diff --git a/_service b/_service
new file mode 100644
index 0000000..7cd61ce
--- /dev/null
+++ b/_service
@@ -0,0 +1,9 @@
+
+
+ git://github.com/seccomp/libseccomp
+ 8ed78c3859f476d302995b43d6739f3341f5b37d
+ git
+ v2.2.0
+ 2.3.0~g@TAG_OFFSET@
+
+
diff --git a/libseccomp-2.2.3.tar.gz b/libseccomp-2.2.3.tar.gz
deleted file mode 100644
index cf8c129..0000000
--- a/libseccomp-2.2.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d9b400b703cab7bb04b84b9b6e52076a630b673819d7541757bcc16467b6d49e
-size 522755
diff --git a/libseccomp-2.2.3.tar.gz.SHA256SUM.asc b/libseccomp-2.2.3.tar.gz.SHA256SUM.asc
deleted file mode 100644
index 8e9067b..0000000
--- a/libseccomp-2.2.3.tar.gz.SHA256SUM.asc
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA256
-
-d9b400b703cab7bb04b84b9b6e52076a630b673819d7541757bcc16467b6d49e libseccomp-2.2.3.tar.gz
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQIcBAEBCAAGBQJVnXdcAAoJEFXkWlroynyKYpcQAIybotC9pvkV1K0WMd8QQUvh
-ODaxOV36L3W9n74bU3S0VA8j3qie6e2UT1mUtNRbB+TpZhC6Z/LzIVjove8gcGwO
-CxCtt8sDSCW4n8mpQSkAdEUovHOIAxezgUB1A/L48BVoenwfQ7rLOrgMyd8ZIWOF
-3eDLFiG/WeenzskgDYJN4Sh0LpEjNB5PMEIqDz1nOf0gJ3M1vHaivtxBCG5+6BRE
-6swi5YYs4UYBSd/qOvkHOgZLVUZtXCV2ZqhXvu5WjgyoFK157U8c1Wu1atGe2Vdw
-l0rasHVpnCvCoCPbrUQNSdx1aVdj+MlVjawfsFwxo6W6nnZbbFslHFde/YyLinum
-4zbH4ysarCYI7Sz8Fv9O08CE/AAujlN6ZDyQ1LjQYesVFM9+KjXEwdlKPRy+nuiJ
-wbR62V1GYO1knHAK3TX4AL35gCOOcSBY4pE7PjAyvX2srhx91Xh5eBdqgOmro/RZ
-wyHP73cBumfdQm9geA/qYdMfdQwlaNtPlAODUr4Z7Y6H2efDp/sxnyDCK76Khlz+
-OIWn7IbDSeLWhSZMoaSwb7g/QkqIQBFLInCtfT7KbDLovcgfUVOyATtm4m1mZv4w
-/3RMjOJx6RNTw2ySGlenY3j7kkFiXrO5q/5jz5wkId0UOlfdO7AlCznn/wodaphN
-M70VLnkaUvHHh/Akad0/
-=2IkP
------END PGP SIGNATURE-----
diff --git a/libseccomp-2.3.0.tar.gz b/libseccomp-2.3.0.tar.gz
new file mode 100644
index 0000000..df26433
--- /dev/null
+++ b/libseccomp-2.3.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d756e3a77578259a808698a50c43d44612aae3339ea42ab5b15ea983f26b901d
+size 546948
diff --git a/libseccomp-2.3.0.tar.gz.SHA256SUM.asc b/libseccomp-2.3.0.tar.gz.SHA256SUM.asc
new file mode 100644
index 0000000..e4eab4d
--- /dev/null
+++ b/libseccomp-2.3.0.tar.gz.SHA256SUM.asc
@@ -0,0 +1,21 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+d756e3a77578259a808698a50c43d44612aae3339ea42ab5b15ea983f26b901d libseccomp-2.3.0.tar.gz
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIcBAEBCAAGBQJW1FzeAAoJEFXkWlroynyKK8QP/RsRk8DTEunGO2eWpUpMYSOO
+oBog4vn3zjqhgWd9kJOPCf3IYaEE2fC/Z87hvGm/2NWP6wNMnZ1g1D+W38TI2mq2
+P0ztM1rFgWCK/6tZ3O+255OLvgFpC3D7Dqfr+4BniGPyBedYV7d/4fC0qed3rMHY
+Y2wWRcjET5HlrWb4ef/uWWWN39YT1hRg1SSzShebKKOfGKTr6C458ggYIgBtBP/y
+1nid2Ym/oQwDlKqQV1pGHwf4q0dPBog2GTnavMM+ge7L1FbvRKWFEGex9C36wcN/
+hzxUTG9q7+w5l4YaFpc32TTzmLLRdEb9Ykhu4qJ2Il7x/LKVaavWfJMjSt/X4/65
+Ika+tPAUbyA4aWB+c0cBpRMmFtXJHueZCbb2edMGTwPJzkJnNWh1YIK9SBcCXF+8
+SZ85LdyFbK98tFMuUj+oSJLlFtxnsUshrN7+qPRXLfkIQ7tKaIE+GuLT3oDqwHOL
+q5H++4WJv63jFNLSkHoOJe9YSrUITqjKo6zDKMLkSsgbu8UNQrLLn4f8XZV0K352
+qHKP/PxaVaZvshrKZ4VR9/r8sihMtWpqYx/GpaQoJID9GI6z5L0b741FeJ4w0Enw
+IXRh4NIBe77LuRRy5I35diGoaiTlhDhOPUg7LCYHht/GTHkGgZ9Y06fhzCWuUNDA
+FS9ak169Uod6oSnX3X7Y
+=kJQO
+-----END PGP SIGNATURE-----
diff --git a/libseccomp-ppc64le.patch b/libseccomp-ppc64le.patch
deleted file mode 100644
index 6acde44..0000000
--- a/libseccomp-ppc64le.patch
+++ /dev/null
@@ -1,477 +0,0 @@
----
- include/seccomp.h | 24 ++++++++++++++++++++++++
- include/seccomp.h.in | 4 ++++
- src/arch-ppc64-syscalls.c | 13 +++++++++++++
- src/arch-ppc64.c | 11 +++++++----
- src/arch-ppc64.h | 12 ++----------
- src/arch-syscall-dump.c | 5 +++++
- src/arch-syscall-validate | 37 ++++++++++++++++++++++++++++++++++++-
- src/arch.c | 12 +++++++++++-
- src/gen_pfc.c | 2 ++
- tests/16-sim-arch_basic.c | 3 +++
- tests/16-sim-arch_basic.py | 2 ++
- tests/23-sim-arch_all_le_basic.c | 3 +++
- tests/23-sim-arch_all_le_basic.py | 1 +
- tests/26-sim-arch_all_be_basic.c | 3 +++
- tests/26-sim-arch_all_be_basic.py | 1 +
- tests/regression | 4 ++--
- tools/scmp_arch_detect.c | 3 +++
- tools/scmp_bpf_disasm.c | 4 ++++
- tools/scmp_bpf_sim.c | 10 ++++++----
- tools/util.c | 4 +++-
- tools/util.h | 4 ++++
- 21 files changed, 139 insertions(+), 23 deletions(-)
-
-Index: libseccomp-2.2.1/include/seccomp.h
-===================================================================
---- libseccomp-2.2.1.orig/include/seccomp.h
-+++ libseccomp-2.2.1/include/seccomp.h
-@@ -163,6 +163,30 @@ struct scmp_arg_cmp {
- #define SCMP_ARCH_MIPSEL64N32 AUDIT_ARCH_MIPSEL64N32
-
- /**
-+ * The S390X architecture token
-+ */
-+#define SCMP_ARCH_S390X AUDIT_ARCH_S390X
-+
-+/**
-+ * The S390 architecture token
-+ */
-+#define SCMP_ARCH_S390 AUDIT_ARCH_S390
-+
-+/**
-+ * The PowerPC architecture token
-+ */
-+#define SCMP_ARCH_PPC AUDIT_ARCH_PPC
-+
-+/**
-+ * The PowerPC64 architecture token
-+ */
-+#define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
-+#ifndef AUDIT_ARCH_PPC64LE
-+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
-+#endif
-+#define SCMP_ARCH_PPC64LE AUDIT_ARCH_PPC64LE
-+
-+/**
- * Convert a syscall name into the associated syscall number
- * @param x the syscall name
- */
-Index: libseccomp-2.2.1/include/seccomp.h.in
-===================================================================
---- libseccomp-2.2.1.orig/include/seccomp.h.in
-+++ libseccomp-2.2.1/include/seccomp.h.in
-@@ -181,6 +181,10 @@ struct scmp_arg_cmp {
- * The PowerPC64 architecture token
- */
- #define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
-+#ifndef AUDIT_ARCH_PPC64LE
-+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
-+#endif
-+#define SCMP_ARCH_PPC64LE AUDIT_ARCH_PPC64LE
-
- /**
- * Convert a syscall name into the associated syscall number
-Index: libseccomp-2.2.1/src/arch-ppc64-syscalls.c
-===================================================================
---- libseccomp-2.2.1.orig/src/arch-ppc64-syscalls.c
-+++ libseccomp-2.2.1/src/arch-ppc64-syscalls.c
-@@ -425,3 +425,16 @@ const char *ppc64_syscall_resolve_num(in
-
- return NULL;
- }
-+/**
-+ * Iterate through the syscall table and return the syscall name
-+ * @param spot the offset into the syscall table
-+ *
-+ * Return the syscall name at position @spot or NULL on failure. This function
-+ * should only ever be used internally by libseccomp.
-+ *
-+ */
-+const char *ppc64_syscall_iterate_name(unsigned int spot)
-+{
-+ /* XXX - no safety checks here */
-+ return ppc64_syscall_table[spot].name;
-+}
-Index: libseccomp-2.2.1/src/arch-ppc64.c
-===================================================================
---- libseccomp-2.2.1.orig/src/arch-ppc64.c
-+++ libseccomp-2.2.1/src/arch-ppc64.c
-@@ -30,9 +30,12 @@ const struct arch_def arch_def_ppc64 = {
- .token = SCMP_ARCH_PPC64,
- .token_bpf = AUDIT_ARCH_PPC64,
- .size = ARCH_SIZE_64,
--#ifdef __LITTLE_ENDIAN__
-- .endian = ARCH_ENDIAN_LITTLE,
--#else
- .endian = ARCH_ENDIAN_BIG,
--#endif
-+};
-+
-+const struct arch_def arch_def_ppc64le = {
-+ .token = SCMP_ARCH_PPC64LE,
-+ .token_bpf = AUDIT_ARCH_PPC64LE,
-+ .size = ARCH_SIZE_64,
-+ .endian = ARCH_ENDIAN_LITTLE,
- };
-Index: libseccomp-2.2.1/src/arch-ppc64.h
-===================================================================
---- libseccomp-2.2.1.orig/src/arch-ppc64.h
-+++ libseccomp-2.2.1/src/arch-ppc64.h
-@@ -27,19 +27,11 @@
- #include "arch.h"
- #include "system.h"
-
--#define ppc64_arg_count_max 6
--
- extern const struct arch_def arch_def_ppc64;
--
--#ifdef __LITTLE_ENDIAN__
--#define ppc64_arg_offset_lo(x) (arch_arg_offset(x))
--#define ppc64_arg_offset_hi(x) (arch_arg_offset(x) + 4)
--#else
--#define ppc64_arg_offset_lo(x) (arch_arg_offset(x) + 4)
--#define ppc64_arg_offset_hi(x) (arch_arg_offset(x))
--#endif
-+extern const struct arch_def arch_def_ppc64le;
-
- int ppc64_syscall_resolve_name(const char *name);
- const char *ppc64_syscall_resolve_num(int num);
-
-+const char *ppc64_syscall_iterate_name(unsigned int spot);
- #endif
-Index: libseccomp-2.2.1/src/arch-syscall-dump.c
-===================================================================
---- libseccomp-2.2.1.orig/src/arch-syscall-dump.c
-+++ libseccomp-2.2.1/src/arch-syscall-dump.c
-@@ -38,6 +38,7 @@
- #include "arch-mips64.h"
- #include "arch-mips64n32.h"
- #include "arch-aarch64.h"
-+#include "arch-ppc64.h"
-
- /**
- * Print the usage information to stderr and exit
-@@ -112,6 +113,10 @@ int main(int argc, char *argv[])
- case SCMP_ARCH_AARCH64:
- sys_name = aarch64_syscall_iterate_name(iter);
- break;
-+ case SCMP_ARCH_PPC64:
-+ case SCMP_ARCH_PPC64LE:
-+ sys_name = ppc64_syscall_iterate_name(iter);
-+ break;
- default:
- /* invalid arch */
- exit_usage(argv[0]);
-Index: libseccomp-2.2.1/src/arch-syscall-validate
-===================================================================
---- libseccomp-2.2.1.orig/src/arch-syscall-validate
-+++ libseccomp-2.2.1/src/arch-syscall-validate
-@@ -317,6 +317,35 @@ function dump_lib_mips64n32() {
- }
-
- #
-+# Dump the ppc64 system syscall table
-+#
-+# Arguments:
-+# 1 path to the kernel source
-+#
-+# Dump the architecture's syscall table to stdout.
