packages/lxc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix compile error

Browse Source 
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
This commit is contained in:
zhangxiaoyu 2022-07-21 18:54:46 +08:00
parent 8d0200b2c3
commit d9cd0481fa
6 changed files with 244 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
0001-refactor-patch-code-of-utils-commands-and-so-on.patch
View File

@ -6,19 +6,20 @@ Subject: [PATCH] refactor patch code of utils commands and so on
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
---
src/lxc/cgroups/isulad_cgroup2_devices.c | 575 +++++++++++++++++++++++
src/lxc/commands.c | 180 +++++++
src/lxc/commands.c | 185 +++++++-
src/lxc/commands.h | 10 +
src/lxc/conf.h | 95 ++++
src/lxc/isulad_utils.c | 317 +++++++++++++
src/lxc/isulad_utils.c | 319 +++++++++++++
src/lxc/isulad_utils.h | 98 ++++
src/lxc/lsm/lsm.c | 20 +
src/lxc/lxc.h | 19 +
src/lxc/lxccontainer.h | 194 ++++++++
src/lxc/network.c | 8 +
src/lxc/tools/lxc_ls.c | 8 +
src/lxc/tools/lxc_start.c | 109 ++++-
src/lxc/utils.c | 174 +++++++
src/lxc/utils.c | 173 +++++++
src/lxc/utils.h | 11 +
13 files changed, 1809 insertions(+), 1 deletion(-)
14 files changed, 1821 insertions(+), 3 deletions(-)
create mode 100644 src/lxc/cgroups/isulad_cgroup2_devices.c
create mode 100644 src/lxc/isulad_utils.c
create mode 100644 src/lxc/isulad_utils.h
@ -605,7 +606,7 @@ index 0000000..05613c5
+}
+#endif
diff --git a/src/lxc/commands.c b/src/lxc/commands.c
index b6ae101..ae50cc6 100644
index b6ae101..c2a5665 100644
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -86,6 +86,10 @@ static const char *lxc_cmd_str(lxc_cmd_t cmd)
@ -635,7 +636,19 @@ index b6ae101..ae50cc6 100644
if (ret < 0)
return log_warn_errno(-1,
errno, "Failed to receive response for command \"%s\"",
@@ -1260,7 +1272,11 @@ int lxc_cmd_serve_state_clients(const char *name, const char *lxcpath,
@@ -592,8 +604,9 @@ static int lxc_cmd_get_cgroup_callback_do(int fd, struct lxc_cmd_req *req,
reqdata = NULL;
}
- get_fn = (limiting_cgroup ? cgroup_ops->get_cgroup
- : cgroup_ops->get_limiting_cgroup);
+ // bugfix in newer version
+ get_fn = (limiting_cgroup ? cgroup_ops->get_limiting_cgroup
+ : cgroup_ops->get_cgroup);
path = get_fn(cgroup_ops, reqdata);
@@ -1260,7 +1273,11 @@ int lxc_cmd_serve_state_clients(const char *name, const char *lxcpath,
ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
if (ret < 0)
@ -647,7 +660,7 @@ index b6ae101..ae50cc6 100644
return 0;
}
@@ -1475,6 +1491,123 @@ static int lxc_cmd_get_limiting_cgroup2_fd_callback(int fd,
@@ -1475,6 +1492,123 @@ static int lxc_cmd_get_limiting_cgroup2_fd_callback(int fd,
return ret_errno(ENOSYS);
}
@ -771,7 +784,7 @@ index b6ae101..ae50cc6 100644
static int lxc_cmd_process(int fd, struct lxc_cmd_req *req,
struct lxc_handler *handler,
struct lxc_epoll_descr *descr)
@@ -1504,10 +1637,18 @@ static int lxc_cmd_process(int fd, struct lxc_cmd_req *req,
@@ -1504,10 +1638,18 @@ static int lxc_cmd_process(int fd, struct lxc_cmd_req *req,
[LXC_CMD_GET_INIT_PIDFD] = lxc_cmd_get_init_pidfd_callback,
[LXC_CMD_GET_LIMITING_CGROUP] = lxc_cmd_get_limiting_cgroup_callback,
[LXC_CMD_GET_LIMITING_CGROUP2_FD] = lxc_cmd_get_limiting_cgroup2_fd_callback,
@ -790,7 +803,7 @@ index b6ae101..ae50cc6 100644
return cb[req->cmd](fd, req, handler, descr);
}
@@ -1646,6 +1787,44 @@ static int lxc_cmd_accept(int fd, uint32_t events, void *data,
@@ -1646,6 +1788,44 @@ static int lxc_cmd_accept(int fd, uint32_t events, void *data,
return ret;
}
@ -835,7 +848,7 @@ index b6ae101..ae50cc6 100644
int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix)
{
__do_close int fd = -EBADF;
@@ -1670,6 +1849,7 @@ int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix)
@@ -1670,6 +1850,7 @@ int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix)
return log_trace(move_fd(fd), "Created abstract unix socket \"%s\"", &path[1]);
}
@ -1034,10 +1047,10 @@ index b72afba..0478eb1 100644
#endif /* __LXC_CONF_H */
diff --git a/src/lxc/isulad_utils.c b/src/lxc/isulad_utils.c
new file mode 100644
index 0000000..47d0ff5
index 0000000..15d9323
--- /dev/null
+++ b/src/lxc/isulad_utils.c
@@ -0,0 +1,317 @@
@@ -0,0 +1,319 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/******************************************************************************
+ * Copyright (c) Huawei Technologies Co., Ltd. 2020. Allrights reserved
@ -1051,6 +1064,8 @@ index 0000000..47d0ff5
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <ctype.h>
+
+#include "isulad_utils.h"
+#include "log.h"
@ -1772,6 +1787,28 @@ index b4ec1d6..3680ade 100644
/*!
* \brief Add a reference to the specified container.
*
diff --git a/src/lxc/network.c b/src/lxc/network.c
index bca0440..56efa4b 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -3441,9 +3441,17 @@ static int lxc_network_setup_in_child_namespaces_common(struct lxc_netdev *netde
/* set the network device up */
if (netdev->flags & IFF_UP) {
+#ifdef HAVE_ISULAD
+ if (netdev->name[0] != '\0') {
+ err = lxc_netdev_up(netdev->name);
+ if (err)
+ return log_error_errno(-1, -err, "Failed to set network device \"%s\" up", netdev->name);
+ }
+#else
err = lxc_netdev_up(netdev->name);
if (err)
return log_error_errno(-1, -err, "Failed to set network device \"%s\" up", netdev->name);
+#endif
/* the network is up, make the loopback up too */
err = lxc_netdev_up("lo");
diff --git a/src/lxc/tools/lxc_ls.c b/src/lxc/tools/lxc_ls.c
index 0abcd7a..7c0b69c 100644
--- a/src/lxc/tools/lxc_ls.c
@ -1969,21 +2006,20 @@ index 459b867..3ef5961 100644
exit(err);
}
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 88d0f85..f038dc5 100644
index 88d0f85..ab351d8 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -27,6 +27,10 @@
@@ -27,6 +27,9 @@
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
+#ifdef HAVE_ISULAD
+#include <sys/sysmacros.h>
+#include <pwd.h>
+#endif
#include "config.h"
#include "log.h"
@@ -71,6 +75,9 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
@@ -71,6 +74,9 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
int ret;
struct dirent *direntp;
char pathname[PATH_MAX];
@ -1993,7 +2029,7 @@ index 88d0f85..f038dc5 100644
dir = opendir(dirname);
if (!dir)
@@ -133,6 +140,11 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
@@ -133,6 +139,11 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
} else {
ret = unlink(pathname);
if (ret < 0) {
@ -2005,7 +2041,7 @@ index 88d0f85..f038dc5 100644
__do_close int fd = -EBADF;
fd = open(pathname, O_RDONLY | O_CLOEXEC | O_NONBLOCK);
@@ -158,10 +170,18 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
@@ -158,10 +169,18 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev,
}
if (rmdir(dirname) < 0 && !btrfs_try_remove_subvol(dirname) && !hadexclude) {
@ -2024,7 +2060,7 @@ index 88d0f85..f038dc5 100644
return failed ? -1 : 0;
}
@@ -1008,7 +1028,11 @@ static int open_if_safe(int dirfd, const char *nextpath)
@@ -1008,7 +1027,11 @@ static int open_if_safe(int dirfd, const char *nextpath)
*
* Return an open fd for the path, or <0 on error.
