Commit Graph

6659 Commits

Author SHA1 Message Date
Kir Kolyshkin 87bd784614 Add dmz-vs-selinux kludge and a way to disable it
Add a workaround for a problem of older container-selinux not allowing
runc to use dmz feature. If runc sees that SELinux is in enforced mode
and the container's SELinux label is set, it disables dmz.

Add a build tag, runc_dmz_selinux_nocompat, which disables the workaround.
Newer distros that ship container-selinux >= 2.224.0 (currently CentOS
Stream 8 and 9, RHEL 8 and 9, and Fedora 38+) may build runc with this
build tag set to benefit from dmz working with SELinux.

Document the build tag in the top-level and libct/dmz READMEs.

Use the build tag in our CI builds for CentOS Stream 9 and Fedora 38,
as they already has container-selinux 2.224.0 available in updates.

Add a TODO to use the build tag for CentOS Stream 8 once it has
container-selinux updated.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-30 16:55:41 -07:00
Kir Kolyshkin 393c7a81c9 README: fix reference to memfd-bind
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-30 16:55:41 -07:00
Kir Kolyshkin b39781b067 tests/int: add selinux test case
This is a test case to demonstrate the selinux vs dmz issue.

The issue is, runc calls selinux.SetExecLabel and then execs the
runc-dmz binary, but the execve is denied by selinux:

> type=PROCTITLE msg=audit(10/05/2023 22:54:07.911:10904) : proctitle=/tmp/bats-run-sGk2sn/runc.Ql243q/bundle/runc init
> type=SYSCALL msg=audit(10/05/2023 22:54:07.911:10904) : arch=x86_64 syscall=execveat success=no exit=EACCES(Permission denied) a0=0x6 a1=0xc0000b90fa a2=0xc0000a26a0 a3=0xc000024660 items=0 ppid=105316 pid=105327 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts0 ses=8 comm=runc:[2:INIT] exe=/tmp/bats-run-sGk2sn/runc.Ql243q/bundle/runc subj=unconfined_u:unconfined_r:container_runtime_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(10/05/2023 22:54:07.911:10904) : avc:  denied  { entrypoint } for  pid=105327 comm=runc:[2:INIT] path=/memfd:runc_cloned:runc-dmz (deleted) dev="tmpfs" ino=2341 scontext=system_u:system_r:container_t:s0:c4,c5 tcontext=unconfined_u:object_r:container_runtime_tmpfs_t:s0 tclass=file permissive=0

Once that error is fixed (by adding a selinux rule that enables it), we
see one more error, also related to executing a file on tmpfs.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-30 16:55:41 -07:00
Aleksa Sarai ef1166a554 Merge pull request from GHSA-5g49-rx9x-qfc6
libct/cgroups.OpenFile: clean "file" argument
2023-10-30 18:37:05 +11:00
lfbzhm 6aa4d8d791 Merge pull request #4082 from Zheaoli/manjusaka/support-personality
carry #3126: linux: Support setting execution domain via linux personality
2023-10-28 22:18:42 +08:00
Kir Kolyshkin 2c9598c886 libct/cgroups.OpenFile: clean "file" argument
This prevents potential exploit of using "../" in cgroups.OpenFile
(as well as other methods that use OpenFile) to read or write to
other cgroups.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-27 10:46:32 -07:00
Zheao.Li 98511bb40e linux: Support setting execution domain via linux personality
carry #3126

Co-authored-by: Aditya R <arajan@redhat.com>
Signed-off-by: Zheao.Li <me@manjusaka.me>
2023-10-27 19:33:37 +08:00
lfbzhm edd00eb3cb Merge pull request #4010 from HeRaNO/use-peak
feat: add `swapOnlyUsage` in `MemoryStats`
2023-10-25 22:18:02 +08:00
lfbzhm 1947d0c4b1 Merge pull request #3972 from mythi/misc-stats
libct/cg/stats: support misc for cgroup v2
2023-10-25 19:39:35 +08:00
Heran Yang 104b8dc951 libct/cg: add swapOnlyUsage in MemoryStats
This field reports swap-only usage. For cgroupv1, `Usage` and `Failcnt`
are set by subtracting memory usage from memory+swap usage. For cgroupv2,
`Usage`, `Limit`, and `MaxUsage` are set. This commit also export `MaxUsage`
of memory under cgroupv2 mode, using `memory.peak` introduced in kernel 5.19.

