Opened 13 months ago

Closed 13 months ago

Last modified 13 months ago

#23449 closed defect (fixed)

Need to allow `epoll_pwait` in the tor seccomp rules.

Reported by: yawning Owned by: yawning
Priority: High Milestone:
Component: Archived/Tor Browser Sandbox Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by yawning)

Or tor fails to work.

2017/09/10 15:29:20 tor: Sep 10 15:29:20.000 [warn] Warning from libevent: epoll_wait: Function not implemented
2017/09/10 15:29:20 tor: Sep 10 15:29:20.000 [err] libevent call with epoll (with changelist) failed: Function not implemented [38]
2017/09/10 15:29:25 tor: Process has no control port, killing

For what it's worth, this doesn't happen on all systems.

Child Tickets

Change History (4)

comment:1 Changed 13 months ago by yawning

Description: modified (diff)
Summary: Need to allow `epool_pwait` in the tor secomp rules.Need to allow `epool_pwait` in the tor seccomp rules.

comment:3 Changed 13 months ago by cypherpunks

Summary: Need to allow `epool_pwait` in the tor seccomp rules.Need to allow `epoll_pwait` in the Tor seccomp rules.

comment:4 in reply to:  3 Changed 13 months ago by yawning

Summary: Need to allow `epoll_pwait` in the Tor seccomp rules.Need to allow `epoll_pwait` in the tor seccomp rules.

Why are you changing the summary? The capitalization is intentional since I'm referring to the binary.

Replying to cypherpunks:

Also think about epoll_create1 and others from https://hg.mozilla.org/mozilla-central/file/tip/security/sandbox/linux/SandboxFilter.cpp#l166

And why should I? There's a different filter for the browser.

Note: See TracTickets for help on using tickets.