runc:modify patch path
This commit is contained in:
zhongjiawei
parent
64ff97e608
commit
34a1f31f1c
@ -19,7 +19,7 @@ while IPF= read -r line
|
||||
do
|
||||
if [[ "$line" =~ ^patch* ]]; then
|
||||
echo patch -p1 $cwd/$line
|
||||
patch -p1 < $cwd/$line
|
||||
cd $src && patch -p1 < $cwd/$line
|
||||
fi
|
||||
done <"$series"
|
||||
|
||||
|
||||
@ -1 +1 @@
|
||||
9b47ea11a903817a64b3d14fc8a7b88835bd1a00
|
||||
f4036ea04db8cd0df716110b147057209c36ac78
|
||||
|
||||
@ -1,18 +1,18 @@
|
||||
From 0aa433bd4f83b99ed1964d67abbb7fe833d8b78d Mon Sep 17 00:00:00 2001
|
||||
From ee228fa3991d1d0008416df61b4bae645adf8e1a Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Sat, 8 Oct 2022 15:49:27 +0800
|
||||
Subject: [PATCH] runc:Add spec for euleros
|
||||
Date: Thu, 5 Jan 2023 16:13:12 +0800
|
||||
Subject: [PATCH] runc: Add spec for euleros
|
||||
|
||||
---
|
||||
runc-1.1.3/script/runc-euleros.spec | 50 +++++++++++++++++++++++++++++
|
||||
script/runc-euleros.spec | 50 ++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 50 insertions(+)
|
||||
create mode 100644 runc-1.1.3/script/runc-euleros.spec
|
||||
create mode 100644 script/runc-euleros.spec
|
||||
|
||||
diff --git a/runc-1.1.3/script/runc-euleros.spec b/runc-1.1.3/script/runc-euleros.spec
|
||||
diff --git a/script/runc-euleros.spec b/script/runc-euleros.spec
|
||||
new file mode 100644
|
||||
index 0000000..db4e868
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/script/runc-euleros.spec
|
||||
+++ b/script/runc-euleros.spec
|
||||
@@ -0,0 +1,50 @@
|
||||
+%global _bindir /usr/local/bin
|
||||
+
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
From 3afc90db6eb945e2668b66b1613659bb28e306e1 Mon Sep 17 00:00:00 2001
|
||||
From 992170fc8663968692d76db0710ca3fa64de5917 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Sat, 8 Oct 2022 16:23:11 +0800
|
||||
Date: Thu, 5 Jan 2023 16:16:57 +0800
|
||||
Subject: [PATCH] runc:fix unittest and integration test error caused
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/integration/execin_test.go | 8 +-------
|
||||
runc-1.1.3/tests/integration/exec.bats | 4 ++--
|
||||
libcontainer/integration/execin_test.go | 8 +-------
|
||||
tests/integration/exec.bats | 4 ++--
|
||||
2 files changed, 3 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/integration/execin_test.go b/runc-1.1.3/libcontainer/integration/execin_test.go
|
||||
diff --git a/libcontainer/integration/execin_test.go b/libcontainer/integration/execin_test.go
|
||||
index f8a6a9c..9669eca 100644
|
||||
--- a/runc-1.1.3/libcontainer/integration/execin_test.go
|
||||
+++ b/runc-1.1.3/libcontainer/integration/execin_test.go
|
||||
--- a/libcontainer/integration/execin_test.go
|
||||
+++ b/libcontainer/integration/execin_test.go
|
||||
@@ -62,9 +62,6 @@ func TestExecIn(t *testing.T) {
|
||||
if !strings.Contains(out, "cat") || !strings.Contains(out, "ps") {
|
||||
t.Fatalf("unexpected running process, output %q", out)
|
||||
@ -36,10 +36,10 @@ index f8a6a9c..9669eca 100644
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/runc-1.1.3/tests/integration/exec.bats b/runc-1.1.3/tests/integration/exec.bats
|
||||
diff --git a/tests/integration/exec.bats b/tests/integration/exec.bats
|
||||
index 140cd18..cd01f00 100644
|
||||
--- a/runc-1.1.3/tests/integration/exec.bats
|
||||
+++ b/runc-1.1.3/tests/integration/exec.bats
|
||||
--- a/tests/integration/exec.bats
|
||||
+++ b/tests/integration/exec.bats
|
||||
@@ -101,7 +101,7 @@ function teardown() {
|
||||
|
||||
runc exec --cwd /bin test_busybox pwd
|
||||
|
||||
@ -1,18 +1,16 @@
|
||||
From 1bc820d277edc05d145b8729e3a8e343b9d4b529 Mon Sep 17 00:00:00 2001
|
||||
From 1c953cdee5aa6c677bef7c7042dbec6fc9ddf172 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 10 Oct 2022 14:49:30 +0800
|
||||
Date: Thu, 5 Jan 2023 16:18:37 +0800
|
||||
Subject: [PATCH] runc:add timeout for syscall.Openat
|
||||
|
||||
Openat will be blocked until the fifo on the other side is opened, but in some
|
||||
abnomal scenario(e.g. containerd is killed), Openat maybe be blocked all the time.
|
||||
---
|
||||
.../libcontainer/standard_init_linux.go | 29 ++++++++++++++-----
|
||||
libcontainer/standard_init_linux.go | 29 ++++++++++++++++++++++-------
|
||||
1 file changed, 22 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index 585a04f..ab553ef 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"os"
|
||||
"os/exec"
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From 1d9d98ffd7b452087e70d2e2bd62f8827af58a10 Mon Sep 17 00:00:00 2001
|
||||
From 88f50537a85aed278be136cd0b3d4664e8c71b5d Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 10 Oct 2022 15:20:13 +0800
|
||||
Date: Thu, 5 Jan 2023 16:19:48 +0800
|
||||
Subject: [PATCH] runc: update state eariler to avoid cgroup leak when process
|
||||
failed
|
||||
|
||||
@ -20,15 +20,15 @@ This patch perform state updating right after cgroup applying. so
|
||||
`runc delete` will do the cleaning job
|
||||
|
||||
Change-Id: I7b247f501986e712a86da3958d1be573af4e84a6
|
||||
Signed-off-by: Deng Guangxing <dengguangxing@huawei.com>
|
||||
Signed-off-by: Deng Guangxing <dengguangxing@huawei.com
|
||||
---
|
||||
runc-1.1.3/libcontainer/process_linux.go | 5 +++++
|
||||
libcontainer/process_linux.go | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/process_linux.go b/runc-1.1.3/libcontainer/process_linux.go
|
||||
diff --git a/libcontainer/process_linux.go b/libcontainer/process_linux.go
|
||||
index 446649a..29408d7 100644
|
||||
--- a/runc-1.1.3/libcontainer/process_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/process_linux.go
|
||||
--- a/libcontainer/process_linux.go
|
||||
+++ b/libcontainer/process_linux.go
|
||||
@@ -411,6 +411,11 @@ func (p *initProcess) start() (retErr error) {
|
||||
if err := p.manager.Apply(p.pid()); err != nil {
|
||||
return fmt.Errorf("unable to apply cgroup configuration: %w", err)
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From d837fdf20465ffee55ff81efb3df8d010ecae765 Mon Sep 17 00:00:00 2001
|
||||
From f2a2674f9883e6eb588ce9235161019d31bcedc6 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 15:47:24 +0800
|
||||
Date: Thu, 5 Jan 2023 16:21:10 +0800
|
||||
Subject: [PATCH] runc: print cgroup info if cpuset missing occurs
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/cgroups/fs/cpuset.go | 20 ++++++++++++++++++++
|
||||
libcontainer/cgroups/fs/cpuset.go | 20 ++++++++++++++++++++
|
||||
1 file changed, 20 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
diff --git a/libcontainer/cgroups/fs/cpuset.go b/libcontainer/cgroups/fs/cpuset.go
|
||||
index 550baa4..341d5dc 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
--- a/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/libcontainer/cgroups/fs/cpuset.go
|
||||
@@ -172,6 +172,26 @@ func (s *CpusetGroup) ApplyDir(dir string, r *configs.Resources, pid int) error
|
||||
}
|
||||
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 2d6cea3500b37c854ead44cf557864968903ad21 Mon Sep 17 00:00:00 2001
|
||||
From 7cc7be6f85400953208981415d9f46a4db12bbcc Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 16:06:55 +0800
|
||||
Date: Thu, 5 Jan 2023 16:22:53 +0800
|
||||
Subject: [PATCH] runc: add more specific log for hooks
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/configs/config.go | 2 ++
|
||||
libcontainer/configs/config.go | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
|
||||
diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
|
||||
index c1b4a00..72910ff 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/config.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/config.go
|
||||
--- a/libcontainer/configs/config.go
|
||||
+++ b/libcontainer/configs/config.go
|
||||
@@ -279,9 +279,11 @@ type Capabilities struct {
|
||||
|
||||
func (hooks HookList) RunHooks(state *specs.State) error {
|
||||
|
||||
@ -1,19 +1,19 @@
|
||||
From dfbe86042987a6f5c14c589668183f37d2ecac91 Mon Sep 17 00:00:00 2001
|
||||
From 68d83f90cbca399aa4797b8d63eaa1fa35b1ad30 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 16:21:01 +0800
|
||||
Date: Thu, 5 Jan 2023 16:24:00 +0800
|
||||
Subject: [PATCH] runc: reduce max number of retries to 10
|
||||
|
||||
[Changelog]:when killing containers in D state, now runc will do
|
||||
100 retries, which leads that containerd blocks for 10 seconds.
