From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Subject: [PULL 49/55] seccomp: convert to meson
Date: Mon, 21 Dec 2020 15:44:41 +0100 [thread overview]
Message-ID: <20201221144447.26161-50-pbonzini@redhat.com> (raw)
In-Reply-To: <20201221144447.26161-1-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
configure | 32 ++++----------------------------
meson.build | 10 ++++++----
meson_options.txt | 2 ++
softmmu/meson.build | 2 +-
softmmu/qemu-seccomp.c | 2 --
tools/meson.build | 4 ++--
6 files changed, 15 insertions(+), 37 deletions(-)
diff --git a/configure b/configure
index 0c0eef7713..ba8c6e74be 100755
--- a/configure
+++ b/configure
@@ -413,7 +413,7 @@ debug_stack_usage="no"
crypto_afalg="no"
cfi="false"
cfi_debug="false"
-seccomp="$default_feature"
+seccomp="auto"
glusterfs="auto"
gtk="$default_feature"
gtk_gl="no"
@@ -1355,9 +1355,9 @@ for opt do
;;
--disable-tools) want_tools="no"
;;
- --enable-seccomp) seccomp="yes"
+ --enable-seccomp) seccomp="enabled"
;;
- --disable-seccomp) seccomp="no"
+ --disable-seccomp) seccomp="disabled"
;;
--disable-glusterfs) glusterfs="disabled"
;;
@@ -2456,24 +2456,6 @@ EOF
fi
fi
-##########################################
-# libseccomp check
-
-if test "$seccomp" != "no" ; then
- libseccomp_minver="2.3.0"
- if $pkg_config --atleast-version=$libseccomp_minver libseccomp ; then
- seccomp_cflags="$($pkg_config --cflags libseccomp)"
- seccomp_libs="$($pkg_config --libs libseccomp)"
- seccomp="yes"
- else
- if test "$seccomp" = "yes" ; then
- feature_not_found "libseccomp" \
- "Install libseccomp devel >= $libseccomp_minver"
- fi
- seccomp="no"
- fi
-fi
-
##########################################
# xen probe
@@ -6051,12 +6033,6 @@ if test "$avx512f_opt" = "yes" ; then
echo "CONFIG_AVX512F_OPT=y" >> $config_host_mak
fi
-if test "$seccomp" = "yes"; then
- echo "CONFIG_SECCOMP=y" >> $config_host_mak
- echo "SECCOMP_CFLAGS=$seccomp_cflags" >> $config_host_mak
- echo "SECCOMP_LIBS=$seccomp_libs" >> $config_host_mak
-fi
-
# XXX: suppress that
if [ "$bsd" = "yes" ] ; then
echo "CONFIG_BSD=y" >> $config_host_mak
@@ -6604,7 +6580,7 @@ NINJA=$ninja $meson setup \
-Dcurl=$curl -Dglusterfs=$glusterfs -Dbzip2=$bzip2 -Dlibiscsi=$libiscsi \
-Dlibnfs=$libnfs -Diconv=$iconv -Dcurses=$curses -Dlibudev=$libudev\
-Dlibssh=$libssh -Drbd=$rbd -Dlzo=$lzo -Dsnappy=$snappy -Dlzfse=$lzfse \
- -Dzstd=$zstd \
+ -Dzstd=$zstd -Dseccomp=$seccomp \
-Ddocs=$docs -Dsphinx_build=$sphinx_build -Dinstall_blobs=$blobs \
-Dvhost_user_blk_server=$vhost_user_blk_server \
-Dfuse=$fuse -Dfuse_lseek=$fuse_lseek \
diff --git a/meson.build b/meson.build
index b4313951a6..99c4d0dd1a 100644
--- a/meson.build
+++ b/meson.build
@@ -329,9 +329,10 @@ if 'CONFIG_ATTR' in config_host
libattr = declare_dependency(link_args: config_host['LIBATTR_LIBS'].split())
endif
seccomp = not_found
-if 'CONFIG_SECCOMP' in config_host
- seccomp = declare_dependency(compile_args: config_host['SECCOMP_CFLAGS'].split(),
- link_args: config_host['SECCOMP_LIBS'].split())
+if not get_option('libiscsi').auto() or have_system or have_tools
+ seccomp = dependency('libseccomp', version: '>=2.3.0',
+ required: get_option('seccomp'),
+ method: 'pkg-config', static: enable_static)
endif
libcap_ng = not_found
if 'CONFIG_LIBCAP_NG' in config_host
@@ -999,6 +1000,7 @@ config_host_data.set('HAVE_LIBSSH_0_8', have_libssh_0_8)
config_host_data.set('CONFIG_RBD', rbd.found())
config_host_data.set('CONFIG_SDL', sdl.found())
config_host_data.set('CONFIG_SDL_IMAGE', sdl_image.found())
+config_host_data.set('CONFIG_SECCOMP', seccomp.found())
config_host_data.set('CONFIG_SNAPPY', snappy.found())
config_host_data.set('CONFIG_VHOST_USER_BLK_SERVER', have_vhost_user_blk_server)
config_host_data.set('CONFIG_VNC', vnc.found())
@@ -2368,7 +2370,7 @@ if targetos == 'windows'
summary_info += {'QGA w32 disk info': config_host.has_key('CONFIG_QGA_NTDDSCSI')}
summary_info += {'QGA MSI support': config_host.has_key('CONFIG_QGA_MSI')}
endif
