SET_NAME, "RegistryLogout");
++
+     auto status = GrpcServerTlsAuth::auth(context, "logout");
+     if (!status.ok()) {
+         return status;
+-- 
+2.25.1
+

0022-set-the-name-of-each-container-and-image-operation-t.patch

@@ -0,0 +1,274 @@
+From 7d13b23a09d397f743acdcaf606804fea5989cff Mon Sep 17 00:00:00 2001
+From: wujing <wujing50@huawei.com>
+Date: Tue, 14 Jun 2022 18:54:02 +0800
+Subject: [PATCH 22/22] set the name of each container and image operation
+ thread for restful version
+
+Signed-off-by: wujing <wujing50@huawei.com>
+---
+ .../connect/rest/rest_containers_service.c    | 36 +++++++++++++++++++
+ .../entry/connect/rest/rest_images_service.c  | 19 ++++++++++
+ 2 files changed, 55 insertions(+)
+
+diff --git a/src/daemon/entry/connect/rest/rest_containers_service.c b/src/daemon/entry/connect/rest/rest_containers_service.c
+index a7c32500..9c822324 100644
+--- a/src/daemon/entry/connect/rest/rest_containers_service.c
++++ b/src/daemon/entry/connect/rest/rest_containers_service.c
+@@ -522,6 +522,8 @@ static void rest_create_cb(evhtp_request_t *req, void *arg)
+     container_create_response *cresponse = NULL;
+     container_create_request *crequest = NULL;
+ 
++    prctl(PR_SET_NAME, "ContCreate");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -557,6 +559,8 @@ static void rest_start_cb(evhtp_request_t *req, void *arg)
+     container_start_response *cresponse = NULL;
+     container_start_request *crequest = NULL;
+ 
++    prctl(PR_SET_NAME, "ContStart");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -592,6 +596,8 @@ static void rest_wait_cb(evhtp_request_t *req, void *arg)
+     container_wait_request *crequest = NULL;
+     container_wait_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContWait");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -654,6 +660,8 @@ static void rest_stop_cb(evhtp_request_t *req, void *arg)
+     container_stop_request *crequest = NULL;
+     container_stop_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContStop");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -715,6 +723,8 @@ static void rest_restart_cb(evhtp_request_t *req, void *arg)
+     container_restart_request *crequest = NULL;
+     container_restart_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContRestart");
++
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+         return;
+@@ -771,6 +781,8 @@ static void rest_version_cb(evhtp_request_t *req, void *arg)
+     container_version_request *crequest = NULL;
+     container_version_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "VersionOp");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -833,6 +845,8 @@ static void rest_info_cb(evhtp_request_t *req, void *arg)
+     host_info_request *crequest = NULL;
+     host_info_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "InfoOp");
++
+     // only deal with post request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -896,6 +910,8 @@ static void rest_update_cb(evhtp_request_t *req, void *arg)
+     container_update_request *container_req = NULL;
+     container_update_response *container_res = NULL;
+ 
++    prctl(PR_SET_NAME, "ContUpdate");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -957,6 +973,8 @@ static void rest_kill_cb(evhtp_request_t *req, void *arg)
+     container_kill_request *crequest = NULL;
+     container_kill_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContKill");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1020,6 +1038,8 @@ static void rest_container_inspect_cb(evhtp_request_t *req, void *arg)
+     container_inspect_request *crequest = NULL;
+     container_inspect_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContInspect");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1082,6 +1102,8 @@ static void rest_exec_cb(evhtp_request_t *req, void *arg)
+     container_exec_request *crequest = NULL;
+     container_exec_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContExec");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1145,6 +1167,8 @@ static void rest_attach_cb(evhtp_request_t *req, void *arg)
+     container_attach_request *crequest = NULL;
+     container_attach_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContAttach");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1206,6 +1230,8 @@ static void rest_remove_cb(evhtp_request_t *req, void *arg)
+     container_delete_request *crequest = NULL;
+     container_delete_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContRemove");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1241,6 +1267,8 @@ static void rest_list_cb(evhtp_request_t *req, void *arg)
+     container_list_request *crequest = NULL;
+     container_list_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContList");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -1303,6 +1331,8 @@ static void rest_export_cb(evhtp_request_t *req, void *arg)
+     container_export_request *crequest = NULL;
+     container_export_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContExport");
++
+     // only deal with post request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         ERROR("Only deal with post request");
+@@ -1367,6 +1397,8 @@ static void rest_pause_cb(evhtp_request_t *req, void *arg)
+     container_pause_request *crequest = NULL;
+     container_pause_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContPause");
++
+     // only deal with post request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         ERROR("Only deal with post request: pause()");
+@@ -1431,6 +1463,8 @@ static void rest_resume_cb(evhtp_request_t *req, void *arg)
+     container_resume_request *crequest = NULL;
+     container_resume_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ContResume");
++
+     // only deal with post request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         ERROR("Only deal with post request: resume()");
+@@ -1501,6 +1535,8 @@ static void rest_rename_cb(evhtp_request_t *req, void *arg)
+     struct isulad_container_rename_request isuladreq = { 0 };
+     struct isulad_container_rename_response *isuladres = NULL;
+ 
++    prctl(PR_SET_NAME, "ContRename");
++
+     // only deal with post request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         ERROR("Only deal with post request: rename()");
+diff --git a/src/daemon/entry/connect/rest/rest_images_service.c b/src/daemon/entry/connect/rest/rest_images_service.c
+index 7107d255..bd367f29 100644
+--- a/src/daemon/entry/connect/rest/rest_images_service.c
++++ b/src/daemon/entry/connect/rest/rest_images_service.c
+@@ -14,6 +14,7 @@
+  ******************************************************************************/
+ #include "rest_images_service.h"
+ #include <unistd.h>
++#include <sys/prctl.h>
+ 
+ #include "isula_libutils/log.h"
+ #include "callback.h"
+@@ -276,6 +277,8 @@ static void rest_image_load_cb(evhtp_request_t *req, void *arg)
+     image_load_image_request *crequest = NULL;
+     image_load_image_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageLoad");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -311,6 +314,8 @@ static void rest_image_list_cb(evhtp_request_t *req, void *arg)
+     image_list_images_request *crequest = NULL;
+     image_list_images_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageList");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -346,6 +351,8 @@ static void rest_image_delete_cb(evhtp_request_t *req, void *arg)
+     image_delete_image_request *crequest = NULL;
+     image_delete_image_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageDelete");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -381,6 +388,8 @@ static void rest_image_inspect_cb(evhtp_request_t *req, void *arg)
+     image_inspect_request *crequest = NULL;
+     image_inspect_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageInspect");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -481,6 +490,8 @@ static void rest_image_pull_cb(evhtp_request_t *req, void *arg)
+     image_pull_image_request *crequest = NULL;
+     image_pull_image_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImagePull");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -592,6 +603,8 @@ static void rest_image_login_cb(evhtp_request_t *req, void *arg)
+     image_login_request *crequest = NULL;
+     image_login_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "RegistryLogin");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -686,6 +699,8 @@ static void rest_image_logout_cb(evhtp_request_t *req, void *arg)
+     image_logout_request *crequest = NULL;
+     image_logout_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "RegistryLogout");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -769,6 +784,8 @@ static void rest_image_tag_cb(evhtp_request_t *req, void *arg)
+     image_tag_image_request *crequest = NULL;
+     image_tag_image_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageTag");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+@@ -852,6 +869,8 @@ static void rest_image_import_cb(evhtp_request_t *req, void *arg)
+     image_import_request *crequest =  NULL;
+     image_import_response *cresponse = NULL;
+ 
++    prctl(PR_SET_NAME, "ImageImport");
++
+     // only deal with POST request
+     if (evhtp_request_get_method(req) != htp_method_POST) {
+         evhtp_send_reply(req, RESTFUL_RES_NOTIMPL);
+-- 
+2.25.1
+

