Syllll
diff --git a/‎Dockerfile‎
Lines changed: 1 addition & 1 deletion b/‎Dockerfile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎daemon/daemon_unix.go‎
Lines changed: 3 additions & 2 deletions b/‎daemon/daemon_unix.go‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎daemon/delete.go‎
Lines changed: 2 additions & 1 deletion b/‎daemon/delete.go‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎daemon/info.go‎
Lines changed: 2 additions & 1 deletion b/‎daemon/info.go‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎daemon/selinux_linux.go‎
Lines changed: 0 additions & 15 deletions b/‎daemon/selinux_linux.go‎
Lines changed: 0 additions & 15 deletions
diff --git a/‎daemon/selinux_unsupported.go‎
Lines changed: 0 additions & 13 deletions b/‎daemon/selinux_unsupported.go‎
Lines changed: 0 additions & 13 deletions
diff --git a/‎project/PACKAGERS.md‎
Lines changed: 1 addition & 7 deletions b/‎project/PACKAGERS.md‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎vendor.conf‎
Lines changed: 1 addition & 1 deletion b/‎vendor.conf‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎vendor/github.com/opencontainers/selinux/README.md‎
Lines changed: 2 additions & 1 deletion b/‎vendor/github.com/opencontainers/selinux/README.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎vendor/github.com/opencontainers/selinux/go-selinux/doc.go‎
Lines changed: 0 additions & 3 deletions b/‎vendor/github.com/opencontainers/selinux/go-selinux/doc.go‎
Lines changed: 0 additions & 3 deletions
@@ -6,7 +6,7 @@ ARG SYSTEMD="false"
 ARG GO_VERSION=1.13.15
 ARG DEBIAN_FRONTEND=noninteractive
 ARG VPNKIT_VERSION=0.4.0
-ARG DOCKER_BUILDTAGS="apparmor seccomp selinux"
+ARG DOCKER_BUILDTAGS="apparmor seccomp"
 
 ARG BASE_DEBIAN_DISTRO="buster"
 ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
 
@@ -45,6 +45,7 @@ import (
 	lntypes "github.com/docker/libnetwork/types"
 	"github.com/moby/sys/mount"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
+	"github.com/opencontainers/selinux/go-selinux"
 	"github.com/opencontainers/selinux/go-selinux/label"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -822,7 +823,7 @@ func overlaySupportsSelinux() (bool, error) {
 // configureKernelSecuritySupport configures and validates security support for the kernel
 func configureKernelSecuritySupport(config *config.Config, driverName string) error {
 	if config.EnableSelinuxSupport {
-		if !selinuxEnabled() {
+		if !selinux.GetEnabled() {
 			logrus.Warn("Docker could not enable SELinux on the host system")
 			return nil
 		}
@@ -840,7 +841,7 @@ func configureKernelSecuritySupport(config *config.Config, driverName string) er
 			}
 		}
 	} else {
-		selinuxSetDisabled()
+		selinux.SetDisabled()
 	}
 	return nil
 }
 
@@ -11,6 +11,7 @@ import (
 	"github.com/docker/docker/container"
 	"github.com/docker/docker/errdefs"
 	"github.com/docker/docker/pkg/system"
+	"github.com/opencontainers/selinux/go-selinux"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
@@ -134,7 +135,7 @@ func (daemon *Daemon) cleanupContainer(container *container.Container, forceRemo
 	}
 
 	linkNames := daemon.linkIndex.delete(container)
-	selinuxFreeLxcContexts(container.ProcessLabel)
+	selinux.ReleaseLabel(container.ProcessLabel)
 	daemon.idIndex.Delete(container.ID)
 	daemon.containers.Delete(container.ID)
 	daemon.containersReplica.Delete(container)
 
@@ -22,6 +22,7 @@ import (
 	"github.com/docker/docker/pkg/system"
 	"github.com/docker/docker/registry"
 	metrics "github.com/docker/go-metrics"
+	"github.com/opencontainers/selinux/go-selinux"
 	"github.com/sirupsen/logrus"
 )
 
@@ -188,7 +189,7 @@ func (daemon *Daemon) fillSecurityOptions(v *types.Info, sysInfo *sysinfo.SysInf
 		}
 		securityOptions = append(securityOptions, fmt.Sprintf("name=seccomp,profile=%s", profile))
 	}
-	if selinuxEnabled() {
+	if selinux.GetEnabled() {
 		securityOptions = append(securityOptions, "name=selinux")
 	}
 	if rootIDs := daemon.idMapping.RootPair(); rootIDs.UID != 0 || rootIDs.GID != 0 {
 
