Changes as suggested by nickm

- char* to const char* and name refactoring - workaround for accept4 syscall

Changes as suggested by nickm
6d5b0367 · Cristian Toader · 8f9d3da1 · 6d5b0367 · 6d5b0367 · 6d5b0367
Commit 6d5b0367 authored 11 years ago by Cristian Toader
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -125,7 +125,7 @@ tor_open_cloexec(const char *path, int flags, unsigned mode)
 {
  int fd;
 #ifdef O_CLOEXEC
-  path = get_prot_param(path);
+  path = sandbox_intern_string(path);
  fd = open(path, flags|O_CLOEXEC, mode);
  if (fd >= 0)
    return fd;

--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -49,6 +49,10 @@ static sandbox_static_cfg_t filter_static[] = {
 #endif
    {SCMP_SYS(rt_sigaction), PARAM_NUM, 0, (intptr_t)(SIGCHLD), 0},
    {SCMP_SYS(time), PARAM_NUM, 0, 0, 0},
+
+#ifdef __NR_socketcall
+    {SCMP_SYS(socketcall), PARAM_NUM, 0, 18, 0}, // accept4 workaround
+#endif
 };

 /** Variable used for storing all syscall numbers that will be allowed with the
@@ -136,7 +140,7 @@ static int filter_nopar_gen[] = {
    SCMP_SYS(exit),

    // socket syscalls
-    SCMP_SYS(accept4),
+//    SCMP_SYS(accept4),
    SCMP_SYS(bind),
    SCMP_SYS(connect),
    SCMP_SYS(getsockname),
@@ -149,17 +153,12 @@ static int filter_nopar_gen[] = {
    SCMP_SYS(setsockopt),
    SCMP_SYS(socket),
    SCMP_SYS(socketpair),
-
-#ifdef __NR_socketcall
-//    SCMP_SYS(socketcall),
-#endif
-
    SCMP_SYS(recvfrom),
    SCMP_SYS(unlink),
 };

-char*
-get_prot_param(char *param)
+const char*
+sandbox_intern_string(char *param)
 {
  int i, filter_size;
  sandbox_cfg_t *elem;

--- a/src/common/sandbox.h
+++ b/src/common/sandbox.h
@@ -80,7 +80,7 @@ typedef struct pfd_elem sandbox_cfg_t;

 void sandbox_set_debugging_fd(int fd);
 int tor_global_sandbox(void);
-char* get_prot_param(char *param);
+const char* sandbox_intern_string(char *param);

 sandbox_cfg_t * sandbox_cfg_new();
 int sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file);