summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMicah Elizabeth Scott <beth@torproject.org>2023-03-15 11:52:45 -0700
committerMicah Elizabeth Scott <beth@torproject.org>2023-05-10 07:38:28 -0700
commit287c78c5a82f0447af01f3558748f048c9f3d2b2 (patch)
treeae1ae0337f5a6ada00a8b4372e2789f6b29a98aa
parent700814a3a117652682ccdf1ea591584b5eca1ff6 (diff)
downloadtor-287c78c5a82f0447af01f3558748f048c9f3d2b2.tar.gz
tor-287c78c5a82f0447af01f3558748f048c9f3d2b2.zip
sandbox: allow stack mmap with prot_none
This fixes a failure that was showing up on i386 Debian hosts with sandboxing enabled, now that cpuworker is enabled on clients. We already had allowances for creating threads and creating stacks in the sandbox, but prot_none (probably used for a stack guard) was not allowed so thread creation failed. Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
-rw-r--r--src/lib/sandbox/sandbox.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
index a476e57fbc..3340eda892 100644
--- a/src/lib/sandbox/sandbox.c
+++ b/src/lib/sandbox/sandbox.c
@@ -437,7 +437,14 @@ sb_mmap2(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap2),
SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ|PROT_WRITE),
- SCMP_CMP(3, SCMP_CMP_EQ,MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK));
+ SCMP_CMP(3, SCMP_CMP_EQ, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK));
+ if (rc) {
+ return rc;
+ }
+
+ rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap2),
+ SCMP_CMP(2, SCMP_CMP_EQ, PROT_NONE),
+ SCMP_CMP(3, SCMP_CMP_EQ, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK));
if (rc) {
return rc;
}