packages/kata-containers
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!108 [sync] PR-107: kata:optimize compile options

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
This commit is contained in:
openeuler-ci-bot 2022-09-13 02:29:39 +00:00 committed by Gitee
commit 164c2b9739
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 65 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
kata-containers.spec
View File

@ -2,7 +2,7 @@
%global debug_package %{nil}
%define VERSION 2.1.0
%define RELEASE 29
%define RELEASE 30
Name: kata-containers
Version: %{VERSION}
@ -108,6 +108,12 @@ strip %{buildroot}/usr/bin/containerd-shim-kata-v2
%doc
%changelog
* Thu Sep 8 2022 xiadanni <xiadanni1@huawei.com> - 2.1.0-30
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:optimize compile options
* Fri Sep 2 2022 chengzeruizhi <chengzeruizhi@huawei.com> - 2.1.0-29
- Type:bugfix
- ID:NA

57
patches/0033-optimize-compile-options.patch Normal file
View File

@ -0,0 +1,57 @@
From 443e65326eeccb3a4ad8170670d56c32931215f9 Mon Sep 17 00:00:00 2001
From: Vanient <xiadanni1@huawei.com>
Date: Thu, 8 Sep 2022 21:44:13 +0800
Subject: [PATCH] optimize compile options
Signed-off-by: Vanient <xiadanni1@huawei.com>
---
src/runtime/Makefile | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/src/runtime/Makefile b/src/runtime/Makefile
index bade196..ad421d9 100644
--- a/src/runtime/Makefile
+++ b/src/runtime/Makefile
@@ -566,7 +566,11 @@ monitor: $(MONITOR_OUTPUT)
netmon: $(NETMON_TARGET_OUTPUT)
$(NETMON_TARGET_OUTPUT): $(SOURCES) VERSION
- $(QUIET_BUILD)(cd $(NETMON_DIR) && go build $(BUILDFLAGS) -o $@ -ldflags "-X main.version=$(VERSION)" $(KATA_LDFLAGS))
+ $(QUIET_BUILD)(cd $(NETMON_DIR) && \
+ CGO_CFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \
+ CGO_LDFLAGS_ALLOW="-Wl,-z,relro,-z,now" \
+ CGO_LDFLAGS="-Wl,-z,relro,-z,now -Wl,-z,noexecstack" \
+ go build $(BUILDFLAGS) -o $@ -ldflags "-linkmode=external -X main.version=$(VERSION)" $(KATA_LDFLAGS))
runtime: $(TARGET_OUTPUT) $(CONFIGS)
.DEFAULT: default
@@ -605,15 +609,23 @@ GENERATED_FILES += $(GENERATED_CONFIG)
GENERATED_FILES += pkg/katautils/config-settings.go
$(TARGET_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) | show-summary
- $(QUIET_BUILD)(cd $(CLI_DIR) && go build $(KATA_LDFLAGS) $(BUILDFLAGS) -o $@ .)
+ $(QUIET_BUILD)(cd $(CLI_DIR) && \
+ CGO_CFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \
+ CGO_LDFLAGS_ALLOW="-Wl,-z,relro,-z,now" \
+ CGO_LDFLAGS="-Wl,-z,relro,-z,now -Wl,-z,noexecstack" \
+ go build -ldflags "-linkmode=external" $(KATA_LDFLAGS) $(BUILDFLAGS) -o $@ .)
$(SHIMV2_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST)
$(QUIET_BUILD)(cd $(SHIMV2_DIR)/ && ln -fs $(GENERATED_CONFIG))
- $(QUIET_BUILD)(cd $(SHIMV2_DIR)/ && go build $(KATA_LDFLAGS) $(BUILDFLAGS) -o $@ .)
+ $(QUIET_BUILD)(cd $(SHIMV2_DIR)/ && \
+ CGO_CFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \
+ CGO_LDFLAGS_ALLOW="-Wl,-z,relro,-z,now" \
+ CGO_LDFLAGS="-Wl,-z,relro,-z,now -Wl,-z,noexecstack" \
+ go build -ldflags "-linkmode=external" $(KATA_LDFLAGS) $(BUILDFLAGS) -o $@ .)
$(MONITOR_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) .git-commit
$(QUIET_BUILD)(cd $(MONITOR_DIR)/ && CGO_ENABLED=0 go build \
- --ldflags "-X main.GitCommit=$(shell cat .git-commit)" $(BUILDFLAGS) -buildmode=exe -o $@ .)
+ --ldflags "-linkmode=external -X main.GitCommit=$(shell cat .git-commit)" $(BUILDFLAGS) -o $@ .)
.PHONY: \
check \
--
2.27.0

1
series.conf
View File

@ -30,3 +30,4 @@
0030-use-host_device-blockdev-adding.patch
0031-add-explicit-on-after-kernel_irqchip.patch
0032-qmp-Don-t-use-deprecated-props-field-for-object-add.patch
0033-optimize-compile-options.patch