sandbox/seccomp: implement syscall lookup
All checks were successful
Test / Create distribution (push) Successful in 32s
Test / Sandbox (push) Successful in 1m51s
Test / Hakurei (push) Successful in 2m52s
Test / Sandbox (race detector) (push) Successful in 3m20s
Test / Planterette (push) Successful in 3m40s
Test / Hakurei (race detector) (push) Successful in 4m18s
Test / Flake checks (push) Successful in 1m10s
All checks were successful
Test / Create distribution (push) Successful in 32s
Test / Sandbox (push) Successful in 1m51s
Test / Hakurei (push) Successful in 2m52s
Test / Sandbox (race detector) (push) Successful in 3m20s
Test / Planterette (push) Successful in 3m40s
Test / Hakurei (race detector) (push) Successful in 4m18s
Test / Flake checks (push) Successful in 1m10s
This uses the Go map and is verified against libseccomp. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
10
flake.nix
10
flake.nix
@@ -187,12 +187,14 @@
|
||||
|
||||
generateSyscallTable = pkgs.mkShell {
|
||||
# this should be made cross-platform via nix
|
||||
shellHook = ''
|
||||
exec ${pkgs.perl}/bin/perl \
|
||||
shellHook = "exec ${pkgs.writeShellScript "generate-syscall-table" ''
|
||||
set -e
|
||||
${pkgs.perl}/bin/perl \
|
||||
sandbox/seccomp/mksysnum_linux.pl \
|
||||
${pkgs.linuxHeaders}/include/asm/unistd_64.h > \
|
||||
${pkgs.linuxHeaders}/include/asm/unistd_64.h | \
|
||||
${pkgs.go}/bin/gofmt > \
|
||||
sandbox/seccomp/syscall_linux_amd64.go
|
||||
'';
|
||||
''}";
|
||||
};
|
||||
}
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user