From 0d158a80279a18d2f6f2f230ecea2e504fdc088f Mon Sep 17 00:00:00 2001
From: Kathryn Baldauf <kabaldau@microsoft.com>
Date: Wed, 2 Dec 2020 17:37:13 -0800
Subject: [PATCH 1/2] Update containerd vendor with recent fork/release/1.4
 commit

Signed-off-by: Kathryn Baldauf <kabaldau@microsoft.com>
---
 vendor.conf                                   |   2 +-
 .../containerd/containerd/signals.go          |  12 +-
 .../containerd/containerd/signals_unix.go     |   8 ++
 .../containerd/containerd/signals_windows.go  | 127 +++++++++++++++---
 vendor/github.com/gogo/protobuf/go.mod        |   2 +
 5 files changed, 131 insertions(+), 20 deletions(-)

diff --git a/vendor.conf b/vendor.conf
index 7125a6284..7288e9297 100644
--- a/vendor.conf
+++ b/vendor.conf
@@ -3,7 +3,7 @@ github.com/blang/semver v3.1.0
 github.com/BurntSushi/toml a368813c5e648fee92e5f6c30e3944ff9d5e8895
 github.com/containerd/cgroups caf71576c8b19daf80ab4685916e4d5b4c74887e
 github.com/containerd/console c12b1e7919c14469339a5d38f2f8ed9b64a9de23
-github.com/containerd/containerd 12e49bbd4d6124ebdbbc3f66919416f360b46dda https://github.com/kevpar/containerd.git # fork/release/1.4
+github.com/containerd/containerd 4fd5652678e9650bfefd3a8de1e697e84c25844b https://github.com/kevpar/containerd.git # fork/release/1.4
 github.com/containerd/continuity bd77b46c8352f74eb12c85bdc01f4b90f69d66b4
 github.com/containerd/fifo 3d5202aec260678c48179c56f40e6f38a095738c
 github.com/containerd/go-cni 40bcf8ec8acd7372be1d77031d585d5d8e561c90
diff --git a/vendor/github.com/containerd/containerd/signals.go b/vendor/github.com/containerd/containerd/signals.go
index ca64ecd02..eac5563b5 100644
--- a/vendor/github.com/containerd/containerd/signals.go
+++ b/vendor/github.com/containerd/containerd/signals.go
@@ -24,6 +24,7 @@ import (
 
 	"github.com/containerd/containerd/content"
 	"github.com/containerd/containerd/images"
+	"github.com/containerd/containerd/platforms"
 	v1 "github.com/opencontainers/image-spec/specs-go/v1"
 )
 
@@ -48,10 +49,6 @@ func GetStopSignal(ctx context.Context, container Container, defaultSignal sysca
 
 // GetOCIStopSignal retrieves the stop signal specified in the OCI image config
 func GetOCIStopSignal(ctx context.Context, image Image, defaultSignal string) (string, error) {
-	_, err := ParseSignal(defaultSignal)
-	if err != nil {
-		return "", err
-	}
 	ic, err := image.Config(ctx)
 	if err != nil {
 		return "", err
@@ -59,6 +56,7 @@ func GetOCIStopSignal(ctx context.Context, image Image, defaultSignal string) (s
 	var (
 		ociimage v1.Image
 		config   v1.ImageConfig
+		platform string = platforms.DefaultSpec().OS
 	)
 	switch ic.MediaType {
 	case v1.MediaTypeImageConfig, images.MediaTypeDockerSchema2Config:
@@ -71,10 +69,16 @@ func GetOCIStopSignal(ctx context.Context, image Image, defaultSignal string) (s
 			return "", err
 		}
 		config = ociimage.Config
+		platform = ociimage.OS
 	default:
 		return "", fmt.Errorf("unknown image config media type %s", ic.MediaType)
 	}
 