*/
@ -2036,7 +2072,7 @@ index 88d0f85..f038dc5 100644
{
int curlen = 0, dirfd, fulllen, i;
char *dup;
@@ -1079,6 +1103,65 @@ out:
@@ -1079,6 +1102,65 @@ out:
return dirfd;
}
@ -2102,7 +2138,7 @@ index 88d0f85..f038dc5 100644
/*
* Safely mount a path into a container, ensuring that the mount target
* is under the container's @rootfs. (If @rootfs is NULL, then the container
@@ -1087,14 +1170,22 @@ out:
@@ -1087,14 +1169,22 @@ out:
* CAVEAT: This function must not be used for other purposes than container
* setup before executing the container's init
*/
@ -2125,7 +2161,7 @@ index 88d0f85..f038dc5 100644
if (!rootfs)
rootfs = "";
@@ -1137,8 +1228,23 @@ int safe_mount(const char *src, const char *dest, const char *fstype,
@@ -1137,8 +1227,23 @@ int safe_mount(const char *src, const char *dest, const char *fstype,
return -EINVAL;
}
@ -2149,7 +2185,7 @@ index 88d0f85..f038dc5 100644
if (srcfd != -1)
close(srcfd);
@@ -1149,6 +1255,19 @@ int safe_mount(const char *src, const char *dest, const char *fstype,
@@ -1149,6 +1254,19 @@ int safe_mount(const char *src, const char *dest, const char *fstype,
return ret;
}
@ -2169,7 +2205,7 @@ index 88d0f85..f038dc5 100644
return 0;
}
@@ -1215,7 +1334,11 @@ domount:
@@ -1215,7 +1333,11 @@ domount:
if (!strcmp(rootfs, ""))
ret = mount("proc", path, "proc", 0, NULL);
else
@ -2181,7 +2217,7 @@ index 88d0f85..f038dc5 100644
if (ret < 0)
return -1;
@@ -1425,6 +1548,11 @@ static int lxc_get_unused_loop_dev(char *name_loop)
@@ -1425,6 +1547,11 @@ static int lxc_get_unused_loop_dev(char *name_loop)
{
int loop_nr, ret;
int fd_ctl = -1, fd_tmp = -1;
@ -2193,7 +2229,7 @@ index 88d0f85..f038dc5 100644
fd_ctl = open("/dev/loop-control", O_RDWR | O_CLOEXEC);
if (fd_ctl < 0) {
@@ -1442,8 +1570,37 @@ static int lxc_get_unused_loop_dev(char *name_loop)
@@ -1442,8 +1569,37 @@ static int lxc_get_unused_loop_dev(char *name_loop)
if (ret < 0 || ret >= LO_NAME_SIZE)
goto on_error;
@ -2231,7 +2267,7 @@ index 88d0f85..f038dc5 100644
/* on Android loop devices are moved under /dev/block, give it a shot */
ret = snprintf(name_loop, LO_NAME_SIZE, "/dev/block/loop%d", loop_nr);
if (ret < 0 || ret >= LO_NAME_SIZE)
@@ -1452,6 +1609,7 @@ static int lxc_get_unused_loop_dev(char *name_loop)
@@ -1452,6 +1608,7 @@ static int lxc_get_unused_loop_dev(char *name_loop)
fd_tmp = open(name_loop, O_RDWR | O_CLOEXEC);
if (fd_tmp < 0)
SYSERROR("Failed to open loop \"%s\"", name_loop);
@ -2239,7 +2275,7 @@ index 88d0f85..f038dc5 100644
}
on_error:
@@ -1661,6 +1819,7 @@ uint64_t lxc_find_next_power2(uint64_t n)
@@ -1661,6 +1818,7 @@ uint64_t lxc_find_next_power2(uint64_t n)
return n;
}
@ -2247,7 +2283,7 @@ index 88d0f85..f038dc5 100644
static int process_dead(/* takes */ int status_fd)
{
__do_close int dupfd = -EBADF;
@@ -1698,15 +1857,19 @@ static int process_dead(/* takes */ int status_fd)
@@ -1698,15 +1856,19 @@ static int process_dead(/* takes */ int status_fd)
return ret;
}
@ -2267,7 +2303,7 @@ index 88d0f85..f038dc5 100644
/* verify that we haven't been orphaned in the meantime */
ppid = (pid_t)syscall(SYS_getppid);
if (ppid == 0) { /* parent outside our pidns */
@@ -1718,6 +1881,7 @@ int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd)
@@ -1718,6 +1880,7 @@ int lxc_set_death_signal(int signal, pid_t parent, int parent_status_fd)
} else if (ppid != parent) {
return raise(SIGKILL);
}
@ -2275,7 +2311,7 @@ index 88d0f85..f038dc5 100644
if (ret < 0)
return -1;
@@ -1755,8 +1919,18 @@ int lxc_rm_rf(const char *dirname)
@@ -1755,8 +1918,18 @@ int lxc_rm_rf(const char *dirname)
struct dirent *direntp;
dir = opendir(dirname);

111
0002-refactor-patch-code-of-isulad-for-conf-exec-attach.patch
View File

@ -6,13 +6,13 @@ Subject: [PATCH] refactor patch code of isulad for conf/exec/attach
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
src/lxc/attach_options.h | 41 +-
src/lxc/conf.c | 1990 ++++++++++++++++++++++++++++++++++++-
src/lxc/conf.c | 1993 ++++++++++++++++++++++++++++++++++++-
src/lxc/criu.c | 8 +-
src/lxc/execute.c | 19 +
src/lxc/file_utils.c | 27 +
src/lxc/lsm/apparmor.c | 14 +
src/lxc/tools/arguments.h | 24 +
7 files changed, 2119 insertions(+), 4 deletions(-)
7 files changed, 2122 insertions(+), 4 deletions(-)
diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h
index 63e62d4..16b4e21 100644
@ -101,7 +101,7 @@ index 63e62d4..16b4e21 100644
#ifdef __cplusplus
}
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 0078996..dd7c9c9 100644
index 0078996..378cf9f 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -33,6 +33,14 @@
@ -414,24 +414,27 @@ index 0078996..dd7c9c9 100644
if (pts_mnt_fd >= 0) {
ret = move_mount(pts_mnt_fd, "", -EBADF, path, MOVE_MOUNT_F_EMPTY_PATH);
if (!ret) {
@@ -1633,17 +1797,32 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs,
@@ -1633,17 +1797,35 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs,
}
ret = safe_mount(console->name, path, "none", MS_BIND, 0, rootfs_path);
+#else
+ // add mount lable for console
+ ret = safe_mount(console->name, path, "bind", MS_BIND, 0, rootfs_path, mount_label);
+#endif
+
if (ret < 0)
return log_error_errno(-1, errno, "Failed to mount %d(%s) on \"%s\"", pts_mnt_fd, console->name, path);
+#ifdef HAVE_ISULAD
+ }
+ DEBUG("Mounted pts device \"%s\" onto \"%s\"", console->name, path);
+#else
finish:
DEBUG("Mounted pts device %d(%s) onto \"%s\"", pts_mnt_fd, console->name, path);
+#else
+ // add mount lable for console
+ ret = safe_mount(console->name, path, "bind", MS_BIND, 0, rootfs_path, mount_label);
+
+ if (ret < 0)
+ return log_error_errno(-1, errno, "Failed to mount \"%s\" on \"%s\"", console->name, path);
+
+ }
+ DEBUG("Mounted pts device \"%s\" onto \"%s\"", console->name, path);
+#endif
+
return 0;
}
@ -447,7 +450,7 @@ index 0078996..dd7c9c9 100644
{
int ret;
char path[PATH_MAX], lxcpath[PATH_MAX];
@@ -1686,11 +1865,15 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
@@ -1686,11 +1868,15 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
if (ret < 0 && errno != EEXIST)
return log_error_errno(-errno, errno, "Failed to create console");
@ -463,7 +466,7 @@ index 0078996..dd7c9c9 100644
if (pts_mnt_fd >= 0) {
ret = move_mount(pts_mnt_fd, "", -EBADF, lxcpath, MOVE_MOUNT_F_EMPTY_PATH);
if (!ret) {
@@ -1707,11 +1890,23 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
@@ -1707,11 +1893,23 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
