From ff263648509ec679ae1487e3bc8a6fce1e03ec22 Mon Sep 17 00:00:00 2001
From: gaohuatao <gaohuatao@huawei.com>
Date: Wed, 28 Apr 2021 15:44:56 +0800
Subject: [PATCH] kata shimV2 support iSulad

Signed-off-by: gaohuatao <gaohuatao@huawei.com>
---
 kata-containers.spec                          |  13 +-
 runtime/kata-runtime.spec                     |  10 +-
 ...-containerd-shim-kata-v2-compile-bug.patch |  32 +++
 ...mv2-adapt-iSulad-and-open-build-flag.patch | 197 ++++++++++++++++++
 runtime/series.conf                           |   2 +
 5 files changed, 250 insertions(+), 4 deletions(-)
 create mode 100644 runtime/patches/0071-fix-containerd-shim-kata-v2-compile-bug.patch
 create mode 100644 runtime/patches/0072-kata-shimv2-adapt-iSulad-and-open-build-flag.patch

diff --git a/kata-containers.spec b/kata-containers.spec
index 7fd3010..d636c12 100644
--- a/kata-containers.spec
+++ b/kata-containers.spec
@@ -2,7 +2,7 @@
 %global debug_package %{nil}
 
 %define VERSION v1.11.1
-%define RELEASE 13
+%define RELEASE 14
 
 Name:           kata-containers
 Version:        %{VERSION}
@@ -70,8 +70,8 @@ install -p -m 755 -D %{_builddir}/kernel/linux/arch/arm64/boot/Image %{buildroot
 
 cd %{_builddir}/kata_integration
 mkdir -p -m 750  %{buildroot}/usr/bin
-strip ./build/kata-runtime ./build/kata-proxy ./build/kata-shim ./build/kata-netmon
-install -p -m 750 ./build/kata-runtime ./build/kata-proxy ./build/kata-shim ./build/kata-netmon %{buildroot}/usr/bin/
+strip ./build/kata-runtime ./build/kata-proxy ./build/kata-shim ./build/kata-netmon ./build/containerd-shim-kata-v2
+install -p -m 750 ./build/kata-runtime ./build/kata-proxy ./build/kata-shim ./build/kata-netmon ./build/containerd-shim-kata-v2 %{buildroot}/usr/bin/
 install -p -m 640 ./build/kata-containers-initrd.img %{buildroot}/var/lib/kata/
 mkdir -p -m 750 %{buildroot}/usr/share/defaults/kata-containers/
 install -p -m 640 -D ./runtime/cli/config/configuration-qemu.toml %{buildroot}/usr/share/defaults/kata-containers/configuration.toml
@@ -83,6 +83,7 @@ install -p -m 640 -D ./runtime/cli/config/configuration-qemu.toml %{buildroot}/u
 /usr/bin/kata-proxy
 /usr/bin/kata-shim
 /usr/bin/kata-netmon
+/usr/bin/containerd-shim-kata-v2
 /var/lib/kata/kernel
 /var/lib/kata/kata-containers-initrd.img
 %config(noreplace) /usr/share/defaults/kata-containers/configuration.toml
@@ -91,6 +92,12 @@ install -p -m 640 -D ./runtime/cli/config/configuration-qemu.toml %{buildroot}/u
 
 
 %changelog
+* Wed Apr 28 2021 gaohuatao <gaohuatao@huawei.com> - 1.11.1-14
+- Type:feature
+- ID:NA
+- SUG:NA
+- DESC:kata shimv2 adapt iSulad
+
 * Tue Mar 23 2021 jikui <jikui2@huawei.com> - 1.11.1-13
 - Type:bugfix
 - ID:NA
diff --git a/runtime/kata-runtime.spec b/runtime/kata-runtime.spec
index acef8ce..fb538d0 100644
--- a/runtime/kata-runtime.spec
+++ b/runtime/kata-runtime.spec
@@ -1,7 +1,7 @@
 %define debug_package %{nil}
 
