commit 89b39db003922f5b05f9e4e2fc7658b225a2f70a Author: Cristian Toader cristian.matei.toader@gmail.com Date: Fri Aug 9 19:07:20 2013 +0300
updated filters to work with orport --- src/common/crypto.c | 3 ++- src/common/sandbox.c | 16 +++++++++++++++- src/or/cpuworker.c | 2 -- src/or/main.c | 19 ++++++++++++++++++- 4 files changed, 35 insertions(+), 5 deletions(-)
diff --git a/src/common/crypto.c b/src/common/crypto.c index e60172b..71d5166 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -56,6 +56,7 @@ #include "../common/util.h" #include "container.h" #include "compat.h" +#include "sandbox.h"
#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,8) #error "We require OpenSSL >= 0.9.8" @@ -2349,7 +2350,7 @@ crypto_strongest_rand(uint8_t *out, size_t out_len) return 0; #else for (i = 0; filenames[i]; ++i) { - fd = open(filenames[i], O_RDONLY, 0); + fd = open(sandbox_intern_string(filenames[i]), O_RDONLY, 0); if (fd<0) continue; log_info(LD_CRYPTO, "Reading entropy from "%s"", filenames[i]); n = read_all(fd, (char*)out, out_len, 0); diff --git a/src/common/sandbox.c b/src/common/sandbox.c index 1f15674..2ba1432 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -104,6 +104,8 @@ static int filter_nopar_gen[] = { SCMP_SYS(exit_group), SCMP_SYS(exit),
+ SCMP_SYS(madvise), + // Not needed.. // SCMP_SYS(set_thread_area), // SCMP_SYS(set_tid_address), @@ -195,6 +197,13 @@ sb_mmap2(scmp_filter_ctx ctx, sandbox_cfg_t *filter) }
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap2), 2, + SCMP_CMP(2, SCMP_CMP_EQ, PROT_NONE), + SCMP_CMP(3, SCMP_CMP_EQ, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE)); + if (rc) { + return rc; + } + + rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap2), 2, SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ|PROT_WRITE), SCMP_CMP(3, SCMP_CMP_EQ, MAP_PRIVATE|MAP_ANONYMOUS)); if (rc) { @@ -431,6 +440,11 @@ sb_mprotect(scmp_filter_ctx ctx, sandbox_cfg_t *filter) return rc;
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 1, + SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ|PROT_WRITE)); + if (rc) + return rc; + + rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 1, SCMP_CMP(2, SCMP_CMP_EQ, PROT_NONE)); if (rc) return rc; @@ -675,7 +689,7 @@ add_param_filter(scmp_filter_ctx ctx, sandbox_cfg_t* cfg) static int add_noparam_filter(scmp_filter_ctx ctx) { - int i, filter_size, rc = 0; + int i, rc = 0;
// add general filters for (i = 0; i < ARRAY_LENGTH(filter_nopar_gen); i++) { diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index 245f67e..61f9faa 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -571,8 +571,6 @@ spawn_enough_cpuworkers(void) if (num_cpuworkers_needed > MAX_CPUWORKERS) num_cpuworkers_needed = MAX_CPUWORKERS;
- getchar(); - while (num_cpuworkers < num_cpuworkers_needed) { if (spawn_cpuworker() < 0) { log_warn(LD_GENERAL,"Cpuworker spawn failed. Will try again later."); diff --git a/src/or/main.c b/src/or/main.c index 5b6b778..36acde4 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -2665,9 +2665,16 @@ sandbox_init_filter() get_datadir_fname("cached-microdescs.new.tmp")); sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("unverified-microdesc-consensus")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-descriptors")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-descriptors")); sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-descriptors.new")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-descriptors.tmp")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-descriptors.new.tmp")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-descriptors.tmp.tmp")); sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-extrainfo")); sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("state.tmp")); sandbox_cfg_allow_open_filename(&cfg, @@ -2683,6 +2690,8 @@ sandbox_init_filter() sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname2("keys", "secret_onion_key_ntor")); sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname2("keys", "secret_onion_key_ntor.tmp")); + sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname2("keys", "secret_id_key.old")); sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname2("keys", "secret_onion_key.old")); @@ -2692,8 +2701,16 @@ sandbox_init_filter() get_datadir_fname2("keys", "secret_onion_key.tmp"));
sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("fingerprint")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-consensus.tmp")); + sandbox_cfg_allow_open_filename(&cfg, + get_datadir_fname("cached-consensus"));
sandbox_cfg_allow_open_filename(&cfg, "/etc/resolv.conf"); + sandbox_cfg_allow_open_filename(&cfg, "/dev/srandom"); + sandbox_cfg_allow_open_filename(&cfg, "/dev/urandom"); + sandbox_cfg_allow_open_filename(&cfg, "/dev/random"); + }
sandbox_cfg_allow_execve(&cfg, "/usr/local/bin/tor");