Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

seccomp: support s390 seccomp #3233

Merged
merged 1 commit into from Dec 17, 2019
Merged

seccomp: support s390 seccomp #3233

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
20 changes: 19 additions & 1 deletion src/lxc/seccomp.c
View file
Open in desktop
Expand Up @@ -339,6 +339,7 @@ enum lxc_hostarch_t {
lxc_seccomp_arch_mipsel64,
lxc_seccomp_arch_mipsel64n32,
lxc_seccomp_arch_s390x,
lxc_seccomp_arch_s390,
lxc_seccomp_arch_unknown = 999,
};

Expand Down Expand Up @@ -371,7 +372,8 @@ int get_hostarch(void)
return MIPS_ARCH_O32;
else if (strncmp(uts.machine, "s390x", 5) == 0)
return lxc_seccomp_arch_s390x;

else if (strncmp(uts.machine, "s390", 4) == 0)
return lxc_seccomp_arch_s390;
return lxc_seccomp_arch_unknown;
}

Expand Down Expand Up @@ -439,6 +441,11 @@ scmp_filter_ctx get_new_ctx(enum lxc_hostarch_t n_arch,
case lxc_seccomp_arch_s390x:
arch = SCMP_ARCH_S390X;
break;
#endif
#ifdef SCMP_ARCH_S390
case lxc_seccomp_arch_s390:
arch = SCMP_ARCH_S390;
break;
#endif
default:
return NULL;
Expand Down Expand Up @@ -938,6 +945,17 @@ static int parse_config_v2(FILE *f, char *line, size_t *line_bufsz, struct lxc_c

cur_rule_arch = lxc_seccomp_arch_s390x;
}
#endif
#ifdef SCMP_ARCH_S390
else if (strcmp(line, "[s390]") == 0 ||
strcmp(line, "[S390]") == 0) {
if (native_arch != lxc_seccomp_arch_s390) {
cur_rule_arch = lxc_seccomp_arch_unknown;
continue;
}

cur_rule_arch = lxc_seccomp_arch_s390;
}
#endif
else {
goto bad_arch;
Expand Down