packages/lcr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!333 [sync] PR-326: sync from upstream

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @taotao-sauce 
Signed-off-by: @taotao-sauce
This commit is contained in:
openeuler-ci-bot 2024-06-11 12:05:03 +00:00 committed by Gitee
commit b8814d57e4
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
23 changed files with 301 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
0001-fix-update-cpu-rt-period-failed.patch
View File

@ -1,7 +1,7 @@
From 42cf57e75e50457c1a4ee28d286aa4644c9c266a Mon Sep 17 00:00:00 2001
From: songbuhuang <544824346@qq.com>
Date: Wed, 8 Feb 2023 10:40:20 +0800
Subject: [PATCH 01/20] fix update cpu-rt period failed
Subject: [PATCH 01/22] fix update cpu-rt period failed
Signed-off-by: songbuhuang <544824346@qq.com>
---
@ -33,5 +33,5 @@ index ac49c50..4c49a28 100644
err_out:
return ret;
--
2.33.0
2.34.1

4
0002-fix-layer-size-type-as-int64.patch
View File

@ -1,7 +1,7 @@
From 9e9fbc213ce485a53b8dee07ad923369096ae899 Mon Sep 17 00:00:00 2001
From: "Neil.wrz" <wangrunze13@huawei.com>
Date: Mon, 20 Feb 2023 22:24:30 -0800
Subject: [PATCH 02/20] fix layer size type as int64
Subject: [PATCH 02/22] fix layer size type as int64
Signed-off-by: Neil.wrz <wangrunze13@huawei.com>
---
@ -22,5 +22,5 @@ index 44f31db..78cc68c 100644
"digest": {
"$ref": "../defs.json#/definitions/digest"
--
2.33.0
2.34.1

4
0003-adapt-to-repo-of-openeuler-url-changed.patch
View File

@ -1,7 +1,7 @@
From 2e6991000d0e1e42db9f054400949543a1a44520 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Mon, 6 Mar 2023 15:24:59 +0800
Subject: [PATCH 03/20] adapt to repo of openeuler url changed
Subject: [PATCH 03/22] adapt to repo of openeuler url changed
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
@ -29,5 +29,5 @@ index ae1e8ef..1a15461 100755
cd ~
--
2.33.0
2.34.1

4
0004-add-cgroup-resources-json-schema-for-isula-update.patch
View File

@ -1,7 +1,7 @@
From 3f1ef0eeb7fe469bfc42e1ea6726ec91a97e165d Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Wed, 15 Feb 2023 16:05:39 +0800
Subject: [PATCH 04/20] add cgroup resources json schema for isula update
Subject: [PATCH 04/22] add cgroup resources json schema for isula update
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
@ -96,5 +96,5 @@ index 6ed9473..ae77e9d 100644
"type": "object",
"properties": {
--
2.33.0
2.34.1

4
0005-add-field-for-isulad-daemon-configs.patch
View File

@ -1,7 +1,7 @@
From 558723cf5f1506538822e716b5b9ae7ee84736f6 Mon Sep 17 00:00:00 2001
From: "Neil.wrz" <wangrunze13@huawei.com>
Date: Wed, 15 Feb 2023 19:11:45 -0800
Subject: [PATCH 05/20] add field for isulad daemon configs
Subject: [PATCH 05/22] add field for isulad daemon configs
Signed-off-by: Neil.wrz <wangrunze13@huawei.com>
---
@ -23,5 +23,5 @@ index 1332a73..b75e929 100644
"type": "string"
},
--
2.33.0
2.34.1

4
0006-add-files_limit-to-oci-spec.patch
View File

@ -1,7 +1,7 @@
From fe5de86ac3df1ba26f50f0eacdfb525e52f33573 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Sat, 8 Apr 2023 11:38:50 +0800
Subject: [PATCH 06/20] add files_limit to oci spec
Subject: [PATCH 06/22] add files_limit to oci spec
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
@ -33,5 +33,5 @@ index 317cab4..27b2de2 100644
"id": "https://opencontainers.org/schema/bundle/linux/resources/blockIO",
"type": "object",
--
2.33.0
2.34.1

