7 files changed, 106 insertions, 4 deletions

diff --git a/doc/man/man3/seccomp_arch_add.3 b/doc/man/man3/seccomp_arch_add.3
index f03376d..dd000fc 100644
--- a/doc/man/man3/seccomp_arch_add.3
+++ b/doc/man/man3/seccomp_arch_add.3
@@ -1,4 +1,4 @@
-.TH "seccomp_arch_add" 3 "16 April 2014" "paul@paul-moore.com" "libseccomp Documentation"
+.TH "seccomp_arch_add" 3 "7 May 2014" "paul@paul-moore.com" "libseccomp Documentation"
 .\" //////////////////////////////////////////////////////////////////////////
 .SH NAME
 .\" //////////////////////////////////////////////////////////////////////////
@@ -15,6 +15,7 @@ seccomp_arch_add, seccomp_arch_remove, seccomp_arch_exist, seccomp_arch_native \
 .B #define SCMP_ARCH_X86
 .B #define SCMP_ARCH_X86_64
 .sp
+.BI "uint32_t seccomp_arch_resolve_name(const char *" arch_name ");"
 .BI "uint32_t seccomp_arch_native();"
 .BI "int seccomp_arch_exist(const scmp_filter_ctx " ctx ", uint32_t " arch_token ");"
 .BI "int seccomp_arch_add(scmp_filter_ctx " ctx ", uint32_t " arch_token ");"
@@ -46,7 +47,12 @@ constant always referring to the native compiled architecture.  The
 .BR seccomp_arch_native ()
 function returns the system's architecture such that it will match one of the
 .BR SCMP_ARCH_*
-constants.
+constants.  While the
+.BR seccomp_arch_resolve_name ()
+function also returns a
+.BR SCMP_ARCH_*
+constant, the returned token matches the name of the architecture
+passed as an argument to the function.
 .P
 When a seccomp filter is initialized with the call to
 .BR seccomp_init (3)
diff --git a/include/seccomp.h.in b/include/seccomp.h.in
index 07336e6..e119c8c 100644
--- a/include/seccomp.h.in
+++ b/include/seccomp.h.in
@@ -254,6 +254,16 @@ void seccomp_release(scmp_filter_ctx ctx);
 int seccomp_merge(scmp_filter_ctx ctx_dst, scmp_filter_ctx ctx_src);
 
 /**
+ * Resolve the architecture name to a architecture token
+ * @param arch_name the architecture name
+ *
+ * This function resolves the given architecture name to a token suitable for
+ * use with libseccomp, returns zero on failure.
+ *
+ */
+uint32_t seccomp_arch_resolve_name(const char *arch_name);
+
+/**
  * Return the native architecture token
  *
  * This function returns the native architecture token value, e.g. SCMP_ARCH_*.
diff --git a/src/api.c b/src/api.c
index ec01fb9..7d4843f 100644
--- a/src/api.c
+++ b/src/api.c
@@ -142,6 +142,21 @@ API int seccomp_merge(scmp_filter_ctx ctx_dst,
 }
 
 /* NOTE - function header comment in include/seccomp.h */
+API uint32_t seccomp_arch_resolve_name(const char *arch_name)
+{
+	const struct arch_def *arch;
+
+	if (arch_name == NULL)
+		return 0;
+
+	arch = arch_def_lookup_name(arch_name);
+	if (arch == NULL)
+		return 0;
+
+	return arch->token;
+}
+
+/* NOTE - function header comment in include/seccomp.h */
 API uint32_t seccomp_arch_native(void)
 {
 	return arch_def_native->token;
diff --git a/src/arch.c b/src/arch.c
index 1b0a3ef..2d2644d 100644
--- a/src/arch.c
+++ b/src/arch.c
@@ -105,6 +105,31 @@ const struct arch_def *arch_def_lookup(uint32_t token)
 }
 
 /**
+ * Lookup the architecture definition by name
+ * @param arch the architecure name
+ *
+ * Return the matching architecture definition, returns NULL on failure.
+ *
+ */
+const struct arch_def *arch_def_lookup_name(const char *arch_name)
+{
+	if (strcmp(arch_name, "x86") == 0)
+		return &arch_def_x86;
+	else if (strcmp(arch_name, "x86_64") == 0)
+		return &arch_def_x86_64;
+	else if (strcmp(arch_name, "x32") == 0)
+		return &arch_def_x32;
+	else if (strcmp(arch_name, "arm") == 0)
+		return &arch_def_arm;
+	else if (strcmp(arch_name, "mips") == 0)
+		return &arch_def_mips;
+	else if (strcmp(arch_name, "mipsel") == 0)
+		return &arch_def_mipsel;
+
+	return NULL;
+}
+
+/**
  * Determine the maximum number of syscall arguments
  * @param arch the architecture definition
  *
diff --git a/src/arch.h b/src/arch.h
index d3ed9be..aa3158c 100644
--- a/src/arch.h
+++ b/src/arch.h
@@ -78,6 +78,7 @@ struct arch_syscall_def {
 int arch_valid(uint32_t arch);
 
