[tor-bugs] #15088 [Tor]: Add the wait4() syscall to the seccomp sandbox
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Mar 1 13:44:08 UTC 2015
#15088: Add the wait4() syscall to the seccomp sandbox
--------------------+-------------------------------
Reporter: sanic | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: 0.2.5.10
Keywords: | Actual Points:
Parent ID: | Points:
--------------------+-------------------------------
Tor version 0.2.5.10 seems to call wait4() upon receiving SIGHUP, and this
violates the seccomp sandbox rules in sandbox.c, crashing the tor process.
Trace from tor's log on debug loglevel, right after {{{/etc/init.d/tor
reload}}}:
{{{
============================================================ T= 1425215692
(Sandbox) Caught a bad syscall attempt (syscall wait4)
/usr/bin/tor(+0x12f4f1)[0x4273cf44f1]
/lib64/libc.so.6(waitpid+0x1a)[0x3423957b1da]
/lib64/libc.so.6(waitpid+0x1a)[0x3423957b1da]
/usr/bin/tor(notify_pending_waitpid_callbacks+0x4a)[0x4273cf42da]
/usr/bin/tor(process_signal+0x4ad)[0x4273bfb96d]
/usr/lib64/libevent-2.0.so.5(event_base_loop+0x99e)[0x3423a111a6e]
/usr/bin/tor(do_main_loop+0x1ad)[0x4273bfa77d]
/usr/bin/tor(tor_main+0x1875)[0x4273bfd755]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x342394e2d55]
/usr/bin/tor(+0x31c49)[0x4273bf6c49]
Mar 01 16:14:52.000 [info] cpuworker_main(): read request failed. Exiting.
}}}
The patch is as simple as adding wait4() to the whitelist:
{{{
diff -Naur tor-0.2.5.10/src/common/sandbox.c
tor-0.2.5.10.new/src/common/sandbox.c
--- tor-0.2.5.10/src/common/sandbox.c
+++ tor-0.2.5.10.new/src/common/sandbox.c
@@ -119,6 +119,7 @@
SCMP_SYS(epoll_wait),
SCMP_SYS(fcntl),
SCMP_SYS(fstat),
+ SCMP_SYS(wait4),
#ifdef __NR_fstat64
SCMP_SYS(fstat64),
#endif
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15088>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list