[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
master 9a57897: Don't attempt to generate Seccomp filter file in Linux <
|
From: |
Philipp Stephani |
|
Subject: |
master 9a57897: Don't attempt to generate Seccomp filter file in Linux < 4.14. |
|
Date: |
Sun, 11 Apr 2021 14:48:53 -0400 (EDT) |
branch: master
commit 9a57897ea1a125782ff332814d3f978c38162cf8
Author: Philipp Stephani <phst@google.com>
Commit: Philipp Stephani <phst@google.com>
Don't attempt to generate Seccomp filter file in Linux < 4.14.
Only Linux 4.14 and later contain the required support for
SECCOMP_RET_KILL_PROCESS.
* lib-src/Makefile.in (SECCOMP_FILTER): Define only if we run at least
Linux 4.14.
---
lib-src/Makefile.in | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib-src/Makefile.in b/lib-src/Makefile.in
index b4143b3..35cfa56 100644
--- a/lib-src/Makefile.in
+++ b/lib-src/Makefile.in
@@ -196,9 +196,15 @@ LIBSECCOMP_CFLAGS=@LIBSECCOMP_CFLAGS@
# Currently, we can only generate seccomp filter files for x86-64.
ifeq ($(HAVE_LIBSECCOMP),yes)
ifeq ($(shell uname -m),x86_64)
+# We require SECCOMP_RET_KILL_PROCESS, which is only available in
+# Linux 4.14 and later.
+ifeq ($(shell { echo 4.14; uname -r | cut -d . -f 1-2; } | \
+ sort -C -t . -n -k 1,1 -k 2,2 && \
+ echo 1),1)
SECCOMP_FILTER=1
endif
endif
+endif
ifeq ($(SECCOMP_FILTER),1)
DONT_INSTALL += seccomp-filter$(EXEEXT)
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- master 9a57897: Don't attempt to generate Seccomp filter file in Linux < 4.14.,
Philipp Stephani <=