This is an automated email from the git hooks/post-receive script.
dgoulet pushed a change to branch main in repository tor.
from 84fc754204 version: Bump version to 0.4.7.5-alpha-dev new de3872656a Sandbox: Permit the clone3 system call new b882b8d5d4 Merge branch 'tor-gitlab/mr/556' into maint-0.4.5 new d14af825ce Merge branch 'maint-0.4.5' into maint-0.4.6 new 62fb184979 Merge branch 'maint-0.4.6'
The 4 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
Summary of changes: changes/clone3-sandbox | 3 +++ src/lib/sandbox/sandbox.c | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 changes/clone3-sandbox
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit de3872656a8d3a79ca3d5fc55f1b64c4862b4c8a Author: Nick Mathewson nickm@torproject.org AuthorDate: Sun Mar 27 18:34:25 2022 -0400
Sandbox: Permit the clone3 system call
Apparently glibc-2.34 uses clone3, when previously it just used clone.
Closes ticket #40590. --- changes/clone3-sandbox | 3 +++ src/lib/sandbox/sandbox.c | 3 +++ 2 files changed, 6 insertions(+)
diff --git a/changes/clone3-sandbox b/changes/clone3-sandbox new file mode 100644 index 0000000000..dac8fe72da --- /dev/null +++ b/changes/clone3-sandbox @@ -0,0 +1,3 @@ + o Minor features (linux seccomp2 sandbox): + - Permit the clone3 syscall, which is apparently used in glibc-2.34 and + later. Closes ticket 40590. diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c index 8f577b0660..df676fad2f 100644 --- a/src/lib/sandbox/sandbox.c +++ b/src/lib/sandbox/sandbox.c @@ -144,6 +144,9 @@ static int filter_nopar_gen[] = { SCMP_SYS(clock_gettime), SCMP_SYS(close), SCMP_SYS(clone), +#ifdef __NR_clone3 + SCMP_SYS(clone3), +#endif SCMP_SYS(epoll_create), SCMP_SYS(epoll_wait), #ifdef __NR_epoll_pwait
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit b882b8d5d4b6c76e41fdf316b58fc26330ec7198 Merge: 3dee8a597f de3872656a Author: David Goulet dgoulet@torproject.org AuthorDate: Mon Mar 28 09:44:31 2022 -0400
Merge branch 'tor-gitlab/mr/556' into maint-0.4.5
changes/clone3-sandbox | 3 +++ src/lib/sandbox/sandbox.c | 3 +++ 2 files changed, 6 insertions(+)
diff --cc src/lib/sandbox/sandbox.c index fc90dbe062,df676fad2f..e6e556eb59 --- a/src/lib/sandbox/sandbox.c +++ b/src/lib/sandbox/sandbox.c @@@ -151,7 -144,9 +151,10 @@@ static int filter_nopar_gen[] = SCMP_SYS(clock_gettime), SCMP_SYS(close), SCMP_SYS(clone), + SCMP_SYS(dup), + #ifdef __NR_clone3 + SCMP_SYS(clone3), + #endif SCMP_SYS(epoll_create), SCMP_SYS(epoll_wait), #ifdef __NR_epoll_pwait
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit d14af825ce9b2dbacdc11aa73340458bfef5b190 Merge: 4e6e2aa05d b882b8d5d4 Author: David Goulet dgoulet@torproject.org AuthorDate: Mon Mar 28 09:45:16 2022 -0400
Merge branch 'maint-0.4.5' into maint-0.4.6
changes/clone3-sandbox | 3 +++ src/lib/sandbox/sandbox.c | 3 +++ 2 files changed, 6 insertions(+)
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit 62fb18497944382219adac9052f9668fdcb1894d Merge: 84fc754204 d14af825ce Author: David Goulet dgoulet@torproject.org AuthorDate: Mon Mar 28 09:45:16 2022 -0400
Merge branch 'maint-0.4.6'
changes/clone3-sandbox | 3 +++ src/lib/sandbox/sandbox.c | 3 +++ 2 files changed, 6 insertions(+)
tor-commits@lists.torproject.org
-
gitolite role