aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Christian Stewart <christian@paral.in>2019-02-19 14:35:28 -0800
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-02-27 10:05:49 +0100
commit905e976a6af224b3ed015c46fcea2d717c155f55 (patch)
tree033dd95f32b059f5ce13f5fc8b357fa59b56a09e
parentc12b32ba46bf959d884af7340c24f3981a34693f (diff)
downloadbuildroot-905e976a6af224b3ed015c46fcea2d717c155f55.tar.gz
buildroot-905e976a6af224b3ed015c46fcea2d717c155f55.tar.bz2
runc: depend on linux headers >= 3.11 for O_TMPFILE
Fixes: http://autobuild.buildroot.net/results/63e9d88ae5177541be463f1e2aafec59aa410479 Add dependency on headers >= 3.11 for O_TMPFILE, used by runc after the fix for CVE-2019-5736 and propagate to the reverse dependencies of runc. Notice that C library support for O_TMPFILE is also needed, which was added in glibc 2.19 and musl 0.9.15. Signed-off-by: Christian Stewart <christian@paral.in> [Peter: squash series, extend commit message, mention C library dependency, fix indentation] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/docker-containerd/Config.in4
-rw-r--r--package/docker-engine/Config.in6
-rw-r--r--package/runc/Config.in6
3 files changed, 11 insertions, 5 deletions
diff --git a/package/docker-containerd/Config.in b/package/docker-containerd/Config.in
index 5e0cc1e877..3de3dc6da2 100644
--- a/package/docker-containerd/Config.in
+++ b/package/docker-containerd/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_DOCKER_CONTAINERD
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # runc
depends on !BR2_TOOLCHAIN_USES_UCLIBC # runc
depends on BR2_USE_MMU # util-linux
select BR2_PACKAGE_RUNC # runtime dependency
@@ -32,4 +33,5 @@ comment "docker-containerd needs a glibc or musl toolchain w/ threads"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_USE_MMU
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAIN_USES_UCLIBC
diff --git a/package/docker-engine/Config.in b/package/docker-engine/Config.in
index 3c97310484..cd878880ae 100644
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_DOCKER_ENGINE
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # docker-containerd -> runc
depends on !BR2_TOOLCHAIN_USES_UCLIBC # docker-containerd -> runc
depends on BR2_USE_MMU # docker-containerd
select BR2_PACKAGE_DOCKER_CONTAINERD # runtime dependency
@@ -50,8 +51,9 @@ config BR2_PACKAGE_DOCKER_ENGINE_DRIVER_VFS
endif
-comment "docker-engine needs a glibc or musl toolchain w/ threads"
+comment "docker-engine needs a glibc or musl toolchain w/ threads, headers >= 3.11"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAIN_USES_UCLIBC
depends on BR2_USE_MMU
diff --git a/package/runc/Config.in b/package/runc/Config.in
index 47c850ef30..5b08b91032 100644
--- a/package/runc/Config.in
+++ b/package/runc/Config.in
@@ -3,6 +3,7 @@ config BR2_PACKAGE_RUNC
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 # O_TMPFILE
depends on !BR2_TOOLCHAIN_USES_UCLIBC # no fexecve
help
runC is a CLI tool for spawning and running containers
@@ -10,7 +11,8 @@ config BR2_PACKAGE_RUNC
https://github.com/opencontainers/runc
-comment "runc needs a glibc or musl toolchain toolchain w/ threads"
+comment "runc needs a glibc or musl toolchain w/ threads, headers >= 3.11"
depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS && \
BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
- depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAN_USES_UCLIBC
+ depends on !BR2_TOOLCHAIN_HAS_THREADS || \
+ !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_11 || BR2_TOOLCHAN_USES_UCLIBC