Opened 3 months ago

Closed 7 weeks ago

#21943 closed defect (fixed)

(Sandbox) Caught a bad syscall attempt (syscall getpid)

Reported by: ageisp0lis Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Normal Keywords: sandbox seccomp2 getpid 029-backport 030-backport AffectsTails
Cc: Actual Points: .1
Parent ID: Points: .1
Reviewer: Sponsor:


Tor version:
Debian sid 4.9.0-2-amd64

(Sandbox) Caught a bad syscall attempt (syscall getpid)

Child Tickets

Change History (9)

comment:1 Changed 3 months ago by arma

  • Component changed from - Select a component to Core Tor/Tor

comment:2 Changed 2 months ago by nickm

  • Keywords seccomp2 getpid added
  • Milestone set to Tor: 0.3.1.x-final

What version of OpenSSL were you using?

comment:3 Changed 2 months ago by nickm

  • Owner set to nickm
  • Points set to .1
  • Status changed from new to accepted

comment:4 Changed 2 months ago by nickm

  • Actual Points set to .1
  • Keywords 029-backport 030-backport added

My branch bug21943_029 fixes this, I believe. I think the reason we haven't run into this before is that most getpid() callers on Linux use the vdso version of getpid() rather than the syscall. I don't know why this particular version of openssl is doing the syscall instead, but the patch should fix it.

Possible backport.

comment:5 Changed 8 weeks ago by nickm

  • Status changed from accepted to needs_review

comment:6 Changed 8 weeks ago by anonym

  • Keywords AffectsTails added

This affects Tails: in our automated test suite setup, this prevents all Chutney nodes from starting (unless we disable sandboxing in torrc_templates/common.i). A backport to 3.x would be appreciated!

comment:7 Changed 8 weeks ago by nickm

anonym: Can you confirm that this patch fixes it for you?

comment:8 Changed 7 weeks ago by dgoulet

  • Status changed from needs_review to merge_ready


comment:9 Changed 7 weeks ago by nickm

  • Milestone changed from Tor: 0.3.1.x-final to Tor: 0.2.9.x-final
  • Resolution set to fixed
  • Status changed from merge_ready to closed

Merged to 0.2.9 and forwards. Thanks!

Note: See TracTickets for help on using tickets.