From 72545ae05745f99e194eb83e3fa865f276601378 Mon Sep 17 00:00:00 2001 From: Anita Zhang Date: Thu, 6 Feb 2020 15:34:17 -0800 Subject: [PATCH] core: sync SeccompParseFlags between dbus-execute and load-fragment 9e486265716963439fb0fd7f2a97abf109f24f75 added some new syscalls to the filter lists. However, on systems that do not yet support the new calls, running systemd-run with the filter set results in error: ``` $ sudo systemd-run -t -r -p "SystemCallFilter=~@mount" /bin/true Failed to start transient service unit: Invalid argument ``` Having the same properties in a unit file will start the service without issue. This is because the load-fragment code will parse the syscall filters in permissive mode: https://github.com/systemd/systemd/blob/master/src/core/load-fragment.c#L2909 whereas the dbus-execute equivalent of the code does not. Since the permissive mode appears to be the right setting to support older kernels/libseccomp, this will update the dbus-execute parsing to also be permissive. --- src/core/dbus-execute.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 9ff3f157f5..d8ba3e5d92 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1587,6 +1587,7 @@ int bus_exec_context_set_transient_property( r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, + SECCOMP_PARSE_PERMISSIVE | SECCOMP_PARSE_WHITELIST | invert_flag, u->id, NULL, 0); @@ -1606,7 +1607,9 @@ int bus_exec_context_set_transient_property( r = seccomp_parse_syscall_filter(n, e, c->syscall_filter, - (c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0) | invert_flag, + SECCOMP_PARSE_LOG | SECCOMP_PARSE_PERMISSIVE | + invert_flag | + (c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0), u->id, NULL, 0); if (r < 0)