diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-04-18 10:25:42 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-04-23 09:15:40 -0400 |
| commit | c4be6dfeabc8d42ecb6ccea8ca44d1ff0835071a (patch) | |
| tree | 19a680efd29cb331c329fb10182053b2c3c7ccc0 | |
| parent | d3ff1263092d9ca205b5b54b77db31633bcd80b4 (diff) | |
| download | tor-c4be6dfeabc8d42ecb6ccea8ca44d1ff0835071a.tar.gz tor-c4be6dfeabc8d42ecb6ccea8ca44d1ff0835071a.zip | |
Permit the nanosleep system call in the seccomp2 callbox
Fixes bug 24969; bugfix on 0.2.5.1-alpha when the sandbox was introduced.
| -rw-r--r-- | changes/bug24969 | 3 | ||||
| -rw-r--r-- | src/common/sandbox.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug24969 b/changes/bug24969 new file mode 100644 index 0000000000..46b2bae6f4 --- /dev/null +++ b/changes/bug24969 @@ -0,0 +1,3 @@ + o Minor bugfixes (Linux seccomp2 sandbox): + - Allow the nanosleep() system call, which glibc uses to implement + sleep() and usleep(). Fixes bug 24969; bugfix on 0.2.5.1-alpha. diff --git a/src/common/sandbox.c b/src/common/sandbox.c index 87fe08e881..3d27ea66b5 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -185,6 +185,9 @@ static int filter_nopar_gen[] = { SCMP_SYS(mmap), #endif SCMP_SYS(munmap), +#ifdef __NR_nanosleep + SCMP_SYS(nanosleep), +#endif #ifdef __NR_prlimit SCMP_SYS(prlimit), #endif |