|
||||
[Author]:Ruilin Li
|
||||
---
|
||||
runc-1.1.3/delete.go | 4 ++--
|
||||
delete.go | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/delete.go b/runc-1.1.3/delete.go
|
||||
diff --git a/delete.go b/delete.go
|
||||
index 746b0df..799c2a7 100644
|
||||
--- a/runc-1.1.3/delete.go
|
||||
+++ b/runc-1.1.3/delete.go
|
||||
--- a/delete.go
|
||||
+++ b/delete.go
|
||||
@@ -14,8 +14,8 @@ import (
|
||||
)
|
||||
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 199c22b2e5188acee4b38a373ab3e4cf978c7f94 Mon Sep 17 00:00:00 2001
|
||||
From 8a337b8a40bf15bc25770cc5a853e962a96435c0 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 16:26:48 +0800
|
||||
Date: Thu, 5 Jan 2023 16:24:53 +0800
|
||||
Subject: [PATCH] runc: print error message during start into container log
|
||||
|
||||
---
|
||||
runc-1.1.3/init.go | 2 ++
|
||||
init.go | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/init.go b/runc-1.1.3/init.go
|
||||
diff --git a/init.go b/init.go
|
||||
index bddc237..a0520b5 100644
|
||||
--- a/runc-1.1.3/init.go
|
||||
+++ b/runc-1.1.3/init.go
|
||||
--- a/init.go
|
||||
+++ b/init.go
|
||||
@@ -1,6 +1,7 @@
|
||||
package main
|
||||
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 13e4ce1748fbf311c01238e03f9314b2c2b4777e Mon Sep 17 00:00:00 2001
|
||||
From 4e44d5c41ff9d97fdae4e0951ef1d461e07e84ad Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 16:33:33 +0800
|
||||
Date: Thu, 5 Jan 2023 16:25:57 +0800
|
||||
Subject: [PATCH] runc: ignore exec.fifo removing not exist error
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/container_linux.go | 5 ++++-
|
||||
libcontainer/container_linux.go | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/container_linux.go b/runc-1.1.3/libcontainer/container_linux.go
|
||||
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
|
||||
index 9df830d..6b68a0e 100644
|
||||
--- a/runc-1.1.3/libcontainer/container_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/container_linux.go
|
||||
--- a/libcontainer/container_linux.go
|
||||
+++ b/libcontainer/container_linux.go
|
||||
@@ -325,7 +325,10 @@ func handleFifoResult(result openResult) error {
|
||||
if err := readFromExecFifo(f); err != nil {
|
||||
return err
|
||||
|
||||
@ -1,25 +1,25 @@
|
||||
From ebee018ddc5b1d1d9d5484fb2db40123599eb4e8 Mon Sep 17 00:00:00 2001
|
||||
From 75bed4f00f31595800cb30d176656b381bfa646b Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 17 Oct 2022 17:54:20 +0800
|
||||
Date: Thu, 5 Jan 2023 16:27:05 +0800
|
||||
Subject: [PATCH] runc:Add file fds limit
|
||||
|
||||
---
|
||||
runc-1.1.3/events.go | 3 +
|
||||
runc-1.1.3/libcontainer/cgroups/fs/files.go | 79 +++++++++++++++++++
|
||||
runc-1.1.3/libcontainer/cgroups/fs/fs.go | 1 +
|
||||
runc-1.1.3/libcontainer/cgroups/stats.go | 8 ++
|
||||
runc-1.1.3/libcontainer/cgroups/systemd/v1.go | 1 +
|
||||
.../libcontainer/configs/cgroup_linux.go | 3 +
|
||||
.../libcontainer/specconv/spec_linux.go | 4 +
|
||||
runc-1.1.3/types/events.go | 6 ++
|
||||
events.go | 3 +
|
||||
libcontainer/cgroups/fs/files.go | 79 +++++++++++++++++++
|
||||
libcontainer/cgroups/fs/fs.go | 1 +
|
||||
libcontainer/cgroups/stats.go | 8 ++
|
||||
libcontainer/cgroups/systemd/v1.go | 1 +
|
||||
libcontainer/configs/cgroup_linux.go | 3 +
|
||||
libcontainer/specconv/spec_linux.go | 4 +
|
||||
types/events.go | 6 ++
|
||||
.../runtime-spec/specs-go/config.go | 8 ++
|
||||
9 files changed, 113 insertions(+)
|
||||
create mode 100644 runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
create mode 100644 libcontainer/cgroups/fs/files.go
|
||||
|
||||
diff --git a/runc-1.1.3/events.go b/runc-1.1.3/events.go
|
||||
diff --git a/events.go b/events.go
|
||||
index 6cdc01c..94712e3 100644
|
||||
--- a/runc-1.1.3/events.go
|
||||
+++ b/runc-1.1.3/events.go
|
||||
--- a/events.go
|
||||
+++ b/events.go
|
||||
@@ -120,6 +120,9 @@ func convertLibcontainerStats(ls *libcontainer.Stats) *types.Stats {
|
||||
s.Pids.Current = cg.PidsStats.Current
|
||||
s.Pids.Limit = cg.PidsStats.Limit
|
||||
@ -30,11 +30,11 @@ index 6cdc01c..94712e3 100644
|
||||
s.CPU.Usage.Kernel = cg.CpuStats.CpuUsage.UsageInKernelmode
|
||||
s.CPU.Usage.User = cg.CpuStats.CpuUsage.UsageInUsermode
|
||||
s.CPU.Usage.Total = cg.CpuStats.CpuUsage.TotalUsage
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/files.go b/runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
diff --git a/libcontainer/cgroups/fs/files.go b/libcontainer/cgroups/fs/files.go
|
||||
new file mode 100644
|
||||
index 0000000..3315cda
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
+++ b/libcontainer/cgroups/fs/files.go
|
||||
@@ -0,0 +1,79 @@
|
||||
+/*
|
||||
+Copyright (c) Huawei Technologies Co., Ltd. 2017-2019. All rights reserved.