-+#
-+function dump_sys_ppc64() {
-+ gcc -E -dM -I$1/arch/powerpc/include/uapi $1/arch/powerpc/include/uapi/asm/unistd.h | \
-+ grep "^#define __NR_" | sort | \
-+ grep -v "^#define __NR_O32_" | \
-+ grep -v "^#define __NR_N32_" | \
-+ grep -v "^#define __NR_64_" | \
-+ grep -v "^#define __NR_Linux" | \
-+ grep -v "^#define __NR_unused" | \
-+ grep -v "^#define __NR_reserved" | \
-+ sed -e 's/#define[ \t]\+__NR_\([^ \t]\+\)[ \t]\+(__NR_Linux[ \t]*+[ \t]*\([0-9]\+\)).*/\1\t\2/'
-+}
-+
-+#
-+# Dump the ppc64 library syscall table
-+#
-+# Dump the library's syscall table to stdout.
-+#
-+function dump_lib_ppc64() {
-+ $LIB_SYS_DUMP -a ppc64 | sed -e '/[^\t]\+\t-[0-9]\+/d'
-+}
-+
-+#
- # Dump the system syscall table
- #
- # Arguments:
-@@ -351,6 +380,9 @@ function dump_sys() {
- mips64n32)
- dump_sys_mips64n32 "$2"
- ;;
-+ ppc64)
-+ dump_sys_ppc64 "$2"
-+ ;;
- *)
- echo ""
- ;;
-@@ -391,6 +423,9 @@ function dump_lib() {
- mips64n32)
- dump_lib_mips64n32 "$2"
- ;;
-+ ppc64)
-+ dump_lib_ppc64 "$2"
-+ ;;
- *)
- echo ""
- ;;
-@@ -427,7 +462,7 @@ shift $(($OPTIND - 1))
-
- # defaults
- if [[ $arches == "" ]]; then
-- arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32"
-+ arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32 ppc64"
- fi
-
- # sanity checks
-Index: libseccomp-2.2.1/src/arch.c
-===================================================================
---- libseccomp-2.2.1.orig/src/arch.c
-+++ libseccomp-2.2.1/src/arch.c
-@@ -82,8 +82,10 @@ const struct arch_def *arch_def_native =
- const struct arch_def *arch_def_native = &arch_def_s390;
- #elif __s390x__
- const struct arch_def *arch_def_native = &arch_def_s390x;
--#elif __powerpc64__
-+#elif __powerpc64__ && __BIG_ENDIAN__
- const struct arch_def *arch_def_native = &arch_def_ppc64;
-+#elif __powerpc64__ && __LITTLE_ENDIAN__
-+const struct arch_def *arch_def_native = &arch_def_ppc64le;
- #elif __powerpc__
- const struct arch_def *arch_def_native = &arch_def_ppc;
- #else
-@@ -140,6 +142,8 @@ const struct arch_def *arch_def_lookup(u
- return &arch_def_s390x;
- case SCMP_ARCH_PPC64:
- return &arch_def_ppc64;
-+ case SCMP_ARCH_PPC64LE:
-+ return &arch_def_ppc64le;
- case SCMP_ARCH_PPC:
- return &arch_def_ppc;
- }
-@@ -178,6 +182,10 @@ const struct arch_def *arch_def_lookup_n
- return &arch_def_mips64n32;
- else if (strcmp(arch_name, "mipsel64n32") == 0)
- return &arch_def_mipsel64n32;
-+ else if (strcmp(arch_name, "ppc64") == 0)
-+ return &arch_def_ppc64;
-+ else if (strcmp(arch_name, "ppc64le") == 0)
-+ return &arch_def_ppc64le;
-
- return NULL;
- }
-@@ -301,6 +309,7 @@ int arch_syscall_resolve_name(const stru
- case SCMP_ARCH_S390X:
- return s390x_syscall_resolve_name(name);
- case SCMP_ARCH_PPC64:
-+ case SCMP_ARCH_PPC64LE:
- return ppc64_syscall_resolve_name(name);
- case SCMP_ARCH_PPC:
- return ppc_syscall_resolve_name(name);
-@@ -346,6 +355,7 @@ const char *arch_syscall_resolve_num(con
- case SCMP_ARCH_S390X:
- return s390x_syscall_resolve_num(num);
- case SCMP_ARCH_PPC64:
-+ case SCMP_ARCH_PPC64LE:
- return ppc64_syscall_resolve_num(num);
- case SCMP_ARCH_PPC:
- return ppc_syscall_resolve_num(num);
-Index: libseccomp-2.2.1/src/gen_pfc.c
-===================================================================
---- libseccomp-2.2.1.orig/src/gen_pfc.c
-+++ libseccomp-2.2.1/src/gen_pfc.c
-@@ -79,6 +79,8 @@ static const char *_pfc_arch(const struc
- return "ppc";
- case SCMP_ARCH_PPC64:
- return "ppc64";
-+ case SCMP_ARCH_PPC64LE:
-+ return "ppc64le";
- default:
- return "UNKNOWN";
- }
-Index: libseccomp-2.2.1/tests/16-sim-arch_basic.c
-===================================================================
---- libseccomp-2.2.1.orig/tests/16-sim-arch_basic.c
-+++ libseccomp-2.2.1/tests/16-sim-arch_basic.c
-@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
- rc = seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL64N32);
- if (rc != 0)
- goto out;
-+ rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
-+ if (rc != 0)
-+ goto out;
-
- rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
- SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
-Index: libseccomp-2.2.1/tests/16-sim-arch_basic.py
-===================================================================
---- libseccomp-2.2.1.orig/tests/16-sim-arch_basic.py
-+++ libseccomp-2.2.1/tests/16-sim-arch_basic.py
-@@ -39,6 +39,8 @@ def test(args):
- f.add_arch(Arch("mipsel"))
- f.add_arch(Arch("mipsel64"))
- f.add_arch(Arch("mipsel64n32"))
-+ f.add_arch(Arch("ppc64"))
-+ f.add_arch(Arch("ppc64le"))
- f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
-Index: libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.c
-===================================================================
---- libseccomp-2.2.1.orig/tests/23-sim-arch_all_le_basic.c
-+++ libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.c
-@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
- rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mipsel64n32"));
- if (rc != 0)
- goto out;
-+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64le"));
-+ if (rc != 0)
-+ goto out;
-
- rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
- SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
-Index: libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.py
-===================================================================
---- libseccomp-2.2.1.orig/tests/23-sim-arch_all_le_basic.py
-+++ libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.py
-@@ -39,6 +39,7 @@ def test(args):
- f.add_arch(Arch("mipsel"))
- f.add_arch(Arch("mipsel64"))
- f.add_arch(Arch("mipsel64n32"))
-+ f.add_arch(Arch("ppc64le"))
- f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
-Index: libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.c
-===================================================================
---- libseccomp-2.2.1.orig/tests/26-sim-arch_all_be_basic.c
-+++ libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.c
-@@ -52,6 +52,9 @@ int main(int argc, char *argv[])
- rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mips64n32"));
- if (rc != 0)
- goto out;
-+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64"));
-+ if (rc != 0)
-+ goto out;
-
- rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
- SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
-Index: libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.py
-===================================================================
---- libseccomp-2.2.1.orig/tests/26-sim-arch_all_be_basic.py
-+++ libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.py
-@@ -33,6 +33,7 @@ def test(args):
- f.add_arch(Arch("mips"))
- f.add_arch(Arch("mips64"))
- f.add_arch(Arch("mips64n32"))
-+ f.add_arch(Arch("ppc64"))
- f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
- f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
-Index: libseccomp-2.2.1/tests/regression
-===================================================================
---- libseccomp-2.2.1.orig/tests/regression
-+++ libseccomp-2.2.1/tests/regression
-@@ -21,8 +21,8 @@
- # along with this library; if not, see .
- #
-
--GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32"
--GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32"
-+GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32 ppc64le"
-+GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32 ppc64"
-
- GLBL_SYS_ARCH="../tools/scmp_arch_detect"
- GLBL_SYS_RESOLVER="../tools/scmp_sys_resolver"
-Index: libseccomp-2.2.1/tools/scmp_arch_detect.c
-===================================================================
---- libseccomp-2.2.1.orig/tools/scmp_arch_detect.c
-+++ libseccomp-2.2.1/tools/scmp_arch_detect.c
-@@ -111,6 +111,9 @@ int main(int argc, char *argv[])
- case SCMP_ARCH_PPC64:
- printf("ppc64\n");
- break;
-+ case SCMP_ARCH_PPC64LE:
-+ printf("ppc64le\n");
-+ break;
- default:
- printf("unknown\n");
- }
-Index: libseccomp-2.2.1/tools/scmp_bpf_disasm.c
-===================================================================
---- libseccomp-2.2.1.orig/tools/scmp_bpf_disasm.c
-+++ libseccomp-2.2.1/tools/scmp_bpf_disasm.c
-@@ -334,6 +334,10 @@ int main(int argc, char *argv[])
- arch = AUDIT_ARCH_MIPS64N32;
- else if (strcmp(optarg, "mipsel64n32") == 0)
- arch = AUDIT_ARCH_MIPSEL64N32;
-+ else if (strcmp(optarg, "ppc64") == 0)
-+ arch = AUDIT_ARCH_PPC64;
-+ else if (strcmp(optarg, "ppc64le") == 0)
-+ arch = AUDIT_ARCH_PPC64LE;
- else
- exit_usage(argv[0]);
- break;