Signed-off-by: Heran Yang <heran55@126.com>
2023-10-25 09:47:25 +08:00
lfbzhm a68529ce5b Merge pull request #3967 from cyphar/remove-mount-fallback-flag
rootfs: remove --no-mount-fallback and finally fix MS_REMOUNT
2023-10-24 21:02:40 +08:00
Aleksa Sarai 7c71a22705 rootfs: remove --no-mount-fallback and finally fix MS_REMOUNT
The original reasoning for this option was to avoid having mount options
be overwritten by runc. However, adding command-line arguments has
historically been a bad idea because it forces strict-runc-compatible
OCI runtimes to copy out-of-spec features directly from runc and these
flags are usually quite difficult to enable by users when using runc
through several layers of engines and orchestrators.

A far more preferable solution is to have a heuristic which detects
whether copying the original mount's mount options would override an
explicit mount option specified by the user. In this case, we should
return an error. You only end up in this path in the userns case, if you
have a bind-mount source with locked flags.

During the course of writing this patch, I discovered that several
aspects of our handling of flags for bind-mounts left much to be
desired. We have completely botched the handling of explicitly cleared
flags since commit 97f5ee4e6a ("Only remount if requested flags differ
from current"), with our behaviour only becoming increasingly more weird
with 50105de1d8 ("Fix failure with rw bind mount of a ro fuse") and
da780e4d27 ("Fix bind mounts of filesystems with certain options
set"). In short, we would only clear flags explicitly request by the
user purely by chance, in ways that it really should've been reported to
us by now. The most egregious is that mounts explicitly marked "rw" were
actually mounted "ro" if the bind-mount source was "ro" and no other
special flags were included. In addition, our handling of atime was
completely broken -- mostly due to how subtle the semantics of atime are
on Linux.

Unfortunately, while the runtime-spec requires us to implement
mount(8)'s behaviour, several aspects of the util-linux mount(8)'s
behaviour are broken and thus copying them makes little sense. Since the
runtime-spec behaviour for this case (should mount options for a "bind"
mount use the "mount --bind -o ..." or "mount --bind -o remount,..."
semantics? Is the fallback code we have for userns actually
spec-compliant?) and the mount(8) behaviour (see [1]) are not
well-defined, this commit simply fixes the most obvious aspects of the
behaviour that are broken while keeping the current spirit of the
implementation.

NOTE: The handling of atime in the base case is left for a future PR to
deal with. This means that the atime of the source mount will be
silently left alone unless the fallback path needs to be taken, and any
flags not explicitly set will be cleared in the base case. Whether we
should always be operating as "mount --bind -o remount,..." (where we
default to the original mount source flags) is a topic for a separate PR
and (probably) associated runtime-spec PR.

So, to resolve this:

* We store which flags were explicitly requested to be cleared by the
  user, so that we can detect whether the userns fallback path would end
  up setting a flag the user explicitly wished to clear. If so, we
  return an error because we couldn't fulfil the configuration settings.

* Revert 97f5ee4e6a ("Only remount if requested flags differ from
  current"), as missing flags do not mean we can skip MS_REMOUNT (in
  fact, missing flags are how you indicate a flag needs to be cleared
  with mount(2)). The original purpose of the patch was to fix the
  userns issue, but as mentioned above the correct mechanism is to do a
  fallback mount that copies the lockable flags from statfs(2).

* Improve handling of atime in the fallback case by:
    - Correctly handling the returned flags in statfs(2).
    - Implement the MNT_LOCK_ATIME checks in our code to ensure we
      produce errors rather than silently producing incorrect atime
      mounts.

* Improve the tests so we correctly detect all of these contingencies,
  including a general "bind-mount atime handling" test to ensure that
  the behaviour described here is accurate.

This change also inlines the remount() function -- it was only ever used
for the bind-mount remount case, and its behaviour is very bind-mount
specific.

