!207 disable lxc_keep with oci image

From: @gaohuatao Reviewed-by: Signed-off-by:
2021-10-22 07:42:31 +00:00 · 2021-10-22 07:42:31 +00:00 · c1ffca57a0
commit c1ffca57a0
parent 0e4148130f 9a3134af8d
3 changed files with 178 additions and 1 deletions
--- a/0032-disable-lxc_keep-with-oci-image.patch
+++ b/0032-disable-lxc_keep-with-oci-image.patch
@ -0,0 +1,169 @@
+From dc08143bcaf8722492a70848124b8d48dfa099f7 Mon Sep 17 00:00:00 2001
+From: gaohuatao <gaohuatao@huawei.com>
+Date: Fri, 22 Oct 2021 14:43:13 +0800
+Subject: [PATCH] disable lxc_keep with oci image
+
+Signed-off-by: gaohuatao <gaohuatao@huawei.com>
+---
+ src/lxc/confile.c      |  6 ++++++
+ src/lxc/lxccontainer.c | 24 ++++++++++++++++++++++++
+ src/lxc/lxccontainer.h | 18 ++++++++++++++++++
+ src/lxc/start.c        |  5 +++++
+ src/lxc/start.h        |  1 +
+ 5 files changed, 54 insertions(+)
+
+diff --git a/src/lxc/confile.c b/src/lxc/confile.c
+index e898e23..e298ce9 100644
+--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
+@@ -3018,6 +3018,12 @@ bool lxc_config_define_load(struct lxc_list *defines, struct lxc_container *c)
+ 
+ 	lxc_list_for_each(it, defines) {
+ 		struct new_config_item *new_item = it->elem;
+#ifdef HAVE_ISULAD
+		if (strcmp(new_item->key, LXC_IMAGE_OCI_KEY) == 0) {
+			c->set_oci_type(c, true);
+			continue;
+		}
+#endif
+ 		bret = c->set_config_item(c, new_item->key, new_item->val);
+ 		if (!bret)
+ 			break;
+diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
+index 2d58191..69706a5 100644
+--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
+@@ -1061,6 +1061,10 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a
+ 	if (!argv) {
+ 		argv = init_cmd = use_init_args(conf->init_argv, conf->init_argc);
+ 	}
+
+	if (c->image_type_oci) {
+		handler->image_type_oci = true;
+	}
+ #endif
+ 
+ 	/* ... otherwise use default_args. */
+@@ -5755,6 +5759,22 @@ static bool do_lxcapi_set_start_timeout(struct lxc_container *c,  unsigned int s
+ 
+ WRAP_API_1(bool, lxcapi_set_start_timeout, unsigned int)
+ 
+/* isulad add set image type */
+static bool do_lxcapi_set_oci_type(struct lxc_container *c,  bool image_type_oci)
+{
+	if (!c || !c->lxc_conf)
+		return false;
+	if (container_mem_lock(c)) {
+		ERROR("Error getting mem lock");
+		return false;
+	}
+	c->image_type_oci = image_type_oci;
+	container_mem_unlock(c);
+	return true;
+}
+
+WRAP_API_1(bool, lxcapi_set_oci_type, bool)
+
+ static uint64_t metrics_get_ull(struct lxc_container *c, struct cgroup_ops *cgroup_ops, const char *item)
+ {
+     char buf[81] = {0};
+@@ -6177,6 +6197,9 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
+ 
+ 	c->daemonize = true;
+ 	c->pidfile = NULL;
+#ifdef HAVE_ISULAD
+	c->image_type_oci = false;
+#endif
+ 
+ 	/* Assign the member functions. */
+ 	c->is_defined = lxcapi_is_defined;
+@@ -6249,6 +6272,7 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
+ 	c->clean_container_resource = lxcapi_clean_container_resource;
+ 	c->get_container_pids = lxcapi_get_container_pids;
+ 	c->set_start_timeout = lxcapi_set_start_timeout;
+	c->set_oci_type = lxcapi_set_oci_type;
+ 	c->get_container_metrics = lxcapi_get_container_metrics;
+ #endif
+ 	return c;
+diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
+index 9abbd09..a5be3f8 100644
+--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
+@@ -26,6 +26,8 @@ extern "C" {
+ #define LXC_CREATE_MAXFLAGS       (1 << 1) /*!< Number of \c LXC_CREATE* flags */
+ #define LXC_MOUNT_API_V1		   1
+ 
+#define LXC_IMAGE_OCI_KEY "lxc.imagetype.oci"
+
+ struct bdev_specs;
+ 
+ struct lxc_snapshot;
+@@ -164,6 +166,12 @@ struct lxc_container {
+ 	 */
+ 	unsigned int start_timeout;
+ 
+	/*! isulad:
+	 * \private
+	 *  image_type_oci
+	 */
+	bool image_type_oci;
+
+ 	/*!
+ 	 * \brief Determine if \c /var/lib/lxc/$name/config exists.
+ 	 *
+@@ -1010,6 +1018,16 @@ struct lxc_container {
+ 	 */
+ 	bool (*set_start_timeout)(struct lxc_container *c, unsigned int start_timeout);
+ 
+	/*! isulad add
+	 * \brief An API call to set oci type
+	 *
+	 * \param c Container.
+	 * \param image_type_oci image oci type.
+	 *
+	 * \return \c true on success, else \c false.
+	 */
+	bool (*set_oci_type)(struct lxc_container *c, bool image_type_oci);
+	
+ 	/*! isulad add
+ 	 * \brief An API call to set start timeout
+ 	 *
+diff --git a/src/lxc/start.c b/src/lxc/start.c
+index 52ea561..c1563e0 100644
+--- a/src/lxc/start.c
+++ b/src/lxc/start.c
+@@ -694,6 +694,7 @@ struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf,
+ 
+ #ifdef HAVE_ISULAD
+ 	handler->exit_code = -1; /* isulad: record exit code of container */
+	handler->image_type_oci = false;
+ #endif
+ 
+ 	if (daemonize)
+@@ -2080,7 +2081,11 @@ static int lxc_spawn(struct lxc_handler *handler)
+ 	 * it readonly.
+ 	 * If the container is unprivileged then skip rootfs pinning.
+ 	 */
+#ifdef HAVE_ISULAD
+	if (!wants_to_map_ids && !handler->image_type_oci) {
+#else
+ 	if (!wants_to_map_ids) {
+#endif
+ 		handler->pinfd = pin_rootfs(conf->rootfs.path);
+ 		if (handler->pinfd == -EBADF)
+ 			INFO("Failed to pin the rootfs for container \"%s\"", handler->name);
+diff --git a/src/lxc/start.h b/src/lxc/start.h
+index ebeeb72..98de103 100644
+--- a/src/lxc/start.h
+++ b/src/lxc/start.h
+@@ -129,6 +129,7 @@ struct lxc_handler {
+ 	bool disable_pty;
+ 	/* Indicates whether should we keep stdin active. */
+ 	bool open_stdin;
+	bool image_type_oci;
+ #endif
+ 
+ };
+-- 
+2.20.1
+
--- a/lxc.spec
+++ b/lxc.spec
@ -1,4 +1,4 @@
-%global _release 2021092601
+%global _release 2021102101

