1 files changed, 21 insertions, 5 deletions

diff --git a/seccomp.sh b/seccomp.sh
index 052e1c8..60ebe84 100755
--- a/seccomp.sh
+++ b/seccomp.sh
@@ -14,11 +14,23 @@
 # Author: Stefano Brivio <sbrivio@redhat.com>
 
 TMP="$(mktemp)"
-IN="$@"
 OUT="$(mktemp)"
+OUT_FINAL="${1}"
+shift
+IN="$@"
 
 [ -z "${ARCH}" ] && ARCH="$(uname -m)"
 [ -z "${CC}" ] && CC="cc"
+case "${ARCH}" in i[345]86) ARCH=i686 ;; esac
+
+AUDIT_ARCH="AUDIT_ARCH_$(echo ${ARCH} | tr '[a-z]' '[A-Z]'         \
+                                      | sed 's/^ARM.*/ARM/'        \
+                                      | sed 's/I[456]86/I386/'     \
+                                      | sed 's/PPC64/PPC/'         \
+                                      | sed 's/PPCLE/PPC64LE/'     \
+                                      | sed 's/MIPS64EL/MIPSEL64/' \
+                                      | sed 's/HPPA/PARISC/'       \
+                                      | sed 's/SH4/SH/')"
 
 HEADER="/* This file was automatically generated by $(basename ${0}) */
 
@@ -32,7 +44,7 @@ struct sock_filter filter_@PROFILE@[] = {
 	/* cppcheck-suppress [badBitmaskCheck, unmatchedSuppression] */
 	BPF_STMT(BPF_LD | BPF_W | BPF_ABS,
 		 (offsetof(struct seccomp_data, arch))),
-	BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, PASST_AUDIT_ARCH, 0, @KILL@),
+	BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, @AUDIT_ARCH@, 0, @KILL@),
 	/* cppcheck-suppress [badBitmaskCheck, unmatchedSuppression] */
 	BPF_STMT(BPF_LD | BPF_W | BPF_ABS,
 		 (offsetof(struct seccomp_data, nr))),
@@ -233,7 +245,8 @@ gen_profile() {
 		sub ${__i} CALL "NR:${__nr}" "NAME:${__name}" "ALLOW:${__allow}"
 	done
 
-	finish PRE "PROFILE:${__profile}" "KILL:$(( __statements + 1))"
+	finish PRE "PROFILE:${__profile}" "KILL:$(( __statements + 1))" \
+	       "AUDIT_ARCH:${AUDIT_ARCH}"
 }
 
 printf '%s\n' "${HEADER}" > "${OUT}"
@@ -242,7 +255,10 @@ for __p in ${__profiles}; do
 	__calls="$(sed -n 's/[\t ]*\*[\t ]*#syscalls\(:'"${__p}"'\|\)[\t ]\{1,\}\(.*\)/\2/p' ${IN})"
 	__calls="${__calls} ${EXTRA_SYSCALLS:-}"
 	__calls="$(filter ${__calls})"
-	echo "seccomp profile ${__p} allows: ${__calls}" | tr '\n' ' ' | fmt -t
+
+	cols="$(stty -a 2>/dev/null | sed -n 's/.*columns \([0-9]*\).*/\1/p' || :)" 2>/dev/null
+	case $cols in [0-9]*) col_args="-w ${cols}";; *) col_args="";; esac
+	echo "seccomp profile ${__p} allows: ${__calls}" | tr '\n' ' ' | fmt -t ${col_args}
 
 	# Pad here to keep gen_profile() "simple"
 	__count=0
@@ -255,4 +271,4 @@ for __p in ${__profiles}; do
 	gen_profile "${__p}" ${__calls}
 done
 
-mv "${OUT}" seccomp.h
+mv "${OUT}" "${OUT_FINAL}"