+	// verify that default signal is valid
+	if _, err := ParsePlatformSignal(defaultSignal, platform); err != nil {
+		return "", err
+	}
+
 	if config.StopSignal == "" {
 		return defaultSignal, nil
 	}
diff --git a/vendor/github.com/containerd/containerd/signals_unix.go b/vendor/github.com/containerd/containerd/signals_unix.go
index 14916a9ff..d1ad107b0 100644
--- a/vendor/github.com/containerd/containerd/signals_unix.go
+++ b/vendor/github.com/containerd/containerd/signals_unix.go
@@ -31,6 +31,14 @@ import (
 // the rawSignal can be a string with "SIG" prefix,
 // or a signal number in string format.
 func ParseSignal(rawSignal string) (syscall.Signal, error) {
+	return parseSignalUnix(rawSignal)
+}
+
+func ParsePlatformSignal(rawSignal string, _ string) (syscall.Signal, error) {
+	return parseSignalUnix(rawSignal)
+}
+
+func parseSignalUnix(rawSignal string) (syscall.Signal, error) {
 	s, err := strconv.Atoi(rawSignal)
 	if err == nil {
 		return syscall.Signal(s), nil
diff --git a/vendor/github.com/containerd/containerd/signals_windows.go b/vendor/github.com/containerd/containerd/signals_windows.go
index 0018e191e..e608743f9 100644
--- a/vendor/github.com/containerd/containerd/signals_windows.go
+++ b/vendor/github.com/containerd/containerd/signals_windows.go
@@ -25,35 +25,125 @@ import (
 	"golang.org/x/sys/windows"
 )
 
-var signalMap = map[string]syscall.Signal{
-	"HUP":    syscall.Signal(windows.SIGHUP),
-	"INT":    syscall.Signal(windows.SIGINT),
-	"QUIT":   syscall.Signal(windows.SIGQUIT),
-	"SIGILL": syscall.Signal(windows.SIGILL),
-	"TRAP":   syscall.Signal(windows.SIGTRAP),
-	"ABRT":   syscall.Signal(windows.SIGABRT),
-	"BUS":    syscall.Signal(windows.SIGBUS),
-	"FPE":    syscall.Signal(windows.SIGFPE),
-	"KILL":   syscall.Signal(windows.SIGKILL),
-	"SEGV":   syscall.Signal(windows.SIGSEGV),
-	"PIPE":   syscall.Signal(windows.SIGPIPE),
-	"ALRM":   syscall.Signal(windows.SIGALRM),
-	"TERM":   syscall.Signal(windows.SIGTERM),
+const (
+	linuxSigrtmin = 34
+	linuxSigrtmax = 64
+)
+
+var signalMapWindows = map[string]syscall.Signal{
+	"HUP":  syscall.Signal(windows.SIGHUP),
+	"INT":  syscall.Signal(windows.SIGINT),
+	"QUIT": syscall.Signal(windows.SIGQUIT),
+	"ILL":  syscall.Signal(windows.SIGILL),
+	"TRAP": syscall.Signal(windows.SIGTRAP),
+	"ABRT": syscall.Signal(windows.SIGABRT),
+	"BUS":  syscall.Signal(windows.SIGBUS),
+	"FPE":  syscall.Signal(windows.SIGFPE),
+	"KILL": syscall.Signal(windows.SIGKILL),
+	"SEGV": syscall.Signal(windows.SIGSEGV),
+	"PIPE": syscall.Signal(windows.SIGPIPE),
+	"ALRM": syscall.Signal(windows.SIGALRM),
+	"TERM": syscall.Signal(windows.SIGTERM),
+}
+
+// manually define signals for linux since we may be running an LCOW container, but
+// the unix syscalls do not get built when running on windows
+var signalMapLinux = map[string]syscall.Signal{
+	"ABRT":     syscall.Signal(0x6),
+	"ALRM":     syscall.Signal(0xe),
+	"BUS":      syscall.Signal(0x7),
+	"CHLD":     syscall.Signal(0x11),
+	"CLD":      syscall.Signal(0x11),
+	"CONT":     syscall.Signal(0x12),
+	"FPE":      syscall.Signal(0x8),
+	"HUP":      syscall.Signal(0x1),
+	"ILL":      syscall.Signal(0x4),
+	"INT":      syscall.Signal(0x2),
+	"IO":       syscall.Signal(0x1d),
+	"IOT":      syscall.Signal(0x6),
+	"KILL":     syscall.Signal(0x9),
+	"PIPE":     syscall.Signal(0xd),
+	"POLL":     syscall.Signal(0x1d),
+	"PROF":     syscall.Signal(0x1b),
+	"PWR":      syscall.Signal(0x1e),
+	"QUIT":     syscall.Signal(0x3),
+	"SEGV":     syscall.Signal(0xb),
+	"STKFLT":   syscall.Signal(0x10),
+	"STOP":     syscall.Signal(0x13),
+	"SYS":      syscall.Signal(0x1f),
+	"TERM":     syscall.Signal(0xf),
+	"TRAP":     syscall.Signal(0x5),
+	"TSTP":     syscall.Signal(0x14),
+	"TTIN":     syscall.Signal(0x15),
+	"TTOU":     syscall.Signal(0x16),
+	"URG":      syscall.Signal(0x17),
+	"USR1":     syscall.Signal(0xa),
+	"USR2":     syscall.Signal(0xc),
+	"VTALRM":   syscall.Signal(0x1a),
+	"WINCH":    syscall.Signal(0x1c),
+	"XCPU":     syscall.Signal(0x18),
+	"XFSZ":     syscall.Signal(0x19),
+	"RTMIN":    linuxSigrtmin,
+	"RTMIN+1":  linuxSigrtmin + 1,
+	"RTMIN+2":  linuxSigrtmin + 2,
+	"RTMIN+3":  linuxSigrtmin + 3,
+	"RTMIN+4":  linuxSigrtmin + 4,
+	"RTMIN+5":  linuxSigrtmin + 5,
+	"RTMIN+6":  linuxSigrtmin + 6,
+	"RTMIN+7":  linuxSigrtmin + 7,
+	"RTMIN+8":  linuxSigrtmin + 8,
+	"RTMIN+9":  linuxSigrtmin + 9,
+	"RTMIN+10": linuxSigrtmin + 10,
+	"RTMIN+11": linuxSigrtmin + 11,
+	"RTMIN+12": linuxSigrtmin + 12,
+	"RTMIN+13": linuxSigrtmin + 13,
+	"RTMIN+14": linuxSigrtmin + 14,
+	"RTMIN+15": linuxSigrtmin + 15,
+	"RTMAX-14": linuxSigrtmax - 14,
+	"RTMAX-13": linuxSigrtmax - 13,
+	"RTMAX-12": linuxSigrtmax - 12,
+	"RTMAX-11": linuxSigrtmax - 11,
+	"RTMAX-10": linuxSigrtmax - 10,
+	"RTMAX-9":  linuxSigrtmax - 9,
+	"RTMAX-8":  linuxSigrtmax - 8,
+	"RTMAX-7":  linuxSigrtmax - 7,
+	"RTMAX-6":  linuxSigrtmax - 6,
+	"RTMAX-5":  linuxSigrtmax - 5,
+	"RTMAX-4":  linuxSigrtmax - 4,
+	"RTMAX-3":  linuxSigrtmax - 3,
+	"RTMAX-2":  linuxSigrtmax - 2,
+	"RTMAX-1":  linuxSigrtmax - 1,
+	"RTMAX":    linuxSigrtmax,
 }
 
