Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Better error on failure to load seccomp2 sandbox

There are two reasons this is likeliest to happen -- no kernel
support, and some bug in Tor.  We'll ask people to check the former
before they report. Closes 23090.
Nick Mathewson 6 years ago
parent
9261f612ad
commit
ab18e5e5fc
2 changed files with 6 additions and 1 deletions
Split View Show Diff Stats
  1. 3 0
      changes/feature23090
  2. 3 1
      src/common/sandbox.c

+ 3 - 0
changes/feature23090
View File 

@@ -0,0 +1,3 @@
 
+  o Minor features (linux seccomp2 sandbox):
 
+    - If the sandbox filter fails to load, suggest to the user that their
 
+      kernel might not support seccomp2. Closes ticket 23090.

+ 3 - 1
src/common/sandbox.c
View File 

@@ -1638,7 +1638,9 @@ install_syscall_filter(sandbox_cfg_t* cfg)
 
 
   // loading the seccomp2 filter
 
   if ((rc = seccomp_load(ctx))) {
 
-    log_err(LD_BUG, "(Sandbox) failed to load: %d (%s)!", rc,
 
+    log_err(LD_BUG, "(Sandbox) failed to load: %d (%s)! "
 
+            "Are you sure that your kernel has seccomp2 support? The "
 
+            "sandbox won't work without it.", rc,
 
             strerror(-rc));
 
     goto end;
 
   }