update TODO

[thirdparty/systemd.git] / src / shared / seccomp-util.h

diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h
index 477400237b3b087f3849d70e32de4d3d69ab4759..ef970434c6b0ab9fc100f585bf6255a77eb33f52 100644 (file)
--- a/src/shared/seccomp-util.h
+++ b/src/shared/seccomp-util.h
@@ -38,6 +38,7 @@ enum {
         SYSCALL_FILTER_SET_MOUNT,
         SYSCALL_FILTER_SET_NETWORK_IO,
         SYSCALL_FILTER_SET_OBSOLETE,
+        SYSCALL_FILTER_SET_PKEY,
         SYSCALL_FILTER_SET_PRIVILEGED,
         SYSCALL_FILTER_SET_PROCESS,
         SYSCALL_FILTER_SET_RAW_IO,
@@ -65,27 +66,29 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
 
 typedef enum SeccompParseFlags {
         SECCOMP_PARSE_INVERT     = 1 << 0,
-        SECCOMP_PARSE_WHITELIST  = 1 << 1,
+        SECCOMP_PARSE_ALLOW_LIST = 1 << 1,
         SECCOMP_PARSE_LOG        = 1 << 2,
         SECCOMP_PARSE_PERMISSIVE = 1 << 3,
 } SeccompParseFlags;
 
-int seccomp_parse_syscall_filter_full(
-                const char *name, int errno_num, Hashmap *filter, SeccompParseFlags flags,
-                const char *unit, const char *filename, unsigned line);
-
-static inline int seccomp_parse_syscall_filter(const char *name, int errno_num, Hashmap *filter, SeccompParseFlags flags) {
-        return seccomp_parse_syscall_filter_full(name, errno_num, filter, flags, NULL, NULL, 0);
-}
+int seccomp_parse_syscall_filter(
+                const char *name,
+                int errno_num,
+                Hashmap *filter,
+                SeccompParseFlags flags,
+                const char *unit,
+                const char *filename, unsigned line);
 
 int seccomp_restrict_archs(Set *archs);
 int seccomp_restrict_namespaces(unsigned long retain);
 int seccomp_protect_sysctl(void);
-int seccomp_restrict_address_families(Set *address_families, bool whitelist);
+int seccomp_protect_syslog(void);
+int seccomp_restrict_address_families(Set *address_families, bool allow_list);
 int seccomp_restrict_realtime(void);
 int seccomp_memory_deny_write_execute(void);
 int seccomp_lock_personality(unsigned long personality);
 int seccomp_protect_hostname(void);
+int seccomp_restrict_suid_sgid(void);
 
 extern const uint32_t seccomp_local_archs[];
 
@@ -94,6 +97,14 @@ extern const uint32_t seccomp_local_archs[];
              seccomp_local_archs[_i] != (uint32_t) -1;                  \
              (arch) = seccomp_local_archs[++_i])
 
+/* EACCES: does not have the CAP_SYS_ADMIN or no_new_privs == 1
+ * ENOMEM: out of memory, failed to allocate space for a libseccomp structure, or would exceed a defined constant
+ * EFAULT: addresses passed as args (by libseccomp) are invalid */
+#define ERRNO_IS_SECCOMP_FATAL(r)                                       \
+        IN_SET(abs(r), EPERM, EACCES, ENOMEM, EFAULT)
+
 DEFINE_TRIVIAL_CLEANUP_FUNC(scmp_filter_ctx, seccomp_release);
 
-int parse_syscall_archs(char **l, Set **archs);
+int parse_syscall_archs(char **l, Set **ret_archs);
+
+uint32_t scmp_act_kill_process(void);