kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity
moby--moby/daemon
History
Cory Snider 1f22b15030 Lock OS threads when exec'ing with Pdeathsig 
On Linux, when (os/exec.Cmd).SysProcAttr.Pdeathsig is set, the signal
will be sent to the process when the OS thread on which cmd.Start() was
executed dies. The runtime terminates an OS thread when a goroutine
exits after being wired to the thread with runtime.LockOSThread(). If
other goroutines are allowed to be scheduled onto a thread which called
cmd.Start(), an unrelated goroutine could cause the thread to be
terminated and prematurely signal the command. See
https://github.com/golang/go/issues/27505 for more information.

Prevent started subprocesses with Pdeathsig from getting signaled
prematurely by wiring the starting goroutine to the OS thread until the
subprocess has exited. No other goroutines can be scheduled onto a
locked thread so it will remain alive until unlocked or the daemon
process exits.

Signed-off-by: Cory Snider <csnider@mirantis.com>
 		2022-10-05 12:18:03 -04:00
..
cluster daemon/cluster: fix empty-lines (revive) 2022-09-28 01:58:50 +02:00
config Merge pull request #43978 from cpuguy83/default_runtime_shim 2022-08-18 22:59:57 +02:00
containerd ImageService.GetImage(): pass context 2022-09-07 16:53:45 +02:00
events api/types/events: add "Type" type for event-type enum 2021-08-23 21:14:55 +02:00
graphdriver Lock OS threads when exec'ing with Pdeathsig 2022-10-05 12:18:03 -04:00
images daemon/images: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
initlayer pkg/containerfs: drop ContainerFS type alias 2022-09-23 16:56:53 -04:00
links all: replace strings.Replace with strings.ReplaceAll 2022-05-09 19:45:40 +08:00
listeners Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
logger logger/journald: unlock OS threads 2022-09-28 11:46:59 -04:00
names
network daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
stats Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
testdata
apparmor_default.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
apparmor_default_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
archive.go daemon: clean up vestiges of ContainerFS 2022-09-23 16:56:53 -04:00
archive_tarcopyoptions.go Finish refactor of UID/GID usage to a new struct 2022-03-14 16:28:57 -04:00
archive_tarcopyoptions_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
archive_tarcopyoptions_windows.go
archive_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
archive_windows.go
attach.go Make it explicit raw|multiplexed stream implementation being used 2022-05-12 11:36:31 +02:00
auth.go daemon: use types/registry.AuthConfig 2022-07-29 23:05:18 +02:00
changes.go daemon: add "isWindows" const 2019-10-17 23:49:43 +02:00
checkpoint.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
cluster.go Fix libnetwork imports 2021-06-01 21:51:23 +00:00
commit.go daemon: add "isWindows" const 2019-10-17 23:49:43 +02:00
configs.go
configs_linux.go
configs_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
configs_windows.go
container.go ImageService: rename GraphDriverName to StorageDriver 2022-08-18 09:44:51 +02:00
container_linux.go daemon: load and cache sysInfo on initialization 2022-01-12 18:28:15 +01:00
container_operations.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
container_operations_unix.go daemon: killWithSignal, killPossiblyDeadProcess: accept syscall.Signal 2022-05-05 00:53:52 +02:00
container_operations_windows.go refactor: move from io/ioutil to io and os package 2021-08-27 14:56:57 +08:00
container_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
container_windows.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
content.go update to golang 1.19 2022-09-07 15:27:16 +02:00
create.go Merge pull request #44016 from thaJeztah/dont_set_ignoreImagesArgsEscaped 2022-09-27 17:59:23 +02:00
create_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
create_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
create_windows.go daemon, oci: remove LCOW bits 2021-07-27 13:35:59 +02:00
daemon.go Merge pull request #44193 from thaJeztah/libnetwork_cleanup 2022-09-27 22:41:32 +02:00
daemon_linux.go daemon: fix daemon.Shutdown, daemon.Cleanup not cleaning up overlay2 mounts 2022-05-29 16:28:13 +02:00
daemon_linux_test.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
daemon_test.go Use hashicorp/go-memdb instead of truncindex 2022-05-20 18:22:21 +02:00
daemon_unix.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
daemon_unix_test.go daemon: remove discovery related tests 2022-01-06 18:28:10 +01:00
daemon_unsupported.go daemon.NewDaemon(): fix network feature detection on first start 2022-06-03 17:54:43 +02:00
daemon_windows.go pkg/containerfs: drop ContainerFS type alias 2022-09-23 16:56:53 -04:00
daemon_windows_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_windows.go pkg/signal: move signal.DumpStacks() to a separate package 2021-07-15 18:09:43 +02:00
delete.go Lock container when deleting its root directory 2022-08-24 14:59:08 -04:00
delete_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
dependency.go Bump swarmkit to v2 2022-04-21 17:33:07 -04:00
devices_linux.go Add DeviceRequests to HostConfig to support NVIDIA GPUs 2019-03-18 17:19:45 +00:00
disk_usage.go api/types: replace uses of deprecated types.Volume with volume.Volume 2022-04-21 19:50:59 +02:00
errors.go filters: lowercase error 2022-03-18 09:44:53 +01:00
events.go daemon: LogDaemonEventWithAttributes: don't call SystemInfo() 2022-06-07 22:01:12 +02:00
events_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
exec.go daemon: Maintain container exec-inspect invariant 2022-08-24 19:35:07 -04:00
exec_linux.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
exec_linux_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
