Home Explore Help
Sign In
mbuesch
/
letmein
Watch 1
Star 0
Fork 0
Files Pull Requests 0 Wiki
Branch: control-udp
Branches Tags
letmein
/
letmeind
/
build.rs

build.rs 955 B
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. // -*- coding: utf-8 -*-
    2. 

  2. //
    3. 

  3. // Copyright (C) 2024 Michael Büsch <m@bues.ch>
    4. 

  4. //
    5. 

  5. // Licensed under the Apache License version 2.0
    6. 

  6. // or the MIT license, at your option.
    7. 

  7. // SPDX-License-Identifier: Apache-2.0 OR MIT
    8. 

  8. 

  9. #![forbid(unsafe_code)]
    10. 

  10. 

  11. use build_target::target_arch;
    12. 

  12. use letmein_seccomp::{Allow, Filter};
    13. 

  13. use std::path::Path;
    14. 

  14. 

  15. const SECCOMP_ALLOW_LIST: [Allow; 11] = [
    16. 

  16.     Allow::Mmap,
    17. 

  17.     Allow::Mprotect,
    18. 

  18.     Allow::Read,
    19. 

  19.     Allow::Write,
    20. 

  20.     Allow::Recv,
    21. 

  21.     Allow::Send,
    22. 

  22.     Allow::Listen,
    23. 

  23.     Allow::TcpAccept,
    24. 

  24.     Allow::UnixConnect,
    25. 

  25.     Allow::Signal,
    26. 

  26.     Allow::Futex,
    27. 

  27. ];
    28. 

  28. 

  29. fn main() {
    30. 

  30.     let arch = target_arch().expect("Failed to get build target architecture");
    31. 

  31.     let out_dir = std::env::var("OUT_DIR").expect("OUT_DIR is not set");
    32. 

  32. 

  33.     // Precompile the seccomp filters.
    34. 

  34.     Filter::precompile(&SECCOMP_ALLOW_LIST, arch.as_str(), Path::new(&out_dir))
    35. 

  35.         .expect("Failed to precompile seccomp BPF");
    36. 

  36. }
    37. 

  37. 

  38. // vim: ts=4 sw=4 expandtab
    39. 

  39.