80 lines
2.9 KiB
Diff
80 lines
2.9 KiB
Diff
|
From c102651a124775ec8c92b774086c46f76407e9d8 Mon Sep 17 00:00:00 2001
|
||
|
|
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
|
||
|
|
Date: Wed, 26 Oct 2022 15:34:29 +0800
|
||
|
|
Subject: [PATCH] runc:modify runc Makefile
|
||
|
|
|
||
|
|
---
|
||
|
|
runc-1.1.3/Makefile | 28 ++++++++++++++++++++++------
|
||
|
|
1 file changed, 22 insertions(+), 6 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/runc-1.1.3/Makefile b/runc-1.1.3/Makefile
|
||
|
|
index cf82c0c..34b5347 100644
|
||
|
|
--- a/runc-1.1.3/Makefile
|
||
|
|
+++ b/runc-1.1.3/Makefile
|
||
|
|
@@ -10,9 +10,12 @@ GIT_BRANCH_CLEAN := $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g")
|
||
|
|
RUNC_IMAGE := runc_dev$(if $(GIT_BRANCH_CLEAN),:$(GIT_BRANCH_CLEAN))
|
||
|
|
PROJECT := github.com/opencontainers/runc
|
||
|
|
BUILDTAGS ?= seccomp
|
||
|
|
-COMMIT ?= $(shell git describe --dirty --long --always)
|
||
|
|
+COMMIT ?= $(shell cat ./git-commit | head -c 40)
|
||
|
|
VERSION := $(shell cat ./VERSION)
|
||
|
|
|
||
|
|
+BEP_DIR := "/tmp/runc-build-bep"
|
||
|
|
+BEP_FLAG := "-tmpdir=${BEP_DIR}"
|
||
|
|
+
|
||
|
|
ifeq ($(shell $(GO) env GOOS),linux)
|
||
|
|
ifeq (,$(filter $(shell $(GO) env GOARCH),mips mipsle mips64 mips64le ppc64))
|
||
|
|
ifeq (,$(findstring -race,$(EXTRA_FLAGS)))
|
||
|
|
@@ -22,23 +25,33 @@ ifeq ($(shell $(GO) env GOOS),linux)
|
||
|
|
endif
|
||
|
|
GO_BUILD := $(GO) build -trimpath $(GO_BUILDMODE) $(EXTRA_FLAGS) -tags "$(BUILDTAGS)" \
|
||
|
|
-ldflags "-X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS)"
|
||
|
|
-GO_BUILD_STATIC := CGO_ENABLED=1 $(GO) build -trimpath $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo" \
|
||
|
|
- -ldflags "-extldflags -static -X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS)"
|
||
|
|
+GO_BUILD_STATIC := $(GO) build -trimpath $(EXTRA_FLAGS) -tags "$(BUILDTAGS) static_build cgo netgo osusergo"
|
||
|
|
|
||
|
|
GPG_KEYID ?= asarai@suse.de
|
||
|
|
|
||
|
|
.DEFAULT: runc
|
||
|
|
|
||
|
|
runc:
|
||
|
|
- $(GO_BUILD) -o runc .
|
||
|
|
+ mkdir -p ${BEP_DIR}
|
||
|
|
+ $(GO_BUILD) $(BEP_FLAG) -buildid=IdByIsula -o runc .
|
||
|
|
|
||
|
|
all: runc recvtty sd-helper seccompagent
|
||
|
|
|
||
|
|
recvtty sd-helper seccompagent:
|
||
|
|
- $(GO_BUILD) -o contrib/cmd/$@/$@ ./contrib/cmd/$@
|
||
|
|
+ $(GO_BUILD) $(BEP_FLAG) -buildid=IdByIsula -o contrib/cmd/$@/$@ ./contrib/cmd/$@
|
||
|
|
+
|
||
|
|
+LD_FLAGS='-buildid=none -tmpdir=/tmp/bep-runc -linkmode=external -extldflags=-Wl,-z,relro,-z,now \
|
||
|
|
+ -extldflags -static -X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS) \
|
||
|
|
+ '
|
||
|
|
|
||
|
|
static:
|
||
|
|
- $(GO_BUILD_STATIC) -o runc .
|
||
|
|
+ rm -rf /tmp/bep-runc && mkdir /tmp/bep-runc
|
||
|
|
+ CGO_ENABLED=1 \
|
||
|
|
+ CGO_CFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \
|
||
|
|
+ CGO_CPPFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \
|
||
|
|
+ CGO_LDFLAGS_ALLOW='-Wl,-z,relro,-z,now' \
|
||
|
|
+ CGO_LDFLAGS="-Wl,-z,relro,-z,now -Wl,-z,noexecstack" \
|
||
|
|
+ $(GO_BUILD_STATIC) -buildmode=pie -ldflags $(LD_FLAGS) -o runc .
|
||
|
|
|
||
|
|
releaseall: RELEASE_ARGS := "-a arm64 -a armel -a armhf -a ppc64le -a s390x"
|
||
|
|
releaseall: release
|
||
|
|
@@ -70,6 +83,9 @@ runcimage:
|
||
|
|
|
||
|
|
test: unittest integration rootlessintegration
|
||
|
|
|
||
|
|
+check:
|
||
|
|
+ go test -v ./libcontainer
|
||
|
|
+
|
||
|
|
localtest: localunittest localintegration localrootlessintegration
|
||
|
|
|
||
|
|
unittest: runcimage
|
||
|
|
--
|
||
|
|
2.30.0
|
||
|
|
|