 %define VERSION 1.11.1
-%define RELEASE 11
+%define RELEASE 12
 
 Name:           kata-runtime
 Version:        %{VERSION}
@@ -87,6 +87,7 @@ cd %{_builddir}/%{name}-%{version}
 mkdir -p -m 750  %{buildroot}/usr/bin
 install -p -m 750 ./kata-runtime %{buildroot}/usr/bin
 install -p -m 750 ./kata-netmon %{buildroot}/usr/bin
+install -p -m 750 ./containerd-shim-kata-v2 %{buildroot}/usr/bin
 mkdir -p -m 750 %{buildroot}/usr/share/defaults/kata-containers
 install -p -m 640 ./cli/config/configuration-qemu.toml %{buildroot}/usr/share/defaults/kata-containers/configuration.toml
 
@@ -95,9 +96,16 @@ install -p -m 640 ./cli/config/configuration-qemu.toml %{buildroot}/usr/share/de
 %files
 /usr/bin/kata-runtime
 /usr/bin/kata-netmon
+/usr/bin/containerd-shim-kata-v2
 /usr/share/defaults/kata-containers/configuration.toml
 
 %changelog
+* Wed Apr 28 2021 gaohuatao<gaohuatao@huawei.com> - 1.11.1-12
+- Type:feature
+- ID:NA
+- SUG:NA
+- DESC:support kata shimv2 used by iSulad and containerd
+
 * Tue Nov 17 2020 yangfeiyu<yangfeiyu20102011@163.com> - 1.11.1-11
 - Type:bugfix
 - ID:NA
diff --git a/runtime/patches/0071-fix-containerd-shim-kata-v2-compile-bug.patch b/runtime/patches/0071-fix-containerd-shim-kata-v2-compile-bug.patch
new file mode 100644
index 0000000..c5c2210
--- /dev/null
+++ b/runtime/patches/0071-fix-containerd-shim-kata-v2-compile-bug.patch
@@ -0,0 +1,32 @@
+From c9737d7702e4042bcc433da720611ebac06f6f6d Mon Sep 17 00:00:00 2001
+From: gaohuatao <gaohuatao@huawei.com>
+Date: Wed, 28 Apr 2021 15:04:02 +0800
+Subject: [PATCH 1/2] fix containerd shim kata v2 compile bug
+
+reason: fix containerd shim kata v2 compile bug
+
+Signed-off-by: gaohuatao <gaohuatao@huawei.com>
+---
+ containerd-shim-v2/metrics.go | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/containerd-shim-v2/metrics.go b/containerd-shim-v2/metrics.go
+index c936966..d59530f 100644
+--- a/containerd-shim-v2/metrics.go
++++ b/containerd-shim-v2/metrics.go
+@@ -172,9 +172,9 @@ func copyBlkio(s []vc.BlkioStatEntry) []*cgroups.BlkIOEntry {
+ 	return ret
+ }
+ 
+-func setNetworkStats(vcNetwork []*vc.NetworkStats) []*cgroups.NetworkStat {
+-	networkStats := make([]*cgroups.NetworkStat, len(vcNetwork))
+-	for i, v := range vcNetwork {
++func setNetworkStats(vcNetwork *vc.NetworkStats) []*cgroups.NetworkStat {
++	networkStats := make([]*cgroups.NetworkStat, len(vcNetwork.Interfaces))
++	for i, v := range vcNetwork.Interfaces {
+ 		networkStats[i] = &cgroups.NetworkStat{
+ 			Name:      v.Name,
+ 			RxBytes:   v.RxBytes,
+-- 
+2.20.1
+
diff --git a/runtime/patches/0072-kata-shimv2-adapt-iSulad-and-open-build-flag.patch b/runtime/patches/0072-kata-shimv2-adapt-iSulad-and-open-build-flag.patch
new file mode 100644
index 0000000..6c85157
--- /dev/null
+++ b/runtime/patches/0072-kata-shimv2-adapt-iSulad-and-open-build-flag.patch
@@ -0,0 +1,197 @@
+From 488ebd1f148bc9ddda9376a065d38cbc9bb9a0fe Mon Sep 17 00:00:00 2001
+From: gaohuatao <gaohuatao@huawei.com>
+Date: Wed, 28 Apr 2021 15:31:30 +0800
+Subject: [PATCH] kata shimv2 adapt iSulad and open build flag
+
+Signed-off-by: gaohuatao <gaohuatao@huawei.com>
+---
+ Makefile                                      |  2 +-
+ containerd-shim-v2/container.go               |  9 +++++
+ containerd-shim-v2/service.go                 | 38 +++++++++++++++++++
+ containerd-shim-v2/start.go                   | 10 +++++
+ .../containerd/runtime/v2/shim/shim.go        |  9 ++++-
+ 5 files changed, 65 insertions(+), 3 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index f7a9311..9957db9 100644
+--- a/Makefile
++++ b/Makefile
+@@ -505,7 +505,7 @@ define SHOW_ARCH
+   $(shell printf "\\t%s%s\\\n" "$(1)" $(if $(filter $(ARCH),$(1))," (default)",""))
+ endef
+ 
+-all: runtime netmon
++all: runtime containerd-shim-v2 netmon
+ 
+ # Targets that depend on .git-commit can use $(shell cat .git-commit) to get a
+ # git revision string.  They will only be rebuilt if the revision string
+diff --git a/containerd-shim-v2/container.go b/containerd-shim-v2/container.go
+index 6b5e994..fa7f15b 100644
+--- a/containerd-shim-v2/container.go
++++ b/containerd-shim-v2/container.go
+@@ -6,10 +6,13 @@
+ package containerdshim
+ 
+ import (
++	"os"
++	"path"
+ 	"time"
+ 
+ 	"github.com/containerd/containerd/api/types/task"
+ 	"github.com/containerd/containerd/errdefs"
++	cdshim "github.com/containerd/containerd/runtime/v2/shim"
+ 	taskAPI "github.com/containerd/containerd/runtime/v2/task"
+ 	"github.com/opencontainers/runtime-spec/specs-go"
+ 
+@@ -34,6 +37,8 @@ type container struct {
+ 	status   task.Status
+ 	terminal bool
+ 	mounted  bool
++	exitFifo string
++	exitFd   *os.File
+ }
+ 
+ func newContainer(s *service, r *taskAPI.CreateTaskRequest, containerType vc.ContainerType, spec *specs.Spec, mounted bool) (*container, error) {
+@@ -46,6 +51,9 @@ func newContainer(s *service, r *taskAPI.CreateTaskRequest, containerType vc.Con
+ 		spec = &specs.Spec{}
+ 	}
+ 
++	dir := os.Getenv(cdshim.ExitFifoDir)
++	exitFifo := path.Join(dir, r.ID, exitFifoName)
++
+ 	c := &container{
+ 		s:        s,
+ 		spec:     spec,
+@@ -61,6 +69,7 @@ func newContainer(s *service, r *taskAPI.CreateTaskRequest, containerType vc.Con
+ 		exitIOch: make(chan struct{}),
+ 		exitCh:   make(chan uint32, 1),
+ 		mounted:  mounted,
++		exitFifo: exitFifo,
+ 	}
+ 	return c, nil
+ }
+diff --git a/containerd-shim-v2/service.go b/containerd-shim-v2/service.go
+index 8e9b949..c85eb24 100644
+--- a/containerd-shim-v2/service.go
++++ b/containerd-shim-v2/service.go
+@@ -10,6 +10,7 @@ import (
+ 	"io/ioutil"
+ 	"os"
+ 	sysexec "os/exec"
++	"strconv"
+ 	"sync"
+ 	"syscall"
+ 	"time"
+@@ -48,6 +49,8 @@ const (
+ 	// A time span used to wait for publish a containerd event,
+ 	// once it costs a longer time than timeOut, it will be canceld.
+ 	timeOut = 5 * time.Second
++
++	exitFifoName = "exit_fifo"
+ )
+ 
+ var (
+@@ -883,7 +886,42 @@ func (s *service) Wait(ctx context.Context, r *taskAPI.WaitRequest) (_ *taskAPI.
+ func (s *service) processExits() {
+ 	for e := range s.ec {
+ 		s.checkProcesses(e)
++
++		if os.Getenv(cdshim.ExitFifoDir) != "" {
++			s.closeExitFifo(e)
++		}
++	}
++}
++
