From b85e8a6ce25f2cedc8df4dbb5c93abe4b1a6201c Mon Sep 17 00:00:00 2001
From: zhongjiawei <zhongjiawei1@huawei.com>
Date: Tue, 22 Aug 2023 17:06:50 +0800
Subject: [PATCH] runc: Ignore error when force deleting a non-existing
 container and delete invaild logs

---
 git-commit                                    |  2 +-
 ...when-force-deleting-a-non-exist-cont.patch | 61 +++++++++++++++
 ...-runc-delete-invalid-cgroupinfo-logs.patch | 78 +++++++++++++++++++
 runc.spec                                     |  8 +-
 series.conf                                   |  2 +
 5 files changed, 149 insertions(+), 2 deletions(-)
 create mode 100644 patch/0147-runc-ingore-error-when-force-deleting-a-non-exist-cont.patch
 create mode 100644 patch/0148-runc-delete-invalid-cgroupinfo-logs.patch

diff --git a/git-commit b/git-commit
index e1aa272..7fe8b1f 100644
--- a/git-commit
+++ b/git-commit
@@ -1 +1 @@
-fcf238f179ee1acc1edc75aae9f5e23c54c9a45a
+800b2584e8ee3aca01174bcfc0931c0bfc509e8d
diff --git a/patch/0147-runc-ingore-error-when-force-deleting-a-non-exist-cont.patch b/patch/0147-runc-ingore-error-when-force-deleting-a-non-exist-cont.patch
new file mode 100644
index 0000000..d15548c
--- /dev/null
+++ b/patch/0147-runc-ingore-error-when-force-deleting-a-non-exist-cont.patch
@@ -0,0 +1,61 @@
+From ec18dd94cf7df14516e95dc5b9023cff650c7196 Mon Sep 17 00:00:00 2001
+From: Antonio Murdaca <runcom@redhat.com>
+Date: Tue, 16 May 2017 22:17:34 +0200
+Subject: [PATCH] Ignore error when force deleting a non-existing container
+ 
+This patch mimics the behavior of "rm -rf" so that if a container
+doesn't exist and you force delete it, it won't error out.
+ 
+Signed-off-by: Antonio Murdaca <runcom@redhat.com>
+---
+ delete.go                     | 6 +++++-
+ tests/integration/delete.bats | 5 +++++
+ 2 files changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/delete.go b/delete.go
+index a2b14f3..6db2978 100644
+--- a/delete.go
++++ b/delete.go
+@@ -50,6 +50,7 @@ status of "ubuntu01" as "stopped" the following will delete resources held for
+ 		}
+ 
+ 		id := context.Args().First()
++		force := context.Bool("force")
+ 		container, err := getContainer(context)
+ 		if err != nil {
+ 			if lerr, ok := err.(libcontainer.Error); ok && lerr.Code() == libcontainer.ContainerNotExists {
+@@ -59,6 +60,9 @@ status of "ubuntu01" as "stopped" the following will delete resources held for
+ 				if e := os.RemoveAll(path); e != nil {
+ 					fmt.Fprintf(os.Stderr, "remove %s: %v\n", path, e)
+ 				}
++				if force {
++					return nil
++				}
+ 			}
+ 			return err
+ 		}
+@@ -72,7 +76,7 @@ status of "ubuntu01" as "stopped" the following will delete resources held for
+ 		case libcontainer.Created:
+ 			return killContainer(container)
+ 		default:
+-			if context.Bool("force") {
++			if force {
+ 				return killContainer(container)
+ 			} else {
+ 				return fmt.Errorf("cannot delete container %s that is not stopped: %s\n", id, s)
+diff --git a/tests/integration/delete.bats b/tests/integration/delete.bats
+index 2c11e79..90a4f47 100644
+--- a/tests/integration/delete.bats
++++ b/tests/integration/delete.bats
+@@ -50,3 +50,8 @@ function teardown() {
+   runc state test_busybox
+   [ "$status" -ne 0 ]
+ }
++
++@test "runc delete --force ignore not exist" {
++  runc delete --force notexists
++  [ "$status" -eq 0 ]
++}
+-- 
+2.33.0
+
diff --git a/patch/0148-runc-delete-invalid-cgroupinfo-logs.patch b/patch/0148-runc-delete-invalid-cgroupinfo-logs.patch
new file mode 100644
index 0000000..5eb9d60
--- /dev/null
+++ b/patch/0148-runc-delete-invalid-cgroupinfo-logs.patch
@@ -0,0 +1,78 @@
+From 7e71d4334b3d86deaec67474041ee949672d267b Mon Sep 17 00:00:00 2001
+From: zhongjiawei <zhongjiawei1@huawei.com>
+Date: Tue, 22 Aug 2023 17:38:24 +0800
