Bug 3260

Summary:

seccomp additions for glibc 2.33 on 32-bit platforms

Product:

Portable OpenSSH

Reporter:

Nick Alcock <nix>

Component:

sshd

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

major

CC:

dtucker, jjelen

Priority:

Version:

8.4p1

Hardware:

ix86

OS:

Linux

Bug Depends on:

Bug Blocks:

3217

Attachments:

Description	Flags
seccomp additions for glibc 2.33	none
remaining seccomp addition for glibc 2.33	none

Description Nick Alcock 2021-02-11 00:05:20 AEDT

Created attachment 3470 [details]
seccomp additions for glibc 2.33

glibc 2.33+ on these platforms, when used in conjunction with newer Linux kernels, needs various new syscalls in the seccomp whitelist (they've been added to allow for post-2038 time).

Patch against 8.4p1 attached.

Ranked major because it builds fine but then fails at connection-accept time, which can lead to service loss and annoying trips to get a console (thankfully I only had to make a trip across the room to plug the serial console in).

Comment 1 Jakub Jelen 2021-02-11 02:42:49 AEDT

Comment on attachment 3470 [details]
seccomp additions for glibc 2.33

The __NR_pselect6_time64 is already in as reported in the bug #3232 and merged upstream as [1]. The __NR_futex_time64 has wrong ifdef at this moment and should say:

+#ifdef __NR_futex_time64
+	SC_ALLOW(__NR_futex_time64),
+#endif

[1] https://github.com/openssh/openssh-portable/commit/0f90440ca

Comment 2 Nick Alcock 2021-02-11 05:59:12 AEDT

Created attachment 3471 [details]
remaining seccomp addition for glibc 2.33

Comment 3 Nick Alcock 2021-02-11 06:00:10 AEDT

Sorry, I forgot to check master with the obviously wrong reasoning that portable-openssh changes wouldn't go in there (even though I already know they do, routinely). Fixed patch against master attached.

Comment 4 Darren Tucker 2021-02-11 10:22:09 AEDT

Patch applied, thanks.

Can you specify which platforms this occurs on?  I think it should be caught by the regression tests when run with sudo/doas ("make tests SUDO=sudo") and I'd like to see if we can improve our test coverage.

Comment 5 Nick Alcock 2021-02-12 01:07:49 AEDT

It'll happen on any glibc-using Linux platform with a 32-bit glibc 2.33+ and a sufficiently recent kernel, though "sufficiently recent" is architecture-dependent: on kernel 5.1+, all 32-bit architectures with this glibc release will use these syscalls. (See sysdeps/unix/sysv/linux/kernel-features.h in the glibc 2.33 source tree.)

Comment 6 Damien Miller 2021-03-04 09:52:48 AEDT

close bugs that were resolved in OpenSSH 8.5 release cycle