From patchwork Mon Dec 10 23:45:06 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [46/52] package/qemu: add support for libseccomp Date: Mon, 10 Dec 2012 13:45:06 -0000 From: "Yann E. MORIN" X-Patchwork-Id: 205102 Message-Id: <1355183112-10735-47-git-send-email-yann.morin.1998@free.fr> To: buildroot@busybox.net Cc: "Yann E. MORIN" Signed-off-by: "Yann E. MORIN" --- package/qemu/Config.in | 7 +++++++ package/qemu/qemu.mk | 8 +++++++- 2 files changed, 14 insertions(+), 1 deletions(-) diff --git a/package/qemu/Config.in b/package/qemu/Config.in index dad72a8..4aa8647 100644 --- a/package/qemu/Config.in +++ b/package/qemu/Config.in @@ -263,6 +263,13 @@ config BR2_PACKAGE_QEMU_ATTR Say 'y' here to have QEMU support attributes (attr) and eXtended attibutes (xattr). +config BR2_PACKAGE_QEMU_SECCOMP + bool "Enable seccomp filter" + select BR2_PACKAGE_LIBSECCOMP + help + Say 'y' here to have QEMU to use the Linux kernel's seccomp filter, + to more tightly confine the VMs. + config BR2_PACKAGE_QEMU_BLOBS bool "Install binary blobs" default y diff --git a/package/qemu/qemu.mk b/package/qemu/qemu.mk index dfe9cbb..a980c76 100644 --- a/package/qemu/qemu.mk +++ b/package/qemu/qemu.mk @@ -251,6 +251,13 @@ else QEMU_OPTS += --disable-attr endif +ifeq ($(BR2_PACKAGE_QEMU_SECCOMP),y) +QEMU_OPTS += --enable-seccomp +QEMU_DEPENDENCIES += libseccomp +else +QEMU_OPTS += --disable-seccomp +endif + ifeq ($(BR2_PACKAGE_QEMU_BLOBS),) QEMU_OPTS += --disable-blobs endif @@ -338,7 +345,6 @@ define QEMU_CONFIGURE_CMDS --disable-rbd \ --disable-smartcard \ --disable-strip \ - --disable-seccomp \ --disable-sparse \ $(QEMU_OPTS) \ )