seccomp: convert to meson
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
diff --git a/configure b/configure
index 5766bce..0c4104e 100755
--- a/configure
+++ b/configure
@@ -413,7 +413,7 @@
crypto_afalg="no"
cfi="false"
cfi_debug="false"
-seccomp="$default_feature"
+seccomp="auto"
glusterfs="auto"
gtk="$default_feature"
gtk_gl="no"
@@ -1355,9 +1355,9 @@
;;
--disable-tools) want_tools="no"
;;
- --enable-seccomp) seccomp="yes"
+ --enable-seccomp) seccomp="enabled"
;;
- --disable-seccomp) seccomp="no"
+ --disable-seccomp) seccomp="disabled"
;;
--disable-glusterfs) glusterfs="disabled"
;;
@@ -2458,24 +2458,6 @@
fi
##########################################
-# libseccomp check
-
-if test "$seccomp" != "no" ; then
- libseccomp_minver="2.3.0"
- if $pkg_config --atleast-version=$libseccomp_minver libseccomp ; then
- seccomp_cflags="$($pkg_config --cflags libseccomp)"
- seccomp_libs="$($pkg_config --libs libseccomp)"
- seccomp="yes"
- else
- if test "$seccomp" = "yes" ; then
- feature_not_found "libseccomp" \
- "Install libseccomp devel >= $libseccomp_minver"
- fi
- seccomp="no"
- fi
-fi
-
-##########################################
# xen probe
if test "$xen" != "disabled" ; then
@@ -6084,12 +6066,6 @@
echo "CONFIG_AVX512F_OPT=y" >> $config_host_mak
fi
-if test "$seccomp" = "yes"; then
- echo "CONFIG_SECCOMP=y" >> $config_host_mak
- echo "SECCOMP_CFLAGS=$seccomp_cflags" >> $config_host_mak
- echo "SECCOMP_LIBS=$seccomp_libs" >> $config_host_mak
-fi
-
# XXX: suppress that
if [ "$bsd" = "yes" ] ; then
echo "CONFIG_BSD=y" >> $config_host_mak
@@ -6648,7 +6624,7 @@
-Dcurl=$curl -Dglusterfs=$glusterfs -Dbzip2=$bzip2 -Dlibiscsi=$libiscsi \
-Dlibnfs=$libnfs -Diconv=$iconv -Dcurses=$curses -Dlibudev=$libudev\
-Drbd=$rbd -Dlzo=$lzo -Dsnappy=$snappy -Dlzfse=$lzfse \
- -Dzstd=$zstd \
+ -Dzstd=$zstd -Dseccomp=$seccomp \
-Ddocs=$docs -Dsphinx_build=$sphinx_build -Dinstall_blobs=$blobs \
-Dvhost_user_blk_server=$vhost_user_blk_server \
-Dfuse=$fuse -Dfuse_lseek=$fuse_lseek \
diff --git a/meson.build b/meson.build
index 20a4705..55c3969 100644
--- a/meson.build
+++ b/meson.build
@@ -333,9 +333,10 @@
libattr = declare_dependency(link_args: config_host['LIBATTR_LIBS'].split())
endif
seccomp = not_found
-if 'CONFIG_SECCOMP' in config_host
- seccomp = declare_dependency(compile_args: config_host['SECCOMP_CFLAGS'].split(),
- link_args: config_host['SECCOMP_LIBS'].split())
+if not get_option('seccomp').auto() or have_system or have_tools
+ seccomp = dependency('libseccomp', version: '>=2.3.0',
+ required: get_option('seccomp'),
+ method: 'pkg-config', static: enable_static)
endif
libcap_ng = not_found
if 'CONFIG_LIBCAP_NG' in config_host
@@ -998,6 +999,7 @@
config_host_data.set('CONFIG_RBD', rbd.found())
config_host_data.set('CONFIG_SDL', sdl.found())
config_host_data.set('CONFIG_SDL_IMAGE', sdl_image.found())
+config_host_data.set('CONFIG_SECCOMP', seccomp.found())
config_host_data.set('CONFIG_SNAPPY', snappy.found())
config_host_data.set('CONFIG_VHOST_USER_BLK_SERVER', have_vhost_user_blk_server)
config_host_data.set('CONFIG_VNC', vnc.found())
@@ -2367,7 +2369,7 @@
summary_info += {'QGA w32 disk info': config_host.has_key('CONFIG_QGA_NTDDSCSI')}
summary_info += {'QGA MSI support': config_host.has_key('CONFIG_QGA_MSI')}
endif
-summary_info += {'seccomp support': config_host.has_key('CONFIG_SECCOMP')}
+summary_info += {'seccomp support': seccomp.found()}
summary_info += {'CFI support': get_option('cfi')}
summary_info += {'CFI debug support': get_option('cfi_debug')}
summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}
diff --git a/meson_options.txt b/meson_options.txt
index b92b13a..c0eba45 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -72,6 +72,8 @@
description: 'SDL user interface')
option('sdl_image', type : 'feature', value : 'auto',
description: 'SDL Image support for icons')
+option('seccomp', type : 'feature', value : 'auto',
+ description: 'seccomp support')
option('snappy', type : 'feature', value : 'auto',
description: 'snappy compression support')
option('u2f', type : 'feature', value : 'auto',
diff --git a/softmmu/meson.build b/softmmu/meson.build
index 2dab6c7..d8e0301 100644
--- a/softmmu/meson.build
+++ b/softmmu/meson.build
@@ -28,5 +28,5 @@
), sdl, libpmem, libdaxctl)
softmmu_ss.add(when: 'CONFIG_TPM', if_true: files('tpm.c'))
-softmmu_ss.add(when: 'CONFIG_SECCOMP', if_true: [files('qemu-seccomp.c'), seccomp])
+softmmu_ss.add(when: seccomp, if_true: files('qemu-seccomp.c'))
softmmu_ss.add(when: fdt, if_true: files('device_tree.c'))
diff --git a/softmmu/qemu-seccomp.c b/softmmu/qemu-seccomp.c
index 8325ecb..377ef69 100644
--- a/softmmu/qemu-seccomp.c
+++ b/softmmu/qemu-seccomp.c
@@ -202,7 +202,6 @@
return rc < 0 ? -1 : 0;
}
-#ifdef CONFIG_SECCOMP
int parse_sandbox(void *opaque, QemuOpts *opts, Error **errp)
{
if (qemu_opt_get_bool(opts, "enable", false)) {
@@ -328,4 +327,3 @@
}
}
opts_init(seccomp_register);
-#endif
diff --git a/tools/meson.build b/tools/meson.build
index 76bf84d..5c52d79 100644
--- a/tools/meson.build
+++ b/tools/meson.build
@@ -1,6 +1,6 @@
have_virtiofsd = (targetos == 'linux' and
have_tools and
- 'CONFIG_SECCOMP' in config_host and
+ seccomp.found() and
'CONFIG_LIBCAP_NG' in config_host and
'CONFIG_VHOST_USER' in config_host)
@@ -8,7 +8,7 @@
if not have_virtiofsd
if targetos != 'linux'
error('virtiofsd requires Linux')
- elif 'CONFIG_SECCOMP' not in config_host or 'CONFIG_LIBCAP_NG' not in config_host
+ elif not seccomp.found() or 'CONFIG_LIBCAP_NG' not in config_host
error('virtiofsd requires libcap-ng-devel and seccomp-devel')
elif not have_tools or 'CONFIG_VHOST_USER' not in config_host
error('virtiofsd needs tools and vhost-user support')