Nick Mathewson
00fd0cc5f9
Basic compilation fixes.
2013-09-09 14:55:47 -04:00
Cristian Toader
340cca524f
added missing documentation for sandbox functions
2013-09-06 21:41:45 +03:00
Cristian Toader
6a22b29641
passing hints as a const pointer to sandbox_getaddrinfo(), also one tor_free macro fails to compile..
2013-09-06 12:39:56 +03:00
Cristian Toader
839ff0063d
replaced strdup with tor_strdup
2013-09-06 12:30:01 +03:00
Cristian Toader
2a6c34750d
replaced malloc/free with tor_malloc/tor_free
2013-09-06 12:29:15 +03:00
Cristian Toader
42f5737c81
switched string lengths from int to size_t in prot_strings()
2013-09-06 12:26:50 +03:00
Cristian Toader
55d8b8e578
fixed bug where sandbox_getaddrinfo() would fail when -Sandbox is 0
2013-09-03 16:37:12 +03:00
Cristian Toader
b4b0eddd29
switched to a more generic way of handling the sandbox configuration
2013-09-02 13:54:43 +03:00
Cristian Toader
fe6e2733ab
added contingency message to test for sandbox_getaddrinfo
2013-09-02 12:16:02 +03:00
Cristian Toader
c584537a03
make check-spaces fix
2013-09-02 11:45:09 +03:00
Cristian Toader
1ef0b2e1a3
changed how sb getaddrinfo works such that it supports storing multiple results
2013-09-02 11:44:04 +03:00
Cristian Toader
3e803a1f18
make check-spaces fix
2013-08-29 16:53:12 +03:00
Cristian Toader
1118bd9910
switched from multiple mmap to one
2013-08-29 16:51:05 +03:00
Cristian Toader
d5f43b5254
_array filter functions now rely on final NULL parameter
2013-08-29 15:42:30 +03:00
Cristian Toader
ce04d2a622
replaced boolean char with int
2013-08-29 15:19:49 +03:00
Cristian Toader
8e2b9d2844
small fixes in documentation and sandbox_getaddrinfo()
2013-08-29 12:41:17 +03:00
Cristian Toader
6cae5d706c
Added doxygen struct doc and replaced func() with funct(void)
2013-08-28 20:01:52 +03:00
Cristian Toader
8b8f87a06a
removed PARAM_LEN
2013-08-28 19:56:42 +03:00
Cristian Toader
b121ca581d
make check-spaces fix
2013-08-26 21:28:30 +03:00
Cristian Toader
15d420b564
fix: accept4 for 64 bit
2013-08-26 20:06:46 +03:00
Cristian Toader
b10472f92b
small open syscall modification (just in case)
2013-08-21 19:01:01 +03:00
Cristian Toader
bc19ea100c
make check-spaces fixes
2013-08-21 17:57:15 +03:00
Cristian Toader
ed4968315e
fix: sandbox_intern_string log clean up
2013-08-21 13:43:44 +03:00
Cristian Toader
8aa5517ff6
fix: flock filter update
2013-08-21 13:38:00 +03:00
Cristian Toader
71612f00ae
fixed openssl open syscall, fixed sandbox_getaddrinfo
2013-08-20 13:10:07 +03:00
Cristian Toader
36aeca0ecf
fix for getaddrinfo open syscall
2013-08-19 13:56:50 +03:00
Cristian Toader
a9910d89f1
finalised fix on libevent open string issue
2013-08-19 11:41:46 +03:00
Cristian Toader
c09b11b6d8
updated filters
2013-08-16 01:43:09 +03:00
Cristian Toader
863dd4d4b3
received feedback and fixed (partly) the socket filters
2013-08-15 00:23:51 +03:00
Cristian Toader
372e0f91fd
added comments for sandbox.h
2013-08-15 00:09:07 +03:00
Cristian Toader
e2a7b484f4
partial libevent open fix
2013-08-14 23:03:38 +03:00
Cristian Toader
8a85a48b9d
attempt to add stat64 filename filters; failed due to getaddrinfo..