@@ -156,12 +156,6 @@ AppArmor, you will need to set `DOCKER_BUILDTAGS` as follows:
 export DOCKER_BUILDTAGS='apparmor'
 ```
 
-If you're building a binary that may need to be used on platforms that include
-SELinux, you will need to use the `selinux` build tag:
-```bash
-export DOCKER_BUILDTAGS='selinux'
-```
-
 If you're building a binary that may need to be used on platforms that include
 seccomp, you will need to use the `seccomp` build tag:
 ```bash
@@ -188,7 +182,7 @@ export DOCKER_BUILDTAGS='exclude_graphdriver_aufs'
 
 NOTE: if you need to set more than one build tag, space separate them:
 ```bash
-export DOCKER_BUILDTAGS='apparmor selinux exclude_graphdriver_aufs'
+export DOCKER_BUILDTAGS='apparmor exclude_graphdriver_aufs'
 ```
 
 ### LCOW (Linux Containers On Windows)
 
@@ -176,7 +176,7 @@ github.com/morikuni/aec                             39771216ff4c63d11f5e604076f9
 # metrics
 github.com/docker/go-metrics                        b619b3592b65de4f087d9f16863a7e6ff905973c # v0.0.1
 
-github.com/opencontainers/selinux                   63ad55b76fd78d4c76c2f5491f68516e60c9d523 # v1.7.0
+github.com/opencontainers/selinux                   2f45b3796d18f1ab4c9fc0c888a98d0a0fd6e429 # v1.8.0
 github.com/willf/bitset                             559910e8471e48d76d9e5a1ba15842dee77ad45d # v1.1.11
Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@ import (`
`45`	`45`	`lntypes "github.com/docker/libnetwork/types"`
`46`	`46`	`"github.com/moby/sys/mount"`
`47`	`47`	`specs "github.com/opencontainers/runtime-spec/specs-go"`
	`48`	`+ "github.com/opencontainers/selinux/go-selinux"`
`48`	`49`	`"github.com/opencontainers/selinux/go-selinux/label"`
`49`	`50`	`"github.com/pkg/errors"`
`50`	`51`	`"github.com/sirupsen/logrus"`
`@@ -822,7 +823,7 @@ func overlaySupportsSelinux() (bool, error) {`
`822`	`823`	`// configureKernelSecuritySupport configures and validates security support for the kernel`
`823`	`824`	`func configureKernelSecuritySupport(config *config.Config, driverName string) error {`
`824`	`825`	`if config.EnableSelinuxSupport {`
`825`		`- if !selinuxEnabled() {`
	`826`	`+ if !selinux.GetEnabled() {`
`826`	`827`	`logrus.Warn("Docker could not enable SELinux on the host system")`
`827`	`828`	`return nil`
`828`	`829`	`}`
`@@ -840,7 +841,7 @@ func configureKernelSecuritySupport(config *config.Config, driverName string) er`
`840`	`841`	`}`
`841`	`842`	`}`
`842`	`843`	`} else {`
`843`		`- selinuxSetDisabled()`
	`844`	`+ selinux.SetDisabled()`
`844`	`845`	`}`
`845`	`846`	`return nil`
`846`	`847`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ import (`
`22`	`22`	`"github.com/docker/docker/pkg/system"`
`23`	`23`	`"github.com/docker/docker/registry"`
`24`	`24`	`metrics "github.com/docker/go-metrics"`
	`25`	`+ "github.com/opencontainers/selinux/go-selinux"`
`25`	`26`	`"github.com/sirupsen/logrus"`
`26`	`27`	`)`
`27`	`28`
`@@ -188,7 +189,7 @@ func (daemon Daemon) fillSecurityOptions(v types.Info, sysInfo *sysinfo.SysInf`
`188`	`189`	`}`
`189`	`190`	`securityOptions = append(securityOptions, fmt.Sprintf("name=seccomp,profile=%s", profile))`
`190`	`191`	`}`
`191`		`- if selinuxEnabled() {`
	`192`	`+ if selinux.GetEnabled() {`
`192`	`193`	`securityOptions = append(securityOptions, "name=selinux")`
`193`	`194`	`}`
`194`	`195`	`if rootIDs := daemon.idMapping.RootPair(); rootIDs.UID != 0 \|\| rootIDs.GID != 0 {`