ret = safe_mount(console->name, lxcpath, "none", MS_BIND, 0, rootfs_path);
if (ret < 0)
return log_error_errno(-1, errno, "Failed to mount %d(%s) on \"%s\"", pts_mnt_fd, console->name, lxcpath);
@ -487,7 +490,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
return log_error_errno(-1, errno, "Failed to mount \"%s\" on \"%s\"", console->name, lxcpath);
DEBUG("Mounted \"%s\" onto \"%s\"", console->name, lxcpath);
@@ -1720,6 +1915,7 @@ finish:
@@ -1720,6 +1918,7 @@ finish:
return 0;
}
@ -495,7 +498,7 @@ index 0078996..dd7c9c9 100644
static int lxc_setup_console(const struct lxc_rootfs *rootfs,
const struct lxc_terminal *console, char *ttydir,
int pts_mnt_fd)
@@ -1730,7 +1926,18 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs,
@@ -1730,7 +1929,18 @@ static int lxc_setup_console(const struct lxc_rootfs *rootfs,
return lxc_setup_ttydir_console(rootfs, console, ttydir, pts_mnt_fd);
}
@ -505,16 +508,16 @@ index 0078996..dd7c9c9 100644
+{
+ if (!ttydir)
+ return lxc_setup_dev_console(rootfs, console, mount_label);
+
+ return lxc_setup_ttydir_console(rootfs, console, ttydir, mount_label);
+}
+#endif
+
+#ifndef HAVE_ISULAD
static int parse_mntopt(char *opt, unsigned long *flags, char **data, size_t size)
{
ssize_t ret;
@@ -1798,6 +2005,77 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata)
@@ -1798,6 +2008,77 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, char **mntdata)
return 0;
}
@ -592,7 +595,7 @@ index 0078996..dd7c9c9 100644
static void parse_propagationopt(char *opt, unsigned long *flags)
{
@@ -1862,10 +2140,17 @@ static char *get_field(char *src, int nfields)
@@ -1862,10 +2143,17 @@ static char *get_field(char *src, int nfields)
return p;
}
@ -610,7 +613,7 @@ index 0078996..dd7c9c9 100644
{
int ret;
char srcbuf[PATH_MAX];
@@ -1881,8 +2166,13 @@ static int mount_entry(const char *fsname, const char *target,
@@ -1881,8 +2169,13 @@ static int mount_entry(const char *fsname, const char *target,
srcpath = srcbuf;
}
@ -624,7 +627,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0) {
if (optional)
return log_info_errno(0, errno, "Failed to mount \"%s\" on \"%s\" (optional)",
@@ -2010,8 +2300,15 @@ static int mount_entry_create_dir_file(const struct mntent *mntent,
@@ -2010,8 +2303,15 @@ static int mount_entry_create_dir_file(const struct mntent *mntent,
if (hasmntopt(mntent, "create=dir")) {
ret = mkdir_p(path, 0755);
@ -640,7 +643,7 @@ index 0078996..dd7c9c9 100644
}
if (!hasmntopt(mntent, "create=file"))
@@ -2028,29 +2325,56 @@ static int mount_entry_create_dir_file(const struct mntent *mntent,
@@ -2028,29 +2328,56 @@ static int mount_entry_create_dir_file(const struct mntent *mntent,
p2 = dirname(p1);
ret = mkdir_p(p2, 0755);
@ -697,7 +700,7 @@ index 0078996..dd7c9c9 100644
optional = hasmntopt(mntent, "optional") != NULL;
dev = hasmntopt(mntent, "dev") != NULL;
@@ -2059,9 +2383,41 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
@@ -2059,9 +2386,41 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
if (rootfs && rootfs->path)
rootfs_path = rootfs->mount;
@ -739,7 +742,7 @@ index 0078996..dd7c9c9 100644
if (optional)
return 0;
@@ -2069,6 +2425,29 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
@@ -2069,6 +2428,29 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
}
cull_mntent_opt(mntent);
@ -769,7 +772,7 @@ index 0078996..dd7c9c9 100644
ret = parse_propagationopts(mntent->mnt_opts, &pflags);
if (ret < 0)
return -1;
@@ -2079,6 +2458,7 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
@@ -2079,6 +2461,7 @@ static inline int mount_entry_on_generic(struct mntent *mntent,
ret = mount_entry(mntent->mnt_fsname, path, mntent->mnt_type, mntflags,
pflags, mntdata, optional, dev, relative, rootfs_path);
@ -777,7 +780,7 @@ index 0078996..dd7c9c9 100644
return ret;
}
@@ -2098,13 +2478,25 @@ static inline int mount_entry_on_systemfs(struct mntent *mntent)
@@ -2098,13 +2481,25 @@ static inline int mount_entry_on_systemfs(struct mntent *mntent)
if (ret < 0 || ret >= sizeof(path))
return -1;
@ -803,7 +806,7 @@ index 0078996..dd7c9c9 100644
{
int offset;
char *aux;
@@ -2140,13 +2532,25 @@ skipabs:
@@ -2140,13 +2535,25 @@ skipabs:
if (ret < 0 || ret >= PATH_MAX)
return -1;
@ -829,7 +832,7 @@ index 0078996..dd7c9c9 100644
{
int ret;
char path[PATH_MAX];
@@ -2156,12 +2560,22 @@ static int mount_entry_on_relative_rootfs(struct mntent *mntent,
@@ -2156,12 +2563,22 @@ static int mount_entry_on_relative_rootfs(struct mntent *mntent,
if (ret < 0 || (size_t)ret >= sizeof(path))
return -1;
@ -852,7 +855,7 @@ index 0078996..dd7c9c9 100644
{
char buf[PATH_MAX];
struct mntent mntent;
@@ -2169,6 +2583,42 @@ static int mount_file_entries(const struct lxc_conf *conf,
@@ -2169,6 +2586,42 @@ static int mount_file_entries(const struct lxc_conf *conf,
while (getmntent_r(file, &mntent, buf, sizeof(buf))) {
int ret;
@ -895,7 +898,7 @@ index 0078996..dd7c9c9 100644
if (!rootfs->path)
ret = mount_entry_on_systemfs(&mntent);
else if (mntent.mnt_dir[0] != '/')
@@ -2177,6 +2627,8 @@ static int mount_file_entries(const struct lxc_conf *conf,
@@ -2177,6 +2630,8 @@ static int mount_file_entries(const struct lxc_conf *conf,
else
ret = mount_entry_on_absolute_rootfs(&mntent, rootfs,
lxc_name, lxc_path);
@ -904,7 +907,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
return -1;
}
@@ -2195,9 +2647,15 @@ static inline void __auto_endmntent__(FILE **f)
@@ -2195,9 +2650,15 @@ static inline void __auto_endmntent__(FILE **f)
#define __do_endmntent __attribute__((__cleanup__(__auto_endmntent__)))
@ -920,7 +923,7 @@ index 0078996..dd7c9c9 100644
{
__do_endmntent FILE *f = NULL;
int ret;
@@ -2209,7 +2667,11 @@ static int setup_mount(const struct lxc_conf *conf,
@@ -2209,7 +2670,11 @@ static int setup_mount(const struct lxc_conf *conf,
if (!f)
return log_error_errno(-1, errno, "Failed to open \"%s\"", fstab);
@ -932,7 +935,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
ERROR("Failed to set up mount entries");
@@ -2285,10 +2747,17 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount,
@@ -2285,10 +2750,17 @@ FILE *make_anonymous_mount_file(struct lxc_list *mount,
return f;
}
@ -950,7 +953,7 @@ index 0078996..dd7c9c9 100644
{
__do_fclose FILE *f = NULL;
@@ -2296,7 +2765,11 @@ static int setup_mount_entries(const struct lxc_conf *conf,
@@ -2296,7 +2768,11 @@ static int setup_mount_entries(const struct lxc_conf *conf,
