-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCargo.toml
More file actions
44 lines (41 loc) · 1.61 KB
/
Cargo.toml
File metadata and controls
44 lines (41 loc) · 1.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# =============================================================================
# Guardian Shell - Workspace Root
# =============================================================================
#
# This is the Cargo workspace that ties together all crates in the project:
#
# guardian/ - Userspace daemon (loads eBPF, processes events, enforces policy)
# guardian-common/ - Shared types between kernel and userspace (must be no_std)
# guardian-ebpf/ - eBPF programs that run inside the Linux kernel
# xtask/ - Build tooling (compiles the eBPF program for BPF target)
#
# Build workflow:
# 1. cargo xtask build-ebpf # Compile eBPF program for BPF target
# 2. cargo build # Compile userspace daemon
# 3. sudo target/debug/guardian ... # Run (needs root for eBPF)
[workspace]
resolver = "2"
members = [
"guardian",
"guardian-common",
"guardian-ctl",
"guardian-ebpf",
"guardian-launch",
"xtask",
]
# guardian-ebpf requires a special target (bpfel-unknown-none) and nightly Rust.
# It's built separately via `cargo xtask build-ebpf`, NOT by normal `cargo build`.
# default-members controls what `cargo build` compiles.
default-members = ["guardian", "guardian-ctl", "guardian-launch", "xtask"]
# eBPF build profiles: panic = "abort" (BPF can't unwind) and opt-level = 2
# (verifier rejects unoptimized code). These apply workspace-wide but only
# matter for the guardian-ebpf crate built via `cargo xtask build-ebpf`.
[profile.dev]
panic = "abort"
opt-level = 2
debug = 2
[profile.release]
panic = "abort"
lto = "thin"
codegen-units = 1
strip = "symbols"