diff --git a/VERSION-openeuler b/VERSION-openeuler
index d7576ffee724d3f5e80ec1930cd0fa736446b45c..88e57690667f7fc8a561cfbf7ca2661eb85a1564 100644
--- a/VERSION-openeuler
+++ b/VERSION-openeuler
@@ -1 +1 @@
-18.09.0.306
+18.09.0.307
diff --git a/docker.spec b/docker.spec
index 85f3b87ce90582a1441d59771143674b7df76e92..ee5653993941e8f5d621c480dc037ff484fb118f 100644
--- a/docker.spec
+++ b/docker.spec
@@ -1,6 +1,6 @@
 Name: docker-engine
 Version: 18.09.0
-Release: 306
+Release: 307
 Summary: The open-source application container engine
 Group: Tools/Docker
 
@@ -212,6 +212,12 @@ fi
 %endif
 
 %changelog
+* Wed Aug 31 2022 zhangsong<zhangsong34@huawei.com> - 18.09.0-307
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:ensure layer digest folder removed if ls.driver.Remove fails
+
 * Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-306
 - Type:CVE
 - CVE:CVE-2021-41092
diff --git a/git-commit b/git-commit
index 44f0e7cbbe445bfa76be6c2a66265d3896982cec..8af681cc134e0b3699b650689cff44db5300f008 100644
--- a/git-commit
+++ b/git-commit
@@ -1 +1 @@
-1d79dce8b3c1b71f07ef5ad31adfe8026080311f
+f58f1bab40cd5c9bb221e9360af84145c5422739
diff --git a/patch/0229-docker-ensure-layer-digest-folder-removed-if-ls.driv.patch b/patch/0229-docker-ensure-layer-digest-folder-removed-if-ls.driv.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a554b8f3a109f5bebf22ab42b12926efd93042c6
--- /dev/null
+++ b/patch/0229-docker-ensure-layer-digest-folder-removed-if-ls.driv.patch
@@ -0,0 +1,68 @@
+From ef17936c73849e17039f0b1558f6a87f70a35890 Mon Sep 17 00:00:00 2001
+From: zhangsong <zhangsong34@huawei.com>
+Date: Mon, 29 Aug 2022 11:41:15 +0800
+Subject: [PATCH] docker: ensure layer digest folder removed if
+ ls.driver.Remove fails
+
+If image pull fails of context canceled, image layer will perform a
+rollback operation. When image layer is released, the diff folder
+of layer will be removed first, and then the digest folder will be
+removed. If the diff folder fails to be removed, such as operation
+not permitted or interrupted by others, both the digest folder and diff
+folder will remain on the disk, this will cause image not be complete
+and not repairable.
+
+So we should remove the digest folder first for image layers rollback
+and ensure image can be re-pulled completely.
+
+Signed-off-by: zhangsong <zhangsong34@huawei.com>
+---
+ components/engine/layer/layer_store.go | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/components/engine/layer/layer_store.go b/components/engine/layer/layer_store.go
+index c514ed80..e3030c3c 100644
+--- a/components/engine/layer/layer_store.go
++++ b/components/engine/layer/layer_store.go
+@@ -311,6 +311,8 @@ func (ls *layerStore) registerWithDescriptor(ts io.Reader, parent ChainID, descr
+ 		// Release parent chain if error
+ 		defer func() {
+ 			if err != nil {
++				logrus.Errorf("Create layer cache id: %s, diff id: %s, chain id: %s, error: %v",
++					p.cacheID, p.diffID, p.chainID, err)
+ 				ls.layerL.Lock()
+ 				ls.releaseLayer(p)
+ 				ls.layerL.Unlock()
+@@ -428,12 +430,18 @@ func (ls *layerStore) Map() map[ChainID]Layer {
+ }
+ 
+ func (ls *layerStore) deleteLayer(layer *roLayer, metadata *Metadata) error {
+-	err := ls.driver.Remove(layer.cacheID)
++	logrus.Debugf("Deleting layer cache id: %s, diff id: %s, chain id: %s",
++		layer.cacheID, layer.diffID, layer.chainID)
++	err := ls.store.Remove(layer.chainID)
+ 	if err != nil {
++		logrus.Errorf("Remove layer store: cache id: %s, diff id: %s, chain id: %s, error: %v",
++			layer.cacheID, layer.diffID, layer.chainID, err)
+ 		return err
+ 	}
+-	err = ls.store.Remove(layer.chainID)
++	err = ls.driver.Remove(layer.cacheID)
+ 	if err != nil {
++		logrus.Errorf("Remove driver store: cache id: %s, diff id: %s, chain id: %s, error: %v",
++			layer.cacheID, layer.diffID, layer.chainID, err)
+ 		return err
+ 	}
+ 	metadata.DiffID = layer.diffID
+@@ -444,6 +452,8 @@ func (ls *layerStore) deleteLayer(layer *roLayer, metadata *Metadata) error {
+ 	}
+ 	metadata.DiffSize = layer.size
+ 
++	logrus.Debugf("Delete layer cache id: %s, diff id: %s, chain id: %s done",
++		layer.cacheID, layer.diffID, layer.chainID)
+ 	return nil
+ }
+ 
+-- 
+2.27.0
+
diff --git a/series.conf b/series.conf
index 5033fa4c0d110a8ff592644ff152f1b53947cbb6..32c73d449dac403124f76581152a2a8c72990dd5 100644
--- a/series.conf
+++ b/series.conf
@@ -226,4 +226,5 @@ patch/0225-docker-close-channel-in-write-side-to-avoid-panic-in.patch
 patch/0226-docker-chrootarchive-don-t-create-parent-dirs-outside-of-ch.patch
 patch/0227-docker-Lock-down-docker-root-dir-perms.patch
 patch/0228-docker-registry-ensure-default-auth-config-has-address.patch
+patch/0229-docker-ensure-layer-digest-folder-removed-if-ls.driv.patch
 #end