From 8fcd0ebb6a8812344c2dd3d961df0896709a69d2 Mon Sep 17 00:00:00 2001
From: mzzhou1994 <1362843687@qq.com>
Date: Sat, 8 Jul 2023 22:18:48 +0800
Subject: [PATCH] add secure compile marco

---
 0034-add-secure-compile-macro.patch | 50 +++++++++++++++++++++++++++++
 lxc.spec                            |  7 ++++
 2 files changed, 57 insertions(+)
 create mode 100644 0034-add-secure-compile-macro.patch

diff --git a/0034-add-secure-compile-macro.patch b/0034-add-secure-compile-macro.patch
new file mode 100644
index 0000000..72c1659
--- /dev/null
+++ b/0034-add-secure-compile-macro.patch
@@ -0,0 +1,50 @@
+diff -Naur old/configure.ac new/configure.ac
+--- old/configure.ac	2023-07-08 06:19:16.000000000 -0700
++++ new/configure.ac	2023-07-08 05:12:49.000000000 -0700
+@@ -837,10 +837,30 @@
+ 	AC_DEFINE([HAVE_ISULAD], 1, [adapt to iSulad])
+ 	AC_MSG_RESULT([yes])
+ 
++	AC_MSG_CHECKING([Whether enable secure compile])
++	AC_ARG_ENABLE([secure-compile],
++		[AC_HELP_STRING([--enable-secure-compile], [enable secure compile [default=no]])],
++		[secure_compile=$enableval], [secure_compile=yes])
++	AM_CONDITIONAL([HAVE_SECURE_COMPILE], [test "x$secure_compile" = "xyes"])
++	AC_DEFINE([HAVE_SECURE_COMPILE], 1, [enable secure compile])
++	AC_MSG_RESULT([yes])
++
+ 	# Check yajl
+ 	PKG_CHECK_MODULES([YAJL], [yajl >= 2],[],[AC_MSG_ERROR([You must install yajl >= 2])])
+ else
+ 	AC_MSG_RESULT([no])
++
++	AC_MSG_CHECKING([Whether enable secure compile])
++	AC_ARG_ENABLE([secure-compile],
++		[AC_HELP_STRING([--enable-secure-compile], [enable secure compile [default=no]])],
++		[secure_compile=$enableval], [secure_compile=yes])
++	AM_CONDITIONAL([HAVE_SECURE_COMPILE], [test "x$secure_compile" = "xyes"])
++	if test "x$secure_compile" = "xyes"; then
++		AC_DEFINE([HAVE_SECURE_COMPILE], 1, [enable secure compile])
++		AC_MSG_RESULT([yes])
++	else
++		AC_MSG_RESULT([no])
++	fi
+ fi
+ 
+ # Files requiring some variable expansion
+diff -Naur old/src/lxc/Makefile.am new/src/lxc/Makefile.am
+--- old/src/lxc/Makefile.am	2023-07-08 06:18:51.000000000 -0700
++++ new/src/lxc/Makefile.am	2023-07-08 05:14:14.000000000 -0700
+@@ -292,7 +292,11 @@
+ 		    -version-info @LXC_ABI_MAJOR@
+ 
+ if HAVE_ISULAD
+-liblxc_la_LDFLAGS += @YAJL_LIBS@ -Wl,-z,relro \
++liblxc_la_LDFLAGS += @YAJL_LIBS@
++endif
++
++if HAVE_SECURE_COMPILE
++liblxc_la_LDFLAGS += -Wl,-z,relro \
+ 		    -Wl,-z,now \
+ 		    -Wl,-z,noexecstack
+ endif
diff --git a/lxc.spec b/lxc.spec
index 44ead75..48be278 100644
--- a/lxc.spec
+++ b/lxc.spec
@@ -41,6 +41,7 @@ Patch0030:	0030-remove-unused-meminfo-stats.patch
 Patch0031:	0031-lxc-attach-Fix-lost-return-codes-of-spawned-processe.patch
 Patch0032:	0032-fix-load-bpf-failed.patch
 Patch0033:	0033-fix-mount-device-path-incorrect.patch
+Patch0034:	0034-add-secure-compile-macro.patch
 
 BuildRequires:  systemd-units git libtool graphviz docbook2X doxygen chrpath
 BuildRequires:  pkgconfig(libseccomp)
@@ -227,6 +228,12 @@ rm -rf %{buildroot}%{_sysconfdir}/default/%{name}
 %endif
 
 %changelog
+* Sat Jul 8 2023 mzzhou1994<1362843687@qq.com> - 4.0.3-2022102420
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: fix mount device path incorrect
+
 * Fri Jun 16 2023 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 4.0.3-2022102420
 - Type:bugfix
 - ID:NA
-- 
Gitee