cgfsng: fix cgroup attach cgroup creation

Signed-off-by: WangFengTu <wangfengtu@huawei.com>

0034-cgfsng-fix-cgroup-attach-cgroup-creation.patch

@@ -0,0 +1,74 @@
+From 2ab5069d8a04c12a28b523323cb51055b02c815c Mon Sep 17 00:00:00 2001
+From: Christian Brauner <christian.brauner@ubuntu.com>
+Date: Thu, 25 Nov 2021 15:44:32 +0800
+Subject: [PATCH] cgfsng: fix cgroup attach cgroup creation
+
+Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
+
+(cherry-picked from https://github.com/lxc/lxc/pull/3526)
+Signed-off-by: WangFengTu <wangfengtu@huawei.com>
+
+Conflicts:
+	src/lxc/cgroups/isulad_cgfsng.c
+---
+ src/lxc/cgroups/cgfsng.c        | 10 +++++++++-
+ src/lxc/cgroups/isulad_cgfsng.c | 10 +++++++++-
+ 2 files changed, 18 insertions(+), 2 deletions(-)
+
+diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
+index 3f81f5c..28ddf55 100644
+--- a/src/lxc/cgroups/cgfsng.c
++++ b/src/lxc/cgroups/cgfsng.c
+@@ -2090,13 +2090,21 @@ static int cgroup_attach_leaf(const struct lxc_conf *conf, int unified_fd, pid_t
+ 
+ 	do {
+ 		bool rm = false;
+-		char attach_cgroup[STRLITERALLEN(".lxc-1000/cgroup.procs") + 1];
++		char attach_cgroup[STRLITERALLEN(".lxc-/cgroup.procs") + INTTYPE_TO_STRLEN(int) + 1];
+ 		char *slash;
+ 
+ 		ret = snprintf(attach_cgroup, sizeof(attach_cgroup), ".lxc-%d/cgroup.procs", idx);
+ 		if (ret < 0 || (size_t)ret >= sizeof(attach_cgroup))
+ 			return ret_errno(EIO);
+ 
++		/*
++		 * This shouldn't really happen but the compiler might complain
++		 * that a short write would cause a buffer overrun. So be on
++		 * the safe side.
++		 */
++		if (ret < STRLITERALLEN(".lxc-/cgroup.procs"))
++			return log_error_errno(-EINVAL, EINVAL, "Unexpected short write would cause buffer-overrun");
++
+ 		slash = &attach_cgroup[ret] - STRLITERALLEN("/cgroup.procs");
+ 		*slash = '\0';
+ 
+diff --git a/src/lxc/cgroups/isulad_cgfsng.c b/src/lxc/cgroups/isulad_cgfsng.c
+index c80527d..576b424 100644
+--- a/src/lxc/cgroups/isulad_cgfsng.c
++++ b/src/lxc/cgroups/isulad_cgfsng.c
+@@ -1766,13 +1766,21 @@ static int cgroup_attach_leaf(const struct lxc_conf *conf, int unified_fd, pid_t
+ 
+ 	do {
+ 		bool rm = false;
+-		char attach_cgroup[STRLITERALLEN(".lxc-1000/cgroup.procs") + 1];
++		char attach_cgroup[STRLITERALLEN(".lxc-/cgroup.procs") + INTTYPE_TO_STRLEN(int) + 1];
+ 		char *slash;
+ 
+ 		ret = snprintf(attach_cgroup, sizeof(attach_cgroup), ".lxc-%d/cgroup.procs", idx);
+ 		if (ret < 0 || (size_t)ret >= sizeof(attach_cgroup))
+ 			return ret_errno(EIO);
+ 
++		/*
++		 * This shouldn't really happen but the compiler might complain
++		 * that a short write would cause a buffer overrun. So be on
++		 * the safe side.
++		 */
++		if (ret < STRLITERALLEN(".lxc-/cgroup.procs"))
++			return log_error_errno(-EINVAL, EINVAL, "Unexpected short write would cause buffer-overrun");
++
+ 		slash = &attach_cgroup[ret] - STRLITERALLEN("/cgroup.procs");
+ 		*slash = '\0';
+ 
+-- 
+2.25.1
+

lxc.spec

@@ -1,4 +1,4 @@
-%global _release 2021111901
+%global _release 2021112501
 
 Name:           lxc
 Version:        4.0.3
@@ -41,6 +41,7 @@ Patch0030:	0030-conf-fix-a-memory-leak.patch
 Patch0031:	0031-fix-lsm_se_mount_context-memory-leak.patch
 Patch0032:	0032-disable-lxc_keep-with-oci-image.patch
 Patch0033:	0033-conf-ensure-that-the-idmap-pointer-itself-is-freed.patch
+Patch0034:	0034-cgfsng-fix-cgroup-attach-cgroup-creation.patch
 
 BuildRequires:  systemd-units git libtool graphviz docbook2X doxygen chrpath
 BuildRequires:  pkgconfig(libseccomp)
@@ -212,6 +213,12 @@ make check
 %{_mandir}/*/man7/%{name}*
 
 %changelog
+* Thu Nov 25 2021 wangfengtu<wangfengtu@huawei.com> - 4.0.3-2021112501
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix cgroup attach cgroup creation
+
 * Fri Nov 19 2021 wangfengtu<wangfengtu@huawei.com> - 4.0.3-2021111901
 - Type:bugfix
 - ID:NA

series.conf

@@ -31,3 +31,4 @@
 0031-fix-lsm_se_mount_context-memory-leak.patch
 0032-disable-lxc_keep-with-oci-image.patch
 0033-conf-ensure-that-the-idmap-pointer-itself-is-freed.patch
+0034-cgfsng-fix-cgroup-attach-cgroup-creation.patch