[tor-commits] [tor] 01/05: sandbox: fix openat filtering on AArch64

[gitolite role]

This is an automated email from the git hooks/post-receive script.

nickm pushed a commit to branch main
in repository tor.

commit 531275b0f36b39fb6a5c6aaab47e26993ce6fa91
Author: Pierre Bourdon <delroth at gmail.com>
AuthorDate: Sat Apr 30 11:52:59 2022 +0200

    sandbox: fix openat filtering on AArch64
    
    New glibc versions not sign-extending 32 bit negative constants seems to
    not be a thing on AArch64. I suspect that this might not be the only
    architecture where the sign-extensions is happening, and the correct fix
    might be instead to use a proper 32 bit comparison for the first openat
    parameter. For now, band-aid fix this so the sandbox can work again on
    AArch64.
---
 src/lib/sandbox/sandbox.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
index e87edd8e21..4681d4795a 100644
--- a/src/lib/sandbox/sandbox.c
+++ b/src/lib/sandbox/sandbox.c
@@ -518,7 +518,12 @@ libc_uses_openat_for_opendir(void)
 static int
 libc_negative_constant_needs_cast(void)
 {
+#if defined(__aarch64__) && defined(__LP64__)
+  /* Existing glibc versions always sign-extend to 64 bits on AArch64. */
+  return 0;
+#else
   return is_libc_at_least(2, 27);
+#endif
 }
 
 /** Allow a single file to be opened.  If <b>use_openat</b> is true,

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.