commit 846df5b3cdd94ca57777c3e1cbdd81a25e9b5154 Merge: e0f7a2dbd 80bf27040 7461cd306 Author: Nick Mathewson nickm@torproject.org Date: Mon Nov 20 13:20:25 2017 -0500

Merge remote-tracking branches 'public/ticket24315_029' and 'public/bug24198_029' into maint-0.3.2

changes/bug24198 | 4 +++ changes/ticket24315 | 3 ++ configure.ac | 2 ++ src/common/sandbox.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 90 insertions(+), 5 deletions(-)

diff --cc src/common/sandbox.c index 7a4e3ece3,d0ead2cae,0b862a549..0fd129d22 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@@@ -394,8 -425,54 -419,8 +400,54 @@@@ sb_mmap2(scmp_filter_ctx ctx, sandbox_c

return 0; } - #endif ++#endif /* defined(__NR_mmap2) */ + + +#ifdef HAVE_GNU_LIBC_VERSION_H + +#ifdef HAVE_GNU_GET_LIBC_VERSION + +#define CHECK_LIBC_VERSION + +#endif + #endif + + +/* Return true if we think we're running with a libc that always uses + + * openat on linux. */ + +static int + +libc_uses_openat_for_everything(void) + +{ + +#ifdef CHECK_LIBC_VERSION + + const char *version = gnu_get_libc_version(); + + if (version == NULL) + + return 0; + + + + int major = -1; + + int minor = -1; + + + + tor_sscanf(version, "%d.%d", &major, &minor); + + if (major >= 3) + + return 1; + + else if (major == 2 && minor >= 26) + + return 1; + + else + + return 0; + +#else + + return 0; + +#endif + +} + + + +/** Allow a single file to be opened. If <b>use_openat</b> is true, + + * we're using a libc that remaps all the opens into openats. */ + +static int + +allow_file_open(scmp_filter_ctx ctx, int use_openat, const char *file) + +{ + + if (use_openat) { + + return seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), + + SCMP_CMP_STR(0, SCMP_CMP_EQ, AT_FDCWD), + + SCMP_CMP_STR(1, SCMP_CMP_EQ, file)); + + } else { + + return seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), + + SCMP_CMP_STR(0, SCMP_CMP_EQ, file)); + + } + +} + + /** * Function responsible for setting up the open syscall for * the seccomp filter sandbox. @@@@ -1051,8 -1110,8 -1048,21 +1113,21 @@@@ sb_stat64(scmp_filter_ctx ctx, sandbox_

return 0; } -#endif ++#endif /* defined(__NR_stat64) */ + ++ static int ++ sb_kill(scmp_filter_ctx ctx, sandbox_cfg_t *filter) ++ { ++ (void) filter; ++ #ifdef __NR_kill ++ /* Allow killing anything with signal 0 -- it isn't really a kill. */ ++ return seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(kill), ++ SCMP_CMP(1, SCMP_CMP_EQ, 0)); ++ #else ++ return 0; + #endif ++ } + /** * Array of function pointers responsible for filtering different syscalls at * a parameter level. @@@@ -1088,11 -1150,7 -1101,8 +1163,11 @@@@ static sandbox_filter_func_t filter_fun sb_socket, sb_setsockopt, sb_getsockopt, - sb_socketpair + sb_socketpair, - ++#ifdef HAVE_KIST_SUPPORT ++ sb_ioctl, ++#endif ++ sb_kill };

const char *