genode/repos/base-linux/lib/mk/base-linux.mk
Stefan Thöni 78497c03ca base-linux: enabled seccomp
base-linux uses seccomp to reduce the available system calls
to the minimum set needed to run base-linux. There are still
some syscalls that allow accessing global state which should
be further reduced.

The combination of seccomp and socket descriptor caps should
provide an intermediate level of security for base-linux
thereby enabling base-linux as a migration path from using
the Linux kernel to the use of microkernel-based Genode.

Fixes #3581
2020-05-27 11:56:46 +02:00

15 lines
410 B
Makefile

#
# \brief Base lib parts that are not used by hybrid applications
# \author Sebastian Sumpf
# \date 2014-02-21
#
include $(REP_DIR)/lib/mk/base-linux.inc
LIBS += startup-linux base-linux-common cxx seccomp
SRC_CC += thread.cc thread_myself.cc thread_linux.cc
SRC_CC += capability_space.cc capability_raw.cc
SRC_CC += attach_stack_area.cc
SRC_CC += signal_transmitter.cc signal.cc
SRC_CC += platform.cc