From 044ba1cb90cd9947141f87225a02a3cfd7e868f8 Mon Sep 17 00:00:00 2001
From: Wiktor Garbacz <wiktorg@google.com>
Date: Thu, 1 Feb 2024 04:38:24 -0800
Subject: [PATCH] Return ENOSYS instead of hard denying clone3

It's currently not possible to properly inspect arguments of clone3 via seccomp.
As userspace (notably glibc) started using clone3, other sandbox solutions (e.g. in Firefox and Chrome) switched to returning ENOSYS for that syscall, which usually will result in libraries falling back to clone/clone2.

PiperOrigin-RevId: 603332131
Change-Id: If2483f6f42eca46e1c8958ef17ca3c02fa82b658
---
 sandboxed_api/sandbox2/policy.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sandboxed_api/sandbox2/policy.cc b/sandboxed_api/sandbox2/policy.cc
index 6a4b2f4..721abcf 100644
--- a/sandboxed_api/sandbox2/policy.cc
+++ b/sandboxed_api/sandbox2/policy.cc
@@ -183,8 +183,9 @@ std::vector<sock_filter> Policy::GetDefaultPolicy(bool user_notif) const {
   policy.insert(policy.end(),
                 {
 #ifdef __NR_clone3
-                    // Disallow clone3
-                    JEQ32(__NR_clone3, DENY),
+                    // Disallow clone3. Errno instead of DENY so that libraries
+                    // can fallback to regular clone/clone2.
+                    JEQ32(__NR_clone3, ERRNO(ENOSYS)),
 #endif
                     // Disallow clone3 and clone with unsafe flags.  This uses
                     // LOAD_SYSCALL_NR from above.