proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 09:48:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

seccomp: cleanup compat architecture handling

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2018-04-15 22:12:51 +02:00
parent a55e2ad107
commit d648e178f1
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/lxc/seccomp.c
View File

@ -789,24 +789,36 @@ static int parse_config_v2(FILE *f, char *line, struct lxc_conf *conf)
}
}
INFO("Merging compat seccomp contexts into main context");
if (compat_ctx[0]) {
INFO("Merging compat seccomp contexts into main context");
if (compat_arch[0] != native_arch && compat_arch[0] != seccomp_arch_native()) {
if ((compat_arch[0] != native_arch) &&
(compat_arch[0] != seccomp_arch_native())) {
ret = seccomp_merge(conf->seccomp_ctx, compat_ctx[0]);
if (ret < 0) {
ERROR("Failed to merge first compat seccomp context into main context");
ERROR("Failed to merge first compat seccomp "
"context into main context");
goto bad;
}
TRACE("Merged first compat seccomp context into main context");
} else {
seccomp_release(compat_ctx[0]);
compat_ctx[0] = NULL;
}
}
if (compat_arch[1] && compat_arch[1] != native_arch && compat_arch[1] != seccomp_arch_native()) {
if (compat_ctx[1]) {
if ((compat_arch[1] != native_arch) &&
(compat_arch[1] != seccomp_arch_native())) {
ret = seccomp_merge(conf->seccomp_ctx, compat_ctx[1]);
if (ret < 0) {
ERROR("Failed to merge first compat seccomp context into main context");
ERROR("Failed to merge first compat seccomp "
"context into main context");
goto bad;
}
TRACE("Merged second compat seccomp context into main context");
} else {
seccomp_release(compat_ctx[1]);
compat_ctx[1] = NULL;
}
}