diff --git a/docker.spec b/docker.spec index 64db0ff8d5e7c98f8e4a2e9e306940c2c68f6bed..0b9384793564ce0e0e395939162fd31387f1d83c 100644 --- a/docker.spec +++ b/docker.spec @@ -1,6 +1,6 @@ Name: docker-engine Version: 18.09.0 -Release: 341 +Release: 342 Epoch: 2 Summary: The open-source application container engine Group: Tools/Docker @@ -75,6 +75,9 @@ rm -rf vendor/golang.org/x/net tar -xf %{SOURCE7} -C vendor/golang.org/x/ tar -xf %{SOURCE8} -C vendor/golang.org/x/ %endif +%if %{?_auto_set_build_flags} +unset LDFLAGS +%endif ./hack/make.sh dynbinary # buid docker cli @@ -227,6 +230,12 @@ fi %endif %changelog +* Wed Oct 16 2024 xiajingze - 2:18.09.0-342 +- Type:enhencement +- CVE:NA +- SUG:NA +- DESC:support clang build + * Sat Aug 31 2024 zhongjiawei - 2:18.09.0-341 - Type:bugfix - CVE:NA diff --git a/patch/0280-support-clang-build.patch b/patch/0280-support-clang-build.patch new file mode 100644 index 0000000000000000000000000000000000000000..6d30bf58f3ebaf5c73a741786c1f4c2f4148d133 --- /dev/null +++ b/patch/0280-support-clang-build.patch @@ -0,0 +1,55 @@ +From abc654d8b184f34534049e73e8ab2113ca405dd4 Mon Sep 17 00:00:00 2001 +From: xiajingze +Date: Wed, 16 Oct 2024 10:04:01 +0000 +Subject: [PATCH] support clang build + +--- + components/cli/scripts/build/dynbinary | 7 ++++++- + components/engine/hack/make/.binary | 7 ++++++- + 2 files changed, 12 insertions(+), 2 deletions(-) + +diff --git a/components/cli/scripts/build/dynbinary b/components/cli/scripts/build/dynbinary +index 40941bb..cd48bbf 100755 +--- a/components/cli/scripts/build/dynbinary ++++ b/components/cli/scripts/build/dynbinary +@@ -15,8 +15,13 @@ BEP_FLAGS="-tmpdir=$BEP_DIR" + mkdir -p $BEP_DIR + GC_FLAGS="-gcflags=-trimpath=$GOPATH" + ASM_FLAGS="-asmflags=-trimpath=$GOPATH" ++if [[ -n "${CC+x}" && "$CC" == "clang" ]]; then ++ EXT_LDFLAGS="-extldflags=-Wl,-z,relro -extldflags=-Wl,-z,now" ++else ++ EXT_LDFLAGS="-extldflags=-zrelro -extldflags=-znow" ++fi + + set -x +-go build $GC_FLAGS $ASM_FLAGS -o "${TARGET}" -tags pkcs11 --ldflags " -buildid=IdByIsula -extldflags=-zrelro -extldflags=-znow $BEP_FLAGS ${LDFLAGS}" -buildmode=pie "${SOURCE}" ++go build $GC_FLAGS $ASM_FLAGS -o "${TARGET}" -tags pkcs11 --ldflags " -buildid=IdByIsula $EXT_LDFLAGS $BEP_FLAGS ${LDFLAGS}" -buildmode=pie "${SOURCE}" + + ln -sf "$(basename "${TARGET}")" build/docker +diff --git a/components/engine/hack/make/.binary b/components/engine/hack/make/.binary +index 35bb836..3b1b9e8 100755 +--- a/components/engine/hack/make/.binary ++++ b/components/engine/hack/make/.binary +@@ -65,12 +65,17 @@ BEP_FLAGS="-tmpdir=$BEP_DIR" + mkdir -p $BEP_DIR + GC_FLAGS="-gcflags=-trimpath=$GOPATH" + ASM_FLAGS="-asmflags=-trimpath=$GOPATH" ++if [[ -n "${CC+x}" && "$CC" == "clang" ]]; then ++ EXT_LDFLAGS="-extldflags=-Wl,-z,relro -extldflags=-Wl,-z,now" ++else ++ EXT_LDFLAGS="-extldflags=-zrelro -extldflags=-znow" ++fi + set -x + go build $GC_FLAGS $ASM_FLAGS \ + -o "$DEST/$BINARY_FULLNAME" \ + "${BUILDFLAGS[@]}" \ + -ldflags " +- -buildid=IdByIsula -extldflags=-zrelro -extldflags=-znow $BEP_FLAGS ++ -buildid=IdByIsula $EXT_LDFLAGS $BEP_FLAGS + $LDFLAGS + $LDFLAGS_STATIC_DOCKER + $DOCKER_LDFLAGS +-- +2.43.0 + diff --git a/series.conf b/series.conf index dc53d1fad6275ae19589d99441a68cf8064f5bf1..83e40edd16b6604725be57b371328273950cd12b 100644 --- a/series.conf +++ b/series.conf @@ -277,4 +277,5 @@ patch/0276-docker-Ignore-SIGURG-on-Linux.patch patch/0277-backport-fix-CVE-2024-41110.patch patch/0278-docker-add-clone3-seccomp-whitelist-for-arm64.patch patch/0279-docker-try-to-reconnect-when-containerd-grpc-return-.patch +patch/0280-support-clang-build.patch #end