-Index: libseccomp-2.2.1/tools/scmp_bpf_sim.c
-===================================================================
---- libseccomp-2.2.1.orig/tools/scmp_bpf_sim.c
-+++ libseccomp-2.2.1/tools/scmp_bpf_sim.c
-@@ -250,13 +250,15 @@ int main(int argc, char *argv[])
- else if (strcmp(optarg, "mipsel64n32") == 0)
- arch = AUDIT_ARCH_MIPSEL64N32;
- else if (strcmp(optarg, "s390") == 0)
-- sys_data.arch = AUDIT_ARCH_S390;
-+ arch = AUDIT_ARCH_S390;
- else if (strcmp(optarg, "s390x") == 0)
-- sys_data.arch = AUDIT_ARCH_S390X;
-+ arch = AUDIT_ARCH_S390X;
- else if (strcmp(optarg, "ppc") == 0)
-- sys_data.arch = AUDIT_ARCH_PPC;
-+ arch = AUDIT_ARCH_PPC;
- else if (strcmp(optarg, "ppc64") == 0)
-- sys_data.arch = AUDIT_ARCH_PPC64;
-+ arch = AUDIT_ARCH_PPC64;
-+ else if (strcmp(optarg, "ppc64le") == 0)
-+ arch = AUDIT_ARCH_PPC64LE;
- else
- exit_fault(EINVAL);
- break;
-Index: libseccomp-2.2.1/tools/util.c
-===================================================================
---- libseccomp-2.2.1.orig/tools/util.c
-+++ libseccomp-2.2.1/tools/util.c
-@@ -66,8 +66,10 @@
- #define ARCH_NATIVE AUDIT_ARCH_S390
- #elif __s390x__
- #define ARCH_NATIVE AUDIT_ARCH_S390X
--#elif __powerpc64__
-+#elif __powerpc64__ && __BIG_ENDIAN__
- #define ARCH_NATIVE AUDIT_ARCH_PPC64
-+#elif __powerpc64__ && __LITTLE_ENDIAN__
-+#define ARCH_NATIVE AUDIT_ARCH_PPC64LE
- #elif __powerpc__
- #define ARCH_NATIVE AUDIT_ARCH_PPC
- #else
-Index: libseccomp-2.2.1/tools/util.h
-===================================================================
---- libseccomp-2.2.1.orig/tools/util.h
-+++ libseccomp-2.2.1/tools/util.h
-@@ -63,6 +63,10 @@
- __AUDIT_ARCH_CONVENTION_MIPS64_N32)
- #endif
-
-+#ifndef AUDIT_ARCH_PPC64LE
-+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
-+#endif
-+
- extern uint32_t arch;
-
- void exit_usage(const char *program);
diff --git a/libseccomp-s390x-support.patch b/libseccomp-s390x-support.patch
deleted file mode 100644
index 8cc347c..0000000
--- a/libseccomp-s390x-support.patch
+++ /dev/null
@@ -1,2214 +0,0 @@
-From: meissner@suse.com
-Date: 2014-07-04 14:06:57 CET
-
----
- include/seccomp.h.in | 20 ++
- src/Makefile.am | 6
- src/arch-ppc-syscalls.c | 433 ++++++++++++++++++++++++++++++++++++++++++++++
- src/arch-ppc.c | 34 +++
- src/arch-ppc.h | 37 +++
- src/arch-ppc64-syscalls.c | 427 +++++++++++++++++++++++++++++++++++++++++++++
- src/arch-ppc64.c | 38 ++++
- src/arch-ppc64.h | 45 ++++
- src/arch-s390-syscalls.c | 400 ++++++++++++++++++++++++++++++++++++++++++
- src/arch-s390.c | 34 +++
- src/arch-s390.h | 37 +++
- src/arch-s390x-syscalls.c | 367 ++++++++++++++++++++++++++++++++++++++
- src/arch-s390x.c | 34 +++
- src/arch-s390x.h | 40 ++++
- src/arch.c | 36 +++
- src/gen_pfc.c | 8
- tools/scmp_arch_detect.c | 12 +
- tools/scmp_bpf_sim.c | 8
- tools/util.c | 8
- 19 files changed, 2023 insertions(+), 1 deletion(-)
-
-Index: libseccomp-2.2.0/include/seccomp.h.in
-===================================================================
---- libseccomp-2.2.0.orig/include/seccomp.h.in
-+++ libseccomp-2.2.0/include/seccomp.h.in
-@@ -151,6 +151,26 @@ struct scmp_arg_cmp {
- #define SCMP_ARCH_MIPSEL64N32 AUDIT_ARCH_MIPSEL64N32
-
- /**
-+ * The S390X architecture token
-+ */
-+#define SCMP_ARCH_S390X AUDIT_ARCH_S390X
-+
-+/**
-+ * The S390 architecture token
-+ */
-+#define SCMP_ARCH_S390 AUDIT_ARCH_S390
-+
-+/**
-+ * The PowerPC architecture token
-+ */
-+#define SCMP_ARCH_PPC AUDIT_ARCH_PPC
-+
-+/**
-+ * The PowerPC64 architecture token
-+ */
-+#define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
-+
-+/**
- * Convert a syscall name into the associated syscall number
- * @param x the syscall name
- */
-Index: libseccomp-2.2.0/src/Makefile.am
-===================================================================
---- libseccomp-2.2.0.orig/src/Makefile.am
-+++ libseccomp-2.2.0/src/Makefile.am
-@@ -30,7 +30,11 @@ SOURCES_ARCH = \
- arch-aarch64.h arch-aarch64.c arch-aarch64-syscalls.c \
- arch-mips.h arch-mips.c arch-mips-syscalls.c \
- arch-mips64.h arch-mips64.c arch-mips64-syscalls.c \
-- arch-mips64n32.h arch-mips64n32.c arch-mips64n32-syscalls.c
-+ arch-mips64n32.h arch-mips64n32.c arch-mips64n32-syscalls.c \
-+ arch-s390.c arch-s390.h arch-s390-syscalls.c \
-+ arch-s390x.c arch-s390x.h arch-s390x-syscalls.c \
-+ arch-ppc.c arch-ppc.h arch-ppc-syscalls.c \
-+ arch-ppc64.c arch-ppc64.h arch-ppc64-syscalls.c
-
- SOURCES_GEN = \
- api.c system.h system.c \
-Index: libseccomp-2.2.0/src/arch-ppc-syscalls.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc-syscalls.c
-@@ -0,0 +1,433 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Syscall Table
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+
-+#include
-+
-+#include "arch.h"
-+#include "arch-ppc.h"
-+
-+/* NOTE: based on Linux 3.13 */
-+
-+static const struct arch_syscall_def ppc_syscall_table[] = { \
-+ { "restart_syscall", 0 },
-+ { "exit", 1 },
-+ { "fork", 2 },
-+ { "read", 3 },
-+ { "write", 4 },
-+ { "open", 5 },
-+ { "close", 6 },
-+ { "waitpid", 7 },
-+ { "creat", 8 },
-+ { "link", 9 },
-+ { "unlink", 10 },
-+ { "execve", 11 },
-+ { "chdir", 12 },
-+ { "time", 13 },
-+ { "mknod", 14 },
-+ { "chmod", 15 },
-+ { "lchown", 16 },
-+ { "break", 17 },
-+ { "oldstat", 18 },
-+ { "lseek", 19 },
-+ { "getpid", 20 },
-+ { "mount", 21 },
-+ { "umount", 22 },
-+ { "setuid", 23 },
-+ { "getuid", 24 },
-+ { "stime", 25 },
-+ { "ptrace", 26 },
-+ { "alarm", 27 },
-+ { "oldfstat", 28 },
-+ { "pause", 29 },
-+ { "utime", 30 },
-+ { "stty", 31 },
-+ { "gtty", 32 },
-+ { "access", 33 },
-+ { "nice", 34 },
-+ { "ftime", 35 },
-+ { "sync", 36 },
-+ { "kill", 37 },
-+ { "rename", 38 },
-+ { "mkdir", 39 },
-+ { "rmdir", 40 },
-+ { "dup", 41 },
-+ { "pipe", 42 },
-+ { "times", 43 },
-+ { "prof", 44 },
-+ { "brk", 45 },
-+ { "setgid", 46 },
-+ { "getgid", 47 },
-+ { "signal", 48 },
-+ { "geteuid", 49 },
-+ { "getegid", 50 },
-+ { "acct", 51 },
-+ { "umount2", 52 },
-+ { "lock", 53 },
-+ { "ioctl", 54 },
-+ { "fcntl", 55 },
-+ { "mpx", 56 },
-+ { "setpgid", 57 },
-+ { "ulimit", 58 },
-+ { "oldolduname", 59 },
-+ { "umask", 60 },
-+ { "chroot", 61 },
-+ { "ustat", 62 },
-+ { "dup2", 63 },
-+ { "getppid", 64 },
-+ { "getpgrp", 65 },
-+ { "setsid", 66 },
-+ { "sigaction", 67 },
-+ { "sgetmask", 68 },
-+ { "ssetmask", 69 },
-+ { "setreuid", 70 },
-+ { "setregid", 71 },
-+ { "sigsuspend", 72 },
-+ { "sigpending", 73 },
-+ { "sethostname", 74 },
-+ { "setrlimit", 75 },
-+ { "getrlimit", 76 },
-+ { "getrusage", 77 },
-+ { "gettimeofday", 78 },
-+ { "settimeofday", 79 },
-+ { "getgroups", 80 },
-+ { "setgroups", 81 },
-+ { "select", 82 },
-+ { "symlink", 83 },
-+ { "oldlstat", 84 },
-+ { "readlink", 85 },
-+ { "uselib", 86 },
-+ { "swapon", 87 },
-+ { "reboot", 88 },
-+ { "readdir", 89 },
-+ { "mmap", 90 },
-+ { "munmap", 91 },
-+ { "truncate", 92 },
-+ { "ftruncate", 93 },
-+ { "fchmod", 94 },
-+ { "fchown", 95 },
-+ { "getpriority", 96 },
-+ { "setpriority", 97 },
-+ { "profil", 98 },
-+ { "statfs", 99 },
-+ { "fstatfs", 100 },
-+ { "ioperm", 101 },
-+ { "socketcall", 102 },
-+ { "syslog", 103 },
-+ { "setitimer", 104 },
-+ { "getitimer", 105 },
-+ { "stat", 106 },
-+ { "lstat", 107 },
-+ { "fstat", 108 },
-+ { "olduname", 109 },
-+ { "iopl", 110 },
-+ { "vhangup", 111 },
-+ { "idle", 112 },
-+ { "vm86", 113 },
-+ { "wait4", 114 },
-+ { "swapoff", 115 },
-+ { "sysinfo", 116 },
-+ { "ipc", 117 },
-+ { "fsync", 118 },
-+ { "sigreturn", 119 },
-+ { "clone", 120 },
-+ { "setdomainname", 121 },
-+ { "uname", 122 },
-+ { "modify_ldt", 123 },
-+ { "adjtimex", 124 },
-+ { "mprotect", 125 },
-+ { "sigprocmask", 126 },
-+ { "create_module", 127 },
-+ { "init_module", 128 },
-+ { "delete_module", 129 },
-+ { "get_kernel_syms", 130 },
-+ { "quotactl", 131 },
-+ { "getpgid", 132 },
-+ { "fchdir", 133 },
-+ { "bdflush", 134 },
-+ { "sysfs", 135 },
-+ { "personality", 136 },
-+ { "afs_syscall", 137 },
-+ { "setfsuid", 138 },
-+ { "setfsgid", 139 },
-+ { "_llseek", 140 },
-+ { "getdents", 141 },
-+ { "_newselect", 142 },
-+ { "flock", 143 },
-+ { "msync", 144 },
-+ { "readv", 145 },
-+ { "writev", 146 },
-+ { "getsid", 147 },
-+ { "fdatasync", 148 },
-+ { "_sysctl", 149 },
-+ { "mlock", 150 },
-+ { "munlock", 151 },
-+ { "mlockall", 152 },
-+ { "munlockall", 153 },
-+ { "sched_setparam", 154 },
-+ { "sched_getparam", 155 },
-+ { "sched_setscheduler", 156 },
-+ { "sched_getscheduler", 157 },
-+ { "sched_yield", 158 },
-+ { "sched_get_priority_max", 159 },