|
||||
@ -115,10 +115,10 @@ index 0000000..3315cda
|
||||
+ stats.FilesStats.Limit = max
|
||||
+ return nil
|
||||
+}
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/fs.go b/runc-1.1.3/libcontainer/cgroups/fs/fs.go
|
||||
diff --git a/libcontainer/cgroups/fs/fs.go b/libcontainer/cgroups/fs/fs.go
|
||||
index fb4fcc7..59b6dff 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/fs.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/fs.go
|
||||
--- a/libcontainer/cgroups/fs/fs.go
|
||||
+++ b/libcontainer/cgroups/fs/fs.go
|
||||
@@ -20,6 +20,7 @@ var subsystems = []subsystem{
|
||||
&CpuGroup{},
|
||||
&CpuacctGroup{},
|
||||
@ -127,10 +127,10 @@ index fb4fcc7..59b6dff 100644
|
||||
&BlkioGroup{},
|
||||
&HugetlbGroup{},
|
||||
&NetClsGroup{},
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/stats.go b/runc-1.1.3/libcontainer/cgroups/stats.go
|
||||
diff --git a/libcontainer/cgroups/stats.go b/libcontainer/cgroups/stats.go
|
||||
index 40a81dd..8f1d4ce 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/stats.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/stats.go
|
||||
--- a/libcontainer/cgroups/stats.go
|
||||
+++ b/libcontainer/cgroups/stats.go
|
||||
@@ -116,6 +116,13 @@ type PidsStats struct {
|
||||
Limit uint64 `json:"limit,omitempty"`
|
||||
}
|
||||
@ -153,10 +153,10 @@ index 40a81dd..8f1d4ce 100644
|
||||
BlkioStats BlkioStats `json:"blkio_stats,omitempty"`
|
||||
// the map is in the format "size of hugepage: stats of the hugepage"
|
||||
HugetlbStats map[string]HugetlbStats `json:"hugetlb_stats,omitempty"`
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/systemd/v1.go b/runc-1.1.3/libcontainer/cgroups/systemd/v1.go
|
||||
diff --git a/libcontainer/cgroups/systemd/v1.go b/libcontainer/cgroups/systemd/v1.go
|
||||
index a74a05a..19d1099 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/systemd/v1.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/systemd/v1.go
|
||||
--- a/libcontainer/cgroups/systemd/v1.go
|
||||
+++ b/libcontainer/cgroups/systemd/v1.go
|
||||
@@ -63,6 +63,7 @@ var legacySubsystems = []subsystem{
|
||||
&fs.CpuGroup{},
|
||||
&fs.CpuacctGroup{},
|
||||
@ -165,10 +165,10 @@ index a74a05a..19d1099 100644
|
||||
&fs.BlkioGroup{},
|
||||
&fs.HugetlbGroup{},
|
||||
&fs.PerfEventGroup{},
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/cgroup_linux.go b/runc-1.1.3/libcontainer/configs/cgroup_linux.go
|
||||
diff --git a/libcontainer/configs/cgroup_linux.go b/libcontainer/configs/cgroup_linux.go
|
||||
index 2d4a898..8cbc154 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/cgroup_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/cgroup_linux.go
|
||||
--- a/libcontainer/configs/cgroup_linux.go
|
||||
+++ b/libcontainer/configs/cgroup_linux.go
|
||||
@@ -87,6 +87,9 @@ type Resources struct {
|
||||
// Process limit; set <= `0' to disable limit.
|
||||
PidsLimit int64 `json:"pids_limit"`
|
||||
@ -179,10 +179,10 @@ index 2d4a898..8cbc154 100644
|
||||
// Specifies per cgroup weight, range is from 10 to 1000.
|
||||
BlkioWeight uint16 `json:"blkio_weight"`
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/specconv/spec_linux.go b/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
|
||||
index c7ca4c8..19dd947 100644
|
||||
--- a/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
--- a/libcontainer/specconv/spec_linux.go
|
||||
+++ b/libcontainer/specconv/spec_linux.go
|
||||
@@ -747,6 +747,10 @@ func CreateCgroupConfig(opts *CreateOpts, defaultDevs []*devices.Device) (*confi
|
||||
if r.Pids != nil {
|
||||
c.Resources.PidsLimit = r.Pids.Limit
|
||||
@ -194,10 +194,10 @@ index c7ca4c8..19dd947 100644
|
||||
if r.BlockIO != nil {
|
||||
if r.BlockIO.Weight != nil {
|
||||
c.Resources.BlkioWeight = *r.BlockIO.Weight
|
||||
diff --git a/runc-1.1.3/types/events.go b/runc-1.1.3/types/events.go
|
||||
diff --git a/types/events.go b/types/events.go
|
||||
index 81bde82..1fdff8f 100644
|
||||
--- a/runc-1.1.3/types/events.go
|
||||
+++ b/runc-1.1.3/types/events.go
|
||||
--- a/types/events.go
|
||||
+++ b/types/events.go
|
||||
@@ -15,6 +15,7 @@ type Stats struct {
|
||||
CPUSet CPUSet `json:"cpuset"`
|
||||
Memory Memory `json:"memory"`
|
||||
@ -218,10 +218,10 @@ index 81bde82..1fdff8f 100644
|
||||
type Throttling struct {
|
||||
Periods uint64 `json:"periods,omitempty"`
|
||||
ThrottledPeriods uint64 `json:"throttledPeriods,omitempty"`
|
||||
diff --git a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
index 6a7a91e..e8143b2 100644
|
||||
--- a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
+++ b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
--- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
+++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
@@ -336,6 +336,12 @@ type LinuxPids struct {
|
||||
Limit int64 `json:"limit"`
|
||||
}
|
||||
|
||||
@ -1,23 +1,14 @@
|
||||
From 658fb594136222061ad4653cbb540eeade7e5ddc Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Tue, 18 Oct 2022 16:33:41 +0800
|
||||
From 3cea048a118096974936bf35c793075eabe830df Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:28:12 +0800
|
||||
Subject: [PATCH] runc: runc logs forwarding to syslog
|
||||
|
||||
reason:runc logs forwarding to syslog and using the config "--log-level" to control the number of logs
|
||||
|
||||
Change-Id: Ia93f6f5c56131ea8558c4b7b7e5c4bec827a1bad
|
||||
|
||||
Conflicts:
|
||||
libcontainer/container_linux.go
|
||||
libcontainer/process_linux.go
|
||||
libcontainer/state_linux.go
|
||||
|
||||
---
|
||||
runc-1.1.3/create.go | 2 +-
|
||||
runc-1.1.3/libcontainer/configs/config.go | 70 +++++++++---
|
||||
runc-1.1.3/libcontainer/container_linux.go | 2 +-
|
||||
runc-1.1.3/main.go | 20 ++++
|
||||
.../github.com/sirupsen/logrus/Checklist | 1 +
|
||||
create.go | 2 +-
|
||||
libcontainer/configs/config.go | 70 +++++++++---
|
||||
libcontainer/container_linux.go | 2 +-
|
||||
main.go | 20 ++++
|
||||
vendor/github.com/sirupsen/logrus/Checklist | 1 +
|
||||
.../logrus/hooks/airbrake/airbrake.go | 54 ++++++++++
|
||||
.../sirupsen/logrus/hooks/bugsnag/bugsnag.go | 68 ++++++++++++
|
||||
.../logrus/hooks/papertrail/README.md | 28 +++++
|
||||
@ -27,20 +18,20 @@ Conflicts:
|
||||
.../sirupsen/logrus/hooks/syslog/README.md | 20 ++++
|
||||
.../sirupsen/logrus/hooks/syslog/syslog.go | 59 +++++++++++
|
||||
13 files changed, 523 insertions(+), 17 deletions(-)
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/Checklist
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
create mode 100644 runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/Checklist
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
create mode 100644 vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
|
||||
diff --git a/runc-1.1.3/create.go b/runc-1.1.3/create.go
|
||||
diff --git a/create.go b/create.go
|
||||
index 97854b8..46ef1ef 100644
|
||||
--- a/runc-1.1.3/create.go
|
||||
+++ b/runc-1.1.3/create.go
|
||||
--- a/create.go
|
||||
+++ b/create.go
|
||||
@@ -2,9 +2,9 @@ package main
|
||||
|
||||
import (
|
||||
@ -52,10 +43,10 @@ index 97854b8..46ef1ef 100644
|
||||
)
|
||||
