summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac47
1 files changed, 17 insertions, 30 deletions
diff --git a/configure.ac b/configure.ac
index 14d1d196b..dbbd6e857 100644
--- a/configure.ac
+++ b/configure.ac
@@ -126,25 +126,6 @@ AC_CHECK_DECL([SECCOMP_MODE_FILTER], [have_seccomp_filter=1], , [
126 #include <linux/seccomp.h> 126 #include <linux/seccomp.h>
127]) 127])
128fi 128fi
129if test "x$have_seccomp_filter" = "x1" ; then
130AC_MSG_CHECKING([kernel for seccomp_filter support])
131AC_RUN_IFELSE([AC_LANG_PROGRAM([[
132 #include <errno.h>
133 #include <linux/seccomp.h>
134 #include <stdlib.h>
135 #include <sys/prctl.h>
136 ]],
137 [[ errno = 0;
138 prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0);
139 exit(errno == EFAULT ? 0 : 1); ]])],
140 [ AC_MSG_RESULT([yes]) ], [
141 AC_MSG_RESULT([no])
142 # Disable seccomp filter as a target
143 have_seccomp_filter=0
144 ],
145 [ AC_MSG_RESULT([cross-compiling, assuming yes]) ]
146)
147fi
148 129
149use_stack_protector=1 130use_stack_protector=1
150AC_ARG_WITH([stackprotect], 131AC_ARG_WITH([stackprotect],
@@ -2599,21 +2580,24 @@ AC_ARG_WITH([sandbox],
2599 fi 2580 fi
2600 ] 2581 ]
2601) 2582)
2583SANDBOX_STYLE=""
2602if test "x$sandbox_arg" = "xsystrace" || \ 2584if test "x$sandbox_arg" = "xsystrace" || \
2603 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 2585 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
2604 test "x$have_systr_policy_kill" != "x1" && \ 2586 test "x$have_systr_policy_kill" != "x1" && \
2605 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) 2587 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support])
2606 SANDBOX_STYLE="systrace" 2588 SANDBOX_STYLE="$SANDBOX_STYLE systrace"
2607 AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)]) 2589 AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)])
2608elif test "x$sandbox_arg" = "xdarwin" || \ 2590fi
2591if test "x$sandbox_arg" = "xdarwin" || \
2609 ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ 2592 ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \
2610 test "x$ac_cv_header_sandbox_h" = "xyes") ; then 2593 test "x$ac_cv_header_sandbox_h" = "xyes") ; then
2611 test "x$ac_cv_func_sandbox_init" != "xyes" -o \ 2594 test "x$ac_cv_func_sandbox_init" != "xyes" -o \
2612 "x$ac_cv_header_sandbox_h" != "xyes" && \ 2595 "x$ac_cv_header_sandbox_h" != "xyes" && \
2613 AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function]) 2596 AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function])
2614 SANDBOX_STYLE="darwin" 2597 SANDBOX_STYLE="$SANDBOX_STYLE darwin"
2615 AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)]) 2598 AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)])
2616elif test "x$sandbox_arg" = "xseccomp_filter" || \ 2599fi
2600if test "x$sandbox_arg" = "xseccomp_filter" || \
2617 ( test -z "$sandbox_arg" && \ 2601 ( test -z "$sandbox_arg" && \
2618 test "x$have_seccomp_filter" = "x1" && \ 2602 test "x$have_seccomp_filter" = "x1" && \
2619 test "x$ac_cv_header_linux_audit_h" = "xyes" && \ 2603 test "x$ac_cv_header_linux_audit_h" = "xyes" && \
@@ -2628,21 +2612,24 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \
2628 AC_MSG_ERROR([seccomp_filter sandbox requires seccomp headers]) 2612 AC_MSG_ERROR([seccomp_filter sandbox requires seccomp headers])
2629 test "x$ac_cv_func_prctl" != "xyes" && \ 2613 test "x$ac_cv_func_prctl" != "xyes" && \
2630 AC_MSG_ERROR([seccomp_filter sandbox requires prctl function]) 2614 AC_MSG_ERROR([seccomp_filter sandbox requires prctl function])
2631 SANDBOX_STYLE="seccomp_filter" 2615 SANDBOX_STYLE="$SANDBOX_STYLE seccomp_filter"
2632 AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) 2616 AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter])
2633elif test "x$sandbox_arg" = "xrlimit" || \ 2617fi
2618if test "x$sandbox_arg" = "xrlimit" || \
2634 ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then 2619 ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then
2635 test "x$ac_cv_func_setrlimit" != "xyes" && \ 2620 test "x$ac_cv_func_setrlimit" != "xyes" && \
2636 AC_MSG_ERROR([rlimit sandbox requires setrlimit function]) 2621 AC_MSG_ERROR([rlimit sandbox requires setrlimit function])
2637 SANDBOX_STYLE="rlimit" 2622 SANDBOX_STYLE="$SANDBOX_STYLE rlimit"
2638 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) 2623 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)])
2639elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 2624fi
2625if test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
2640 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 2626 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
2641 SANDBOX_STYLE="none" 2627 SANDBOX_STYLE="$SANDBOX_STYLE none"
2642 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing]) 2628fi
2643else 2629if test -z "$SANDBOX_STYLE" ; then
2644 AC_MSG_ERROR([unsupported --with-sandbox]) 2630 AC_MSG_ERROR([unsupported --with-sandbox])
2645fi 2631fi
2632SANDBOX_STYLE="${SANDBOX_STYLE# }"
2646 2633
2647# Cheap hack to ensure NEWS-OS libraries are arranged right. 2634# Cheap hack to ensure NEWS-OS libraries are arranged right.
2648if test ! -z "$SONY" ; then 2635if test ! -z "$SONY" ; then
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-18 03:12:04 +0000