seccomp: convert to meson

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Paolo Bonzini 2020-11-17 14:22:24 +01:00
parent b1def33d19
commit 90835c2b81
6 changed files with 15 additions and 37 deletions

32
configure vendored
View File

@ -413,7 +413,7 @@ debug_stack_usage="no"
crypto_afalg="no" crypto_afalg="no"
cfi="false" cfi="false"
cfi_debug="false" cfi_debug="false"
seccomp="$default_feature" seccomp="auto"
glusterfs="auto" glusterfs="auto"
gtk="$default_feature" gtk="$default_feature"
gtk_gl="no" gtk_gl="no"
@ -1355,9 +1355,9 @@ for opt do
;; ;;
--disable-tools) want_tools="no" --disable-tools) want_tools="no"
;; ;;
--enable-seccomp) seccomp="yes" --enable-seccomp) seccomp="enabled"
;; ;;
--disable-seccomp) seccomp="no" --disable-seccomp) seccomp="disabled"
;; ;;
--disable-glusterfs) glusterfs="disabled" --disable-glusterfs) glusterfs="disabled"
;; ;;
@ -2457,24 +2457,6 @@ EOF
fi fi
fi fi
##########################################
# libseccomp check
if test "$seccomp" != "no" ; then
libseccomp_minver="2.3.0"
if $pkg_config --atleast-version=$libseccomp_minver libseccomp ; then
seccomp_cflags="$($pkg_config --cflags libseccomp)"
seccomp_libs="$($pkg_config --libs libseccomp)"
seccomp="yes"
else
if test "$seccomp" = "yes" ; then
feature_not_found "libseccomp" \
"Install libseccomp devel >= $libseccomp_minver"
fi
seccomp="no"
fi
fi
########################################## ##########################################
# xen probe # xen probe
@ -6084,12 +6066,6 @@ if test "$avx512f_opt" = "yes" ; then
echo "CONFIG_AVX512F_OPT=y" >> $config_host_mak echo "CONFIG_AVX512F_OPT=y" >> $config_host_mak
fi fi
if test "$seccomp" = "yes"; then
echo "CONFIG_SECCOMP=y" >> $config_host_mak
echo "SECCOMP_CFLAGS=$seccomp_cflags" >> $config_host_mak
echo "SECCOMP_LIBS=$seccomp_libs" >> $config_host_mak
fi
# XXX: suppress that # XXX: suppress that
if [ "$bsd" = "yes" ] ; then if [ "$bsd" = "yes" ] ; then
echo "CONFIG_BSD=y" >> $config_host_mak echo "CONFIG_BSD=y" >> $config_host_mak
@ -6648,7 +6624,7 @@ NINJA=$ninja $meson setup \
-Dcurl=$curl -Dglusterfs=$glusterfs -Dbzip2=$bzip2 -Dlibiscsi=$libiscsi \ -Dcurl=$curl -Dglusterfs=$glusterfs -Dbzip2=$bzip2 -Dlibiscsi=$libiscsi \
-Dlibnfs=$libnfs -Diconv=$iconv -Dcurses=$curses -Dlibudev=$libudev\ -Dlibnfs=$libnfs -Diconv=$iconv -Dcurses=$curses -Dlibudev=$libudev\
-Drbd=$rbd -Dlzo=$lzo -Dsnappy=$snappy -Dlzfse=$lzfse \ -Drbd=$rbd -Dlzo=$lzo -Dsnappy=$snappy -Dlzfse=$lzfse \
-Dzstd=$zstd \ -Dzstd=$zstd -Dseccomp=$seccomp \
-Ddocs=$docs -Dsphinx_build=$sphinx_build -Dinstall_blobs=$blobs \ -Ddocs=$docs -Dsphinx_build=$sphinx_build -Dinstall_blobs=$blobs \
-Dvhost_user_blk_server=$vhost_user_blk_server \ -Dvhost_user_blk_server=$vhost_user_blk_server \
-Dfuse=$fuse -Dfuse_lseek=$fuse_lseek \ -Dfuse=$fuse -Dfuse_lseek=$fuse_lseek \

