https://bugzilla.mindrot.org/show_bug.cgi?id=3430
Bug ID: 3430 Summary: 64 bit time and seccomp conflict Product: Portable OpenSSH Version: 8.9p1 Hardware: ARM OS: Linux Status: NEW Severity: major Priority: P5 Component: sshd Assignee: unassigned-b...@mindrot.org Reporter: alack...@gmail.com I found that glibc with support for 64-bit time could crash sshd process with enabled seccomp seccomp. Test environment: -Kernel 4.14.x -32 bit ARM CPU -glibc 2.34 -OpenSSH 8.9p1 -Toolchain: GCC 10 Syscall wrappers like a clock_gettime (https://github.com/bminor/glibc/blob/glibc-2.34/sysdeps/unix/sysv/linux/clock_gettime.c) first run syscall dedicated for kernels that support 64 bit time. If this syscall failed with ENOSYS error, then glibc calls traditional variant for 32 bit time. OpenSSH in source code tries to figure which syscalls are supported by kernel and only supported syscalls are added as an allowed in seccomp (https://github.com/openssh/openssh-portable/blob/master/sandbox-seccomp-filter.c). Because kernel 4.14 doesn’t support syscalls for 64 bit time, __NR_clock_gettime64 is not added as a trusted syscall to seccomp. As a result OpenSSH process is killed by seccomp every time when it tries to use clock_gettime from glibc. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs