seccomp: rework seccomp_lock_personality() to apply filter to all archs

author: Lennart Poettering <lennart@poettering.net> 2017-08-09 20:43:35 +0200
committer: Lennart Poettering <lennart@poettering.net> 2017-08-29 15:58:13 +0200
commit: 72eafe71597edfef84ec4a9822cb11e166c0c07f (patch)
tree: 9ef05cbb39d377788ac3bf35a2694ef0c3e984e3
parent: e8132d63fea6986cb6bcb2b78d95b1ada3ada708 (diff)
download: systemd-72eafe71597edfef84ec4a9822cb11e166c0c07f.tar.gz
2 files changed, 26 insertions, 12 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index bf2db28a82..29eb2b17d4 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -1405,19 +1405,34 @@ int seccomp_filter_set_add(Set *filter, bool add, const SyscallFilterSet *set) {
 }
 
 int seccomp_lock_personality(unsigned long personality) {
-        _cleanup_(seccomp_releasep) scmp_filter_ctx seccomp = NULL;
+        uint32_t arch;
         int r;
 
-        seccomp = seccomp_init(SCMP_ACT_ALLOW);
-        if (!seccomp)
-                return -ENOMEM;
+        if (personality >= PERSONALITY_INVALID)
+                return -EINVAL;
 
-        r = seccomp_rule_add_exact(seccomp, SCMP_ACT_ERRNO(EPERM),
-                                   SCMP_SYS(personality),
-                                   1,
-                                   SCMP_A0(SCMP_CMP_NE, personality));
-        if (r < 0)
-                return r;
+        SECCOMP_FOREACH_LOCAL_ARCH(arch) {
+                _cleanup_(seccomp_releasep) scmp_filter_ctx seccomp = NULL;
 
-        return seccomp_load(seccomp);
+                r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW);
+                if (r < 0)
+                        return r;
+
+                r = seccomp_rule_add_exact(
+                                seccomp,
+                                SCMP_ACT_ERRNO(EPERM),
+                                SCMP_SYS(personality),
+                                1,
+                                SCMP_A0(SCMP_CMP_NE, personality));
+                if (r < 0)
+                        return r;
+
+                r = seccomp_load(seccomp);
+                if (IN_SET(r, -EPERM, -EACCES))
+                        return r;
+                if (r < 0)
+                        log_debug_errno(r, "Failed to enable personality lock for architecture %s, skipping: %m", seccomp_arch_to_string(arch));
+        }
+
+        return 0;
 }
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
index 262d0b712b..0632361d45 100644
--- a/src/test/test-seccomp.c
+++ b/src/test/test-seccomp.c
@@ -48,7 +48,6 @@
 #  define SECCOMP_RESTRICT_ADDRESS_FAMILIES_BROKEN 0
 #endif
 
-
 static void test_seccomp_arch_to_string(void) {
         uint32_t a, b;
         const char *name;
author	Lennart Poettering <lennart@poettering.net>	2017-08-09 20:43:35 +0200
committer	Lennart Poettering <lennart@poettering.net>	2017-08-29 15:58:13 +0200
commit	72eafe71597edfef84ec4a9822cb11e166c0c07f (patch)
tree	9ef05cbb39d377788ac3bf35a2694ef0c3e984e3
parent	e8132d63fea6986cb6bcb2b78d95b1ada3ada708 (diff)
download	systemd-72eafe71597edfef84ec4a9822cb11e166c0c07f.tar.gz