Bug#1006445: openssh-server: Killed by seccomp after accepting connection (i386)
On Fri, Feb 25, 2022 at 02:14:58PM +0000, Paul Brook wrote:
> After accepting an ssh connection, the sshd process is killed and I see
> the following in dmesg:
>
> audit: type=1326 audit(1645794361.669:40): auid=0 uid=100 gid=65534 ses=1 subj==unconfined pid=8338 comm="sshd" exe="/usr/sbin/sshd" sig=31 arch=40000003 syscall=414 compat=0 ip=0xb7ee3559 code=0x0
>
> Sysycall 414 is ppoll_time64, so I'm guessing this is fallout from
> ongoing 2038 fixes.
More likely fallout from the move from select()/pselect() to
poll()/ppoll() in 8.9. I suspect this affects most 32-bit Linux
architectures.
> The attached patch fixes this by adding ppoll_time64 the seccomp sanbox filters,
> which seems reasonable as ppoll is already allowed.
Yeah, this looks reasonable to me too, though for tidiness I'd suggest
moving __NR_ppoll_time64 below __NR_ppoll to match the ordering of
__NR_pselect6 and __NR_pselect6_time64.
Would you mind sending this upstream to https://bugzilla.mindrot.org/ ?
I can do it for you if you can't, but it's usually best to have fewer
people in the middle of the discussion.
--
Colin Watson (he/him) [cjwatson@debian.org]
Reply to: