eb38d95b8a
It makes more sense to keep constants.json in the minijail package, because that's where the tool that consumes it, compile_seccomp_policy, lives. By having it in this package, we can set it as the default location for compile_seccomp_policy, which means it shouldn't ever even need to be specified on the command line (although it still can be). And we can hook into the cross-compilation machinery to get it to automatically use the constants for the right architecture. I've also changed from generating constants.json by running a test program in qemu-user to generating it from LLVM IR, which will save a huge QEMU build dependency.
40 lines
1.1 KiB
Nix
40 lines
1.1 KiB
Nix
{ lib, stdenv, buildPythonApplication, pkgsBuildTarget, python, minijail }:
|
|
|
|
let
|
|
targetClang = pkgsBuildTarget.targetPackages.clangStdenv.cc;
|
|
in
|
|
|
|
buildPythonApplication {
|
|
pname = "minijail-tools";
|
|
inherit (minijail) version src;
|
|
|
|
postPatch = ''
|
|
substituteInPlace Makefile --replace /bin/echo echo
|
|
'';
|
|
|
|
postConfigure = ''
|
|
substituteInPlace tools/compile_seccomp_policy.py \
|
|
--replace "'constants.json'" "'$out/share/constants.json'"
|
|
'';
|
|
|
|
preBuild = ''
|
|
make libconstants.gen.c libsyscalls.gen.c
|
|
${targetClang}/bin/${targetClang.targetPrefix}cc -S -emit-llvm \
|
|
libconstants.gen.c libsyscalls.gen.c
|
|
${python.pythonForBuild.interpreter} tools/generate_constants_json.py \
|
|
--output constants.json \
|
|
libconstants.gen.ll libsyscalls.gen.ll
|
|
'';
|
|
|
|
postInstall = ''
|
|
mkdir -p $out/share
|
|
cp -v constants.json $out/share/constants.json
|
|
'';
|
|
|
|
meta = with lib; {
|
|
homepage = "https://android.googlesource.com/platform/external/minijail/+/refs/heads/master/tools/";
|
|
description = "A set of tools for minijail";
|
|
license = licenses.asl20;
|
|
inherit (minijail.meta) maintainers platforms;
|
|
};
|
|
}
|