-+ { "sched_get_priority_min", 160 },
-+ { "sched_rr_get_interval", 161 },
-+ { "nanosleep", 162 },
-+ { "mremap", 163 },
-+ { "setresuid", 164 },
-+ { "getresuid", 165 },
-+ { "query_module", 166 },
-+ { "poll", 167 },
-+ { "nfsservctl", 168 },
-+ { "setresgid", 169 },
-+ { "getresgid", 170 },
-+ { "prctl", 171 },
-+ { "rt_sigreturn", 172 },
-+ { "rt_sigaction", 173 },
-+ { "rt_sigprocmask", 174 },
-+ { "rt_sigpending", 175 },
-+ { "rt_sigtimedwait", 176 },
-+ { "rt_sigqueueinfo", 177 },
-+ { "rt_sigsuspend", 178 },
-+ { "pread64", 179 },
-+ { "pwrite64", 180 },
-+ { "chown", 181 },
-+ { "getcwd", 182 },
-+ { "capget", 183 },
-+ { "capset", 184 },
-+ { "sigaltstack", 185 },
-+ { "sendfile", 186 },
-+ { "getpmsg", 187 },
-+ { "putpmsg", 188 },
-+ { "vfork", 189 },
-+ { "ugetrlimit", 190 },
-+ { "readahead", 191 },
-+ { "mmap2", 192 },
-+ { "truncate64", 193 },
-+ { "ftruncate64", 194 },
-+ { "stat64", 195 },
-+ { "lstat64", 196 },
-+ { "fstat64", 197 },
-+ { "pciconfig_read", 198 },
-+ { "pciconfig_write", 199 },
-+ { "pciconfig_iobase", 200 },
-+ { "multiplexer", 201 },
-+ { "getdents64", 202 },
-+ { "pivot_root", 203 },
-+ { "fcntl64", 204 },
-+ { "madvise", 205 },
-+ { "mincore", 206 },
-+ { "gettid", 207 },
-+ { "tkill", 208 },
-+ { "setxattr", 209 },
-+ { "lsetxattr", 210 },
-+ { "fsetxattr", 211 },
-+ { "getxattr", 212 },
-+ { "lgetxattr", 213 },
-+ { "fgetxattr", 214 },
-+ { "listxattr", 215 },
-+ { "llistxattr", 216 },
-+ { "flistxattr", 217 },
-+ { "removexattr", 218 },
-+ { "lremovexattr", 219 },
-+ { "fremovexattr", 220 },
-+ { "futex", 221 },
-+ { "sched_setaffinity", 222 },
-+ { "sched_getaffinity", 223 },
-+ { "tuxcall", 225 },
-+ { "sendfile64", 226 },
-+ { "io_setup", 227 },
-+ { "io_destroy", 228 },
-+ { "io_getevents", 229 },
-+ { "io_submit", 230 },
-+ { "io_cancel", 231 },
-+ { "set_tid_address", 232 },
-+ { "fadvise64", 233 },
-+ { "exit_group", 234 },
-+ { "lookup_dcookie", 235 },
-+ { "epoll_create", 236 },
-+ { "epoll_ctl", 237 },
-+ { "epoll_wait", 238 },
-+ { "remap_file_pages", 239 },
-+ { "timer_create", 240 },
-+ { "timer_settime", 241 },
-+ { "timer_gettime", 242 },
-+ { "timer_getoverrun", 243 },
-+ { "timer_delete", 244 },
-+ { "clock_settime", 245 },
-+ { "clock_gettime", 246 },
-+ { "clock_getres", 247 },
-+ { "clock_nanosleep", 248 },
-+ { "swapcontext", 249 },
-+ { "tgkill", 250 },
-+ { "utimes", 251 },
-+ { "statfs64", 252 },
-+ { "fstatfs64", 253 },
-+ { "fadvise64_64", 254 },
-+ { "rtas", 255 },
-+ { "sys_debug_setcontext", 256 },
-+ { "migrate_pages", 258 },
-+ { "mbind", 259 },
-+ { "get_mempolicy", 260 },
-+ { "set_mempolicy", 261 },
-+ { "mq_open", 262 },
-+ { "mq_unlink", 263 },
-+ { "mq_timedsend", 264 },
-+ { "mq_timedreceive", 265 },
-+ { "mq_notify", 266 },
-+ { "mq_getsetattr", 267 },
-+ { "kexec_load", 268 },
-+ { "add_key", 269 },
-+ { "request_key", 270 },
-+ { "keyctl", 271 },
-+ { "waitid", 272 },
-+ { "ioprio_set", 273 },
-+ { "ioprio_get", 274 },
-+ { "inotify_init", 275 },
-+ { "inotify_add_watch", 276 },
-+ { "inotify_rm_watch", 277 },
-+ { "spu_run", 278 },
-+ { "spu_create", 279 },
-+ { "pselect6", 280 },
-+ { "ppoll", 281 },
-+ { "unshare", 282 },
-+ { "splice", 283 },
-+ { "tee", 284 },
-+ { "vmsplice", 285 },
-+ { "openat", 286 },
-+ { "mkdirat", 287 },
-+ { "mknodat", 288 },
-+ { "fchownat", 289 },
-+ { "futimesat", 290 },
-+ { "fstatat64", 291 },
-+ { "unlinkat", 292 },
-+ { "renameat", 293 },
-+ { "linkat", 294 },
-+ { "symlinkat", 295 },
-+ { "readlinkat", 296 },
-+ { "fchmodat", 297 },
-+ { "faccessat", 298 },
-+ { "get_robust_list", 299 },
-+ { "set_robust_list", 300 },
-+ { "move_pages", 301 },
-+ { "getcpu", 302 },
-+ { "epoll_pwait", 303 },
-+ { "utimensat", 304 },
-+ { "signalfd", 305 },
-+ { "timerfd_create", 306 },
-+ { "eventfd", 307 },
-+ { "sync_file_range2", 308 },
-+ { "fallocate", 309 },
-+ { "subpage_prot", 310 },
-+ { "timerfd_settime", 311 },
-+ { "timerfd_gettime", 312 },
-+ { "signalfd4", 313 },
-+ { "eventfd2", 314 },
-+ { "epoll_create1", 315 },
-+ { "dup3", 316 },
-+ { "pipe2", 317 },
-+ { "inotify_init1", 318 },
-+ { "perf_event_open", 319 },
-+ { "preadv", 320 },
-+ { "pwritev", 321 },
-+ { "rt_tgsigqueueinfo", 322 },
-+ { "fanotify_init", 323 },
-+ { "fanotify_mark", 324 },
-+ { "prlimit64", 325 },
-+ { "socket", 326 },
-+ { "bind", 327 },
-+ { "connect", 328 },
-+ { "listen", 329 },
-+ { "accept", 330 },
-+ { "getsockname", 331 },
-+ { "getpeername", 332 },
-+ { "socketpair", 333 },
-+ { "send", 334 },
-+ { "sendto", 335 },
-+ { "recv", 336 },
-+ { "recvfrom", 337 },
-+ { "shutdown", 338 },
-+ { "setsockopt", 339 },
-+ { "getsockopt", 340 },
-+ { "sendmsg", 341 },
-+ { "recvmsg", 342 },
-+ { "recvmmsg", 343 },
-+ { "accept4", 344 },
-+ { "name_to_handle_at", 345 },
-+ { "open_by_handle_at", 346 },
-+ { "clock_adjtime", 347 },
-+ { "syncfs", 348 },
-+ { "sendmmsg", 349 },
-+ { "setns", 350 },
-+ { "process_vm_readv", 351 },
-+ { "process_vm_writev", 352 },
-+ { "finit_module", 353 },
-+ { "kcmp", 354 },
-+ {NULL, __NR_SCMP_ERROR},
-+};
-+
-+
-+/**
-+ * Resolve a syscall name to a number
-+ * @param name the syscall name
-+ *
-+ * Resolve the given syscall name to the syscall number using the syscall table.
-+ * Returns the syscall number on success, including negative pseudo syscall
-+ * numbers; returns __NR_SCMP_ERROR on failure.
-+ *
-+ */
-+int ppc_syscall_resolve_name(const char *name)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = ppc_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].name != NULL; iter++) {
-+ if (strcmp(name, table[iter].name) == 0)
-+ return table[iter].num;
-+ }
-+
-+ return __NR_SCMP_ERROR;
-+}
-+
-+/**
-+ * Resolve a syscall number to a name
-+ * @param num the syscall number
-+ *
-+ * Resolve the given syscall number to the syscall name using the syscall table.
-+ * Returns a pointer to the syscall name string on success, including pseudo
-+ * syscall names; returns NULL on failure.
-+ *
-+ */
-+const char *ppc_syscall_resolve_num(int num)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = ppc_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
-+ if (num == table[iter].num)
-+ return table[iter].name;
-+ }
-+
-+ return NULL;
-+}
-Index: libseccomp-2.2.0/src/arch-ppc.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc.c
-@@ -0,0 +1,34 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+#include
-+#include
-+
-+#include "arch.h"
-+#include "arch-ppc.h"
-+
-+const struct arch_def arch_def_ppc = {
-+ .token = SCMP_ARCH_PPC,
-+ .token_bpf = AUDIT_ARCH_PPC,
-+ .size = ARCH_SIZE_32,
-+ .endian = ARCH_ENDIAN_BIG,
-+};
-Index: libseccomp-2.2.0/src/arch-ppc.h
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc.h
-@@ -0,0 +1,37 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#ifndef _ARCH_PPC_H
-+#define _ARCH_PPC_H
-+
-+#include
-+
-+#include "arch.h"
-+#include "system.h"
-+
-+#define ppc_arg_count_max 6
-+
-+extern const struct arch_def arch_def_ppc;
-+
-+int ppc_syscall_resolve_name(const char *name);
-+const char *ppc_syscall_resolve_num(int num);
-+
-+#endif
-Index: libseccomp-2.2.0/src/arch-ppc64-syscalls.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc64-syscalls.c
-@@ -0,0 +1,427 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Syscall Table
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+
-+#include
-+
-+#include "arch.h"
-+#include "arch-ppc64.h"
-+
-+/* NOTE: based on Linux 3.13 */
-+
-+static const struct arch_syscall_def ppc64_syscall_table[] = { \
-+ { "restart_syscall", 0 },
-+ { "exit", 1 },
-+ { "fork", 2 },
-+ { "read", 3 },
-+ { "write", 4 },
-+ { "open", 5 },
-+ { "close", 6 },
-+ { "waitpid", 7 },
-+ { "creat", 8 },
-+ { "link", 9 },
-+ { "unlink", 10 },
-+ { "execve", 11 },
-+ { "chdir", 12 },
-+ { "time", 13 },
-+ { "mknod", 14 },
-+ { "chmod", 15 },
-+ { "lchown", 16 },
-+ { "break", 17 },
-+ { "oldstat", 18 },
-+ { "lseek", 19 },
-+ { "getpid", 20 },
-+ { "mount", 21 },
-+ { "umount", 22 },
-+ { "setuid", 23 },
-+ { "getuid", 24 },
-+ { "stime", 25 },
-+ { "ptrace", 26 },
-+ { "alarm", 27 },
-+ { "oldfstat", 28 },
-+ { "pause", 29 },
-+ { "utime", 30 },
-+ { "stty", 31 },
-+ { "gtty", 32 },
-+ { "access", 33 },
-+ { "nice", 34 },
-+ { "ftime", 35 },
-+ { "sync", 36 },
-+ { "kill", 37 },
-+ { "rename", 38 },
-+ { "mkdir", 39 },
-+ { "rmdir", 40 },
-+ { "dup", 41 },
-+ { "pipe", 42 },
-+ { "times", 43 },
-+ { "prof", 44 },
-+ { "brk", 45 },
-+ { "setgid", 46 },