|
||||
var createCommand = cli.Command{
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
|
||||
diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
|
||||
index 72910ff..9076846 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/config.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/config.go
|
||||
--- a/libcontainer/configs/config.go
|
||||
+++ b/libcontainer/configs/config.go
|
||||
@@ -4,15 +4,22 @@ import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
@ -169,10 +160,10 @@ index 72910ff..9076846 100644
|
||||
+ }
|
||||
}
|
||||
}
|
||||
diff --git a/runc-1.1.3/libcontainer/container_linux.go b/runc-1.1.3/libcontainer/container_linux.go
|
||||
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
|
||||
index 6b68a0e..425e44d 100644
|
||||
--- a/runc-1.1.3/libcontainer/container_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/container_linux.go
|
||||
--- a/libcontainer/container_linux.go
|
||||
+++ b/libcontainer/container_linux.go
|
||||
@@ -368,7 +368,7 @@ func (c *linuxContainer) start(process *Process) (retErr error) {
|
||||
|
||||
if err := c.config.Hooks[configs.Poststart].RunHooks(s); err != nil {
|
||||
@ -182,10 +173,10 @@ index 6b68a0e..425e44d 100644
|
||||
}
|
||||
return err
|
||||
}
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index 4d66638..9e14976 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -100,6 +100,10 @@ func main() {
|
||||
Value: root,
|
||||
Usage: "root directory for storage of container state (this should be located in tmpfs)",
|
||||
@ -221,18 +212,18 @@ index 4d66638..9e14976 100644
|
||||
+ }
|
||||
return nil
|
||||
}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/Checklist b/runc-1.1.3/vendor/github.com/sirupsen/logrus/Checklist
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/Checklist b/vendor/github.com/sirupsen/logrus/Checklist
|
||||
new file mode 100644
|
||||
index 0000000..7117b24
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/Checklist
|
||||
+++ b/vendor/github.com/sirupsen/logrus/Checklist
|
||||
@@ -0,0 +1 @@
|
||||
+imported from runc v1.0.0-Release Candidate 2: Godeps/_workspace/src/github.com/Sirupsen/logrus/hooks
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go b/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
new file mode 100644
|
||||
index 0000000..b0502c3
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/airbrake/airbrake.go
|
||||
@@ -0,0 +1,54 @@
|
||||
+package airbrake
|
||||
+
|
||||
@ -288,11 +279,11 @@ index 0000000..b0502c3
|
||||
+ logrus.PanicLevel,
|
||||
+ }
|
||||
+}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go b/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
new file mode 100644
|
||||
index 0000000..d20a0f5
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/bugsnag/bugsnag.go
|
||||
@@ -0,0 +1,68 @@
|
||||
+package logrus_bugsnag
|
||||
+
|
||||
@ -362,11 +353,11 @@ index 0000000..d20a0f5
|
||||
+ logrus.PanicLevel,
|
||||
+ }
|
||||
+}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md b/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
new file mode 100644
|
||||
index 0000000..ae61e92
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/papertrail/README.md
|
||||
@@ -0,0 +1,28 @@
|
||||
+# Papertrail Hook for Logrus <img src="http://i.imgur.com/hTeVwmJ.png" width="40" height="40" alt=":walrus:" class="emoji" title=":walrus:" />
|
||||
+
|
||||
@ -396,11 +387,11 @@ index 0000000..ae61e92
|
||||
+ }
|
||||
+}
|
||||
+```
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go b/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
new file mode 100644
|
||||
index 0000000..c0f10c1
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/papertrail/papertrail.go
|
||||
@@ -0,0 +1,55 @@
|
||||
+package logrus_papertrail
|
||||
+
|
||||
@ -457,11 +448,11 @@ index 0000000..c0f10c1
|
||||
+ logrus.DebugLevel,
|
||||
+ }
|
||||
+}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md b/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
new file mode 100644
|
||||
index 0000000..19e58bb
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/sentry/README.md
|
||||
@@ -0,0 +1,61 @@
|
||||
+# Sentry Hook for Logrus <img src="http://i.imgur.com/hTeVwmJ.png" width="40" height="40" alt=":walrus:" class="emoji" title=":walrus:" />
|
||||
+
|
||||
@ -524,11 +515,11 @@ index 0000000..19e58bb
|
||||
+hook, _ := logrus_sentry.NewSentryHook(...)
|
||||
+hook.Timeout = 20*time.Second
|
||||
+```
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go b/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
new file mode 100644
|
||||
index 0000000..379f281
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/sentry/sentry.go
|
||||
@@ -0,0 +1,100 @@
|
||||
+package logrus_sentry
|
||||
+
|
||||
@ -630,11 +621,11 @@ index 0000000..379f281
|
||||
+func (hook *SentryHook) Levels() []logrus.Level {
|
||||
+ return hook.levels
|
||||
+}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md b/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
new file mode 100644
|
||||
index 0000000..4dbb8e7
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/syslog/README.md
|
||||
@@ -0,0 +1,20 @@
|
||||
+# Syslog Hooks for Logrus <img src="http://i.imgur.com/hTeVwmJ.png" width="40" height="40" alt=":walrus:" class="emoji" title=":walrus:"/>
|
||||
+
|
||||
@ -656,11 +647,11 @@ index 0000000..4dbb8e7
|
||||
+ }
|
||||
+}
|
||||
+```
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go b/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
new file mode 100644
|
||||
index 0000000..b6fa374
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
@@ -0,0 +1,59 @@
|
||||
+package logrus_syslog
|
||||
+
|
||||
|
||||
@ -1,18 +1,19 @@
|
||||
From eda4f5b5bcf9ca36a2ba3250b366ad1fb4bab28c Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Tue, 18 Oct 2022 17:18:47 +0800
|
||||
From 0e2bc1f9d2dffe3cf2c678d88855faffc122b1c5 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:29:06 +0800
|
||||
Subject: [PATCH] runc:support namespaced kernel params can be changed in
|
||||
system container
|
||||
|
||||
Signed-off-by: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
---
|
||||
runc-1.1.3/libcontainer/rootfs_linux.go | 26 +++++++++++++++++++
|
||||
.../libcontainer/standard_init_linux.go | 7 +++++
|
||||
libcontainer/rootfs_linux.go | 26 ++++++++++++++++++++++++++
|
||||
libcontainer/standard_init_linux.go | 7 +++++++
|
||||
2 files changed, 33 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/rootfs_linux.go b/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
|
||||
index 3cfd2bf..4dbe9f4 100644
|
||||
--- a/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
--- a/libcontainer/rootfs_linux.go
|
||||
+++ b/libcontainer/rootfs_linux.go
|
||||
@@ -417,6 +417,9 @@ func mountToRootfs(m *configs.Mount, c *mountConfig) error {
|
||||
} else if fi.Mode()&os.ModeDir == 0 {
|
||||
return fmt.Errorf("filesystem %q must be mounted on ordinary directory", m.Device)
|
||||
@ -53,10 +54,10 @@ index 3cfd2bf..4dbe9f4 100644
|
||||
// remountReadonly will remount an existing mount point and ensure that it is read-only.
