tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 62fb18497944382219adac9052f9668fdcb1894d
parent 84fc75420495c2ab425c8ac1e627e3678870494b
Author: David Goulet <dgoulet@torproject.org>
Date:   Mon, 28 Mar 2022 09:45:16 -0400

Merge branch 'maint-0.4.6'

Diffstat:

Achanges/clone3-sandbox | 3+++


Msrc/lib/sandbox/sandbox.c | 3+++


2 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/changes/clone3-sandbox b/changes/clone3-sandbox
@@ -0,0 +1,3 @@
+  o Minor features (linux seccomp2 sandbox):
+    - Permit the clone3 syscall, which is apparently used in glibc-2.34 and
+      later. Closes ticket 40590.
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
@@ -160,6 +160,9 @@ static int filter_nopar_gen[] = {
     SCMP_SYS(close),
     SCMP_SYS(clone),
     SCMP_SYS(dup),
+#ifdef __NR_clone3
+    SCMP_SYS(clone3),
+#endif
     SCMP_SYS(epoll_create),
     SCMP_SYS(epoll_wait),
 #ifdef __NR_epoll_pwait