add macro to adapt musl libc and add add-gids option for exec

Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
2022-12-06 14:26:37 +08:00 · 2022-12-06 14:26:37 +08:00 · 6bdeec12b5
commit 6bdeec12b5
parent 529ec4baae
3 changed files with 115 additions and 1 deletions
--- a/0006-add-macro-to-adapt-musl-libc.patch
+++ b/0006-add-macro-to-adapt-musl-libc.patch
@ -0,0 +1,66 @@
+From 6422cb8a639f125cecfdf0829dd713d84ab3a9aa Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Tue, 15 Nov 2022 20:54:23 +0800
+Subject: [PATCH 6/7] add macro to adapt musl libc
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ cmake/set_build_flags.cmake        | 14 ++++++++++++--
+ third_party/libocispec/common_h.py |  9 +++++++++
+ 2 files changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/cmake/set_build_flags.cmake b/cmake/set_build_flags.cmake
+index 2b9249d..3b6842a 100644
+--- a/cmake/set_build_flags.cmake
+++ b/cmake/set_build_flags.cmake
+@@ -21,11 +21,11 @@
+ #
+ 
+ # set common FLAGS
+-set(CMAKE_C_FLAGS "-fPIC -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2 -Wall -Werror -fPIE")
+set(CMAKE_C_FLAGS "-fPIC -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2 -Wall -fPIE")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__FILENAME__='\"$(subst ${CMAKE_SOURCE_DIR}/,,$(abspath $<))\"'")
+ 
+ if (ENABLE_UT)
+-    set(CMAKE_CXX_FLAGS "-fPIC -std=c++11 -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2 -Wall -Werror")
+    set(CMAKE_CXX_FLAGS "-fPIC -std=c++11 -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2 -Wall")
+     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D__FILENAME__='\"$(subst ${CMAKE_SOURCE_DIR}/,,$(abspath $<))\"'")
+ endif()
+ set(CMAKE_SHARED_LINKER_FLAGS "-Wl,-E -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wtrampolines -shared -pthread")
+@@ -40,3 +40,13 @@ if (ENABLE_GCOV)
+     message("-----CFLAGS: " ${CMAKE_C_FLAGS})
+     message("------------------------------------")
+ endif()
+
+if (MUSL)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__MUSL__")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D__MUSL__")
+endif()
+
+if (NOT DISABLE_WERROR)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror")
+endif()
+diff --git a/third_party/libocispec/common_h.py b/third_party/libocispec/common_h.py
+index 4ce7bda..02c689d 100644
+--- a/third_party/libocispec/common_h.py
+++ b/third_party/libocispec/common_h.py
+@@ -60,6 +60,15 @@ extern "C" {
+ 
+ # undef linux
+ 
+#ifdef __MUSL__
+#undef stdin
+#undef stdout
+#undef stderr
+#define stdin stdin
+#define stdout stdout
+#define stderr stderr
+#endif
+
+ // options to report error if there is unknown key found in json
+ # define OPT_PARSE_STRICT 0x01
+ // options to generate all key and value
+-- 
+2.25.1
+
--- a/0007-add-add-gids-option-for-exec.patch
+++ b/0007-add-add-gids-option-for-exec.patch
@ -0,0 +1,40 @@
+From 9f8fd81fab4fc0a8c48509c5f1eeb53be2c053af Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Sat, 3 Dec 2022 14:47:43 +0800
+Subject: [PATCH 7/7] add add-gids option for exec
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ src/lcrcontainer.h         | 1 +
+ src/lcrcontainer_execute.c | 3 +++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/src/lcrcontainer.h b/src/lcrcontainer.h
+index a051097..5cb3647 100644
+--- a/src/lcrcontainer.h
+++ b/src/lcrcontainer.h
+@@ -284,6 +284,7 @@ struct lcr_exec_request {
+     const char **console_fifos;
+ 
+     const char *user;
+    const char *add_gids;
+ 
+     const char **env;
+     size_t env_len;
+diff --git a/src/lcrcontainer_execute.c b/src/lcrcontainer_execute.c
+index 118f26c..9f4e951 100644
+--- a/src/lcrcontainer_execute.c
+++ b/src/lcrcontainer_execute.c
+@@ -870,6 +870,9 @@ static void execute_lxc_attach(const char *name, const char *path, const struct
+         add_array_elem(params, args_len, &i, "-u");
+         add_array_elem(params, args_len, &i, request->user);
+     }
+    if (request->add_gids != NULL) {
+        add_array_kv(params, args_len, &i, "--add-gids", request->add_gids);
+    }
+ 
+     add_array_kv(params, args_len, &i, "--suffix", request->suffix);
+ 
+-- 
+2.25.1
+
--- a/lcr.spec
+++ b/lcr.spec
@ -1,5 +1,5 @@
 %global _version 2.0.8
-%global _release 8
+%global _release 9
 %global _inner_name isula_libutils

 Name:      lcr
@ -18,6 +18,8 @@ Patch0002: 0002-add-HAVE_ISULAD-definition-for-lxc-header.patch
 Patch0003: 0003-fix-cpu-quota-out-of-range-when-update-to-1.patch
 Patch0004: 0004-remove-unused-daemon-config-args.patch
 Patch0005: 0005-refactor-handle-warnings.patch
+Patch0006: 0006-add-macro-to-adapt-musl-libc.patch
+Patch0007: 0007-add-add-gids-option-for-exec.patch

 %define lxcver_lower 4.0.3-2022102400
 %define lxcver_upper 4.0.3-2022102500
@ -107,6 +109,12 @@ rm -rf %{buildroot}
 %{_includedir}/%{_inner_name}/*.h

 %changelog
+* Tue Dec 06 2022 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 2.0.8-9
+- Type:enhancement
+- CVE:NA
+- SUG:NA
+- DESC:add macro to adapt musl libc and add add-gids option for exec
+
 * Tue Nov 8 2022 wuzx<wuzx1226@qq.com> - 2.0.8-8
 - Type:feature
 - CVE:NA