[Buildroot] [git commit] runc: depend on linux headers >= 3.11 for O_TMPFILE
Peter Korsgaard
peter at korsgaard.com
Wed Feb 27 09:05:49 UTC 2019
commit: https://git.buildroot.net/buildroot/commit/?id=905e976a6af224b3ed015c46fcea2d717c155f55
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Fixes:
http://autobuild.buildroot.net/results/63e9d88ae5177541be463f1e2aafec59aa410479
Add dependency on headers >= 3.11 for O_TMPFILE, used by runc after the
fix for CVE-2019-5736 and propagate to the reverse dependencies of runc.
Notice that C library support for O_TMPFILE is also needed, which was added
in glibc 2.19 and musl 0.9.15.
Signed-off-by: Christian Stewart <christian at paral.in>
[Peter: squash series, extend commit message, mention C library dependency,
fix indentation]
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/docker-containerd/Config.in | 4 +++-
package/docker-engine/Config.in | 6 ++++--
package/runc/Config.in | 6 ++++--
3 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/package/docker-containerd/Config.in b/package/docker-containerd/Config.in
index 5e0cc1e877..3de3dc6da2 100644
--- a/package/docker-containerd/Config.in
+++ b/package/docker-containerd/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_DOCKER_CONTAINERD
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # runc
depends on !BR2_TOOLCHAIN_USES_UCLIBC # runc
depends on BR2_USE_MMU # util-linux
select BR2_PACKAGE_RUNC # runtime dependency
@@ -32,4 +33,5 @@ comment "docker-containerd needs a glibc or musl toolchain w/ threads"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_USE_MMU
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAIN_USES_UCLIBC
diff --git a/package/docker-engine/Config.in b/package/docker-engine/Config.in
index 3c97310484..cd878880ae 100644
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_DOCKER_ENGINE
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # docker-containerd -> runc
depends on !BR2_TOOLCHAIN_USES_UCLIBC # docker-containerd -> runc
depends on BR2_USE_MMU # docker-containerd
select BR2_PACKAGE_DOCKER_CONTAINERD # runtime dependency
@@ -50,8 +51,9 @@ config BR2_PACKAGE_DOCKER_ENGINE_DRIVER_VFS
endif
-comment "docker-engine needs a glibc or musl toolchain w/ threads"
+comment "docker-engine needs a glibc or musl toolchain w/ threads, headers >= 3.11"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAIN_USES_UCLIBC
depends on BR2_USE_MMU
diff --git a/package/runc/Config.in b/package/runc/Config.in
index 47c850ef30..5b08b91032 100644
--- a/package/runc/Config.in
+++ b/package/runc/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_RUNC
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # O_TMPFILE
depends on !BR2_TOOLCHAIN_USES_UCLIBC # no fexecve
help
runC is a CLI tool for spawning and running containers
@@ -10,7 +11,8 @@ config BR2_PACKAGE_RUNC
https://github.com/opencontainers/runc
-comment "runc needs a glibc or musl toolchain toolchain w/ threads"
+comment "runc needs a glibc or musl toolchain w/ threads, headers >= 3.11"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS && \
BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAN_USES_UCLIBC
More information about the buildroot
mailing list