From ec021fdebc4b4fbd761abd033909c2cc61a497dd Mon Sep 17 00:00:00 2001
From: Vighnesh Maheshwari <vighnesh.maheshwari@gmail.com>
Date: Wed, 5 Jun 2024 20:18:18 +0000
Subject: [PATCH] docker-engine: inject kmod in all containers

---
 ...02-oci-inject-kmod-in-all-containers.patch | 32 +++++++++++++++++++
 packages/docker-engine/docker-engine.spec     |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch

diff --git a/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch b/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch
new file mode 100644
index 00000000000..c75d9bb7371
--- /dev/null
+++ b/packages/docker-engine/0002-oci-inject-kmod-in-all-containers.patch
@@ -0,0 +1,32 @@
+From e35f5eeeaa4c7b9ec1ae0720fc7de0fc4d43e02f Mon Sep 17 00:00:00 2001
+From: Arnaldo Garcia Rincon <agarrcia@amazon.com>
+Date: Thu, 30 May 2024 14:38:33 +0000
+Subject: [PATCH] oci: inject kmod in all containers
+
+Append a new mount to the default spec created for Linux containers
+
+Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
+Signed-off-by: Vighnesh Maheshwari <vighmah@amazon.com>
+---
+ oci/defaults.go | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/oci/defaults.go b/oci/defaults.go
+index c3dae8b..2e90cfa 100644
+--- a/oci/defaults.go
++++ b/oci/defaults.go
+@@ -100,6 +100,12 @@ func DefaultLinuxSpec() specs.Spec {
+ 				Source:      "shm",
+ 				Options:     []string{"nosuid", "noexec", "nodev", "mode=1777"},
+ 			},
++			{
++				Destination: "/usr/local/sbin/modprobe",
++				Type:        "bind",
++				Source:      "/usr/bin/kmod",
++				Options:     []string{"exec", "bind", "ro"},
++			},
+ 		},
+ 		Linux: &specs.Linux{
+ 			MaskedPaths: []string{
+-- 
+2.44.0
diff --git a/packages/docker-engine/docker-engine.spec b/packages/docker-engine/docker-engine.spec
index d0cf0e3f7cb..f9ad8919ca2 100644
--- a/packages/docker-engine/docker-engine.spec
+++ b/packages/docker-engine/docker-engine.spec
@@ -30,6 +30,7 @@ Source100: prepare-var-lib-docker.service
 Source1000: clarify.toml
 
 Patch0001: 0001-Change-default-capabilities-using-daemon-config.patch
+Patch0002: 0002-oci-inject-kmod-in-all-containers.patch
 
 BuildRequires: git
 BuildRequires: %{_cross_os}glibc-devel