seccomp: Allow running the target arch

This adds the app target arch to the list of the allowed arches
in seccomp. It also allows the native arch, because otherwise
xdg-app-helper can't run.

This means that if your userspace (i.e. xdg-app-helper) is built in
64bit mode, then 64bit apps can't run 32bit apps. However, if you're
running a 32bit app it is allowed to run both 32bit and 64bit apps.

Not ideal, but at least the common case is safer.

1 files changed, 9 insertions, 0 deletions

diff --git a/app/xdg-app-builtins-build.c b/app/xdg-app-builtins-build.c
index 5042023..95080c2 100644
--- a/app/xdg-app-builtins-build.c
+++ b/app/xdg-app-builtins-build.c
@@ -71,6 +71,7 @@ xdg_app_builtin_build (int argc, char **argv, GCancellable *cancellable, GError
   g_autoptr(XdgAppContext) arg_context = NULL;
   g_autoptr(XdgAppContext) app_context = NULL;
   gboolean custom_usr;
+  g_auto(GStrv) runtime_ref_parts = NULL;
 
   context = g_option_context_new ("DIRECTORY [COMMAND [args...]] - Build in directory");
 
@@ -120,6 +121,10 @@ xdg_app_builtin_build (int argc, char **argv, GCancellable *cancellable, GError
 
   runtime_ref = g_build_filename ("runtime", runtime, NULL);
 
+  runtime_ref_parts = xdg_app_decompose_ref (runtime_ref, error);
+  if (runtime_ref_parts == NULL)
+    return FALSE;
+
   runtime_deploy = xdg_app_find_deploy_for_ref (runtime_ref, cancellable, error);
   if (runtime_deploy == NULL)
     return FALSE;
@@ -148,6 +153,10 @@ xdg_app_builtin_build (int argc, char **argv, GCancellable *cancellable, GError
 
   g_ptr_array_add (argv_array, g_strdup ("-wrc"));
 
+  /* Pass the arch for seccomp */
+  g_ptr_array_add (argv_array, g_strdup ("-A"));
+  g_ptr_array_add (argv_array, g_strdup (runtime_ref_parts[2]));
+
   app_context = xdg_app_context_new ();
   if (!xdg_app_context_load_metadata (app_context, runtime_metakey, error))
     return FALSE;