if (!f)
return -1;
@ -962,7 +965,7 @@ index 0078996..dd7c9c9 100644
}
static int parse_cap(const char *cap)
@@ -2395,6 +2868,16 @@ static int dropcaps_except(struct lxc_list *caps)
@@ -2395,6 +2871,16 @@ static int dropcaps_except(struct lxc_list *caps)
lxc_list_for_each (iterator, caps) {
keep_entry = iterator->elem;
@ -979,7 +982,7 @@ index 0078996..dd7c9c9 100644
capid = parse_cap(keep_entry);
if (capid == -2)
continue;
@@ -2443,7 +2926,11 @@ static int parse_resource(const char *res)
@@ -2443,7 +2929,11 @@ static int parse_resource(const char *res)
return resid;
}
@ -991,7 +994,7 @@ index 0078996..dd7c9c9 100644
{
int resid;
struct lxc_list *it;
@@ -2457,8 +2944,17 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid)
@@ -2457,8 +2947,17 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid)
return log_error(-1, "Unknown resource %s", lim->resource);
#if HAVE_PRLIMIT || HAVE_PRLIMIT64
@ -1009,7 +1012,7 @@ index 0078996..dd7c9c9 100644
TRACE("Setup \"%s\" limit", lim->resource);
#else
@@ -2601,6 +3097,27 @@ struct lxc_conf *lxc_conf_init(void)
@@ -2601,6 +3100,27 @@ struct lxc_conf *lxc_conf_init(void)
memset(&new->ns_share, 0, sizeof(char *) * LXC_NS_MAX);
seccomp_conf_init(new);
@ -1037,7 +1040,7 @@ index 0078996..dd7c9c9 100644
return new;
}
@@ -3001,7 +3518,11 @@ again:
@@ -3001,7 +3521,11 @@ again:
null_endofword(target);
ret = mount(NULL, target, NULL, MS_SLAVE, NULL);
if (ret < 0) {
@ -1049,7 +1052,7 @@ index 0078996..dd7c9c9 100644
continue;
}
TRACE("Recursively turned old root mount tree into dependent mount");
@@ -3046,7 +3567,11 @@ static int lxc_execute_bind_init(struct lxc_handler *handler)
@@ -3046,7 +3570,11 @@ static int lxc_execute_bind_init(struct lxc_handler *handler)
return log_error_errno(-1, errno, "Failed to create dummy \"%s\" file as bind mount target", destpath);
}
@ -1061,7 +1064,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
return log_error_errno(-1, errno, "Failed to bind mount lxc.init.static into container");
@@ -3082,7 +3607,13 @@ int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf, const char *name,
@@ -3082,7 +3610,13 @@ int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf, const char *name,
return log_trace(0, "Bind mounted container / onto itself");
}
@ -1075,7 +1078,7 @@ index 0078996..dd7c9c9 100644
ret = run_lxc_hooks(name, "pre-mount", conf, NULL);
if (ret < 0)
@@ -3182,15 +3713,29 @@ static int lxc_setup_boot_id(void)
@@ -3182,15 +3716,29 @@ static int lxc_setup_boot_id(void)
int lxc_setup(struct lxc_handler *handler)
{
@ -1105,7 +1108,7 @@ index 0078996..dd7c9c9 100644
if (handler->nsfd[LXC_NS_UTS] == -EBADF) {
ret = setup_utsname(lxc_conf->utsname);
@@ -3221,6 +3766,7 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3221,6 +3769,7 @@ int lxc_setup(struct lxc_handler *handler)
return log_error(-1, "Failed to send network device names and ifindices to parent");
}
@ -1113,7 +1116,7 @@ index 0078996..dd7c9c9 100644
if (wants_console(&lxc_conf->console)) {
pts_mnt_fd = open_tree(-EBADF, lxc_conf->console.name,
OPEN_TREE_CLONE | OPEN_TREE_CLOEXEC | AT_EMPTY_PATH);
@@ -3231,9 +3777,15 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3231,9 +3780,15 @@ int lxc_setup(struct lxc_handler *handler)
TRACE("Created detached mount for container's console \"%s\"",
lxc_conf->console.name);
}
@ -1129,7 +1132,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
return log_error(-1, "Failed to mount \"/dev\"");
}
@@ -3245,15 +3797,38 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3245,15 +3800,38 @@ int lxc_setup(struct lxc_handler *handler)
if (ret < 0)
return log_error(-1, "Failed to setup first automatic mounts");
@ -1168,7 +1171,7 @@ index 0078996..dd7c9c9 100644
}
if (lxc_conf->is_execute) {
@@ -3278,6 +3853,7 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3278,6 +3856,7 @@ int lxc_setup(struct lxc_handler *handler)
}
}
@ -1176,7 +1179,7 @@ index 0078996..dd7c9c9 100644
/* Now mount only cgroups, if wanted. Before, /sys could not have been
* mounted. It is guaranteed to be mounted now either through
* automatically or via fstab entries.
@@ -3285,6 +3861,7 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3285,6 +3864,7 @@ int lxc_setup(struct lxc_handler *handler)
ret = lxc_mount_auto_mounts(lxc_conf, lxc_conf->auto_mounts & LXC_AUTO_CGROUP_MASK, handler);
if (ret < 0)
return log_error(-1, "Failed to setup remaining automatic mounts");
@ -1184,7 +1187,7 @@ index 0078996..dd7c9c9 100644
ret = run_lxc_hooks(name, "mount", lxc_conf, NULL);
if (ret < 0)
@@ -3295,21 +3872,45 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3295,21 +3875,45 @@ int lxc_setup(struct lxc_handler *handler)
if (ret < 0)
return log_error(-1, "Failed to run autodev hooks");
@ -1230,7 +1233,7 @@ index 0078996..dd7c9c9 100644
if (ret < 0)
return log_error(-1, "Failed to setup console");
@@ -3317,6 +3918,12 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3317,6 +3921,12 @@ int lxc_setup(struct lxc_handler *handler)
if (ret < 0)
return log_error(-1, "Failed to setup \"/dev\" symlinks");
@ -1243,7 +1246,7 @@ index 0078996..dd7c9c9 100644
ret = lxc_setup_rootfs_switch_root(&lxc_conf->rootfs);
if (ret < 0)
return log_error(-1, "Failed to pivot root into rootfs");
@@ -3325,14 +3932,31 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3325,14 +3935,31 @@ int lxc_setup(struct lxc_handler *handler)
if (lxc_conf->autodev > 0)
(void)lxc_setup_boot_id();
@ -1275,7 +1278,7 @@ index 0078996..dd7c9c9 100644
ret = setup_personality(lxc_conf->personality);
if (ret < 0)
return log_error(-1, "Failed to set personality");
@@ -3347,6 +3971,37 @@ int lxc_setup(struct lxc_handler *handler)
@@ -3347,6 +3974,37 @@ int lxc_setup(struct lxc_handler *handler)
return log_error(-1, "Failed to setup sysctl parameters");
}
@ -1313,7 +1316,7 @@ index 0078996..dd7c9c9 100644
if (!lxc_list_empty(&lxc_conf->keepcaps)) {
if (!lxc_list_empty(&lxc_conf->caps))
return log_error(-1, "Container requests lxc.cap.drop and lxc.cap.keep: either use lxc.cap.drop or lxc.cap.keep, not both");
@@ -3753,6 +4408,25 @@ void lxc_conf_free(struct lxc_conf *conf)
@@ -3753,6 +4411,25 @@ void lxc_conf_free(struct lxc_conf *conf)
free(conf->cgroup_meta.controllers);
free(conf->shmount.path_host);
free(conf->shmount.path_cont);
@ -1339,7 +1342,7 @@ index 0078996..dd7c9c9 100644