-+ { "getgid", 47 },
-+ { "signal", 48 },
-+ { "geteuid", 49 },
-+ { "getegid", 50 },
-+ { "acct", 51 },
-+ { "umount2", 52 },
-+ { "lock", 53 },
-+ { "ioctl", 54 },
-+ { "fcntl", 55 },
-+ { "mpx", 56 },
-+ { "setpgid", 57 },
-+ { "ulimit", 58 },
-+ { "oldolduname", 59 },
-+ { "umask", 60 },
-+ { "chroot", 61 },
-+ { "ustat", 62 },
-+ { "dup2", 63 },
-+ { "getppid", 64 },
-+ { "getpgrp", 65 },
-+ { "setsid", 66 },
-+ { "sigaction", 67 },
-+ { "sgetmask", 68 },
-+ { "ssetmask", 69 },
-+ { "setreuid", 70 },
-+ { "setregid", 71 },
-+ { "sigsuspend", 72 },
-+ { "sigpending", 73 },
-+ { "sethostname", 74 },
-+ { "setrlimit", 75 },
-+ { "getrlimit", 76 },
-+ { "getrusage", 77 },
-+ { "gettimeofday", 78 },
-+ { "settimeofday", 79 },
-+ { "getgroups", 80 },
-+ { "setgroups", 81 },
-+ { "select", 82 },
-+ { "symlink", 83 },
-+ { "oldlstat", 84 },
-+ { "readlink", 85 },
-+ { "uselib", 86 },
-+ { "swapon", 87 },
-+ { "reboot", 88 },
-+ { "readdir", 89 },
-+ { "mmap", 90 },
-+ { "munmap", 91 },
-+ { "truncate", 92 },
-+ { "ftruncate", 93 },
-+ { "fchmod", 94 },
-+ { "fchown", 95 },
-+ { "getpriority", 96 },
-+ { "setpriority", 97 },
-+ { "profil", 98 },
-+ { "statfs", 99 },
-+ { "fstatfs", 100 },
-+ { "ioperm", 101 },
-+ { "socketcall", 102 },
-+ { "syslog", 103 },
-+ { "setitimer", 104 },
-+ { "getitimer", 105 },
-+ { "stat", 106 },
-+ { "lstat", 107 },
-+ { "fstat", 108 },
-+ { "olduname", 109 },
-+ { "iopl", 110 },
-+ { "vhangup", 111 },
-+ { "idle", 112 },
-+ { "vm86", 113 },
-+ { "wait4", 114 },
-+ { "swapoff", 115 },
-+ { "sysinfo", 116 },
-+ { "ipc", 117 },
-+ { "fsync", 118 },
-+ { "sigreturn", 119 },
-+ { "clone", 120 },
-+ { "setdomainname", 121 },
-+ { "uname", 122 },
-+ { "modify_ldt", 123 },
-+ { "adjtimex", 124 },
-+ { "mprotect", 125 },
-+ { "sigprocmask", 126 },
-+ { "create_module", 127 },
-+ { "init_module", 128 },
-+ { "delete_module", 129 },
-+ { "get_kernel_syms", 130 },
-+ { "quotactl", 131 },
-+ { "getpgid", 132 },
-+ { "fchdir", 133 },
-+ { "bdflush", 134 },
-+ { "sysfs", 135 },
-+ { "personality", 136 },
-+ { "afs_syscall", 137 },
-+ { "setfsuid", 138 },
-+ { "setfsgid", 139 },
-+ { "_llseek", 140 },
-+ { "getdents", 141 },
-+ { "_newselect", 142 },
-+ { "flock", 143 },
-+ { "msync", 144 },
-+ { "readv", 145 },
-+ { "writev", 146 },
-+ { "getsid", 147 },
-+ { "fdatasync", 148 },
-+ { "_sysctl", 149 },
-+ { "mlock", 150 },
-+ { "munlock", 151 },
-+ { "mlockall", 152 },
-+ { "munlockall", 153 },
-+ { "sched_setparam", 154 },
-+ { "sched_getparam", 155 },
-+ { "sched_setscheduler", 156 },
-+ { "sched_getscheduler", 157 },
-+ { "sched_yield", 158 },
-+ { "sched_get_priority_max", 159 },
-+ { "sched_get_priority_min", 160 },
-+ { "sched_rr_get_interval", 161 },
-+ { "nanosleep", 162 },
-+ { "mremap", 163 },
-+ { "setresuid", 164 },
-+ { "getresuid", 165 },
-+ { "query_module", 166 },
-+ { "poll", 167 },
-+ { "nfsservctl", 168 },
-+ { "setresgid", 169 },
-+ { "getresgid", 170 },
-+ { "prctl", 171 },
-+ { "rt_sigreturn", 172 },
-+ { "rt_sigaction", 173 },
-+ { "rt_sigprocmask", 174 },
-+ { "rt_sigpending", 175 },
-+ { "rt_sigtimedwait", 176 },
-+ { "rt_sigqueueinfo", 177 },
-+ { "rt_sigsuspend", 178 },
-+ { "pread64", 179 },
-+ { "pwrite64", 180 },
-+ { "chown", 181 },
-+ { "getcwd", 182 },
-+ { "capget", 183 },
-+ { "capset", 184 },
-+ { "sigaltstack", 185 },
-+ { "sendfile", 186 },
-+ { "getpmsg", 187 },
-+ { "putpmsg", 188 },
-+ { "vfork", 189 },
-+ { "ugetrlimit", 190 },
-+ { "readahead", 191 },
-+
-+ { "pciconfig_read", 198 },
-+ { "pciconfig_write", 199 },
-+ { "pciconfig_iobase", 200 },
-+ { "multiplexer", 201 },
-+ { "getdents64", 202 },
-+ { "pivot_root", 203 },
-+ { "madvise", 205 },
-+ { "mincore", 206 },
-+ { "gettid", 207 },
-+ { "tkill", 208 },
-+ { "setxattr", 209 },
-+ { "lsetxattr", 210 },
-+ { "fsetxattr", 211 },
-+ { "getxattr", 212 },
-+ { "lgetxattr", 213 },
-+ { "fgetxattr", 214 },
-+ { "listxattr", 215 },
-+ { "llistxattr", 216 },
-+ { "flistxattr", 217 },
-+ { "removexattr", 218 },
-+ { "lremovexattr", 219 },
-+ { "fremovexattr", 220 },
-+ { "futex", 221 },
-+ { "sched_setaffinity", 222 },
-+ { "sched_getaffinity", 223 },
-+ { "tuxcall", 225 },
-+ { "io_setup", 227 },
-+ { "io_destroy", 228 },
-+ { "io_getevents", 229 },
-+ { "io_submit", 230 },
-+ { "io_cancel", 231 },
-+ { "set_tid_address", 232 },
-+ { "fadvise64", 233 },
-+ { "exit_group", 234 },
-+ { "lookup_dcookie", 235 },
-+ { "epoll_create", 236 },
-+ { "epoll_ctl", 237 },
-+ { "epoll_wait", 238 },
-+ { "remap_file_pages", 239 },
-+ { "timer_create", 240 },
-+ { "timer_settime", 241 },
-+ { "timer_gettime", 242 },
-+ { "timer_getoverrun", 243 },
-+ { "timer_delete", 244 },
-+ { "clock_settime", 245 },
-+ { "clock_gettime", 246 },
-+ { "clock_getres", 247 },
-+ { "clock_nanosleep", 248 },
-+ { "swapcontext", 249 },
-+ { "tgkill", 250 },
-+ { "utimes", 251 },
-+ { "statfs64", 252 },
-+ { "fstatfs64", 253 },
-+ { "rtas", 255 },
-+ { "sys_debug_setcontext", 256 },
-+ { "migrate_pages", 258 },
-+ { "mbind", 259 },
-+ { "get_mempolicy", 260 },
-+ { "set_mempolicy", 261 },
-+ { "mq_open", 262 },
-+ { "mq_unlink", 263 },
-+ { "mq_timedsend", 264 },
-+ { "mq_timedreceive", 265 },
-+ { "mq_notify", 266 },
-+ { "mq_getsetattr", 267 },
-+ { "kexec_load", 268 },
-+ { "add_key", 269 },
-+ { "request_key", 270 },
-+ { "keyctl", 271 },
-+ { "waitid", 272 },
-+ { "ioprio_set", 273 },
-+ { "ioprio_get", 274 },
-+ { "inotify_init", 275 },
-+ { "inotify_add_watch", 276 },
-+ { "inotify_rm_watch", 277 },
-+ { "spu_run", 278 },
-+ { "spu_create", 279 },
-+ { "pselect6", 280 },
-+ { "ppoll", 281 },
-+ { "unshare", 282 },
-+ { "splice", 283 },
-+ { "tee", 284 },
-+ { "vmsplice", 285 },
-+ { "openat", 286 },
-+ { "mkdirat", 287 },
-+ { "mknodat", 288 },
-+ { "fchownat", 289 },
-+ { "futimesat", 290 },
-+ { "newfstatat", 291 },
-+ { "unlinkat", 292 },
-+ { "renameat", 293 },
-+ { "linkat", 294 },
-+ { "symlinkat", 295 },
-+ { "readlinkat", 296 },
-+ { "fchmodat", 297 },
-+ { "faccessat", 298 },
-+ { "get_robust_list", 299 },
-+ { "set_robust_list", 300 },
-+ { "move_pages", 301 },
-+ { "getcpu", 302 },
-+ { "epoll_pwait", 303 },
-+ { "utimensat", 304 },
-+ { "signalfd", 305 },
-+ { "timerfd_create", 306 },
-+ { "eventfd", 307 },
-+ { "sync_file_range2", 308 },
-+ { "fallocate", 309 },
-+ { "subpage_prot", 310 },
-+ { "timerfd_settime", 311 },
-+ { "timerfd_gettime", 312 },
-+ { "signalfd4", 313 },
-+ { "eventfd2", 314 },
-+ { "epoll_create1", 315 },
-+ { "dup3", 316 },
-+ { "pipe2", 317 },
-+ { "inotify_init1", 318 },
-+ { "perf_event_open", 319 },
-+ { "preadv", 320 },
-+ { "pwritev", 321 },
-+ { "rt_tgsigqueueinfo", 322 },
-+ { "fanotify_init", 323 },
-+ { "fanotify_mark", 324 },
-+ { "prlimit64", 325 },
-+ { "socket", 326 },
-+ { "bind", 327 },
-+ { "connect", 328 },
-+ { "listen", 329 },
-+ { "accept", 330 },
-+ { "getsockname", 331 },
-+ { "getpeername", 332 },
-+ { "socketpair", 333 },
-+ { "send", 334 },
-+ { "sendto", 335 },
-+ { "recv", 336 },
-+ { "recvfrom", 337 },
-+ { "shutdown", 338 },
-+ { "setsockopt", 339 },
-+ { "getsockopt", 340 },
-+ { "sendmsg", 341 },
-+ { "recvmsg", 342 },
-+ { "recvmmsg", 343 },
-+ { "accept4", 344 },
-+ { "name_to_handle_at", 345 },
-+ { "open_by_handle_at", 346 },
-+ { "clock_adjtime", 347 },
-+ { "syncfs", 348 },
-+ { "sendmmsg", 349 },
-+ { "setns", 350 },
-+ { "process_vm_readv", 351 },
-+ { "process_vm_writev", 352 },
-+ { "finit_module", 353 },
-+ { "kcmp", 354 },
-+ { "sched_setattr", 355 },
-+ { "sched_getattr", 356 },
-+ {NULL, __NR_SCMP_ERROR},
-+};
-+
-+
-+/**
-+ * Resolve a syscall name to a number
-+ * @param name the syscall name
-+ *
-+ * Resolve the given syscall name to the syscall number using the syscall table.
-+ * Returns the syscall number on success, including negative pseudo syscall
-+ * numbers; returns __NR_SCMP_ERROR on failure.
-+ *
-+ */
-+int ppc64_syscall_resolve_name(const char *name)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = ppc64_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].name != NULL; iter++) {
-+ if (strcmp(name, table[iter].name) == 0)
-+ return table[iter].num;
-+ }
-+
-+ return __NR_SCMP_ERROR;
-+}
-+
-+/**
-+ * Resolve a syscall number to a name
-+ * @param num the syscall number
-+ *
-+ * Resolve the given syscall number to the syscall name using the syscall table.
-+ * Returns a pointer to the syscall name string on success, including pseudo
-+ * syscall names; returns NULL on failure.
