seccomp: default to something resembling the current personality when locking it

Let's lock the personality to the currently set one, if nothing is
specifically specified. But do so with a grain of salt, and never
default to any exotic personality here, but only PER_LINUX or
PER_LINUX32.

2 files changed, 21 insertions, 0 deletions

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 3f9b1a256..4dcb93f2d 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -913,6 +913,25 @@ const char* personality_to_string(unsigned long p) {
         return architecture_to_string(architecture);
 }
 
+int opinionated_personality(unsigned long *ret) {
+        int current;
+
+        /* Returns the current personality, or PERSONALITY_INVALID if we can't determine it. This function is a bit
+         * opinionated though, and ignores all the finer-grained bits and exotic personalities, only distinguishing the
+         * two most relevant personalities: PER_LINUX and PER_LINUX32. */
+
+        current = personality(PERSONALITY_INVALID);
+        if (current < 0)
+                return -errno;
+
+        if (((unsigned long) current & 0xffff) == PER_LINUX32)
+                *ret = PER_LINUX32;
+        else
+                *ret = PER_LINUX;
+
+        return 0;
+}
+
 void valgrind_summary_hack(void) {
 #ifdef HAVE_VALGRIND_VALGRIND_H
         if (getpid_cached() == 1 && RUNNING_ON_VALGRIND) {
diff --git a/src/basic/process-util.h b/src/basic/process-util.h
index a7bdbffa9..339dc9f59 100644
--- a/src/basic/process-util.h
+++ b/src/basic/process-util.h
@@ -100,6 +100,8 @@ bool oom_score_adjust_is_valid(int oa);
 unsigned long personality_from_string(const char *p);
 const char *personality_to_string(unsigned long);
 
+int opinionated_personality(unsigned long *ret);
+
 int ioprio_class_to_string_alloc(int i, char **s);
 int ioprio_class_from_string(const char *s);