From 3d5669973ecc7798c10463ab760db8762c5ad558 Mon Sep 17 00:00:00 2001
From: zhongjiawei <zhongjiawei1@huawei.com>
Date: Thu, 26 Oct 2023 16:04:10 +0800
Subject: [PATCH] runc:fix the bug when runc syscall.Exec cmd not exist cause
 panic

---
 git-commit                                    |  2 +-
 ...-init-unify-init-fix-its-error-logic.patch | 20 ++++++++++++++++++-
 ...rt-runtime-us-and-rt-period-us-faile.patch |  2 +-
 runc.spec                                     |  8 +++++++-
 4 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/git-commit b/git-commit
index 201c2b3..e4a8031 100644
--- a/git-commit
+++ b/git-commit
@@ -1 +1 @@
-480f9b7358c97f6513661ba862ff25caa05206b8
+1256a9448b72c93429600f0e71b45a7c877e0d30
diff --git a/patch/0029-runc-libct-init-unify-init-fix-its-error-logic.patch b/patch/0029-runc-libct-init-unify-init-fix-its-error-logic.patch
index e0d1260..cd4d1a3 100644
--- a/patch/0029-runc-libct-init-unify-init-fix-its-error-logic.patch
+++ b/patch/0029-runc-libct-init-unify-init-fix-its-error-logic.patch
@@ -16,9 +16,27 @@ Generally, our goals are:
 
 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 ---
+ init.go                       | 6 ++----
  libcontainer/factory_linux.go | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
+ 2 files changed, 5 insertions(+), 6 deletions(-)
 
+diff --git a/init.go b/init.go
+index a0520b5..5951afe 100644
+--- a/init.go
++++ b/init.go
+@@ -36,10 +36,8 @@ func init() {
+ 		factory, _ := libcontainer.New("")
+ 		if err := factory.StartInitialization(); err != nil {
+ 			fmt.Fprintf(os.Stderr, "libcontainer: container start initialization failed: %s", err)
+-			// as the error is sent back to the parent there is no need to log
+-			// or write it to stderr because the parent process will handle this
+-			os.Exit(1)
+ 		}
+-		panic("libcontainer: container init failed to exec")
++		fmt.Fprint(os.Stderr, "libcontainer: container init failed to exec")
++		os.Exit(1)
+ 	}
+ }
 diff --git a/libcontainer/factory_linux.go b/libcontainer/factory_linux.go
 index a1fa7de..86a127c 100644
 --- a/libcontainer/factory_linux.go
diff --git a/patch/0031-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch b/patch/0031-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch
index 4d52b13..a3addce 100644
--- a/patch/0031-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch
+++ b/patch/0031-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch
@@ -18,7 +18,7 @@ index 6c79f899..0b58781d 100644
 -	if r.CpuRtPeriod != 0 {
 -		if err := cgroups.WriteFile(path, "cpu.rt_period_us", strconv.FormatUint(r.CpuRtPeriod, 10)); err != nil {
 -			return err
-+var err error
++	var err error
 +	if r.CpuRtRuntime != 0 {
 +		if err = cgroups.WriteFile(path, "cpu.rt_runtime_us", strconv.FormatInt(r.CpuRtRuntime, 10)); err != nil {
 +			if r.CpuRtPeriod != 0 {
diff --git a/runc.spec b/runc.spec
index 5ee5051..0e96dbf 100644
--- a/runc.spec
+++ b/runc.spec
@@ -3,7 +3,7 @@
 
 Name: docker-runc
 Version: 1.1.8
-Release: 7
+Release: 8
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
 
 License: ASL 2.0
@@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc
 
 %changelog
+* Thu Oct 26 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-8
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:fix the bug when runc syscall.Exec cmd not exist cause panic
+
 * Tue Oct 24 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-7
 - Type:bugfix
 - ID:NA