[tor-commits] [tor/master] Merge remote-tracking branches 'public/ticket24315_029' and 'public/bug24198_029' into maint-0.3.2
nickm at torproject.org
nickm at torproject.org
Mon Nov 20 18:22:16 UTC 2017
commit 846df5b3cdd94ca57777c3e1cbdd81a25e9b5154
Merge: e0f7a2dbd 80bf27040 7461cd306
Author: Nick Mathewson <nickm at torproject.org>
Date: Mon Nov 20 13:20:25 2017 -0500
Merge remote-tracking branches 'public/ticket24315_029' and 'public/bug24198_029' into maint-0.3.2
changes/bug24198 | 4 +++
changes/ticket24315 | 3 ++
configure.ac | 2 ++
src/common/sandbox.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++---
4 files changed, 90 insertions(+), 5 deletions(-)
diff --cc src/common/sandbox.c
index 7a4e3ece3,d0ead2cae,0b862a549..0fd129d22
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@@@ -394,8 -425,54 -419,8 +400,54 @@@@ sb_mmap2(scmp_filter_ctx ctx, sandbox_c
return 0;
}
- #endif
++#endif /* defined(__NR_mmap2) */
+
+ +#ifdef HAVE_GNU_LIBC_VERSION_H
+ +#ifdef HAVE_GNU_GET_LIBC_VERSION
+ +#define CHECK_LIBC_VERSION
+ +#endif
+ #endif
+
+ +/* Return true if we think we're running with a libc that always uses
+ + * openat on linux. */
+ +static int
+ +libc_uses_openat_for_everything(void)
+ +{
+ +#ifdef CHECK_LIBC_VERSION
+ + const char *version = gnu_get_libc_version();
+ + if (version == NULL)
+ + return 0;
+ +
+ + int major = -1;
+ + int minor = -1;
+ +
+ + tor_sscanf(version, "%d.%d", &major, &minor);
+ + if (major >= 3)
+ + return 1;
+ + else if (major == 2 && minor >= 26)
+ + return 1;
+ + else
+ + return 0;
+ +#else
+ + return 0;
+ +#endif
+ +}
+ +
+ +/** Allow a single file to be opened. If <b>use_openat</b> is true,
+ + * we're using a libc that remaps all the opens into openats. */
+ +static int
+ +allow_file_open(scmp_filter_ctx ctx, int use_openat, const char *file)
+ +{
+ + if (use_openat) {
+ + return seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat),
+ + SCMP_CMP_STR(0, SCMP_CMP_EQ, AT_FDCWD),
+ + SCMP_CMP_STR(1, SCMP_CMP_EQ, file));
+ + } else {
+ + return seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open),
+ + SCMP_CMP_STR(0, SCMP_CMP_EQ, file));
+ + }
+ +}
+ +
/**
* Function responsible for setting up the open syscall for
* the seccomp filter sandbox.
@@@@ -1051,8 -1110,8 -1048,21 +1113,21 @@@@ sb_stat64(scmp_filter_ctx ctx, sandbox_
return 0;
}
-#endif
++#endif /* defined(__NR_stat64) */
+
++ static int
++ sb_kill(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
++ {
++ (void) filter;
++ #ifdef __NR_kill
++ /* Allow killing anything with signal 0 -- it isn't really a kill. */
++ return seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(kill),
++ SCMP_CMP(1, SCMP_CMP_EQ, 0));
++ #else
++ return 0;
+ #endif
++ }
+
/**
* Array of function pointers responsible for filtering different syscalls at
* a parameter level.
@@@@ -1088,11 -1150,7 -1101,8 +1163,11 @@@@ static sandbox_filter_func_t filter_fun
sb_socket,
sb_setsockopt,
sb_getsockopt,
- sb_socketpair
+ sb_socketpair,
-
++#ifdef HAVE_KIST_SUPPORT
++ sb_ioctl,
++#endif
++ sb_kill
};
const char *
More information about the tor-commits
mailing list