[tor-bugs] #33902 [Applications/Tor Browser]: avc: denied { ioctl } for comm="libTor.so"

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 14 09:47:27 UTC 2020


#33902: avc:  denied  { ioctl } for comm="libTor.so"
------------------------------------------+------------------------
     Reporter:  traumschule               |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:  tbb-mobile
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+------------------------
 This shows up in the log a lot:
 {{{
 659 E audit   : type=1400 audit(1586853418.578:86987): avc:  denied  {
 ioctl } for  pid=31144 comm="libTor.so" path="socket:[4954704]"
 dev="sockfs" ino=4954704 ioctlcmd=894b
 scontext=u:r:untrusted_app:s0:c78,c257,c512,c768
 tcontext=u:r:untrusted_app:s0:c78,c257,c512,c768 tclass=tcp_socket
 permissive=0 SEPF_SM-J610FN_9_0019 audit_filtered
 }}}

 top:
 {{{
 31144 u0_a334      20   0  41M  13M 5.9M S  1.0  1846  21:15.61 libTor.so
 -f /data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc
 __OwningControllerProcess 30950`
 30950 u0_a334      20   0 2.2G 252M  87M S  9.3 36721  66:23.37
 org.torproject.torbrowser_alpha
 }}}

 Possibly related:
 [https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e
 Further restrict socket ioctls available to apps]

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33902>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list