Opened 3 months ago

Closed 7 weeks ago

#21943 closed defect (fixed)

(Sandbox) Caught a bad syscall attempt (syscall getpid)

Reported by: ageisp0lis Owned by: nickm
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor: 0.2.9.10
Severity: Normal Keywords: sandbox seccomp2 getpid 029-backport 030-backport AffectsTails
Cc: Actual Points: .1
Parent ID: Points: .1
Reviewer: Sponsor:

Description

Tor version: 0.2.9.10-1
Debian sid 4.9.0-2-amd64

(Sandbox) Caught a bad syscall attempt (syscall getpid)
/usr/bin/tor(+0x16146a)[0x560e7566046a]
/lib/x86_64-linux-gnu/libc.so.6(getpid+0x7)[0x7fab93288d87]
/lib/x86_64-linux-gnu/libc.so.6(getpid+0x7)[0x7fab93288d87]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1(+0x18ca17)[0x7fab93d60a17]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1(+0xc7471)[0x7fab93c9b471]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1(BN_generate_prime_ex+0x4f7)[0x7fab93c9a577]
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1(RSA_generate_key_ex+0x177)[0x7fab93d67e97]
/usr/bin/tor(crypto_pk_generate_key_with_bits+0xb5)[0x560e75666e15]
/usr/bin/tor(init_keys_client+0x39)[0x560e75582ef9]
/usr/bin/tor(init_keys+0x3c)[0x560e7558738c]
/usr/bin/tor(do_main_loop+0x4f)[0x560e7554267f]
/usr/bin/tor(tor_main+0x1c25)[0x560e75546295]
/usr/bin/tor(main+0x19)[0x560e7553e2a9]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7fab931f02b1]
/usr/bin/tor(_start+0x2a)[0x560e7553e2fa]

Child Tickets

Change History (9)

comment:1 Changed 3 months ago by arma

  • Component changed from - Select a component to Core Tor/Tor

comment:2 Changed 2 months ago by nickm

  • Keywords seccomp2 getpid added
  • Milestone set to Tor: 0.3.1.x-final

What version of OpenSSL were you using?

comment:3 Changed 2 months ago by nickm

  • Owner set to nickm
  • Points set to .1
  • Status changed from new to accepted

comment:4 Changed 2 months ago by nickm

  • Actual Points set to .1
  • Keywords 029-backport 030-backport added

My branch bug21943_029 fixes this, I believe. I think the reason we haven't run into this before is that most getpid() callers on Linux use the vdso version of getpid() rather than the syscall. I don't know why this particular version of openssl is doing the syscall instead, but the patch should fix it.

Possible backport.

comment:5 Changed 8 weeks ago by nickm

  • Status changed from accepted to needs_review

comment:6 Changed 8 weeks ago by anonym

  • Keywords AffectsTails added

This affects Tails: in our automated test suite setup, this prevents all Chutney nodes from starting (unless we disable sandboxing in torrc_templates/common.i). A backport to 3.x would be appreciated!

comment:7 Changed 8 weeks ago by nickm

anonym: Can you confirm that this patch fixes it for you?

comment:8 Changed 7 weeks ago by dgoulet

  • Status changed from needs_review to merge_ready

lgtm;

comment:9 Changed 7 weeks ago by nickm

  • Milestone changed from Tor: 0.3.1.x-final to Tor: 0.2.9.x-final
  • Resolution set to fixed
  • Status changed from merge_ready to closed

Merged to 0.2.9 and forwards. Thanks!

Note: See TracTickets for help on using tickets.