summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/loader
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/loader')
-rw-r--r--pkg/sentry/loader/elf.go17
1 files changed, 14 insertions, 3 deletions
diff --git a/pkg/sentry/loader/elf.go b/pkg/sentry/loader/elf.go
index fba2f27fe..bc5b841fb 100644
--- a/pkg/sentry/loader/elf.go
+++ b/pkg/sentry/loader/elf.go
@@ -148,12 +148,17 @@ func parseHeader(ctx context.Context, f *fs.File) (elfInfo, error) {
}
binary.Unmarshal(hdrBuf, byteOrder, &hdr)
- // We only support amd64.
- if machine := elf.Machine(hdr.Machine); machine != elf.EM_X86_64 {
+ // We support amd64 and arm64.
+ var a arch.Arch
+ switch machine := elf.Machine(hdr.Machine); machine {
+ case elf.EM_X86_64:
+ a = arch.AMD64
+ case elf.EM_AARCH64:
+ a = arch.ARM64
+ default:
log.Infof("Unsupported ELF machine %d", machine)
return elfInfo{}, syserror.ENOEXEC
}
- a := arch.AMD64
var sharedObject bool
elfType := elf.Type(hdr.Type)
@@ -560,6 +565,12 @@ func loadInitialELF(ctx context.Context, m *mm.MemoryManager, fs *cpuid.FeatureS
return loadedELF{}, nil, err
}
+ // Check Image Compatibility.
+ if arch.Host != info.arch {
+ ctx.Warningf("Found mismatch for platform %s with ELF type %s", arch.Host.String(), info.arch.String())
+ return loadedELF{}, nil, syserror.ENOEXEC
+ }
+
// Create the arch.Context now so we can prepare the mmap layout before
// mapping anything.
ac := arch.New(info.arch, fs)