func addSeccompArch(spec *specs.LinuxSpec, sArch []string) error {
for _, archs := range sArch {
switch archs {
case "":
case "SCMP_ARCH_X86":
case "SCMP_ARCH_X86_64":
case "SCMP_ARCH_X32":
case "SCMP_ARCH_ARM":
case "SCMP_ARCH_AARCH64":
case "SCMP_ARCH_MIPS":
case "SCMP_ARCH_MIPS64":
case "SCMP_ARCH_MIPS64N32":
case "SCMP_ARCH_MIPSEL":
case "SCMP_ARCH_MIPSEL64":
case "SCMP_ARCH_MIPSEL64N32":
default:
return fmt.Errorf("seccomp-arch must be empty or one of " +
"SCMP_ARCH_X86|SCMP_ARCH_X86_64|SCMP_ARCH_X32|SCMP_ARCH_ARM|" +
"SCMP_ARCH_AARCH64SCMP_ARCH_MIPS|SCMP_ARCH_MIPS64|" +
"SCMP_ARCH_MIPS64N32|SCMP_ARCH_MIPSEL|SCMP_ARCH_MIPSEL64|" +
"SCMP_ARCH_MIPSEL64N32")
}
spec.Linux.Seccomp.Architectures = append(spec.Linux.Seccomp.Architectures, specs.Arch(archs))
}
return nil
}
func addSeccompArchitectures(spec *specs.LinuxSpec, rspec *specs.LinuxRuntimeSpec, context *cli.Context) error {
for _, archs := range context.StringSlice("seccomp-arch") {
switch archs {
case "":
case "SCMP_ARCH_X86":
case "SCMP_ARCH_X86_64":
case "SCMP_ARCH_X32":
case "SCMP_ARCH_ARM":
case "SCMP_ARCH_AARCH64":
case "SCMP_ARCH_MIPS":
case "SCMP_ARCH_MIPS64":
case "SCMP_ARCH_MIPS64N32":
case "SCMP_ARCH_MIPSEL":
case "SCMP_ARCH_MIPSEL64":
case "SCMP_ARCH_MIPSEL64N32":
default:
return fmt.Errorf("seccomp-arch must be empty or one of SCMP_ARCH_X86|SCMP_ARCH_X86_64|SCMP_ARCH_X32|SCMP_ARCH_ARM|SCMP_ARCH_AARCH64SCMP_ARCH_MIPS|SCMP_ARCH_MIPS64|SCMP_ARCH_MIPS64N32|SCMP_ARCH_MIPSEL|SCMP_ARCH_MIPSEL64|SCMP_ARCH_MIPSEL64N32")
}
rspec.Linux.Seccomp.Architectures = append(rspec.Linux.Seccomp.Architectures, specs.Arch(archs))
}
return nil
}
