From 40e728ef71ff6386b492e72b9026f3ff9c52dad7 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Aug 27 2020 11:53:39 +0000 Subject: crun-0.14.1-3 Signed-off-by: Giuseppe Scrivano --- diff --git a/0001-state-fix-race-condition-when-reading-cgroup.patch b/0001-state-fix-race-condition-when-reading-cgroup.patch new file mode 100644 index 0000000..cbdaf76 --- /dev/null +++ b/0001-state-fix-race-condition-when-reading-cgroup.patch @@ -0,0 +1,42 @@ +From 1a71c82ea9fd3561b16e2730bea9673219c15843 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Thu, 27 Aug 2020 12:10:21 +0200 +Subject: [PATCH] state: fix race condition when reading cgroup + +by the time crun attempts to read from the cgroup, systemd might have +already cleaned it up. When using systemd, on ENOENT state reports +the container as "stopped" instead of an error. + +Closes: https://github.com/containers/podman/issues/7148 + +Signed-off-by: Giuseppe Scrivano +--- + src/libcrun/container.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index 3723300..289e551 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -2112,7 +2112,17 @@ libcrun_get_container_state_string (const char *id, libcrun_container_status_t * + + ret = libcrun_cgroup_is_container_paused (status->cgroup_path, cgroup_mode, &paused, err); + if (UNLIKELY (ret < 0)) +- return ret; ++ { ++ /* The cgroup might have been cleaned up by systemd by the time we try to read it, so ignore ENOENT. */ ++ if (status->systemd_cgroup && crun_error_get_errno (err) == ENOENT) ++ { ++ crun_error_release (err); ++ *container_status = "stopped"; ++ return 0; ++ } ++ ++ return ret; ++ } + } + + if (! *running) +-- +2.26.2 + diff --git a/crun.spec b/crun.spec index b2aea90..195dcab 100644 --- a/crun.spec +++ b/crun.spec @@ -22,11 +22,13 @@ BuildRequires: libtool BuildRequires: go-md2man Provides: oci-runtime = 2 +Patch0: 0001-state-fix-race-condition-when-reading-cgroup.patch + %description crun is a runtime for running OCI containers %prep -%autosetup -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{version} %build ./autogen.sh @@ -44,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Aug 27 2020 Giuseppe Scrivano - 0.14.1-3 +- backport ed9c3e6f466dfb6d2e79802060fabd5f4b66f78e + * Mon Jul 27 2020 Fedora Release Engineering - 0.14.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild