From f1affb0abb70cfedd6ade8471732bd8a1f044472 Mon Sep 17 00:00:00 2001
From: zhongjiawei <zhongjiawei1@huawei.com>
Date: Sun, 29 Sep 2024 15:05:30 +0800
Subject: [PATCH] runc:fix can't set cpuset-cpus and cpuset-mems at the same
 time

---
 git-commit                                    |  2 +-
 ...et-cpuset-cpus-and-cpuset-mems-at-th.patch | 28 +++++++++++++++++++
 runc.spec                                     |  8 +++++-
 series.conf                                   |  1 +
 4 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 patch/0059-runc-fix-can-t-set-cpuset-cpus-and-cpuset-mems-at-th.patch

diff --git a/git-commit b/git-commit
index 92d8930..0ae8246 100644
--- a/git-commit
+++ b/git-commit
@@ -1 +1 @@
-1251c89d252bb9f8136d47c5892497829e78683f
+ae908e306b8682a184ba191e4a810afe367c607c
diff --git a/patch/0059-runc-fix-can-t-set-cpuset-cpus-and-cpuset-mems-at-th.patch b/patch/0059-runc-fix-can-t-set-cpuset-cpus-and-cpuset-mems-at-th.patch
new file mode 100644
index 0000000..37aeeec
--- /dev/null
+++ b/patch/0059-runc-fix-can-t-set-cpuset-cpus-and-cpuset-mems-at-th.patch
@@ -0,0 +1,28 @@
+From 29a2bfe1e6197dd79a02e4e2a443ba21bc80c080 Mon Sep 17 00:00:00 2001
+From: zhongjiawei <zhongjiawei1@huawei.com>
+Date: Sun, 29 Sep 2024 15:01:34 +0800
+Subject: [PATCH] runc:fix can't set cpuset-cpus and cpuset-mems at the same
+ time
+
+---
+ libcontainer/cgroups/fs/cpuset.go | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/libcontainer/cgroups/fs/cpuset.go b/libcontainer/cgroups/fs/cpuset.go
+index 379407e..22b9011 100644
+--- a/libcontainer/cgroups/fs/cpuset.go
++++ b/libcontainer/cgroups/fs/cpuset.go
+@@ -146,7 +146,9 @@ func (s *CpusetGroup) setCpuset(path, cpuset string) error {
+ func (s *CpusetGroup) Set(path string, r *configs.Resources) error {
+ 	var ret error
+ 	if r.CpusetCpus != "" {
+-		return s.setCpuset(path, r.CpusetCpus)
++		if err := s.setCpuset(path, r.CpusetCpus); err != nil {
++			return err
++		}
+ 	}
+ 	if r.CpusetMems != "" {
+ 		if err := cgroups.WriteFile(path, "cpuset.mems", r.CpusetMems); err != nil {
+-- 
+2.33.0
+
diff --git a/runc.spec b/runc.spec
index ce9d3b3..18692a7 100644
--- a/runc.spec
+++ b/runc.spec
@@ -3,7 +3,7 @@
 
 Name: docker-runc
 Version: 1.1.3
-Release: 30
+Release: 31
 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
 
 License: ASL 2.0
@@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
 %{_bindir}/runc
 
 %changelog
+* Sun Sep 29 2024 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.3-31
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:fix can't set cpuset-cpus and cpuset-mems at the same time
+
 * Tue Sep 10 2024 Song Zhang<zhangsong34@huawei.com> - 1.1.3-30
 - Type:CVE
 - CVE:CVE-2024-45310
diff --git a/series.conf b/series.conf
index f6d29d3..67c4bba 100644
--- a/series.conf
+++ b/series.conf
@@ -56,3 +56,4 @@ patch/0055-runc-do-not-support-set-umask-through-native.umask.patch
 patch/0056-runc-format-log-instead-panic-when-procError-missing.patch
 patch/0057-rootfs-consolidate-mountpoint-creation-logic.patch
 patch/0058-rootfs-try-to-scope-MkdirAll-to-stay-inside-the-root.patch
+patch/0059-runc-fix-can-t-set-cpuset-cpus-and-cpuset-mems-at-th.patch
-- 
Gitee