seccomp: assume clone() arg order is known on all architectures
While adding the defines for arm, I realized that we have pretty much all known architectures covered, so SECCOMP_RESTRICT_NAMESPACES_BROKEN is not necessary anymore. clone(2) is adamant that the order of the first two arguments is only reversed on s390/s390x. So let's simplify things and remove the #if.
This commit is contained in:
parent
4278d1f531
commit
511ceb1f8d
|
@ -792,43 +792,10 @@ int seccomp_restrict_namespaces(unsigned long retain) {
|
|||
|
||||
SECCOMP_FOREACH_LOCAL_ARCH(arch) {
|
||||
_cleanup_(seccomp_releasep) scmp_filter_ctx seccomp = NULL;
|
||||
int clone_reversed_order = -1;
|
||||
unsigned i;
|
||||
|
||||
log_debug("Operating on architecture: %s", seccomp_arch_to_string(arch));
|
||||
|
||||
switch (arch) {
|
||||
|
||||
case SCMP_ARCH_X86_64:
|
||||
case SCMP_ARCH_X86:
|
||||
case SCMP_ARCH_X32:
|
||||
case SCMP_ARCH_PPC64:
|
||||
case SCMP_ARCH_PPC64LE:
|
||||
case SCMP_ARCH_MIPS:
|
||||
case SCMP_ARCH_MIPSEL:
|
||||
case SCMP_ARCH_MIPS64:
|
||||
case SCMP_ARCH_MIPSEL64:
|
||||
case SCMP_ARCH_MIPS64N32:
|
||||
case SCMP_ARCH_MIPSEL64N32:
|
||||
clone_reversed_order = 0;
|
||||
break;
|
||||
|
||||
case SCMP_ARCH_S390:
|
||||
case SCMP_ARCH_S390X:
|
||||
/* On s390/s390x the first two parameters to clone are switched */
|
||||
clone_reversed_order = 1;
|
||||
break;
|
||||
|
||||
/* Please add more definitions here, if you port systemd to other architectures! */
|
||||
|
||||
#if SECCOMP_RESTRICT_NAMESPACES_BROKEN
|
||||
# warning "Consider adding the right clone() syscall definitions here!"
|
||||
#endif
|
||||
}
|
||||
|
||||
if (clone_reversed_order < 0) /* we don't know the right order, let's ignore this arch... */
|
||||
continue;
|
||||
|
||||
r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -877,7 +844,8 @@ int seccomp_restrict_namespaces(unsigned long retain) {
|
|||
break;
|
||||
}
|
||||
|
||||
if (clone_reversed_order == 0)
|
||||
/* On s390/s390x the first two parameters to clone are switched */
|
||||
if (!IN_SET(arch, SCMP_ARCH_S390, SCMP_ARCH_S390X))
|
||||
r = seccomp_rule_add_exact(
|
||||
seccomp,
|
||||
SCMP_ACT_ERRNO(EPERM),
|
||||
|
|
|
@ -84,13 +84,6 @@ int seccomp_memory_deny_write_execute(void);
|
|||
#define SECCOMP_RESTRICT_ADDRESS_FAMILIES_BROKEN 0
|
||||
#endif
|
||||
|
||||
/* we don't know the right order of the clone() parameters except for these archs, for now */
|
||||
#if defined(__x86_64__) || defined(__i386__) || defined(__s390x__) || defined(__s390__) || defined(__powerpc64__) || defined(__mips__)
|
||||
#define SECCOMP_RESTRICT_NAMESPACES_BROKEN 0
|
||||
#else
|
||||
#define SECCOMP_RESTRICT_NAMESPACES_BROKEN 1
|
||||
#endif
|
||||
|
||||
extern const uint32_t seccomp_local_archs[];
|
||||
|
||||
#define SECCOMP_FOREACH_LOCAL_ARCH(arch) \
|
||||
|
|
|
@ -160,8 +160,6 @@ static void test_restrict_namespace(void) {
|
|||
assert_se(streq(s, "cgroup ipc net mnt pid user uts"));
|
||||
assert_se(namespace_flag_from_string_many(s, &ul) == 0 && ul == NAMESPACE_FLAGS_ALL);
|
||||
|
||||
#if SECCOMP_RESTRICT_NAMESPACES_BROKEN == 0
|
||||
|
||||
if (!is_seccomp_available())
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
|
@ -220,7 +218,6 @@ static void test_restrict_namespace(void) {
|
|||
}
|
||||
|
||||
assert_se(wait_for_terminate_and_warn("nsseccomp", pid, true) == EXIT_SUCCESS);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_protect_sysctl(void) {
|
||||
|
|
Loading…
Reference in a new issue