[Buildroot] [PATCH 46/52] package/qemu: add support for libseccomp
Yann E. MORIN
yann.morin.1998 at free.fr
Mon Dec 10 23:45:06 UTC 2012
Signed-off-by: "Yann E. MORIN" <yann.morin.1998 at free.fr>
---
package/qemu/Config.in | 7 +++++++
package/qemu/qemu.mk | 8 +++++++-
2 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/package/qemu/Config.in b/package/qemu/Config.in
index dad72a8..4aa8647 100644
--- a/package/qemu/Config.in
+++ b/package/qemu/Config.in
@@ -263,6 +263,13 @@ config BR2_PACKAGE_QEMU_ATTR
Say 'y' here to have QEMU support attributes (attr) and eXtended
attibutes (xattr).
+config BR2_PACKAGE_QEMU_SECCOMP
+ bool "Enable seccomp filter"
+ select BR2_PACKAGE_LIBSECCOMP
+ help
+ Say 'y' here to have QEMU to use the Linux kernel's seccomp filter,
+ to more tightly confine the VMs.
+
config BR2_PACKAGE_QEMU_BLOBS
bool "Install binary blobs"
default y
diff --git a/package/qemu/qemu.mk b/package/qemu/qemu.mk
index dfe9cbb..a980c76 100644
--- a/package/qemu/qemu.mk
+++ b/package/qemu/qemu.mk
@@ -251,6 +251,13 @@ else
QEMU_OPTS += --disable-attr
endif
+ifeq ($(BR2_PACKAGE_QEMU_SECCOMP),y)
+QEMU_OPTS += --enable-seccomp
+QEMU_DEPENDENCIES += libseccomp
+else
+QEMU_OPTS += --disable-seccomp
+endif
+
ifeq ($(BR2_PACKAGE_QEMU_BLOBS),)
QEMU_OPTS += --disable-blobs
endif
@@ -338,7 +345,6 @@ define QEMU_CONFIGURE_CMDS
--disable-rbd \
--disable-smartcard \
--disable-strip \
- --disable-seccomp \
--disable-sparse \
$(QEMU_OPTS) \
)
--
1.7.2.5
More information about the buildroot
mailing list