aboutsummaryrefslogtreecommitdiff
path: root/maintainers
diff options
context:
space:
mode:
Diffstat (limited to 'maintainers')
-rw-r--r--maintainers/check-syscalls.nix16
-rwxr-xr-xmaintainers/check-syscalls.sh7
2 files changed, 23 insertions, 0 deletions
diff --git a/maintainers/check-syscalls.nix b/maintainers/check-syscalls.nix
new file mode 100644
index 000000000..1a3de5c6d
--- /dev/null
+++ b/maintainers/check-syscalls.nix
@@ -0,0 +1,16 @@
+{
+ runCommandNoCC,
+ lib,
+ libseccomp,
+ writeShellScriptBin,
+}:
+let
+ syscalls-csv = runCommandNoCC "syscalls.csv" { } ''
+ echo ${lib.escapeShellArg libseccomp.src}
+ tar -xf ${lib.escapeShellArg libseccomp.src} --strip-components=2 ${libseccomp.name}/src/syscalls.csv
+ mv syscalls.csv "$out"
+ '';
+in
+writeShellScriptBin "check-syscalls" ''
+ ${./check-syscalls.sh} ${syscalls-csv}
+''
diff --git a/maintainers/check-syscalls.sh b/maintainers/check-syscalls.sh
new file mode 100755
index 000000000..cd72ac23b
--- /dev/null
+++ b/maintainers/check-syscalls.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+set -e
+
+diff -u <(awk < src/libstore/build/local-derivation-goal.cc '/BEGIN extract-syscalls/ { extracting = 1; next }
+match($0, /allowSyscall\(ctx, SCMP_SYS\(([^)]*)\)\);|\/\/ skip ([^ ]*)/, result) { print result[1] result[2] }
+/END extract-syscalls/ { extracting = 0; next }') <(tail -n+2 "$1" | cut -d, -f 1)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 03:04:43 +0000