[1]: https://github.com/util-linux/util-linux/issues/2433

Reverts: 97f5ee4e6a ("Only remount if requested flags differ from current")
Fixes: 50105de1d8 ("Fix failure with rw bind mount of a ro fuse")
Fixes: da780e4d27 ("Fix bind mounts of filesystems with certain options set")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-10-24 17:28:25 +11:00
Kir Kolyshkin 153865d0fe tests/int: fix teardown in mounts_sshfs.bats
Function teardown assumes that every test case will call
setup_sshfs. Currently, this assumption is true, but once
a test case that won't call setup_sshfs is added (say because
it has some extra "requires" or "skip"), it will break bats,
so any bats invocation involving such a test case will end up
hanging after the last test case is run.

The reason is, we have set -u in helpers.bash to help catching the use
of undefined variables. In the above scenario, such a variable is DIR,
which is referenced in teardown but is only defined after a call to
setup_sshfs. As a result, bash that is running the teardown function
will exit upon seeing the first $DIR, and thus teardown_bundle won't be
run. This, in turn, results in a stale recvtty process, which inherits
bats' fd 3. Until that fd is closed, bats waits for test logs.

Long story short, the fix is to
 - check if DIR is set before referencing it;
 - unset it after unmount.

PS it is still not clear why there is no diagnostics about the failed
teardown.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-10-24 17:28:13 +11:00
Kir Kolyshkin 3272edfe3b Merge pull request #4085 from kolyshkin/fix-check_cgroup_value
CI fixes
2023-10-23 17:29:56 -07:00
Kir Kolyshkin 7f5daa8805 libct/cg/fs.Set: fix error message
There is no point in showing the underlying error when path == "",
because it is ENOENT.

Revert the change done in commit e1584831b6.

Fixes: e1584831b6
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-23 11:25:57 -07:00
Kir Kolyshkin 5ea7c60f33 tests/int: fix cgroup tests
Commit e1584831b6 did two modifications to check_cgroup_value():

1. It now skips the test if the file is not found.

2. If the comparison failed, a second comparison, with value divided by 1000,
   is performed.

These modifications were only needed for cpu.burst, but instead were done
in a generic function used from many cgroup tests. As a result, we can
no longer be sure about the test coverage (item 1) and the check being
correct (item 2) anymore. In fact, part of "update cgroup cpu limits"
test is currently skipped on CentOS 7 and 8 because of item 1.

To fix:
 - replace item 1 with a new "cgroups_cpu_burst" argument for "requires",
   and move the test to a separate case;
 - replace item 2 with a local change in check_cpu_burst.

Fixes: e1584831b6
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-23 11:25:57 -07:00
Kir Kolyshkin bbf8eff818 tests/int: fix "runc run (hugetlb limits)"
Recent commit 4a7d3ae5cd had a bug (extra period).

Fixes: 4a7d3ae5cd
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-23 11:25:48 -07:00
dependabot[bot] 37ad02b601 Merge pull request #4087 from opencontainers/dependabot/go_modules/github.com/cilium/ebpf-0.12.2 2023-10-23 15:15:49 +00:00
lfbzhm 0090e2acc1 Merge pull request #4084 from kolyshkin/no-retry
libct/cg: remove retry on EINTR in
2023-10-23 23:11:57 +08:00
dependabot[bot] d60d17a6ec build(deps): bump github.com/cilium/ebpf from 0.12.1 to 0.12.2
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.1...v0.12.2)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-23 04:08:30 +00:00
Kir Kolyshkin 9cd5d6cddf libct/cg: remove retry on EINTR in
Commit f34eb2c00 introduced a workaround to retry on EINTR due to changes in Go 1.14.
It was fixed in Go 1.15 [1], meaning a custom retry loop is no longer
necessary.

Keep the test case to avoid future regressions.

[1] https://github.com/golang/go/issues/38033

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-20 10:08:54 -07:00
dependabot[bot] cf4c7c902b Merge pull request #4080 from opencontainers/dependabot/go_modules/github.com/cilium/ebpf-0.12.1 2023-10-20 10:38:38 +00:00
dependabot[bot] 54d38c6143 build(deps): bump github.com/cilium/ebpf from 0.12.0 to 0.12.1
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.0...v0.12.1)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-20 15:03:40 +08:00
Aleksa Sarai 27eb67a649 merge #4079 into opencontainers/runc:main
Kir Kolyshkin (1):
  ci/gha: fix downloading Release.key

LGTMs: lifubang cyphar
2023-10-20 18:02:24 +11:00
Kir Kolyshkin f944d7b653 ci/gha: fix downloading Release.key
Since today, the URL from download.opensuse.org started returning a
HTTP 302 redirect, so -L option for curl is needed to follow it.

