Browse Source

lxc: bump to 4.0.2

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Marijan Svalina <marijan.svalina@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
lilik-openwrt-22.03
Robert Marko 5 years ago
committed by Luka Perkov
parent
commit
9f43594e3a
11 changed files with 46 additions and 173 deletions
  1. +1
    -0
      utils/lxc/Config.in
  2. +9
    -5
      utils/lxc/Makefile
  3. +11
    -0
      utils/lxc/files/lxc-auto.init
  4. +0
    -37
      utils/lxc/patches/001-nl-avoid-NULL-pointer-dereference.patch
  5. +0
    -10
      utils/lxc/patches/002-compile.patch
  6. +0
    -11
      utils/lxc/patches/003-compile.patch
  7. +12
    -2
      utils/lxc/patches/010-Remove-distro-check.patch
  8. +3
    -3
      utils/lxc/patches/015-getline.patch
  9. +3
    -3
      utils/lxc/patches/020-lxc-checkconfig.patch
  10. +7
    -7
      utils/lxc/patches/025-remove-unsupported-option.patch
  11. +0
    -95
      utils/lxc/patches/030-prlimit.patch

+ 1
- 0
utils/lxc/Config.in View File

@ -32,6 +32,7 @@ config LXC_BUSYBOX_OPTIONS
select BUSYBOX_CONFIG_XZ
select BUSYBOX_CONFIG_GETOPT
select BUSYBOX_CONFIG_FEATURE_GETOPT_LONG
select BUSYBOX_CONFIG_MOUNTPOINT
help
Select needed busybox options for lxc-create utility. This include XZ tar
compression, long option support for tar and built-in getopt support.


+ 9
- 5
utils/lxc/Makefile View File

@ -1,5 +1,6 @@
#
# Copyright (C) 2013-2015 OpenWrt.org
# Copyright (C) 2020 Sartura
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@ -8,12 +9,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=lxc
PKG_VERSION:=2.1.1
PKG_RELEASE:=5
PKG_VERSION:=4.0.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://linuxcontainers.org/downloads/lxc/
PKG_HASH:=68663a67450a8d6734e137eac54cc7077209fb15c456eec401a2c26e6386eff6
PKG_HASH:=ca336dcdf303fea5ff231d89a9b6278b061c4cffb14f0db0a71a15bdd95a5cb0
PKG_LICENSE:=LGPL-2.1-or-later BSD-2-Clause GPL-2.0
PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
@ -45,7 +46,7 @@ define Package/lxc/Default
SECTION:=utils
CATEGORY:=Utilities
TITLE:=LXC userspace tools
URL:=http://lxc.sourceforge.net/
URL:=https://linuxcontainers.org/
endef
define Package/lxc
@ -124,7 +125,7 @@ define Package/liblxc
SECTION:=libs
CATEGORY:=Libraries
TITLE:=LXC userspace library
DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp
DEPENDS:= lxc +libcap +libpthread +LXC_SECCOMP:libseccomp +libopenssl
endef
define Package/lxc-lua
@ -150,6 +151,9 @@ CONFIGURE_ARGS += \
--enable-lua=yes \
--with-lua-pc="$(STAGING_DIR)/usr/lib/pkgconfig/lua.pc"
TARGET_CFLAGS += -Wno-format-nonliteral
TARGET_LDFLAGS += -lgcc_eh
ifeq ($(CONFIG_LXC_SECCOMP),y)
CONFIGURE_ARGS += --enable-seccomp
else


+ 11
- 0
utils/lxc/files/lxc-auto.init View File

@ -58,3 +58,14 @@ stop() {
fi
}
#Export systemd cgroups
boot() {
if [ ! -d /sys/fs/cgroup/systemd ]; then
mkdir -p /sys/fs/cgroup/systemd
mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,none,name=systemd cgroup /sys/fs/cgroup/systemd
fi
if [ ! -d /run ]; then
ln -s /var/run /run
fi
}