-+ *
-+ */
-+const char *ppc64_syscall_resolve_num(int num)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = ppc64_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
-+ if (num == table[iter].num)
-+ return table[iter].name;
-+ }
-+
-+ return NULL;
-+}
-Index: libseccomp-2.2.0/src/arch-ppc64.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc64.c
-@@ -0,0 +1,38 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+#include
-+#include
-+
-+#include "arch.h"
-+#include "arch-ppc64.h"
-+
-+const struct arch_def arch_def_ppc64 = {
-+ .token = SCMP_ARCH_PPC64,
-+ .token_bpf = AUDIT_ARCH_PPC64,
-+ .size = ARCH_SIZE_64,
-+#ifdef __LITTLE_ENDIAN__
-+ .endian = ARCH_ENDIAN_LITTLE,
-+#else
-+ .endian = ARCH_ENDIAN_BIG,
-+#endif
-+};
-Index: libseccomp-2.2.0/src/arch-ppc64.h
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-ppc64.h
-@@ -0,0 +1,45 @@
-+/**
-+ * Enhanced Seccomp PowerPC64 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#ifndef _ARCH_PPC64_H
-+#define _ARCH_PPC64_H
-+
-+#include
-+
-+#include "arch.h"
-+#include "system.h"
-+
-+#define ppc64_arg_count_max 6
-+
-+extern const struct arch_def arch_def_ppc64;
-+
-+#ifdef __LITTLE_ENDIAN__
-+#define ppc64_arg_offset_lo(x) (arch_arg_offset(x))
-+#define ppc64_arg_offset_hi(x) (arch_arg_offset(x) + 4)
-+#else
-+#define ppc64_arg_offset_lo(x) (arch_arg_offset(x) + 4)
-+#define ppc64_arg_offset_hi(x) (arch_arg_offset(x))
-+#endif
-+
-+int ppc64_syscall_resolve_name(const char *name);
-+const char *ppc64_syscall_resolve_num(int num);
-+
-+#endif
-Index: libseccomp-2.2.0/src/arch-s390-syscalls.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390-syscalls.c
-@@ -0,0 +1,400 @@
-+/**
-+ * Enhanced Seccomp s390 Syscall Table
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+
-+#include
-+
-+#include "arch.h"
-+#include "arch-s390.h"
-+
-+/* NOTE: based on Linux 3.13 */
-+
-+static const struct arch_syscall_def s390_syscall_table[] = { \
-+ { "exit", 1 },
-+ { "fork", 2 },
-+ { "read", 3 },
-+ { "write", 4 },
-+ { "open", 5 },
-+ { "close", 6 },
-+ { "restart_syscall", 7 },
-+ { "creat", 8 },
-+ { "link", 9 },
-+ { "unlink", 10 },
-+ { "execve", 11 },
-+ { "chdir", 12 },
-+ { "mknod", 14 },
-+ { "chmod", 15 },
-+ { "lseek", 19 },
-+ { "getpid", 20 },
-+ { "mount", 21 },
-+ { "umount", 22 },
-+ { "ptrace", 26 },
-+ { "alarm", 27 },
-+ { "pause", 29 },
-+ { "utime", 30 },
-+ { "access", 33 },
-+ { "nice", 34 },
-+ { "sync", 36 },
-+ { "kill", 37 },
-+ { "rename", 38 },
-+ { "mkdir", 39 },
-+ { "rmdir", 40 },
-+ { "dup", 41 },
-+ { "pipe", 42 },
-+ { "times", 43 },
-+ { "brk", 45 },
-+ { "signal", 48 },
-+ { "acct", 51 },
-+ { "umount2", 52 },
-+ { "ioctl", 54 },
-+ { "fcntl", 55 },
-+ { "setpgid", 57 },
-+ { "umask", 60 },
-+ { "chroot", 61 },
-+ { "ustat", 62 },
-+ { "dup2", 63 },
-+ { "getppid", 64 },
-+ { "getpgrp", 65 },
-+ { "setsid", 66 },
-+ { "sigaction", 67 },
-+ { "sigsuspend", 72 },
-+ { "sigpending", 73 },
-+ { "sethostname", 74 },
-+ { "setrlimit", 75 },
-+ { "getrusage", 77 },
-+ { "gettimeofday", 78 },
-+ { "settimeofday", 79 },
-+ { "symlink", 83 },
-+ { "readlink", 85 },
-+ { "uselib", 86 },
-+ { "swapon", 87 },
-+ { "reboot", 88 },
-+ { "readdir", 89 },
-+ { "mmap", 90 },
-+ { "munmap", 91 },
-+ { "truncate", 92 },
-+ { "ftruncate", 93 },
-+ { "fchmod", 94 },
-+ { "getpriority", 96 },
-+ { "setpriority", 97 },
-+ { "statfs", 99 },
-+ { "fstatfs", 100 },
-+ { "socketcall", 102 },
-+ { "syslog", 103 },
-+ { "setitimer", 104 },
-+ { "getitimer", 105 },
-+ { "stat", 106 },
-+ { "lstat", 107 },
-+ { "fstat", 108 },
-+ { "lookup_dcookie", 110 },
-+ { "vhangup", 111 },
-+ { "idle", 112 },
-+ { "wait4", 114 },
-+ { "swapoff", 115 },
-+ { "sysinfo", 116 },
-+ { "ipc", 117 },
-+ { "fsync", 118 },
-+ { "sigreturn", 119 },
-+ { "clone", 120 },
-+ { "setdomainname", 121 },
-+ { "uname", 122 },
-+ { "adjtimex", 124 },
-+ { "mprotect", 125 },
-+ { "sigprocmask", 126 },
-+ { "create_module", 127 },
-+ { "init_module", 128 },
-+ { "delete_module", 129 },
-+ { "get_kernel_syms", 130 },
-+ { "quotactl", 131 },
-+ { "getpgid", 132 },
-+ { "fchdir", 133 },
-+ { "bdflush", 134 },
-+ { "sysfs", 135 },
-+ { "personality", 136 },
-+ { "afs_syscall", 137 },
-+ { "getdents", 141 },
-+ { "flock", 143 },
-+ { "msync", 144 },
-+ { "readv", 145 },
-+ { "writev", 146 },
-+ { "getsid", 147 },
-+ { "fdatasync", 148 },
-+ { "_sysctl", 149 },
-+ { "mlock", 150 },
-+ { "munlock", 151 },
-+ { "mlockall", 152 },
-+ { "munlockall", 153 },
-+ { "sched_setparam", 154 },
-+ { "sched_getparam", 155 },
-+ { "sched_setscheduler", 156 },
-+ { "sched_getscheduler", 157 },
-+ { "sched_yield", 158 },
-+ { "sched_get_priority_max", 159 },
-+ { "sched_get_priority_min", 160 },
-+ { "sched_rr_get_interval", 161 },
-+ { "nanosleep", 162 },
-+ { "mremap", 163 },
-+ { "query_module", 167 },
-+ { "poll", 168 },
-+ { "nfsservctl", 169 },
-+ { "prctl", 172 },
-+ { "rt_sigreturn", 173 },
-+ { "rt_sigaction", 174 },
-+ { "rt_sigprocmask", 175 },
-+ { "rt_sigpending", 176 },
-+ { "rt_sigtimedwait", 177 },
-+ { "rt_sigqueueinfo", 178 },
-+ { "rt_sigsuspend", 179 },
-+ { "pread64", 180 },
-+ { "pwrite64", 181 },
-+ { "getcwd", 183 },
-+ { "capget", 184 },
-+ { "capset", 185 },
-+ { "sigaltstack", 186 },
-+ { "sendfile", 187 },
-+ { "getpmsg", 188 },
-+ { "putpmsg", 189 },
-+ { "vfork", 190 },
-+ { "pivot_root", 217 },
-+ { "mincore", 218 },
-+ { "madvise", 219 },
-+ { "getdents64", 220 },
-+ { "readahead", 222 },
-+ { "setxattr", 224 },
-+ { "lsetxattr", 225 },
-+ { "fsetxattr", 226 },
-+ { "getxattr", 227 },
-+ { "lgetxattr", 228 },
-+ { "fgetxattr", 229 },
-+ { "listxattr", 230 },
-+ { "llistxattr", 231 },
-+ { "flistxattr", 232 },
-+ { "removexattr", 233 },
-+ { "lremovexattr", 234 },
-+ { "fremovexattr", 235 },
-+ { "gettid", 236 },
-+ { "tkill", 237 },
-+ { "futex", 238 },
-+ { "sched_setaffinity", 239 },
-+ { "sched_getaffinity", 240 },
-+ { "tgkill", 241 },
-+ { "io_setup", 243 },
-+ { "io_destroy", 244 },
-+ { "io_getevents", 245 },
-+ { "io_submit", 246 },
-+ { "io_cancel", 247 },
-+ { "exit_group", 248 },
-+ { "epoll_create", 249 },
-+ { "epoll_ctl", 250 },
-+ { "epoll_wait", 251 },
-+ { "set_tid_address", 252 },
-+ { "fadvise64", 253 },
-+ { "timer_create", 254 },
-+ { "timer_settime", 255 },
-+ { "timer_gettime", 256 },
-+ { "timer_getoverrun", 257 },
-+ { "timer_delete", 258 },
-+ { "clock_settime", 259 },
-+ { "clock_gettime", 260 },
-+ { "clock_getres", 261 },
-+ { "clock_nanosleep", 262 },
-+ { "statfs64", 265 },
-+ { "fstatfs64", 266 },
-+ { "remap_file_pages", 267 },
-+ { "mq_open", 271 },
-+ { "mq_unlink", 272 },
-+ { "mq_timedsend", 273 },
-+ { "mq_timedreceive", 274 },
-+ { "mq_notify", 275 },
-+ { "mq_getsetattr", 276 },
-+ { "kexec_load", 277 },
-+ { "add_key", 278 },
-+ { "request_key", 279 },
-+ { "keyctl", 280 },
-+ { "waitid", 281 },
-+ { "ioprio_set", 282 },
-+ { "ioprio_get", 283 },
-+ { "inotify_init", 284 },
-+ { "inotify_add_watch", 285 },
-+ { "inotify_rm_watch", 286 },
-+ { "openat", 288 },
-+ { "mkdirat", 289 },
-+ { "mknodat", 290 },
-+ { "fchownat", 291 },
-+ { "futimesat", 292 },
-+ { "unlinkat", 294 },
-+ { "renameat", 295 },
-+ { "linkat", 296 },
-+ { "symlinkat", 297 },
-+ { "readlinkat", 298 },
-+ { "fchmodat", 299 },
-+ { "faccessat", 300 },
-+ { "pselect6", 301 },
-+ { "ppoll", 302 },
-+ { "unshare", 303 },
-+ { "set_robust_list", 304 },
-+ { "get_robust_list", 305 },
-+ { "splice", 306 },
-+ { "sync_file_range", 307 },
-+ { "tee", 308 },
-+ { "vmsplice", 309 },
-+ { "getcpu", 311 },
-+ { "epoll_pwait", 312 },
-+ { "utimes", 313 },
-+ { "fallocate", 314 },
-+ { "utimensat", 315 },
-+ { "signalfd", 316 },
-+ { "timerfd", 317 },
-+ { "eventfd", 318 },
-+ { "timerfd_create", 319 },
-+ { "timerfd_settime", 320 },
-+ { "timerfd_gettime", 321 },
-+ { "signalfd4", 322 },
-+ { "eventfd2", 323 },
-+ { "inotify_init1", 324 },
-+ { "pipe2", 325 },
-+ { "dup3", 326 },
-+ { "epoll_create1", 327 },
-+ { "preadv", 328 },
-+ { "pwritev", 328 },
-+ { "rt_tgsigqueueinfo", 330 },
-+ { "perf_event_open", 331 },
-+ { "fanotify_init", 332 },
-+ { "fanotify_mark", 333 },
-+ { "prlimit64", 334 },
-+ { "name_to_handle_at", 335 },
-+ { "open_by_handle_at", 336 },
-+ { "clock_adjtime", 337 },
-+ { "syncfs", 338 },
-+ { "setns", 339 },
-+ { "process_vm_readv", 340 },
-+ { "process_vm_writev", 341 },
-+ { "s390_runtime_instr", 342 },
-+ { "kcmp", 343 },
-+ { "finit_module", 344 },
-+ { "sched_setattr", 345 },
-+ { "sched_getattr", 346 },
-+ { "time", 13 },
-+ { "lchown", 16 },
-+ { "setuid", 23 },
-+ { "getuid", 24 },
-+ { "stime", 25 },
-+ { "setgid", 46 },
-+ { "getgid", 47 },
-+ { "geteuid", 49 },
-+ { "getegid", 50 },
-+ { "setreuid", 70 },
-+ { "setregid", 71 },
-+ { "getrlimit", 76 },
-+ { "getgroups", 80 },
-+ { "setgroups", 81 },
-+ { "fchown", 95 },
-+ { "ioperm", 101 },
-+ { "setfsuid", 138 },
-+ { "setfsgid", 139 },
-+ { "_llseek", 140 },
-+ { "_newselect", 142 },
-+ { "setresuid", 164 },
-+ { "getresuid", 165 },
-+ { "setresgid", 170 },
-+ { "getresgid", 171 },
-+ { "chown", 182 },
-+ { "ugetrlimit", 191 },
-+ { "mmap2", 192 },
-+ { "truncate64", 193 },
-+ { "ftruncate64", 194 },
-+ { "stat64", 195 },
-+ { "lstat64", 196 },
-+ { "fstat64", 197 },
-+ { "lchown32", 198 },
-+ { "getuid32", 199 },
-+ { "getgid32", 200 },
-+ { "geteuid32", 201 },
-+ { "getegid32", 202 },
-+ { "setreuid32", 203 },
-+ { "setregid32", 204 },
-+ { "getgroups32", 205 },
-+ { "setgroups32", 206 },
-+ { "fchown32", 207 },
-+ { "setresuid32", 208 },
-+ { "getresuid32", 209 },
-+ { "setresgid32", 210 },
-+ { "getresgid32", 211 },
-+ { "chown32", 212 },
-+ { "setuid32", 213 },
-+ { "setgid32", 214 },
-+ { "setfsuid32", 215 },
-+ { "setfsgid32", 216 },
-+ { "fcntl64", 221 },
-+ { "sendfile64", 223 },
-+ { "fadvise64_64", 264 },
-+ { "fstatat64", 293 },
-+
-+ {NULL, __NR_SCMP_ERROR},
-+};
-+
-+
-+/**
-+ * Resolve a syscall name to a number
-+ * @param name the syscall name
-+ *
-+ * Resolve the given syscall name to the syscall number using the syscall table.
-+ * Returns the syscall number on success, including negative pseudo syscall
-+ * numbers; returns __NR_SCMP_ERROR on failure.
-+ *
-+ */
-+int s390_syscall_resolve_name(const char *name)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = s390_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].name != NULL; iter++) {
-+ if (strcmp(name, table[iter].name) == 0)
-+ return table[iter].num;
-+ }
-+
-+ return __NR_SCMP_ERROR;
-+}
-+
-+/**
-+ * Resolve a syscall number to a name
-+ * @param num the syscall number
-+ *
-+ * Resolve the given syscall number to the syscall name using the syscall table.
-+ * Returns a pointer to the syscall name string on success, including pseudo
-+ * syscall names; returns NULL on failure.
