From 91880c303a418b6a4991779a28bf005ca8b1e611 Mon Sep 17 00:00:00 2001 From: zhongjiawei Date: Thu, 26 Oct 2023 16:24:51 +0800 Subject: [PATCH] runc:fix the bug when runc syscall.Exec cmd not exist cause panic --- git-commit | 2 +- ...-init-unify-init-fix-its-error-logic.patch | 26 ++++++++++++++++--- ...rt-runtime-us-and-rt-period-us-faile.patch | 2 +- runc.spec | 8 +++++- 4 files changed, 31 insertions(+), 7 deletions(-) diff --git a/git-commit b/git-commit index f11731b..e1d35a7 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -7f4d3483bdf8c5ec6bfec21d2afd9621c3bdceee +6a36602a91e2bf0275f28cb7710838922daa7b0f diff --git a/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch b/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch index 7ea911d..cd4d1a3 100644 --- a/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch +++ b/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch @@ -1,4 +1,4 @@ -From eecf5dd404208161292f0c10e6118eefea5e62f3 Mon Sep 17 00:00:00 2001 +From 3067c7503547e7c1f2499a69b1713051515743e0 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Wed, 9 Aug 2023 12:04:26 +0900 Subject: [PATCH] libct/init: unify init, fix its error logic @@ -16,14 +16,32 @@ Generally, our goals are: Signed-off-by: Kir Kolyshkin --- + init.go | 6 ++---- libcontainer/factory_linux.go | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) + 2 files changed, 5 insertions(+), 6 deletions(-) +diff --git a/init.go b/init.go +index a0520b5..5951afe 100644 +--- a/init.go ++++ b/init.go +@@ -36,10 +36,8 @@ func init() { + factory, _ := libcontainer.New("") + if err := factory.StartInitialization(); err != nil { + fmt.Fprintf(os.Stderr, "libcontainer: container start initialization failed: %s", err) +- // as the error is sent back to the parent there is no need to log +- // or write it to stderr because the parent process will handle this +- os.Exit(1) + } +- panic("libcontainer: container init failed to exec") ++ fmt.Fprint(os.Stderr, "libcontainer: container init failed to exec") ++ os.Exit(1) + } + } diff --git a/libcontainer/factory_linux.go b/libcontainer/factory_linux.go -index 39fc312..a4628b8 100644 +index a1fa7de..86a127c 100644 --- a/libcontainer/factory_linux.go +++ b/libcontainer/factory_linux.go -@@ -288,13 +288,14 @@ func (l *LinuxFactory) StartInitialization() (err error) { +@@ -296,13 +296,14 @@ func (l *LinuxFactory) StartInitialization() (err error) { // We have an error during the initialization of the container's init, // send it back to the parent process in the form of an initError. if werr := writeSync(pipe, procError); werr != nil { diff --git a/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch b/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch index 4d52b13..a3addce 100644 --- a/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch +++ b/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch @@ -18,7 +18,7 @@ index 6c79f899..0b58781d 100644 - if r.CpuRtPeriod != 0 { - if err := cgroups.WriteFile(path, "cpu.rt_period_us", strconv.FormatUint(r.CpuRtPeriod, 10)); err != nil { - return err -+var err error ++ var err error + if r.CpuRtRuntime != 0 { + if err = cgroups.WriteFile(path, "cpu.rt_runtime_us", strconv.FormatInt(r.CpuRtRuntime, 10)); err != nil { + if r.CpuRtPeriod != 0 { diff --git a/runc.spec b/runc.spec index 785d1fa..df0ed2d 100644 --- a/runc.spec +++ b/runc.spec @@ -3,7 +3,7 @@ Name: docker-runc Version: 1.1.3 -Release: 18 +Release: 19 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification. License: ASL 2.0 @@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc %{_bindir}/runc %changelog +* Thu Oct 26 2023 zhongjiawei - 1.1.3-19 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:fix the bug when runc syscall.Exec cmd not exist cause panic + * Tue Oct 24 2023 zhongjiawei - 1.1.3-18 - Type:bugfix - ID:NA -- Gitee