seccomp sandbox does not work on arm
Tor v0.2.6.8 as shipped by arch linux arm (armv6h/raspberry pi) crashes when the seccomp sandbox is enabled with the following error:
============================================================ T= 1432314730
(Sandbox) Caught a bad syscall attempt (syscall 289)
/usr/bin/tor(+0x13f734)[0xb6ee7734]
/usr/lib/libc.so.6(__send+0x1c)[0xb69ac7ec]
/usr/lib/libc.so.6(__send+0x1c)[0xb69ac7ec]
I started looking into the code and came up with the attached patch. Afterwards the error message is this:
============================================================ T= 1432331214
(Sandbox) Caught a bad syscall attempt (syscall eventfd2)
/usr/bin/tor(+0x1402e4)[0xb6ef02e4]
/usr/lib/libc.so.6(eventfd+0xc)[0xb696ca5c]
/usr/lib/libc.so.6(eventfd+0xc)[0xb696ca5c]
/usr/bin/tor(alert_sockets_create+0x98)[0xb6eda974]
/usr/bin/tor(replyqueue_new+0x3c)[0xb6ef43c4]
/usr/bin/tor(cpu_init+0xc4)[0xb6ea1360]
/usr/bin/tor(do_main_loop+0x358)[0xb6dd9cac]
/usr/bin/tor(tor_main+0x160)[0xb6ddb744]
Since I'm neither familiar with seccomp nor the tor codebase, this is where I gave up… I hope someone here can fix this.
Trac:
Username: ajs124