Tor: Pick up upstream patch for fixing sandbox with glibc >= 2.34

Fixes: #12807

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>

lfs/tor

@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = tor
-PAK_VER    = 67
+PAK_VER    = 68
 
 DEPS       = libseccomp
 
@@ -89,6 +89,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 			--with-tor-user=tor \
 			--with-tor-group=tor
 
+	# https://bugzilla.ipfire.org/show_bug.cgi?id=12807
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch
+
 	cd $(DIR_APP) && make $(MAKETUNING)
 	cd $(DIR_APP) && make install
 

src/patches/Tor-Sandbox-permit-the-clone3-system-call.patch

@@ -0,0 +1,13 @@
+diff -Naur tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c tor-0.4.6.10/src/lib/sandbox/sandbox.c
+--- tor-0.4.6.10.orig/src/lib/sandbox/sandbox.c	2022-03-31 07:17:55.966217291 +0000
++++ tor-0.4.6.10/src/lib/sandbox/sandbox.c	2022-03-31 07:19:23.730134367 +0000
+@@ -151,6 +151,9 @@
+     SCMP_SYS(clock_gettime),
+     SCMP_SYS(close),
+     SCMP_SYS(clone),
++#ifdef __NR_clone3
++    SCMP_SYS(clone3),
++#endif
+     SCMP_SYS(dup),
+     SCMP_SYS(epoll_create),
+     SCMP_SYS(epoll_wait),