runc:modify and complement patch information

2023-09-06 15:26:39 +08:00 · 2023-09-06 15:26:39 +08:00 · d5a90ae6a3
commit d5a90ae6a3
parent 3b4936397d
23 changed files with 146 additions and 44 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-90276301321bbf6ef9a2ea85b06d3e2cf0ccb7bd
+d35711ce9c5492f1455036424a306c2a5b2d3735
--- a/patch/0001-runc-add-timeout-for-syscall.Exec.patch
+++ b/patch/0001-runc-add-timeout-for-syscall.Exec.patch
@ -1,8 +1,12 @@
 From 37103dc157e2946d688e8076b5b500ac11403863 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: yangshukui <yangshukui@huawei.com>
-Date: Mon, 24 Jul 2023 15:30:32 +0800
+Date: Tue, 18 Apr 2017 19:35:30 +0800
 Subject: [PATCH] runc:add timeout for syscall.Exec
 Openat will be blocked until the fifo on the other side is  opened, but in some
 abnomal scenario(e.g. containerd is killed), Openat maybe be blocked all the time.
 Signed-off-by: yangshukui <yangshukui@huawei.com>
 ---
 libcontainer/standard_init_linux.go | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)
--- a/patch/0002-runc-update-state-eariler-to-avoid-cgroup-leak-when-.patch
+++ b/patch/0002-runc-update-state-eariler-to-avoid-cgroup-leak-when-.patch
@ -1,6 +1,6 @@
 From 4af918d51e8cca1da7780b1fe7419f22077fb9fe Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: Deng Guangxing <dengguangxing@huawei.com>
-Date: Mon, 24 Jul 2023 15:55:56 +0800
+Date: Wed, 6 Sep 2017 15:04:47 +0800
 Subject: [PATCH] runc: update state eariler to avoid cgroup leak when process
 failed
--- a/patch/0003-runc-print-cgroup-info-if-cpuset-missing-occurs.patch
+++ b/patch/0003-runc-print-cgroup-info-if-cpuset-missing-occurs.patch
@ -1,8 +1,13 @@
 From 6cb95facf78e07863b671adf6f3073101babe896 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: dengguangxing <dengguangxing@huawei.com>
-Date: Mon, 24 Jul 2023 16:12:50 +0800
+Date: Thu, 18 Jan 2018 11:47:04 +0800
 Subject: [PATCH] runc: print cgroup info if cpuset missing occurs
 [Changelog]: print cgroup info if cpuset missing occurs
 [Author]:Shukui Yang
 Change-Id: I3f8af2b57b441f5f2b4d38cb89d6826a7f24e24b
 Signed-off-by: dengguangxing <dengguangxing@huawei.com>
 ---
 libcontainer/cgroups/fs/cpuset.go | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
--- a/patch/0004-runc-add-more-specific-log-for-hooks.patch
+++ b/patch/0004-runc-add-more-specific-log-for-hooks.patch
@ -1,8 +1,13 @@
 From 2795e097bcd1842e750abf3af22a5ee69a702400 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: dengguangxing <dengguangxing@huawei.com>
-Date: Mon, 24 Jul 2023 16:16:50 +0800
+Date: Mon, 22 Jan 2018 20:27:37 +0800
 Subject: [PATCH] runc: add more specific log for hooks
 [Changelog]: add more specific log for hooks
 [Author]:Shukui Yang
 Change-Id: I317232b42a5fd6bc16773fe4aa0a376d8b9b6806
 Signed-off-by: dengguangxing <dengguangxing@huawei.com>
 ---
 libcontainer/configs/config.go | 2 ++
 1 file changed, 2 insertions(+)
--- a/patch/0005-runc-reduce-max-number-of-retries-to-10.patch
+++ b/patch/0005-runc-reduce-max-number-of-retries-to-10.patch
@ -1,8 +1,13 @@
 From d055603a252ab9cf6b36b5369045ebf4a384c5b8 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: liruilin4 <liruilin4@huawei.com>
-Date: Mon, 24 Jul 2023 16:27:44 +0800
+Date: Mon, 9 Jul 2018 12:02:33 +0800
 Subject: [PATCH] runc: reduce max number of retries to 10
 [Changelog]:when killing containers in D state, now runc will do
 100 retries, which leads that containerd blocks for 10 seconds.