+Subject: [PATCH] runc:delete invalid cgroupinfo logs
+
+---
+ libcontainer/container_linux.go     |  1 -
+ libcontainer/standard_init_linux.go | 28 ----------------------------
+ 2 files changed, 29 deletions(-)
+
+diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
+index 113dbf4..d678407 100644
+--- a/libcontainer/container_linux.go
++++ b/libcontainer/container_linux.go
+@@ -322,7 +322,6 @@ func (c *linuxContainer) start(process *Process) error {
+ 	}
+ 
+ 	if err := parent.start(); err != nil {
+-		printCgroupInfo(c.config.Cgroups.Path)
+ 		// terminate the process to ensure that it properly is reaped.
+ 		if err := parent.terminate(); err != nil {
+ 			logrus.Warnf("parent process terminate error: %v", err)
+diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
+index b4945c3..611b91d 100644
+--- a/libcontainer/standard_init_linux.go
++++ b/libcontainer/standard_init_linux.go
+@@ -4,15 +4,12 @@ package libcontainer
+ 
+ import (
+ 	"fmt"
+-	"io/ioutil"
+ 	"os"
+ 	"os/exec"
+-	"path/filepath"
+ 	"strings"
+ 	"syscall"
+ 	"time"
+ 
+-	"github.com/Sirupsen/logrus"
+ 	"github.com/opencontainers/runc/libcontainer/apparmor"
+ 	"github.com/opencontainers/runc/libcontainer/configs"
+ 	"github.com/opencontainers/runc/libcontainer/keys"
+@@ -220,32 +217,7 @@ func (l *linuxStandardInit) Init() error {
+ 	// https://github.com/torvalds/linux/blob/v4.9/fs/exec.c#L1290-L1318
+ 	syscall.Close(l.stateDirFD)
+ 	if err := syscall.Exec(name, l.config.Args[0:], os.Environ()); err != nil {
+-		printCgroupInfo("")
+ 		return newSystemErrorWithCause(err, "exec user process")
+ 	}
+ 	return nil
+ }
+-
+-func printCgroupInfo(path string) {
+-	cgroupRoot := "/sys/fs/cgroup"
+-	infoFileList := []string{
+-		"/proc/meminfo",
+-		"/sys/fs/cgroup/memory/memory.stat",
+-		filepath.Join(cgroupRoot, "files", path, "files.limit"),
+-		filepath.Join(cgroupRoot, "files", path, "files.usage"),
+-		filepath.Join(cgroupRoot, "pids", path, "pids.max"),
+-		filepath.Join(cgroupRoot, "pids", path, "pids.current"),
+-		filepath.Join(cgroupRoot, "memory", path, "memory.usage_in_bytes"),
+-		filepath.Join(cgroupRoot, "memory", path, "memory.limit_in_bytes"),
+-		filepath.Join(cgroupRoot, "memory", path, "memory.stat"),
+-		filepath.Join(cgroupRoot, "cpu", path, "cpu.stat"),
+-	}
+-	for _, file := range infoFileList {
+-		printFileContent(file)
+-	}
+-}
+-
+-func printFileContent(path string) {
+-	output, err := ioutil.ReadFile(path)
+-	logrus.Infof("content read from %s: %s, err: %v", path, string(output), err)
+-}
+-- 
+2.33.0
+
diff --git a/runc.spec b/runc.spec
index 077799d..9162f8b 100644
--- a/runc.spec
+++ b/runc.spec
@@ -4,7 +4,7 @@
 
 Name: docker-runc
 Version: 1.0.0.rc3
-Release: 311
+Release: 312
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
 
 License: ASL 2.0
@@ -57,6 +57,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc
 
 %changelog
+* Tue Aug 22 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.0.0.rc3-312
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:ignore error when force deleting a non-existing container and delete invaild logs
+
 * Jul Mon 24 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.0.0.rc3-311
 - Type:bugfix
 - CVE:NA
diff --git a/series.conf b/series.conf
index ac70d32..97ab752 100644
--- a/series.conf
+++ b/series.conf
@@ -146,4 +146,6 @@ patch/0001-add-loongarch-support-for-libcontainer.patch
 #patch/0144-runc-run-resolve-tmpfs-mount-dest-in-container-scope.patch
 #patch/0145-runc-Prohibit-proc-and-sys-to-be-symlinks.patch
 patch/0146-runc-enable-cpuset-preferred-by-proc-sys-kernel-sche.patch
+patch/0147-runc-ingore-error-when-force-deleting-a-non-exist-cont.patch
+patch/0148-runc-delete-invalid-cgroupinfo-logs.patch
 #end
-- 
Gitee