4
0007-Fix-empty-pointer-and-overflow.patch
View File

@ -1,7 +1,7 @@
From 2df5066a9741e9534d13bc422dad69bb6a2c12ce Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Mon, 28 Aug 2023 12:59:08 +0000
Subject: [PATCH 07/20] Fix empty pointer and overflow
Subject: [PATCH 07/22] Fix empty pointer and overflow
Signed-off-by: jikai <jikai11@huawei.com>
---
@ -997,5 +997,5 @@ index 88f83d5..56b594b 100644
json_buf[gen_len] = '\\0';
--
2.33.0
2.34.1

4
0008-CI-checkout-branch-of-lxc.patch
View File

@ -1,7 +1,7 @@
From 3ddbf5130eb24e7a2e9f70c3e6c494afa0015e92 Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Tue, 29 Aug 2023 02:38:14 +0000
Subject: [PATCH 08/20] CI: checkout branch of lxc
Subject: [PATCH 08/22] CI: checkout branch of lxc
Signed-off-by: jikai <jikai11@huawei.com>
---
@ -21,5 +21,5 @@ index 1a15461..6595c77 100755
./apply-patches || exit 1
pushd lxc-4.0.3
--
2.33.0
2.34.1

4
0009-support-check-symbols-and-compile-code-in-cmake.patch
View File

@ -1,7 +1,7 @@
From 2f0562d56032a563672ae105b7b3ca1b71878526 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Sat, 26 Aug 2023 10:54:02 +0800
Subject: [PATCH 09/20] support check symbols and compile code in cmake
Subject: [PATCH 09/22] support check symbols and compile code in cmake
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
@ -33,5 +33,5 @@ index 13c1cdb..27a83d1 100644
+ STRERROR_R_CHAR_P
+)
--
2.33.0
2.34.1

4
0010-remove-unnecessary-strerror.patch
View File

@ -1,7 +1,7 @@
From 41aa94a5859755ed4ca181043dd442401fd068ea Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Tue, 5 Sep 2023 19:35:37 +0800
Subject: [PATCH 10/20] remove unnecessary strerror
Subject: [PATCH 10/22] remove unnecessary strerror
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
@ -151,5 +151,5 @@ index c3c1981..9c8a873 100644
return -1;
}
--
2.33.0
2.34.1

4
0011-258-improve-code-of-function-in-log.patch
View File

@ -1,7 +1,7 @@
From 67db677060c70aa23e6927e99cc2078e219b9d2d Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Wed, 6 Sep 2023 11:01:47 +0000
Subject: [PATCH 11/20] !258 improve code of function in log Merge pull request
Subject: [PATCH 11/22] !258 improve code of function in log Merge pull request
!258 from haozi007/stablefix
---
@ -29,5 +29,5 @@ index 2db0d98..43c1d5d 100644
#define COMMAND_ERROR(fmt, args...) \
--
2.33.0
2.34.1

4
0012-265-set-env-to-avoid-invoke-lxc-binary-directly.patch
View File

@ -1,7 +1,7 @@
From 235048833fbd12ddb19dee74df5a13a26bfe5e6b Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Mon, 18 Sep 2023 11:07:42 +0000
Subject: [PATCH 12/20] !265 set env to avoid invoke lxc binary directly * set
Subject: [PATCH 12/22] !265 set env to avoid invoke lxc binary directly * set
env to avoid invoke lxc binary directly
---
@ -26,5 +26,5 @@ index f65f570..5c69c8e 100644
}
--
2.33.0
2.34.1

4
0013-improve-error-of-lcr-apis.patch
View File

@ -1,7 +1,7 @@
From ffd58bff069d0d1bde6a6ad14f4c2b81fac237c8 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Thu, 16 Nov 2023 10:58:52 +0800
Subject: [PATCH 13/20] improve error of lcr apis
Subject: [PATCH 13/22] improve error of lcr apis
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
@ -165,5 +165,5 @@ index 5c69c8e..4256799 100644
}
--
2.33.0
2.34.1

