seccomp: default to something resembling the current personality when locking it

Let's lock the personality to the currently set one, if nothing is
specifically specified. But do so with a grain of salt, and never
default to any exotic personality here, but only PER_LINUX or
PER_LINUX32.

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 3f9b1a256b1c1342167e3dcb140814dc7bf88d6d..4dcb93f2db875b81d231292e0d331fb5a36a8d0b 100644 (file)
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -913,6 +913,25 @@ const char* personality_to_string(unsigned long p) {
         return architecture_to_string(architecture);
 }
 
+int opinionated_personality(unsigned long *ret) {
+        int current;
+
+        /* Returns the current personality, or PERSONALITY_INVALID if we can't determine it. This function is a bit
+         * opinionated though, and ignores all the finer-grained bits and exotic personalities, only distinguishing the
+         * two most relevant personalities: PER_LINUX and PER_LINUX32. */
+
+        current = personality(PERSONALITY_INVALID);
+        if (current < 0)
+                return -errno;
+
+        if (((unsigned long) current & 0xffff) == PER_LINUX32)
+                *ret = PER_LINUX32;
+        else
+                *ret = PER_LINUX;
+
+        return 0;
+}
+
 void valgrind_summary_hack(void) {
 #ifdef HAVE_VALGRIND_VALGRIND_H
         if (getpid_cached() == 1 && RUNNING_ON_VALGRIND) {

diff --git a/src/basic/process-util.h b/src/basic/process-util.h
index a7bdbffa96ef4ac8c6e5179bede151465491f535..339dc9f59dce5415fd0f46e07988b9a06af69d69 100644 (file)
--- a/src/basic/process-util.h
+++ b/src/basic/process-util.h
@@ -100,6 +100,8 @@ bool oom_score_adjust_is_valid(int oa);
 unsigned long personality_from_string(const char *p);
 const char *personality_to_string(unsigned long);
 
+int opinionated_personality(unsigned long *ret);
+
 int ioprio_class_to_string_alloc(int i, char **s);
 int ioprio_class_from_string(const char *s);