View File

@ -333,9 +333,10 @@ if 'CONFIG_ATTR' in config_host
libattr = declare_dependency(link_args: config_host['LIBATTR_LIBS'].split()) libattr = declare_dependency(link_args: config_host['LIBATTR_LIBS'].split())
endif endif
seccomp = not_found seccomp = not_found
if 'CONFIG_SECCOMP' in config_host if not get_option('seccomp').auto() or have_system or have_tools
seccomp = declare_dependency(compile_args: config_host['SECCOMP_CFLAGS'].split(), seccomp = dependency('libseccomp', version: '>=2.3.0',
link_args: config_host['SECCOMP_LIBS'].split()) required: get_option('seccomp'),
method: 'pkg-config', static: enable_static)
endif endif
libcap_ng = not_found libcap_ng = not_found
if 'CONFIG_LIBCAP_NG' in config_host if 'CONFIG_LIBCAP_NG' in config_host
@ -998,6 +999,7 @@ config_host_data.set('CONFIG_LIBNFS', libnfs.found())
config_host_data.set('CONFIG_RBD', rbd.found()) config_host_data.set('CONFIG_RBD', rbd.found())
config_host_data.set('CONFIG_SDL', sdl.found()) config_host_data.set('CONFIG_SDL', sdl.found())
config_host_data.set('CONFIG_SDL_IMAGE', sdl_image.found()) config_host_data.set('CONFIG_SDL_IMAGE', sdl_image.found())
config_host_data.set('CONFIG_SECCOMP', seccomp.found())
config_host_data.set('CONFIG_SNAPPY', snappy.found()) config_host_data.set('CONFIG_SNAPPY', snappy.found())
config_host_data.set('CONFIG_VHOST_USER_BLK_SERVER', have_vhost_user_blk_server) config_host_data.set('CONFIG_VHOST_USER_BLK_SERVER', have_vhost_user_blk_server)
config_host_data.set('CONFIG_VNC', vnc.found()) config_host_data.set('CONFIG_VNC', vnc.found())
@ -2367,7 +2369,7 @@ if targetos == 'windows'
summary_info += {'QGA w32 disk info': config_host.has_key('CONFIG_QGA_NTDDSCSI')} summary_info += {'QGA w32 disk info': config_host.has_key('CONFIG_QGA_NTDDSCSI')}
summary_info += {'QGA MSI support': config_host.has_key('CONFIG_QGA_MSI')} summary_info += {'QGA MSI support': config_host.has_key('CONFIG_QGA_MSI')}
endif endif
summary_info += {'seccomp support': config_host.has_key('CONFIG_SECCOMP')} summary_info += {'seccomp support': seccomp.found()}
summary_info += {'CFI support': get_option('cfi')} summary_info += {'CFI support': get_option('cfi')}
summary_info += {'CFI debug support': get_option('cfi_debug')} summary_info += {'CFI debug support': get_option('cfi_debug')}
summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']} summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}

View File

@ -72,6 +72,8 @@ option('sdl', type : 'feature', value : 'auto',
description: 'SDL user interface') description: 'SDL user interface')
option('sdl_image', type : 'feature', value : 'auto', option('sdl_image', type : 'feature', value : 'auto',
description: 'SDL Image support for icons') description: 'SDL Image support for icons')
option('seccomp', type : 'feature', value : 'auto',
description: 'seccomp support')
option('snappy', type : 'feature', value : 'auto', option('snappy', type : 'feature', value : 'auto',
description: 'snappy compression support') description: 'snappy compression support')
option('u2f', type : 'feature', value : 'auto', option('u2f', type : 'feature', value : 'auto',

View File

@ -28,5 +28,5 @@ softmmu_ss.add(files(
), sdl, libpmem, libdaxctl) ), sdl, libpmem, libdaxctl)
softmmu_ss.add(when: 'CONFIG_TPM', if_true: files('tpm.c')) softmmu_ss.add(when: 'CONFIG_TPM', if_true: files('tpm.c'))
softmmu_ss.add(when: 'CONFIG_SECCOMP', if_true: [files('qemu-seccomp.c'), seccomp]) softmmu_ss.add(when: seccomp, if_true: files('qemu-seccomp.c'))
softmmu_ss.add(when: fdt, if_true: files('device_tree.c')) softmmu_ss.add(when: fdt, if_true: files('device_tree.c'))

View File

@ -202,7 +202,6 @@ static int seccomp_start(uint32_t seccomp_opts, Error **errp)
return rc < 0 ? -1 : 0; return rc < 0 ? -1 : 0;
} }
#ifdef CONFIG_SECCOMP
int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp) int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
{ {
if (qemu_opt_get_bool(opts, "enable", false)) { if (qemu_opt_get_bool(opts, "enable", false)) {
@ -328,4 +327,3 @@ static void seccomp_register(void)
} }
} }
opts_init(seccomp_register); opts_init(seccomp_register);
#endif

View File

@ -1,6 +1,6 @@
have_virtiofsd = (targetos == 'linux' and have_virtiofsd = (targetos == 'linux' and
have_tools and have_tools and
'CONFIG_SECCOMP' in config_host and seccomp.found() and
'CONFIG_LIBCAP_NG' in config_host and 'CONFIG_LIBCAP_NG' in config_host and
'CONFIG_VHOST_USER' in config_host) 'CONFIG_VHOST_USER' in config_host)
@ -8,7 +8,7 @@ if get_option('virtiofsd').enabled()
if not have_virtiofsd if not have_virtiofsd
if targetos != 'linux' if targetos != 'linux'
error('virtiofsd requires Linux') error('virtiofsd requires Linux')
elif 'CONFIG_SECCOMP' not in config_host or 'CONFIG_LIBCAP_NG' not in config_host elif not seccomp.found() or 'CONFIG_LIBCAP_NG' not in config_host
error('virtiofsd requires libcap-ng-devel and seccomp-devel') error('virtiofsd requires libcap-ng-devel and seccomp-devel')
elif not have_tools or 'CONFIG_VHOST_USER' not in config_host elif not have_tools or 'CONFIG_VHOST_USER' not in config_host
error('virtiofsd needs tools and vhost-user support') error('virtiofsd needs tools and vhost-user support')