-summary_info += {'seccomp support': config_host.has_key('CONFIG_SECCOMP')}
+summary_info += {'seccomp support': seccomp.found()}
summary_info += {'CFI support': get_option('cfi')}
summary_info += {'CFI debug support': get_option('cfi_debug')}
summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}
diff --git a/meson_options.txt b/meson_options.txt
index 5a1de9b1fe..1854a9639f 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -74,6 +74,8 @@ option('sdl', type : 'feature', value : 'auto',
description: 'SDL user interface')
option('sdl_image', type : 'feature', value : 'auto',
description: 'SDL Image support for icons')
+option('seccomp', type : 'feature', value : 'auto',
+ description: 'seccomp support')
option('snappy', type : 'feature', value : 'auto',
description: 'snappy compression support')
option('u2f', type : 'feature', value : 'auto',
diff --git a/softmmu/meson.build b/softmmu/meson.build
index 2dab6c7eb6..d8e03018ab 100644
--- a/softmmu/meson.build
+++ b/softmmu/meson.build
@@ -28,5 +28,5 @@ softmmu_ss.add(files(
), sdl, libpmem, libdaxctl)
softmmu_ss.add(when: 'CONFIG_TPM', if_true: files('tpm.c'))
-softmmu_ss.add(when: 'CONFIG_SECCOMP', if_true: [files('qemu-seccomp.c'), seccomp])
+softmmu_ss.add(when: seccomp, if_true: files('qemu-seccomp.c'))
softmmu_ss.add(when: fdt, if_true: files('device_tree.c'))
diff --git a/softmmu/qemu-seccomp.c b/softmmu/qemu-seccomp.c
index 8325ecb766..377ef6937c 100644
--- a/softmmu/qemu-seccomp.c
+++ b/softmmu/qemu-seccomp.c
@@ -202,7 +202,6 @@ static int seccomp_start(uint32_t seccomp_opts, Error **errp)
return rc < 0 ? -1 : 0;
}
-#ifdef CONFIG_SECCOMP
int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
{
if (qemu_opt_get_bool(opts, "enable", false)) {
@@ -328,4 +327,3 @@ static void seccomp_register(void)
}
}
opts_init(seccomp_register);
-#endif
diff --git a/tools/meson.build b/tools/meson.build
index 76bf84df52..5c52d79fe4 100644
--- a/tools/meson.build
+++ b/tools/meson.build
@@ -1,6 +1,6 @@
have_virtiofsd = (targetos == 'linux' and
have_tools and
- 'CONFIG_SECCOMP' in config_host and
+ seccomp.found() and
'CONFIG_LIBCAP_NG' in config_host and
'CONFIG_VHOST_USER' in config_host)
@@ -8,7 +8,7 @@ if get_option('virtiofsd').enabled()
if not have_virtiofsd
if targetos != 'linux'
error('virtiofsd requires Linux')
- elif 'CONFIG_SECCOMP' not in config_host or 'CONFIG_LIBCAP_NG' not in config_host
+ elif not seccomp.found() or 'CONFIG_LIBCAP_NG' not in config_host
error('virtiofsd requires libcap-ng-devel and seccomp-devel')
elif not have_tools or 'CONFIG_VHOST_USER' not in config_host
error('virtiofsd needs tools and vhost-user support')
--
2.29.2
next prev parent reply other threads:[~2020-12-21 15:27 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-21 14:43 [PULL 00/55] Misc patches for 2020-12-21 Paolo Bonzini
2020-12-21 14:43 ` [PULL 01/55] gitlab: include aarch64-softmmu and ppc64-softmmu cross-system-build Paolo Bonzini
2020-12-21 14:43 ` [PULL 02/55] configure: move gettext detection to meson.build Paolo Bonzini
2020-12-21 14:43 ` [PULL 03/55] configure: add --without-default-features Paolo Bonzini
2020-12-21 14:43 ` [PULL 04/55] python: add __repr__ to ConsoleSocket to aid debugging Paolo Bonzini
2020-12-21 14:43 ` [PULL 05/55] gitlab: move --without-default-devices build from Travis Paolo Bonzini
2020-12-21 14:43 ` [PULL 06/55] gitlab: add --without-default-features build Paolo Bonzini
2020-12-21 14:43 ` [PULL 07/55] tests/tcg: build tests with -Werror Paolo Bonzini
2020-12-21 14:44 ` [PULL 08/55] gitlab-CI: Test 32-bit builds with the fedora-i386-cross container Paolo Bonzini
2020-12-21 14:44 ` [PULL 09/55] tests/docker: Remove the remainders of debian9 containers from the Makefile Paolo Bonzini
2020-12-21 14:44 ` [PULL 10/55] tests: update for rename of CentOS8 PowerTools repo Paolo Bonzini
2020-12-21 14:44 ` [PULL 11/55] configure: document --without-default-{features, devices} Paolo Bonzini
