From 1e4cf06f696d5558d456f321bd53b3c23a33df11 Mon Sep 17 00:00:00 2001
From: Wiktor Garbacz <wiktorg@google.com>
Date: Sun, 3 Jul 2022 11:20:00 -0700
Subject: [PATCH] Block installing user notify inside Sandbox2

PiperOrigin-RevId: 458781163
Change-Id: Ifcaf940d8a70a9a4ab5b24aefdaaae622cfce4f3
---
 sandboxed_api/sandbox2/policy.cc | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sandboxed_api/sandbox2/policy.cc b/sandboxed_api/sandbox2/policy.cc
index ac37db4..d8bcc35 100644
--- a/sandboxed_api/sandbox2/policy.cc
+++ b/sandboxed_api/sandbox2/policy.cc
@@ -34,6 +34,10 @@
 #include "sandboxed_api/sandbox2/syscall.h"
 #include "sandboxed_api/sandbox2/util/bpf_helper.h"
 
+#ifndef SECCOMP_FILTER_FLAG_NEW_LISTENER
+#define SECCOMP_FILTER_FLAG_NEW_LISTENER (1UL << 3)
+#endif
+
 using std::string;
 
 ABSL_FLAG(bool, sandbox2_danger_danger_permit_all, false,
@@ -131,6 +135,15 @@ std::vector<sock_filter> Policy::GetDefaultPolicy() const {
                     ARG_32(0),
                     JA32(CLONE_UNTRACED, DENY),
                     LABEL(&l, past_clone_untraced_l),
+                    // Disallow seccomp with SECCOMP_FILTER_FLAG_NEW_LISTENER
+                    // flag.
+                    LOAD_SYSCALL_NR,
+                    JNE32(__NR_seccomp, JUMP(&l, past_seccomp_new_listener)),
+                    // Regardless of arch, we only care about the lower 32-bits
+                    // of the flags.
+                    ARG_32(1),
+                    JA32(SECCOMP_FILTER_FLAG_NEW_LISTENER, DENY),
+                    LABEL(&l, past_seccomp_new_listener),
                 });
 
   if (bpf_resolve_jumps(&l, policy.data(), policy.size()) != 0) {