diff options
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/local.mk | 1 | ||||
| -rw-r--r-- | gnu/packages/patches/tor-sandbox-i686.patch | 36 | ||||
| -rw-r--r-- | gnu/packages/tor.scm | 5 |
3 files changed, 40 insertions, 2 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 50f43df1e6..46f6800a6f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1811,6 +1811,7 @@ dist_patch_DATA = \ %D%/packages/patches/tk-find-library.patch \ %D%/packages/patches/tla2tools-build-xml.patch \ %D%/packages/patches/tlf-support-hamlib-4.2+.patch \ + %D%/packages/patches/tor-sandbox-i686.patch \ %D%/packages/patches/transcode-ffmpeg.patch \ %D%/packages/patches/transmission-honor-localedir.patch \ %D%/packages/patches/ttf2eot-cstddef.patch \ diff --git a/gnu/packages/patches/tor-sandbox-i686.patch b/gnu/packages/patches/tor-sandbox-i686.patch new file mode 100644 index 0000000000..34b0a053b1 --- /dev/null +++ b/gnu/packages/patches/tor-sandbox-i686.patch @@ -0,0 +1,36 @@ +This patch fixes sandboxing on i686 by allowing 'statx'. Without this, +'src/test/test_include.sh' would fail. + +Patch adapted from: + + https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/480 + +From 001d880d1082f5d124e10554e2718e407c7e88c6 Mon Sep 17 00:00:00 2001 +From: Simon South <simon@simonsouth.net> +Date: Fri, 5 Nov 2021 10:10:10 -0400 +Subject: [PATCH] sandbox: Allow "statx" syscall on i386 for glibc 2.33 + +glibc versions 2.33 and newer use the modern "statx" system call in their +implementations of stat() and opendir() for Linux on i386. Prevent failures in +the sandbox unit tests by modifying the sandbox to allow this system call +without restriction on i386 when it is available, and update the test suite to +skip the "sandbox/stat_filename" test in this case as it is certain to fail. +--- + src/lib/sandbox/sandbox.c | 3 +++ + src/test/test_sandbox.c | 7 ++++--- + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c +index fb02a345ab..a15f99ad76 100644 +--- a/src/lib/sandbox/sandbox.c ++++ b/src/lib/sandbox/sandbox.c +@@ -252,6 +252,9 @@ static int filter_nopar_gen[] = { + SCMP_SYS(sigreturn), + #endif + SCMP_SYS(stat), ++#if defined(__i386__) && defined(__NR_statx) ++ SCMP_SYS(statx), ++#endif + SCMP_SYS(uname), + SCMP_SYS(wait4), + SCMP_SYS(write), diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm index 3cd7983827..11b81a1234 100644 --- a/gnu/packages/tor.scm +++ b/gnu/packages/tor.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2015, 2021 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016, 2017, 2018, 2020, 2021 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016, 2017 Nikita <nikita@n0.is> @@ -64,7 +64,8 @@ version ".tar.gz")) (sha256 (base32 - "0sj7qn6d6js6gk4vjfkc7p9g021czbfaq00yfq3mn5ycnhvimkhm")))) + "0sj7qn6d6js6gk4vjfkc7p9g021czbfaq00yfq3mn5ycnhvimkhm")) + (patches (search-patches "tor-sandbox-i686.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags |