diff --git a/docker.spec b/docker.spec index 8ae95bbee54546654eef9fa45355bb8a5ab5370e..4e27959a61c6b68d72eecd94997efa817fcf2cdb 100644 --- a/docker.spec +++ b/docker.spec @@ -1,6 +1,6 @@ Name: docker-engine Version: 18.09.0 -Release: 114 +Release: 115 Summary: The open-source application container engine Group: Tools/Docker @@ -211,6 +211,12 @@ fi %endif %changelog +* Thu Apr 01 2021 wangfengtu - 18.09.0-115 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:rollback if docker restart when doing BlkDiscard + * Thu Mar 18 2021 xiadanni - 18.09.0-114 - Type:bugfix - CVE:CVE-2021-21284,CVE-2021-21285 diff --git a/patch/0191-rollback-if-docker-restart-when-doing-BlkDiscard.patch b/patch/0191-rollback-if-docker-restart-when-doing-BlkDiscard.patch new file mode 100644 index 0000000000000000000000000000000000000000..1953bf733f0e7b2e8b961a9d074d8c41d37d672d --- /dev/null +++ b/patch/0191-rollback-if-docker-restart-when-doing-BlkDiscard.patch @@ -0,0 +1,55 @@ +From b7634618332c2d0ca7b59a4d63467c0038918ef0 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Thu, 1 Apr 2021 15:03:20 +0800 +Subject: [PATCH] rollback if docker restart when doing BlkDiscard + +Signed-off-by: WangFengTu +--- + .../daemon/graphdriver/devmapper/deviceset.go | 17 ++++++++--------- + 1 file changed, 8 insertions(+), 9 deletions(-) + +diff --git a/components/engine/daemon/graphdriver/devmapper/deviceset.go b/components/engine/daemon/graphdriver/devmapper/deviceset.go +index 750f2b13..9b6cb021 100644 +--- a/components/engine/daemon/graphdriver/devmapper/deviceset.go ++++ b/components/engine/daemon/graphdriver/devmapper/deviceset.go +@@ -2007,14 +2007,7 @@ func (devices *DeviceSet) markForDeferredDeletion(info *devInfo) error { + } + + // Should be called with devices.Lock() held. +-func (devices *DeviceSet) deleteTransaction(info *devInfo, syncDelete bool) error { +- if err := devices.openTransaction(info.Hash, info.DeviceID); err != nil { +- logrus.WithField("storage-driver", "devicemapper").Debugf("Error opening transaction hash = %s deviceId = %d", "", info.DeviceID) +- return err +- } +- +- defer devices.closeTransaction() +- ++func (devices *DeviceSet) deleteDeviceNoLock(info *devInfo, syncDelete bool) error { + err := devicemapper.DeleteDevice(devices.getPoolDevName(), info.DeviceID) + if err != nil { + // If syncDelete is true, we want to return error. If deferred +@@ -2078,6 +2071,12 @@ func (devices *DeviceSet) issueDiscard(info *devInfo) error { + + // Should be called with devices.Lock() held. + func (devices *DeviceSet) deleteDevice(info *devInfo, syncDelete bool) error { ++ if err := devices.openTransaction(info.Hash, info.DeviceID); err != nil { ++ logrus.WithField("storage-driver", "devicemapper").Debugf("Error opening transaction hash = %s deviceId = %d", "", info.DeviceID) ++ return err ++ } ++ defer devices.closeTransaction() ++ + if devices.doBlkDiscard { + if err := devices.issueDiscard(info); err != nil { + return err +@@ -2099,7 +2098,7 @@ func (devices *DeviceSet) deleteDevice(info *devInfo, syncDelete bool) error { + return err + } + +- return devices.deleteTransaction(info, syncDelete) ++ return devices.deleteDeviceNoLock(info, syncDelete) + } + + // DeleteDevice will return success if device has been marked for deferred +-- +2.25.1 + diff --git a/series.conf b/series.conf index e06b4d923cf7806b9016fafdca063a53a5813924..09b3213be6a648ec9af744991e67064359dd70fa 100644 --- a/series.conf +++ b/series.conf @@ -188,4 +188,5 @@ patch/0186-docker-fix-execCommands-leak-in-health-check.patch patch/0188-docker-check-containerd-pid-before-kill-it.patch patch/0189-docker-fix-Access-to-remapped-root-allows-privilege-.patch patch/0190-docker-fix-CVE-2021-21285.patch +patch/0191-rollback-if-docker-restart-when-doing-BlkDiscard.patch #end