From 895b7c37b55b8f1f6b8b3f30773fa5506f10a0c3 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Thu, 12 Mar 2020 15:27:05 +0800 Subject: [PATCH] Fix image/container broken bugs caused by poweroff Signed-off-by: WangFengTu --- ...age-load-time-and-append-image-names.patch | 4 +- patch/0002-add-image-integration-check.patch | 4 +- ...-vendor-support-setting-rootfs-quota.patch | 4 +- ...ndor-check-overlay-support-as-docker.patch | 4 +- ...dor-fix-parseSize-of-float-accurancy.patch | 4 +- ...e-minimum-size-of-rootfs-quota-to-4k.patch | 4 +- ...to-delete-metadata-before-image-data.patch | 4 +- patch/0008-same-add-group-should-skip.patch | 4 +- patch/0009-optimize-concurrent-run.patch | 4 +- ...rmal-scene-container-restart-failure.patch | 4 +- patch/0011-optimize-isulad_kit-operator.patch | 4 +- patch/0012-fix-compile-error.patch | 4 +- ...y-to-remove-all-layers-info-when-rmi.patch | 4 +- ...r-ensure-remove-container-rootfs-dir.patch | 4 +- ...tpoints.json-and-layers.json-in-save.patch | 4 +- ...r-fix-bug-of-concurrent-run-with-quo.patch | 4 +- ...-isulad-kit-vendor-fix-compile-error.patch | 4 +- patch/0018-remove-unused-code.patch | 4 +- patch/0019-optimize-mount-operator.patch | 4 +- patch/0020-Fix-file-retention-bug.patch | 4 +- ...ountCount-0-without-mount-point-file.patch | 4 +- ...022-encrypt-auth-config-and-add-lock.patch | 4 +- ...nge-perm-and-add-max-file-size-check.patch | 4 +- ...rce-remove-dir-with-rm-rf-in-overlay.patch | 4 +- ...oveAll-make-retry-count-from-5-to-50.patch | 4 +- ...report-error-log-when-openDir-failed.patch | 4 +- ...-direcotry-has-been-removed-when-fin.patch | 4 +- ...-by-remove-container.json-in-run-dir.patch | 4 +- patch/0029-Performace-optimization.patch | 4 +- patch/0030-Support-load-multiple-images.patch | 4 +- ...-Not-Acceptable-if-oci-image-in-firs.patch | 4 +- ...log-message-of-get-mountpoint-failed.patch | 4 +- ...-to-disk-if-images-s-name-is-removed.patch | 4 +- ...wers-file-if-current-layer-is-reusin.patch | 4 +- patch/0035-Fix-CVE-2018-15664.patch | 4 +- patch/0036-Change-interface-of-AES.patch | 4 +- ...0037-Change-iSulad-kit-to-iSulad-img.patch | 4 +- patch/0038-Fix-some-devicemapper-bugs.patch | 4 +- ...count-and-avoid-failure-when-unmount.patch | 4 +- .../0040-Add-unit-test-for-devicemapper.patch | 4 +- ...tDevmapperCreateEmpty-failed-if-umas.patch | 4 +- ...lete-cached-digest-when-delete-layer.patch | 4 +- .../0043-Support-check-layer-s-diffIDs.patch | 4 +- ...gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch | 4 +- ...-for-overlay2-overlay-do-not-remove-.patch | 44 +++++++++++++++ ...and-lower-files-to-avoid-broken-caus.patch | 53 +++++++++++++++++++ patch/series-patch.conf | 2 + 47 files changed, 187 insertions(+), 88 deletions(-) create mode 100644 patch/0045-When-id-is-empty-for-overlay2-overlay-do-not-remove-.patch create mode 100644 patch/0046-Sync-write-link-and-lower-files-to-avoid-broken-caus.patch diff --git a/patch/0001-add-image-load-time-and-append-image-names.patch b/patch/0001-add-image-load-time-and-append-image-names.patch index ed9963d..26650df 100644 --- a/patch/0001-add-image-load-time-and-append-image-names.patch +++ b/patch/0001-add-image-load-time-and-append-image-names.patch @@ -1,7 +1,7 @@ -From 57664b6ef063684838a8d6ecad2bb4818cadd423 Mon Sep 17 00:00:00 2001 +From 90133e535aba3230091c998a31cb1873cb6e0d8f Mon Sep 17 00:00:00 2001 From: LiFeng Date: Tue, 2 Apr 2019 23:37:17 -0400 -Subject: [PATCH 01/44] add image load time and append image names +Subject: [PATCH 01/46] add image load time and append image names reason: 1. add image load time 2. append image names when pull image diff --git a/patch/0002-add-image-integration-check.patch b/patch/0002-add-image-integration-check.patch index f761dff..6cc12b0 100644 --- a/patch/0002-add-image-integration-check.patch +++ b/patch/0002-add-image-integration-check.patch @@ -1,7 +1,7 @@ -From 4535c6f00e65afc7b856596901f80252ee5a2af0 Mon Sep 17 00:00:00 2001 +From 2fbf4bb9ec8ca93c1073127391f109a4417cabda Mon Sep 17 00:00:00 2001 From: LiFeng Date: Thu, 4 Apr 2019 11:03:15 -0400 -Subject: [PATCH 02/44] add image integration check +Subject: [PATCH 02/46] add image integration check Signed-off-by: LiFeng --- diff --git a/patch/0003-vendor-support-setting-rootfs-quota.patch b/patch/0003-vendor-support-setting-rootfs-quota.patch index 65fb67e..e119089 100644 --- a/patch/0003-vendor-support-setting-rootfs-quota.patch +++ b/patch/0003-vendor-support-setting-rootfs-quota.patch @@ -1,7 +1,7 @@ -From 030de04faab44d26f6cbbfa6a3cb2531ca237547 Mon Sep 17 00:00:00 2001 +From