!21 runc:sync bugfix and bump version

From: @Vanient Reviewed-by: @jing-rui,@caihaomin Signed-off-by: @caihaomin
2021-03-05 14:12:31 +08:00 · 2021-03-05 14:12:31 +08:00 · c2e88b6bd4
commit c2e88b6bd4
parent c98a19c7ec d7cca0cc8f
4 changed files with 179 additions and 1 deletions
--- a/patch/0121-runc-add-cpu-and-memory-info-when-print-cgroup-info.patch
+++ b/patch/0121-runc-add-cpu-and-memory-info-when-print-cgroup-info.patch
@ -0,0 +1,70 @@
+From 0fe280f25568a5700f9ac388b1434b344e1d1fab Mon Sep 17 00:00:00 2001
+From: xiadanni <xiadanni1@huawei.com>
+Date: Mon, 4 Jan 2021 20:00:26 +0800
+Subject: [PATCH] runc: add cpu and memory info when print cgroup info
+
+Signed-off-by: xiadanni <xiadanni1@huawei.com>
+---
+ libcontainer/container_linux.go     |  4 ++--
+ libcontainer/standard_init_linux.go | 23 +++++++++++++----------
+ 2 files changed, 15 insertions(+), 12 deletions(-)
+
+diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
+index 9b25183..7319286 100644
+--- a/libcontainer/container_linux.go
+++ b/libcontainer/container_linux.go
+@@ -310,10 +310,10 @@ func (c *linuxContainer) start(process *Process) error {
+ 		return newSystemErrorWithCause(err, "creating new parent process")
+ 	}
+ 	if err := parent.start(); err != nil {
+-		printFilesInfo(c.config.Cgroups.Path)
+		printCgroupInfo(c.config.Cgroups.Path)
+ 		// terminate the process to ensure that it properly is reaped.
+ 		if err := parent.terminate(); err != nil {
+-			logrus.Warn(err)
+			logrus.Warnf("parent process terminate error: %v", err)
+ 		}
+ 		return newSystemErrorWithCause(err, "starting container process")
+ 	}
+diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
+index 96901ef..b985180 100644
+--- a/libcontainer/standard_init_linux.go
+++ b/libcontainer/standard_init_linux.go
+@@ -215,21 +215,24 @@ func (l *linuxStandardInit) Init() error {
+ 	// https://github.com/torvalds/linux/blob/v4.9/fs/exec.c#L1290-L1318
+ 	syscall.Close(l.stateDirFD)
+ 	if err := syscall.Exec(name, l.config.Args[0:], os.Environ()); err != nil {
+-		printMemoryInfo()
+-		printFilesInfo("")
+		printCgroupInfo("")
+ 		return newSystemErrorWithCause(err, "exec user process")
+ 	}
+ 	return nil
+ }
+ 
+-func printMemoryInfo() {
+-	printFileContent("/proc/meminfo")
+-	printFileContent("/sys/fs/cgroup/memory/memory.stat")
+-}
+-
+-func printFilesInfo(path string) {
+-	printFileContent(filepath.Join("/sys/fs/cgroup/files", path, "/files.limit"))
+-	printFileContent(filepath.Join("/sys/fs/cgroup/files", path, "/files.usage"))
+func printCgroupInfo(path string) {
+	infoFileList := []string{
+		"/proc/meminfo",
+		"/sys/fs/cgroup/memory/memory.stat",
+		filepath.Join("/sys/fs/cgroup/files", path, "/files.limit"),
+		filepath.Join("/sys/fs/cgroup/files", path, "/files.usage"),
+		filepath.Join("/sys/fs/cgroup/memory", path, "/memory.stat"),
+		filepath.Join("/sys/fs/cgroup/cpu", path, "/cpu.stat"),
+	}
+	for _, file := range infoFileList {
+		printFileContent(file)
+	}
+ }
+ 
+ func printFileContent(path string) {
+-- 
+1.8.3.1
+
--- a/patch/0124-runc-fix-freezing-race.patch
+++ b/patch/0124-runc-fix-freezing-race.patch
@ -0,0 +1,69 @@
+From 943822abaa0aee51985384912292589ae1e34622 Mon Sep 17 00:00:00 2001
+From: xiadanni <xiadanni1@huawei.com>
+Date: Thu, 4 Feb 2021 16:26:49 +0800
+Subject: [PATCH] runc: fix freezing race
+
+runc kill blocks in freezer.Set, freezer.state keeps in freezing,
+because new process is creating during freeze.
+
+Upstream:https://github.com/opencontainers/runc/pull/2774
+         https://github.com/opencontainers/runc/pull/2791
+
+Signed-off-by: xiadanni <xiadanni1@huawei.com>
+---
+ libcontainer/cgroups/fs/freezer.go | 19 ++++++++++++++-----
+ 1 file changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/libcontainer/cgroups/fs/freezer.go b/libcontainer/cgroups/fs/freezer.go
+index 5ab3c02..40f70c1 100644
+--- a/libcontainer/cgroups/fs/freezer.go
+++ b/libcontainer/cgroups/fs/freezer.go
+@@ -3,6 +3,7 @@
+ package fs
+ 
+ import (
+	"errors"
+ 	"fmt"
+ 	"strings"
+ 	"time"
+@@ -28,24 +29,32 @@ func (s *FreezerGroup) Apply(d *cgroupData) error {
+ 
+ func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error {
+ 	switch cgroup.Resources.Freezer {
+-	case configs.Frozen, configs.Thawed:
+-		for {
+	case configs.Frozen:
+		for i := 0; i < 1000; i++ {
+			if i%50 == 49 {
+				writeFile(path, "freezer.state", string(configs.Thawed))
+				time.Sleep(10 * time.Millisecond)
+			}
+ 			// In case this loop does not exit because it doesn't get the expected
+ 			// state, let's write again this state, hoping it's going to be properly
+ 			// set this time. Otherwise, this loop could run infinitely, waiting for
+ 			// a state change that would never happen.
+-			if err := writeFile(path, "freezer.state", string(cgroup.Resources.Freezer)); err != nil {
+			if err := writeFile(path, "freezer.state", string(configs.Frozen)); err != nil {
+ 				return err
+ 			}
+ 			state, err := readFile(path, "freezer.state")
+ 			if err != nil {
+ 				return err
+ 			}
+-			if strings.TrimSpace(state) == string(cgroup.Resources.Freezer) {
+-				break
+			if strings.TrimSpace(state) == string(configs.Frozen) {
+				return nil
+ 			}
+ 			time.Sleep(1 * time.Millisecond)
+ 		}
+		writeFile(path, "freezer.state", string(configs.Thawed))
+		return errors.New("unable to freeze")
+	case configs.Thawed:
+		return writeFile(path, "freezer.state", string(configs.Thawed))
+ 	case configs.Undefined:
+ 		return nil
+ 	default:
+-- 
+1.8.3.1
+
--- a/runc-openeuler.spec
+++ b/runc-openeuler.spec
@ -2,7 +2,7 @@