 [Author]:Ruilin Li
 Change-Id: I1e08ef23ad065f5e3b88506726530187d2ccc797
 ---
 delete.go | 4 ++--
 init.go   | 2 ++
--- a/patch/0006-runc-ignore-exec.fifo-removing-not-exist-error.patch
+++ b/patch/0006-runc-ignore-exec.fifo-removing-not-exist-error.patch
@ -1,8 +1,11 @@
 From 5516836a74e12756161cd3a6ef7e05c7e89c378c Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: panwenxiang <panwenxiang@huawei.com>
-Date: Mon, 24 Jul 2023 16:40:27 +0800
+Date: Wed, 22 Aug 2018 17:06:01 +0800
 Subject: [PATCH] runc: ignore exec.fifo removing not exist error
 [Changelog]:cherry-pick from vtwrse <4af7ee1635962fe3bd86ac87064fdcd7e60c1135>
 Change-Id: I34a30672fb92c974965b3a53cfb8ccc75932e6d8
 Signed-off-by: jiangpengfei9 <jiangpengfei9@huawei.com>
 ---
 libcontainer/container_linux.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
--- a/patch/0007-runc-Add-file-fds-limit.patch
+++ b/patch/0007-runc-Add-file-fds-limit.patch
@ -1,8 +1,16 @@
 From becb372e9a80ba49dd742f130478e93f17e27329 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: yangshukui <yangshukui@huawei.com>
-Date: Mon, 24 Jul 2023 16:48:05 +0800
+Date: Mon, 18 Sep 2017 17:25:30 +0800
 Subject: [PATCH] runc:Add file fds limit
 With the patch(https://lwn.net/Articles/604129/),we can limit the
 num of open files in container.
 Conflicts:
        events.go
        vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
 Change-Id: I8264c0dd398227ebbd95b7dd9dae4688d76dee9b
 Signed-off-by: yangshukui <yangshukui@huawei.com>
 ---
 events.go                                     |  3 +
 libcontainer/cgroups/fs/files.go              | 79 +++++++++++++++++++
--- a/patch/0008-runc-runc-logs-forwarding-to-syslog.patch
+++ b/patch/0008-runc-runc-logs-forwarding-to-syslog.patch
@ -1,8 +1,16 @@
 From 10536f71def2026279285999779023d98f505e56 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: panwenxing <panwenxing@huawei.com>
-Date: Mon, 24 Jul 2023 17:20:38 +0800
+Date: Fri, 19 Oct 2018 15:00:34 +0800
 Subject: [PATCH] runc: runc logs forwarding to syslog
 reason:runc logs forwarding to syslog and using the config "--log-level" to control the number of logs
 Change-Id: Ia93f6f5c56131ea8558c4b7b7e5c4bec827a1bad
 Conflicts:
        libcontainer/container_linux.go
        libcontainer/process_linux.go
        libcontainer/state_linux.go
 ---
 create.go                                     |   2 +-
 libcontainer/configs/config.go                |  70 +++++++++---
--- a/patch/0009-runc-support-namespaced-kernel-params-can-be-changed.patch
+++ b/patch/0009-runc-support-namespaced-kernel-params-can-be-changed.patch
@ -1,9 +1,19 @@
 From 0d04d291e8b9dcee0fcdf4b757e41d0e77b1491f Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangsong34 <zhangsong34@huawei.com>
-Date: Mon, 24 Jul 2023 17:25:43 +0800
+Date: Fri, 19 Oct 2018 10:53:33 +0800
 Subject: [PATCH] runc:support namespaced kernel params can be changed in
 system container
 reason:support namespaced kernel files can be written in container,
 when docker run a system container specify '--ns-change-opt' param,
 net or ipc namespaced kernel params can be changed in this container.
