[openssh-commits] [openssh] 01/01: fix SANDBOX_SECCOMP_FILTER_DEBUG
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Aug 11 08:58:58 AEST 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 2580916e48721802220c61ce9e0df1297c00bc07
Author: Damien Miller <djm at mindrot.org>
Date: Thu Aug 11 08:58:28 2022 +1000
fix SANDBOX_SECCOMP_FILTER_DEBUG
---
sandbox-seccomp-filter.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 4ce80cb2..9929bdb6 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -23,17 +23,20 @@
* E.g.
* auditctl -a task,always -F uid=<privsep uid>
*/
-/* #define SANDBOX_SECCOMP_FILTER_DEBUG 1 */
-
-/* XXX it should be possible to do logging via the log socket safely */
+#define SANDBOX_SECCOMP_FILTER_DEBUG 1
+#if 0
+/*
+ * For older toolchains, it may be necessary to use the kernel
+ * headers directly.
+ */
#ifdef SANDBOX_SECCOMP_FILTER_DEBUG
-/* Use the kernel headers in case of an older toolchain. */
# include <asm/siginfo.h>
# define __have_siginfo_t 1
# define __have_sigval_t 1
# define __have_sigevent_t 1
#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
+#endif
#include "includes.h"
@@ -362,7 +365,7 @@ ssh_sandbox_init(struct monitor *monitor)
#ifdef SANDBOX_SECCOMP_FILTER_DEBUG
extern struct monitor *pmonitor;
-void mm_log_handler(LogLevel level, const char *msg, void *ctx);
+void mm_log_handler(LogLevel level, int forced, const char *msg, void *ctx);
static void
ssh_sandbox_violation(int signum, siginfo_t *info, void *void_context)
@@ -372,7 +375,7 @@ ssh_sandbox_violation(int signum, siginfo_t *info, void *void_context)
snprintf(msg, sizeof(msg),
"%s: unexpected system call (arch:0x%x,syscall:%d @ %p)",
__func__, info->si_arch, info->si_syscall, info->si_call_addr);
- mm_log_handler(SYSLOG_LEVEL_FATAL, msg, pmonitor);
+ mm_log_handler(SYSLOG_LEVEL_FATAL, 0, msg, pmonitor);
_exit(1);
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list