While at it, remove apt-key as per its man page recommendation:

> Note: Instead of using this command a keyring should be placed
> directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive
> name and either "gpg" or "asc" as file extension.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-19 21:12:30 -07:00
Kir Kolyshkin 93d16178d6 Merge pull request #4076 from kinvolk/rata/smaller-runc-dmz
libct/dmz: Support compiling on all arches
2023-10-19 17:08:53 -07:00
Mrunal Patel 437725c5cf Merge pull request #4073 from kolyshkin/hugetlb-rsvd
libct/cg: support hugetlb rsvd
2023-10-19 16:08:19 -07:00
Rodrigo Campos b6a0c483b7 libct/dmz: Support compiling on all arches
When we added nolibc, we started using it unconditionally. But runc is
currently being compiled on more arches than supported by nolibc, like
MIPS.

Let's compile using stdlib if the arch we are compiling on is not
supported by nolibc.

If compilation is broken in some arch, just removing it from the
NOLIBC_GOARCHES variable should fix the compilation, as it will fallback
to use the C stdlib.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2023-10-19 11:11:10 +02:00
Kir Kolyshkin 4a7d3ae5cd libct/cg: support hugetlb rsvd
This adds support for hugetlb.<pagesize>.rsvd limiting and accounting.

The previous non-rsvd max/limit_in_bytes does not account for reserved
huge page memory, making it possible for a processes to reserve all the
huge page memory, without being able to allocate it (due to cgroup
restrictions).

In practice this makes it possible to successfully mmap more huge page
memory than allowed via the cgroup settings, but when using the memory
the process will get a SIGBUS and crash. This is bad for applications
trying to mmap at startup (and it succeeds), but the program crashes
when starting to use the memory. eg. postgres is doing this by default.

This also keeps writing to the old max/limit_in_bytes, for backward
compatibility.

More info can be found here: https://lkml.org/lkml/2020/2/3/1153

(commit message mostly written by Odin Ugedal)

Co-authored-by: Odin Ugedal <odin@ugedal.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-13 22:55:24 -07:00
Akihiro Suda ac78d13271 Merge pull request #4070 from opencontainers/dependabot/go_modules/github.com/cilium/ebpf-0.12.0
build(deps): bump github.com/cilium/ebpf from 0.11.0 to 0.12.0
2023-10-13 02:46:01 +09:00
Sebastiaan van Stijn c494c475bd Merge pull request #4064 from kolyshkin/ce7-skip-flake
ci: skip TestPodSkipDevicesUpdate on CentOS 7
2023-10-12 10:55:22 +02:00
dependabot[bot] aec0dc7dcd build(deps): bump github.com/cilium/ebpf from 0.11.0 to 0.12.0
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](https://github.com/cilium/ebpf/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-12 04:42:12 +00:00
Akihiro Suda 0274ca2580 Merge pull request #4025 from lifubang/feat-sched-carry-3962
[Carry 3962] Support `process.scheduler`
2023-10-12 08:07:50 +09:00
Akihiro Suda 4232286180 Merge pull request #4067 from neersighted/syscall_cleanup
libcontainer: drop system.Setxid
2023-10-12 08:06:14 +09:00
Bjorn Neergaard 6f7266c3f7 libcontainer: drop system.Setxid
Since Go 1.16, [Go issue 1435][1] is solved, and the stdlib syscall
implementations work on Linux. While they are a bit more
flexible/heavier-weight than the implementations that were copied to
libcontainer/system (working across all threads), we compile with Cgo,
and using the libc wrappers should be just as suitable.

