From 8abd2ee0526ba576aefefa51870443ef01a4b2dd Mon Sep 17 00:00:00 2001 From: Werner Fink Date: Mon, 7 Apr 2025 13:51:07 +0200 Subject: [PATCH] Fix seccomp-filter for newer Linux kernels * lib-src/seccomp-filter.c (MAP_DROPPABLE): Define if undefined. (main): Use MAP_DROPPABLE flag. Allow `tcgetattr' call of glibc on physical terminal devices. (Bug#77232) --- lib-src/seccomp-filter.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c index d6421f0ebdb..e9f41afbaba 100644 --- a/lib-src/seccomp-filter.c +++ b/lib-src/seccomp-filter.c @@ -42,6 +42,7 @@ variants of those files that can be used to sandbox Emacs before #include #include #include +#include /* mandatory accordingly to latest ioctl_tty(2) */ #include #include @@ -64,6 +65,11 @@ variants of those files that can be used to sandbox Emacs before #define ARCH_CET_STATUS 0x3001 #endif +/* https://github.com/torvalds/linux/commit/9651fcedf7b92d3f7f1ab179e8ab55b85ee10fc1 */ +#ifndef MAP_DROPPABLE +#define MAP_DROPPABLE 0x08 +#endif + static ATTRIBUTE_FORMAT_PRINTF (2, 3) _Noreturn void fail (int error, const char *format, ...) { @@ -187,7 +193,7 @@ main (int argc, char **argv) some versions of the dynamic loader still use it. Also allow allocating thread stacks. */ SCMP_A3_32 (SCMP_CMP_MASKED_EQ, - ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE + ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE | MAP_DROPPABLE | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE | MAP_STACK | MAP_NORESERVE), 0)); @@ -274,6 +280,11 @@ main (int argc, char **argv) SCMP_A0_32 (SCMP_CMP_EQ, STDIN_FILENO), SCMP_A1_32 (SCMP_CMP_EQ, TIOCGPGRP)); + /* Allow `tcgetattr' call of glibc on physical terminal devices. */ + RULE (SCMP_ACT_ALLOW, SCMP_SYS (ioctl), + SCMP_A0_32 (SCMP_CMP_EQ, STDERR_FILENO), + SCMP_A1_32 (SCMP_CMP_EQ, TCGETS)); + /* Allow reading (but not setting) file flags. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (fcntl), SCMP_A1_32 (SCMP_CMP_EQ, F_GETFL));