From 9a57897ea1a125782ff332814d3f978c38162cf8 Mon Sep 17 00:00:00 2001
From: Philipp Stephani <phst@google.com>
Date: Sun, 11 Apr 2021 19:35:39 +0200
Subject: [PATCH] Don't attempt to generate Seccomp filter file in Linux <
 4.14.

Only Linux 4.14 and later contain the required support for
SECCOMP_RET_KILL_PROCESS.

* lib-src/Makefile.in (SECCOMP_FILTER): Define only if we run at least
Linux 4.14.
---
 lib-src/Makefile.in | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib-src/Makefile.in b/lib-src/Makefile.in
index b4143b33554..35cfa56d8be 100644
--- a/lib-src/Makefile.in
+++ b/lib-src/Makefile.in
@@ -196,9 +196,15 @@ LIBSECCOMP_CFLAGS=@LIBSECCOMP_CFLAGS@
 # Currently, we can only generate seccomp filter files for x86-64.
 ifeq ($(HAVE_LIBSECCOMP),yes)
 ifeq ($(shell uname -m),x86_64)
+# We require SECCOMP_RET_KILL_PROCESS, which is only available in
+# Linux 4.14 and later.
+ifeq ($(shell { echo 4.14; uname -r | cut -d . -f 1-2; } | \
+              sort -C -t . -n -k 1,1 -k 2,2 && \
+              echo 1),1)
 SECCOMP_FILTER=1
 endif
 endif
+endif
 
 ifeq ($(SECCOMP_FILTER),1)
 DONT_INSTALL += seccomp-filter$(EXEEXT)
-- 
2.39.5