mirror of
https://github.com/NVIDIA/nvidia-container-toolkit
synced 2025-01-23 19:17:02 +00:00
48d5a1cd1a
Signed-off-by: Evan Lezar <elezar@nvidia.com>
56 lines
1.4 KiB
Go
56 lines
1.4 KiB
Go
package seccomp
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
rspec "github.com/opencontainers/runtime-spec/specs-go"
|
|
)
|
|
|
|
// ParseArchitectureFlag takes the raw string passed with the --arch flag, parses it
|
|
// and updates the Seccomp config accordingly
|
|
func ParseArchitectureFlag(architectureArg string, config *rspec.LinuxSeccomp) error {
|
|
correctedArch, err := parseArch(architectureArg)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
shouldAppend := true
|
|
for _, alreadySpecified := range config.Architectures {
|
|
if correctedArch == alreadySpecified {
|
|
shouldAppend = false
|
|
}
|
|
}
|
|
if shouldAppend {
|
|
config.Architectures = append(config.Architectures, correctedArch)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func parseArch(arch string) (rspec.Arch, error) {
|
|
arches := map[string]rspec.Arch{
|
|
"x86": rspec.ArchX86,
|
|
"amd64": rspec.ArchX86_64,
|
|
"x32": rspec.ArchX32,
|
|
"arm": rspec.ArchARM,
|
|
"arm64": rspec.ArchAARCH64,
|
|
"mips": rspec.ArchMIPS,
|
|
"mips64": rspec.ArchMIPS64,
|
|
"mips64n32": rspec.ArchMIPS64N32,
|
|
"mipsel": rspec.ArchMIPSEL,
|
|
"mipsel64": rspec.ArchMIPSEL64,
|
|
"mipsel64n32": rspec.ArchMIPSEL64N32,
|
|
"parisc": rspec.ArchPARISC,
|
|
"parisc64": rspec.ArchPARISC64,
|
|
"ppc": rspec.ArchPPC,
|
|
"ppc64": rspec.ArchPPC64,
|
|
"ppc64le": rspec.ArchPPC64LE,
|
|
"s390": rspec.ArchS390,
|
|
"s390x": rspec.ArchS390X,
|
|
}
|
|
a, ok := arches[arch]
|
|
if !ok {
|
|
return "", fmt.Errorf("unrecognized architecture: %s", arch)
|
|
}
|
|
return a, nil
|
|
}
|