|
||||
func remountReadonly(m *configs.Mount) error {
|
||||
var (
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index ab553ef..0dd51b2 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -141,6 +141,13 @@ func (l *linuxStandardInit) Init() error {
|
||||
return fmt.Errorf("can't make %q read-only: %w", path, err)
|
||||
}
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From b8495e4a88faa18a3851235b9b2431164826cc3f Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Fri, 21 Oct 2022 15:37:47 +0800
|
||||
From 845b54fcaa8cd843034479b2019eaa9ee5faaf75 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:30:36 +0800
|
||||
Subject: [PATCH] runc: modify minHookTimeOut
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/configs/config.go | 2 +-
|
||||
libcontainer/configs/config.go | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
|
||||
diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
|
||||
index 9076846..540bcdb 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/config.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/config.go
|
||||
--- a/libcontainer/configs/config.go
|
||||
+++ b/libcontainer/configs/config.go
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
)
|
||||
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
From 60b8eb8bd890a96c671f31cc9cda9e5cb9d487f1 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Fri, 21 Oct 2022 16:30:02 +0800
|
||||
From 8b5360bd401a33f5c637710fc5c545c8facb6b20 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:31:33 +0800
|
||||
Subject: [PATCH] runc:make hooks log more userful and fix syslog hook bug
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/configs/config.go | 17 ++++++++++++++---
|
||||
runc-1.1.3/main.go | 5 ++++-
|
||||
libcontainer/configs/config.go | 17 ++++++++++++++---
|
||||
main.go | 5 ++++-
|
||||
2 files changed, 18 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
|
||||
diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
|
||||
index 540bcdb..cda79bf 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/config.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/config.go
|
||||
--- a/libcontainer/configs/config.go
|
||||
+++ b/libcontainer/configs/config.go
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"github.com/opencontainers/runc/libcontainer/devices"
|
||||
"github.com/opencontainers/runtime-spec/specs-go"
|
||||
@ -66,10 +66,10 @@ index 540bcdb..cda79bf 100644
|
||||
func (c Command) Run(s *specs.State) error {
|
||||
b, err := json.Marshal(s)
|
||||
if err != nil {
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index 9e14976..0a6f3b4 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From c940ccbc26322c4dae9b3c7caa82d5e2eefcf7b1 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Fri, 21 Oct 2022 16:40:34 +0800
|
||||
From 5584140c9549c2c9c6a0b0c5afea0850d1e88926 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:32:43 +0800
|
||||
Subject: [PATCH] runc: fix runc log decode failed
|
||||
|
||||
---
|
||||
runc-1.1.3/main.go | 21 ++++++++++++++++++++-
|
||||
main.go | 21 ++++++++++++++++++++-
|
||||
1 file changed, 20 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index 0a6f3b4..6e9101a 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -1,6 +1,7 @@
|
||||
package main
|
||||
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 4d52919666e6cfc75c87908a2fe62c180684c4cd Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Fri, 21 Oct 2022 16:56:15 +0800
|
||||
From 6b4045a28504aaefdb8c1e9abe6b4ad7c445684a Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:33:42 +0800
|
||||
Subject: [PATCH] runc:do not setup sysctl in runc when userns enable
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/standard_init_linux.go | 10 ++++++----
|
||||
libcontainer/standard_init_linux.go | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index 0dd51b2..b202ba9 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -130,10 +130,12 @@ func (l *linuxStandardInit) Init() error {
|
||||
if err := apparmor.ApplyProfile(l.config.AppArmorProfile); err != nil {
|
||||
return fmt.Errorf("unable to apply apparmor profile: %w", err)
|
||||
|
||||
@ -1,19 +1,19 @@
|
||||
From cbb187aee3a309a38a973dee1c1f6d66c1256cf5 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Fri, 21 Oct 2022 17:09:33 +0800
|
||||
From e9cf09ef6800b7740b2c9a7fe7efcf6af91fbc9f Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:34:57 +0800
|
||||
Subject: [PATCH] runc: support set seccomp priority
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/configs/config.go | 1 +
|
||||
runc-1.1.3/libcontainer/seccomp/seccomp_linux.go | 2 +-
|
||||
runc-1.1.3/libcontainer/specconv/spec_linux.go | 1 +
|
||||
libcontainer/configs/config.go | 1 +
|
||||
libcontainer/seccomp/seccomp_linux.go | 2 +-
|
||||
libcontainer/specconv/spec_linux.go | 1 +
|
||||
.../github.com/opencontainers/runtime-spec/specs-go/config.go | 1 +
|
||||
4 files changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
|
||||
diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
|
||||
index cda79bf..f85ade3 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/config.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/config.go
|
||||
--- a/libcontainer/configs/config.go
|
||||
+++ b/libcontainer/configs/config.go
|
||||
@@ -88,6 +88,7 @@ type Syscall struct {
|
||||
Name string `json:"name"`
|
||||
Action Action `json:"action"`
|
||||
@ -22,10 +22,10 @@ index cda79bf..f85ade3 100644
|
||||
Args []*Arg `json:"args"`
|
||||
}
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
diff --git a/libcontainer/seccomp/seccomp_linux.go b/libcontainer/seccomp/seccomp_linux.go
|
||||
index 8c12af7..e4b5750 100644
|
||||
--- a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
--- a/libcontainer/seccomp/seccomp_linux.go
|
||||
+++ b/libcontainer/seccomp/seccomp_linux.go
|
||||
@@ -256,7 +256,7 @@ func matchCall(filter *libseccomp.ScmpFilter, call *configs.Syscall, defAct libs
|
||||
}
|
||||
}
|
||||
@ -35,10 +35,10 @@ index 8c12af7..e4b5750 100644
|
||||
}
|
||||
|
||||
// Version returns major, minor, and micro.