 Conflicts:
        libcontainer/rootfs_linux.go
        script/runc-euleros.spec
 Change-Id: I051b274117abd9745a27577e14a23c906ff7cca3
 Signed-off-by: jingrui <jingrui@huawei.com>
 ---
 libcontainer/rootfs_linux.go        | 26 ++++++++++++++++++++++++++
 libcontainer/standard_init_linux.go |  7 +++++++
--- a/patch/0010-runc-make-hooks-log-more-userful-and-fix-syslog-hook.patch
+++ b/patch/0010-runc-make-hooks-log-more-userful-and-fix-syslog-hook.patch
@ -1,8 +1,12 @@
 From 8b9b5e2615b1952a062f09476c53ff0a536df1ac Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: panwenxing <panwenxing@huawei.com>
-Date: Mon, 24 Jul 2023 19:15:52 +0800
+Date: Sat, 3 Nov 2018 12:42:49 +0800
 Subject: [PATCH] runc:make hooks log more userful and fix syslog hook bug
 reason:changed some log infomation.
 Change-Id: Ib6cda4b8a0ef3a441c45f6c435fe11430f8eada8
 Signed-off-by: panwenxiang <panwenxiang@huawei.com>
 ---
 libcontainer/configs/config.go | 17 ++++++++++++++---
 main.go                        | 26 ++++++++++++++++++++++++--
--- a/patch/0011-runc-do-not-setup-sysctl-in-runc-when-userns-enable.patch
+++ b/patch/0011-runc-do-not-setup-sysctl-in-runc-when-userns-enable.patch
@ -1,8 +1,14 @@
 From 8094649c861a0b6ca408caa38611f3e235378206 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangsong34 <zhangsong34@huawei.com>
-Date: Mon, 24 Jul 2023 19:25:06 +0800
+Date: Mon, 5 Mar 2018 21:15:15 +0800
 Subject: [PATCH] runc:do not setup sysctl in runc when userns enable
 reason:when userns enabled, runc will run as normal user, it has
 no rights to setup sysctl even the ipcns sysctl. let docker-hooks do this job.
 Change-Id: Ia77b8c1bf4255973736f04c0962eae722ed9683e
 Signed-off-by: gus.gao <gus.gao@huawei.com>
 Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
 ---
 libcontainer/standard_init_linux.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)
--- a/patch/0012-runc-support-set-seccomp-priority.patch
+++ b/patch/0012-runc-support-set-seccomp-priority.patch
@ -1,8 +1,13 @@
 From 3e1db51b4dc547a7c9bfd251357e2661dc773952 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangsong34 <zhangsong34@huawei.com>
-Date: Mon, 24 Jul 2023 19:39:28 +0800
+Date: Wed, 30 Jan 2019 15:33:44 +0800
 Subject: [PATCH] runc: support set seccomp priority
 reason:support set seccomp priority
 Change-Id: I73ea0ca4ce5dc7af975c62b56edbae03f9721e76
 Signed-off-by: gus.gao <gus.gao@huawei.com>
 Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
 ---
 libcontainer/configs/config.go                                  | 1 +
 libcontainer/seccomp/seccomp_linux.go                           | 2 +-
--- a/patch/0013-runc-do-not-kill-container-if-poststart-hooks-execut.patch
+++ b/patch/0013-runc-do-not-kill-container-if-poststart-hooks-execut.patch
@ -1,8 +1,12 @@
 From 0cbdce649f9086adc2e8c50734d37c2d31b45234 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangsong34 <zhangsong34@huawei.com>
-Date: Mon, 24 Jul 2023 20:31:00 +0800
+Date: Wed, 13 Mar 2019 15:40:12 +0800
 Subject: [PATCH] runc:do not kill container if poststart hooks execute failed
 reason:do not kill container if poststart hooks execute failed.
