Bug 21093: Go back to using gosecco for seccomp rule compilation. (c3a280dc) · Commits · Legacy / gitolite / tor-browser / sandboxed-tor-browser

.gitignore

+0 −1

Original line number	Diff line number	Diff line
		@@ -2,7 +2,6 @@ bin/
		pkg/
		data/revision
		data/tbb_stub.so
		data/*.bpf
		src/cmd/sandboxed-tor-browser/internal/data/bindata.go
		*.swp
		*~

ChangeLog

+1 −0

Original line number	Diff line number	Diff line
		Changes in version 0.0.3 - UNRELEASED:
		* Bug 21903: Go back to using gosecco for seccomp rule compilation.
		* Bug 20940: Deprecate x86 support.
		* Bug 20778: Check for updates in the background.
		* Bug 20851: If the incremental update fails, fall back to the complete

Makefile

+1 −5

Original line number	Diff line number	Diff line
		@@ -9,9 +9,8 @@ sandboxed-tor-browser: static-assets
		gb build -tags $(GTK3TAG) cmd/sandboxed-tor-browser
		mv ./bin/sandboxed-tor-browser-$(GTK3TAG) ./bin/sandboxed-tor-browser

		static-assets: go-bindata gen-seccomp tbb_stub
		static-assets: go-bindata tbb_stub
		git rev-parse --short HEAD > data/revision
		./bin/gen-seccomp -o ./data
		./bin/go-bindata -nometadata -pkg data -prefix data -o ./src/cmd/sandboxed-tor-browser/internal/data/bindata.go data/...

		tbb_stub: go-bindata
		@@ -20,9 +19,6 @@ tbb_stub: go-bindata
		go-bindata:
		gb build github.com/jteeuwen/go-bindata/go-bindata

		gen-seccomp:
		gb build cmd/gen-seccomp

		clean:
		rm -f ./src/cmd/sandboxed-tor-browser/internal/data/bindata.go
		rm -f ./data/revision

README.md

+0 −1

Original line number	Diff line number	Diff line
		@@ -29,7 +29,6 @@ Build time dependencies:
		* A C compiler
		* gb (https://getgb.io/ Yes I know it's behind fucking cloudflare)
		* Go (Tested with 1.7.x)
		* libseccomp2 >= 2.2.1
		* libnotify

		Things that the sandbox breaks:

data/tor-amd64.seccomp

0 → 100644

+38 −0

Original line number	Diff line number	Diff line
		# tor binary (x86_64) specific seccomp whitelist.
		#
		# This is based off of tor's src/common/sandbox.c

		#
		# Extra constant definitions needed for filtering.
		#

		FUTEX_WAIT=0
		FUTEX_WAKE=1
		FUTEX_FD=2
		FUTEX_REQUEUE=3
		FUTEX_CMP_REQUEUE=4
		FUTEX_WAKE_OP=5
		#FUTEX_LOCK_PI=6
		#FUTEX_UNLOCK_PI=7
		FUTEX_WAIT_BITSET=9
		FUTEX_PRIVATE_FLAG=128
		FUTEX_CLOCK_REALTIME=256

		FUTEX_WAIT_PRIVATE=FUTEX_WAIT \| FUTEX_PRIVATE_FLAG
		FUTEX_WAKE_PRIVATE=FUTEX_WAKE \| FUTEX_PRIVATE_FLAG
		FUTEX_CMP_REQUEUE_PRIVATE=FUTEX_CMP_REQUEUE \| FUTEX_PRIVATE_FLAG
		FUTEX_WAKE_OP_PRIVATE=FUTEX_WAKE_OP \| FUTEX_PRIVATE_FLAG
		#FUTEX_LOCK_PI_PRIVATE=FUTEX_LOCK_PI \| FUTEX_PRIVATE_FLAG
		#FUTEX_UNLOCK_PI_PRIVATE=FUTEX_UNLOCK_PI \| FUTEX_PRIVATE_FLAG
		FUTEX_WAIT_BITSET_PRIVATE=FUTEX_WAIT_BITSET \| FUTEX_PRIVATE_FLAG

		#
		# System calls allowed with filtering.
		# * mmap: Asan (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS\|MAP_NORESERVE)
		# (arg2 == PROT_NONE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS\|MAP_NORESERVE)
		#

		futex: arg1 == FUTEX_WAIT_BITSET_PRIVATE\|FUTEX_CLOCK_REALTIME \|\| arg1 == FUTEX_WAKE_PRIVATE \|\| arg1 == FUTEX_WAIT_PRIVATE
		mprotect: arg2 == PROT_READ \|\| arg2 == PROT_NONE
		mmap: (arg2 == PROT_READ && arg3 == MAP_PRIVATE) \|\| (arg2 == PROT_NONE && arg3 == MAP_PRIVATE\|MAP_ANONYMOUS\|MAP_NORESERVE) \|\| (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_ANONYMOUS) \|\| (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_ANONYMOUS\|MAP_STACK) \|\| (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_DENYWRITE) \|\| (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS) \|\| (arg2 == PROT_READ\|PROT_EXEC && arg3 == MAP_PRIVATE\|MAP_DENYWRITE) \|\| (arg2 == PROT_READ\|PROT_WRITE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS\|MAP_NORESERVE) \|\| (arg2 == PROT_NONE && arg3 == MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS\|MAP_NORESERVE)
		setsockopt: arg1 == SOL_SOCKET && (arg2 == SO_REUSEADDR \|\| arg2 == SO_SNDBUF \|\| arg2 == SO_RCVBUF)