From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 11 Oct 2024 07:46:14 +0000 (+0200)
Subject: seccomp: allowlist uretprobe() syscall
X-Git-Tag: v257-rc1~260
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d693c483a2bb3eae490fd78d68fc16d0a731fee2;p=thirdparty%2Fsystemd.git

seccomp: allowlist uretprobe() syscall

This is a new syscall provided by the kernel used to implement faster
uprobes. It's not supposed to be called by userspace, but only by kernel
generated uprobe code.

It should be fine to allow this, as the kernel authenticates the
invocation itself, and we shouldn't break compat with things.

Note that this allowlisting is not sufficient to make ureprobe() work.
libseccomp must be tought the syscall too, but this can happen
independently.

Fixes: #34615
---

diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index b251e396727..bd1bd5c0e3f 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -382,6 +382,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "sigreturn\0"
                 "time\0"
                 "ugetrlimit\0"
+                "uretprobe\0"
         },
         [SYSCALL_FILTER_SET_AIO] = {
                 .name = "@aio",