Created attachment 3470 [details] seccomp additions for glibc 2.33 glibc 2.33+ on these platforms, when used in conjunction with newer Linux kernels, needs various new syscalls in the seccomp whitelist (they've been added to allow for post-2038 time). Patch against 8.4p1 attached. Ranked major because it builds fine but then fails at connection-accept time, which can lead to service loss and annoying trips to get a console (thankfully I only had to make a trip across the room to plug the serial console in).
Comment on attachment 3470 [details] seccomp additions for glibc 2.33 The __NR_pselect6_time64 is already in as reported in the bug #3232 and merged upstream as [1]. The __NR_futex_time64 has wrong ifdef at this moment and should say: +#ifdef __NR_futex_time64 + SC_ALLOW(__NR_futex_time64), +#endif [1] https://github.com/openssh/openssh-portable/commit/0f90440ca
Created attachment 3471 [details] remaining seccomp addition for glibc 2.33
Sorry, I forgot to check master with the obviously wrong reasoning that portable-openssh changes wouldn't go in there (even though I already know they do, routinely). Fixed patch against master attached.
Patch applied, thanks. Can you specify which platforms this occurs on? I think it should be caught by the regression tests when run with sudo/doas ("make tests SUDO=sudo") and I'd like to see if we can improve our test coverage.
It'll happen on any glibc-using Linux platform with a 32-bit glibc 2.33+ and a sufficiently recent kernel, though "sufficiently recent" is architecture-dependent: on kernel 5.1+, all 32-bit architectures with this glibc release will use these syscalls. (See sysdeps/unix/sysv/linux/kernel-features.h in the glibc 2.33 source tree.)
close bugs that were resolved in OpenSSH 8.5 release cycle