execute: Fix seccomp support on x32

In the x32 ABI, syscall numbers start at 0x40000000. Mask that bit on x32 for lookups in the syscall_names array and syscall_filter and ensure that syscall.h is parsed correctly. [zj: added SYSCALL_TO_INDEX, INDEX_TO_SYSCALL macros.]
author: Jonathan Callen <abcd@gentoo.org> 2012-07-24 22:45:22 -0400
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2013-01-19 12:03:06 -0500
commit: 843fc7f7f26a6507fe896a79ed1b474c35c4300f (patch)
tree: bd465b18a828d0abbc5505f2d63fc7ccb5817208 /src/core/execute.c
parent: 25da63b9dac8f166ebf390ca92d1de18fbfc9d11 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/execute.c b/src/core/execute.c
index 65a10af3b0..1413c9110e 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -957,7 +957,7 @@ static int apply_seccomp(uint32_t *syscall_filter) {
         for (i = 0, n = 0; i < syscall_max(); i++)
                 if (syscall_filter[i >> 4] & (1 << (i & 31))) {
                         struct sock_filter item[] = {
-                                BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, i, 0, 1),
+                                BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, INDEX_TO_SYSCALL(i), 0, 1),
                                 BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
                         };
author	Jonathan Callen <abcd@gentoo.org>	2012-07-24 22:45:22 -0400
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2013-01-19 12:03:06 -0500
commit	843fc7f7f26a6507fe896a79ed1b474c35c4300f (patch)
tree	bd465b18a828d0abbc5505f2d63fc7ccb5817208 /src/core/execute.c
parent	25da63b9dac8f166ebf390ca92d1de18fbfc9d11 (diff)