2020-12-21 14:44 ` [PULL 12/55] vl: initialize displays _after_ exiting preconfiguration Paolo Bonzini
2020-12-21 14:44 ` [PULL 13/55] test-char: Destroy chardev correctly at char_file_test_internal() Paolo Bonzini
2020-12-21 14:44 ` [PULL 14/55] qom: Assert that objects being destroyed have no parent Paolo Bonzini
2020-12-21 14:44 ` [PULL 15/55] target/i386: Check privilege level for protected mode 'int N' task gate Paolo Bonzini
2020-12-21 14:44 ` [PULL 16/55] configure,meson: add option to enable LTO Paolo Bonzini
2020-12-21 14:44 ` [PULL 17/55] cfi: Initial support for cfi-icall in QEMU Paolo Bonzini
2020-12-21 14:44 ` [PULL 18/55] check-block: enable iotests with cfi-icall Paolo Bonzini
2020-12-21 14:44 ` [PULL 19/55] configure,meson: support Control-Flow Integrity Paolo Bonzini
2020-12-21 14:44 ` [PULL 20/55] docs: Add CFI Documentation Paolo Bonzini
2020-12-21 14:44 ` [PULL 21/55] build-sys: fix -static linking of libvhost-user Paolo Bonzini
2020-12-21 14:44 ` [PULL 22/55] remove TCG includes from common code Paolo Bonzini
2020-12-21 14:44 ` [PULL 23/55] util: Extract flush_icache_range to cacheflush.c Paolo Bonzini
2020-12-21 14:44 ` [PULL 24/55] trace: do not include TCG helper tracepoints in no-TCG builds Paolo Bonzini
2020-12-21 14:44 ` [PULL 25/55] Makefile: add dummy target for build.ninja dependencies Paolo Bonzini
2020-12-21 14:44 ` [PULL 26/55] meson: update submodule to 0.56.0 Paolo Bonzini
2020-12-21 14:44 ` [PULL 27/55] meson: switch minimum meson version " Paolo Bonzini
2020-12-21 14:44 ` [PULL 28/55] meson: fix detection of curses with pkgconfig Paolo Bonzini
2020-12-21 14:44 ` [PULL 29/55] meson: use pkg-config method for libudev Paolo Bonzini
2020-12-21 14:44 ` [PULL 30/55] meson: use dependency to gate block modules Paolo Bonzini
2020-12-21 14:44 ` [PULL 31/55] meson: cleanup Kconfig.host handling Paolo Bonzini
2020-12-21 14:44 ` [PULL 32/55] configure: remove useless code to check for Xen PCI passthrough Paolo Bonzini
2020-12-21 14:44 ` [PULL 33/55] configure: remove variable bogus_os Paolo Bonzini
2020-12-21 14:44 ` [PULL 34/55] configure: accept --enable-slirp Paolo Bonzini
2020-12-21 14:44 ` [PULL 35/55] configure: remove CONFIG_FILEVERSION and CONFIG_PRODUCTVERSION Paolo Bonzini
2020-12-21 14:44 ` [PULL 36/55] brlapi: convert to meson Paolo Bonzini
2020-12-21 14:44 ` [PULL 37/55] curl: remove compatibility code, require 7.29.0 Paolo Bonzini
2020-12-21 14:44 ` [PULL 38/55] curl: convert to meson Paolo Bonzini
2020-12-21 14:44 ` [PULL 39/55] glusterfs: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 40/55] bzip2: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 41/55] libiscsi: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 42/55] libnfs: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 43/55] libssh: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 44/55] rbd: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 45/55] lzo: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 46/55] snappy: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 47/55] lzfse: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 48/55] zstd: " Paolo Bonzini
2020-12-21 14:44 ` Paolo Bonzini [this message]
2020-12-21 14:44 ` [PULL 50/55] virtfs: " Paolo Bonzini
2021-01-07 13:58 ` Bruce Rogers
2021-01-07 14:49 ` Paolo Bonzini
2021-01-07 15:31 ` Bruce Rogers
2020-12-21 14:44 ` [PULL 51/55] cap_ng: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 52/55] libattr: " Paolo Bonzini
2020-12-21 14:44 ` [PULL 53/55] meson.build: convert --with-default-devices " Paolo Bonzini
2020-12-21 14:44 ` [PULL 54/55] configure: move tests/qemu-iotests/common.env generation " Paolo Bonzini
2020-12-21 14:44 ` [PULL 55/55] win32: drop fd registration to the main-loop on setting non-block Paolo Bonzini
2021-01-01 17:05 ` [PULL 00/55] Misc patches for 2020-12-21 Peter Maydell
2021-01-01 19:59 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201221144447.26161-50-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).