 Change-Id: Ieb1e1e7eeefe4bbd3cdb38fbba5a2a003297a5b3
 Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
 ---
 libcontainer/container_linux.go | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)
--- a/patch/0014-runc-add-sysctl-kernel.pid_max-to-whitelist.patch
+++ b/patch/0014-runc-add-sysctl-kernel.pid_max-to-whitelist.patch
@ -1,8 +1,11 @@
 From 318779ab775bfe878cac0636c9e610b9951e1335 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangsong34 <zhangsong34@huawei.com>
-Date: Tue, 25 Jul 2023 19:53:00 +0800
+Date: Mon, 6 May 2019 19:29:40 +0800
 Subject: [PATCH] runc:add sysctl kernel.pid_max to whitelist
 reason:add sysctl kernel.pid_max to whitelist
 Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
 ---
 libcontainer/configs/validate/validator.go | 1 +
 1 file changed, 1 insertion(+)
--- a/patch/0015-runc-disable-core-dump-during-exec.patch
+++ b/patch/0015-runc-disable-core-dump-during-exec.patch
@ -1,8 +1,10 @@
 From d98901af66768560f0e352db72bb32d216aa9040 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: jingrui <jingrui@huawei.com>
-Date: Wed, 26 Jul 2023 11:04:05 +0800
+Date: Mon, 8 Jul 2019 19:49:24 +0800
 Subject: [PATCH] runc:disable core dump during exec
 Change-Id: If649738854616c1f448a148aef1f2cc414715616
 Signed-off-by: jingrui <jingrui@huawei.com>
 ---
 libcontainer/process_linux.go | 2 ++
 1 file changed, 2 insertions(+)
--- a/patch/0016-runc-fix-exec-problem-caused-by-libseccomp-updating.patch
+++ b/patch/0016-runc-fix-exec-problem-caused-by-libseccomp-updating.patch
@ -1,6 +1,6 @@
 From 92c51d606acb92a5fb58eed2d238ad3cb2c69291 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: xiadanni1 <xiadanni1@huawei.com>
-Date: Wed, 26 Jul 2023 11:11:23 +0800
+Date: Tue, 20 Aug 2019 02:40:45 +0800
 Subject: [PATCH] runc:fix exec problem caused by libseccomp updating
 reason: libseccomp updating causes runc exec performance
--- a/patch/0017-runc-add-log-message-for-cgroup-file-check.patch
+++ b/patch/0017-runc-add-log-message-for-cgroup-file-check.patch
@ -1,8 +1,14 @@
 From 436b642d42680fd76903307748df0237e8cd0cd1 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: zhangtianyang <zhangtianyang2@huawei.com>
-Date: Wed, 26 Jul 2023 11:21:06 +0800
+Date: Fri, 18 Oct 2019 19:59:21 +0800
 Subject: [PATCH] runc:add log message for cgroup file check
 reason:docker report "no such file" when try to write cpuset.mems,
 not sure weather is deleted or not generated by kernel. so add
 cgroup file check messages for further maintainance.
 Change-Id: I4c835f62547b0404a9cffeda643fe028f1b4aa0f
 Signed-off-by: zhangtianyang <zhangtianyang2@huawei.com>
 ---
 libcontainer/cgroups/file.go      |  7 ++++++-
 libcontainer/cgroups/fs/cpuset.go | 31 +++++++++++++++++++++++--------
--- a/patch/0019-runc-support-set-cpuset.prefer_cpus-using-cpuset-cpu.patch
+++ b/patch/0019-runc-support-set-cpuset.prefer_cpus-using-cpuset-cpu.patch
@ -1,8 +1,12 @@
 From da50f7d9ddf912a6e4ad8714e5aff01e85c09b21 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: Vanient <xiadanni1@huawei.com>
-Date: Wed, 26 Jul 2023 11:37:21 +0800
+Date: Sat, 7 May 2022 09:39:57 +0800
 Subject: [PATCH] runc:support set cpuset.prefer_cpus using --cpuset-cpus
 we need to set cpuset.prefer_cpus for performance. Using "+" as
 separator, the cpuset value after separator is the prefer_cpus value.