4
0014-288-use-atomic-write-for-config-secomp-oci_hook-file.patch
View File

@ -1,7 +1,7 @@
From 713d31dfeb4425cfb40f565436504f4056ebe548 Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Tue, 21 Nov 2023 02:45:37 +0000
Subject: [PATCH 14/20] !288 use atomic write for config, secomp, oci_hook
Subject: [PATCH 14/22] !288 use atomic write for config, secomp, oci_hook
files * use atomic write for config, secomp, oci_hook files
---
@ -623,5 +623,5 @@ index 6a3764b..51e0dea 100644
int lcr_util_get_real_swap(int64_t memory, int64_t memory_swap, int64_t *swap);
int lcr_util_trans_cpushare_to_cpuweight(int64_t cpu_share);
--
2.33.0
2.34.1

4
0015-289-close-fd-if-fdopen-failed-and-add-ut.patch
View File

@ -1,7 +1,7 @@
From a83ebe1639b4fa33177254883477ed025fc024c2 Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Tue, 21 Nov 2023 07:17:51 +0000
Subject: [PATCH 15/20] !289 close fd if fdopen failed and add ut * close fd if
Subject: [PATCH 15/22] !289 close fd if fdopen failed and add ut * close fd if
fdopen failed * add ut for atomic write
---
@ -208,5 +208,5 @@ index 0000000..8acba29
+ ASSERT_EQ(lcr_util_recursive_rmdir("/tmp/lcr-test/", 1), 0);
+}
--
2.33.0
2.34.1

4
0016-290-fix-seccomp-write-error.patch
View File

@ -1,7 +1,7 @@
From 6eeab992e06fa74b027d922057cc6d5900d438be Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Tue, 21 Nov 2023 12:54:50 +0000
Subject: [PATCH 16/20] !290 fix seccomp write error * fix seccomp write error
Subject: [PATCH 16/22] !290 fix seccomp write error * fix seccomp write error
---
src/lcrcontainer_extend.c | 2 +-
@ -21,5 +21,5 @@ index 9136613..e3c081a 100644
goto cleanup;
}
--
2.33.0
2.34.1

4
0017-291-restore-using-dev-urandom.patch
View File

@ -1,7 +1,7 @@
From a28a87c9dbbc567eebc0eebcd1e7e34db2e68817 Mon Sep 17 00:00:00 2001
From: jake <jikai11@huawei.com>
Date: Tue, 21 Nov 2023 13:46:30 +0000
Subject: [PATCH 17/20] !291 restore using /dev/urandom * restore using
Subject: [PATCH 17/22] !291 restore using /dev/urandom * restore using
/dev/urandom
---
@ -25,5 +25,5 @@ index 59d0cea..68e9bc4 100644
}
for (i = 0; i < len; i++) {
--
2.33.0
2.34.1

4
0018-use-fixed-tmp-file-to-write-config-etc.patch
View File

@ -1,7 +1,7 @@
From 4c18c29522fc35f94cae6f1e34e28bbbedef2520 Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Tue, 28 Nov 2023 15:59:48 +0800
Subject: [PATCH 18/20] use fixed tmp file to write config etc
Subject: [PATCH 18/22] use fixed tmp file to write config etc
Signed-off-by: jikai <jikai11@huawei.com>
---
@ -318,5 +318,5 @@ index 8acba29..17f60ed 100644
ASSERT_NE(readcontent, nullptr);
ASSERT_STREQ(readcontent, new_content);
--
2.33.0
2.34.1

4
0019-300-add-blkio-info-for-runtime-stats.patch
View File

@ -1,7 +1,7 @@
From 2bd09ffdb41844387685368497ff6ce8a9100102 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Wed, 29 Nov 2023 09:32:54 +0000
Subject: [PATCH 19/20] !300 add blkio info for runtime-stats * add blkio info
Subject: [PATCH 19/22] !300 add blkio info for runtime-stats * add blkio info
for runtime-stats
---
@ -60,5 +60,5 @@ index ae77e9d..18b34f1 100644
}
}
--
2.33.0
2.34.1

