!196 [sync] PR-193: runc：fix the bug when runc syscall.Exec cmd not exist cause panic

From: @openeuler-sync-bot Reviewed-by: @duguhaotian Signed-off-by: @duguhaotian
2023-10-27 01:31:34 +00:00 · 2023-10-27 01:31:34 +00:00 · 3c5d9e3a6c
commit 3c5d9e3a6c
parent e70a5b00fe d321f02138
4 changed files with 31 additions and 7 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-7f4d3483bdf8c5ec6bfec21d2afd9621c3bdceee
+6a36602a91e2bf0275f28cb7710838922daa7b0f
--- a/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch
+++ b/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch
@ -1,4 +1,4 @@
-From eecf5dd404208161292f0c10e6118eefea5e62f3 Mon Sep 17 00:00:00 2001
+From 3067c7503547e7c1f2499a69b1713051515743e0 Mon Sep 17 00:00:00 2001
 From: Kir Kolyshkin <kolyshkin@gmail.com>
 Date: Wed, 9 Aug 2023 12:04:26 +0900
 Subject: [PATCH] libct/init: unify init, fix its error logic
@ -16,14 +16,32 @@ Generally, our goals are:

 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 ---
+ init.go                       | 6 ++----
 libcontainer/factory_linux.go | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
+ 2 files changed, 5 insertions(+), 6 deletions(-)

+diff --git a/init.go b/init.go
+index a0520b5..5951afe 100644
+--- a/init.go
+++ b/init.go
+@@ -36,10 +36,8 @@ func init() {
+ 		factory, _ := libcontainer.New("")
+ 		if err := factory.StartInitialization(); err != nil {
+ 			fmt.Fprintf(os.Stderr, "libcontainer: container start initialization failed: %s", err)
+-			// as the error is sent back to the parent there is no need to log
+-			// or write it to stderr because the parent process will handle this
+-			os.Exit(1)
+ 		}
+-		panic("libcontainer: container init failed to exec")
+		fmt.Fprint(os.Stderr, "libcontainer: container init failed to exec")
+		os.Exit(1)
+ 	}
+ }
 diff --git a/libcontainer/factory_linux.go b/libcontainer/factory_linux.go
-index 39fc312..a4628b8 100644
+index a1fa7de..86a127c 100644
 --- a/libcontainer/factory_linux.go
 +++ b/libcontainer/factory_linux.go
-@@ -288,13 +288,14 @@ func (l *LinuxFactory) StartInitialization() (err error) {
+@@ -296,13 +296,14 @@ func (l *LinuxFactory) StartInitialization() (err error) {
 		// We have an error during the initialization of the container's init,
 		// send it back to the parent process in the form of an initError.
 		if werr := writeSync(pipe, procError); werr != nil {
--- a/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch
+++ b/patch/0043-runc-fix-update-rt-runtime-us-and-rt-period-us-faile.patch
@ -18,7 +18,7 @@ index 6c79f899..0b58781d 100644
 -	if r.CpuRtPeriod != 0 {
 -		if err := cgroups.WriteFile(path, "cpu.rt_period_us", strconv.FormatUint(r.CpuRtPeriod, 10)); err != nil {
 -			return err
-+var err error
+	var err error
 +	if r.CpuRtRuntime != 0 {
 +		if err = cgroups.WriteFile(path, "cpu.rt_runtime_us", strconv.FormatInt(r.CpuRtRuntime, 10)); err != nil {
 +			if r.CpuRtPeriod != 0 {
--- a/runc.spec
+++ b/runc.spec
@ -3,7 +3,7 @@

 Name: docker-runc
 Version: 1.1.3
-Release: 18
+Release: 19
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.

 License: ASL 2.0
@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc

 %changelog
+* Thu Oct 26 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.3-19
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:fix the bug when runc syscall.Exec cmd not exist cause panic
+
 * Tue Oct 24 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.3-18
 - Type:bugfix
 - ID:NA