|
||||
diff --git a/runc-1.1.3/libcontainer/specconv/spec_linux.go b/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
|
||||
index 19dd947..02a7439 100644
|
||||
--- a/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/specconv/spec_linux.go
|
||||
--- a/libcontainer/specconv/spec_linux.go
|
||||
+++ b/libcontainer/specconv/spec_linux.go
|
||||
@@ -1061,6 +1061,7 @@ func SetupSeccomp(config *specs.LinuxSeccomp) (*configs.Seccomp, error) {
|
||||
Name: name,
|
||||
Action: newAction,
|
||||
@ -47,10 +47,10 @@ index 19dd947..02a7439 100644
|
||||
Args: []*configs.Arg{},
|
||||
}
|
||||
// Loop through all the arguments of the syscall and convert them
|
||||
diff --git a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
index e8143b2..135f74a 100644
|
||||
--- a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
+++ b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
--- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
+++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
@@ -688,6 +688,7 @@ type LinuxSyscall struct {
|
||||
Names []string `json:"names"`
|
||||
Action LinuxSeccompAction `json:"action"`
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From ac414a8ac967e0fbbf27ea6364f0b134fe9ce9e2 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 11:34:15 +0800
|
||||
From 7140cab44cd368e987089b66948cfc7f8a414b83 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:35:55 +0800
|
||||
Subject: [PATCH] runc:do not kill container if poststart hooks execute failed
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/container_linux.go | 5 +----
|
||||
libcontainer/container_linux.go | 5 +----
|
||||
1 file changed, 1 insertion(+), 4 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/container_linux.go b/runc-1.1.3/libcontainer/container_linux.go
|
||||
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
|
||||
index 425e44d..10890c1 100644
|
||||
--- a/runc-1.1.3/libcontainer/container_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/container_linux.go
|
||||
--- a/libcontainer/container_linux.go
|
||||
+++ b/libcontainer/container_linux.go
|
||||
@@ -367,10 +367,7 @@ func (c *linuxContainer) start(process *Process) (retErr error) {
|
||||
}
|
||||
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
From cb55699bd5f0de2bcf38b343194fd08779fb0317 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 15:18:35 +0800
|
||||
From 5159ecfcc9180dd47e843818844c59cb9284d662 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:36:48 +0800
|
||||
Subject: [PATCH] runc: print memory info when syscall.Exec failed
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/container_linux.go | 1 +
|
||||
.../libcontainer/standard_init_linux.go | 33 ++++++++++++++++++-
|
||||
libcontainer/container_linux.go | 1 +
|
||||
libcontainer/standard_init_linux.go | 33 ++++++++++++++++++++++++++++-
|
||||
2 files changed, 33 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/container_linux.go b/runc-1.1.3/libcontainer/container_linux.go
|
||||
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
|
||||
index 10890c1..5ef5a9a 100644
|
||||
--- a/runc-1.1.3/libcontainer/container_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/container_linux.go
|
||||
--- a/libcontainer/container_linux.go
|
||||
+++ b/libcontainer/container_linux.go
|
||||
@@ -355,6 +355,7 @@ func (c *linuxContainer) start(process *Process) (retErr error) {
|
||||
}
|
||||
|
||||
@ -20,10 +20,10 @@ index 10890c1..5ef5a9a 100644
|
||||
return fmt.Errorf("unable to start container process: %w", err)
|
||||
}
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index b202ba9..8a60501 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -3,8 +3,10 @@ package libcontainer
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 76914fe3613afd7b7adb5a43e3dd7ba1ef33e654 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 15:21:45 +0800
|
||||
From af158d403f0395ee93636a6a77b4d37adbef6ee1 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:37:39 +0800
|
||||
Subject: [PATCH] runc:add sysctl kernel.pid_max to whitelist
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/configs/validate/validator.go | 1 +
|
||||
libcontainer/configs/validate/validator.go | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/configs/validate/validator.go b/runc-1.1.3/libcontainer/configs/validate/validator.go
|
||||
diff --git a/libcontainer/configs/validate/validator.go b/libcontainer/configs/validate/validator.go
|
||||
index 627621a..3647aa2 100644
|
||||
--- a/runc-1.1.3/libcontainer/configs/validate/validator.go
|
||||
+++ b/runc-1.1.3/libcontainer/configs/validate/validator.go
|
||||
--- a/libcontainer/configs/validate/validator.go
|
||||
+++ b/libcontainer/configs/validate/validator.go
|
||||
@@ -171,6 +171,7 @@ func (v *ConfigValidator) sysctl(config *configs.Config) error {
|
||||
"kernel.shmmax": true,
|
||||
"kernel.shmmni": true,
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 486d2a4b0756b0fe266f8ff79e5ecdb7ae5d680c Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 15:29:29 +0800
|
||||
From c8bf02dafed3537cd295c0898804809744f02f1e Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:38:29 +0800
|
||||
Subject: [PATCH] runc:disable core dump during exec
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/process_linux.go | 2 ++
|
||||
libcontainer/process_linux.go | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/process_linux.go b/runc-1.1.3/libcontainer/process_linux.go
|
||||
diff --git a/libcontainer/process_linux.go b/libcontainer/process_linux.go
|
||||
index 29408d7..75d05b7 100644
|
||||
--- a/runc-1.1.3/libcontainer/process_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/process_linux.go
|
||||
--- a/libcontainer/process_linux.go
|
||||
+++ b/libcontainer/process_linux.go
|
||||
@@ -79,6 +79,8 @@ func (p *setnsProcess) signal(sig os.Signal) error {
|
||||
}
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From ca9d0d09ae435785482f21d2c49b4131a74c4382 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 15:35:51 +0800
|
||||
From 62ccdfd5cd6572c8c2c5965b9ca85fc78f43bfb6 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:41:29 +0800
|
||||
Subject: [PATCH] runc:fix exec problem caused by libseccomp updating
|
||||
|
||||
reason: libseccomp updating causes runc exec performance
|
||||
@ -18,15 +18,14 @@ takes about 1s
|
||||
|
||||
Change-Id: I751ac8354394bd15a420ad8410b12ef3f75622a1
|
||||
Signed-off-by: xiadanni <xiadanni1@huawei.com>
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/seccomp/seccomp_linux.go | 3 +++
|
||||
libcontainer/seccomp/seccomp_linux.go | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
diff --git a/libcontainer/seccomp/seccomp_linux.go b/libcontainer/seccomp/seccomp_linux.go
|
||||
index e4b5750..a925be1 100644
|
||||
--- a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
|
||||
--- a/libcontainer/seccomp/seccomp_linux.go
|
||||
+++ b/libcontainer/seccomp/seccomp_linux.go
|
||||
@@ -6,6 +6,7 @@ package seccomp
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
From fe0237c3d86a278561d14ead9254b8e68699f1eb Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 17:01:39 +0800
|
||||
From 71c298bc54c68714bde5f4aad293f2fa603ede3e Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:43:03 +0800
|
||||
Subject: [PATCH] runc:add log message for cgroup file check
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/cgroups/file.go | 7 ++++-
|
||||
runc-1.1.3/libcontainer/cgroups/fs/cpuset.go | 31 +++++++++++++++-----
|
||||
libcontainer/cgroups/file.go | 7 ++++++-
|
||||
libcontainer/cgroups/fs/cpuset.go | 31 +++++++++++++++++++++++--------
|
||||
2 files changed, 29 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/file.go b/runc-1.1.3/libcontainer/cgroups/file.go
|
||||