free(conf);
}
@@ -4775,3 +5449,1315 @@ struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings)
@@ -4775,3 +5452,1315 @@ struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings)
return result;
}

12
0003-refactor-patch-code-of-isulad-for-selinux-attach.patch
View File

@ -7,8 +7,8 @@ Signed-off-by: haozi007 <liuhao27@huawei.com>
---
src/lxc/exec_commands.c | 471 +++++++++++++++++++++++++++++++++++++
src/lxc/lsm/selinux.c | 258 ++++++++++++++++++++
src/lxc/tools/lxc_attach.c | 415 +++++++++++++++++++++++++++++++-
3 files changed, 1143 insertions(+), 1 deletion(-)
src/lxc/tools/lxc_attach.c | 413 +++++++++++++++++++++++++++++++-
3 files changed, 1141 insertions(+), 1 deletion(-)
create mode 100644 src/lxc/exec_commands.c
diff --git a/src/lxc/exec_commands.c b/src/lxc/exec_commands.c
@ -772,7 +772,7 @@ index dba0ab5..bd4f449 100644
struct lsm_drv *lsm_selinux_drv_init(void)
diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c
index a8f493a..58e19aa 100644
index a8f493a..1a5a241 100644
--- a/src/lxc/tools/lxc_attach.c
+++ b/src/lxc/tools/lxc_attach.c
@@ -72,8 +72,20 @@ static const struct option my_longopts[] = {
@ -947,7 +947,7 @@ index a8f493a..58e19aa 100644
}
return 0;
@@ -264,6 +395,287 @@ static int lxc_attach_create_log_file(const char *log_file)
@@ -264,6 +395,285 @@ static int lxc_attach_create_log_file(const char *log_file)
return fd;
}
@ -1207,11 +1207,9 @@ index a8f493a..58e19aa 100644
+ attach_options.open_stdin = true;
+ }
+
+#ifdef HAVE_ISULAD
+ if (my_args.workdir) {
+ attach_options.initial_cwd = my_args.workdir;
+ }
+#endif
+
+ /* isulad: add do attach background */
+ if (attach_options.attach_flags & LXC_ATTACH_TERMINAL)
@ -1235,7 +1233,7 @@ index a8f493a..58e19aa 100644
int main(int argc, char *argv[])
{
int ret = -1;
@@ -377,3 +789,4 @@ out:
@@ -377,3 +787,4 @@ out:
exit(EXIT_FAILURE);
}

194
0006-refactor-patch-about-namespace-log-terminal.patch
View File

@ -5,24 +5,22 @@ Subject: [PATCH] refactor patch about namespace log terminal
Signed-off-by: Neil.wrz <wangrunze13@huawei.com>
---
configure.ac | 30 +++++++++-
src/lxc/Makefile.am | 46 ++++++++++++++-
src/lxc/af_unix.c | 89 +++++++++++++++++++++++++++++
src/lxc/commands_utils.c | 57 +++++++++++++++++++
src/lxc/exec_commands.h | 77 +++++++++++++++++++++++++
configure.ac | 30 ++++++++++-
src/lxc/Makefile.am | 44 ++++++++++++++-
src/lxc/af_unix.c | 89 ++++++++++++++++++++++++++++++
src/lxc/commands_utils.c | 57 ++++++++++++++++++++
src/lxc/exec_commands.h | 77 ++++++++++++++++++++++++++
src/lxc/file_utils.h | 4 ++
src/lxc/isulad_utils.c | 99 +++++++++++++++++++++++++++++++++
src/lxc/json/read-file.c | 95 +++++++++++++++++++++++++++++++
src/lxc/json/read-file.c | 95 +++++++++++++++++++++++++++++++++
src/lxc/log.c | 56 +++++++++++++++++++
src/lxc/path.h | 65 ++++++++++++++++++++++
src/lxc/start.h | 32 +++++++++++
src/lxc/storage/block.c | 86 ++++++++++++++++++++++++++++
src/lxc/start.h | 30 +++++++++++
src/lxc/storage/block.c | 86 +++++++++++++++++++++++++++++
src/lxc/storage/block.h | 41 ++++++++++++++
src/lxc/storage/storage_utils.c | 61 +++++++++++++++++++-
src/lxc/storage/storage_utils.c | 60 +++++++++++++++++++++
src/lxc/terminal.h | 35 ++++++++++++
15 files changed, 869 insertions(+), 4 deletions(-)
14 files changed, 766 insertions(+), 3 deletions(-)
create mode 100644 src/lxc/exec_commands.h
create mode 100644 src/lxc/isulad_utils.c
create mode 100644 src/lxc/json/read-file.c
create mode 100644 src/lxc/path.h
create mode 100644 src/lxc/storage/block.c
@ -110,7 +108,7 @@ index 059d57d..ce8854e 100644
AC_CONFIG_FILES([
Makefile
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index d1e2364..433d938 100644
index d1e2364..b9a8750 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -52,6 +52,16 @@ noinst_HEADERS = api_extensions.h \
@ -138,22 +136,13 @@ index d1e2364..433d938 100644
cgroups/cgroup.c cgroups/cgroup.h \
cgroups/cgroup2_devices.c cgroups/cgroup2_devices.h \
cgroups/cgroup_utils.c cgroups/cgroup_utils.h \
@@ -135,6 +144,9 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
start.c start.h \
storage/btrfs.c storage/btrfs.h \
storage/dir.c storage/dir.h \
+if HAVE_ISULAD
+ storage/block.c storage/block.h \
+endif
storage/loop.c storage/loop.h \
storage/lvm.c storage/lvm.h \
storage/nbd.c storage/nbd.h \
@@ -154,6 +166,21 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
@@ -154,6 +163,22 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
version.h \
$(LSM_SOURCES)
+if HAVE_ISULAD
+liblxc_la_SOURCES += isulad_utils.c isulad_utils.h \
+ storage/block.c storage/block.h \
+ path.c path.h \
+ json/json_common.c json/json_common.h \
+ json/defs.h json/defs.c \
@ -170,7 +159,7 @@ index d1e2364..433d938 100644
if IS_BIONIC
liblxc_la_SOURCES += ../include/fexecve.c ../include/fexecve.h \
../include/lxcmntent.c ../include/lxcmntent.h \
@@ -212,6 +239,10 @@ AM_CFLAGS = -DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
@@ -212,6 +237,10 @@ AM_CFLAGS = -DLXCROOTFSMOUNT=\"$(LXCROOTFSMOUNT)\" \
-I $(top_srcdir)/src/lxc/storage \
-I $(top_srcdir)/src/lxc/cgroups
@ -181,7 +170,7 @@ index d1e2364..433d938 100644
if ENABLE_APPARMOR
AM_CFLAGS += -DHAVE_APPARMOR
endif
@@ -249,6 +280,10 @@ liblxc_la_CFLAGS += -fsanitize=address \
@@ -249,6 +278,10 @@ liblxc_la_CFLAGS += -fsanitize=address \
-fno-omit-frame-pointer
endif
@ -192,7 +181,7 @@ index d1e2364..433d938 100644
if ENABLE_UBSAN
liblxc_la_CFLAGS += -fsanitize=undefined
endif
@@ -258,6 +293,12 @@ liblxc_la_LDFLAGS = -pthread \
@@ -258,6 +291,12 @@ liblxc_la_LDFLAGS = -pthread \
-Wl,-soname,liblxc.so.$(firstword $(subst ., ,@LXC_ABI@)) \
-version-info @LXC_ABI_MAJOR@
@ -205,7 +194,7 @@ index d1e2364..433d938 100644
liblxc_la_LIBADD = $(CAP_LIBS) \
$(OPENSSL_LIBS) \
$(SELINUX_LIBS) \
@@ -321,7 +362,8 @@ LDADD = liblxc.la \
@@ -321,7 +360,8 @@ LDADD = liblxc.la \
@OPENSSL_LIBS@ \
@SECCOMP_LIBS@ \
@SELINUX_LIBS@ \
@ -516,111 +505,6 @@ index f9c8abe..37cd79e 100644
+#endif
+
#endif /* __LXC_FILE_UTILS_H */
diff --git a/src/lxc/isulad_utils.c b/src/lxc/isulad_utils.c
new file mode 100644
index 0000000..b282404
--- /dev/null
+++ b/src/lxc/isulad_utils.c
@@ -0,0 +1,99 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+/******************************************************************************
+ * Copyright (c) Huawei Technologies Co., Ltd. 2020. Allrights reserved