-+ *
-+ */
-+const char *s390_syscall_resolve_num(int num)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = s390_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
-+ if (num == table[iter].num)
-+ return table[iter].name;
-+ }
-+
-+ return NULL;
-+}
-Index: libseccomp-2.2.0/src/arch-s390.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390.c
-@@ -0,0 +1,34 @@
-+/**
-+ * Enhanced Seccomp S390 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+#include
-+#include
-+
-+#include "arch.h"
-+#include "arch-s390.h"
-+
-+const struct arch_def arch_def_s390 = {
-+ .token = SCMP_ARCH_S390,
-+ .token_bpf = AUDIT_ARCH_S390,
-+ .size = ARCH_SIZE_32,
-+ .endian = ARCH_ENDIAN_BIG,
-+};
-Index: libseccomp-2.2.0/src/arch-s390.h
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390.h
-@@ -0,0 +1,37 @@
-+/**
-+ * Enhanced Seccomp S390 Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#ifndef _ARCH_S390_H
-+#define _ARCH_S390_H
-+
-+#include
-+
-+#include "arch.h"
-+#include "system.h"
-+
-+#define s390_arg_count_max 6
-+
-+extern const struct arch_def arch_def_s390;
-+
-+int s390_syscall_resolve_name(const char *name);
-+const char *s390_syscall_resolve_num(int num);
-+
-+#endif
-Index: libseccomp-2.2.0/src/arch-s390x-syscalls.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390x-syscalls.c
-@@ -0,0 +1,367 @@
-+/**
-+ * Enhanced Seccomp s390x Syscall Table
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+
-+#include
-+
-+#include "arch.h"
-+#include "arch-s390x.h"
-+
-+/* NOTE: based on Linux 3.13 */
-+
-+static const struct arch_syscall_def s390x_syscall_table[] = { \
-+ { "exit", 1 },
-+ { "fork", 2 },
-+ { "read", 3 },
-+ { "write", 4 },
-+ { "open", 5 },
-+ { "close", 6 },
-+ { "restart_syscall", 7 },
-+ { "creat", 8 },
-+ { "link", 9 },
-+ { "unlink", 10 },
-+ { "execve", 11 },
-+ { "chdir", 12 },
-+ { "mknod", 14 },
-+ { "chmod", 15 },
-+ { "lseek", 19 },
-+ { "getpid", 20 },
-+ { "mount", 21 },
-+ { "umount", 22 },
-+ { "ptrace", 26 },
-+ { "alarm", 27 },
-+ { "pause", 29 },
-+ { "utime", 30 },
-+ { "access", 33 },
-+ { "nice", 34 },
-+ { "sync", 36 },
-+ { "kill", 37 },
-+ { "rename", 38 },
-+ { "mkdir", 39 },
-+ { "rmdir", 40 },
-+ { "dup", 41 },
-+ { "pipe", 42 },
-+ { "times", 43 },
-+ { "brk", 45 },
-+ { "signal", 48 },
-+ { "acct", 51 },
-+ { "umount2", 52 },
-+ { "ioctl", 54 },
-+ { "fcntl", 55 },
-+ { "setpgid", 57 },
-+ { "umask", 60 },
-+ { "chroot", 61 },
-+ { "ustat", 62 },
-+ { "dup2", 63 },
-+ { "getppid", 64 },
-+ { "getpgrp", 65 },
-+ { "setsid", 66 },
-+ { "sigaction", 67 },
-+ { "sigsuspend", 72 },
-+ { "sigpending", 73 },
-+ { "sethostname", 74 },
-+ { "setrlimit", 75 },
-+ { "getrusage", 77 },
-+ { "gettimeofday", 78 },
-+ { "settimeofday", 79 },
-+ { "symlink", 83 },
-+ { "readlink", 85 },
-+ { "uselib", 86 },
-+ { "swapon", 87 },
-+ { "reboot", 88 },
-+ { "readdir", 89 },
-+ { "mmap", 90 },
-+ { "munmap", 91 },
-+ { "truncate", 92 },
-+ { "ftruncate", 93 },
-+ { "fchmod", 94 },
-+ { "getpriority", 96 },
-+ { "setpriority", 97 },
-+ { "statfs", 99 },
-+ { "fstatfs", 100 },
-+ { "socketcall", 102 },
-+ { "syslog", 103 },
-+ { "setitimer", 104 },
-+ { "getitimer", 105 },
-+ { "stat", 106 },
-+ { "lstat", 107 },
-+ { "fstat", 108 },
-+ { "lookup_dcookie", 110 },
-+ { "vhangup", 111 },
-+ { "idle", 112 },
-+ { "wait4", 114 },
-+ { "swapoff", 115 },
-+ { "sysinfo", 116 },
-+ { "ipc", 117 },
-+ { "fsync", 118 },
-+ { "sigreturn", 119 },
-+ { "clone", 120 },
-+ { "setdomainname", 121 },
-+ { "uname", 122 },
-+ { "adjtimex", 124 },
-+ { "mprotect", 125 },
-+ { "sigprocmask", 126 },
-+ { "create_module", 127 },
-+ { "init_module", 128 },
-+ { "delete_module", 129 },
-+ { "get_kernel_syms", 130 },
-+ { "quotactl", 131 },
-+ { "getpgid", 132 },
-+ { "fchdir", 133 },
-+ { "bdflush", 134 },
-+ { "sysfs", 135 },
-+ { "personality", 136 },
-+ { "afs_syscall", 137 },
-+ { "getdents", 141 },
-+ { "flock", 143 },
-+ { "msync", 144 },
-+ { "readv", 145 },
-+ { "writev", 146 },
-+ { "getsid", 147 },
-+ { "fdatasync", 148 },
-+ { "_sysctl", 149 },
-+ { "mlock", 150 },
-+ { "munlock", 151 },
-+ { "mlockall", 152 },
-+ { "munlockall", 153 },
-+ { "sched_setparam", 154 },
-+ { "sched_getparam", 155 },
-+ { "sched_setscheduler", 156 },
-+ { "sched_getscheduler", 157 },
-+ { "sched_yield", 158 },
-+ { "sched_get_priority_max", 159 },
-+ { "sched_get_priority_min", 160 },
-+ { "sched_rr_get_interval", 161 },
-+ { "nanosleep", 162 },
-+ { "mremap", 163 },
-+ { "query_module", 167 },
-+ { "poll", 168 },
-+ { "nfsservctl", 169 },
-+ { "prctl", 172 },
-+ { "rt_sigreturn", 173 },
-+ { "rt_sigaction", 174 },
-+ { "rt_sigprocmask", 175 },
-+ { "rt_sigpending", 176 },
-+ { "rt_sigtimedwait", 177 },
-+ { "rt_sigqueueinfo", 178 },
-+ { "rt_sigsuspend", 179 },
-+ { "pread64", 180 },
-+ { "pwrite64", 181 },
-+ { "getcwd", 183 },
-+ { "capget", 184 },
-+ { "capset", 185 },
-+ { "sigaltstack", 186 },
-+ { "sendfile", 187 },
-+ { "getpmsg", 188 },
-+ { "putpmsg", 189 },
-+ { "vfork", 190 },
-+ { "pivot_root", 217 },
-+ { "mincore", 218 },
-+ { "madvise", 219 },
-+ { "getdents64", 220 },
-+ { "readahead", 222 },
-+ { "setxattr", 224 },
-+ { "lsetxattr", 225 },
-+ { "fsetxattr", 226 },
-+ { "getxattr", 227 },
-+ { "lgetxattr", 228 },
-+ { "fgetxattr", 229 },
-+ { "listxattr", 230 },
-+ { "llistxattr", 231 },
-+ { "flistxattr", 232 },
-+ { "removexattr", 233 },
-+ { "lremovexattr", 234 },
-+ { "fremovexattr", 235 },
-+ { "gettid", 236 },
-+ { "tkill", 237 },
-+ { "futex", 238 },
-+ { "sched_setaffinity", 239 },
-+ { "sched_getaffinity", 240 },
-+ { "tgkill", 241 },
-+ { "io_setup", 243 },
-+ { "io_destroy", 244 },
-+ { "io_getevents", 245 },
-+ { "io_submit", 246 },
-+ { "io_cancel", 247 },
-+ { "exit_group", 248 },
-+ { "epoll_create", 249 },
-+ { "epoll_ctl", 250 },
-+ { "epoll_wait", 251 },
-+ { "set_tid_address", 252 },
-+ { "fadvise64", 253 },
-+ { "timer_create", 254 },
-+ { "timer_settime", 255 },
-+ { "timer_gettime", 256 },
-+ { "timer_getoverrun", 257 },
-+ { "timer_delete", 258 },
-+ { "clock_settime", 259 },
-+ { "clock_gettime", 260 },
-+ { "clock_getres", 261 },
-+ { "clock_nanosleep", 262 },
-+ { "statfs64", 265 },
-+ { "fstatfs64", 266 },
-+ { "remap_file_pages", 267 },
-+ { "mq_open", 271 },
-+ { "mq_unlink", 272 },
-+ { "mq_timedsend", 273 },
-+ { "mq_timedreceive", 274 },
-+ { "mq_notify", 275 },
-+ { "mq_getsetattr", 276 },
-+ { "kexec_load", 277 },
-+ { "add_key", 278 },
-+ { "request_key", 279 },
-+ { "keyctl", 280 },
-+ { "waitid", 281 },
-+ { "ioprio_set", 282 },
-+ { "ioprio_get", 283 },
-+ { "inotify_init", 284 },
-+ { "inotify_add_watch", 285 },
-+ { "inotify_rm_watch", 286 },
-+ { "openat", 288 },
-+ { "mkdirat", 289 },
-+ { "mknodat", 290 },
-+ { "fchownat", 291 },
-+ { "futimesat", 292 },
-+ { "unlinkat", 294 },
-+ { "renameat", 295 },
-+ { "linkat", 296 },
-+ { "symlinkat", 297 },
-+ { "readlinkat", 298 },
-+ { "fchmodat", 299 },
-+ { "faccessat", 300 },
-+ { "pselect6", 301 },
-+ { "ppoll", 302 },
-+ { "unshare", 303 },
-+ { "set_robust_list", 304 },
-+ { "get_robust_list", 305 },
-+ { "splice", 306 },
-+ { "sync_file_range", 307 },
-+ { "tee", 308 },
-+ { "vmsplice", 309 },
-+ { "getcpu", 311 },
-+ { "epoll_pwait", 312 },
-+ { "utimes", 313 },
-+ { "fallocate", 314 },
-+ { "utimensat", 315 },
-+ { "signalfd", 316 },
-+ { "timerfd", 317 },
-+ { "eventfd", 318 },
-+ { "timerfd_create", 319 },
-+ { "timerfd_settime", 320 },
-+ { "timerfd_gettime", 321 },
-+ { "signalfd4", 322 },
-+ { "eventfd2", 323 },
-+ { "inotify_init1", 324 },
-+ { "pipe2", 325 },
-+ { "dup3", 326 },
-+ { "epoll_create1", 327 },
-+ { "preadv", 328 },
-+ { "pwritev", 329 },
-+ { "rt_tgsigqueueinfo", 330 },
-+ { "perf_event_open", 331 },
-+ { "fanotify_init", 332 },
-+ { "fanotify_mark", 333 },
-+ { "prlimit64", 334 },
-+ { "name_to_handle_at", 335 },
-+ { "open_by_handle_at", 336 },
-+ { "clock_adjtime", 337 },
-+ { "syncfs", 338 },
-+ { "setns", 339 },
-+ { "process_vm_readv", 340 },
-+ { "process_vm_writev", 341 },
-+ { "s390_runtime_instr", 342 },
-+ { "kcmp", 343 },
-+ { "finit_module", 344 },
-+ { "sched_setattr", 345 },
-+ { "sched_getattr", 346 },
-+ { "select", 142 },
-+ { "getrlimit", 191 },
-+ { "lchown", 198 },
-+ { "getuid", 199 },
-+ { "getgid", 200 },
-+ { "geteuid", 201 },
-+ { "getegid", 202 },
-+ { "setreuid", 203 },
-+ { "setregid", 204 },
-+ { "getgroups", 205 },
-+ { "setgroups", 206 },
-+ { "fchown", 207 },
-+ { "setresuid", 208 },
-+ { "getresuid", 209 },
-+ { "setresgid", 210 },
-+ { "getresgid", 211 },
-+ { "chown", 212 },
-+ { "setuid", 213 },
-+ { "setgid", 214 },
-+ { "setfsuid", 215 },
-+ { "setfsgid", 216 },
-+ { "newfstatat", 293 },
-+
-+ {NULL, __NR_SCMP_ERROR},
-+};
-+
-+
-+/**
-+ * Resolve a syscall name to a number
-+ * @param name the syscall name
-+ *
-+ * Resolve the given syscall name to the syscall number using the syscall table.
