mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-12-01 21:22:13 +00:00
a0dcf8ab13
The constants.json file is generated for compiling seccomp polices, but is only ever added to in newer versions of linux. Generating them in build.rs will cause the seccomp compiler to only understand constants and syscalls available on the build machine and fail if policy files try to allow syscalls not available. Putting the constants in version control will allow us to compile the policies regardless of how old the kernel headers on the build machine are. BUG=b:235858187 TEST=presubmit Change-Id: I1cfbb38f4687eb68b141f62c1c5fe6104b3f6456 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3988899 Commit-Queue: Daniel Verkamp <dverkamp@chromium.org> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Auto-Submit: Dennis Kempin <denniskempin@google.com>
57 lines
1.5 KiB
Bash
Executable file
57 lines
1.5 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# Copyright 2022 The ChromiumOS Authors
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
# Run this script to re-generate the seccomp/*/constants.json files for
|
|
# each architecture.
|
|
|
|
set -ex
|
|
cd "$(dirname "${BASH_SOURCE[0]}")/.."
|
|
|
|
MINIJAIL_DIR=$(realpath "third_party/minijail")
|
|
SECCOMP_DIR=$(realpath seccomp)
|
|
|
|
export SRC="$MINIJAIL_DIR"
|
|
|
|
# Create temporary directory for build artifacts and make sure it's cleaned up.
|
|
TMP_DIR="$(mktemp -d)"
|
|
cleanup() {
|
|
rm -rf "$TMP_DIR"
|
|
}
|
|
trap cleanup EXIT
|
|
|
|
# Create bindings for each platform
|
|
for arch in "x86_64" "arm" "aarch64"; do
|
|
BUILD_DIR="$TMP_DIR/$arch"
|
|
mkdir -p "$BUILD_DIR"
|
|
cd "$BUILD_DIR"
|
|
|
|
# Pick the right cross-compiler
|
|
if [ "$arch" = "x86_64" ]; then
|
|
export CC="gcc"
|
|
TARGET="x86_64-unknown-linux-gnu"
|
|
elif [ "$arch" = "arm" ]; then
|
|
export CC="arm-linux-gnueabihf-gcc"
|
|
TARGET="armv7-unknown-linux-gnueabihf"
|
|
elif [ "$arch" = "aarch64" ]; then
|
|
export CC="aarch64-linux-gnu-gcc"
|
|
TARGET="aarch64-unknown-linux-gnu"
|
|
fi
|
|
|
|
"$MINIJAIL_DIR/gen_constants.sh" "libconstants.gen.c"
|
|
"$MINIJAIL_DIR/gen_syscalls.sh" "libsyscalls.gen.c"
|
|
|
|
clang \
|
|
-target "$TARGET" \
|
|
-S \
|
|
-emit-llvm \
|
|
-I "$MINIJAIL_DIR" \
|
|
"libconstants.gen.c" \
|
|
"libsyscalls.gen.c"
|
|
|
|
"$MINIJAIL_DIR/tools/generate_constants_json.py" \
|
|
--output "$SECCOMP_DIR/$arch/constants.json" \
|
|
"libconstants.gen.ll" \
|
|
"libsyscalls.gen.ll"
|
|
done
|