++func (s *service) closeExitFifo(e exit) {
++	if e.execid != "" {
++		// not a container, no need to close exit fifo
++		return
+ 	}
++
++	var ret uint32
++
++	s.mu.Lock()
++	c, err := s.getContainer(e.id)
++	s.mu.Unlock()
++
++	if err != nil {
++		logrus.WithError(err).Errorf("Process container:%v exit fifo failed", e.id)
++		return
++	}
++
++	ret = <-c.exitCh
++	// refill the exitCh with the container process's exit code in case
++	// there were other waits on this process.
++	c.exitCh <- ret
++	exitStr := strconv.FormatUint(uint64(ret), 10)
++
++	_, err = c.exitFd.Write([]byte(exitStr))
++	if err != nil {
++		logrus.WithError(err).Error("write exit fifo failed")
++	}
++
++	c.exitFd.Close()
+ }
+ 
+ func (s *service) checkProcesses(e exit) {
+diff --git a/containerd-shim-v2/start.go b/containerd-shim-v2/start.go
+index 173ca7c..bb3ce1d 100644
+--- a/containerd-shim-v2/start.go
++++ b/containerd-shim-v2/start.go
+@@ -8,8 +8,11 @@ package containerdshim
+ import (
+ 	"context"
+ 	"fmt"
++	"golang.org/x/sys/unix"
++	"os"
+ 
+ 	"github.com/containerd/containerd/api/types/task"
++	cdshim "github.com/containerd/containerd/runtime/v2/shim"
+ 	"github.com/kata-containers/runtime/pkg/katautils"
+ )
+ 
+@@ -53,6 +56,13 @@ func startContainer(ctx context.Context, s *service, c *container) error {
+ 
+ 	c.status = task.StatusRunning
+ 
++	if os.Getenv(cdshim.ExitFifoDir) != "" {
++		c.exitFd, err = os.OpenFile(c.exitFifo, unix.O_WRONLY|unix.O_NONBLOCK|unix.O_CLOEXEC, 0)
++		if err != nil {
++			return err
++		}
++	}
++
+ 	stdin, stdout, stderr, err := s.sandbox.IOStream(c.id, c.id)
+ 	if err != nil {
+ 		return err
+diff --git a/vendor/github.com/containerd/containerd/runtime/v2/shim/shim.go b/vendor/github.com/containerd/containerd/runtime/v2/shim/shim.go
+index d60d496..8bccfef 100644
+--- a/vendor/github.com/containerd/containerd/runtime/v2/shim/shim.go
++++ b/vendor/github.com/containerd/containerd/runtime/v2/shim/shim.go
+@@ -84,6 +84,8 @@ var (
+ 	action               string
+ )
+ 
++var ExitFifoDir = "EXIT_FIFO_DIR"
++
+ func parseFlags() {
+ 	flag.BoolVar(&debugFlag, "debug", false, "enable debug output in logs")
+ 	flag.StringVar(&namespaceFlag, "namespace", "", "namespace that owns the shim")
+@@ -198,9 +200,12 @@ func run(id string, initFunc Init, config Config) error {
+ 		}
+ 		return nil
+ 	default:
+-		if err := setLogger(ctx, idFlag); err != nil {
+-			return err
++		if os.Getenv("EXIT_FIFO_DIR") == "" {
++			if err := setLogger(ctx, idFlag); err != nil {
++				return err
++			}
+ 		}
++
+ 		client := NewShimClient(ctx, service, signals)
+ 		return client.Serve()
+ 	}
+-- 
+2.20.1
+
diff --git a/runtime/series.conf b/runtime/series.conf
index 3d6f95c..b258f07 100644
--- a/runtime/series.conf
+++ b/runtime/series.conf
@@ -68,3 +68,5 @@
 0068-kata-runtime-modify-make-flags.patch
 0069-kata-runtime-add-linkmode-to-resolve-build-error.patch
 0070-kata-runtime-remove-ctty-to-resolve-build-failed.patch
+0071-fix-containerd-shim-kata-v2-compile-bug.patch
+0072-kata-shimv2-adapt-iSulad-and-open-build-flag.patch
-- 
Gitee