exec_windows.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
export.go daemon: clean up vestiges of ContainerFS 2022-09-23 16:56:53 -04:00
health.go Merge pull request #43997 from thaJeztah/healthcheck_capture_logs 2022-09-02 10:48:22 +02:00
health_test.go daemon: suppress logs in unit tests 2019-10-18 00:57:56 +02:00
id.go daemon: separate daemon ID from trust-key 2022-05-04 20:17:18 +02:00
image_service.go ImageService.GetImage(): pass context 2022-09-07 16:53:45 +02:00
info.go daemon: info: fillDriverInfo() get driver-name from ImageService 2022-08-18 09:44:56 +02:00
info_unix.go Allow containerd shim refs in default-runtime 2022-08-18 18:41:03 +00:00
info_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
info_windows.go Make cgroup namespaces configurable 2019-05-07 10:22:16 -07:00
inspect.go Merge pull request #43564 from corhere/libcontainerd-overhaul 2022-08-25 11:51:42 -07:00
inspect_linux.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
inspect_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
inspect_windows.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
keys.go refactor: move from io/ioutil to io and os package 2021-08-27 14:56:57 +08:00
keys_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
kill.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
licensing.go
licensing_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
links.go
list.go container: remove ViewDB and View interfaces, use concrete types 2022-09-21 17:38:45 +02:00
list_test.go filters: lowercase error 2022-03-18 09:44:53 +01:00
list_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
list_windows.go pkg/containerfs: alias ContainerFS to string 2022-09-23 16:56:52 -04:00
logdrivers_linux.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logdrivers_windows.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logs.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
logs_test.go
metrics.go health: Start probe timeout after exec starts 2022-04-28 17:21:03 -04:00
metrics_unix.go set ReadHeaderTimeout to address G112: Potential Slowloris Attack (gosec) 2022-09-22 12:13:28 +02:00
metrics_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
monitor.go daemon: stop health checks before deleting task 2022-08-25 20:03:42 -04:00
mounts.go
names.go Entropy cannot be saved 2019-06-07 11:54:45 +01:00
network.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
network_windows.go Fix libnetwork imports 2021-06-01 21:51:23 +00:00
nvidia_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci_linux.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
oci_linux_test.go pkg/containerfs: alias ContainerFS to string 2022-09-23 16:56:52 -04:00
oci_opts.go daemon/linux: Set console size on creation 2022-05-19 07:57:27 +02:00
oci_utils.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci_windows.go pkg/containerfs: alias ContainerFS to string 2022-09-23 16:56:52 -04:00
oci_windows_test.go Bump swarmkit to v2 2022-04-21 17:33:07 -04:00
pause.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
prune.go Fixup libnetwork lint errors 2021-06-01 23:48:32 +00:00
reload.go daemon: LogDaemonEventWithAttributes: don't call SystemInfo() 2022-06-07 22:01:12 +02:00
reload_test.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
reload_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
reload_windows.go
rename.go Fix libnetwork imports 2021-06-01 21:51:23 +00:00
resize.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
resize_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
restart.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
runtime_unix.go Allow containerd shim refs in default-runtime 2022-08-18 18:41:03 +00:00
runtime_unix_test.go daemon/config: New(): initialize config with platform-specific defaults 2022-08-17 08:54:32 +02:00
runtime_windows.go Add shim config for custom runtimes for plugins 2021-01-14 19:28:28 +00:00
seccomp_linux.go Remove "seccomp" build tag 2022-05-12 14:48:35 -07:00
seccomp_linux_test.go daemon: fix empty-lines (revive) 2022-09-28 01:58:51 +02:00
seccomp_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
secrets.go
secrets_linux.go
secrets_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
secrets_windows.go
start.go pkg/containerfs: simplify ContainerFS type 2022-09-23 16:56:49 -04:00
start_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
start_windows.go Windows CI: Add support for testing with containerd 2021-08-17 07:09:40 -07:00
stats.go Merge pull request #40478 from cpuguy83/dont-prime-the-stats 2020-04-16 20:57:06 +02:00
stats_collector.go
stats_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
stats_windows.go
stop.go container: StopSignal(): return syscall.Signal 2022-05-05 00:53:53 +02:00
top_unix.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
top_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
top_windows.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
trustkey.go Allow system.MkDirAll() to be used as drop-in for os.MkDirAll() 2019-08-08 15:05:49 +02:00
trustkey_test.go fix unclosed file-handles in tests 2022-05-31 21:53:38 +02:00
unpause.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
update.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
update_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
update_windows.go Windows: Experimental: Allow containerd for runtime 2019-03-12 18:41:55 -07:00
volumes.go introduce CreateMountpoint for parity between binds and mounts 2022-05-19 16:43:06 +02:00
volumes_linux.go
volumes_linux_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
volumes_unit_test.go volume/mounts: remove "containerOS" argument from NewParser (LCOW code) 2021-07-02 13:51:55 +02:00
volumes_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
volumes_windows.go
wait.go
workdir.go