本文整理匯總了Golang中github.com/seccomp/libseccomp-golang.GetNativeArch函數的典型用法代碼示例。如果您正苦於以下問題:Golang GetNativeArch函數的具體用法?Golang GetNativeArch怎麽用?Golang GetNativeArch使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了GetNativeArch函數的5個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: arches
func arches() []types.Arch {
var native, err = libseccomp.GetNativeArch()
if err != nil {
return []types.Arch{}
}
var a = native.String()
switch a {
case "amd64":
return []types.Arch{types.ArchX86_64, types.ArchX86, types.ArchX32}
case "arm64":
return []types.Arch{types.ArchARM, types.ArchAARCH64}
case "mips64":
return []types.Arch{types.ArchMIPS, types.ArchMIPS64, types.ArchMIPS64N32}
case "mips64n32":
return []types.Arch{types.ArchMIPS, types.ArchMIPS64, types.ArchMIPS64N32}
case "mipsel64":
return []types.Arch{types.ArchMIPSEL, types.ArchMIPSEL64, types.ArchMIPSEL64N32}
case "mipsel64n32":
return []types.Arch{types.ArchMIPSEL, types.ArchMIPSEL64, types.ArchMIPSEL64N32}
case "s390x":
return []types.Arch{types.ArchS390, types.ArchS390X}
default:
return []types.Arch{}
}
}示例2: arches
func arches() []string {
var native, err = libseccomp.GetNativeArch()
if err != nil {
return []string{}
}
var a = native.String()
switch a {
case "amd64":
return []string{"amd64", "x86", "x32"}
case "arm64":
return []string{"arm64", "arm"}
case "mips64":
return []string{"mips64", "mips64n32", "mips"}
case "mips64n32":
return []string{"mips64", "mips64n32", "mips"}
case "mipsel64":
return []string{"mipsel64", "mipsel64n32", "mipsel"}
case "mipsel64n32":
return []string{"mipsel64", "mipsel64n32", "mipsel"}
default:
return []string{a}
}
}示例3: arches
func arches() []specs.Arch {
var native, err = libseccomp.GetNativeArch()
if err != nil {
return []specs.Arch{}
}
var a = native.String()
switch a {
case "amd64":
return []specs.Arch{specs.ArchX86_64, specs.ArchX86, specs.ArchX32}
case "arm64":
return []specs.Arch{specs.ArchAARCH64, specs.ArchARM}
case "mips64":
return []specs.Arch{specs.ArchMIPS, specs.ArchMIPS64, specs.ArchMIPS64N32}
case "mips64n32":
return []specs.Arch{specs.ArchMIPS, specs.ArchMIPS64, specs.ArchMIPS64N32}
case "mipsel64":
return []specs.Arch{specs.ArchMIPSEL, specs.ArchMIPSEL64, specs.ArchMIPSEL64N32}
case "mipsel64n32":
return []specs.Arch{specs.ArchMIPSEL, specs.ArchMIPSEL64, specs.ArchMIPSEL64N32}
default:
return []specs.Arch{}
}
}示例4: DefaultProfile
//.........這裏部分代碼省略.........
{
Name: "vmsplice",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "wait4",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "waitid",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "waitpid",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "write",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "writev",
Action: types.ActAllow,
Args: []*types.Arg{},
},
}
var arch string
var native, err = libseccomp.GetNativeArch()
if err == nil {
arch = native.String()
}
switch arch {
case "arm", "arm64":
syscalls = append(syscalls, []*types.Syscall{
{
Name: "breakpoint",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "cacheflush",
Action: types.ActAllow,
Args: []*types.Arg{},
},
{
Name: "set_tls",
Action: types.ActAllow,
Args: []*types.Arg{},
},
}...)
case "amd64", "x32":
syscalls = append(syscalls, []*types.Syscall{
{
Name: "arch_prctl",
Action: types.ActAllow,
Args: []*types.Arg{},
},
}...)
fallthrough
case "x86":示例5: setupSeccomp
func setupSeccomp(config *types.Seccomp, rs *specs.Spec) (*specs.Seccomp, error) {
if config == nil {
return nil, nil
}
// No default action specified, no syscalls listed, assume seccomp disabled
if config.DefaultAction == "" && len(config.Syscalls) == 0 {
return nil, nil
}
newConfig := &specs.Seccomp{}
var arch string
var native, err = libseccomp.GetNativeArch()
if err == nil {
arch = native.String()
}
if len(config.Architectures) != 0 && len(config.ArchMap) != 0 {
return nil, errors.New("'architectures' and 'archMap' were specified in the seccomp profile, use either 'architectures' or 'archMap'")
}
// if config.Architectures == 0 then libseccomp will figure out the architecture to use
if len(config.Architectures) != 0 {
for _, a := range config.Architectures {
newConfig.Architectures = append(newConfig.Architectures, specs.Arch(a))
}
}
if len(config.ArchMap) != 0 {
for _, a := range config.ArchMap {
seccompArch, ok := nativeToSeccomp[arch]
if ok {
if a.Arch == seccompArch {
newConfig.Architectures = append(newConfig.Architectures, specs.Arch(a.Arch))
for _, sa := range a.SubArches {
newConfig.Architectures = append(newConfig.Architectures, specs.Arch(sa))
}
break
}
}
}
}
newConfig.DefaultAction = specs.Action(config.DefaultAction)
Loop:
// Loop through all syscall blocks and convert them to libcontainer format after filtering them
for _, call := range config.Syscalls {
if len(call.Excludes.Arches) > 0 {
if stringutils.InSlice(call.Excludes.Arches, arch) {
continue Loop
}
}
if len(call.Excludes.Caps) > 0 {
for _, c := range call.Excludes.Caps {
if stringutils.InSlice(rs.Process.Capabilities, c) {
continue Loop
}
}
}
if len(call.Includes.Arches) > 0 {
if !stringutils.InSlice(call.Includes.Arches, arch) {
continue Loop
}
}
if len(call.Includes.Caps) > 0 {
for _, c := range call.Includes.Caps {
if !stringutils.InSlice(rs.Process.Capabilities, c) {
continue Loop
}
}
}
if call.Name != "" && len(call.Names) != 0 {
return nil, errors.New("'name' and 'names' were specified in the seccomp profile, use either 'name' or 'names'")
}
if call.Name != "" {
newConfig.Syscalls = append(newConfig.Syscalls, createSpecsSyscall(call.Name, call.Action, call.Args))
}
for _, n := range call.Names {
newConfig.Syscalls = append(newConfig.Syscalls, createSpecsSyscall(n, call.Action, call.Args))
}
}
return newConfig, nil
}