Commit Graph

19 Commits

Author SHA1 Message Date
figsoda
0d6cac9f5a pkgs/tools/system: remove dead code 2023-07-25 12:12:44 -04:00
Robert Scott
c83bb71e10 minijail: disable fortify3 hardening flag 2023-07-09 12:55:00 +01:00
Alyssa Ross
eb38d95b8a minijail-tools: move constants.json from minijail
It makes more sense to keep constants.json in the minijail package,
because that's where the tool that consumes it,
compile_seccomp_policy, lives.  By having it in this package, we can
set it as the default location for compile_seccomp_policy, which means
it shouldn't ever even need to be specified on the command
line (although it still can be).  And we can hook into the
cross-compilation machinery to get it to automatically use the
constants for the right architecture.

I've also changed from generating constants.json by running a test
program in qemu-user to generating it from LLVM IR, which will save a
huge QEMU build dependency.
2022-08-02 12:25:58 +00:00
Alyssa Ross
8e4221a177 minijail: 17 -> 18 2022-07-23 08:44:44 +00:00
Alyssa Ross
c1184b1383 minijail: add meta.changelog
Minijail release notes live in annotated git tags.
2022-07-23 08:44:44 +00:00
Alyssa Ross
d327f21b1e
minijail: enableParallelBuilding
Works for me at -j48.
2021-08-17 17:42:41 +00:00
Alyssa Ross
4cc8b0c6f6
minijail: 16 -> 17 2021-08-17 17:39:06 +00:00
R. RyanTM
16723e4815 minijail: 14 -> 16 2020-08-26 18:08:08 +00:00
Alyssa Ross
139a15ea58 minijail: build and install constants.json
This is a syscall table used for compiling Minijail policy files to
BPF.  The compiler is available in the minijail-tools package.  The
file is generated by compiling and running a small program named
dump_constants.

When cross-compiling, we have to get the syscall table for the host
platform.  To do this, dump_constants is run under QEMU user emulation
for the appropriate platform.  Google takes the same approach in their
minijail packages for ChromiumOS[1].

[1]: 729bd4269a/chromeos-base/minijail/minijail-9999.ebuild (49)
2020-04-01 13:44:28 +00:00
Alyssa Ross
2ed758481c minijail-tools: init at 14
This is built from the same source as minijail, but is for all intents
and purposes a seperate package.  It builds different things, with no
overlap, and is under a different license.
2020-04-01 13:44:28 +00:00
Alyssa Ross
9225d95bdd minijail: android-10.0.0_r9 -> 14
Switched from the android-* tags to the linux-* ones, because Upstream
says "Releases are tagged as `linux-vXX`".
2020-04-01 13:44:28 +00:00
Alyssa Ross
75922aa1e1 minijail: add myself as a maintainer 2020-04-01 13:44:28 +00:00
Matthew Bauer
b39bc2943b
Merge pull request #74860 from alyssais/minijail
minijail: install .pc files and scoped_minijail.h
2019-12-17 14:48:02 -05:00
Michael Raskin
26df2f4e9e
Merge pull request #74862 from alyssais/fetchgittiles
fetchFromGitiles: init
2019-12-17 15:23:08 +00:00
Alyssa Ross
fa0fe1d8c9
minijail: install .pc files and scoped_minijail.h
This matches the behaviour of the Chromium OS ebuild for this package:
cd6d6815b1/chromeos-base/minijail/minijail-10-r38.ebuild (47)
2019-12-02 22:46:17 +00:00
Alyssa Ross
a8e63e4f74
treewide: fetchgit -> fetchFromGitiles
This is only the easy cases -- some fetchgit uses that point to
Gitiles instances are in generated code, where the generating code
would have to know in advance if it was fetching from Gitiles or not.
I don't think this is worth it.
2019-12-02 22:45:06 +00:00
Alyssa Ross
59a5ba4cbe minijail: android-9.0.0_r3 -> android-10.0.0-r9 2019-11-06 19:35:48 +01:00
edef
c331750258 minijail: android-8.0.0_r34 -> android-9.0.0_r3 2018-08-24 16:23:39 +00:00
Pierre Carrier
cb05c04f4e minijail: init at android-8.0.0_r34 2017-11-25 00:27:00 -05:00