 Name:           lxc
 Version:        4.0.3
@ -39,6 +39,7 @@ Patch0028:	0028-seccomp-init-and-destroy-notifier.cookie.patch
 Patch0029:	0029-just-use-origin-loop-if-do-not-have-io.patch
 Patch0030:	0030-conf-fix-a-memory-leak.patch
 Patch0031:	0031-fix-lsm_se_mount_context-memory-leak.patch
+Patch0032:	0032-disable-lxc_keep-with-oci-image.patch

 BuildRequires:  systemd-units git libtool graphviz docbook2X doxygen chrpath
 BuildRequires:  pkgconfig(libseccomp)
@ -210,6 +211,12 @@ make check
 %{_mandir}/*/man7/%{name}*

 %changelog
+* Thu Oct 21 2021 gaohuatao<gaohuatao@huawei.com> - 4.0.3-2021102101
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:disable lxc_keep
+
 * Sun Sep 26 2021 chengzeruizhi<chengzeruizhi@huawei.com> - 4.0.3-2021092601
 - Type:bugfix
 - ID:NA
--- a/series.conf
+++ b/series.conf
@ -29,3 +29,4 @@
 0029-just-use-origin-loop-if-do-not-have-io.patch
 0030-conf-fix-a-memory-leak.patch
 0031-fix-lsm_se_mount_context-memory-leak.patch
+0032-disable-lxc_keep-with-oci-image.patch