daa65a17fda9ac6bd40d58be991d4b2956397d5b Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Tue, 9 Apr 2019 01:32:27 -0400 -Subject: [PATCH 03/44] vendor: support setting rootfs quota +Subject: [PATCH 03/46] vendor: support setting rootfs quota Signed-off-by: TanYiFeng --- diff --git a/patch/0004-isulad-kit-vendor-check-overlay-support-as-docker.patch b/patch/0004-isulad-kit-vendor-check-overlay-support-as-docker.patch index 479778d..289e072 100644 --- a/patch/0004-isulad-kit-vendor-check-overlay-support-as-docker.patch +++ b/patch/0004-isulad-kit-vendor-check-overlay-support-as-docker.patch @@ -1,7 +1,7 @@ -From ecfabaf09e36bdd0a00eee43ba943694c5d287f9 Mon Sep 17 00:00:00 2001 +From 835938d4b536e3ac448c9629432f5542cd7f9677 Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Tue, 9 Apr 2019 12:19:49 -0400 -Subject: [PATCH 04/44] isulad-kit-vendor: check overlay support as docker +Subject: [PATCH 04/46] isulad-kit-vendor: check overlay support as docker we may got failed if always detect multi lower layer mount, when writed data more than rootfs quota for arm machine diff --git a/patch/0005-isulad-kit-vendor-fix-parseSize-of-float-accurancy.patch b/patch/0005-isulad-kit-vendor-fix-parseSize-of-float-accurancy.patch index 8785fe8..23806e4 100644 --- a/patch/0005-isulad-kit-vendor-fix-parseSize-of-float-accurancy.patch +++ b/patch/0005-isulad-kit-vendor-fix-parseSize-of-float-accurancy.patch @@ -1,7 +1,7 @@ -From af6021ae1d26b779ce8305c543e041c857f73107 Mon Sep 17 00:00:00 2001 +From 823bc6efd3b724558262fe62dbc6adcadfbb4f55 Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Tue, 16 Apr 2019 00:44:20 -0400 -Subject: [PATCH 05/44] isulad-kit-vendor: fix parseSize of float accurancy +Subject: [PATCH 05/46] isulad-kit-vendor: fix parseSize of float accurancy Signed-off-by: TanYiFeng --- diff --git a/patch/0006-limit-the-minimum-size-of-rootfs-quota-to-4k.patch b/patch/0006-limit-the-minimum-size-of-rootfs-quota-to-4k.patch index a0a7799..f7dc279 100644 --- a/patch/0006-limit-the-minimum-size-of-rootfs-quota-to-4k.patch +++ b/patch/0006-limit-the-minimum-size-of-rootfs-quota-to-4k.patch @@ -1,7 +1,7 @@ -From d94dfd814fa18279527a02725286d2750084aa2d Mon Sep 17 00:00:00 2001 +From 142be14948ee2f892077faefa9f03a484f7e5e28 Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Tue, 16 Apr 2019 10:53:52 -0400 -Subject: [PATCH 06/44] limit the minimum size of rootfs quota to 4k +Subject: [PATCH 06/46] limit the minimum size of rootfs quota to 4k Signed-off-by: TanYiFeng --- diff --git a/patch/0007-delete-try-to-delete-metadata-before-image-data.patch b/patch/0007-delete-try-to-delete-metadata-before-image-data.patch index fb692dd..f39bad5 100644 --- a/patch/0007-delete-try-to-delete-metadata-before-image-data.patch +++ b/patch/0007-delete-try-to-delete-metadata-before-image-data.patch @@ -1,7 +1,7 @@ -From 96918407bae33dd419a3910bb9c406fe972450de Mon Sep 17 00:00:00 2001 +From 16e4eb29be60a841be68bc652d0e7c30fbeccc4e Mon Sep 17 00:00:00 2001 From: LiFeng Date: Thu, 18 Apr 2019 05:04:18 -0400 -Subject: [PATCH 07/44] delete: try to delete metadata before image data +Subject: [PATCH 07/46] delete: try to delete metadata before image data Signed-off-by: LiFeng --- diff --git a/patch/0008-same-add-group-should-skip.patch b/patch/0008-same-add-group-should-skip.patch index cebc432..8b52942 100644 --- a/patch/0008-same-add-group-should-skip.patch +++ b/patch/0008-same-add-group-should-skip.patch @@ -1,7 +1,7 @@ -From 00cb578446ee4484d1c7def236a28c232cb8922c Mon Sep 17 00:00:00 2001 +From 72bbe29714119d8950b3c67a9d6267ace6835869 Mon Sep 17 00:00:00 2001 From: LiuHao Date: Fri, 19 Apr 2019 17:15:29 +0800 -Subject: [PATCH 08/44] same add group should skip +Subject: [PATCH 08/46] same add group should skip same add group should skip diff --git a/patch/0009-optimize-concurrent-run.patch b/patch/0009-optimize-concurrent-run.patch index e507170..1d76a3f 100644 --- a/patch/0009-optimize-concurrent-run.patch +++ b/patch/0009-optimize-concurrent-run.patch @@ -1,7 +1,7 @@ -From e530ddf30fed6c8679067201cb7e2bc968ad0427 Mon Sep 17 00:00:00 2001 +From fc70e3d4f9b01c25a46d68907f5c3cc51edee3b3 Mon Sep 17 00:00:00 2001 From: LiuHao Date: Thu, 25 Apr 2019 18:00:18 +0800 -Subject: [PATCH 09/44] optimize concurrent run +Subject: [PATCH 09/46] optimize concurrent run Signed-off-by: LiuHao --- diff --git a/patch/0010-abnormal-scene-container-restart-failure.patch b/patch/0010-abnormal-scene-container-restart-failure.patch index a3d0044..0a6f49f 100644 --- a/patch/0010-abnormal-scene-container-restart-failure.patch +++ b/patch/0010-abnormal-scene-container-restart-failure.patch @@ -1,7 +1,7 @@ -From 525be3b2f8e7c98de5e2c383fe6f22008a508afa Mon Sep 17 00:00:00 2001 +From 487335eb32acda31634a01ac7450db079c2d823e Mon Sep 17 00:00:00 2001 From: WuJing Date: Mon, 29 Apr 2019 16:46:09 +0800 -Subject: [PATCH 10/44] abnormal scene container restart failure +Subject: [PATCH 10/46] abnormal scene container restart failure Solve the problem that the mountpoint.json write fails due to an abnormal condition, causing the container to fail to diff --git a/patch/0011-optimize-isulad_kit-operator.patch b/patch/0011-optimize-isulad_kit-operator.patch index 21d1d79..1f00d25 100644 --- a/patch/0011-optimize-isulad_kit-operator.patch +++ b/patch/0011-optimize-isulad_kit-operator.patch @@ -1,7 +1,7 @@ -From 8c208c0d38306ef6bf5a02037b8e9cf975f5369a Mon Sep 17 00:00:00 2001 +From c890c03f1bd32df21e0e75c8b97640831f2527e0 Mon Sep 17 00:00:00 2001 From: LiuHao Date: Thu, 2 May 2019 11:25:07 +0800 -Subject: [PATCH 11/44] optimize isulad_kit operator +Subject: [PATCH 11/46] optimize isulad_kit operator get mountpoint from driver diff --git a/patch/0012-fix-compile-error.patch b/patch/0012-fix-compile-error.patch index f71d255..26d324e 100644 --- a/patch/0012-fix-compile-error.patch +++ b/patch/0012-fix-compile-error.patch @@ -1,7 +1,7 @@ -From b1e79c0c65fda2743940db3491da64899d8802ac Mon Sep 17 00:00:00 2001 +From 6ba90504cd69e51a786d639254cdb773d774570f Mon Sep 17 00:00:00 2001 From: LiuHao Date: Thu, 2 May 2019 11:56:34 +0800 -Subject: [PATCH 12/44] fix compile error +Subject: [PATCH 12/46] fix compile error fix compile error diff --git a/patch/0013-rmi-try-to-remove-all-layers-info-when-rmi.patch b/patch/0013-rmi-try-to-remove-all-layers-info-when-rmi.patch index b74c498..94de839 100644 --- a/patch/0013-rmi-try-to-remove-all-layers-info-when-rmi.patch +++ b/patch/0013-rmi-try-to-remove-all-layers-info-when-rmi.patch @@ -1,7 +1,7 @@ -From b441d9764d3e2c3222fb0104ddbb3ec690330b71 Mon Sep 17 00:00:00 2001 +From 6c4dfcf9153eca15655a87fe2067bb79e5f34204 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Tue, 7 May 2019 03:40:58 -0400 -Subject: [PATCH 13/44] rmi: try to remove all layers info when rmi +Subject: [PATCH 13/46] rmi: try to remove all layers info when rmi Signed-off-by: LiFeng --- diff --git a/patch/0014-isulad-kit-vendor-ensure-remove-container-rootfs-dir.patch b/patch/0014-isulad-kit-vendor-ensure-remove-container-rootfs-dir.patch index d50e8d7..26f145c 100644 --- a/patch/0014-isulad-kit-vendor-ensure-remove-container-rootfs-dir.patch +++ b/patch/0014-isulad-kit-vendor-ensure-remove-container-rootfs-dir.patch @@ -1,7 +1,7 @@ -From c989dd7f6c66c235415734aff7fdb7ba64527ae5 Mon Sep 17 00:00:00 2001 +From 11844cb70ab93e263b9c8b8b8d400bb9d881e08d Mon Sep 17 00:00:00 2001 From: WuJing Date: Mon, 13 May 2019 09:31:43 +0800 -Subject: [PATCH 14/44] isulad-kit-vendor: ensure remove container rootfs dir +Subject: [PATCH 14/46] isulad-kit-vendor: ensure remove container rootfs dir when errmsg contain "File name too long" Signed-off-by: WuJing diff --git a/patch/0015-split-mountpoints.json-and-layers.json-in-save.patch b/patch/0015-split-mountpoints.json-and-layers.json-in-save.patch index 2560fdb..71bc2e1 100644 --- a/patch/0015-split-mountpoints.json-and-layers.json-in-save.patch +++ b/patch/0015-split-mountpoints.json-and-layers.json-in-save.patch @@ -1,7 +1,7 @@ -From a55568273e6419dae02afad5334db777c00177e9 Mon Sep 17 00:00:00 2001 +From e4513cacdaca5e57d75ccba08f951faec4658db9 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Mon, 13 May 2019 04:58:15 -0400 -Subject: [PATCH 15/44] split mountpoints.json and layers.json in save +Subject: [PATCH 15/46] split mountpoints.json and layers.json in save Signed-off-by: LiFeng --- diff --git a/patch/0016-isulad-kit-vendor-fix-bug-of-concurrent-run-with-quo.patch b/patch/0016-isulad-kit-vendor-fix-bug-of-concurrent-run-with-quo.patch index 9c1e344..689bc48 100644 --- a/patch/0016-isulad-kit-vendor-fix-bug-of-concurrent-run-with-quo.patch +++ b/patch/0016-isulad-kit-vendor-fix-bug-of-concurrent-run-with-quo.patch @@ -1,7 +1,7 @@ -From ef475a07a65454baa515090c8c58d73a01ff4e75 Mon Sep 17 00:00:00 2001 +From b3e4ebe1ae5f22d0a0ae07d6b2f3459ad53868c4 Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Mon, 20 May 2019 10:05:08 -0400 -Subject: [PATCH 16/44] isulad-kit-vendor: fix bug of concurrent run with quota +Subject: [PATCH 16/46] isulad-kit-vendor: fix bug of concurrent run with quota reason: setProjectQuota using common mutex to avoid set the same project id for diffrent containers, this may also get the same diff --git