Signed-off-by: John Stephens <johnstep@docker.com>
(cherry picked from commit 8ed8f4a71d7e1a936fa077b4348b7375c81746a6)
Conflicts:
components/engine/distribution/pull_v2_windows.go
Signed-off-by: John Stephens <johnstep@docker.com>
Update logic to choose manifest from manifest list to check
for os version on Windows. Separate the logic for windows
and unix to keep unix logic the same.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
(cherry picked from commit 38aef56e1fcb8ea318df98c89cf002267b88a136)
Signed-off-by: John Stephens <johnstep@docker.com>
While this code was likely called from a single thread before, we have
now seen panics, indicating that it could be called in parallel. This
change adds a mutex to protect opening and closing of the channel. There
may be another root cause associated with this panic, such as something
that led to the calling of this in parallel, as this code is old and we
had seen this condition until recently.
This fix is by no means a permanent fix. Typically, bugs like this
indicate misplaced channel ownership. In idiomatic uses, the channel
should have a particular "owner" that coordinates sending and closure.
In this case, the owner of the channel is unclear, so it gets opened
lazily. Synchronizing this access is a decent solution, but a refactor
may yield better results.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
(cherry picked from commit 5b55747a523671fa6e626848060460a48d058451)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This test tries to pull all the tags in the busybox repo and looks to see
if there were more than two images pulled. This was failing on
p/z due to the recent change to manifest lists, where one of the busybox
tags didn't have a p/z manifest in it's manifest list.
This error seems fine to me, so I changed the test to see if pull fails,
it fails with the "manifest not found" error.
Also switched from busybox -> alpine, because it has significantly less tags,
and the images are close in size.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
(cherry picked from commit 5739ba1b918402b8eda748ac2f5dd7ce00f2e69f)
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
To ensure that we don't revert CVE-2017-14992, add a test that is quite
similar to that upstream tar-split test (create an empty archive with
lots of junk and make sure the daemon doesn't crash).
Signed-off-by: Aleksa Sarai <asarai@suse.de>
(cherry picked from commit 0a13f827a10d3bf61744d9b3f7165c5885a39c5d)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
This helper acts like /dev/zero (outputs \x00 indefinitely) in an
OS-independent fashion. This ensures we don't need to special-case
around Windows in tests that want to open /dev/zero.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
(cherry picked from commit 2f8d3e1c33f77187c68893803018756d43daff15)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
Update to the latest version of tar-split, which includes a change to
fix a memory exhaustion issue where a malformed image could cause the
Docker daemon to crash.
* tar: asm: store padding in chunks to avoid memory exhaustion
Fixes: CVE-2017-14992
Signed-off-by: Aleksa Sarai <asarai@suse.de>
(cherry picked from commit e0ff7cccc3cac73da41ec9ef007b0e4e97c55d01)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
This is writeable, and can be used to remove devices. Containers do
not need to know about scsi devices.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
(cherry picked from commit a21ecdf3c8a343a7c94e4c4d01b178c87ca7aaa1)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This is kernel config available in RHEL7.4 based kernels that enables
mountpoint removal where the mountpoint exists in other namespaces.
In particular this is important for making this pattern work:
```
umount -l /some/path
rm -r /some/path
```
Where `/some/path` exists in another mount namespace.
Setting this value will prevent `device or resource busy` errors when
attempting to the removal of `/some/path` in the example.
This setting is the default, and non-configurable, on upstream kernels
since 3.15.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 83c2152de503012195bd26069fd8fbd2dea4b32f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Shukui Yang <yangshukui@huawei.com>
(cherry picked from commit 9f38923901352459bb621d0b3587a6517e67eeb3)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When using a volume via the `Binds` API, a shared selinux label is
automatically set.
The `Mounts` API is not setting this, which makes volumes specified via
the mounts API useless when selinux is enabled.
This fix adopts the same selinux label for volumes on the mounts API as on
binds.
Note in the case of both the `Binds` API and the `Mounts` API, the
selinux label is only applied when the volume driver is the `local`
driver.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 5bbf5cc671ec8007bf8e0416799fff01d6a79b7e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
