Allow compilation on other Linux architectures

This patch simply removes the use of seccomp on unsupported architectures. That should allow compilation and usage with slightly reduced security, but I have not tested on any of these architectures.
phylum-dev · Nov 12, 2024 · e8d953b · e8d953b
1 parent 1f2cbce
commit e8d953b
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/src/linux/mod.rs b/src/linux/mod.rs
@@ -13,10 +13,12 @@ use rustix::process::{Gid, Pid, Uid, WaitOptions};
 
 use crate::error::{Error, Result};
 use crate::linux::namespaces::{MountAttrFlags, Namespaces};
+#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
 use crate::linux::seccomp::SyscallFilter;
 use crate::{Child, Command, Exception, Sandbox};
 
 mod namespaces;
+#[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
 mod seccomp;
 
 /// Linux sandboxing.
@@ -206,6 +208,7 @@ fn sandbox_init_inner(mut init_arg: ProcessInitArg) -> io::Result<libc::c_int> {
     )?;
 
     // Setup system call filters.
+    #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
     SyscallFilter::apply().map_err(|err| IoError::new(IoErrorKind::Other, err))?;
 
     // Block suid/sgid.