 // ParseSignal parses a given string into a syscall.Signal
 // the rawSignal can be a string with "SIG" prefix,
 // or a signal number in string format.
 func ParseSignal(rawSignal string) (syscall.Signal, error) {
+	return parseSignalGeneric(rawSignal, "windows")
+}
+
+// ParsePlatformSignal parses a given string into a syscall.Signal based on
+// the OS platform specified in `platform`.
+func ParsePlatformSignal(rawSignal, platform string) (syscall.Signal, error) {
+	return parseSignalGeneric(rawSignal, platform)
+}
+
+func parseSignalGeneric(rawSignal, platform string) (syscall.Signal, error) {
+	signalMap := getSignalMapForPlatform(platform)
 	s, err := strconv.Atoi(rawSignal)
 	if err == nil {
 		sig := syscall.Signal(s)
+		if platform != "windows" {
+			return sig, nil
+		}
+		// on windows, make sure we support this signal
 		for _, msig := range signalMap {
 			if sig == msig {
 				return sig, nil
 			}
 		}
-		return -1, fmt.Errorf("unknown signal %q", rawSignal)
+		return sig, fmt.Errorf("unknown signal %q", rawSignal)
 	}
 	signal, ok := signalMap[strings.TrimPrefix(strings.ToUpper(rawSignal), "SIG")]
 	if !ok {
@@ -61,3 +151,10 @@ func ParseSignal(rawSignal string) (syscall.Signal, error) {
 	}
 	return signal, nil
 }
+
+func getSignalMapForPlatform(platform string) map[string]syscall.Signal {
+	if platform != "windows" {
+		return signalMapLinux
+	}
+	return signalMapWindows
+}
diff --git a/vendor/github.com/gogo/protobuf/go.mod b/vendor/github.com/gogo/protobuf/go.mod
index fa2c3a967..145ab6ef3 100644
--- a/vendor/github.com/gogo/protobuf/go.mod
+++ b/vendor/github.com/gogo/protobuf/go.mod
@@ -1,5 +1,7 @@
 module github.com/gogo/protobuf
 
+go 1.14
+
 require (
 	github.com/kisielk/errcheck v1.2.0 // indirect
 	github.com/kisielk/gotool v1.0.0 // indirect

