diff options
author | Daniel Pinto <danielpinto52@gmail.com> | 2020-07-29 00:34:08 +0100 |
---|---|---|
committer | Daniel Pinto <danielpinto52@gmail.com> | 2020-07-29 00:34:08 +0100 |
commit | eab8e7af522d18620450003667579eebaa339896 (patch) | |
tree | f1c0175341d8f57ed4aaa5cfa4b754c96009f9ab /src/lib/sandbox/sandbox.c | |
parent | d28bfb2cd5665c38bd14d6a72848209dcd66faf9 (diff) | |
download | tor-eab8e7af522d18620450003667579eebaa339896.tar.gz tor-eab8e7af522d18620450003667579eebaa339896.zip |
Fix startup crash with seccomp sandbox enabled #40072
Fix crash introduced in #40020. On startup, tor calls
check_private_dir on the data and key directories. This function
uses open instead of opendir on the received directory. Data and
key directoryes are only opened here, so the seccomp rule added
should be for open instead of opendir, despite the fact that they
are directories.
Diffstat (limited to 'src/lib/sandbox/sandbox.c')
-rw-r--r-- | src/lib/sandbox/sandbox.c | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c index 1903da70e8..2f26c5429b 100644 --- a/src/lib/sandbox/sandbox.c +++ b/src/lib/sandbox/sandbox.c @@ -657,15 +657,7 @@ sb_opendir(scmp_filter_ctx ctx, sandbox_cfg_t *filter) if (param != NULL && param->prot == 1 && param->syscall == PHONY_OPENDIR_SYSCALL) { - if (libc_uses_openat_for_opendir()) { - rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), - SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD), - SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value), - SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|O_NONBLOCK|O_LARGEFILE| - O_DIRECTORY|O_CLOEXEC)); - } else { - rc = allow_file_open(ctx, 0, param->value); - } + rc = allow_file_open(ctx, libc_uses_openat_for_opendir(), param->value); if (rc != 0) { log_err(LD_BUG,"(Sandbox) failed to add openat syscall, received " "libseccomp error %d", rc); |