+ * Description: isulad utils
+ * Author: lifeng
+ * Create: 2020-04-11
+******************************************************************************/
+
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include "isulad_utils.h"
+#include "log.h"
+#include "path.h"
+#include "file_utils.h"
+
+lxc_log_define(isulad_utils, lxc);
+
+void *lxc_common_calloc_s(size_t size)
+{
+ if (size == 0 || size > SIZE_MAX) {
+ return NULL;
+ }
+
+ return calloc((size_t)1, size);
+}
+
+int lxc_mem_realloc(void **newptr, size_t newsize, void *oldptr, size_t oldsize)
+{
+ void *tmp = NULL;
+
+ if (newsize == 0) {
+ goto err_out;
+ }
+
+ tmp = lxc_common_calloc_s(newsize);
+ if (tmp == NULL) {
+ ERROR("Failed to malloc memory");
+ goto err_out;
+ }
+
+ if (oldptr != NULL) {
+ memcpy(tmp, oldptr, (newsize < oldsize) ? newsize : oldsize);
+
+ memset(oldptr, 0, oldsize);
+
+ free(oldptr);
+ }
+
+ *newptr = tmp;
+ return 0;
+
+err_out:
+ return -1;
+}
+
+char *safe_strdup(const char *src)
+{
+ char *dst = NULL;
+
+ if (src == NULL) {
+ return NULL;
+ }
+
+ dst = strdup(src);
+ if (dst == NULL) {
+ abort();
+ }
+
+ return dst;
+}
+
+int lxc_open(const char *filename, int flags, mode_t mode)
+{
+ char rpath[PATH_MAX] = {0x00};
+
+ if (cleanpath(filename, rpath, sizeof(rpath)) == NULL) {
+ return -1;
+ }
+ if (mode) {
+ return open(rpath, (int)((unsigned int)flags | O_CLOEXEC), mode);
+ } else {
+ return open(rpath, (int)((unsigned int)flags | O_CLOEXEC));
+ }
+}
+
+FILE *lxc_fopen(const char *filename, const char *mode)
+{
+ char rpath[PATH_MAX] = {0x00};
+
+ if (cleanpath(filename, rpath, sizeof(rpath)) == NULL) {
+ return NULL;
+ }
+
+ return fopen_cloexec(rpath, mode);
+}
diff --git a/src/lxc/json/read-file.c b/src/lxc/json/read-file.c
new file mode 100644
index 0000000..34ebeed
@ -900,7 +784,7 @@ index 0000000..2c60fb9
+
+#endif
diff --git a/src/lxc/start.h b/src/lxc/start.h
index ece4aac..1d05be6 100644
index ece4aac..c7a0a55 100644
--- a/src/lxc/start.h
+++ b/src/lxc/start.h
@@ -124,8 +124,17 @@ struct lxc_handler {
@ -933,26 +817,18 @@ index ece4aac..1d05be6 100644
int (*post_start)(struct lxc_handler *, void *);
};
@@ -147,10 +160,15 @@ extern int lxc_serve_state_clients(const char *name,
struct lxc_handler *handler,
lxc_state_t state);
extern void lxc_abort(struct lxc_handler *handler);
+#ifdef HAVE_ISULAD
+extern void lxc_zero_handler(struct lxc_handler *handler);
+extern void lxc_free_handler(struct lxc_handler *handler);
+#else
extern struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
const char *name,
struct lxc_conf *conf,
const char *lxcpath, bool daemonize);
+#endif
extern void lxc_put_handler(struct lxc_handler *handler);
extern int lxc_init(const char *name, struct lxc_handler *handler);
extern void lxc_end(struct lxc_handler *handler);
@@ -169,9 +187,23 @@ static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
@@ -164,14 +177,31 @@ extern void lxc_end(struct lxc_handler *handler);
*/
extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
int *fds_to_ignore, size_t len_fds);
+#ifndef HAVE_ISULAD
static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
{
return lxc_check_inherited(handler->conf, closeall, handler->keep_fds,
ARRAY_SIZE(handler->keep_fds));
}
+#endif
+
+#ifdef HAVE_ISULAD
+extern int __lxc_start(struct lxc_handler *handler,
+ struct lxc_operations* ops, void *data, const char *lxcpath,
@ -1113,7 +989,7 @@ index 0000000..2fa7565
+
+#endif /* __LXC_BLK_H */
diff --git a/src/lxc/storage/storage_utils.c b/src/lxc/storage/storage_utils.c
index f96bd52..63371ae 100644
index f96bd52..696c6e5 100644
--- a/src/lxc/storage/storage_utils.c
+++ b/src/lxc/storage/storage_utils.c
@@ -256,10 +256,17 @@ int is_blktype(struct lxc_storage *b)
@ -1134,7 +1010,7 @@ index f96bd52..63371ae 100644
int ret;
struct cbarg {
const char *rootfs;
@@ -288,14 +295,40 @@ int mount_unknown_fs(const char *rootfs, const char *target,
@@ -288,14 +295,41 @@ int mount_unknown_fs(const char *rootfs, const char *target,
ret = lxc_file_for_each_line(fsfile[i], find_fstype_cb, &cbarg);
if (ret < 0) {
ERROR("Failed to parse \"%s\"", fsfile[i]);
@ -1145,17 +1021,17 @@ index f96bd52..63371ae 100644
return -1;
}
- if (ret)
+#ifdef HAVE_ISULAD
+ if (ret) {
+ lxc_free_array((void**)mount_errors, free);
+ mount_errors = NULL;
return 0;
+ return 0;
+ }
+#else
+ if (ret)
+ return 0;
if (ret)
return 0;
+#endif
+ }
+
+#ifdef HAVE_ISULAD
+ if (mount_errors != NULL) {
@ -1176,7 +1052,7 @@ index f96bd52..63371ae 100644
return -1;
}
@@ -316,6 +349,11 @@ int find_fstype_cb(char *buffer, void *data)
@@ -316,6 +350,11 @@ int find_fstype_cb(char *buffer, void *data)
char *mntdata = NULL;
char *fstype;
@ -1188,7 +1064,7 @@ index f96bd52..63371ae 100644
/* we don't try 'nodev' entries */
if (strstr(buffer, "nodev"))
return 0;
@@ -327,14 +365,35 @@ int find_fstype_cb(char *buffer, void *data)
@@ -327,14 +366,35 @@ int find_fstype_cb(char *buffer, void *data)
DEBUG("Trying to mount \"%s\"->\"%s\" with FSType \"%s\"", cbarg->rootfs,
cbarg->target, fstype);

115
0007-refactor-patches-on-terminal.c-start.c-and-so-on.patch
View File

@ -13,14 +13,14 @@ Signed-off-by: chengzrz <czrzrichard@gmail.com>
src/lxc/lsm/lsm.h | 8 +
src/lxc/lxclock.h | 4 +
src/lxc/mainloop.h | 4 +
src/lxc/start.c | 952 ++++++++++++++++++++++++++++++++++++
src/lxc/start.c | 958 ++++++++++++++++++++++++++++++++++++
src/lxc/storage/btrfs.c | 11 +
src/lxc/storage/overlay.c | 8 +
src/lxc/sync.h | 4 +
src/lxc/terminal.c | 990 ++++++++++++++++++++++++++++++++++++++
src/tests/Makefile.am | 4 +
src/tests/attach.c | 11 +
15 files changed, 2019 insertions(+)
15 files changed, 2025 insertions(+)
diff --git a/hooks/Makefile.am b/hooks/Makefile.am
index 5ae73d7..ddfd4bc 100644
@ -166,7 +166,7 @@ index e6ab9a6..aa41a93 100644
+
#endif
diff --git a/src/lxc/start.c b/src/lxc/start.c
index fd969c4..d83330e 100644
index fd969c4..f82df34 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -304,7 +304,11 @@ static int setup_signal_fd(sigset_t *oldmask)
@ -209,7 +209,17 @@ index fd969c4..d83330e 100644
out_mainloop_console:
if (has_console) {
@@ -671,6 +689,12 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
@@ -637,7 +655,9 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
const char *name, struct lxc_conf *conf,
const char *lxcpath, bool daemonize)
{
+#ifndef HAVE_ISULAD
