[tor-bugs] #33346 [Core Tor/Tor]: Seccomp soft fail (no write) in 0.4.2.6

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Feb 16 00:49:53 UTC 2020 

#33346: Seccomp soft fail (no write) in 0.4.2.6
-----------------------------+------------------------------
 Reporter:  subjectfrosting  |          Owner:  (none)
     Type:  defect           |         Status:  new
 Priority:  Medium           |      Component:  Core Tor/Tor
  Version:  0.4.2.6          |       Severity:  Normal
 Keywords:                   |  Actual Points:
Parent ID:                   |         Points:
 Reviewer:                   |        Sponsor:
-----------------------------+------------------------------
 I've upgraded to 0.4.2.6 (as a good software user, but also because I
 noticed the seccomp changes).

 Tor successfully starts with seccomp, but 'soft fails' because it can't
 write to its data directory (here: /var/lib/tor/data). Tor has permissions
 to write to this directory - fine with Sandbox 0.

 Log:

 {{{
 # cat /var/log/tor/log
 Feb 16 00:46:56.000 [notice] Tor 0.4.2.6 opening new log file.
 Feb 16 00:46:56.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
 Feb 16 00:46:57.000 [notice] Parsing GEOIP IPv6 file
 /usr/share/tor/geoip6.
 Feb 16 00:46:57.000 [notice] Bootstrapped 0% (starting): Starting
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 certs": Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 consensus" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/unverified-
 consensus" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 microdesc-consensus" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/unverified-
 microdesc-consensus" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 microdescs" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 microdescs.new": Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 descriptors" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [warn] Could not open "/var/lib/tor/data/cached-
 extrainfo" for mmap(): Operation not permitted
 Feb 16 00:46:57.000 [notice] Starting with guard context "default"
 Feb 16 00:46:58.000 [warn] Couldn't open "/var/lib/tor/data/state.tmp"
 (/var/lib/tor/data/state) for writing: Operation not permitted
 Feb 16 00:46:58.000 [warn] Unable to write state to file
 "/var/lib/tor/data/state"; will try again later
 Feb 16 00:46:58.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
 Feb 16 00:46:58.000 [notice] Bootstrapped 10% (conn_done): Connected to a
 relay
 Feb 16 00:46:58.000 [notice] Bootstrapped 14% (handshake): Handshaking
 with a relay
 Feb 16 00:46:58.000 [notice] Bootstrapped 15% (handshake_done): Handshake
 with a relay done
 Feb 16 00:46:58.000 [notice] Bootstrapped 20% (onehop_create):
 Establishing an encrypted directory connection
 Feb 16 00:46:58.000 [notice] Bootstrapped 25% (requesting_status): Asking
 for networkstatus consensus
 Feb 16 00:46:58.000 [notice] Bootstrapped 30% (loading_status): Loading
 networkstatus consensus
 Feb 16 00:46:59.000 [warn] Couldn't open "/var/lib/tor/data/unverified-
 microdesc-consensus.tmp" (/var/lib/tor/data/unverified-microdesc-
 consensus) for writing: Operation not permitted
 Feb 16 00:46:59.000 [notice] I learned some more directory information,
 but not enough to build a circuit: We have no usable consensus.
 Feb 16 00:46:59.000 [notice] Bootstrapped 40% (loading_keys): Loading
 authority key certs
 Feb 16 00:46:59.000 [warn] Couldn't open "/var/lib/tor/data/cached-
 certs.tmp" (/var/lib/tor/data/cached-certs) for writing: Operation not
 permitted
 Feb 16 00:46:59.000 [warn] Error writing certificates to disk.
 Feb 16 00:46:59.000 [warn] Could not open "/var/lib/tor/data/unverified-
 microdesc-consensus" for mmap(): Operation not permitted
 Feb 16 00:46:59.000 [notice] I learned some more directory information,
 but not enough to build a circuit: We have no usable consensus.

 }}}
 ==== Appendix ====
 ===== Environment =====
 {{{
 Tor: 0.4.2.6
 OS: Gentoo arm64
 Hardware: Raspberry Pi 4
 Kernel: 4.19.102-v8+ (RPi base)

 }}}
 ===== Other info =====
 When running 0.4.2.5, I experienced a crash with seccomp (possibly related
 to #27315)?

 {{{
 # tor
 Feb 16 00:37:42.963 [notice] Tor 0.4.2.5 running on Linux with Libevent
 2.1.8-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
 Feb 16 00:37:42.963 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Feb 16 00:37:42.963 [notice] Read configuration file "/etc/tor/torrc".
 Feb 16 00:37:42.966 [notice] Opening Socks listener on 127.0.0.1:9050
 Feb 16 00:37:42.966 [notice] Opened Socks listener on 127.0.0.1:9050

 ============================================================ T= 1581813463
 (Sandbox) Caught a bad syscall attempt (syscall unlinkat)
 tor(+0x1cd714)[0x5571820714]
 linux-vdso.so.1(__kernel_rt_sigreturn+0x0)[0x7f8bde0658]
 /lib64/libc.so.6(unlink+0x30)[0x7f8b8058d8]
 tor(run_tor_main_loop+0x74)[0x55716ae874]
 tor(tor_run_main+0x11c)[0x55716aead4]
 tor(tor_main+0x50)[0x55716ad458]
 tor(main+0x24)[0x55716acf74]
 /lib64/libc.so.6(__libc_start_main+0xe4)[0x7f8b758cac]
 tor(+0x59fd0)[0x55716acfd0]
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33346>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list