diff --git a/libcontainer/seccomp/config.go b/libcontainer/seccomp/config.go index 2b15576..841f9d9 100644 --- a/libcontainer/seccomp/config.go +++ b/libcontainer/seccomp/config.go @@ -69,6 +69,7 @@ var archs = map[string]string{ "SCMP_ARCH_RISCV64": "riscv64", "SCMP_ARCH_S390": "s390", "SCMP_ARCH_S390X": "s390x", + "SCMP_ARCH_LOONGARCH64": "loong64", } // KnownArchs returns the list of the known archs. diff --git a/libcontainer/seccomp/patchbpf/enosys_linux.go b/libcontainer/seccomp/patchbpf/enosys_linux.go index 6376512..391c319 100644 --- a/libcontainer/seccomp/patchbpf/enosys_linux.go +++ b/libcontainer/seccomp/patchbpf/enosys_linux.go @@ -75,6 +75,7 @@ const uint32_t C_AUDIT_ARCH_PPC64LE = AUDIT_ARCH_PPC64LE; const uint32_t C_AUDIT_ARCH_S390 = AUDIT_ARCH_S390; const uint32_t C_AUDIT_ARCH_S390X = AUDIT_ARCH_S390X; const uint32_t C_AUDIT_ARCH_RISCV64 = AUDIT_ARCH_RISCV64; +const uint32_t C_AUDIT_ARCH_LOONGARCH64 = AUDIT_ARCH_LOONGARCH64; */ import "C" @@ -212,6 +213,8 @@ func archToNative(arch libseccomp.ScmpArch) (nativeArch, error) { return nativeArch(C.C_AUDIT_ARCH_S390X), nil case libseccomp.ArchRISCV64: return nativeArch(C.C_AUDIT_ARCH_RISCV64), nil + case libseccomp.ArchLOONGARCH64: + return nativeArch(C.C_AUDIT_ARCH_LOONGARCH64), nil default: return invalidArch, fmt.Errorf("unknown architecture: %v", arch) } diff --git a/libcontainer/seccomp/patchbpf/enosys_linux_test.go b/libcontainer/seccomp/patchbpf/enosys_linux_test.go index e2d363a..a66fe35 100644 --- a/libcontainer/seccomp/patchbpf/enosys_linux_test.go +++ b/libcontainer/seccomp/patchbpf/enosys_linux_test.go @@ -105,6 +105,7 @@ var testArches = []string{ "ppc64le", "s390", "s390x", + "loong64", } func testEnosysStub(t *testing.T, defaultAction configs.Action, arches []string) { diff --git a/libcontainer/system/syscall_linux_64.go b/libcontainer/system/syscall_linux_64.go index 97f1ba0..5db345a 100644 --- a/libcontainer/system/syscall_linux_64.go +++ b/libcontainer/system/syscall_linux_64.go @@ -1,6 +1,6 @@ //go:build linux && (arm64 || amd64 || mips || mipsle || mips64 || mips64le || loong64 || ppc || ppc64 || ppc64le || riscv64 || s390x) // +build linux -// +build arm64 amd64 mips mipsle mips64 mips64le ppc ppc64 ppc64le riscv64 s390x +// +build arm64 amd64 mips mipsle mips64 mips64le ppc ppc64 ppc64le riscv64 s390x loong64 package system diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go index 135f74a..e32af2f 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go @@ -643,6 +643,7 @@ const ( ArchPARISC Arch = "SCMP_ARCH_PARISC" ArchPARISC64 Arch = "SCMP_ARCH_PARISC64" ArchRISCV64 Arch = "SCMP_ARCH_RISCV64" + ArchLOONGARCH64 Arch = "SCMP_ARCH_LOONGARCH64" ) // LinuxSeccompAction taken upon Seccomp rule match diff --git a/vendor/github.com/seccomp/libseccomp-golang/seccomp.go b/vendor/github.com/seccomp/libseccomp-golang/seccomp.go index 8dad12f..2552394 100644 --- a/vendor/github.com/seccomp/libseccomp-golang/seccomp.go +++ b/vendor/github.com/seccomp/libseccomp-golang/seccomp.go @@ -174,6 +174,8 @@ const ( ArchPARISC64 // ArchRISCV64 represents RISCV64 ArchRISCV64 + // ArchLOONGARCH64 represents 64-bit LoongArch System syscalls + ArchLOONGARCH64 ) const ( @@ -305,6 +307,8 @@ func GetArchFromString(arch string) (ScmpArch, error) { return ArchPARISC64, nil case "riscv64": return ArchRISCV64, nil + case "loongarch64", "loong64": + return ArchLOONGARCH64, nil default: return ArchInvalid, fmt.Errorf("cannot convert unrecognized string %q", arch) } @@ -351,6 +355,8 @@ func (a ScmpArch) String() string { return "parisc64" case ArchRISCV64: return "riscv64" + case ArchLOONGARCH64: + return "loong64" case ArchNative: return "native" case ArchInvalid: diff --git a/vendor/github.com/seccomp/libseccomp-golang/seccomp_internal.go b/vendor/github.com/seccomp/libseccomp-golang/seccomp_internal.go index df4dfb7..1997fb3 100644 --- a/vendor/github.com/seccomp/libseccomp-golang/seccomp_internal.go +++ b/vendor/github.com/seccomp/libseccomp-golang/seccomp_internal.go @@ -68,6 +68,10 @@ const uint32_t C_ARCH_BAD = ARCH_BAD; #define SCMP_ARCH_RISCV64 ARCH_BAD #endif +#ifndef SCMP_ARCH_LOONGARCH64 +#define SCMP_ARCH_LOONGARCH64 ARCH_BAD +#endif + const uint32_t C_ARCH_NATIVE = SCMP_ARCH_NATIVE; const uint32_t C_ARCH_X86 = SCMP_ARCH_X86; const uint32_t C_ARCH_X86_64 = SCMP_ARCH_X86_64; @@ -88,6 +92,7 @@ const uint32_t C_ARCH_S390X = SCMP_ARCH_S390X; const uint32_t C_ARCH_PARISC = SCMP_ARCH_PARISC; const uint32_t C_ARCH_PARISC64 = SCMP_ARCH_PARISC64; const uint32_t C_ARCH_RISCV64 = SCMP_ARCH_RISCV64; +const uint32_t C_ARCH_LOONGARCH64 = SCMP_ARCH_LOONGARCH64; #ifndef SCMP_ACT_LOG #define SCMP_ACT_LOG 0x7ffc0000U @@ -291,7 +296,7 @@ const ( scmpError C.int = -1 // Comparison boundaries to check for architecture validity archStart ScmpArch = ArchNative - archEnd ScmpArch = ArchRISCV64 + archEnd ScmpArch = ArchLOONGARCH64 // Comparison boundaries to check for action validity actionStart ScmpAction = ActKillThread actionEnd ScmpAction = ActKillProcess @@ -551,6 +556,8 @@ func archFromNative(a C.uint32_t) (ScmpArch, error) { return ArchPARISC64, nil case C.C_ARCH_RISCV64: return ArchRISCV64, nil + case C.C_ARCH_LOONGARCH64: + return ArchLOONGARCH64, nil default: return 0x0, fmt.Errorf("unrecognized architecture %#x", uint32(a)) } @@ -597,6 +604,8 @@ func (a ScmpArch) toNative() C.uint32_t { return C.C_ARCH_PARISC64 case ArchRISCV64: return C.C_ARCH_RISCV64 + case ArchLOONGARCH64: + return C.C_ARCH_LOONGARCH64 case ArchNative: return C.C_ARCH_NATIVE default: