diff options
| author | Alois Wohlschlager <alois1@gmx-topmail.de> | 2024-08-06 16:38:32 +0200 |
|---|---|---|
| committer | Alois Wohlschlager <alois1@gmx-topmail.de> | 2024-08-06 18:27:09 +0200 |
| commit | 741d3b441c479a07596aadf9a6ac8f90b115d363 (patch) | |
| tree | 69d57ee91c738c7aae1f614e73cdd78b4b875cc0 /maintainers | |
| parent | f84997cbefb2f2dd99e48f0ad39f747ed83d69e9 (diff) | |
libstore: add LocalDerivationGoal setupSyscallFilter hook
The seccomp setup code was a huge chunk of conditionally compiled
platform-specific code. For this reason, it is appropriate to move it to the
platform-specific implementation file. Ideally its setup could be moved a bit
to make it happen at the same place as the Darwin restrictions, but that change
is going to be less mechanical.
Change-Id: I496aa3c4fabf34656aba1e32b0089044ab5b99f8
Diffstat (limited to 'maintainers')
| -rwxr-xr-x | maintainers/check-syscalls.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/maintainers/check-syscalls.sh b/maintainers/check-syscalls.sh index cd72ac23b..72b629438 100755 --- a/maintainers/check-syscalls.sh +++ b/maintainers/check-syscalls.sh @@ -2,6 +2,6 @@ set -e -diff -u <(awk < src/libstore/build/local-derivation-goal.cc '/BEGIN extract-syscalls/ { extracting = 1; next } +diff -u <(awk < src/libstore/platform/linux.cc '/BEGIN extract-syscalls/ { extracting = 1; next } match($0, /allowSyscall\(ctx, SCMP_SYS\(([^)]*)\)\);|\/\/ skip ([^ ]*)/, result) { print result[1] result[2] } /END extract-syscalls/ { extracting = 0; next }') <(tail -n+2 "$1" | cut -d, -f 1) |