partial libevent open fix

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 0be4c5235c3bc2ac2e6323d3795ece8111df8d32..6ff4296c4d62142dc64f00ff818d81f31885471f 100644 (file)
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -9,6 +9,8 @@
  * \brief Code to enable sandboxing.
  **/
 
+#define _LARGEFILE64_SOURCE
+
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
@@ -32,10 +34,12 @@
 #include <sys/mman.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <sys/epoll.h>
 #include <sys/prctl.h>
 #include <linux/futex.h>
 #include <bits/signum.h>
+#include <event2/event.h>
 
 #include <stdarg.h>
 #include <seccomp.h>
@@ -53,6 +57,7 @@ static sandbox_cfg_t *filter_dynamic = NULL;
 static int filter_nopar_gen[] = {
     SCMP_SYS(access),
     SCMP_SYS(brk),
+    SCMP_SYS(clock_gettime),
     SCMP_SYS(close),
     SCMP_SYS(clone),
     SCMP_SYS(epoll_create),
@@ -105,9 +110,6 @@ static int filter_nopar_gen[] = {
     SCMP_SYS(madvise),
     // getaddrinfo uses this..
     SCMP_SYS(stat64),
-    // Not needed..
-//    SCMP_SYS(set_thread_area),
-//    SCMP_SYS(set_tid_address),
 
     // socket syscalls
     SCMP_SYS(bind),
@@ -263,7 +265,7 @@ sb_open(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
   // todo remove when libevent fix
   rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 1,
-        SCMP_CMP(1, SCMP_CMP_EQ, O_RDONLY));
+        SCMP_CMP(1, SCMP_CMP_EQ, O_RDONLY|O_LARGEFILE|O_CLOEXEC));
   if (rc != 0) {
     log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp "
         "error %d", rc);
@@ -305,13 +307,6 @@ sb_openat(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
   return 0;
 }
 
-static int
-sb_clock_gettime(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
-{
-  return seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(clock_gettime), 1,
-     SCMP_CMP(0, SCMP_CMP_EQ, CLOCK_MONOTONIC));
-}
-
 // TODO: param not working
 static int
 sb_socket(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
@@ -574,7 +569,6 @@ static sandbox_filter_func_t filter_func[] = {
     sb_mmap2,
     sb_open,
     sb_openat,
-    sb_clock_gettime,
     sb_fcntl64,
     sb_epoll_ctl,
     sb_prctl,

diff --git a/src/or/main.c b/src/or/main.c
index a2fbe5f6368da6a0b78315e201a59e3c5014c21e..9d0719c46400f685f4058c8235eb9f2ed23a8a3e 100644 (file)
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2647,7 +2647,7 @@ sandbox_init_filter()
   sandbox_cfg_allow_openat_filename(&cfg,
       get_datadir_fname("cached-status"), 1);
 
-  sandbox_cfg_allow_open_filename_array(&cfg, 22,
+  sandbox_cfg_allow_open_filename_array(&cfg, 23,
       get_datadir_fname("cached-certs"), 1,
       get_datadir_fname("cached-certs.tmp"), 1,
       get_datadir_fname("cached-consensus"), 1,
@@ -2669,7 +2669,8 @@ sandbox_init_filter()
       get_datadir_fname("unparseable-desc.tmp"), 1,
       get_datadir_fname("unparseable-desc"), 1,
       "/dev/srandom", 0,
-      "/dev/urandom", 0
+      "/dev/urandom", 0,
+      "/dev/random", 0
   );
 
   sandbox_cfg_allow_stat64_filename_array(&cfg, 5,
@@ -2682,7 +2683,7 @@ sandbox_init_filter()
 
   // orport
   if (server_mode(get_options())) {
-    sandbox_cfg_allow_open_filename_array(&cfg, 13,
+    sandbox_cfg_allow_open_filename_array(&cfg, 12,
         get_datadir_fname2("keys", "secret_id_key"), 1,
         get_datadir_fname2("keys", "secret_onion_key"), 1,
         get_datadir_fname2("keys", "secret_onion_key_ntor"), 1,
@@ -2694,8 +2695,7 @@ sandbox_init_filter()
         get_datadir_fname("fingerprint"), 1,
         get_datadir_fname("cached-consensus"), 1,
         get_datadir_fname("cached-consensus.tmp"), 1,
-        "/etc/resolv.conf", 0,
-        "/dev/random", 0
+        "/etc/resolv.conf", 0
     );
 
     sandbox_cfg_allow_stat64_filename_array(&cfg, 2,
@@ -2783,6 +2783,10 @@ tor_main(int argc, char *argv[])
       log_err(LD_BUG,"Failed to create syscall sandbox filter");
       return -1;
     }
+
+    // registering libevent rng
+    evutil_secure_rng_set_urandom_device_file(
+        (char*) sandbox_intern_string("/dev/random"));
   }
 
   switch (get_options()->command) {