[tor-commits] [sandboxed-tor-browser/master] Instead of using the trace action, explciitly return ENOSYS on 386.

yawning at torproject.org yawning at torproject.org
Sat Nov 26 07:20:49 UTC 2016


commit 533be4ad041ff7b9c630181fe5265e4f70160947
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Sat Nov 26 07:20:04 2016 +0000

    Instead of using the trace action, explciitly return ENOSYS on 386.
    
    This mirrors the amd64 behavior, I just forgot to make this explicit
    when I changed it for real computers.
---
 src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
index 5cf3262..40e5691 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
@@ -59,7 +59,8 @@ func installSeccomp(fd *os.File, assets []string, isBlacklist bool) error {
 		rules = append(rules, '\n')
 	}
 
-	defaultAct, ruleAct := seccomp.ActTrace, seccomp.ActAllow
+	actENOSYS := seccomp.ActErrno.SetReturnCode(38)
+	defaultAct, ruleAct := actENOSYS, seccomp.ActAllow
 	if isBlacklist {
 		defaultAct, ruleAct = ruleAct, defaultAct
 	}



More information about the tor-commits mailing list