From a8b154a637b586441bad42259a8a9b9619cd117c Mon Sep 17 00:00:00 2001
From: James Cowgill <james.cowgill@mips.com>
Date: Mon, 6 Nov 2017 18:03:51 +0000
Subject: linux-user: return EINVAL from prctl(PR_*_SECCOMP)

If an application tries to install a seccomp filter using
prctl(PR_SET_SECCOMP), the filter is likely for the target instead of the host
architecture. This will probably cause qemu to be immediately killed when it
executes another syscall.

Prevent this from happening by returning EINVAL from both seccomp prctl
calls. This is the error returned by the kernel when seccomp support is
disabled.

Fixes: https://bugs.launchpad.net/qemu/+bug/1726394
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: James Cowgill <james.cowgill@mips.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/syscall.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'linux-user')

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 84e123b67b..f31b853bb7 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10505,6 +10505,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
             break;
         }
 #endif
+        case PR_GET_SECCOMP:
+        case PR_SET_SECCOMP:
+            /* Disable seccomp to prevent the target disabling syscalls we
+             * need. */
+            ret = -TARGET_EINVAL;
+            break;
         default:
             /* Most prctl options have no pointer arguments */
             ret = get_errno(prctl(arg1, arg2, arg3, arg4, arg5));
-- 
cgit v1.2.3