int nr_keep_fds = 0;
+#endif
int ret;
struct lxc_handler *handler;
@@ -671,6 +691,12 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
handler->nsfd[i] = -EBADF;
handler->name = name;
@ -222,7 +232,28 @@ index fd969c4..d83330e 100644
if (daemonize)
handler->transient_pid = lxc_raw_getpid();
else
@@ -721,6 +745,10 @@ int lxc_init(const char *name, struct lxc_handler *handler)
@@ -691,8 +717,10 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
TRACE("Created anonymous pair {%d,%d} of unix sockets",
handler->state_socket_pair[0],
handler->state_socket_pair[1]);
+#ifndef HAVE_ISULAD
handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[0];
handler->keep_fds[nr_keep_fds++] = handler->state_socket_pair[1];
+#endif
}
if (handler->conf->reboot == REBOOT_NONE) {
@@ -701,7 +729,9 @@ struct lxc_handler *lxc_init_handler(struct lxc_handler *old,
ERROR("Failed to set up command socket");
goto on_error;
}
+#ifndef HAVE_ISULAD
handler->keep_fds[nr_keep_fds++] = handler->conf->maincmd_fd;
+#endif
}
TRACE("Unix domain socket %d for command server is ready",
@@ -721,6 +751,10 @@ int lxc_init(const char *name, struct lxc_handler *handler)
int ret;
const char *loglevel;
struct lxc_conf *conf = handler->conf;
@ -233,7 +264,7 @@ index fd969c4..d83330e 100644
handler->monitor_pid = lxc_raw_getpid();
status_fd = open("/proc/self/status", O_RDONLY | O_CLOEXEC);
@@ -810,6 +838,9 @@ int lxc_init(const char *name, struct lxc_handler *handler)
@@ -810,6 +844,9 @@ int lxc_init(const char *name, struct lxc_handler *handler)
ret = lxc_terminal_setup(conf);
if (ret < 0) {
ERROR("Failed to create console");
@ -243,7 +274,7 @@ index fd969c4..d83330e 100644
goto out_restore_sigmask;
}
TRACE("Created console");
@@ -853,6 +884,185 @@ out_restore_sigmask:
@@ -853,6 +890,185 @@ out_restore_sigmask:
return -1;
}
@ -429,7 +460,7 @@ index fd969c4..d83330e 100644
void lxc_end(struct lxc_handler *handler)
{
int ret;
@@ -926,6 +1136,33 @@ void lxc_end(struct lxc_handler *handler)
@@ -926,6 +1142,33 @@ void lxc_end(struct lxc_handler *handler)
lsm_process_cleanup(handler->conf, handler->lxcpath);
@ -463,7 +494,7 @@ index fd969c4..d83330e 100644
if (cgroup_ops) {
cgroup_ops->payload_destroy(cgroup_ops, handler);
cgroup_ops->monitor_destroy(cgroup_ops, handler);
@@ -940,12 +1177,25 @@ void lxc_end(struct lxc_handler *handler)
@@ -940,12 +1183,25 @@ void lxc_end(struct lxc_handler *handler)
*/
close_prot_errno_disarm(handler->conf->maincmd_fd);
TRACE("Closed command socket");
@ -489,7 +520,7 @@ index fd969c4..d83330e 100644
/* The command socket is closed so no one can acces the command
* socket anymore so there's no need to lock it.
*/
@@ -1042,6 +1292,25 @@ static int do_start(void *data)
@@ -1042,6 +1298,25 @@ static int do_start(void *data)
lxc_sync_fini_parent(handler);
@ -515,7 +546,7 @@ index fd969c4..d83330e 100644
if (lxc_abstract_unix_recv_fds(data_sock1, &status_fd, 1, NULL, 0) < 0) {
ERROR("Failed to receive status file descriptor to child process");
goto out_warn_father;
@@ -1155,7 +1424,11 @@ static int do_start(void *data)
@@ -1155,7 +1430,11 @@ static int do_start(void *data)
* means that migration won't work, but at least we won't spew output
* where it isn't wanted.
*/
@ -527,7 +558,7 @@ index fd969c4..d83330e 100644
char path[PATH_MAX];
ret = snprintf(path, sizeof(path), "%s/dev/null",
@@ -1221,6 +1494,9 @@ static int do_start(void *data)
@@ -1221,6 +1500,9 @@ static int do_start(void *data)
/* Setup the container, ip, names, utsname, ... */
ret = lxc_setup(handler);
if (ret < 0) {
@ -537,7 +568,7 @@ index fd969c4..d83330e 100644
ERROR("Failed to setup container \"%s\"", handler->name);
goto out_warn_father;
}
@@ -1243,12 +1519,70 @@ static int do_start(void *data)
@@ -1243,12 +1525,70 @@ static int do_start(void *data)
DEBUG("Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges");
}
@ -608,7 +639,7 @@ index fd969c4..d83330e 100644
if (handler->conf->console.pts >= 0) {
if (handler->daemonize || !handler->conf->is_execute)
ret = set_stdfds(handler->conf->console.pts);
@@ -1260,6 +1594,7 @@ static int do_start(void *data)
@@ -1260,6 +1600,7 @@ static int do_start(void *data)
goto out_warn_father;
}
}
@ -616,7 +647,7 @@ index fd969c4..d83330e 100644
/* If we mounted a temporary proc, then unmount it now. */
tmp_proc_unmount(handler->conf);
@@ -1283,6 +1618,21 @@ static int do_start(void *data)
@@ -1283,6 +1624,21 @@ static int do_start(void *data)
close_prot_errno_disarm(handler->sigfd);
@ -638,7 +669,7 @@ index fd969c4..d83330e 100644
if (handler->conf->console.pts < 0 && handler->daemonize) {
if (devnull_fd < 0) {
devnull_fd = open_devnull();
@@ -1296,12 +1646,25 @@ static int do_start(void *data)
@@ -1296,12 +1652,25 @@ static int do_start(void *data)
goto out_warn_father;
}
}
@ -664,7 +695,7 @@ index fd969c4..d83330e 100644
ret = chdir(handler->conf->init_cwd);
if (ret < 0) {
SYSERROR("Could not change directory to \"%s\"",
@@ -1345,6 +1708,13 @@ static int do_start(void *data)
@@ -1345,6 +1714,13 @@ static int do_start(void *data)
}
}
@ -678,7 +709,7 @@ index fd969c4..d83330e 100644
/* The container has been setup. We can now switch to an unprivileged
* uid/gid.
*/
@@ -1358,6 +1728,13 @@ static int do_start(void *data)
@@ -1358,6 +1734,13 @@ static int do_start(void *data)
if (new_gid == nsgid)
new_gid = LXC_INVALID_GID;
@ -692,7 +723,7 @@ index fd969c4..d83330e 100644
/* Make sure that the processes STDIO is correctly owned by the user that we are switching to */
ret = fix_stdio_permissions(new_uid);
if (ret)
@@ -1371,8 +1748,16 @@ static int do_start(void *data)
@@ -1371,8 +1754,16 @@ static int do_start(void *data)
#if HAVE_LIBCAP
if (lxc_proc_cap_is_set(CAP_SETGID, CAP_EFFECTIVE))
#endif
@ -709,7 +740,7 @@ index fd969c4..d83330e 100644
if (!lxc_switch_uid_gid(new_uid, new_gid))
goto out_warn_father;
@@ -1383,6 +1768,19 @@ static int do_start(void *data)
@@ -1383,6 +1774,19 @@ static int do_start(void *data)
goto out_warn_father;
}
@ -729,7 +760,7 @@ index fd969c4..d83330e 100644
if (handler->conf->monitor_signal_pdeath != SIGKILL) {
ret = lxc_set_death_signal(handler->conf->monitor_signal_pdeath,
handler->monitor_pid, status_fd);
@@ -1397,7 +1795,12 @@ static int do_start(void *data)
@@ -1397,7 +1801,12 @@ static int do_start(void *data)
* After this call, we are in error because this ops should not return
* as it execs.