 const struct arch_def *arch_def_lookup(uint32_t token);
+const struct arch_def *arch_def_lookup_name(const char *arch_name);
 
 int arch_arg_count_max(const struct arch_def *arch);
 
diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd
index 1c3921c..5fea471 100644
--- a/src/python/libseccomp.pxd
+++ b/src/python/libseccomp.pxd
@@ -69,6 +69,7 @@ cdef extern from "seccomp.h":
 
     int seccomp_merge(scmp_filter_ctx ctx_dst, scmp_filter_ctx ctx_src)
 
+    uint32_t seccomp_arch_resolve_name(char *arch_name)
     uint32_t seccomp_arch_native()
     int seccomp_arch_exist(scmp_filter_ctx ctx, int arch_token)
     int seccomp_arch_add(scmp_filter_ctx ctx, int arch_token)
diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
index 702a520..f1848dc 100644
--- a/src/python/seccomp.pyx
+++ b/src/python/seccomp.pyx
@@ -120,9 +120,9 @@ def resolve_syscall(arch, syscall):
     """
     cdef char *ret_str
 
-    if (isinstance(syscall, basestring)):
+    if isinstance(syscall, basestring):
         return libseccomp.seccomp_syscall_resolve_name_arch(arch, syscall)
-    elif (isinstance(syscall, int)):
+    elif isinstance(syscall, int):
         ret_str = libseccomp.seccomp_syscall_resolve_num_arch(arch, syscall)
         if ret_str is NULL:
             raise ValueError('Unknown syscall %d on arch %d' % (syscall, arch))
@@ -144,6 +144,8 @@ cdef class Arch:
     MIPSEL - MIPS little endian
     """
 
+    cdef int _token
+
     NATIVE = libseccomp.SCMP_ARCH_NATIVE
     X86 = libseccomp.SCMP_ARCH_X86
     X86_64 = libseccomp.SCMP_ARCH_X86_64
@@ -152,6 +154,48 @@ cdef class Arch:
     MIPS = libseccomp.SCMP_ARCH_MIPS
     MIPSEL = libseccomp.SCMP_ARCH_MIPSEL
 
+    def __cinit__(self, arch=libseccomp.SCMP_ARCH_NATIVE):
+        """ Initialize the architecture object.
+
+        Arguments:
+        arch - the architecture name or token value
+
+        Description:
+        Create an architecture object using the given name or token value.
+        """
+        if isinstance(arch, int):
+            if arch == libseccomp.SCMP_ARCH_NATIVE:
+                self._token = libseccomp.seccomp_arch_native()
+            elif arch == libseccomp.SCMP_ARCH_X86:
+                self._token = libseccomp.SCMP_ARCH_X86
+            elif arch == libseccomp.SCMP_ARCH_X86_64:
+                self._token = libseccomp.SCMP_ARCH_X86_64
+            elif arch == libseccomp.SCMP_ARCH_X32:
+                self._token = libseccomp.SCMP_ARCH_X32
+            elif arch == libseccomp.SCMP_ARCH_ARM:
+                self._token = libseccomp.SCMP_ARCH_ARM
+            elif arch == libseccomp.SCMP_ARCH_MIPS:
+                self._token = libseccomp.SCMP_ARCH_MIPS
+            elif arch == libseccomp.SCMP_ARCH_MIPSEL:
+                self._token = libseccomp.SCMP_ARCH_MIPSEL
+            else:
+                self._token = 0;
+        elif isinstance(arch, basestring):
+            self._token = libseccomp.seccomp_arch_resolve_name(arch)
+        else:
+            raise TypeError("Architecture must be an int or str type")
+        if self._token == 0:
+            raise ValueError("Invalid architecture")
+
+    def __int__(self):
+        """ Convert the architecture object to a token value.
+
+        Description:
+        Convert the architecture object to an integer representing the
+        architecture's token value.
+        """
+        return self._token
+
 cdef class Attr:
     """ Python object representing the SyscallFilter attributes.