+ 0
- 37
utils/lxc/patches/001-nl-avoid-NULL-pointer-dereference.patch View File

@ -1,37 +0,0 @@
From c8f05589644d6b719e5a2c7fc548604f248be9be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
Date: Sun, 29 Jul 2018 17:44:06 +0200
Subject: [PATCH] nl: avoid NULL pointer dereference
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It's a valid case to call nla_put() with NULL data and 0 len. It's done e.g. in
the nla_put_attr().
There has to be a check for data in nla_put() as passing NULL to the memcpy()
is not allowed. Even if length is 0, both pointers have to be valid.
For a reference see C99 standard (7.21.1/2), it says: "pointer arguments on
such a call shall still have valid values".
Reported-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
[christian.brauner@ubuntu.com: adapted commit message]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
src/lxc/nl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/src/lxc/nl.c
+++ b/src/lxc/nl.c
@@ -61,7 +61,8 @@ static int nla_put(struct nlmsg *nlmsg,
rta = NLMSG_TAIL(nlmsg->nlmsghdr);
rta->rta_type = attr;
rta->rta_len = rtalen;
- memcpy(RTA_DATA(rta), data, len);
+ if (data && len)
+ memcpy(RTA_DATA(rta), data, len);
nlmsg->nlmsghdr->nlmsg_len = tlen;
return 0;
}

+ 0
- 10
utils/lxc/patches/002-compile.patch View File

@ -1,10 +0,0 @@
--- a/src/lxc/storage/aufs.h
+++ b/src/lxc/storage/aufs.h
@@ -24,7 +24,6 @@
#ifndef __LXC_AUFS_H
#define __LXC_AUFS_H
-#define _GNU_SOURCE
#include <stdbool.h>
#include <stdio.h>
#include <stdint.h>

+ 0
- 11
utils/lxc/patches/003-compile.patch View File

@ -1,11 +0,0 @@
--- a/src/lxc/confile_utils.c
+++ b/src/lxc/confile_utils.c
@@ -677,7 +677,7 @@
char *endptr = NULL;
if (strncmp(*value, "unlimited", sizeof("unlimited") - 1) == 0) {
- *res = RLIM_INFINITY;
+ *res = (unsigned long)RLIM_INFINITY;
*value += sizeof("unlimited") - 1;
return true;
}

utils/lxc/patches/010-compile.patch → utils/lxc/patches/010-Remove-distro-check.patch View File


+ 3
- 3
utils/lxc/patches/015-getline.patch View File

@ -1,6 +1,6 @@
--- a/src/lxc/utils.h
+++ b/src/lxc/utils.h
@@ -59,11 +59,7 @@ extern int mkdir_p(const char *dir, mode_t mode);
@@ -35,11 +35,7 @@ extern int mkdir_p(const char *dir, mode
extern char *get_rundir(void);
/* Define getline() if missing from the C library */
@ -11,5 +11,5 @@
-#endif
+#include "../include/getline.h"
/* Define setns() if missing from the C library */
#ifndef HAVE_SETNS
static inline int lxc_set_cloexec(int fd)
{

+ 3
- 3
utils/lxc/patches/020-lxc-checkconfig.patch View File

@ -1,6 +1,6 @@
--- a/src/lxc/tools/lxc-checkconfig.in
+++ b/src/lxc/tools/lxc-checkconfig.in
@@ -3,6 +3,17 @@
--- a/src/lxc/cmd/lxc-checkconfig.in
+++ b/src/lxc/cmd/lxc-checkconfig.in
@@ -4,6 +4,17 @@
# Allow environment variables to override config
: ${CONFIG:=/proc/config.gz}
: ${MODNAME:=configs}