From 7a826723b1d7edf39c7b1b77be069161382b3a79 Mon Sep 17 00:00:00 2001
From: Kathryn Baldauf <kabaldau@microsoft.com>
Date: Wed, 2 Dec 2020 17:37:54 -0800
Subject: [PATCH 2/2] Parse container stop signal based on the sandbox platform

Signed-off-by: Kathryn Baldauf <kabaldau@microsoft.com>
---
 pkg/server/container_stop.go  | 11 +++++++++--
 pkg/server/helpers_unix.go    |  5 +++++
 pkg/server/helpers_windows.go | 28 ++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/pkg/server/container_stop.go b/pkg/server/container_stop.go
index 8ad044bbf..4184fa9db 100644
--- a/pkg/server/container_stop.go
+++ b/pkg/server/container_stop.go
@@ -20,10 +20,10 @@ import (
 	"syscall"
 	"time"
 
+	"github.com/containerd/containerd"
 	eventtypes "github.com/containerd/containerd/api/events"
 	"github.com/containerd/containerd/errdefs"
 	"github.com/containerd/containerd/log"
-	"github.com/docker/docker/pkg/signal"
 	"github.com/pkg/errors"
 	"golang.org/x/net/context"
 
@@ -125,11 +125,18 @@ func (c *criService) stopContainer(ctx context.Context, container containerstore
 				}
 			}
 		}
-		sig, err := signal.ParseSignal(stopSignal)
+
+		sandboxPlatform, err := c.getSandboxPlatform(container.Metadata.SandboxID)
+		if err != nil {
+			return errors.Wrapf(err, "failed to get container's sandbox platform")
+		}
+
+		sig, err := containerd.ParsePlatformSignal(stopSignal, sandboxPlatform)
 		if err != nil {
 			return errors.Wrapf(err, "failed to parse stop signal %q", stopSignal)
 		}
 		log.G(ctx).Infof("Stop container %q with signal %v", id, sig)
+
 		if err = task.Kill(ctx, sig); err != nil && !errdefs.IsNotFound(err) {
 			return errors.Wrapf(err, "failed to stop container %q", id)
 		}
diff --git a/pkg/server/helpers_unix.go b/pkg/server/helpers_unix.go
index ae9194171..9b932bcce 100644
--- a/pkg/server/helpers_unix.go
+++ b/pkg/server/helpers_unix.go
@@ -22,6 +22,7 @@ import (
 	"fmt"
 	"regexp"
 
+	"github.com/containerd/containerd/platforms"
 	"github.com/opencontainers/selinux/go-selinux"
 	"github.com/opencontainers/selinux/go-selinux/label"
 	"github.com/pkg/errors"
@@ -65,3 +66,7 @@ func checkSelinuxLevel(level string) (bool, error) {
 	}
 	return true, nil
 }
+
+func (c *criService) getSandboxPlatform(_ string) (string, error) {
+	return platforms.DefaultString(), nil
+}
diff --git a/pkg/server/helpers_windows.go b/pkg/server/helpers_windows.go
index 7ba63b7f8..58ad1567d 100644
--- a/pkg/server/helpers_windows.go
+++ b/pkg/server/helpers_windows.go
@@ -19,6 +19,9 @@ limitations under the License.
 package server
 
 import (
+	runhcsoptions "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
+	criconfig "github.com/containerd/cri/pkg/config"
+	"github.com/pkg/errors"
 	runtime "k8s.io/cri-api/pkg/apis/runtime/v1alpha2"
 )
 
@@ -26,3 +29,28 @@ import (
 func initSelinuxOpts(selinuxOpt *runtime.SELinuxOption) (string, string, error) {
 	return "", "", nil
 }
+
+func (c *criService) getSandboxPlatform(sandboxID string) (string, error) {
+	sandbox, err := c.sandboxStore.Get(sandboxID)
+	if err != nil {
+		return "", err
+	}
+
+	// Get the RuntimeHandler config overrides
+	var ociRuntime criconfig.Runtime
+	if sandbox.RuntimeHandler != "" {
+		ociRuntime = c.config.Runtimes[sandbox.RuntimeHandler]
+	} else {
+		ociRuntime = c.config.DefaultRuntime
+	}
+	runtimeOpts, err := generateRuntimeOptions(ociRuntime, c.config)
+	if err != nil {
+		return "", errors.Wrap(err, "failed to generate runtime options")
+	}
+	rhcso := runtimeOpts.(*runhcsoptions.Options)
+	sandboxPlatform := rhcso.SandboxPlatform
+	if sandboxPlatform == "" {
+		sandboxPlatform = "windows/amd64"
+	}
+	return sandboxPlatform, nil
+}