[tor-commits] [tor/master] Added getter for protected parameter
nickm at torproject.org
nickm at torproject.org
Fri Sep 13 16:31:55 UTC 2013
commit e7e2efb717ecefbf7b6eb92760ff272cca0b6eee
Author: Cristian Toader <cristian.matei.toader at gmail.com>
Date: Thu Jul 18 18:11:47 2013 +0300
Added getter for protected parameter
---
src/common/sandbox.c | 27 ++++++++++++++++++++++++++-
src/common/sandbox.h | 1 +
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 56feae0..f041012 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -16,6 +16,7 @@
#include "sandbox.h"
#include "torlog.h"
#include "orconfig.h"
+#include "torint.h"
#if defined(HAVE_SECCOMP_H) && defined(__linux__)
#define USE_LIBSECCOMP
@@ -149,6 +150,30 @@ static int general_filter[] = {
SCMP_SYS(unlink)
};
+char*
+get_prot_param(char *param)
+{
+ int i, filter_size;
+
+ if (param == NULL)
+ return NULL;
+
+ if (param_filter == NULL) {
+ filter_size = 0;
+ } else {
+ filter_size = sizeof(param_filter) / sizeof(param_filter[0]);
+ }
+
+ for (i = 0; i < filter_size; i++) {
+ if (param_filter[i].prot && !strncmp(param, param_filter[i].param,
+ MAX_PARAM_LEN)) {
+ return param_filter[i].param;
+ }
+ }
+
+ return NULL;
+}
+
static int
add_param_filter(scmp_filter_ctx ctx)
{
@@ -189,7 +214,7 @@ add_param_filter(scmp_filter_ctx ctx)
} // if not protected
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, param_filter[i].syscall, 1,
- param_filter[i].param);
+ SCMP_A0(SCMP_CMP_EQ, (intptr_t) param_filter[i].param));
if (rc != 0) {
log_err(LD_BUG,"(Sandbox) failed to add syscall index %d, "
"received libseccomp error %d", i, rc);
diff --git a/src/common/sandbox.h b/src/common/sandbox.h
index cfbeceb..4752f1a 100644
--- a/src/common/sandbox.h
+++ b/src/common/sandbox.h
@@ -58,6 +58,7 @@ typedef struct {
void sandbox_set_debugging_fd(int fd);
int tor_global_sandbox(void);
+char* get_prot_param(char *param);
#endif /* SANDBOX_H_ */
More information about the tor-commits
mailing list