agent: upgrade libseccomp to 0.3.0 to fix GHSA-2r23-gqr7-wr4h

[ls-ggg]

nix < 0.20.2 (Rust) has an out-of-bounds write in getgrouplist when a user belongs to more than 16 groups (GHSA-2r23-gqr7-wr4h). The nix 0.17.0 dependency was pulled in transitively via libseccomp 0.1.3 in agent/rustjail.

Upgrade libseccomp from 0.1.3 to 0.3.0, which dropped the nix dependency entirely in favour of libseccomp-sys FFI. This removes nix 0.17.0 from the dependency tree and resolves the vulnerability.

API changes required in rustjail/src/seccomp.rs for libseccomp 0.2+:

• ScmpArgCompare::new() now takes a single datum (value_two is encoded inside ScmpCompareOp::MaskedEqual); updated get_rule_conditions().
• add_rule() no longer accepts Option<&[ScmpArgCompare]>; replaced with add_rule() for unconditional rules and add_rule_conditional() for conditional ones.
• ScmpAction::Errno now holds i32 instead of u32; cast errno_ret.
• Replaced deprecated get_syscall_from_name() with ScmpSyscall::from_name().
• Replaced deprecated set_no_new_privs_bit() with set_ctl_nnp().
• add_arch() now returns Ok(bool) instead of Ok(()); result ignored.

Fixes: GHSA-2r23-gqr7-wr4h

[ls-ggg]

/cubebot

[github-actions]

Claude finished @ls-ggg's task in 1m 22s —— View job

---

Code Review: libseccomp 0.1.3 → 0.3.0 upgrade

I've reviewed the changes across all 3 modified files. Here's the assessment:

What was done

File	Change
agent/rustjail/Cargo.toml	libseccomp bumped from 0.1.3 to 0.3.0
agent/rustjail/src/seccomp.rs	API migration for libseccomp 0.2+/0.3+
agent/Cargo.lock	Lock file updated, nix 0.17.0 removed

Verification

• nix 0.17.0: Confirmed removed from Cargo.lock — only nix 0.23.x through 0.27.x remain (pulled by other dependencies)
• libseccomp 0.3.0: No longer depends on nix at all; its deps are now just bitflags, libc, libseccomp-sys, and pkg-config

seccomp.rs changes — correctness check

Change	Line(s)	Status
ScmpArgCompare::new() → 3-arg form with MaskedEqual encoding	33-39	Correct — the mask (arg.value_two) is properly embedded in the MaskedEqual variant
get_syscall_from_name() → ScmpSyscall::from_name()	52, 96	Correct — the non-deprecated replacement
set_no_new_privs_bit() → set_ctl_nnp()	82	Correct — the non-deprecated replacement
ScmpAction::Errno(u32) → Errno(i32), as i32 cast	90	Correct — errno_ret cast to match new i32 field
add_rule(3 args) → add_rule(2 args) / add_rule_conditional()	107, 111	Correct — split into unconditional and conditional variants
add_arch() return type change (Ok(bool) vs Ok(()))	78	Correct — ? works either way

One minor observation

In get_rule_conditions() (lines 33-39), the match arm for MaskedEqual uses let _ = mask; to suppress the unused variable warning. A more idiomatic Rust pattern would be to match on the enum variant directly without binding the inner value:

let cond = match ScmpCompareOp::from_str(&arg.op)? {
    ScmpCompareOp::MaskedEqual(_) =>
        ScmpArgCompare::new(arg.index, ScmpCompareOp::MaskedEqual(arg.value_two), arg.value),
    op => ScmpArgCompare::new(arg.index, op, arg.value),
};

This avoids creating a temporary that is immediately dropped. However, the current code is functionally correct — purely a style preference.

Overall

The PR is well-structured and correctly addresses all the API changes between libseccomp 0.1.3 and 0.3.0. The vulnerable nix 0.17.0 transitive dependency is eliminated. No issues found.

---