 Signed-off-by: Vanient <xiadanni1@huawei.com>
 ---
 libcontainer/cgroups/fs/cpuset.go | 118 +++++++++++++++++++++++++++++-
 1 file changed, 114 insertions(+), 4 deletions(-)
--- a/patch/0020-runc-add-DT-for-cpuset.preferred_cpus-setting.patch
+++ b/patch/0020-runc-add-DT-for-cpuset.preferred_cpus-setting.patch
@ -1,6 +1,6 @@
 From 8071a31f5fd66638bda75d371f62d6df9155b00b Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: Vanient <xiadanni1@huawei.com>
-Date: Wed, 26 Jul 2023 14:18:00 +0800
+Date: Mon, 9 May 2022 20:32:24 +0800
 Subject: [PATCH] runc:add DT for cpuset.preferred_cpus setting
 ---
--- a/patch/0023-runc-support-specify-umask.patch
+++ b/patch/0023-runc-support-specify-umask.patch
@ -1,8 +1,22 @@
 From 7746fa7839dc6780379cb732c7122efaa07834f7 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: wangfengtu <wangfentu@huawei.com>
-Date: Wed, 26 Jul 2023 15:37:48 +0800
+Date: Fri, 21 Dec 2018 15:02:16 +0800
 Subject: [PATCH] runc:support specify umask
 reason:support specify umask.
 Umask can be 0022 or 0027(default) by specify umask when
 start container by command `docker create/run` or start
 daemon by command `dockerd`. For example:
 $ dockerd --annotation native.umask=normal
 $ dockerd --annotation native.umask=secure
 $ docker run --exec-opt native.umask=normal
 $ docker run --exec-opt native.umask=secure
 `normal` reparent umask is 0022, `secure`
 reparent umask is 0027.
 Change-Id: I49166759ad42dca0ac1f9755f85592e93951c249
 Signed-off-by: lujingxiao <lujingxiao@huawei.com>
 Signed-off-by: wangfengtu <wangfengtu@huawei.com>
 ---
 libcontainer/rootfs_linux.go                             | 6 ++++++
 libcontainer/setns_init_linux.go                         | 7 +++++++
--- a/patch/0027-runc-libct-fix-shared-pidns-detection.patch
+++ b/patch/0027-runc-libct-fix-shared-pidns-detection.patch
@ -1,5 +1,5 @@
 From 43126d0dca0b76f8c07cff1d09c5fc013d5c3450 Mon Sep 17 00:00:00 2001
-From: zhongjiawei <zhongjiawei1@huawei.com>
+From: Kir Kolyshkin <kolyshkin@gmail.com>
 Date: Wed, 26 Jul 2023 16:52:56 +0800
 Subject: [PATCH] libct: fix shared pidns detection
--- a/runc.spec
+++ b/runc.spec
@ -3,7 +3,7 @@
 Name: docker-runc
 Version: 1.1.8
-Release: 2
+Release: 3
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
 License: ASL 2.0
@ -54,7 +54,13 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc
 %changelog
-* Wed July 26 2023 vegbir<yangjiaqi16@huawei.com> - 1.1.8-2
+* Wed Sep 6 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-3
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:modify and complement patch information
 * Wed July 26 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-2
 - Type:bugfix
 - ID:NA
 - SUG:NA
`@ -1 +1 @@`
	`90276301321bbf6ef9a2ea85b06d3e2cf0ccb7bd`	`d35711ce9c5492f1455036424a306c2a5b2d3735`