nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 06:13:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Basic compilation fixes.

Browse Source
This commit is contained in:
Nick Mathewson 2013-09-09 14:55:47 -04:00
parent 340cca524f
commit 00fd0cc5f9
3 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/common/sandbox.c
View File

@ -118,8 +118,10 @@ static int filter_nopar_gen[] = {
SCMP_SYS(exit), SCMP_SYS(exit),
SCMP_SYS(madvise), SCMP_SYS(madvise),
#ifdef __NR_stat64
// getaddrinfo uses this.. // getaddrinfo uses this..
SCMP_SYS(stat64), SCMP_SYS(stat64),
#endif
// socket syscalls // socket syscalls
SCMP_SYS(bind), SCMP_SYS(bind),
@ -741,10 +743,14 @@ static sandbox_filter_func_t filter_func[] = {
sb_execve, sb_execve,
sb_time, sb_time,
sb_accept4, sb_accept4,
#ifdef __NR_mmap2
sb_mmap2, sb_mmap2,
#endif
sb_open, sb_open,
sb_openat, sb_openat,
#ifdef __NR_fcntl64
sb_fcntl64, sb_fcntl64,
#endif
sb_epoll_ctl, sb_epoll_ctl,
sb_prctl, sb_prctl,
sb_mprotect, sb_mprotect,
@ -752,7 +758,9 @@ static sandbox_filter_func_t filter_func[] = {
sb_futex, sb_futex,
sb_mremap, sb_mremap,
sb_poll, sb_poll,
#ifdef __NR_stat64
sb_stat64, sb_stat64,
#endif
sb_socket, sb_socket,
sb_setsockopt, sb_setsockopt,
@ -879,12 +887,17 @@ new_element(int syscall, int index, intptr_t value)
} }
#ifdef __NR_stat64 #ifdef __NR_stat64
#define SCMP_stat SCMP_SYS(stat64)
#else
#define SCMP_stat SCMP_SYS(stat)
#endif
int int
sandbox_cfg_allow_stat64_filename(sandbox_cfg_t **cfg, char *file, int fr) sandbox_cfg_allow_stat_filename(sandbox_cfg_t **cfg, char *file, int fr)
{ {
sandbox_cfg_t *elem = NULL; sandbox_cfg_t *elem = NULL;
elem = new_element(SCMP_SYS(stat64), 0, (intptr_t) tor_strdup(file)); elem = new_element(SCMP_stat, 0, (intptr_t) tor_strdup(file));
if (!elem) { if (!elem) {
log_err(LD_BUG,"(Sandbox) failed to register parameter!"); log_err(LD_BUG,"(Sandbox) failed to register parameter!");
return -1; return -1;
@ -898,7 +911,7 @@ sandbox_cfg_allow_stat64_filename(sandbox_cfg_t **cfg, char *file, int fr)
} }
int int
sandbox_cfg_allow_stat64_filename_array(sandbox_cfg_t **cfg, ...) sandbox_cfg_allow_stat_filename_array(sandbox_cfg_t **cfg, ...)
{ {
int rc = 0; int rc = 0;
char *fn = NULL; char *fn = NULL;
@ -909,9 +922,9 @@ sandbox_cfg_allow_stat64_filename_array(sandbox_cfg_t **cfg, ...)
while ((fn = va_arg(ap, char*)) != NULL) { while ((fn = va_arg(ap, char*)) != NULL) {
int fr = va_arg(ap, int); int fr = va_arg(ap, int);
rc = sandbox_cfg_allow_stat64_filename(cfg, fn, fr); rc = sandbox_cfg_allow_stat_filename(cfg, fn, fr);
if (rc) { if (rc) {
log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_stat64_filename_array fail"); log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_stat_filename_array fail");
goto end; goto end;
} }
} }
@ -920,7 +933,6 @@ sandbox_cfg_allow_stat64_filename_array(sandbox_cfg_t **cfg, ...)
va_end(ap); va_end(ap);
return 0; return 0;
} }
#endif
int int
sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file, int fr) sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file, int fr)

6
src/common/sandbox.h
View File

@ -204,12 +204,12 @@ int sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, char *com);
int sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, ...); int sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, ...);
/** /**
* Function used to add a stat64 allowed filename to a supplied configuration. * Function used to add a stat/stat64 allowed filename to a configuration.
* The (char*) specifies the path to the allowed file, fr = 1 tells the * The (char*) specifies the path to the allowed file, fr = 1 tells the
* function that the char* needs to be free-ed, 0 means the pointer does not * function that the char* needs to be free-ed, 0 means the pointer does not
* need to be free-ed. * need to be free-ed.
*/ */
int sandbox_cfg_allow_stat64_filename(sandbox_cfg_t **cfg, char *file, int sandbox_cfg_allow_stat_filename(sandbox_cfg_t **cfg, char *file,
int fr); int fr);
/** Function used to add a series of stat64 allowed filenames to a supplied /** Function used to add a series of stat64 allowed filenames to a supplied
@ -220,7 +220,7 @@ int sandbox_cfg_allow_stat64_filename(sandbox_cfg_t **cfg, char *file,
* that the char* needs to be free-ed, 0 means the pointer does not need to * that the char* needs to be free-ed, 0 means the pointer does not need to
* be free-ed; the final parameter needs to be <NULL, 0>. * be free-ed; the final parameter needs to be <NULL, 0>.
*/ */
int sandbox_cfg_allow_stat64_filename_array(sandbox_cfg_t **cfg, ...); int sandbox_cfg_allow_stat_filename_array(sandbox_cfg_t **cfg, ...);
/** Function used to initialise a sandbox configuration.*/ /** Function used to initialise a sandbox configuration.*/
int sandbox_init(sandbox_cfg_t* cfg); int sandbox_init(sandbox_cfg_t* cfg);

6
src/or/main.c
View File

@ -2650,7 +2650,7 @@ init_addrinfo(void)
} }
static sandbox_cfg_t* static sandbox_cfg_t*
sandbox_init_filter() sandbox_init_filter(void)
{ {
sandbox_cfg_t *cfg = sandbox_cfg_new(); sandbox_cfg_t *cfg = sandbox_cfg_new();
@ -2685,7 +2685,7 @@ sandbox_init_filter()
NULL, 0 NULL, 0
); );
sandbox_cfg_allow_stat64_filename_array(&cfg, sandbox_cfg_allow_stat_filename_array(&cfg,
get_datadir_fname(NULL), 1, get_datadir_fname(NULL), 1,
get_datadir_fname("lock"), 1, get_datadir_fname("lock"), 1,
get_datadir_fname("state"), 1, get_datadir_fname("state"), 1,
@ -2714,7 +2714,7 @@ sandbox_init_filter()
NULL, 0 NULL, 0
); );
sandbox_cfg_allow_stat64_filename_array(&cfg, sandbox_cfg_allow_stat_filename_array(&cfg,
get_datadir_fname("keys"), 1, get_datadir_fname("keys"), 1,
get_datadir_fname("stats/dirreq-stats"), 1, get_datadir_fname("stats/dirreq-stats"), 1,
NULL, 0 NULL, 0