!6 lxc: add apply patch scripts

Merge pull request !6 from lifeng_isula/master
2020-01-13 14:31:56 +08:00 · 2020-01-13 14:31:56 +08:00 · b02b3259c6
commit b02b3259c6
parent 3c3f5221a5 dd27053fff
2 changed files with 175 additions and 0 deletions
--- a/36
+++ b/36
@ -0,0 +1,36 @@
 #######################################################################
 ##- @Copyright (C) Huawei Technologies., Ltd. 2019. All rights reserved.
 # - lcr licensed under the Mulan PSL v1.
 # - You can use this software according to the terms and conditions of the Mulan PSL v1.
 # - You may obtain a copy of Mulan PSL v1 at:
 # -     http://license.coscl.org.cn/MulanPSL
 # - THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
 # - IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
 # - PURPOSE.
 # - See the Mulan PSL v1 for more details.
 ##- @Description: apply patchs
 ##- @Author: lifeng
 ##- @Create: 2019-04-25
 #######################################################################
 #!/bin/bash
 set -ex
 pkg=lxc-3.0.3
 cwd=$PWD
 src=$cwd/lxc-3.0.3
 tar -xzvf $pkg.tar.gz
 cd $src
 cat $cwd/series.conf | while read line
 do
    if [[ $line == '' || $line =~ ^\s*# ]]; then
        continue
    fi
    echo $cwd/$line
    patch -p1 -F1 -s < $cwd/$line
 done
 cd $cwd
--- a/series.conf
+++ b/series.conf
@ -0,0 +1,139 @@
 lxc-CVE-2019-5736-runC-rexec-callers-as-memfd.patch
 0001-confile-add-lxc.isulad.init.args-config-interface.patch
 0002-namespace-add-support-share-namespace-by-path.patch
 0003-confile-add-lxc.isulad.populate.device-interface.patch
 0004-support-isulad-fifo-log.patch
 0005-auto-mount-cgroup-sys-and-proc.patch
 0006-conf.c-fix-bug-when-set-no-ro-mount-mount-propagatio.patch
 0007-use-isulad-log-format.patch
 0008-isulad-modify-exit-code-and-stop-signal.patch
 0009-lxc_start-add-default-terminal-fifos.patch
 0010-Save-pid-ppid-info-into-file-for-isulad.patch
 0011-Add-exit-FIFO-to-monitor-state-of-lxc-monitor.patch
 0012-Init-fifos-in-lxc_attach_terminal.patch
 0013-isulad-set-env-home-in-container.patch
 0014-support-rotate-for-container-log-file.patch
 0015-fix-high-gcc-compile-bug.patch
 0016-add-masked-paths-and-ro-paths.patch
 0017-isulad-check-cgroup-cpu.shares-after-setted.patch
 0018-lxc-attach-add-support-terminal-fifos.patch
 0019-remount-cgroup-readonly-and-make-soft-link-of-subcgr.patch
 0020-fix-log-error-when-symlink-subcgroup.patch
 0021-lxc-attch-add-error-message.patch
 0022-support-rootfs-mount-propagation.patch
 0023-attach.c-change-uid-and-gid-from-lxc-container-confi.patch
 0024-isulad-support-symlink-in-mount-entry-and-not-permit.patch
 0025-support-oci-hooks.patch
 0026-remove-filelock-and-do-not-destroy-directory-when-de.patch
 0027-fix-bug-of-memory-leak.patch
 0028-support-rootfs-for-container.patch
 0029-add-start-timeout-to-limit-start-time.patch
 0030-support-block-device-as-rootfs.patch
 0031-clean-add-clean-resources-api.patch
 0032-Drop-all-caps-when-cap.keep-ISULAD_KEEP_NONE.patch
 0033-support-mount-squashfs-in-mount-entry.patch
 0034-some-small-bugfix.patch
 0035-lxc-fixup-builds-with-newer-glibc.patch
 0036-drop_caps-add-drop-caps-of-current-process.patch
 0037-restore-default-signal-handlers-and-set-umask-0027.patch
 0038-make-the-given-terminal-as-controlling-terminal.patch
 0039-print-error-message-when-container-start-failed.patch
 0040-add-timeout-200ms-for-cmds-send-to-lxc-monitor.patch
 0041-return-1-when-_lxc_start-fails.patch
 0042-lxc-seccomp-adopt-to-lxc3.0.patch
 0043-check-null-pointer-of-handler-to-fix-coredump-of-att.patch
 0044-support-space-in-volume-mount-and-env.patch
 0045-add_terminal_fifos-Add-terminal-fifos-dynamically.patch
 0046-Do-not-test-cgroup-writeable.patch
 0047-Fix-memory-leak-in-lxc_global_config_value.patch
 0048-clear-ONLCR-flag-from-master-of-terminal.patch
 0049-Add-100ms-timeout-for-console-epoll.patch
 0050-seccomp-add-rules-for-specified-architecture-only.patch
 0051-if-ocihook-is-empty.patch
 0052-Fix-seccomp-fail-when-all-specified-in-config.patch
 0053-destroy-empty-cgroup-path-return-ture.patch
