Let's make sure that all our rules apply to all archs the local kernel
supports.
if (!seccomp)
return -ENOMEM;
+ r = seccomp_add_secondary_archs(seccomp);
+ if (r < 0)
+ goto finish;
+
r = seccomp_rule_add(
seccomp,
SCMP_ACT_ERRNO(EPERM),
if (!seccomp)
return -ENOMEM;
+ r = seccomp_add_secondary_archs(seccomp);
+ if (r < 0)
+ goto finish;
+
/* Determine the highest policy constant we want to allow */
for (i = 0; i < ELEMENTSOF(permitted_policies); i++)
if (permitted_policies[i] > max_policy)