iSulad.spec

@@ -1,5 +1,5 @@
 %global _version 2.0.14
-%global _release 7
+%global _release 8
 %global is_systemd 1
 %global enable_shimv2 1
 %global is_embedded 1
@@ -26,6 +26,15 @@ Patch0010:  0010-remove-check-parameter-label_opts-in-init_label.patch
 Patch0011:  0011-update-seccomp-to-Linux-5.10-syscall-list.patch
 Patch0012:  0012-fix-invalid-convert-and-format.patch
 Patch0013:  0013-fix-get_network_namespace_path-check.patch
+Patch0014:  0014-bugfix-for-double-free-and-use-after-free.patch
+Patch0015:  0015-fix-isulad-shim-coredump-when-remove-ioc-fd-node.patch
+Patch0016:  0016-do-not-fail-if-pw-is-not-NULL.patch
+Patch0017:  0017-do-not-fail-if-gr-is-NULL.patch
+Patch0018:  0018-fix-memory-leak-of-remove-layer.patch
+Patch0019:  0019-add-null-terminal-at-end-of-gr-mem-list.patch
+Patch0020:  0020-fix-shm-size-set-invalid-when-reboot.patch
+Patch0021:  0021-set-the-name-of-each-container-and-image-operation-t.patch
+Patch0022:  0022-set-the-name-of-each-container-and-image-operation-t.patch
 
 %ifarch x86_64 aarch64
 Provides:       libhttpclient.so()(64bit)
@@ -253,6 +262,12 @@ fi
 %endif
 
 %changelog
+* Wed Jun 15 2022 chengzeruizhi <chengzeruizhi@huawei.com> - 2.0.14-8
+- Type: enhancement
+- ID: NA
+- SUG: NA
+- DESC: sync from upstream openeuler/iSulad
+
 * Tue May 31 2022 zhangxiaoyu <zhangxiaoyu58@huawei.com> - 2.0.14-7
 - Type: enhancement
 - ID: NA