 0054-fix-invalid-log-message.patch
 0055-Fix-compile-error.patch
 0056-caps-use-_LINUX_CAPABILITY_VERSION_3-to-set-cap.patch
 0057-confile-add-support-umask.patch
 0058-do-not-check-ppid-when-set-death-signal.patch
 0059-delete-unused-variable-ppid.patch
 0060-using-json-file-to-write-console-log-of-container.patch
 0061-Fix-hook-use-the-path-args-envs-execvp-dirctory.patch
 0062-setup-sysctls-before-set-read-only-path-and-masked-p.patch
 0063-lxc-ignore-systemcall-load-failure-error.patch
 0064-lxc-Reduce-seccomp-processing-log-level.patch
 0065-Storage-return-true-if-storage_init-init-fail.patch
 0066-lxc-Pids-limit-does-not-report-an-error-after-execut.patch
 0067-lxc-report-error-when-remove-directory-failed.patch
 0068-support-record-stdout-stderr-log-of-container-consol.patch
 0069-lxc-killall-processes-if-container-shared-pid-namesp.patch
 0070-lxc-signal-all-process-for-shared-container-when-con.patch
 0071-lxc-get-cgroup-path-according-to-cgroup-mountpoint.patch
 0072-lxc-adapt-to-docker-18.09.patch
 0073-lxc-support-set-additional-groups.patch
 0074-lxc-only-add-valid-fd-to-mainloop.patch
 0075-lxc-add-timeout-for-attach.patch
 0076-lxc-delete-unused-variable.patch
 0077-lxc-set-negative-files.limit-to-max-and-fix-bug-of-s.patch
 0078-Run-pre-start-hook-before-chroot.patch
 0079-inherid-env-from-parent-in-oci-hooks.patch
 0080-lxc-fix-compile-error.patch
 0081-lxc-Change-the-range-of-attach-timeout.patch
 0082-lxc-fix-memory-leak-cause-by-setenv.patch
 0083-lxc-free-lxc-handler.patch
 0084-lxc-memory-leak-of-lxc_grow_array.patch
 0085-lxc-update-json-file-from-isulad.patch
 0086-confile-add-support-systemd.patch
 0087-lxc-adapt-to-spec-of-oci-hook.patch
 0088-fix-lxc-build-error.patch
 0089-lxc-add-get-container-processes-pids-func.patch
 0090-lxc-remove-unused-variable.patch
 0091-lxc-support-namespaced-kernel-params-can-be-changed-.patch
 0092-lxc-add-output-error-when-create-unified-cgroup.patch
 0093-optimize-isulad_kit-operator.patch
 0094-exec-load-uid-gid-and-groups.patch
 0095-lxc-don-t-use-the-unified-hierarchy-for-the-systemd-.patch
 0096-close-inherited-fd-in-hook-process.patch
 0097-lxc-report-error-when-fork-exec-error-for-hooks.patch
 0098-lxc-make-dev-bind-mount-from-host-tmpfs-for-system-c.patch
 0099-terminal-do-not-close-the-master-fd-of-pty.patch
 0100-start-add-check-save-pid-info-file.patch
 0101-lxc-fix-code-error.patch
 0102-lxc-fix-compile-warnings.patch
 0103-lxc-fix-code-error-in-conf.c.patch
 0104-lxc-fix-code-error.patch
 0105-lxc-fix-code-error-warnings.patch
 0106-set-timeout-to-1s-for-cmds-send-to-lxc-monitor.patch
 0107-add-log-for-failure-of-rename-file.patch
 0108-check-calloc-input-valid.patch
 0109-add-secure-compile-flags-to-lxc.patch
 0110-add-doc-for-lxc.patch
 0111-lxc-use-safe_strdup-instead-of-strdup.patch
 0112-fix-secure-errors.patch
 0113-Malloc-parameter-check-and-judgment.patch
 0114-lxc-fix-code-errors.patch
 0115-fix-compile-error-on-ubuntu.patch
 0116-lxc-set-base-cgroup-path-to.patch
 0117-pupulate-device-with-dir-mode-750-and-set-uid-gid.patch
 0118-fix-sscanf-return-value-check.patch
 0119-remove-unuse-binary.patch
 0120-remove-unuse-unmount-namespace.patch
 0121-optimize-log-when-root-path-is-invalid.patch
 0122-lxc-fix-code-reivew-errors.patch
 0123-in-accordance-with-hook-spec-in-oci.patch
 0124-lxc-close-maincmd-fd-before-destroy-cgroup.patch
 0125-lxc-fix-strcat-bug-in-cleanpath.patch
 0126-add-user-option-for-lxc-attach.patch
 0127-log-only-write-size-begin-if-buffer-is-full.patch
 0128-link-proc-mounts-to-etc-mtab.patch
 0129-cgfsng-add-retry-for-enter-cgroup.patch
 0130-fix-snprintf-create-abstract-socket-name-bug.patch
 0131-fix-commands-and-terminal-memory-leak-bug.patch
 0132-lxc-fix-bug-in-cgroup-parent.patch
 0133-lxc-fix-bug-in-cgfsng.patch
 0134-lxc-do-cpuset-same-as-runc.patch
 0135-lxc-fix-code-warnings-for-cgfsng.c.patch
 0136-lxc-fix-retry-bug-in-cgroup.patch
 0137-lxc-fix-bug-in-read-proc.patch
 0138-resize-implement-resize-function-in-exec-start.patch