package/crun: needs fexecve

crun unconditionally uses fexecve since its addition in commit 530d6f661e and ce4dfbb97a: resulting in the following uclibc build failure: /tmp/instance-11/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: src/libcrun/crun-cloned_binary.o: in function `ensure_cloned_binary': cloned_binary.c:(.text+0x1006): undefined reference to `fexecve' In 6e3f7fbc07 (package/runc: add upstream security fix for CVE-2019-5736), we made runc unavailable for uclibc toolchains, and crun uses fexecve for that same reason, to fix CVE-2019-5736. So, also make crun unavailable for uclibc toolchains. Fixes: - http://autobuild.buildroot.org/results/e1f4ef2b392c0e7161390ba0f97d6eef3bd12e9c Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit a0e134a053) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-30 18:53:50 +01:00 · 2022-12-30 18:53:50 +01:00 · 260a94a434
parent e7dee76f9b
commit 260a94a434
1 changed files with 5 additions and 1 deletions
--- a/package/crun/Config.in
+++ b/package/crun/Config.in
@ -1,8 +1,12 @@
 config BR2_PACKAGE_CRUN
 	bool "crun"
-	select BR2_PACKAGE_ARGP_STANDALONE if BR2_TOOLCHAIN_USES_UCLIBC || BR2_TOOLCHAIN_USES_MUSL
+	depends on !BR2_TOOLCHAIN_USES_UCLIBC # no fexecve
+	select BR2_PACKAGE_ARGP_STANDALONE if BR2_TOOLCHAIN_USES_MUSL
 	select BR2_PACKAGE_YAJL # libocispec
 	help
 	  crun is a fast and low-memory OCI Container Runtime in C.

 	  https://github.com/containers/crun
+
+comment "crun needs a glibc or musl toolchain"
+	depends on BR2_TOOLCHAIN_USES_UCLIBC