1 files changed, 19 insertions, 0 deletions
diff --git a/src/fseccomp/seccomp_print.c b/src/fseccomp/seccomp_print.c
index 19fe7a545..7af95d51c 100644
--- a/src/fseccomp/seccomp_print.c
+++ b/src/fseccomp/seccomp_print.c
@@ -113,6 +113,25 @@ static int detect_filter_type(void) {
                printf("  EXAMINE_SYSCALL\n");
                return sizeof(start_secondary_32) / sizeof(struct sock_filter);
        }
+        const struct sock_filter start_secondary_block[] = {
+                VALIDATE_ARCHITECTURE_KILL,
+#if defined(__x86_64__)
+                EXAMINE_SYSCALL,
+                HANDLE_X32_KILL,
+#else
+                EXAMINE_SYSCALL
+#endif
+        };
+        if (memcmp(&start_secondary_block[0], filter, sizeof(start_secondary_block)) == 0) {
+                printf("  VALIDATE_ARCHITECTURE_KILL\n");
+                printf("  EXAMINE_SYSCALL\n");
+#if defined(__x86_64__)
+                printf("  HANDLE_X32_KILL\n");
+#endif
+                return sizeof(start_secondary_block) / sizeof(struct sock_filter);
+        }
        
        return 0; // filter unrecognized
 }

diff --git a/src/fseccomp/seccomp_print.c b/src/fseccomp/seccomp_print.c index 19fe7a545..7af95d51c 100644 --- a/src/fseccomp/seccomp_print.c +++ b/src/fseccomp/seccomp_print.c
@@ -113,6 +113,25 @@ static int detect_filter_type(void) {
113	printf(" EXAMINE_SYSCALL\n");	113	printf(" EXAMINE_SYSCALL\n");
114	return sizeof(start_secondary_32) / sizeof(struct sock_filter);	114	return sizeof(start_secondary_32) / sizeof(struct sock_filter);
115	}	115	}
		116
		117	const struct sock_filter start_secondary_block[] = {
		118	VALIDATE_ARCHITECTURE_KILL,
		119	#if defined(__x86_64__)
		120	EXAMINE_SYSCALL,
		121	HANDLE_X32_KILL,
		122	#else
		123	EXAMINE_SYSCALL
		124	#endif
		125	};
		126
		127	if (memcmp(&start_secondary_block[0], filter, sizeof(start_secondary_block)) == 0) {
		128	printf(" VALIDATE_ARCHITECTURE_KILL\n");
		129	printf(" EXAMINE_SYSCALL\n");
		130	#if defined(__x86_64__)
		131	printf(" HANDLE_X32_KILL\n");
		132	#endif
		133	return sizeof(start_secondary_block) / sizeof(struct sock_filter);
		134	}
116		135
117	return 0; // filter unrecognized	136	return 0; // filter unrecognized
118	}	137	}