From 15dee0eab37cf8d4e25e69c339e560ff06d8706e Mon Sep 17 00:00:00 2001 From: chenjiankun Date: Thu, 3 Mar 2022 11:55:08 +0800 Subject: [PATCH] docker:sync from internal 1. fix images filter when use multi reference filter 2. fix network sandbox not cleaned up on failure 3. fix network sandbox not cleaned up on failure --- VERSION-openeuler | 2 +- docker-engine-openeuler.spec | 8 ++++- ...ages-filter-when-use-multi-reference.patch | 27 ++++++++++++++ .../0194-docker-fix-docker-rmi-stucking.patch | 26 ++++++++++++++ ...rk-sandbox-not-cleaned-up-on-failure.patch | 35 +++++++++++++++++++ series.conf | 3 ++ 6 files changed, 99 insertions(+), 2 deletions(-) create mode 100644 patch/0193-docker-fix-images-filter-when-use-multi-reference.patch create mode 100644 patch/0194-docker-fix-docker-rmi-stucking.patch create mode 100644 patch/0195-docker-fix-network-sandbox-not-cleaned-up-on-failure.patch diff --git a/VERSION-openeuler b/VERSION-openeuler index fa5e4c1..c75fc47 100644 --- a/VERSION-openeuler +++ b/VERSION-openeuler @@ -1 +1 @@ -18.09.0.206 +18.09.0.207 diff --git a/docker-engine-openeuler.spec b/docker-engine-openeuler.spec index 432c85f..cb95afc 100644 --- a/docker-engine-openeuler.spec +++ b/docker-engine-openeuler.spec @@ -1,6 +1,6 @@ Name: docker-engine Version: 18.09.0 -Release: 206 +Release: 207 Summary: The open-source application container engine Group: Tools/Docker @@ -201,6 +201,12 @@ fi %endif %changelog +* Thu Mar 3 2022 chenjiankun - 18.09.0-207 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:sync from internal + * Tue Oct 12 2021 xiadanni - 18.09.0-206 - Type:bugfix - ID:NA diff --git a/patch/0193-docker-fix-images-filter-when-use-multi-reference.patch b/patch/0193-docker-fix-images-filter-when-use-multi-reference.patch new file mode 100644 index 0000000..737a41a --- /dev/null +++ b/patch/0193-docker-fix-images-filter-when-use-multi-reference.patch @@ -0,0 +1,27 @@ +From 9bc663c3332937cdb55aa5e31957678fe605b168 Mon Sep 17 00:00:00 2001 +From: xiangrenzhi +Date: Thu, 25 Feb 2021 09:27:42 +0800 +Subject: [PATCH] docker: fix images filter when use multi reference filter + +Signed-off-by: xiangrenzhi +--- + components/engine/daemon/images/images.go | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/components/engine/daemon/images/images.go b/components/engine/daemon/images/images.go +index 49212341c..94e0c1eb8 100644 +--- a/components/engine/daemon/images/images.go ++++ b/components/engine/daemon/images/images.go +@@ -152,6 +152,9 @@ func (i *ImageService) Images(imageFilters filters.Args, all bool, withExtraAttr + if matchErr != nil { + return nil, matchErr + } ++ if found { ++ break ++ } + } + if !found { + continue +-- +2.19.1 + diff --git a/patch/0194-docker-fix-docker-rmi-stucking.patch b/patch/0194-docker-fix-docker-rmi-stucking.patch new file mode 100644 index 0000000..f67aad9 --- /dev/null +++ b/patch/0194-docker-fix-docker-rmi-stucking.patch @@ -0,0 +1,26 @@ +From ac36676aac3f2dfca8e1ac31115417919b9e0160 Mon Sep 17 00:00:00 2001 +From: xiangrenzhi +Date: Thu, 25 Feb 2021 09:37:29 +0800 +Subject: [PATCH] docker: fix docker rmi stucking + +Signed-off-by: xiangrenzhi +--- + components/engine/daemon/images/image_delete.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/components/engine/daemon/images/image_delete.go b/components/engine/daemon/images/image_delete.go +index 94d6f872d..fbd6c16b7 100644 +--- a/components/engine/daemon/images/image_delete.go ++++ b/components/engine/daemon/images/image_delete.go +@@ -369,7 +369,7 @@ func (i *ImageService) checkImageDeleteConflict(imgID image.ID, mask conflictTyp + if mask&conflictRunningContainer != 0 { + // Check if any running container is using the image. + running := func(c *container.Container) bool { +- return c.IsRunning() && c.ImageID == imgID ++ return c.ImageID == imgID && c.IsRunning() + } + if container := i.containers.First(running); container != nil { + return &imageDeleteConflict{ +-- +2.19.1 + diff --git a/patch/0195-docker-fix-network-sandbox-not-cleaned-up-on-failure.patch b/patch/0195-docker-fix-network-sandbox-not-cleaned-up-on-failure.patch new file mode 100644 index 0000000..508c26c --- /dev/null +++ b/patch/0195-docker-fix-network-sandbox-not-cleaned-up-on-failure.patch @@ -0,0 +1,35 @@ +From a0a85fc867a59c1ae7b6f4a36b624224dfdedeea Mon Sep 17 00:00:00 2001 +From: xiangrenzhi +Date: Thu, 25 Feb 2021 09:42:04 +0800 +Subject: [PATCH] docker: fix network sandbox not cleaned up on failure + +Signed-off-by: xiangrenzhi +--- + components/engine/daemon/container_operations.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/components/engine/daemon/container_operations.go b/components/engine/daemon/container_operations.go +index 909c7ccb2..39b52b037 100644 +--- a/components/engine/daemon/container_operations.go ++++ b/components/engine/daemon/container_operations.go +@@ -498,7 +498,7 @@ func (daemon *Daemon) updateContainerNetworkSettings(container *container.Contai + } + } + +-func (daemon *Daemon) allocateNetwork(container *container.Container) error { ++func (daemon *Daemon) allocateNetwork(container *container.Container) (retErr error) { + start := time.Now() + controller := daemon.netController + +@@ -566,7 +566,7 @@ func (daemon *Daemon) allocateNetwork(container *container.Container) error { + } + updateSandboxNetworkSettings(container, sb) + defer func() { +- if err != nil { ++ if retErr != nil { + sb.Delete() + } + }() +-- +2.19.1 + diff --git a/series.conf b/series.conf index 16c2403..5d5a287 100644 --- a/series.conf +++ b/series.conf @@ -186,4 +186,7 @@ patch/0189-docker-fix-Access-to-remapped-root-allows-privilege-.patch patch/0190-docker-fix-CVE-2021-21285.patch patch/0191-docker-add-clone3-to-seccomp-whitelist-to-fix-curl-f.patch patch/0192-docker-update-seccomp-whitelist-to-Linux-5.10-syscal.patch +patch/0193-docker-fix-images-filter-when-use-multi-reference.patch +patch/0194-docker-fix-docker-rmi-stucking.patch +patch/0195-docker-fix-network-sandbox-not-cleaned-up-on-failure.patch #end -- Gitee