Skip to content

L
lxc
Commit ab5e52f6 by Serge Hallyn
Options

Revert "seccomp: handle inverted arch"

It breaks container starts. This reverts commit 473ebc77.
parent 3afe9d72
Showing with 0 additions and 9 deletions
src/lxc/seccomp.c
...@@ -296,20 +296,11 @@ static int parse_config_v2(FILE *f, char *line, struct lxc_conf *conf) ...@@ -296,20 +296,11 @@ static int parse_config_v2(FILE *f, char *line, struct lxc_conf *conf)
if (native_arch == lxc_seccomp_arch_amd64) { if (native_arch == lxc_seccomp_arch_amd64) {
cur_rule_arch = lxc_seccomp_arch_all; cur_rule_arch = lxc_seccomp_arch_all;
compat_arch = SCMP_ARCH_X86; compat_arch = SCMP_ARCH_X86;
// Detect if we are on x86_64 kernel with 32-bit userspace
if (seccomp_arch_exist(conf->seccomp_ctx, SCMP_ARCH_X86)) {
compat_ctx = conf->seccomp_ctx;
conf->seccomp_ctx = get_new_ctx(lxc_seccomp_arch_amd64,
default_policy_action);
if (!conf->seccomp_ctx)
goto bad;
} else {
compat_ctx = get_new_ctx(lxc_seccomp_arch_i386, compat_ctx = get_new_ctx(lxc_seccomp_arch_i386,
default_policy_action); default_policy_action);
if (!compat_ctx) if (!compat_ctx)
goto bad; goto bad;
} }
}
if (default_policy_action != SCMP_ACT_KILL) { if (default_policy_action != SCMP_ACT_KILL) {
ret = seccomp_reset(conf->seccomp_ctx, default_policy_action); ret = seccomp_reset(conf->seccomp_ctx, default_policy_action);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment