Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0

Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.3 to 1.1.0. - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/master/CHANGELOG.md) - [Commits](https://github.com/opencontainers/runc/compare/v1.0.3...v1.1.0) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2025-11-14 01:57:58 +08:00 · 2022-01-19 12:09:54 +00:00
parent 094b11cbcb
commit a0165a64b9
37 changed files with 780 additions and 171 deletions
--- a/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go
@@ -1,5 +1,3 @@
-// +build linux
-
 package utils

 /*
@@ -88,6 +86,11 @@ func SendFd(socket *os.File, name string, fd uintptr) error {
 	if len(name) >= MaxNameLen {
 		return fmt.Errorf("sendfd: filename too long: %s", name)
 	}
-	oob := unix.UnixRights(int(fd))
-	return unix.Sendmsg(int(socket.Fd()), []byte(name), oob, nil, 0)
+	return SendFds(socket, []byte(name), int(fd))
+}
+
+// SendFds sends a list of files descriptor and msg over the given AF_UNIX socket.
+func SendFds(socket *os.File, msg []byte, fds ...int) error {
+	oob := unix.UnixRights(fds...)
+	return unix.Sendmsg(int(socket.Fd()), msg, oob, nil, 0)
 }
--- a/vendor/github.com/opencontainers/runc/libcontainer/utils/utils.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/utils/utils.go
@@ -11,7 +11,7 @@ import (
 	"strings"
 	"unsafe"

-	"github.com/cyphar/filepath-securejoin"
+	securejoin "github.com/cyphar/filepath-securejoin"
 	"golang.org/x/sys/unix"
 )

@@ -33,16 +33,6 @@ func init() {
 	}
 }

-// ResolveRootfs ensures that the current working directory is
-// not a symlink and returns the absolute path to the rootfs
-func ResolveRootfs(uncleanRootfs string) (string, error) {
-	rootfs, err := filepath.Abs(uncleanRootfs)
-	if err != nil {
-		return "", err
-	}
-	return filepath.EvalSymlinks(rootfs)
-}
-
 // ExitStatus returns the correct exit status for a process based on if it
 // was signaled or exited cleanly
 func ExitStatus(status unix.WaitStatus) int {
@@ -120,7 +110,7 @@ func WithProcfd(root, unsafePath string, fn func(procfd string) error) error {
 	unsafePath = stripRoot(root, unsafePath)
 	path, err := securejoin.SecureJoin(root, unsafePath)
 	if err != nil {
-		return fmt.Errorf("resolving path inside rootfs failed: %v", err)
+		return fmt.Errorf("resolving path inside rootfs failed: %w", err)
 	}

 	// Open the target path.
--- a/vendor/github.com/opencontainers/runc/libcontainer/utils/utils_unix.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/utils/utils_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package utils
@@ -14,7 +15,7 @@ import (
 func EnsureProcHandle(fh *os.File) error {
 	var buf unix.Statfs_t
 	if err := unix.Fstatfs(int(fh.Fd()), &buf); err != nil {
-		return fmt.Errorf("ensure %s is on procfs: %v", fh.Name(), err)
+		return fmt.Errorf("ensure %s is on procfs: %w", fh.Name(), err)
 	}
 	if buf.Type != unix.PROC_SUPER_MAGIC {
 		return fmt.Errorf("%s is not on procfs", fh.Name())
@@ -52,7 +53,7 @@ func CloseExecFrom(minFd int) error {
 		// Intentionally ignore errors from unix.CloseOnExec -- the cases where
 		// this might fail are basically file descriptors that have already
 		// been closed (including and especially the one that was created when
-		// ioutil.ReadDir did the "opendir" syscall).
+		// os.ReadDir did the "opendir" syscall).
 		unix.CloseOnExec(fd)
 	}
 	return nil