48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
|
From 096172d15e1d29ba177a39d8ded3ca6b5b1c0ac4 Mon Sep 17 00:00:00 2001
|
||
|
|
From: wangfengtu <wangfengtu@huawei.com>
|
||
|
|
Date: Thu, 14 Feb 2019 00:08:01 +0800
|
||
|
|
Subject: [PATCH 92/94] runc: cve-2019-5736 fix build failure
|
||
|
|
|
||
|
|
[Changelog]: fix build failure
|
||
|
|
[Author]: git
|
||
|
|
|
||
|
|
Change-Id: Ie422758618726d9e98a7f9ec9a14e34d4479251f
|
||
|
|
Signed-off-by: wangfengtu <wangfengtu@huawei.com>
|
||
|
|
---
|
||
|
|
libcontainer/nsenter/cloned_binary.c | 2 ++
|
||
|
|
script/runc-euleros.spec | 2 +-
|
||
|
|
2 files changed, 3 insertions(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/libcontainer/nsenter/cloned_binary.c b/libcontainer/nsenter/cloned_binary.c
|
||
|
|
index e59d434..ff7ecb0 100644
|
||
|
|
--- a/libcontainer/nsenter/cloned_binary.c
|
||
|
|
+++ b/libcontainer/nsenter/cloned_binary.c
|
||
|
|
@@ -239,9 +239,11 @@ static int clone_binary(void)
|
||
|
|
case USING_MEMFD:
|
||
|
|
memfd = memfd_create(RUNC_MEMFD_COMMENT, MFD_CLOEXEC | MFD_ALLOW_SEALING);
|
||
|
|
break;
|
||
|
|
+#ifdef O_TMPFILE
|
||
|
|
case USING_UNAMED_FILE:
|
||
|
|
memfd = open("/tmp", O_TMPFILE | O_EXCL | O_RDWR | O_CLOEXEC, 0711);
|
||
|
|
break;
|
||
|
|
+#endif
|
||
|
|
case USING_TMPFILE:
|
||
|
|
memfd = mkostemp(template,O_EXCL | O_RDWR | O_CLOEXEC);
|
||
|
|
if (memfd < 0) {
|
||
|
|
diff --git a/script/runc-euleros.spec b/script/runc-euleros.spec
|
||
|
|
index b577d1a..6e96326 100644
|
||
|
|
--- a/script/runc-euleros.spec
|
||
|
|
+++ b/script/runc-euleros.spec
|
||
|
|
@@ -2,7 +2,7 @@
|
||
|
|
|
||
|
|
Name: docker-runc
|
||
|
|
Version: 1.0.0.rc3
|
||
|
|
-Release: 21%{?dist}
|
||
|
|
+Release: 22%{?dist}
|
||
|
|
Summary: runc is a CLI tool for spawning and running containers according to the OCF specification
|
||
|
|
|
||
|
|
License: ASL 2.0
|
||
|
|
--
|
||
|
|
2.7.4.3
|
||
|
|
|