  [1]: https://github.com/golang/go/issues/1435

Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
2023-10-11 13:04:34 -06:00
dependabot[bot] 520a3d5c62 Merge pull request #4066 from opencontainers/dependabot/go_modules/golang.org/x/net-0.17.0 2023-10-11 05:19:21 +00:00
dependabot[bot] 2860708d73 build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-11 04:07:02 +00:00
Akihiro Suda 7809d6c614 Merge pull request #4061 from kolyshkin/makefile
Makefile: fixups and improvements
2023-10-11 07:36:03 +09:00
Kir Kolyshkin b8f75f3955 Makefile: move .PHONY to before each target
All the targets in the Makefile we have are phony (as we mostly rely on
go to figure out dependencies and whether to rebuild something), and
they have to be marked as such. We do that at the end of the file, and
the list is pretty long.

Instead, let's just add .PHONY before each target. That way it is easier
to spot any omissions.

Alternative solutions:
 - add ".PHONY: %"; it won't work as wildcards are not recongized in
   this context;
 - add "MAKEFLAGS += --always-make".

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-10 13:30:20 -07:00
Kir Kolyshkin bdf78b446b libct/cg/dev: add sync.Once to test case
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-10 13:27:22 -07:00
Kir Kolyshkin 46bfcac814 Makefile: avoid calling sub-make
Instead, rewrite the rules so that the targets are executed in the
needed order.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-06 15:10:31 -07:00
Kir Kolyshkin 961d0f124b Makefile: make verify-dmz-arch less talkative
Every `make` now produces something like this:

	make[1]: Entering directory '/home/kir/go/src/github.com/opencontainers/runc'
	readelf -h runc
	  Machine:                           Advanced Micro Devices X86-64
	  Flags:                             0x0
	readelf -h libcontainer/dmz/runc-dmz
	  Machine:                           Advanced Micro Devices X86-64
	  Flags:                             0x0
	runc-dmz architecture matches runc binary.
	make[1]: Leaving directory '/home/kir/go/src/github.com/opencontainers/runc'

That is a bit too much. Let's make it less verbose.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-06 15:10:31 -07:00
Kir Kolyshkin 90cbd1164c Merge pull request #4062 from opencontainers/dependabot/go_modules/golang.org/x/net-0.16.0
build(deps): bump golang.org/x/net from 0.15.0 to 0.16.0
2023-10-06 13:26:55 -07:00
Kir Kolyshkin fa8f38171c ci: skip TestPodSkipDevicesUpdate on CentOS 7
This test is as flaky as TestSkipDevices*, let's also t skip it on CentOS 7.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-06 13:11:40 -07:00
dependabot[bot] 927a5836f9 build(deps): bump golang.org/x/net from 0.15.0 to 0.16.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-06 20:05:17 +00:00
Kir Kolyshkin 033cc7aedb Merge pull request #4063 from opencontainers/dependabot/go_modules/golang.org/x/sys-0.13.0
build(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0
2023-10-06 13:04:30 -07:00
dependabot[bot] 0ab58aa208 build(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/sys/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-06 04:21:54 +00:00
lfbzhm 141835c4de Merge pull request #4056 from kolyshkin/umask-II
Fix directory perms vs umask for tmpcopyup
2023-10-05 13:03:21 +08:00
Kir Kolyshkin 730bc84418 Fix directory perms vs umask for tmpcopyup
Bump fileutils to v0.5.1, which fixes permissions of newly created directories
to not depend on the value of umask.

Add a test case which fails like this before the fix:

	mounts.bats
	 ✗ runc run [tmpcopyup]
	   (in test file tests/integration/mounts.bats, line 28)
	     `[[ "${lines[0]}" == *'drwxrwxrwx'* ]]' failed
	   runc spec (status=0):

	   runc run test_busybox (status=0):
	   drwxr-xr-x    2 root     root            40 Oct  4 22:35 /dir1/dir2

Fixes 3991.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-10-04 15:35:44 -07:00
utam0k 770728e16e Support process.scheduler
Spec: https://github.com/opencontainers/runtime-spec/pull/1188
Fix: https://github.com/opencontainers/runc/issues/3895

Co-authored-by: lifubang <lifubang@acmcoder.com>
Signed-off-by: utam0k <k0ma@utam0k.jp>
Signed-off-by: lifubang <lifubang@acmcoder.com>
2023-10-04 15:53:18 +08:00