commit d32f30726e97ee6c151cb45fb008177b68e9d58d Author: Yawning Angel yawning@schwanenlied.me Date: Thu Dec 8 19:23:25 2016 +0000
Add `readlink` to the tor seccomp whitelist.
ASAN calls readlink("/proc/self/exe"), because fuck you. --- src/cmd/gen-seccomp/seccomp_tor.go | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/src/cmd/gen-seccomp/seccomp_tor.go b/src/cmd/gen-seccomp/seccomp_tor.go index 7300b64..26b4b14 100644 --- a/src/cmd/gen-seccomp/seccomp_tor.go +++ b/src/cmd/gen-seccomp/seccomp_tor.go @@ -103,6 +103,8 @@ func compileTorSeccompProfile(fd *os.File, useBridges bool, is386 bool) error { "set_tid_address", "unshare", "rt_sigaction", // Tor filters this but libc does more. + + "readlink", // ASAN needs this. } if is386 { allowedNoArgs386 := []string{