[Bug 3702] New: sshd fork crashed when compiled with seccomp

[bugzilla-daemon at mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=3702

            Bug ID: 3702
           Summary: sshd fork crashed when compiled with seccomp
           Product: Portable OpenSSH
           Version: 9.7p1
          Hardware: ARM64
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: root at nixsum.net

Created attachment 3819
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3819&action=edit
strace

Hello,

After compiling on raspbian OS, with the seccomp sandbox enabled by
default the server program does not accept connections. When compiled
without the sandbox all is good.
When inspecting closer it looks like the fork of sshd is killed by
SIGSYS signal due to an access violation.

Kernel log at the time of crash:

[147024.127628] audit: type=1326 audit(1718443919.577:9): auid=1000
uid=103 gid=65534 ses=298 pid=17516 comm="sshd"
exe="/home/pi/openssh-9.7p1/sshd" sig=31 arch=40000028 syscall=384
compat=1 ip=0xf798d330 code=0x0

I am also attaching the strace of sshd and its children.

I tested this on x86 debian with the same setup, same seccomp kernel
parameters as far as I know them, and the issue does not occur.

This looks like something specific to the arm kernel (I tested both the
64bit and 32bit kernels), but I cannot tell what exactly.

And one last thing, I found the "EPERM (Operation not permitted)"
events in the strace output to be misleading, as they appeared when I
straced on x86 debian as well.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.