From b5a1645250c17fb657b7f10166f1c665ce192aaf Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Wed, 5 Feb 2025 12:24:36 +0000 Subject: Revert "runc-docker: upgrade 1.1.4 -> 1.1.12" This reverts commit 76f2999987fa3ea30a823de3bd79d0cc0e0c287f. --- ...spect-GOBUILDFLAGS-for-runc-and-remove-re.patch | 26 ++++++++---------- .../0001-runc-Add-console-socket-dev-null.patch | 13 ++++----- .../0001-runc-docker-SIGUSR1-daemonize.patch | 31 ++++++++++------------ recipes-containers/runc/runc-docker_git.bb | 10 +++---- 4 files changed, 35 insertions(+), 45 deletions(-) diff --git a/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch b/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch index 79e63322..4d35e58e 100644 --- a/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch +++ b/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch @@ -1,7 +1,7 @@ From 0fe50d2ca4517f5e3070585040f35ace413acd44 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Tue, 24 Aug 2021 11:38:23 -0400 -Subject: [PATCH] Makefile: respect GOBUILDFLAGS for runc and remove recvtty +Subject: [PATCH] Makefile: respect GOBUILDFLAGS for runc and remove recvtty from static Signed-off-by: Chen Qi @@ -11,20 +11,16 @@ Signed-off-by: Bruce Ashfield Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) -diff --git a/Makefile b/Makefile -index e3af9bc1..f9d6de96 100644 ---- a/Makefile -+++ b/Makefile -@@ -24,8 +24,7 @@ ifneq (,$(filter $(GOARCH),386 amd64 arm arm64 ppc64le riscv64 s390x)) - GO_BUILDMODE := "-buildmode=pie" +Index: git/src/import/Makefile +=================================================================== +--- git.orig/src/import/Makefile ++++ git/src/import/Makefile +@@ -20,7 +20,7 @@ + endif endif endif --GO_BUILD := $(GO) build -trimpath $(GO_BUILDMODE) \ -- $(EXTRA_FLAGS) -tags "$(BUILDTAGS)" \ +-GO_BUILD := $(GO) build -trimpath $(GO_BUILDMODE) $(EXTRA_FLAGS) -tags "$(BUILDTAGS)" \ +GO_BUILD := $(GO) build $(GOBUILDFLAGS) -trimpath $(GO_BUILDMODE) $(EXTRA_FLAGS) -tags "$(BUILDTAGS)" \ - -ldflags "$(LDFLAGS_COMMON) $(EXTRA_LDFLAGS)" - - GO_BUILDMODE_STATIC := --- -2.40.0 - + -ldflags "-X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS)" + GO_BUILD_STATIC := CGO_ENABLED=1 $(GO) build -trimpath $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo" \ + -ldflags "-extldflags -static -X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS)" diff --git a/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch b/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch index 2a24df90..bcf4c103 100644 --- a/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch +++ b/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch @@ -12,11 +12,11 @@ Signed-off-by: Jason Wessel utils_linux.go | 5 +++++ 1 file changed, 5 insertions(+) -diff --git a/utils_linux.go b/utils_linux.go -index 60d534e8..ddcab62f 100644 ---- a/utils_linux.go -+++ b/utils_linux.go -@@ -234,6 +234,11 @@ type runner struct { +Index: git/src/import/utils_linux.go +=================================================================== +--- git.orig/src/import/utils_linux.go ++++ git/src/import/utils_linux.go +@@ -267,6 +267,11 @@ } func (r *runner) run(config *specs.Process) (int, error) { @@ -28,6 +28,3 @@ index 60d534e8..ddcab62f 100644 var err error defer func() { if err != nil { --- -2.40.0 - diff --git a/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch b/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch index 1065f23e..4350c40f 100644 --- a/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch +++ b/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch @@ -25,15 +25,15 @@ is set. Signed-off-by: Jason Wessel --- - signals.go | 56 ++++++++++++++++++++++++++++++++++++++++++++++---- + signals.go | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++---- utils_linux.go | 2 +- - 2 files changed, 53 insertions(+), 5 deletions(-) + 2 files changed, 51 insertions(+), 5 deletions(-) -diff --git a/signals.go b/signals.go -index 2555b765..1266ee66 100644 ---- a/signals.go -+++ b/signals.go -@@ -3,7 +3,9 @@ package main +Index: git/src/import/signals.go +=================================================================== +--- git.orig/src/import/signals.go ++++ git/src/import/signals.go +@@ -5,7 +5,9 @@ import ( "os" "os/signal" @@ -43,7 +43,7 @@ index 2555b765..1266ee66 100644 "github.com/opencontainers/runc/libcontainer" "github.com/opencontainers/runc/libcontainer/system" "github.com/opencontainers/runc/libcontainer/utils" -@@ -53,9 +55,6 @@ type signalHandler struct { +@@ -55,9 +57,6 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach bool) (int, error) { // make sure we know the pid of our main process so that we can return // after it dies. @@ -53,7 +53,7 @@ index 2555b765..1266ee66 100644 pid1, err := process.Pid() if err != nil { -@@ -65,12 +64,61 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach +@@ -67,12 +66,61 @@ if h.notifySocket != nil { if detach { _ = h.notifySocket.run(pid1) @@ -116,11 +116,11 @@ index 2555b765..1266ee66 100644 // Perform the initial tty resize. Always ignore errors resizing because // stdout might have disappeared (due to races with when SIGHUP is sent). _ = tty.resize() -diff --git a/utils_linux.go b/utils_linux.go -index ddcab62f..280051ea 100644 ---- a/utils_linux.go -+++ b/utils_linux.go -@@ -315,7 +315,7 @@ func (r *runner) run(config *specs.Process) (int, error) { +Index: git/src/import/utils_linux.go +=================================================================== +--- git.orig/src/import/utils_linux.go ++++ git/src/import/utils_linux.go +@@ -345,7 +345,7 @@ if err != nil { r.terminate(process) } @@ -129,6 +129,3 @@ index ddcab62f..280051ea 100644 return 0, nil } if err == nil { --- -2.40.0 - diff --git a/recipes-containers/runc/runc-docker_git.bb b/recipes-containers/runc/runc-docker_git.bb index afecac67..97373a72 100644 --- a/recipes-containers/runc/runc-docker_git.bb +++ b/recipes-containers/runc/runc-docker_git.bb @@ -2,13 +2,13 @@ include runc.inc # Note: this rev is before the required protocol field, update when all components # have been updated to match. -SRCREV_runc-docker = "a9833ff391a71b30069a6c3f816db113379a4346" +SRCREV_runc-docker = "974efd2dfca0abec041a3708a2b66bfac6bd2484" SRC_URI = "git://github.com/opencontainers/runc;branch=release-1.1;name=runc-docker;protocol=https \ - file://0001-runc-Add-console-socket-dev-null.patch;patchdir=src/import \ - file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch;patchdir=src/import \ - file://0001-runc-docker-SIGUSR1-daemonize.patch;patchdir=src/import \ + file://0001-runc-Add-console-socket-dev-null.patch \ + file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ + file://0001-runc-docker-SIGUSR1-daemonize.patch \ " -RUNC_VERSION = "1.1.12" +RUNC_VERSION = "1.1.4" CVE_PRODUCT = "runc" -- cgit v1.2.3-54-g00ecf