beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #43416 from thaJeztah/20.10_update_containerd2

Browse source 
[20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
This commit is contained in:
Sebastiaan van Stijn 2022-03-23 21:26:07 +01:00 committed by GitHub
commit cf0abad081
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
vendor.conf
View file

@ -132,7 +132,7 @@ github.com/googleapis/gax-go bd5b16380fd03dc758d11cef74ba
google.golang.org/genproto 3f1135a288c9a07e340ae8ba4cc6c7065a3160e8 google.golang.org/genproto 3f1135a288c9a07e340ae8ba4cc6c7065a3160e8
# containerd # containerd
github.com/containerd/containerd e048c115a3a89caf63941d363858e207c28bccd6 https://github.com/moby/containerd.git # master (v1.5.0-dev) + patch for CVE-2021-41190 github.com/containerd/containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791 https://github.com/moby/containerd.git # master (v1.5.0-dev) + patch for CVE-2021-41190 and CVE-2022-24769
github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb
github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165
github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510

7
vendor/github.com/containerd/containerd/oci/spec.go generated vendored
View file

@ -148,10 +148,9 @@ func populateDefaultUnixSpec(ctx context.Context, s *Spec, id string) error {
GID: 0, GID: 0,
}, },
Capabilities: &specs.LinuxCapabilities{ Capabilities: &specs.LinuxCapabilities{
Bounding: defaultUnixCaps(), Bounding: defaultUnixCaps(),
Permitted: defaultUnixCaps(), Permitted: defaultUnixCaps(),
Inheritable: defaultUnixCaps(), Effective: defaultUnixCaps(),
Effective: defaultUnixCaps(),
}, },
Rlimits: []specs.POSIXRlimit{ Rlimits: []specs.POSIXRlimit{
{ {

5
vendor/github.com/containerd/containerd/oci/spec_opts.go generated vendored
View file

@ -770,7 +770,6 @@ func WithCapabilities(caps []string) SpecOpts {
s.Process.Capabilities.Bounding = caps s.Process.Capabilities.Bounding = caps
s.Process.Capabilities.Effective = caps s.Process.Capabilities.Effective = caps
s.Process.Capabilities.Permitted = caps s.Process.Capabilities.Permitted = caps
s.Process.Capabilities.Inheritable = caps
return nil return nil
} }
@ -828,7 +827,6 @@ func WithAddedCapabilities(caps []string) SpecOpts {
&s.Process.Capabilities.Bounding, &s.Process.Capabilities.Bounding,
&s.Process.Capabilities.Effective, &s.Process.Capabilities.Effective,
&s.Process.Capabilities.Permitted, &s.Process.Capabilities.Permitted,
&s.Process.Capabilities.Inheritable,
} { } {
if !capsContain(*cl, c) { if !capsContain(*cl, c) {
*cl = append(*cl, c) *cl = append(*cl, c)
@ -848,7 +846,6 @@ func WithDroppedCapabilities(caps []string) SpecOpts {
&s.Process.Capabilities.Bounding, &s.Process.Capabilities.Bounding,
&s.Process.Capabilities.Effective, &s.Process.Capabilities.Effective,
&s.Process.Capabilities.Permitted, &s.Process.Capabilities.Permitted,
&s.Process.Capabilities.Inheritable,
} { } {
removeCap(cl, c) removeCap(cl, c)
} }
@ -863,7 +860,7 @@ func WithDroppedCapabilities(caps []string) SpecOpts {
func WithAmbientCapabilities(caps []string) SpecOpts { func WithAmbientCapabilities(caps []string) SpecOpts {
return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error { return func(_ context.Context, _ Client, _ *containers.Container, s *Spec) error {
setCapabilities(s) setCapabilities(s)
s.Process.Capabilities.Inheritable = caps
s.Process.Capabilities.Ambient = caps s.Process.Capabilities.Ambient = caps
return nil return nil
} }