 Name: docker-runc
 Version: 1.0.0.rc3
-Release: 104
+Release: 200
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.

 License: ASL 2.0
@ -40,3 +40,40 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc

 %changelog
+* Wed Feb 9 2021 xiadanni<xiadanni1@huawei.com> - 1.0.0.rc3-200
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:sync bugfix and bump version to 200, bugfix include
+       1. add cpu and memory info when print cgroup info
+       2. fix freezing race
+
+* Wed Nov 25 2020 xiadanni<xiadanni1@huawei.com> - 1.0.0.rc3-104
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:don't deny all devices when update cgroup resource
+       do not permit /proc mounts to non-directories
+       fix permission denied
+
+* Fri Mar 20 2020 xiadanni<xiadanni1@huawei.com> - 1.0.0.rc3-103
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:pass back the pid of runc:[1:CHILD] so we can wait on it
+
+* Thu Mar 5 2020 xiadanni<xiadanni1@huawei.com> - 1.0.0.rc3-102
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fixes config.Namespaces is empty when accessed
+       write freezer state after every state check
+       may kill other process when container has been stopped
+       fix cgroup hugetlb size prefix for kB
+       check nil pointers in cgroup manager
+
+* Wed Jan 1 2020 xiadanni<xiadanni1@huawei.com> - 1.0.0.rc3-101
+- Type:requirement
+- ID:NA 
+- SUG:NA
+- DESC:package init
--- a/series.conf
+++ b/series.conf
@ -117,3 +117,5 @@
 0118-runc-don-t-deny-all-devices-when-update-cgroup-resou.patch
 0119-runc-rootfs-do-not-permit-proc-mounts-to-no.patch
 0120-runc-fix-permission-denied.patch
+0121-runc-add-cpu-and-memory-info-when-print-cgroup-info.patch
+0124-runc-fix-freezing-race.patch