Merge branch 'maint-0.4.4'

author: Nick Mathewson <nickm@torproject.org> 2020-07-29 12:37:08 -0400
committer: Nick Mathewson <nickm@torproject.org> 2020-07-29 12:37:08 -0400
commit: 9164d7c75e6191828db15ac713843932867158ef (patch)
tree: f98a0ae55cccb9cfaecb2371bdfc9d3378451646 /src/lib
parent: 75f94ea1ec72df18d0f4435ee110bd667c9a142f (diff)
parent: 0c8c295963b5389684d3b41e9260f7fbba4dfe2a (diff)
download: tor-9164d7c75e6191828db15ac713843932867158ef.tar.gz
tor-9164d7c75e6191828db15ac713843932867158ef.zip
1 files changed, 1 insertions, 9 deletions
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
index a6eea9daca..f01b050d25 100644
--- a/src/lib/sandbox/sandbox.c
+++ b/src/lib/sandbox/sandbox.c
@@ -671,15 +671,7 @@ sb_opendir(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
     if (param != NULL && param->prot == 1 && param->syscall
         == PHONY_OPENDIR_SYSCALL) {
-      if (libc_uses_openat_for_opendir()) {
-        rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat),
-            SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD),
-            SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value),
-            SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|O_NONBLOCK|O_LARGEFILE|
-                O_DIRECTORY|O_CLOEXEC));
-      } else {
-        rc = allow_file_open(ctx, 0, param->value);
-      }
+      rc = allow_file_open(ctx, libc_uses_openat_for_opendir(), param->value);
       if (rc != 0) {
         log_err(LD_BUG,"(Sandbox) failed to add openat syscall, received "
             "libseccomp error %d", rc);
author	Nick Mathewson <nickm@torproject.org>	2020-07-29 12:37:08 -0400
committer	Nick Mathewson <nickm@torproject.org>	2020-07-29 12:37:08 -0400
commit	9164d7c75e6191828db15ac713843932867158ef (patch)
tree	f98a0ae55cccb9cfaecb2371bdfc9d3378451646 /src/lib
parent	75f94ea1ec72df18d0f4435ee110bd667c9a142f (diff)
parent	0c8c295963b5389684d3b41e9260f7fbba4dfe2a (diff)
download	tor-9164d7c75e6191828db15ac713843932867158ef.tar.gz tor-9164d7c75e6191828db15ac713843932867158ef.zip