4
0020-drop-atomic-config-write-for-partial-file-does.patch
View File

@ -1,7 +1,7 @@
From f1f938732403003206a83a641a0a02a7f82125f7 Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Thu, 30 Nov 2023 19:17:37 +0800
Subject: [PATCH 20/20] drop atomic config write for partial file does
Subject: [PATCH 20/22] drop atomic config write for partial file does
Signed-off-by: jikai <jikai11@huawei.com>
---
@ -654,5 +654,5 @@ index 17f60ed..0000000
- ASSERT_EQ(lcr_util_recursive_rmdir("/tmp/lcr-test/", 1), 0);
-}
--
2.33.0
2.34.1

104
0021-remove-lcr-created-spec-only-if-create-failed.patch Normal file
View File

@ -0,0 +1,104 @@
From 0b73a6c5d4a3674f24d6c3e0e6bd1bd0c8f5eab2 Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Thu, 25 Apr 2024 09:51:14 +0000
Subject: [PATCH 21/22] remove lcr-created spec only if create failed
Signed-off-by: jikai <jikai11@huawei.com>
---
src/lcrcontainer.c | 8 +++----
src/lcrcontainer_extend.c | 45 +++++++++++++++++++++++++++++++++++++++
src/lcrcontainer_extend.h | 2 ++
3 files changed, 50 insertions(+), 5 deletions(-)
diff --git a/src/lcrcontainer.c b/src/lcrcontainer.c
index 4256799..71dfe61 100644
--- a/src/lcrcontainer.c
+++ b/src/lcrcontainer.c
@@ -184,15 +184,13 @@ bool lcr_create(const char *name, const char *lcrpath, void *oci_config)
bret = true;
out_unlock:
+ if (!bret) {
+ lcr_delete_spec(c, oci_spec);
+ }
if (partial_fd >= 0) {
close(partial_fd);
remove_partial(c);
}
- if (!bret) {
- if (!c->destroy(c)) {
- WARN("Unable to clean lxc resources");
- }
- }
lxc_container_put(c);
isula_libutils_free_log_prefix();
return bret;
diff --git a/src/lcrcontainer_extend.c b/src/lcrcontainer_extend.c
index 321be8c..d70f5a6 100644
--- a/src/lcrcontainer_extend.c
+++ b/src/lcrcontainer_extend.c
@@ -986,3 +986,48 @@ out_free_conf:
return ret;
}
+
+static void delete_specific_spec(const char *bundle, const char *name)
+{
+ char filepath[PATH_MAX] = { 0 };
+ int nret = snprintf(filepath, sizeof(filepath), "%s/%s", bundle, name);
+ if (nret < 0 || (size_t)nret >= sizeof(filepath)) {
+ ERROR("Failed to print string");
+ return;
+ }
+
+ if (unlink(filepath) != 0) {
+ SYSERROR("Failed to delete %s", filepath);
+ return;
+ }
+}
+
+void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container)
+{
+ const char *path = NULL;
+ const char *name = NULL;
+ char *bundle = NULL;
+
+ if (c == NULL || c->name == NULL || container == NULL) {
+ ERROR("Invalid arguments");
+ return;
+ }
+
+ path = c->config_path ? c->config_path : LCRPATH;
+ name = c->name;
+ bundle = lcr_get_bundle(path, name);
+ if (bundle == NULL) {
+ return;
+ }
+
+ if (container->hooks != NULL) {
+ delete_specific_spec(bundle, OCIHOOKSFILE);
+ }
+
+ delete_specific_spec(bundle, "config");
+
+ // There might not exist seccomp file, try to delete anyway
+ delete_specific_spec(bundle, "seccomp");
+
+ free(bundle);
+}
diff --git a/src/lcrcontainer_extend.h b/src/lcrcontainer_extend.h
index f524a4a..5a55b10 100644
--- a/src/lcrcontainer_extend.h
+++ b/src/lcrcontainer_extend.h
@@ -78,6 +78,8 @@ bool lcr_save_spec(const char *name, const char *lcrpath, const struct lcr_list
bool translate_spec(const struct lxc_container *c, oci_runtime_spec *container);
+void lcr_delete_spec(const struct lxc_container *c, oci_runtime_spec *container);
+
#ifdef __cplusplus
}
#endif
--
2.34.1