diff --git a/libcontainer/cgroups/file.go b/libcontainer/cgroups/file.go
|
||||
index 0cdaf74..bc7f0a3 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/file.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/file.go
|
||||
--- a/libcontainer/cgroups/file.go
|
||||
+++ b/libcontainer/cgroups/file.go
|
||||
@@ -51,7 +51,12 @@ func WriteFile(dir, file, data string) error {
|
||||
defer fd.Close()
|
||||
if err := retryingWriteFile(fd, data); err != nil {
|
||||
@ -26,10 +26,10 @@ index 0cdaf74..bc7f0a3 100644
|
||||
}
|
||||
return nil
|
||||
}
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
diff --git a/libcontainer/cgroups/fs/cpuset.go b/libcontainer/cgroups/fs/cpuset.go
|
||||
index 341d5dc..ef1f633 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
--- a/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/libcontainer/cgroups/fs/cpuset.go
|
||||
@@ -25,14 +25,23 @@ func (s *CpusetGroup) Apply(path string, r *configs.Resources, pid int) error {
|
||||
}
|
||||
|
||||
|
||||
@ -1,18 +1,18 @@
|
||||
From 6d50719513bcd5994526232facf4f289b9e0e75a Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Oct 2022 20:44:25 +0800
|
||||
Subject: [PATCH] runc:unified use of logpipe
|
||||
From c40ef2e5c3415c807172271936a06dfbf89747ee Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:43:54 +0800
|
||||
Subject: [PATCH] runc:add log message for cgroup file check
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/container_linux.go | 1 -
|
||||
.../libcontainer/standard_init_linux.go | 30 +------------------
|
||||
runc-1.1.3/main.go | 25 ----------------
|
||||
libcontainer/container_linux.go | 1 -
|
||||
libcontainer/standard_init_linux.go | 30 +----------------------------
|
||||
main.go | 25 ------------------------
|
||||
3 files changed, 1 insertion(+), 55 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/container_linux.go b/runc-1.1.3/libcontainer/container_linux.go
|
||||
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
|
||||
index 5ef5a9a..10890c1 100644
|
||||
--- a/runc-1.1.3/libcontainer/container_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/container_linux.go
|
||||
--- a/libcontainer/container_linux.go
|
||||
+++ b/libcontainer/container_linux.go
|
||||
@@ -355,7 +355,6 @@ func (c *linuxContainer) start(process *Process) (retErr error) {
|
||||
}
|
||||
|
||||
@ -21,10 +21,10 @@ index 5ef5a9a..10890c1 100644
|
||||
return fmt.Errorf("unable to start container process: %w", err)
|
||||
}
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index 8a60501..99e7003 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -276,34 +276,6 @@ func (l *linuxStandardInit) Init() error {
|
||||
return err
|
||||
}
|
||||
@ -61,10 +61,10 @@ index 8a60501..99e7003 100644
|
||||
+ return system.Exec(name, l.config.Args[0:], os.Environ())
|
||||
}
|
||||
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index 6e9101a..e624347 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -1,7 +1,6 @@
|
||||
package main
|
||||
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From 2c786d0cb9f93c52c8929822cdfd0f795bcf64be Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Tue, 25 Oct 2022 10:58:03 +0800
|
||||
From b22fdd593f463caea0c96c66b1fed442bccfeb8f Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:48:21 +0800
|
||||
Subject: [PATCH] runc:support set cpuset.prefer_cpus using --cpuset-cpus
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/cgroups/fs/cpuset.go | 118 ++++++++++++++++++-
|
||||
libcontainer/cgroups/fs/cpuset.go | 118 +++++++++++++++++++++++++++++-
|
||||
1 file changed, 114 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
diff --git a/libcontainer/cgroups/fs/cpuset.go b/libcontainer/cgroups/fs/cpuset.go
|
||||
index ef1f633..989f4ec 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
--- a/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/libcontainer/cgroups/fs/cpuset.go
|
||||
@@ -24,16 +24,126 @@ func (s *CpusetGroup) Apply(path string, r *configs.Resources, pid int) error {
|
||||
return s.ApplyDir(path, r, pid)
|
||||
}
|
||||
|
||||
@ -1,18 +1,18 @@
|
||||
From 905cb9a78f13d321860ee921990d60447c148605 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Tue, 25 Oct 2022 11:18:42 +0800
|
||||
From 43dfa46b403166f4195803b7522bbc94a97d8e7c Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:49:18 +0800
|
||||
Subject: [PATCH] runc:add DT for cpuset.preferred_cpus setting
|
||||
|
||||
---
|
||||
.../libcontainer/cgroups/fs/cpuset_test.go | 217 ++++++++++++++++++
|
||||
.../tests/test_docker_cpuset_preferred.sh | 41 ++++
|
||||
libcontainer/cgroups/fs/cpuset_test.go | 217 +++++++++++++++++++++++++
|
||||
tests/test_docker_cpuset_preferred.sh | 41 +++++
|
||||
2 files changed, 258 insertions(+)
|
||||
create mode 100755 runc-1.1.3/tests/test_docker_cpuset_preferred.sh
|
||||
create mode 100755 tests/test_docker_cpuset_preferred.sh
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/cpuset_test.go b/runc-1.1.3/libcontainer/cgroups/fs/cpuset_test.go
|
||||
diff --git a/libcontainer/cgroups/fs/cpuset_test.go b/libcontainer/cgroups/fs/cpuset_test.go
|
||||
index 8933b3c..0c72c7d 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/cpuset_test.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/cpuset_test.go
|
||||
--- a/libcontainer/cgroups/fs/cpuset_test.go
|
||||
+++ b/libcontainer/cgroups/fs/cpuset_test.go
|
||||
@@ -1,6 +1,9 @@
|
||||
package fs
|
||||
|
||||
@ -244,11 +244,11 @@ index 8933b3c..0c72c7d 100644
|
||||
func TestCPUSetSetMems(t *testing.T) {
|
||||
path := tempDir(t, "cpuset")
|
||||
|
||||
diff --git a/runc-1.1.3/tests/test_docker_cpuset_preferred.sh b/runc-1.1.3/tests/test_docker_cpuset_preferred.sh
|
||||
diff --git a/tests/test_docker_cpuset_preferred.sh b/tests/test_docker_cpuset_preferred.sh
|
||||
new file mode 100755
|
||||
index 0000000..c80db24
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/tests/test_docker_cpuset_preferred.sh
|
||||
+++ b/tests/test_docker_cpuset_preferred.sh
|
||||
@@ -0,0 +1,41 @@
|
||||
+#!/bin/bash
|
||||
+
|
||||
|
||||
@ -1,16 +1,16 @@
|
||||
From c102651a124775ec8c92b774086c46f76407e9d8 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Oct 2022 15:34:29 +0800
|
||||
From 6ee9f98fdd90901a2f93b7b58244e543c4623dbe Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:50:18 +0800
|
||||
Subject: [PATCH] runc:modify runc Makefile
|
||||
|
||||
---
|
||||
runc-1.1.3/Makefile | 28 ++++++++++++++++++++++------
|
||||
Makefile | 28 ++++++++++++++++++++++------
|
||||
1 file changed, 22 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/Makefile b/runc-1.1.3/Makefile
|
||||
diff --git a/Makefile b/Makefile
|
||||
index cf82c0c..34b5347 100644
|
||||
--- a/runc-1.1.3/Makefile
|
||||
+++ b/runc-1.1.3/Makefile
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -10,9 +10,12 @@ GIT_BRANCH_CLEAN := $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g")
|
||||
RUNC_IMAGE := runc_dev$(if $(GIT_BRANCH_CLEAN),:$(GIT_BRANCH_CLEAN))
|
||||
PROJECT := github.com/opencontainers/runc
|
||||
|
||||
@ -1,22 +1,22 @@
|
||||
From acf803b2e77f2d6f9a9868c5ca25e27ada413f30 Mon Sep 17 00:00:00 2001
|
||||
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 27 Oct 2022 10:05:29 +0800
|
||||
From 6ae765b2529fbfde33c3562834308add80bd34e2 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Thu, 5 Jan 2023 16:51:24 +0800
|
||||
Subject: [PATCH] runc:cgroup apply method modify
|
||||
|
||||
---
|
||||
runc-1.1.3/libcontainer/cgroups/fs/cpuset.go | 15 ++-
|
||||
runc-1.1.3/libcontainer/cgroups/fs/files.go | 23 ++---
|
||||
runc-1.1.3/libcontainer/cgroups/fs/utils.go | 97 +++++++++++++++++++
|
||||
runc-1.1.3/libcontainer/rootfs_linux.go | 1 +
|
||||
.../libcontainer/standard_init_linux.go | 4 +-
|
||||
runc-1.1.3/main.go | 1 -
|
||||