a/patch/0017-isulad-kit-vendor-fix-compile-error.patch b/patch/0017-isulad-kit-vendor-fix-compile-error.patch index 2ed3a7e..9660498 100644 --- a/patch/0017-isulad-kit-vendor-fix-compile-error.patch +++ b/patch/0017-isulad-kit-vendor-fix-compile-error.patch @@ -1,7 +1,7 @@ -From 05b4bf45f4400e474ce90a9365741768f7d20d9b Mon Sep 17 00:00:00 2001 +From f0b94f08133156058ce0e75354ac63efe0676e5f Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Mon, 20 May 2019 10:31:12 -0400 -Subject: [PATCH 17/44] isulad-kit-vendor: fix compile error +Subject: [PATCH 17/46] isulad-kit-vendor: fix compile error Signed-off-by: TanYiFeng --- diff --git a/patch/0018-remove-unused-code.patch b/patch/0018-remove-unused-code.patch index d2bd6b0..dc1d22b 100644 --- a/patch/0018-remove-unused-code.patch +++ b/patch/0018-remove-unused-code.patch @@ -1,7 +1,7 @@ -From d0abc3352bae22e1192c139a53bf61742776cc2b Mon Sep 17 00:00:00 2001 +From bcc282a8741c266209c2cc40d442c1442e495caf Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Mon, 20 May 2019 10:45:55 -0400 -Subject: [PATCH 18/44] remove unused code +Subject: [PATCH 18/46] remove unused code Signed-off-by: TanYiFeng --- diff --git a/patch/0019-optimize-mount-operator.patch b/patch/0019-optimize-mount-operator.patch index 40d6f64..723fdbc 100644 --- a/patch/0019-optimize-mount-operator.patch +++ b/patch/0019-optimize-mount-operator.patch @@ -1,7 +1,7 @@ -From f2144981f69dc6b92543a4b893f9e44b4877ccf2 Mon Sep 17 00:00:00 2001 +From 849a38a20e81db956a775857ddaf041607dc7efa Mon Sep 17 00:00:00 2001 From: LiuHao Date: Sat, 25 May 2019 16:45:28 +0800 -Subject: [PATCH 19/44] optimize mount operator +Subject: [PATCH 19/46] optimize mount operator 1. split mountpoints.json to each container 2. refactor mount operator diff --git a/patch/0020-Fix-file-retention-bug.patch b/patch/0020-Fix-file-retention-bug.patch index 2f91593..7d97cb1 100644 --- a/patch/0020-Fix-file-retention-bug.patch +++ b/patch/0020-Fix-file-retention-bug.patch @@ -1,7 +1,7 @@ -From 6eda036cae2d7fc7c390d3e56a9aaf3a13498568 Mon Sep 17 00:00:00 2001 +From 02d1d93d12f09e3fce29bd919ff4f74a5938a8d9 Mon Sep 17 00:00:00 2001 From: WuJing Date: Mon, 10 Jun 2019 10:54:43 +0800 -Subject: [PATCH 20/44] Fix file retention bug +Subject: [PATCH 20/46] Fix file retention bug Signed-off-by: WuJing --- diff --git a/patch/0021-set-layer-MountCount-0-without-mount-point-file.patch b/patch/0021-set-layer-MountCount-0-without-mount-point-file.patch index 7388778..a72d695 100644 --- a/patch/0021-set-layer-MountCount-0-without-mount-point-file.patch +++ b/patch/0021-set-layer-MountCount-0-without-mount-point-file.patch @@ -1,7 +1,7 @@ -From b5aae8d3b2a4fe461314d608f6853238a517eef5 Mon Sep 17 00:00:00 2001 +From 74ea70c59fbf02c5b5d0e818c06df5da59939c38 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Mon, 10 Jun 2019 09:41:44 -0400 -Subject: [PATCH 21/44] set layer MountCount = 0 without mount point file +Subject: [PATCH 21/46] set layer MountCount = 0 without mount point file Signed-off-by: LiFeng --- diff --git a/patch/0022-encrypt-auth-config-and-add-lock.patch b/patch/0022-encrypt-auth-config-and-add-lock.patch index 02eb614..24449ba 100644 --- a/patch/0022-encrypt-auth-config-and-add-lock.patch +++ b/patch/0022-encrypt-auth-config-and-add-lock.patch @@ -1,7 +1,7 @@ -From 9d3749d2ceb049dbc6c431f87197350624380b54 Mon Sep 17 00:00:00 2001 +From c5e4bfdad2a0d7d66bb11275dddbdcdc229c5490 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 18 Jun 2019 14:12:33 +0800 -Subject: [PATCH 22/44] encrypt auth config and add lock +Subject: [PATCH 22/46] encrypt auth config and add lock Signed-off-by: WangFengTu --- diff --git a/patch/0023-Change-perm-and-add-max-file-size-check.patch b/patch/0023-Change-perm-and-add-max-file-size-check.patch index 56c6c52..1756df3 100644 --- a/patch/0023-Change-perm-and-add-max-file-size-check.patch +++ b/patch/0023-Change-perm-and-add-max-file-size-check.patch @@ -1,7 +1,7 @@ -From 0b79890c8f9a1fb4f010a56142ab63821574c5d1 Mon Sep 17 00:00:00 2001 +From 0c070aaad0d7d549ba36c26dbb98f2746d2d7979 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Thu, 4 Jul 2019 16:19:56 +0800 -Subject: [PATCH 23/44] Change perm and add max file size check +Subject: [PATCH 23/46] Change perm and add max file size check Signed-off-by: WangFengTu --- diff --git a/patch/0024-force-remove-dir-with-rm-rf-in-overlay.patch b/patch/0024-force-remove-dir-with-rm-rf-in-overlay.patch index 594f65f..3a89295 100644 --- a/patch/0024-force-remove-dir-with-rm-rf-in-overlay.patch +++ b/patch/0024-force-remove-dir-with-rm-rf-in-overlay.patch @@ -1,7 +1,7 @@ -From 1c78fbc9d3eb97d6e8fd7eb2e1685921ce2f5844 Mon Sep 17 00:00:00 2001 +From 732360998205ab672e23c85bc9cfc22fc75133c4 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Thu, 18 Jul 2019 06:20:49 -0400 -Subject: [PATCH 24/44] force remove dir with rm -rf in overlay +Subject: [PATCH 24/46] force remove dir with rm -rf in overlay Signed-off-by: LiFeng --- diff --git a/patch/0025-EnsureRemoveAll-make-retry-count-from-5-to-50.patch b/patch/0025-EnsureRemoveAll-make-retry-count-from-5-to-50.patch index 0b6fa61..b1b2ccf 100644 --- a/patch/0025-EnsureRemoveAll-make-retry-count-from-5-to-50.patch +++ b/patch/0025-EnsureRemoveAll-make-retry-count-from-5-to-50.patch @@ -1,7 +1,7 @@ -From 21dac1a413544c69ad5997c437f4893348be5477 Mon Sep 17 00:00:00 2001 +From 3e5f0d06a61566ba6d5ae7e4d0b3223aee772972 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Mon, 22 Jul 2019 03:52:09 -0400 -Subject: [PATCH 25/44] EnsureRemoveAll make retry count from 5 to 50 +Subject: [PATCH 25/46] EnsureRemoveAll make retry count from 5 to 50 Signed-off-by: LiFeng --- diff --git a/patch/0026-report-error-log-when-openDir-failed.patch b/patch/0026-report-error-log-when-openDir-failed.patch index e0b620a..1a4f914 100644 --- a/patch/0026-report-error-log-when-openDir-failed.patch +++ b/patch/0026-report-error-log-when-openDir-failed.patch @@ -1,7 +1,7 @@ -From d1fedabae02145af3b5abef0f32da2146ec42d97 Mon Sep 17 00:00:00 2001 +From 75bf974aa41d60abd43b9ece6ce8b6feb3457d7c Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Fri, 26 Jul 2019 05:02:55 -0400 -Subject: [PATCH 26/44] report error log when openDir failed +Subject: [PATCH 26/46] report error log when openDir failed Signed-off-by: TanYiFeng --- diff --git a/patch/0027-ignore-ENOENT-if-direcotry-has-been-removed-when-fin.patch b/patch/0027-ignore-ENOENT-if-direcotry-has-been-removed-when-fin.patch index 6421476..4aa692c 100644 --- a/patch/0027-ignore-ENOENT-if-direcotry-has-been-removed-when-fin.patch +++ b/patch/0027-ignore-ENOENT-if-direcotry-has-been-removed-when-fin.patch @@ -1,7 +1,7 @@ -From 61c20c18c5171639e0c2afcce052eff7394a4aa7 Mon Sep 17 00:00:00 2001 +From 405e83ab82f6d4031e23e587e224ae7c63e5be2d Mon Sep 17 00:00:00 2001 From: TanYiFeng Date: Fri, 9 Aug 2019 04:56:23 -0400 -Subject: [PATCH 27/44] ignore ENOENT if direcotry has been removed when find +Subject: [PATCH 27/46] ignore ENOENT if direcotry has been removed when find next project id Signed-off-by: TanYiFeng diff --git a/patch/0028-fixbug-cause-by-remove-container.json-in-run-dir.patch b/patch/0028-fixbug-cause-by-remove-container.json-in-run-dir.patch index 6df10bc..09bfda7 100644 --- a/patch/0028-fixbug-cause-by-remove-container.json-in-run-dir.patch +++ b/patch/0028-fixbug-cause-by-remove-container.json-in-run-dir.patch @@ -1,7 +1,7 @@ -From 8c5932bdd3b950e78ee4124cfc0a2ca2fc08f7eb Mon Sep 17 00:00:00 2001 +From b51ce6011c5756013841f8a46faeaedb92b6437d Mon Sep 17 00:00:00 2001 From: LiuHao Date: Fri, 9 Aug 2019 17:07:33 +0800 -Subject: [PATCH 28/44] fixbug: cause by remove container.json in run dir +Subject: [PATCH 28/46] fixbug: cause by remove container.json in run dir Start container will load container.json in run dir. If it is not exist, start container will failed. diff --git a/patch/0029-Performace-optimization.patch b/patch/0029-Performace-optimization.patch index 3e82cfa..4fe2546 100644 --- a/patch/0029-Performace-optimization.patch +++ b/patch/0029-Performace-optimization.patch @@ -1,7 +1,7 @@ -From 7d2a7385194aba67dce650e0596c5a6e087214b0 Mon Sep 17 00:00:00 2001 +From 93ff197677573721d8f263ec61b391eec255b6e9 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 26 Nov 2019 22:06:55 -0500 -Subject: [PATCH 29/44] Performace optimization +Subject: [PATCH 29/46] Performace optimization 1.Seprate big json file to small json files. 2.Migation json files for above change. diff --git a/patch/0030-Support-load-multiple-images.patch b/patch/0030-Support-load-multiple-images.patch index 769ddbb..54d1cdb 100644 --- a/patch/0030-Support-load-multiple-images.patch +++ b/patch/0030-Support-load-multiple-images.patch @@ -1,7 +1,7 @@ -From de3173da70e7ab3bbd59ed944e842018b0a9a115 Mon Sep 17 00:00:00 2001 +From f921c0eaf7e30c826c6d5f353def72a5bd720127 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Mon, 18 Nov 2019 21:20:52 -0500 -Subject: [PATCH 30/44] Support load multiple images +Subject: [PATCH 30/46] Support load multiple images Signed-off-by: WangFengTu --- diff --git a/patch/0031-SWR-response-406-Not-Acceptable-if-oci-image-in-firs.patch b/patch/0031-SWR-response-406-Not-Acceptable-if-oci-image-in-firs.patch