148
0022-fix-bug-for-potential-config-seccomp-ocihook-write-e.patch Normal file
View File

@ -0,0 +1,148 @@
From ade392429a7682b918777ba7eb210f3789c98b4a Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Mon, 29 Apr 2024 16:43:51 +0800
Subject: [PATCH 22/22] fix bug for potential config/seccomp/ocihook write
error
Signed-off-by: jikai <jikai11@huawei.com>
---
src/lcrcontainer_extend.c | 18 ++++++++++++------
src/utils.c | 30 ++++++++++++++++++++++++++++++
src/utils.h | 1 +
3 files changed, 43 insertions(+), 6 deletions(-)
diff --git a/src/lcrcontainer_extend.c b/src/lcrcontainer_extend.c
index d70f5a6..261cf1d 100644
--- a/src/lcrcontainer_extend.c
+++ b/src/lcrcontainer_extend.c
@@ -352,6 +352,7 @@ static int lcr_spec_write_seccomp_line(int fd, const char *seccomp)
char *line = NULL;
int ret = -1;
int nret;
+ ssize_t nwritten = -1;
if (strlen(seccomp) > SIZE_MAX - strlen("lxc.seccomp.profile") - 3 - 1) {
ERROR("the length of lxc.seccomp is too long!");
@@ -375,7 +376,8 @@ static int lcr_spec_write_seccomp_line(int fd, const char *seccomp)
nret = (int)(len - 1);
}
line[nret] = '\n';
- if (write(fd, line, len) == -1) {
+ nwritten = lcr_util_write_nointr_in_total(fd, line, len);
+ if (nwritten < 0 || (size_t)nwritten != len) {
SYSERROR("Write file failed");
goto cleanup;
}
@@ -391,7 +393,7 @@ static char *lcr_save_seccomp_file(const char *bundle, const char *seccomp_conf)
char *real_seccomp = NULL;
int fd = -1;
int nret;
- ssize_t written_cnt;
+ ssize_t nwritten = -1;
nret = snprintf(seccomp, sizeof(seccomp), "%s/seccomp", bundle);
if (nret < 0 || (size_t)nret >= sizeof(seccomp)) {
@@ -410,9 +412,9 @@ static char *lcr_save_seccomp_file(const char *bundle, const char *seccomp_conf)
goto cleanup;
}
- written_cnt = write(fd, seccomp_conf, strlen(seccomp_conf));
+ nwritten = lcr_util_write_nointr(fd, seccomp_conf, strlen(seccomp_conf));
close(fd);
- if (written_cnt == -1) {
+ if (nwritten < 0 || (size_t)nwritten != strlen(seccomp_conf)) {
SYSERROR("write seccomp_conf failed");
goto cleanup;
}
@@ -710,6 +712,7 @@ static int lcr_spec_write_config(int fd, const struct lcr_list *lcr_conf)
lcr_config_item_t *item = it->elem;
int nret;
size_t encode_len;
+ ssize_t nwritten = -1;
if (item != NULL) {
if (strlen(item->value) > ((SIZE_MAX - strlen(item->name)) - 4)) {
goto cleanup;
@@ -737,7 +740,8 @@ static int lcr_spec_write_config(int fd, const struct lcr_list *lcr_conf)
encode_len = strlen(line_encode);
line_encode[encode_len] = '\n';
- if (write(fd, line_encode, encode_len + 1) == -1) {
+ nwritten = lcr_util_write_nointr_in_total(fd, line_encode, encode_len + 1);
+ if (nwritten < 0 || (size_t)nwritten != encode_len + 1) {
SYSERROR("Write file failed");
goto cleanup;
}
@@ -862,6 +866,7 @@ static int lcr_write_file(const char *path, const char *data, size_t len)
char *real_path = NULL;
int fd = -1;
int ret = -1;
+ ssize_t nwritten = -1;
if (path == NULL || strlen(path) == 0 || data == NULL || len == 0) {
return -1;
@@ -879,7 +884,8 @@ static int lcr_write_file(const char *path, const char *data, size_t len)
goto out_free;
}
- if (write(fd, data, len) == -1) {
+ nwritten = lcr_util_write_nointr_in_total(fd, data, len);
+ if (nwritten < 0 || (size_t)nwritten != len) {
SYSERROR("write data to %s failed", real_path);
goto out_free;
}
diff --git a/src/utils.c b/src/utils.c
index b999509..1279f8a 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -1040,6 +1040,36 @@ int lcr_util_build_dir(const char *name)
return 0;
}
+ssize_t lcr_util_write_nointr_in_total(int fd, const char *buf, size_t count)
+{
+ size_t nwritten;
+
+ if (buf == NULL) {
+ return -1;
+ }
+
+ if (count > SSIZE_MAX) {
+ ERROR("Too large data to write");
+ return -1;
+ }
+
+ for (nwritten = 0; nwritten < count;) {
+ ssize_t nret;
+ nret = write(fd, buf + nwritten, count - nwritten);
+ if (nret < 0) {
+ if (errno == EINTR || errno == EAGAIN) {
+ continue;
+ } else {
+ return nret;
+ }
+ } else {
+ nwritten += nret;
+ }
+ }
+
+ return (ssize_t)nwritten;
+}
+
/* util write nointr */
ssize_t lcr_util_write_nointr(int fd, const void *buf, size_t count)
{
diff --git a/src/utils.h b/src/utils.h
index 2fe4f1e..d248c39 100644
--- a/src/utils.h
+++ b/src/utils.h
@@ -206,6 +206,7 @@ char *lcr_util_string_append(const char *post, const char *pre);
char *lcr_util_string_split_prefix(size_t prefix_len, const char *file);
int lcr_util_build_dir(const char *name);
+ssize_t lcr_util_write_nointr_in_total(int fd, const char *buf, size_t count);
ssize_t lcr_util_write_nointr(int fd, const void *buf, size_t count);
ssize_t lcr_util_read_nointr(int fd, void *buf, size_t count);
--
2.34.1

