helper: Add all possible architectures to seccomp filter

Ensure that the seccomp filters will be applied if someone tries to run a non-native architecture program. This currently only covers the various x86 architectures and was borrowed from systemd LGPL code. https://bugs.freedesktop.org/show_bug.cgi?id=91165
2015-06-30 14:05:37 -07:00 · 2015-06-30 14:05:37 -07:00 · ef223b6a46
parent f28b1d3082
commit ef223b6a46
1 changed files with 16 additions and 0 deletions
--- a/xdg-app-helper.c
+++ b/xdg-app-helper.c
@ -348,6 +348,22 @@ setup_seccomp (void)
  if (!seccomp)
    return die_oom ();

+  /* Add in all possible secondary archs we are aware of that
+   * this kernel might support. */
+#if defined(__i386__) || defined(__x86_64__)
+  r = seccomp_arch_add (seccomp, SCMP_ARCH_X86);
+  if (r < 0 && r != -EEXIST)
+    die_with_error ("Failed to add x86 architecture to seccomp filter");
+
+  r = seccomp_arch_add (seccomp, SCMP_ARCH_X86_64);
+  if (r < 0 && r != -EEXIST)
+    die_with_error ("Failed to add x86_64 architecture to seccomp filter");
+
+  r = seccomp_arch_add (seccomp, SCMP_ARCH_X32);
+  if (r < 0 && r != -EEXIST)
+    die_with_error ("Failed to add x32 architecture to seccomp filter");
+#endif
+
  /* TODO: Should we filter the kernel keyring syscalls in some way?
   * We do want them to be used by desktop apps, but they could also perhaps
   * leak system stuff or secrets from other apps.