diff --git a/kata-containers.spec b/kata-containers.spec index b5fa382ca9b1be387de07b16c668ef174d2d0861..8189ee81b7a819c4f57af57b3726d1ce04820861 100644 --- a/kata-containers.spec +++ b/kata-containers.spec @@ -2,7 +2,7 @@ %global debug_package %{nil} %define VERSION 3.2.0 -%define RELEASE 11 +%define RELEASE 12 Name: kata-containers Version: %{VERSION} @@ -139,6 +139,12 @@ strip %{buildroot}/usr/bin/containerd-shim-kata-v2 %doc %changelog +* Tue Nov 18 2025 dongyuzhen - 3.2.0-12 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:fix the missing secure compilation option + * Fri Sep 12 2025 dongyuzhen - 3.2.0-11 - Type:enhancement - ID:NA diff --git a/patches/0012-fix-the-missing-secure-compilation-option.patch b/patches/0012-fix-the-missing-secure-compilation-option.patch new file mode 100644 index 0000000000000000000000000000000000000000..3350012a289e91bd94e4a2d01b4cab29c80c3fb1 --- /dev/null +++ b/patches/0012-fix-the-missing-secure-compilation-option.patch @@ -0,0 +1,42 @@ +From 79e37561b96a01084b5381f9c416742d2c0bb243 Mon Sep 17 00:00:00 2001 +From: dongyuzhen +Date: Tue, 18 Nov 2025 16:49:04 +0800 +Subject: [PATCH] fix the missing secure compilation option + +--- + src/runtime/Makefile | 12 ------------ + 1 file changed, 12 deletions(-) + +diff --git a/src/runtime/Makefile b/src/runtime/Makefile +index 1af1fbe..db71e8d 100644 +--- a/src/runtime/Makefile ++++ b/src/runtime/Makefile +@@ -765,7 +765,6 @@ define BUILD_WITH_SECURITY_OPTS + go build $(KATA_LDFLAGS) $(BUILDFLAGS) -o $(2) -ldflags "$(3)" .) + endef + +-ifeq ($(ARCH),arm64) + $(RUNTIME_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) | show-summary + $(call BUILD_WITH_SECURITY_OPTS,$(RUNTIME_DIR),$@,-linkmode=external) + +@@ -774,17 +773,6 @@ $(SHIMV2_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) + + $(MONITOR_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) .git-commit + $(call BUILD_WITH_SECURITY_OPTS,$(MONITOR_DIR),$@,-X 'main.GitCommit=$(shell git rev-parse HEAD)' -linkmode=external) +-else +-$(RUNTIME_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) | show-summary +- $(QUIET_BUILD)(cd $(RUNTIME_DIR) && go build -ldflags "$(KATA_LDFLAGS)" $(BUILDFLAGS) -o $@ .) +- +-$(SHIMV2_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) +- $(QUIET_BUILD)(cd $(SHIMV2_DIR)/ && go build -ldflags "$(KATA_LDFLAGS)" $(BUILDFLAGS) -o $@ .) +- +-$(MONITOR_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) .git-commit +- $(QUIET_BUILD)(cd $(MONITOR_DIR)/ && go build \ +- --ldflags "-X main.GitCommit=$(shell git rev-parse HEAD)" $(BUILDFLAGS) -o $@ .) +-endif + + .PHONY: \ + check \ +-- +2.43.0 + diff --git a/series.conf b/series.conf index 661113a9d3783ecc4ece5c7cb8a04024a7881e84..21ef96e0fa78aed48929e8e45711165c8b445c98 100644 --- a/series.conf +++ b/series.conf @@ -7,3 +7,4 @@ 0007-Add-support-for-riscv64-platform.patch 0008-add-compilation-options-to-runtime-directory.patch 0009-kata-runtime-9p-use-cache-none.patch +0012-fix-the-missing-secure-compilation-option.patch