10
lcr.spec
View File

@ -1,5 +1,5 @@
%global _version 2.0.9
%global _release 9
%global _release 10
%global _inner_name isula_libutils
Name: lcr
@ -32,6 +32,8 @@ Patch0017: 0017-291-restore-using-dev-urandom.patch
Patch0018: 0018-use-fixed-tmp-file-to-write-config-etc.patch
Patch0019: 0019-300-add-blkio-info-for-runtime-stats.patch
Patch0020: 0020-drop-atomic-config-write-for-partial-file-does.patch
Patch0021: 0021-remove-lcr-created-spec-only-if-create-failed.patch
Patch0022: 0022-fix-bug-for-potential-config-seccomp-ocihook-write-e.patch
%define lxcver_lower 4.0.3-2022102400
%define lxcver_upper 4.0.3-2022102500
@ -115,6 +117,12 @@ rm -rf %{buildroot}
%{_includedir}/%{_inner_name}/*.h
%changelog
* Tue Jun 11 2024 jikai<jikai11@huawei.com> - 2.0.9-10
- Type:enhancement
- CVE:NA
- SUG:NA
- DESC:sync from upstream
* Fri Feb 2 2024 peng.zou <peng.zou@shingroup.cn> - 2.0.9-9
- Type:enhancement
- CVE:NA