Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-12 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
-+-
 Reporter:  Jigsaw52 |  Owner:  (none)
 Type:  defect   | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.3.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  nss sandbox seccomp 035-backport |  Actual Points:
  041-backport-maybe 042-backport 043-backport   |
Parent ID:   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by nickm):

 * status:  needs_review => merge_ready
 * milestone:  Tor: 0.4.4.x-final => Tor: 0.4.3.x-final


Comment:

 I've made a branch against 0.3.5 that cherry-picks this patch, as
 `bug34130_035`.  The PR for that is
 https://github.com/torproject/tor/pull/1887 .

 I've merged it to master, and am marking for backport.  Additional 0.4.1
 releases are indeed unlikely. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-08 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
-+-
 Reporter:  Jigsaw52 |  Owner:  (none)
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  nss sandbox seccomp 035-backport |  Actual Points:
  041-backport-maybe 042-backport 043-backport   |
Parent ID:   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by teor):

 * keywords:  nss sandbox seccomp backport? =>
 nss sandbox seccomp 035-backport 041-backport-maybe 042-backport
 043-backport


Comment:

 Thanks! It looks like we need to backport to 0.3.5 and later.

 I've marked this ticket with the relevant backport tags.

 0.4.1 will be obsolete on 20 May 2020, so I'm not sure if we will backport
 or do a patch release for 0.4.1:
 
https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases#Current

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-08 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
---+---
 Reporter:  Jigsaw52   |  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  nss sandbox seccomp backport?  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---

Comment (by Jigsaw52):

 Replying to [comment:5 teor]:
 > Replying to [comment:4 Jigsaw52]:
 > > This bug exists since the --enable-nss flag was implemented in
 tor-0.3.5.1-alpha.
 > > I've updated the changes file.
 > >
 > > I can reproduce the problem on 0.3.5.1-alpha but this patch is not
 enough to fix it in that version, it crashes with a call to setsockopt.
 Some change in the sandbox rules for setsockopt or removal of code that
 called setsockopt must have happened between this version and the current
 master.
 >
 > Can you try 0.3.5.10 ?
 >
 > We've fixed some general seccomp sandbox bugs recently, like #29819 in
 0.3.5.10.

 I've tested it. The patch works on 0.3.5.10.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-07 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
---+---
 Reporter:  Jigsaw52   |  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  nss sandbox seccomp backport?  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---

Comment (by teor):

 Replying to [comment:4 Jigsaw52]:
 > This bug exists since the --enable-nss flag was implemented in
 tor-0.3.5.1-alpha.
 > I've updated the changes file.
 >
 > I can reproduce the problem on 0.3.5.1-alpha but this patch is not
 enough to fix it in that version, it crashes with a call to setsockopt.
 Some change in the sandbox rules for setsockopt or removal of code that
 called setsockopt must have happened between this version and the current
 master.

 Can you try 0.3.5.10 ?

 We've fixed some general seccomp sandbox bugs recently, like #29819 in
 0.3.5.10.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-07 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
---+---
 Reporter:  Jigsaw52   |  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  nss sandbox seccomp backport?  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---

Comment (by Jigsaw52):

 This bug exists since the --enable-nss flag was implemented in
 tor-0.3.5.1-alpha.
 I've updated the changes file.

 I can reproduce the problem on 0.3.5.1-alpha but this patch is not enough
 to fix it in that version, it crashes with a call to setsockopt. Some
 change in the sandbox rules for setsockopt or removal of code that called
 setsockopt must have happened between this version and the current master.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-07 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
---+---
 Reporter:  Jigsaw52   |  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  nss sandbox seccomp backport?  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---

Comment (by teor):

 Here's some instructions for finding the earliest commit with a particular
 string:
 https://gitweb.torproject.org/tor.git/tree/doc/HACKING/CodingStandards.md#n113

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-07 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
---+---
 Reporter:  Jigsaw52   |  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor:
   |  0.4.4.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  nss sandbox seccomp backport?  |  Actual Points:
Parent ID: | Points:
 Reviewer:  nickm  |Sponsor:
---+---
Changes (by nickm):

 * keywords:  nss sandbox seccomp => nss sandbox seccomp backport?
 * reviewer:   => nickm
 * milestone:   => Tor: 0.4.4.x-final


Comment:

 The fix looks fine, but is this really a "bugfix on 0.4.4.0-alpha"?  That
 is, is 0.4.4.0-alpha really the first version that has this bug, or is the
 bug older than that?

 We try to keep track of which version introduced the bug, so we know how
 far back we might need to backport each fix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss

2020-05-06 Thread Tor Bug Tracker & Wiki 
#34130: Tor won't start with seccomp sandbox when compiled with --enable-nss
-+--
 Reporter:  Jigsaw52 |  Owner:  (none)
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  nss sandbox seccomp  |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by Jigsaw52):

 * status:  new => needs_review


Comment:

 Added pull request that fixes this issue:
 https://github.com/torproject/tor/pull/1884

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs