From 12cdb2be46e25e1ab99df18324b787ad8749dff7 Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Sat, 12 Dec 2020 22:12:54 +0000
Subject: [PATCH] privsep: Fix Linux i386 for SECCOMP as it just uses
 socketcall

Rather than accept(2), recv(2), etc..... which is horrible!

Thanks to Steve Hirsch <stevehirsch49@msn.com> for testing.

Upstream-Status: Backport
[https://roy.marples.name/cgit/dhcpcd.git/commit/?id=12cdb2be46e25e1ab99df18324b787ad8749dff7]

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 src/privsep-linux.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/privsep-linux.c b/src/privsep-linux.c
index 050a30cf..d31d720d 100644
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -34,6 +34,7 @@
 
 #include <linux/audit.h>
 #include <linux/filter.h>
+#include <linux/net.h>
 #include <linux/seccomp.h>
 #include <linux/sockios.h>
 
@@ -311,6 +312,23 @@ static struct sock_filter ps_seccomp_filter[] = {
 #ifdef __NR_sendto
 	SECCOMP_ALLOW(__NR_sendto),
 #endif
+#ifdef __NR_socketcall
+	/* i386 needs this and demonstrates why SECCOMP
+	 * is poor compared to OpenBSD pledge(2) and FreeBSD capsicum(4)
+	 * as this is soooo tied to the kernel API which changes per arch
+	 * and likely libc as well. */
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT4),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_LISTEN),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT),	/* overflow */
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECV),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVFROM),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVMSG),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SEND),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDMSG),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDTO),
+	SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN),
+#endif
 #ifdef __NR_shutdown
 	SECCOMP_ALLOW(__NR_shutdown),
 #endif
-- 
2.25.1