1. 28 Jul, 2020 1 commit
    • Jigsaw52's avatar
      Fix startup crash with seccomp sandbox enabled #40072 · eab8e7af
      Jigsaw52 authored
      Fix crash introduced in #40020. On startup, tor calls
      check_private_dir on the data and key directories. This function
      uses open instead of opendir on the received directory. Data and
      key directoryes are only opened here, so the seccomp rule added
      should be for open instead of opendir, despite the fact that they
      are directories.
      eab8e7af
  2. 20 Jul, 2020 3 commits
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for openat #27315 · d75e7daa
      Jigsaw52 authored
      The need for casting negative syscall arguments depends on the
      glibc version. This affects the rules for the openat syscall which
      uses the constant AT_FDCWD that is defined as a negative number.
      This commit adds logic to only apply the cast when necessary, on
      glibc versions from 2.27 onwards.
      d75e7daa
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for opening directories #40020 · d28bfb2c
      Jigsaw52 authored
      Different versions of glibc use either open or openat for the
      opendir function. This commit adds logic to use the correct rule
      for each glibc version, namely:
      - Until 2.14 open is used
      - From 2.15 to to 2.21 openat is used
      - From 2.22 to 2.26 open is used
      - From 2.27 onwards openat is used
      d28bfb2c
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for openat #27315 · c79b4397
      Jigsaw52 authored
      The need for casting negative syscall arguments depends on the
      glibc version. This affects the rules for the openat syscall which
      uses the constant AT_FDCWD that is defined as a negative number.
      This commit adds logic to only apply the cast when necessary, on
      glibc versions from 2.27 onwards.
      c79b4397
  3. 04 Jun, 2020 1 commit
    • Nick Mathewson's avatar
      sandbox: Do not require M_SYSCALL. · 1e98d566
      Nick Mathewson authored
      M_SYSCALL is used to report information about a sandbox violation,
      but when we don't have a definition for it, it still makes sense to
      compile.
      
      Closes ticket 34382.
      1e98d566
  4. 12 May, 2020 1 commit
  5. 09 Apr, 2020 1 commit
  6. 26 Feb, 2020 1 commit
  7. 08 Jan, 2020 1 commit
  8. 05 Jan, 2020 1 commit
  9. 20 Dec, 2019 1 commit
    • teor's avatar
      Replace several C identifiers. · 8c23ac4a
      teor authored
      This is an automated commit, generated by this command:
      
      ./scripts/maint/rename_c_identifier.py \
              EXPOSE_CLEAN_BACKTRACE BACKTRACE_PRIVATE \
              TOR_CHANNEL_INTERNAL_ CHANNEL_OBJECT_PRIVATE \
              CHANNEL_PRIVATE_ CHANNEL_FILE_PRIVATE \
              EXPOSE_ROUTERDESC_TOKEN_TABLE ROUTERDESC_TOKEN_TABLE_PRIVATE \
              SCHEDULER_PRIVATE_ SCHEDULER_PRIVATE
      8c23ac4a
  10. 17 Dec, 2019 1 commit
  11. 30 Sep, 2019 1 commit
  12. 26 Sep, 2019 1 commit
  13. 22 Jan, 2019 1 commit
  14. 16 Jan, 2019 2 commits
  15. 14 Nov, 2018 3 commits
  16. 10 Jul, 2018 2 commits
  17. 03 Jul, 2018 1 commit
  18. 27 Jun, 2018 4 commits
  19. 22 Jun, 2018 3 commits
  20. 21 Jun, 2018 2 commits
  21. 20 Jun, 2018 3 commits
  22. 23 Apr, 2018 1 commit
  23. 20 Mar, 2018 2 commits
  24. 01 Feb, 2018 1 commit
  25. 26 Jan, 2018 1 commit