Merge pull request #43553 from AkihiroSuda/riscv64

seccomp: support riscv64

profiles/seccomp/default.json

@@ -48,6 +48,10 @@
 			"subArchitectures": [
 				"SCMP_ARCH_S390"
 			]
+		},
+		{
+			"architecture": "SCMP_ARCH_RISCV64",
+			"subArchitectures": null
 		}
 	],
 	"syscalls": [
@@ -543,6 +547,17 @@
 				]
 			}
 		},
+		{
+			"names": [
+				"riscv_flush_icache"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"includes": {
+				"arches": [
+					"riscv64"
+				]
+			}
+		},
 		{
 			"names": [
 				"open_by_handle_at"

profiles/seccomp/default_linux.go

@@ -35,6 +35,10 @@ func arches() []Architecture {
 			Arch:      specs.ArchS390X,
 			SubArches: []specs.Arch{specs.ArchS390},
 		},
+		{
+			Arch:      specs.ArchRISCV64,
+			SubArches: nil,
+		},
 	}
 }
 
@@ -533,6 +537,17 @@ func DefaultProfile() *Seccomp {
 				Arches: []string{"s390", "s390x"},
 			},
 		},
+		{
+			LinuxSyscall: specs.LinuxSyscall{
+				Names: []string{
+					"riscv_flush_icache",
+				},
+				Action: specs.ActAllow,
+			},
+			Includes: &Filter{
+				Arches: []string{"riscv64"},
+			},
+		},
 		{
 			LinuxSyscall: specs.LinuxSyscall{
 				Names: []string{