diff --git a/libcontainer/configs/config.go b/libcontainer/configs/config.go
index f2628760..12fcf6f6 100644
--- a/libcontainer/configs/config.go
+++ b/libcontainer/configs/config.go
@@ -20,8 +20,12 @@ type IDMap struct {
 }
 
 // Seccomp represents syscall restrictions
+// By default, only the native architecture of the kernel is allowed to be used
+// for syscalls. Additional architectures can be added by specifying them in
+// Architectures.
 type Seccomp struct {
 	DefaultAction Action     `json:"default_action"`
+	Architectures []string   `json:"architectures"`
 	Syscalls      []*Syscall `json:"syscalls"`
 }
 
diff --git a/libcontainer/seccomp/seccomp_linux.go b/libcontainer/seccomp/seccomp_linux.go
index 58bdbf6d..1e9ccf8f 100644
--- a/libcontainer/seccomp/seccomp_linux.go
+++ b/libcontainer/seccomp/seccomp_linux.go
@@ -37,6 +37,18 @@ func InitSeccomp(config *configs.Seccomp) error {
 		return fmt.Errorf("error creating filter: %s", err)
 	}
 
+	// Add extra architectures
+	for _, arch := range config.Architectures {
+		scmpArch, err := libseccomp.GetArchFromString(arch)
+		if err != nil {
+			return err
+		}
+
+		if err := filter.AddArch(scmpArch); err != nil {
+			return err
+		}
+	}
+
 	// Unset no new privs bit
 	if err := filter.SetNoNewPrivsBit(false); err != nil {
 		return fmt.Errorf("error setting no new privileges: %s", err)