2013-08-12 21:14:43 +03:00
Cristian Toader
44a4464cf6
fixed memory leak, added array filter support
2013-08-10 18:04:48 +03:00
Cristian Toader
89b39db003
updated filters to work with orport
2013-08-09 19:07:20 +03:00
Cristian Toader
b3a8c08a92
orport progress (not functional), nickm suggested fixes
2013-08-07 13:13:12 +03:00
Cristian Toader
356b646976
added execve and multi-configuration support
2013-08-05 15:40:23 +03:00
Cristian Toader
d897690fc7
fixes suggested by nickm
2013-08-05 14:17:46 +03:00
Cristian Toader
dde3ed385b
removed access, set_robust_list, set_thread_area, set_tid_address, uname; added sb_poll
2013-07-31 12:05:10 +03:00
Cristian Toader
313cbe6e24
sigprocmask, epoll_ctl, prctl, mprotect, flock, futex, mremap
2013-07-31 11:35:25 +03:00
Cristian Toader
f0840ed4c9
epoll_ctl
2013-07-31 00:27:14 +03:00
Cristian Toader
5fc0e13db8
fcntl64
2013-07-30 23:52:54 +03:00
Cristian Toader
686cf4c0ff
clean stable version
2013-07-30 23:43:42 +03:00
Cristian Toader
c1f5f1842e
fully switched to function pointers; problems with socketcall parameters
2013-07-30 23:20:08 +03:00
Cristian Toader
442f256f25
switched to a design using filters as function pointer arrays
2013-07-30 21:23:30 +03:00
Cristian Toader
5baea85189
removed open flags (postponed), added mmap2 flags
2013-07-30 19:37:28 +03:00
Cristian Toader
871e5b35a8
small filter changes; openat as separate function
2013-07-30 19:25:56 +03:00
Cristian Toader
8022def6f0
added openat parameter filter
2013-07-29 16:30:39 +03:00
Cristian Toader
6d5b0367f6
Changes as suggested by nickm
...
- char* to const char* and name refactoring
- workaround for accept4 syscall
2013-07-29 14:46:47 +03:00
Cristian Toader
8f9d3da194
Investigated access4 syscall problem, small changes to filter.
2013-07-26 19:53:05 +03:00
Cristian Toader
626a2b23de
integrated context for dynamic filters
2013-07-25 14:08:02 +03:00
Cristian Toader
3dfe1c0639
initia stages of runtime dynamic filters
2013-07-25 13:25:20 +03:00
Cristian Toader
abe082e7d0
dynamic parameter filter bug fixes
2013-07-24 17:15:57 +03:00
Cristian Toader
962d814e52
dynamic parameter filter (prototype, not tested)
2013-07-24 17:06:06 +03:00
Cristian Toader
e1410f20d7
added support for multiple parameters
2013-07-23 14:22:31 +03:00
Cristian Toader
c15d09293b
added experimental support for open syscall path param
2013-07-23 14:01:53 +03:00
Cristian Toader
8b12170f23
added support for numeric parameters, tested with rt_sigaction
2013-07-23 10:49:56 +03:00
Cristian Toader
7cf1dbfd51
changed paramfilter type to intptr_t
2013-07-23 10:14:25 +03:00
Cristian Toader
8dfa5772e7
(undo) git test..
2013-07-18 18:28:55 +03:00
Cristian Toader
b0725c964b
git test..
2013-07-18 18:28:10 +03:00
Cristian Toader
e7e2efb717
Added getter for protected parameter
2013-07-18 18:21:37 +03:00
Cristian Toader
673349c42e
Repair of some of the lost parameter filters history
2013-07-18 18:03:10 +03:00
Nick Mathewson
85178e2e93
Use format_hex_number_sigsafe to format syscalls in sandbox.c
...
This way, we don't have to use snprintf, which is not guaranteed to
be signal-safe.
(Technically speaking, strlen() and strlcpy() are not guaranteed to
be signal-safe by the POSIX standard. But I claim that they are on
every platform that supports libseccomp2, which is what matters
here.)
2013-07-15 13:07:09 -04:00
Roger Dingledine
6848e29307
cosmetic cleanups
2013-07-14 02:49:34 -04:00
Cristian Toader
f9c1ba6493
Add a basic seccomp2 syscall filter on Linux
...
It's controlled by the new Sandbox argument. Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
2013-07-11 09:13:13 -04:00