-+ * Returns the syscall number on success, including negative pseudo syscall
-+ * numbers; returns __NR_SCMP_ERROR on failure.
-+ *
-+ */
-+int s390x_syscall_resolve_name(const char *name)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = s390x_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].name != NULL; iter++) {
-+ if (strcmp(name, table[iter].name) == 0)
-+ return table[iter].num;
-+ }
-+
-+ return __NR_SCMP_ERROR;
-+}
-+
-+/**
-+ * Resolve a syscall number to a name
-+ * @param num the syscall number
-+ *
-+ * Resolve the given syscall number to the syscall name using the syscall table.
-+ * Returns a pointer to the syscall name string on success, including pseudo
-+ * syscall names; returns NULL on failure.
-+ *
-+ */
-+const char *s390x_syscall_resolve_num(int num)
-+{
-+ unsigned int iter;
-+ const struct arch_syscall_def *table = s390x_syscall_table;
-+
-+ /* XXX - plenty of room for future improvement here */
-+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
-+ if (num == table[iter].num)
-+ return table[iter].name;
-+ }
-+
-+ return NULL;
-+}
-Index: libseccomp-2.2.0/src/arch-s390x.c
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390x.c
-@@ -0,0 +1,34 @@
-+/**
-+ * Enhanced Seccomp S390X Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#include
-+#include
-+#include
-+
-+#include "arch.h"
-+#include "arch-s390x.h"
-+
-+const struct arch_def arch_def_s390x = {
-+ .token = SCMP_ARCH_S390X,
-+ .token_bpf = AUDIT_ARCH_S390X,
-+ .size = ARCH_SIZE_64,
-+ .endian = ARCH_ENDIAN_BIG,
-+};
-Index: libseccomp-2.2.0/src/arch-s390x.h
-===================================================================
---- /dev/null
-+++ libseccomp-2.2.0/src/arch-s390x.h
-@@ -0,0 +1,40 @@
-+/**
-+ * Enhanced Seccomp S390X Specific Code
-+ *
-+ * Copyright (c) 2014 SUSE
-+ * Author: Marcus Meissner
-+ */
-+
-+/*
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of version 2.1 of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation.
-+ *
-+ * This library is distributed in the hope that it will be useful, but WITHOUT
-+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
-+ * for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this library; if not, see .
-+ */
-+
-+#ifndef _ARCH_S390X_H
-+#define _ARCH_S390X_H
-+
-+#include
-+
-+#include "arch.h"
-+#include "system.h"
-+
-+#define s390x_arg_count_max 6
-+
-+extern const struct arch_def arch_def_s390x;
-+
-+#define s390x_arg_offset_lo(x) (arch_arg_offset(x) + 4)
-+#define s390x_arg_offset_hi(x) (arch_arg_offset(x))
-+
-+int s390x_syscall_resolve_name(const char *name);
-+const char *s390x_syscall_resolve_num(int num);
-+
-+#endif
-Index: libseccomp-2.2.0/src/arch.c
-===================================================================
---- libseccomp-2.2.0.orig/src/arch.c
-+++ libseccomp-2.2.0/src/arch.c
-@@ -38,6 +38,10 @@
- #include "arch-mips.h"
- #include "arch-mips64.h"
- #include "arch-mips64n32.h"
-+#include "arch-s390x.h"
-+#include "arch-s390.h"
-+#include "arch-ppc.h"
-+#include "arch-ppc64.h"
- #include "system.h"
-
- #define default_arg_count_max 6
-@@ -74,6 +78,14 @@ const struct arch_def *arch_def_native =
- #elif __MIPSEL__
- const struct arch_def *arch_def_native = &arch_def_mipsel64n32;
- #endif /* _MIPS_SIM_NABI32 */
-+#elif __s390__
-+const struct arch_def *arch_def_native = &arch_def_s390;
-+#elif __s390x__
-+const struct arch_def *arch_def_native = &arch_def_s390x;
-+#elif __powerpc64__
-+const struct arch_def *arch_def_native = &arch_def_ppc64;
-+#elif __powerpc__
-+const struct arch_def *arch_def_native = &arch_def_ppc;
- #else
- #error the arch code needs to know about your machine type
- #endif /* machine type guess */
-@@ -122,6 +134,14 @@ const struct arch_def *arch_def_lookup(u
- return &arch_def_mips64n32;
- case SCMP_ARCH_MIPSEL64N32:
- return &arch_def_mipsel64n32;
-+ case SCMP_ARCH_S390:
-+ return &arch_def_s390;
-+ case SCMP_ARCH_S390X:
-+ return &arch_def_s390x;
-+ case SCMP_ARCH_PPC64:
-+ return &arch_def_ppc64;
-+ case SCMP_ARCH_PPC:
-+ return &arch_def_ppc;
- }
-
- return NULL;
-@@ -276,6 +296,14 @@ int arch_syscall_resolve_name(const stru
- case SCMP_ARCH_MIPS64N32:
- case SCMP_ARCH_MIPSEL64N32:
- return mips64n32_syscall_resolve_name(name);
-+ case SCMP_ARCH_S390:
-+ return s390_syscall_resolve_name(name);
-+ case SCMP_ARCH_S390X:
-+ return s390x_syscall_resolve_name(name);
-+ case SCMP_ARCH_PPC64:
-+ return ppc64_syscall_resolve_name(name);
-+ case SCMP_ARCH_PPC:
-+ return ppc_syscall_resolve_name(name);
- }
-
- return __NR_SCMP_ERROR;
-@@ -313,6 +341,14 @@ const char *arch_syscall_resolve_num(con
- case SCMP_ARCH_MIPS64N32:
- case SCMP_ARCH_MIPSEL64N32:
- return mips64n32_syscall_resolve_num(num);
-+ case SCMP_ARCH_S390:
-+ return s390_syscall_resolve_num(num);
-+ case SCMP_ARCH_S390X:
-+ return s390x_syscall_resolve_num(num);
-+ case SCMP_ARCH_PPC64:
-+ return ppc64_syscall_resolve_num(num);
-+ case SCMP_ARCH_PPC:
-+ return ppc_syscall_resolve_num(num);
- }
-
- return NULL;
-Index: libseccomp-2.2.0/src/gen_pfc.c
-===================================================================
---- libseccomp-2.2.0.orig/src/gen_pfc.c
-+++ libseccomp-2.2.0/src/gen_pfc.c
-@@ -71,6 +71,14 @@ static const char *_pfc_arch(const struc
- return "mips64n32";
- case SCMP_ARCH_MIPSEL64N32:
- return "mipsel64n32";
-+ case SCMP_ARCH_S390X:
-+ return "s390x";
-+ case SCMP_ARCH_S390:
-+ return "s390";
-+ case SCMP_ARCH_PPC:
-+ return "ppc";
-+ case SCMP_ARCH_PPC64:
-+ return "ppc64";
- default:
- return "UNKNOWN";
- }
-Index: libseccomp-2.2.0/tools/scmp_arch_detect.c
-===================================================================
---- libseccomp-2.2.0.orig/tools/scmp_arch_detect.c
-+++ libseccomp-2.2.0/tools/scmp_arch_detect.c
-@@ -99,6 +99,18 @@ int main(int argc, char *argv[])
- case SCMP_ARCH_MIPSEL64N32:
- printf("mipsel64n32\n");
- break;
-+ case SCMP_ARCH_S390:
-+ printf("s390\n");
-+ break;
-+ case SCMP_ARCH_S390X:
-+ printf("s390x\n");
-+ break;
-+ case SCMP_ARCH_PPC:
-+ printf("ppc\n");
-+ break;
-+ case SCMP_ARCH_PPC64:
-+ printf("ppc64\n");
-+ break;
- default:
- printf("unknown\n");
- }
-Index: libseccomp-2.2.0/tools/scmp_bpf_sim.c
-===================================================================
---- libseccomp-2.2.0.orig/tools/scmp_bpf_sim.c
-+++ libseccomp-2.2.0/tools/scmp_bpf_sim.c
-@@ -249,6 +249,14 @@ int main(int argc, char *argv[])
- arch = AUDIT_ARCH_MIPS64N32;
- else if (strcmp(optarg, "mipsel64n32") == 0)
- arch = AUDIT_ARCH_MIPSEL64N32;
-+ else if (strcmp(optarg, "s390") == 0)
-+ sys_data.arch = AUDIT_ARCH_S390;
-+ else if (strcmp(optarg, "s390x") == 0)
-+ sys_data.arch = AUDIT_ARCH_S390X;
-+ else if (strcmp(optarg, "ppc") == 0)
-+ sys_data.arch = AUDIT_ARCH_PPC;
-+ else if (strcmp(optarg, "ppc64") == 0)
-+ sys_data.arch = AUDIT_ARCH_PPC64;
- else
- exit_fault(EINVAL);
- break;
-Index: libseccomp-2.2.0/tools/util.c
-===================================================================
---- libseccomp-2.2.0.orig/tools/util.c
-+++ libseccomp-2.2.0/tools/util.c
-@@ -62,6 +62,14 @@
- #elif __MIPSEL__
- #define ARCH_NATIVE AUDIT_ARCH_MIPSEL64N32
- #endif /* _MIPS_SIM_NABI32 */
-+#elif __s390__
-+#define ARCH_NATIVE AUDIT_ARCH_S390
-+#elif __s390x__
-+#define ARCH_NATIVE AUDIT_ARCH_S390X
-+#elif __powerpc64__
-+#define ARCH_NATIVE AUDIT_ARCH_PPC64
-+#elif __powerpc__
-+#define ARCH_NATIVE AUDIT_ARCH_PPC
- #else
- #error the simulator code needs to know about your machine type
- #endif
diff --git a/libseccomp.changes b/libseccomp.changes
index 93473a4..0503c2d 100644
--- a/libseccomp.changes
+++ b/libseccomp.changes
@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Mar 23 16:06:20 UTC 2016 - meissner@suse.com
+
+- updated to final 2.3.0 release
+- builderror-k316.diff: fixed upstream
+- i586 testsuite fails, disable for now
+
+-------------------------------------------------------------------
+Wed Feb 24 10:11:26 UTC 2016 - jengelh@inai.de
+
+- Update to git snapshot 2.3.0~g96
+* have libseccomp build with newer linux-glibc-devel;
+ "multiplexed and direct socket syscalls"
+- Drop libseccomp-s390x-support.patch, libseccomp-ppc64le.patch
+ (no longer apply - merged upstream)
+- Add builderror-k316.diff
+
-------------------------------------------------------------------
Fri Sep 25 12:14:37 UTC 2015 - dimstar@opensuse.org
diff --git a/libseccomp.spec b/libseccomp.spec
index 476b199..c15c3aa 100644
--- a/libseccomp.spec
+++ b/libseccomp.spec
@@ -1,7 +1,7 @@
#
# spec file for package libseccomp
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
Name: libseccomp
%define lname libseccomp2
-Version: 2.2.3
+Version: 2.3.0
Release: 0
Summary: An enhanced Seccomp (mode 2) helper library
License: LGPL-2.1
@@ -30,8 +30,6 @@ Source: https://github.com/seccomp/libseccomp/releases/download/v%versio
Source2: https://github.com/seccomp/libseccomp/releases/download/v%version/%name-%version.tar.gz.SHA256SUM.asc
Source99: baselibs.conf
Patch1: no-static.diff
-Patch3: libseccomp-s390x-support.patch
-Patch5: libseccomp-ppc64le.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: autoconf
BuildRequires: automake >= 1.11
@@ -99,9 +97,10 @@ This subpackage contains debug utilities for the seccomp interface.
%prep
%setup -q
-%patch -P 1 -P 3 -P 5 -p1
+%patch -P 1 -p1
%build
+perl -i -pe 's{AC_INIT\(\[libseccomp\], \[0\.0\.0\]\)}{AC_INIT([libseccomp], [2.3.0])}' configure.ac
autoreconf -fi
%configure --includedir="%_includedir/%name" --disable-static
make %{?_smp_mflags};
@@ -112,7 +111,7 @@ find "%buildroot/%_libdir" -type f -name "*.la" -delete
%fdupes %buildroot/%_prefix
%check
-%ifarch ppc s390 s390x
+%ifarch ppc s390 s390x i586
make check || true
#pushd tests/
#./regression -v