*/
@ -742,7 +773,7 @@ index fd969c4..d83330e 100644
out_warn_father:
/*
@@ -1529,6 +1932,94 @@ static inline int do_share_ns(void *arg)
@@ -1529,6 +1938,94 @@ static inline int do_share_ns(void *arg)
return 0;
}
@ -837,7 +868,7 @@ index fd969c4..d83330e 100644
/* lxc_spawn() performs crucial setup tasks and clone()s the new process which
* exec()s the requested container binary.
* Note that lxc_spawn() runs in the parent namespaces. Any operations performed
@@ -1595,7 +2086,11 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1595,7 +2092,11 @@ static int lxc_spawn(struct lxc_handler *handler)
* it readonly.
* If the container is unprivileged then skip rootfs pinning.
*/
@ -849,7 +880,7 @@ index fd969c4..d83330e 100644
handler->pinfd = pin_rootfs(conf->rootfs.path);
if (handler->pinfd == -EBADF)
INFO("Failed to pin the rootfs for container \"%s\"", handler->name);
@@ -1640,6 +2135,32 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1640,6 +2141,32 @@ static int lxc_spawn(struct lxc_handler *handler)
}
TRACE("Cloned child process %d", handler->pid);
@ -882,7 +913,7 @@ index fd969c4..d83330e 100644
/* Verify that we can actually make use of pidfds. */
if (!lxc_can_use_pidfd(handler->pidfd))
close_prot_errno_disarm(handler->pidfd);
@@ -1652,6 +2173,13 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1652,6 +2179,13 @@ static int lxc_spawn(struct lxc_handler *handler)
if (ret < 0)
SYSERROR("Failed to set environment variable: LXC_PID=%s", pidstr);
@ -896,7 +927,7 @@ index fd969c4..d83330e 100644
for (i = 0; i < LXC_NS_MAX; i++)
if (handler->ns_on_clone_flags & ns_info[i].clone_flag)
INFO("Cloned %s", ns_info[i].flag_name);
@@ -1765,7 +2293,11 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1765,7 +2299,11 @@ static int lxc_spawn(struct lxc_handler *handler)
goto out_delete_net;
if (!lxc_list_empty(&conf->limits)) {
@ -908,7 +939,7 @@ index fd969c4..d83330e 100644
if (ret < 0) {
ERROR("Failed to setup resource limits");
goto out_delete_net;
@@ -1816,6 +2348,26 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1816,6 +2354,26 @@ static int lxc_spawn(struct lxc_handler *handler)
ERROR("Failed to run lxc.hook.start-host");
goto out_delete_net;
}
@ -935,7 +966,7 @@ index fd969c4..d83330e 100644
/* Tell the child to complete its initialization and wait for it to exec
* or return an error. (The child will never return
@@ -1859,6 +2411,22 @@ static int lxc_spawn(struct lxc_handler *handler)
@@ -1859,6 +2417,22 @@ static int lxc_spawn(struct lxc_handler *handler)
if (ret < 0)
goto out_abort;
@ -958,7 +989,7 @@ index fd969c4..d83330e 100644
ret = lxc_set_state(name, handler, RUNNING);
if (ret < 0) {
ERROR("Failed to set state to \"%s\"", lxc_state2str(RUNNING));
@@ -1883,9 +2451,83 @@ out_sync_fini:
@@ -1883,9 +2457,83 @@ out_sync_fini:
return -1;
}
@ -1042,7 +1073,7 @@ index fd969c4..d83330e 100644
int ret, status;
const char *name = handler->name;
struct lxc_conf *conf = handler->conf;
@@ -1901,6 +2543,16 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
@@ -1901,6 +2549,16 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
handler->daemonize = daemonize;
cgroup_ops = handler->cgroup_ops;
@ -1059,7 +1090,7 @@ index fd969c4..d83330e 100644
if (!attach_block_device(handler->conf)) {
ERROR("Failed to attach block device");
ret = -1;
@@ -1959,11 +2611,13 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
@@ -1959,11 +2617,13 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
goto out_delete_network;
}
@ -1073,7 +1104,7 @@ index fd969c4..d83330e 100644
status = lxc_wait_for_pid_status(handler->pid);
if (status < 0)
@@ -1973,6 +2627,21 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
@@ -1973,6 +2633,21 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
* reboot. This should mean it was an lxc-execute which simply exited.
* In any case, treat it as a 'halt'.
*/
@ -1095,7 +1126,7 @@ index fd969c4..d83330e 100644
if (WIFSIGNALED(status)) {
switch(WTERMSIG(status)) {
case SIGINT: /* halt */
@@ -1990,6 +2659,7 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
@@ -1990,6 +2665,7 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
break;
}
}
@ -1103,7 +1134,7 @@ index fd969c4..d83330e 100644
ret = lxc_restore_phys_nics_to_netns(handler);
if (ret < 0)
@@ -1997,11 +2667,20 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
@@ -1997,11 +2673,20 @@ int __lxc_start(struct lxc_handler *handler, struct lxc_operations *ops,
close_prot_errno_disarm(handler->pinfd);
@ -1124,7 +1155,7 @@ index fd969c4..d83330e 100644
/* These are not the droids you are looking for. */
__private_goto1:
lxc_delete_network(handler);
@@ -2032,7 +2711,11 @@ struct start_args {
@@ -2032,7 +2717,11 @@ struct start_args {
char *const *argv;
};
@ -1136,7 +1167,7 @@ index fd969c4..d83330e 100644
{
struct start_args *arg = data;
@@ -2040,6 +2723,9 @@ static int start(struct lxc_handler *handler, void* data)
@@ -2040,6 +2729,9 @@ static int start(struct lxc_handler *handler, void* data)
execvp(arg->argv[0], arg->argv);
SYSERROR("Failed to exec \"%s\"", arg->argv[0]);
@ -1146,7 +1177,7 @@ index fd969c4..d83330e 100644
return 0;
}
@@ -2057,14 +2743,22 @@ static struct lxc_operations start_ops = {
@@ -2057,14 +2749,22 @@ static struct lxc_operations start_ops = {
};
int lxc_start(char *const argv[], struct lxc_handler *handler,
@ -1169,7 +1200,7 @@ index fd969c4..d83330e 100644
}
static void lxc_destroy_container_on_signal(struct lxc_handler *handler,
@@ -2136,3 +2830,261 @@ static bool do_destroy_container(struct lxc_handler *handler)
@@ -2136,3 +2836,261 @@ static bool do_destroy_container(struct lxc_handler *handler)
return storage_destroy(handler->conf);
}
@ -1304,7 +1335,7 @@ index fd969c4..d83330e 100644
+ return handler;
+
+on_error:
+ lxc_free_handler(handler);
+ lxc_put_handler(handler);
+
+ return NULL;
+}
@ -1355,7 +1386,7 @@ index fd969c4..d83330e 100644
+ return handler;
+
+on_error:
+ lxc_free_handler(handler);
+ lxc_put_handler(handler);
+
+ return NULL;
+}
@ -1401,7 +1432,7 @@ index fd969c4..d83330e 100644
+ }
+
+out:
+ lxc_free_handler(handler);
+ lxc_put_handler(handler);
+ return ret;
+}
+
@ -1426,7 +1457,7 @@ index fd969c4..d83330e 100644
+ }
+
+out:
+ lxc_free_handler(handler);
+ lxc_put_handler(handler);
+ return ret;
+}
+

8
lxc.spec
View File

@ -1,4 +1,4 @@
%global _release 2022072102
%global _release 2022072103
Name: lxc
Version: 4.0.3
@ -187,6 +187,12 @@ make check
%{_mandir}/*/man7/%{name}*
%changelog
* Thu Jul 21 2022 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 4.0.3-2022072102
- Type:bugfix
- ID:NA
- SUG:NA
- DESC: fix compile error
* Thu Jul 21 2022 chengzeruizhi<chengzeruizhi@huawei.com> - 4.0.3-2022072101
- Type:bugfix
- ID:NA