+ 7
- 7
utils/lxc/patches/025-remove-unsupported-option.patch View File

@ -1,15 +1,15 @@
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in
@@ -505,20 +505,7 @@ fi
@@ -506,20 +506,7 @@ fi
# Unpack the rootfs
echo "Unpacking the rootfs"
-EXCLUDES=""
-excludelist=$(relevant_file excludes)
-if [ -f "${excludelist}" ]; then
- while read -r line; do
- EXCLUDES="${EXCLUDES} --exclude=${line}"
- done < "${excludelist}"
- while read -r line; do
- EXCLUDES="${EXCLUDES} --exclude=${line}"
- done < "${excludelist}"
-fi
-
-# Do not surround ${EXCLUDES} by quotes. This does not work. The solution could
@ -17,8 +17,8 @@
-# is to use a function wrapper, but the latter can't be used here as the args
-# are dynamic. We thus need to ignore the warning brought by shellcheck.
-# shellcheck disable=SC2086
-tar --anchored ${EXCLUDES} --numeric-owner -xpJf \
+tar --numeric-owner -xpJf \
"${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
-tar --anchored ${EXCLUDES} --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
+tar --numeric-owner -xpJf "${LXC_CACHE_PATH}/rootfs.tar.xz" -C "${LXC_ROOTFS}"
mkdir -p "${LXC_ROOTFS}/dev/pts/"

+ 0
- 95
utils/lxc/patches/030-prlimit.patch View File

@ -1,95 +0,0 @@
From f48b5fd8ab03c200eaf5e3a9b03bcd01b2659cf3 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Thu, 2 Nov 2017 16:00:33 +0100
Subject: [PATCH] Fix compilation on toolchain without prlimit
Some toolchains which are not bionic like uclibc does not support
prlimit or prlimit64. In this case, return an error.
Moreover, if prlimit64 is available, use lxc implementation of prlimit.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
configure.ac | 4 ++++
src/lxc/Makefile.am | 6 ++++++
src/lxc/conf.c | 12 +++++++++---
3 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 642b78e7e1..63df7466cb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -643,6 +643,10 @@ AC_CHECK_FUNCS([prlimit],
AM_CONDITIONAL(HAVE_PRLIMIT, true)
AC_DEFINE(HAVE_PRLIMIT,1,[Have prlimit]),
AM_CONDITIONAL(HAVE_PRLIMIT, false))
+AC_CHECK_FUNCS([prlimit64],
+ AM_CONDITIONAL(HAVE_PRLIMIT64, true)
+ AC_DEFINE(HAVE_PRLIMIT64,1,[Have prlimit64]),
+ AM_CONDITIONAL(HAVE_PRLIMIT64, false))
# Check for some libraries
AC_SEARCH_LIBS(sem_open, [rt pthread])
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index fff32ae4f3..8f0c11ecae 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -45,7 +45,10 @@ noinst_HEADERS += \
../include/ifaddrs.h \
../include/openpty.h \
../include/lxcmntent.h
+endif
+
if !HAVE_PRLIMIT
+if HAVE_PRLIMIT64
noinst_HEADERS += ../include/prlimit.h
endif
endif
@@ -142,7 +145,10 @@ liblxc_la_SOURCES += \
../include/ifaddrs.c ../include/ifaddrs.h \
../include/openpty.c ../include/openpty.h \
../include/lxcmntent.c ../include/lxcmntent.h
+endif
+
if !HAVE_PRLIMIT
+if HAVE_PRLIMIT64
liblxc_la_SOURCES += ../include/prlimit.c ../include/prlimit.h
endif
endif
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 44d9784303..8a66f2d02c 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -100,13 +100,14 @@
#if IS_BIONIC
#include <../include/lxcmntent.h>
-#ifndef HAVE_PRLIMIT
-#include <../include/prlimit.h>
-#endif
#else
#include <mntent.h>
#endif
+#if !defined(HAVE_PRLIMIT) && defined(HAVE_PRLIMIT64)
+#include <../include/prlimit.h>
+#endif
+
lxc_log_define(lxc_conf, lxc);
#if HAVE_LIBCAP
@@ -2457,10 +2458,15 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid) {
return -1;
}
+#if HAVE_PRLIMIT || HAVE_PRLIMIT64
if (prlimit(pid, resid, &lim->limit, NULL) != 0) {
ERROR("failed to set limit %s: %s", lim->resource, strerror(errno));
return -1;
}
+#else
+ ERROR("Cannot set limit %s as prlimit is missing", lim->resource);
+ return -1;
+#endif
}
return 0;
}

Loading…
Cancel
Save