Merge branch 'maint-0.4.4'

changes/bug40072

@@ -0,0 +1,4 @@
+  o Minor bugfixes (linux seccomp2 sandbox):
+    - Fix startup crash with seccomp sandbox enabled when tor tries to
+      open the data directory. Patch from Daniel Pinto. Fixes bug 40072;
+      bugfix on 0.4.4.3-alpha-dev.

src/app/main/main.c

@@ -849,8 +849,10 @@ sandbox_init_filter(void)
     OPEN_DATADIR2(name, name2 suffix);                  \
   } while (0)
 
+// KeyDirectory is a directory, but it is only opened in check_private_dir
+// which calls open instead of opendir
 #define OPEN_KEY_DIRECTORY() \
-  OPENDIR(options->KeyDirectory)
+  OPEN(options->KeyDirectory)
 #define OPEN_CACHEDIR(name)                      \
   sandbox_cfg_allow_open_filename(&cfg, get_cachedir_fname(name))
 #define OPEN_CACHEDIR_SUFFIX(name, suffix) do {  \
@@ -864,7 +866,9 @@ sandbox_init_filter(void)
     OPEN_KEYDIR(name suffix);                    \
   } while (0)
 
-  OPENDIR(options->DataDirectory);
+  // DataDirectory is a directory, but it is only opened in check_private_dir
+  // which calls open instead of opendir
+  OPEN(options->DataDirectory);
   OPEN_KEY_DIRECTORY();
 
   OPEN_CACHEDIR_SUFFIX("cached-certs", ".tmp");

src/lib/sandbox/sandbox.c

@@ -671,15 +671,7 @@ sb_opendir(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
     if (param != NULL && param->prot == 1 && param->syscall
         == PHONY_OPENDIR_SYSCALL) {
-      if (libc_uses_openat_for_opendir()) {
-        rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat),
-            SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD),
-            SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value),
-            SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|O_NONBLOCK|O_LARGEFILE|
-                O_DIRECTORY|O_CLOEXEC));
-      } else {
-        rc = allow_file_open(ctx, 0, param->value);
-      }
+      rc = allow_file_open(ctx, libc_uses_openat_for_opendir(), param->value);
       if (rc != 0) {
         log_err(LD_BUG,"(Sandbox) failed to add openat syscall, received "
             "libseccomp error %d", rc);