libcontainer/cgroups/fs/cpuset.go | 15 ++++-
|
||||
libcontainer/cgroups/fs/files.go | 23 +++----
|
||||
libcontainer/cgroups/fs/utils.go | 97 +++++++++++++++++++++++++++++
|
||||
libcontainer/rootfs_linux.go | 1 +
|
||||
libcontainer/standard_init_linux.go | 4 +-
|
||||
main.go | 1 -
|
||||
6 files changed, 119 insertions(+), 22 deletions(-)
|
||||
create mode 100644 runc-1.1.3/libcontainer/cgroups/fs/utils.go
|
||||
create mode 100644 libcontainer/cgroups/fs/utils.go
|
||||
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
diff --git a/libcontainer/cgroups/fs/cpuset.go b/libcontainer/cgroups/fs/cpuset.go
|
||||
index 989f4ec..379407e 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/cpuset.go
|
||||
--- a/libcontainer/cgroups/fs/cpuset.go
|
||||
+++ b/libcontainer/cgroups/fs/cpuset.go
|
||||
@@ -1,7 +1,9 @@
|
||||
package fs
|
||||
|
||||
@ -67,10 +67,10 @@ index 989f4ec..379407e 100644
|
||||
ret := fmt.Errorf("failed copy parent cgroup setting, %v", err)
|
||||
if _, err := os.Stat(parent); err != nil {
|
||||
ret = fmt.Errorf("%v, %v", ret, err)
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/files.go b/runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
diff --git a/libcontainer/cgroups/fs/files.go b/libcontainer/cgroups/fs/files.go
|
||||
index 3315cda..b02743c 100644
|
||||
--- a/runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/files.go
|
||||
--- a/libcontainer/cgroups/fs/files.go
|
||||
+++ b/libcontainer/cgroups/fs/files.go
|
||||
@@ -18,27 +18,22 @@ import (
|
||||
"path/filepath"
|
||||
)
|
||||
@ -117,11 +117,11 @@ index 3315cda..b02743c 100644
|
||||
func (s *FilesGroup) GetStats(path string, stats *cgroups.Stats) error {
|
||||
usage, err := getCgroupParamUint(path, "files.usage")
|
||||
if err != nil {
|
||||
diff --git a/runc-1.1.3/libcontainer/cgroups/fs/utils.go b/runc-1.1.3/libcontainer/cgroups/fs/utils.go
|
||||
diff --git a/libcontainer/cgroups/fs/utils.go b/libcontainer/cgroups/fs/utils.go
|
||||
new file mode 100644
|
||||
index 0000000..38820a8
|
||||
--- /dev/null
|
||||
+++ b/runc-1.1.3/libcontainer/cgroups/fs/utils.go
|
||||
+++ b/libcontainer/cgroups/fs/utils.go
|
||||
@@ -0,0 +1,97 @@
|
||||
+// +build linux
|
||||
+
|
||||
@ -220,10 +220,10 @@ index 0000000..38820a8
|
||||
+ return nil
|
||||
+}
|
||||
+
|
||||
diff --git a/runc-1.1.3/libcontainer/rootfs_linux.go b/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
|
||||
index 4dbe9f4..0bf1729 100644
|
||||
--- a/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/rootfs_linux.go
|
||||
--- a/libcontainer/rootfs_linux.go
|
||||
+++ b/libcontainer/rootfs_linux.go
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
@ -232,10 +232,10 @@ index 4dbe9f4..0bf1729 100644
|
||||
"time"
|
||||
|
||||
securejoin "github.com/cyphar/filepath-securejoin"
|
||||
diff --git a/runc-1.1.3/libcontainer/standard_init_linux.go b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
|
||||
index 99e7003..c288c88 100644
|
||||
--- a/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
+++ b/runc-1.1.3/libcontainer/standard_init_linux.go
|
||||
--- a/libcontainer/standard_init_linux.go
|
||||
+++ b/libcontainer/standard_init_linux.go
|
||||
@@ -3,11 +3,11 @@ package libcontainer
|
||||
import (
|
||||
"errors"
|
||||
@ -250,10 +250,10 @@ index 99e7003..c288c88 100644
|
||||
"time"
|
||||
|
||||
"github.com/opencontainers/runtime-spec/specs-go"
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index e624347..e52a2ea 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -4,7 +4,6 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
@ -1,17 +1,17 @@
|
||||
From 0ee4b516f4e39ccef4b893a678b01095acbe6ad0 Mon Sep 17 00:00:00 2001
|
||||
From 0013fb97dd10a75ae6f455d8c839315f13a39969 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 7 Nov 2022 18:56:11 +0800
|
||||
Date: Thu, 5 Jan 2023 16:52:16 +0800
|
||||
Subject: [PATCH] runc:runc log forward to syslog
|
||||
|
||||
---
|
||||
runc-1.1.3/main.go | 27 ++++++++++++++++++-
|
||||
main.go | 27 ++++++++++++++++++-
|
||||
.../sirupsen/logrus/hooks/syslog/syslog.go | 2 +-
|
||||
2 files changed, 27 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/runc-1.1.3/main.go b/runc-1.1.3/main.go
|
||||
diff --git a/main.go b/main.go
|
||||
index e52a2ea..381681e 100644
|
||||
--- a/runc-1.1.3/main.go
|
||||
+++ b/runc-1.1.3/main.go
|
||||
--- a/main.go
|
||||
+++ b/main.go
|
||||
@@ -1,19 +1,23 @@
|
||||
package main
|
||||
|
||||
@ -70,10 +70,10 @@ index e52a2ea..381681e 100644
|
||||
+ fmt.Fprint(f, string(s))
|
||||
+ }
|
||||
+}
|
||||
diff --git a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
diff --git a/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go b/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
index b6fa374..430f646 100644
|
||||
--- a/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
+++ b/runc-1.1.3/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
--- a/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
+++ b/vendor/github.com/sirupsen/logrus/hooks/syslog/syslog.go
|
||||
@@ -2,7 +2,7 @@ package logrus_syslog
|
||||
|
||||
import (
|
||||
|
||||
@ -1,57 +0,0 @@
|
||||
From 9e76966232e71cfabc2553c6a0dee1f59ee9216c Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Sat, 17 Dec 2022 11:18:41 +0800
|
||||
Subject: [PATCH] runc:support specify umask
|
||||
|
||||
---
|
||||
libcontainer/rootfs_linux.go | 7 ++++++-
|
||||
libcontainer/setns_init_linux.go | 8 ++++++++
|
||||
2 files changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go
|
||||
index a1bd7e7..b005429 100644
|
||||
--- a/libcontainer/rootfs_linux.go
|
||||
+++ b/libcontainer/rootfs_linux.go
|
||||
@@ -140,7 +140,12 @@ func finalizeRootfs(config *configs.Config) (err error) {
|
||||
}
|
||||
}
|
||||
|
||||
- syscall.Umask(0022)
|
||||
+ umask := libcontainerUtils.SearchLabels(config.Labels, "native.umask")
|
||||
+ if umask == "normal" {
|
||||
+ syscall.Umask(0022)
|
||||
+ } else {
|
||||
+ syscall.Umask(0027)
|
||||
+ }
|
||||
return nil
|
||||
}
|
||||
|
||||
diff --git a/libcontainer/setns_init_linux.go b/libcontainer/setns_init_linux.go
|
||||
index e6dfbba..1f7ec98 100644
|
||||
--- a/libcontainer/setns_init_linux.go
|
||||
+++ b/libcontainer/setns_init_linux.go
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"github.com/opencontainers/runc/libcontainer/keys"
|
||||
"github.com/opencontainers/runc/libcontainer/seccomp"
|
||||
"github.com/opencontainers/runc/libcontainer/system"
|
||||
+ "github.com/opencontainers/runc/libcontainer/utils"
|
||||
"github.com/opencontainers/selinux/go-selinux/label"
|
||||
)
|
||||
|
||||
@@ -42,6 +43,13 @@ func (l *linuxSetnsInit) Init() error {
|
||||
return err
|
||||
}
|
||||
}
|
||||
+ // set exec process umask to 0027 or 0022 according to container's config
|
||||
+ umask := utils.SearchLabels(l.config.Config.Labels, "native.umask")
|
||||
+ if umask == "normal" {
|
||||
+ syscall.Umask(0022)
|
||||
+ } else {
|
||||
+ syscall.Umask(0027)
|
||||
+ }
|
||||
if l.config.NoNewPrivileges {
|
||||
if err := system.Prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); err != nil {
|
||||
return err
|
||||
--
|
||||
2.30.0
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
Name: docker-runc
|
||||
Version: 1.1.3
|
||||
Release: 7
|
||||
Release: 8
|
||||
Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
|
||||
|
||||
License: ASL 2.0
|
||||
@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
|
||||
%{_bindir}/runc
|
||||
|
||||
%changelog
|
||||
* Thu Jan 5 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.3-8
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
- SUG:NA
|
||||
- DESC:modify apply-patch path
|
||||
|
||||
* Sat Dec 17 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.3-7
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user