VERSION: release v1.2.0

[cyphar]

v1.2.0 -- "できるときにできることをやるんだ。それが今だ。"

This is long-awaited release of runc 1.2.0! The primary changes from rc3
are general improvements and fixes for minor regressions related to the
new /proc/self/exe cloning logic in runc 1.2, follow-on patches related
to CVE-2024-45310, as well as some other minor changes.

 + In order to alleviate the remaining concerns around the memory usage
   and (arguably somewhat unimportant, but measurable) performance
   overhead of memfds for cloning `/proc/self/exe`, we have added a new
   protection using `overlayfs` that is used if you have enough
   privileges and the running kernel supports it. It has effectively no
   performance nor memory overhead (compared to no cloning at all).
   (#4448)
 * The original fix for CVE-2024-45310 was intentionally very limited in
   scope to make it easier to review, however it also did not handle all
   possible `os.MkdirAll` cases and thus could lead to regressions. We
   have switched to the more complete implementation in the newer
   versions of `github.com/cyphar/filepath-securejoin`. (#4393, #4400,
   #4421, #4430)
 * In certain situations (a system with lots of mounts or racing mounts)
   we could accidentally end up leaking mounts from the container into
   the host. This has been fixed. (#4417)
 * The fallback logic for `O_TMPFILE` clones of `/proc/self/exe` had a
   minor bug that would cause us to miss non-`noexec` directories and
   thus fail to start containers on some systems. (#4444)
 * Sometimes the cloned `/proc/self/exe` file descriptor could be placed
   in a way that it would get clobbered by the Go runtime. We had a fix
   for this already but it turns out it could still break in rare
   circumstances, but it has now been fixed. (#4294, #4452)
 * It is not possible for `runc kill` to work properly in some specific
   configurations (such as rootless containers with no cgroups and a
   shared pid namespace). We now output a warning for such
   configurations. (#4398)
 * memfd-bind: update the documentation and make path handling with the
   systemd unit more idiomatic. (#4428)
 * We now use v0.16 of Cilium's eBPF library, including fixes that quite
   a few downstreams asked for. (#4397, #4396)
 * Some internal `runc init` synchronisation that was no longer
   necessary (due to the `/proc/self/exe` cloning move to Go) was
   removed. (#4441)

Thanks to all of the contributors who made this release possible:

 * Akhil Mohan <akhilerm@gmail.com>
 * Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 * Aleksa Sarai <cyphar@cyphar.com>
 * Amir M. Ghazanfari <a.m.ghazanfari76@gmail.com>
 * Kir Kolyshkin <kolyshkin@gmail.com>
 * Rafael Roquetto <rafael.roquetto@grafana.com>
 * Rodrigo Campos <rodrigoca@microsoft.com>
 * Sebastiaan van Stijn <github@gone.nl>
 * Stavros Panakakis <stavrospanakakis@gmail.com>
 * lifubang <lifubang@acmcoder.com>

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

[cyphar]

Last call for LGTMs @opencontainers/runc-maintainers

I'll do the merge and release today.

[rata]

LGTM