Package: alsa-utils Version: 1.1.8-2 Severity: wishlist File: /lib/systemd/system/alsa-state.service Tags: patch
alsa-state.service tells alsactl to lower its own priority. This can be done "natively" in systemd. This allows us to use seccomp-bpf to completely block access to those syscalls within alsa-state's slice. -ExecStart=-@sbindir@/alsactl -E HOME=@alsactlhome@ -s -n 19 -c rdaemon +ExecStart=-@sbindir@/alsactl -E HOME=@alsactlhome@ -s rdaemon +Nice=19 +CPUSchedulingPolicy=idle +IOSchedulingClass=idle This will make the ExecStop also run "niced", which I think is fine. If you disagree, I *think* you can use a "+" like this: -ExecStop=-@sbindir@/alsactl -E HOME=@alsactlhome@ -s kill save_and_quit +ExecStop=-+@sbindir@/alsactl -E HOME=@alsactlhome@ -s kill save_and_quit Doing this allows a tight seccomp BPF, because the nice/ionice system calls happen in systemd PID 1, before the seccomp BPF loads. +CapabilityBoundingSet= +SystemCallFilter=@system-service +SystemCallFilter=~@privileged @resources PS: While stdout/stderr of systemd units ends up in syslog by default, the "-s" option SHOULD be kept, because alsactl/utils.c includes log priorities (LOG_ERR &c) in syslog, but not in stdout. -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages alsa-utils depends on: ii kmod 26-1 ii libasound2 1.1.8-1 ii libc6 2.28-10 ii libfftw3-single3 3.3.8-2 ii libncursesw6 6.1+20181013-2 ii libsamplerate0 0.1.9-2 ii libtinfo6 6.1+20181013-2 ii lsb-base 10.2019051400 ii whiptail 0.52.20-8 alsa-utils recommends no packages. alsa-utils suggests no packages. -- no debconf information
