sandbox: Allow "clock_gettime64" syscall where defined

On 32-bit architectures where Linux provides the "clock_gettime64" system call, including i386, glibc uses it in place of "clock_gettime". Modify the sandbox implementation to match, to prevent Tor's monotonic-time functions (in src/lib/time/compat_time.c) failing when the sandbox is active.
author: Simon South <simon@simonsouth.net> 2021-11-03 11:53:33 -0400
committer: Simon South <simon@simonsouth.net> 2021-11-05 10:30:51 -0400
commit: f5980e60ed519cb8c5ceded7e04f8e63c842c782 (patch)
tree: d877a3ef955df440ae23bc9bed9ba87f1ce95fe5 /src
parent: 55571fc8d7c63e88075020cfc0a3012e5aa10927 (diff)
download: tor-f5980e60ed519cb8c5ceded7e04f8e63c842c782.tar.gz
tor-f5980e60ed519cb8c5ceded7e04f8e63c842c782.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
index a4e9cb7849..fb02a345ab 100644
--- a/src/lib/sandbox/sandbox.c
+++ b/src/lib/sandbox/sandbox.c
@@ -152,7 +152,11 @@ static sandbox_cfg_t *filter_dynamic = NULL;
 static int filter_nopar_gen[] = {
     SCMP_SYS(access),
     SCMP_SYS(brk),
+#ifdef __NR_clock_gettime64
+    SCMP_SYS(clock_gettime64),
+#else
     SCMP_SYS(clock_gettime),
+#endif
     SCMP_SYS(close),
     SCMP_SYS(clone),
     SCMP_SYS(dup),
author	Simon South <simon@simonsouth.net>	2021-11-03 11:53:33 -0400
committer	Simon South <simon@simonsouth.net>	2021-11-05 10:30:51 -0400
commit	f5980e60ed519cb8c5ceded7e04f8e63c842c782 (patch)
tree	d877a3ef955df440ae23bc9bed9ba87f1ce95fe5 /src
parent	55571fc8d7c63e88075020cfc0a3012e5aa10927 (diff)
download	tor-f5980e60ed519cb8c5ceded7e04f8e63c842c782.tar.gz tor-f5980e60ed519cb8c5ceded7e04f8e63c842c782.zip