docker

Author	SHA1	Message	Date
zhongjiawei	ea96e880ad	docker:thinpool full because docker daemon restart when docker pull (cherry picked from commit b2a0f1208e3496beda2021d6d88132421faa3f6f)	2023-06-09 10:58:35 +08:00
zhongjiawei	1f59c513a7	docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 (cherry picked from commit 89d75b17a59db0e702af8b015d43fdcc150810db)	2023-04-06 20:00:12 +08:00
zhongjiawei	7470010764	docker:sync some patches (cherry picked from commit 2e6b7fad8e6f9c3d6b654059eaa2dbebd9e16914)	2023-03-30 10:02:39 +08:00
zhongjiawei	52284b74eb	docker:try http for docker manifest insecure (cherry picked from commit 32b9a9fdb012d226da909b3249f7b8b4df7278b5)	2023-03-16 14:36:24 +08:00
JackChan8	63617251b6	docker: fix container missing after restarting dockerd twice fix #I6MJ4X (cherry picked from commit c449de66430e0546323a3b63f1ba78c449b077da)	2023-03-15 10:04:07 +08:00
chenjiankun	638e17af84	docker: set freezer.state to Thawed to increase freeze chances fix #I6EOOP docker pause/unpause with parallel docker exec can lead to freezing state, set freezer.state to Thawed to increase freeze chances (cherry picked from commit 6b695c68f87ef189c79797e95698ced4bf669f9d)	2023-02-17 16:52:28 +08:00
zhongjiawei	99fc560004	docker:do not stop health check before sending signal (cherry picked from commit 44b62dc88af07cc91a6cb523fa8cd3037c3c66be)	2022-12-01 16:28:40 +08:00
chenjiankun	05606411e0	docker: using VERSION-vendor to record version (cherry picked from commit 7847f38213109046bc356616b236865ef5dc708f)	2022-11-24 14:31:55 +08:00
chenjiankun	894f5c0d57	docker: fix dockerd core when release network fix #I627ON (cherry picked from commit eb9eabe25426f30d4690a9b651f7af7d5d715477)	2022-11-22 20:41:35 +08:00
chenjiankun	3d41826f07	docker: cleanup netns file when stop docker daemon fix #I5W2XY (cherry picked from commit a81ea9875a9ca5bb61fcccc747b4a9f73a175680)	2022-11-22 16:37:24 +08:00
chenjiankun	9bb3a56c0e	docker: ensure layer digest folder removed if ls.driver.Remove fails If image pull fails of context canceled, image layer will perform a rollback operation. When image layer is released, the diff folder of layer will be removed first, and then the digest folder will be removed. If the diff folder fails to be removed, such as operation not permitted or interrupted by others, both the digest folder and diff folder will remain on the disk, this will cause image not be complete and not repairable. So we should remove the digest folder first for image layers rollback and ensure image can be re-pulled completely. (cherry picked from commit 219f49ee216459dc50dcbddaade9828ad7fa31fb)	2022-09-16 09:23:38 +08:00
chenjiankun	06e6588807	docker: fix CVE-2022-36109 fix #I5QLCS (cherry picked from commit dde1451e0188d0be7b34c14b277b87dbf24e5581)	2022-09-15 16:28:51 +08:00
chenjiankun	d774ef3f7d	docker: Add an ExitPid field for State struct to record exit process id fix #I5OBUW (cherry picked from commit c8142e10cf71a5a38616f1a7277ed879e796adca)	2022-09-15 15:05:15 +08:00
chenjiankun	b0de51e996	[sync]docker: fix terminal abnormal after docker run fix #I5FTB4 fix #I5LDB4 fix #I5OBZ9 (cherry picked from commit b4a83d73a3cdba481691bf29f2f1f17a98d34a14)	2022-09-15 14:16:29 +08:00
chenjiankun	3de9bb5205	fix CVE-2021-41092 fix #I5D1C0 fix CVE-2021-41092 (cherry picked from commit b02354202ecd4d7f7153b7f2bfd971c9674d358c)	2022-06-28 19:30:18 +08:00
chenjiankun	3699f209c3	fix CVE-2021-41091 fix #I5CA8V fix CVE-2021-41091 (cherry picked from commit 11682acb91cea5b30488f14c5f693391f62fcce6)	2022-06-28 19:30:18 +08:00
chenjiankun	65e2e6f6a5	fix CVE-2021-41089 fix #I5CA8X (cherry picked from commit 57f2f606bf67d58e1993e0353244a5f6b60cb598)	2022-06-28 19:30:18 +08:00
chenjiankun	f8ffee8d73	close channel in write side to avoid panic in docker stats fix #I5ATMV (cherry picked from commit e30932844aeb7d94b6ec1491e63acb0d1a9a2b1a)	2022-06-28 19:30:18 +08:00
chenjiankun	95a9037aa0	fix status inconsistent after restart container fix #I5AIPF fix #I5AD5N (cherry picked from commit e72fc4bf764a9bca988612213a205c9534ca3c6f)	2022-06-28 19:30:18 +08:00
chenjiankun	cf8962ea99	docker: sync from sp1 (cherry picked from commit 660a50e8357f7dae94ab3cda8f42dda3bddf134b)	2022-06-28 15:54:39 +08:00
duyiwei	fbc718add8	fix CVE-2022-24769	2022-06-16 10:05:51 +08:00
xiadanni	931445117a	docker:update seccomp whitelist to Linux 5.10 syscall list reason: update seccomp whitelist to Linux 5.10 syscall list to meet the requirement that user uses image with new glibc version. Signed-off-by: xiadanni <xiadanni1@huawei.com> (cherry picked from commit ff5aa8ab6ec06b5101ef5787ca6f10e3f66c4a0f)	2021-10-12 14:49:09 +08:00
xiadanni	d2de75f5f0	docker:prevent an invalid image from crashing docker daemon (CVE-2021-21285) Change-Id: Ic43557af6156beb8b842e2dc9ba20eefa207abc0 Signed-off-by: xiadanni <xiadanni1@huawei.com> (cherry picked from commit 2a49c58d90a1efd68e87b61a0a475d730875e844)	2021-03-18 15:12:04 +08:00
xiadanni	5fc83aff47	docker:Fix Access to remapped root allows privilege escalation to real root (CVE-2021-21284) Change-Id: I483f23d368c047147932da22c80cf23c8944669b Signed-off-by: xiadanni <xiadanni1@huawei.com>	2021-03-05 11:24:44 +08:00
xiadanni	9fba6cf9d7	docker: sync bugfix and bump version Change-Id: I8fbbbe26d0279c9921416733ce36da9d57587240 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2021-03-05 11:24:18 +08:00
jingrui	adcc59f71c	docker: sync bugfix Change-Id: Ida64f926d5d3a2a1f99c8718918737836e256897 Signed-off-by: jingrui <jingrui@huawei.com>	2021-01-18 21:44:33 +08:00
zvier	449e60b25a	sync patches from internal Signed-off-by: liuzekun <liuzekun@huawei.com>	2020-11-28 11:20:04 +08:00
Grooooot	e7de2c79b3	docker: add patches Signed-off-by: Grooooot <isula@huawei.com>	2020-03-05 15:13:09 +08:00
dogsheng	be56a4fe89	Package init	2019-12-25 19:10:46 +08:00
overweight	6138d366d1	Package init	2019-09-30 10:37:25 -04:00

30 Commits