diff options
author | Colin Watson <cjwatson@debian.org> | 2012-05-26 01:44:40 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2012-05-26 01:44:40 +0100 |
commit | 15784261dfaece73ef53f5beb5d3917a95dc1ae4 (patch) | |
tree | c39ee6c8ff10efca0e0060d6db07780667832eeb /configure.ac | |
parent | 9fce61538243d8d04d6cf174e118df6c4ece351d (diff) |
Add a sandbox fallback mechanism, so that behaviour on Linux depends on
whether the running system's kernel has seccomp_filter support, not the
build system's kernel (forwarded upstream as
https://bugzilla.mindrot.org/show_bug.cgi?id=2011).
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 47 |
1 files changed, 17 insertions, 30 deletions
diff --git a/configure.ac b/configure.ac index 14d1d196b..dbbd6e857 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -126,25 +126,6 @@ AC_CHECK_DECL([SECCOMP_MODE_FILTER], [have_seccomp_filter=1], , [ | |||
126 | #include <linux/seccomp.h> | 126 | #include <linux/seccomp.h> |
127 | ]) | 127 | ]) |
128 | fi | 128 | fi |
129 | if test "x$have_seccomp_filter" = "x1" ; then | ||
130 | AC_MSG_CHECKING([kernel for seccomp_filter support]) | ||
131 | AC_RUN_IFELSE([AC_LANG_PROGRAM([[ | ||
132 | #include <errno.h> | ||
133 | #include <linux/seccomp.h> | ||
134 | #include <stdlib.h> | ||
135 | #include <sys/prctl.h> | ||
136 | ]], | ||
137 | [[ errno = 0; | ||
138 | prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0); | ||
139 | exit(errno == EFAULT ? 0 : 1); ]])], | ||
140 | [ AC_MSG_RESULT([yes]) ], [ | ||
141 | AC_MSG_RESULT([no]) | ||
142 | # Disable seccomp filter as a target | ||
143 | have_seccomp_filter=0 | ||
144 | ], | ||
145 | [ AC_MSG_RESULT([cross-compiling, assuming yes]) ] | ||
146 | ) | ||
147 | fi | ||
148 | 129 | ||
149 | use_stack_protector=1 | 130 | use_stack_protector=1 |
150 | AC_ARG_WITH([stackprotect], | 131 | AC_ARG_WITH([stackprotect], |
@@ -2599,21 +2580,24 @@ AC_ARG_WITH([sandbox], | |||
2599 | fi | 2580 | fi |
2600 | ] | 2581 | ] |
2601 | ) | 2582 | ) |
2583 | SANDBOX_STYLE="" | ||
2602 | if test "x$sandbox_arg" = "xsystrace" || \ | 2584 | if test "x$sandbox_arg" = "xsystrace" || \ |
2603 | ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then | 2585 | ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then |
2604 | test "x$have_systr_policy_kill" != "x1" && \ | 2586 | test "x$have_systr_policy_kill" != "x1" && \ |
2605 | AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) | 2587 | AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) |
2606 | SANDBOX_STYLE="systrace" | 2588 | SANDBOX_STYLE="$SANDBOX_STYLE systrace" |
2607 | AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)]) | 2589 | AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)]) |
2608 | elif test "x$sandbox_arg" = "xdarwin" || \ | 2590 | fi |
2591 | if test "x$sandbox_arg" = "xdarwin" || \ | ||
2609 | ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ | 2592 | ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ |
2610 | test "x$ac_cv_header_sandbox_h" = "xyes") ; then | 2593 | test "x$ac_cv_header_sandbox_h" = "xyes") ; then |
2611 | test "x$ac_cv_func_sandbox_init" != "xyes" -o \ | 2594 | test "x$ac_cv_func_sandbox_init" != "xyes" -o \ |
2612 | "x$ac_cv_header_sandbox_h" != "xyes" && \ | 2595 | "x$ac_cv_header_sandbox_h" != "xyes" && \ |
2613 | AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function]) | 2596 | AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function]) |
2614 | SANDBOX_STYLE="darwin" | 2597 | SANDBOX_STYLE="$SANDBOX_STYLE darwin" |
2615 | AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)]) | 2598 | AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)]) |
2616 | elif test "x$sandbox_arg" = "xseccomp_filter" || \ | 2599 | fi |
2600 | if test "x$sandbox_arg" = "xseccomp_filter" || \ | ||
2617 | ( test -z "$sandbox_arg" && \ | 2601 | ( test -z "$sandbox_arg" && \ |
2618 | test "x$have_seccomp_filter" = "x1" && \ | 2602 | test "x$have_seccomp_filter" = "x1" && \ |
2619 | test "x$ac_cv_header_linux_audit_h" = "xyes" && \ | 2603 | test "x$ac_cv_header_linux_audit_h" = "xyes" && \ |
@@ -2628,21 +2612,24 @@ elif test "x$sandbox_arg" = "xseccomp_filter" || \ | |||
2628 | AC_MSG_ERROR([seccomp_filter sandbox requires seccomp headers]) | 2612 | AC_MSG_ERROR([seccomp_filter sandbox requires seccomp headers]) |
2629 | test "x$ac_cv_func_prctl" != "xyes" && \ | 2613 | test "x$ac_cv_func_prctl" != "xyes" && \ |
2630 | AC_MSG_ERROR([seccomp_filter sandbox requires prctl function]) | 2614 | AC_MSG_ERROR([seccomp_filter sandbox requires prctl function]) |
2631 | SANDBOX_STYLE="seccomp_filter" | 2615 | SANDBOX_STYLE="$SANDBOX_STYLE seccomp_filter" |
2632 | AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) | 2616 | AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) |
2633 | elif test "x$sandbox_arg" = "xrlimit" || \ | 2617 | fi |
2618 | if test "x$sandbox_arg" = "xrlimit" || \ | ||
2634 | ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then | 2619 | ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then |
2635 | test "x$ac_cv_func_setrlimit" != "xyes" && \ | 2620 | test "x$ac_cv_func_setrlimit" != "xyes" && \ |
2636 | AC_MSG_ERROR([rlimit sandbox requires setrlimit function]) | 2621 | AC_MSG_ERROR([rlimit sandbox requires setrlimit function]) |
2637 | SANDBOX_STYLE="rlimit" | 2622 | SANDBOX_STYLE="$SANDBOX_STYLE rlimit" |
2638 | AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) | 2623 | AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) |
2639 | elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ | 2624 | fi |
2625 | if test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ | ||
2640 | test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then | 2626 | test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then |
2641 | SANDBOX_STYLE="none" | 2627 | SANDBOX_STYLE="$SANDBOX_STYLE none" |
2642 | AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing]) | 2628 | fi |
2643 | else | 2629 | if test -z "$SANDBOX_STYLE" ; then |
2644 | AC_MSG_ERROR([unsupported --with-sandbox]) | 2630 | AC_MSG_ERROR([unsupported --with-sandbox]) |
2645 | fi | 2631 | fi |
2632 | SANDBOX_STYLE="${SANDBOX_STYLE# }" | ||
2646 | 2633 | ||
2647 | # Cheap hack to ensure NEWS-OS libraries are arranged right. | 2634 | # Cheap hack to ensure NEWS-OS libraries are arranged right. |
2648 | if test ! -z "$SONY" ; then | 2635 | if test ! -z "$SONY" ; then |