index 51e718a..19d0643 100644 --- a/patch/0031-SWR-response-406-Not-Acceptable-if-oci-image-in-firs.patch +++ b/patch/0031-SWR-response-406-Not-Acceptable-if-oci-image-in-firs.patch @@ -1,7 +1,7 @@ -From bf98c93d9d00526f029d484b305b1c6ca5dad193 Mon Sep 17 00:00:00 2001 +From 57393a0ee0b7fe675560660663574d520957ef6d Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Fri, 29 Nov 2019 03:21:02 -0500 -Subject: [PATCH 31/44] SWR response "406: Not Acceptable" if oci image in +Subject: [PATCH 31/46] SWR response "406: Not Acceptable" if oci image in first Signed-off-by: WangFengTu diff --git a/patch/0032-log-message-of-get-mountpoint-failed.patch b/patch/0032-log-message-of-get-mountpoint-failed.patch index 19ed5d8..47e9d53 100644 --- a/patch/0032-log-message-of-get-mountpoint-failed.patch +++ b/patch/0032-log-message-of-get-mountpoint-failed.patch @@ -1,7 +1,7 @@ -From b3dee2b5e942d69429baa774ec9e606f490b82b4 Mon Sep 17 00:00:00 2001 +From 9c4d39e7c062aa130270b02ce87dfac42a75c4ee Mon Sep 17 00:00:00 2001 From: LiuHao Date: Thu, 5 Dec 2019 10:13:52 +0800 -Subject: [PATCH 32/44] log message of get mountpoint failed +Subject: [PATCH 32/46] log message of get mountpoint failed Signed-off-by: LiuHao --- diff --git a/patch/0033-Save-config-to-disk-if-images-s-name-is-removed.patch b/patch/0033-Save-config-to-disk-if-images-s-name-is-removed.patch index ae1abbd..fedfd9f 100644 --- a/patch/0033-Save-config-to-disk-if-images-s-name-is-removed.patch +++ b/patch/0033-Save-config-to-disk-if-images-s-name-is-removed.patch @@ -1,7 +1,7 @@ -From bbb843c846ac309ec9428acfe07da19aa8e94c05 Mon Sep 17 00:00:00 2001 +From 77f7a59213fdc979fab2ef6b580f6eb90bfd3125 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Wed, 18 Dec 2019 07:29:06 -0500 -Subject: [PATCH 33/44] Save config to disk if images's name is removed +Subject: [PATCH 33/46] Save config to disk if images's name is removed Signed-off-by: WangFengTu --- diff --git a/patch/0034-Try-to-repair-lowers-file-if-current-layer-is-reusin.patch b/patch/0034-Try-to-repair-lowers-file-if-current-layer-is-reusin.patch index a7e74dc..98fe2d8 100644 --- a/patch/0034-Try-to-repair-lowers-file-if-current-layer-is-reusin.patch +++ b/patch/0034-Try-to-repair-lowers-file-if-current-layer-is-reusin.patch @@ -1,7 +1,7 @@ -From 72112bbe383436fb64e7fe4dbd3093ea06eb906a Mon Sep 17 00:00:00 2001 +From a0ba51ab1c2ffe46f0169f6264717e7ccbc8e03e Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Mon, 30 Dec 2019 10:20:56 +0800 -Subject: [PATCH 34/44] Try to repair lowers file if current layer is reusing +Subject: [PATCH 34/46] Try to repair lowers file if current layer is reusing Signed-off-by: WangFengTu --- diff --git a/patch/0035-Fix-CVE-2018-15664.patch b/patch/0035-Fix-CVE-2018-15664.patch index c3cbb16..4cd7836 100644 --- a/patch/0035-Fix-CVE-2018-15664.patch +++ b/patch/0035-Fix-CVE-2018-15664.patch @@ -1,7 +1,7 @@ -From fd5eab1661e38ef9254c1a179eeba40ec68f3c93 Mon Sep 17 00:00:00 2001 +From bdcaa36c63fc8900525e93681ba2bf4182f9b829 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Wed, 5 Jun 2019 15:07:44 -0400 -Subject: [PATCH 35/44] Fix CVE-2018-15664 +Subject: [PATCH 35/46] Fix CVE-2018-15664 Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes diff --git a/patch/0036-Change-interface-of-AES.patch b/patch/0036-Change-interface-of-AES.patch index 29f967e..6c6b434 100644 --- a/patch/0036-Change-interface-of-AES.patch +++ b/patch/0036-Change-interface-of-AES.patch @@ -1,7 +1,7 @@ -From 61b0ca50124714007bf18c848cdd945ab4b69b30 Mon Sep 17 00:00:00 2001 +From c4eda47ec6a07e00ff715588f2fdb54ee2fa275c Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Fri, 17 Jan 2020 02:50:13 -0500 -Subject: [PATCH 36/44] Change interface of AES +Subject: [PATCH 36/46] Change interface of AES Signed-off-by: WangFengTu --- diff --git a/patch/0037-Change-iSulad-kit-to-iSulad-img.patch b/patch/0037-Change-iSulad-kit-to-iSulad-img.patch index eb21c48..4d88bc7 100644 --- a/patch/0037-Change-iSulad-kit-to-iSulad-img.patch +++ b/patch/0037-Change-iSulad-kit-to-iSulad-img.patch @@ -1,7 +1,7 @@ -From 928e215dde6840c9448816521131d23357e0e2c9 Mon Sep 17 00:00:00 2001 +From ab5e0997134733254de6a43efeccfc1a05f18ac5 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 21 Jan 2020 04:04:44 -0500 -Subject: [PATCH 37/44] Change iSulad-kit to iSulad-img +Subject: [PATCH 37/46] Change iSulad-kit to iSulad-img Signed-off-by: WangFengTu --- diff --git a/patch/0038-Fix-some-devicemapper-bugs.patch b/patch/0038-Fix-some-devicemapper-bugs.patch index d6313cd..5e7f2cc 100644 --- a/patch/0038-Fix-some-devicemapper-bugs.patch +++ b/patch/0038-Fix-some-devicemapper-bugs.patch @@ -1,7 +1,7 @@ -From 8346451ff989aa7e5c6aab39b7f5559fee1fa00e Mon Sep 17 00:00:00 2001 +From 40b7c7cae9936a73ba3d6c5a365248a60b835ea7 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Sun, 19 Jan 2020 11:25:09 +0800 -Subject: [PATCH 38/44] Fix some devicemapper bugs +Subject: [PATCH 38/46] Fix some devicemapper bugs Signed-off-by: WangFengTu --- diff --git a/patch/0039-Fix-wrong-mount-count-and-avoid-failure-when-unmount.patch b/patch/0039-Fix-wrong-mount-count-and-avoid-failure-when-unmount.patch index 5b1e4ed..c39e754 100644 --- a/patch/0039-Fix-wrong-mount-count-and-avoid-failure-when-unmount.patch +++ b/patch/0039-Fix-wrong-mount-count-and-avoid-failure-when-unmount.patch @@ -1,7 +1,7 @@ -From 19c39a18fbae7143fccf7fa00b5b88b50c5fba80 Mon Sep 17 00:00:00 2001 +From f1b0bbcc169d915b97463075359ca6900c3660e5 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Thu, 20 Feb 2020 11:17:42 +0800 -Subject: [PATCH 39/44] Fix wrong mount count and avoid failure when unmounting +Subject: [PATCH 39/46] Fix wrong mount count and avoid failure when unmounting an unmounted mountpoint Add lock when unmount mountpoint to avoid wrong mount count. And check if diff --git a/patch/0040-Add-unit-test-for-devicemapper.patch b/patch/0040-Add-unit-test-for-devicemapper.patch index ce61d99..b4b3377 100644 --- a/patch/0040-Add-unit-test-for-devicemapper.patch +++ b/patch/0040-Add-unit-test-for-devicemapper.patch @@ -1,7 +1,7 @@ -From c8c75cee7b8065aa449d13165f060d416399477c Mon Sep 17 00:00:00 2001 +From a4dd94f26be192cbe93e4af6f9b91d9c2a9486c4 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Fri, 21 Feb 2020 23:06:20 -0500 -Subject: [PATCH 40/44] Add unit-test for devicemapper +Subject: [PATCH 40/46] Add unit-test for devicemapper cherry-picked devicemapper related unit-test from https://github.com/containers/storage diff --git a/patch/0041-Fix-testcase-TestDevmapperCreateEmpty-failed-if-umas.patch b/patch/0041-Fix-testcase-TestDevmapperCreateEmpty-failed-if-umas.patch index c74d005..ea75124 100644 --- a/patch/0041-Fix-testcase-TestDevmapperCreateEmpty-failed-if-umas.patch +++ b/patch/0041-Fix-testcase-TestDevmapperCreateEmpty-failed-if-umas.patch @@ -1,7 +1,7 @@ -From 8a138a3a80f4dfb4c1b01fa88d3413237a81abba Mon Sep 17 00:00:00 2001 +From d2983a8ec1d4fe086c25f34acc3f340df6cdc8da Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 25 Feb 2020 16:56:55 +0800 -Subject: [PATCH 41/44] Fix testcase TestDevmapperCreateEmpty failed if umask +Subject: [PATCH 41/46] Fix testcase TestDevmapperCreateEmpty failed if umask is 0077 Signed-off-by: WangFengTu diff --git a/patch/0042-Delete-cached-digest-when-delete-layer.patch b/patch/0042-Delete-cached-digest-when-delete-layer.patch index 46191c5..b285f3a 100644 --- a/patch/0042-Delete-cached-digest-when-delete-layer.patch +++ b/patch/0042-Delete-cached-digest-when-delete-layer.patch @@ -1,7 +1,7 @@ -From c51a03434dfc3b0ab25f490980cf6b0860686949 Mon Sep 17 00:00:00 2001 +From 1ce669c30fba7d17e32b8601f2e40900ec7f3582 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 14 Jan 2020 22:16:25 -0500 -Subject: [PATCH 42/44] Delete cached digest when delete layer +Subject: [PATCH 42/46] Delete cached digest when delete layer Delete cached digest when delete layer. If not deleted, load images with the same diffID will error out with message diff --git a/patch/0043-Support-check-layer-s-diffIDs.patch b/patch/0043-Support-check-layer-s-diffIDs.patch index e9d7ed2..c5fc77c 100644 --- a/patch/0043-Support-check-layer-s-diffIDs.patch +++ b/patch/0043-Support-check-layer-s-diffIDs.patch @@ -1,7 +1,7 @@ -From 474acdd0fd80f75ff62b6164e8941196206ed6a3 Mon Sep 17 00:00:00 2001 +From 50e282d70baba1275d71a08425ddbc074ca2fa57 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Mon, 13 Jan 2020 08:50:55 -0500 -Subject: [PATCH 43/44] Support check layer's diffIDs +Subject: [PATCH 43/46] Support check layer's diffIDs Signed-off-by: WangFengTu --- diff --git a/patch/0044-Update-gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch b/patch/0044-Update-gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch index d90b958..3f0fa76 100644 --- a/patch/0044-Update-gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch +++ b/patch/0044-Update-gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch @@ -1,7 +1,7 @@ -From fabbf5a8dac1d61f78e8d67585102174c8941e3e Mon Sep 17 00:00:00 2001 +From 2dde50991428e4430e0f71b390d7af2776b64b6d Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 3 Mar 2020 05:29:52 -0500 -Subject: [PATCH 44/44] Update gpgme to v0.1.1 to fix CVE-2020-8945 +Subject: [PATCH 44/46] Update gpgme to v0.1.1 to fix CVE-2020-8945 https://nvd.nist.gov/vuln/detail/CVE-2020-8945 diff --git a/patch/0045-When-id-is-empty-for-overlay2-overlay-do-not-remove-.patch b/patch/0045-When-id-is-empty-for-overlay2-overlay-do-not-remove-.patch new file mode 100644 index 0000000..52bdcdd --- /dev/null +++ b/patch/0045-When-id-is-empty-for-overlay2-overlay-do-not-remove-.patch @@ -0,0 +1,44 @@ +From a2fe9eca3561eff205c828bdbc6c504a4551b7cc Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Thu, 12 Mar 2020 14:17:11 +0800 +Subject: [PATCH 45/46] When id is empty for overlay2/overlay, do not remove + the directories. + +Signed-off-by: fanjiyun +Signed-off-by: Sebastiaan van Stijn + +cherry-picked from github.com/moby/moby/pull/36161 + +Signed-off-by: WangFengTu +--- + .../containers/storage/drivers/overlay/overlay.go | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go +index 213acd1..d1f754c 100644 +--- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go ++++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go +@@ -678,6 +678,9 @@ func (d *Driver) optsAppendMappings(opts string, uidMaps, gidMaps []idtools.IDMa + + // Remove cleans the directories that are created for this id. + func (d *Driver) Remove(id string) error { ++ if id == "" { ++ return fmt.Errorf("refusing to remove the directories: id is empty") ++ } + d.locker.Lock(id) + defer d.locker.Unlock(id) + +@@ -689,7 +692,9 @@ func (d *Driver) Remove(id string) error { + dir := d.dir(id) + lid, err := ioutil.ReadFile(path.Join(dir, "link")) + if err == nil { +- if err := os.RemoveAll(path.Join(d.home, linkDir, string(lid))); err != nil { ++ if len(lid) == 0 { ++ logrus.Errorf("refusing to remove empty link for layer %v", id) ++ } else if err := os.RemoveAll(path.Join(d.home, linkDir, string(lid))); err != nil { + logrus.Debugf("Failed to remove link: %v", err) + } + } +-- +2.19.1 + diff --git a/patch/0046-Sync-write-link-and-lower-files-to-avoid-broken-caus.patch b/patch/0046-Sync-write-link-and-lower-files-to-avoid-broken-caus.patch new file mode 100644 index 0000000..6d4c575 --- /dev/null +++ b/patch/0046-Sync-write-link-and-lower-files-to-avoid-broken-caus.patch @@ -0,0 +1,53 @@ +From e9d1a46389937bc9f088dbe912386f92901c3999 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Thu, 12 Mar 2020 18:17:49 +0800 +Subject: [PATCH 46/46] Sync write link and lower files to avoid broken caused + by poweroff + +Signed-off-by: WangFengTu +--- + .../containers/storage/drivers/overlay/overlay.go | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go +index d1f754c..a6e3db6 100644 +--- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go ++++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go +@@ -24,6 +24,7 @@ import ( + "github.com/containers/storage/pkg/directory" + "github.com/containers/storage/pkg/fsutils" + "github.com/containers/storage/pkg/idtools" ++ "github.com/containers/storage/pkg/ioutils" + "github.com/containers/storage/pkg/locker" + "github.com/containers/storage/pkg/mount" + "github.com/containers/storage/pkg/ostree" +@@ -534,7 +535,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr + } + + // Write link id to link file +- if err := ioutil.WriteFile(path.Join(dir, "link"), []byte(lid), 0644); err != nil { ++ if err := ioutils.AtomicWriteFile(path.Join(dir, "link"), []byte(lid), 0644); err != nil { + return err + } + +@@ -555,7 +556,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr + return err + } + if lower != "" { +- if err := ioutil.WriteFile(path.Join(dir, lowerFile), []byte(lower), 0666); err != nil { ++ if err := ioutils.AtomicWriteFile(path.Join(dir, lowerFile), []byte(lower), 0666); err != nil { + return err + } + } +@@ -1133,7 +1134,7 @@ func (d *Driver) TryRepairLowers(id, parent string) error { + return err + } + if lower != "" { +- if err := ioutil.WriteFile(path.Join(d.dir(id), lowerFile), []byte(lower), 0666); err != nil { ++ if err := ioutils.AtomicWriteFile(path.Join(d.dir(id), lowerFile), []byte(lower), 0666); err != nil { + return err + } + } +-- +2.19.1 + diff --git a/patch/series-patch.conf b/patch/series-patch.conf index c150a55..e4d532b 100644 --- a/patch/series-patch.conf +++ b/patch/series-patch.conf @@ -42,3 +42,5 @@ 0042-Delete-cached-digest-when-delete-layer.patch 0043-Support-check-layer-s-diffIDs.patch 0044-Update-gpgme-to-v0.1.1-to-fix-CVE-2020-8945.patch +0045-When-id-is-empty-for-overlay2-overlay-do-not-remove-.patch +0046-Sync-write-link-and-lower-files-to-avoid-broken-caus.patch -- GitLab