[Bug 3702] sshd fork crashed when compiled with seccomp

Fri Jun 21 18:41:30 AEST 2024

https://bugzilla.mindrot.org/show_bug.cgi?id=3702

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #3820|0                           |1
        is obsolete|                            |

--- Comment #6 from Darren Tucker <dtucker at dtucker.net> ---
Created attachment 3821
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3821&action=edit
Provide names for syscalls

(In reply to Damien Miller from comment #5)
[...]
> We could convert the syscall numbers that we know (see attached),
> but after writing that I realised that it isn't so useful - it's the
> syscall numbers that we *don't* know that are typically the problem.

Yeah I started there too and quickly gave that up for the same reason. 
I ended up extracting the syscalls from part-preprocessed source.  I
chose to use the seccomp file itself because that guarantees it picks
up the same headers, and put it into another compilation unit because
otherwise you get problems due to overwriting the generated file.  That
would be resolvable, but keeping it separate seemed cleaner (well,
slightly less icky).

It looks like:

ssh_sandbox_violation: unexpected system call
(arch:0xc000003e,syscall:271(__NR_ppoll) @ 0x7f5cccd1dc3b) [preauth]

Probably a bit close to release for something this invasive (at least
as far as the build system) but maybe immediately after.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.