Mailing List Archive

[Bug 3085] seccomp issue after upgrading openssl
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #22 from Damien Miller <djm@mindrot.org> ---
It looks like the only thing remaining from this bug is the
SECCOMP_AUDIT_ARCH setting in configure. Can you tell me what configure
identifies your host system as? Maybe we can fix this. Look for the
line like:

checking host system type... x86_64-pc-linux-gnu

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #23 from brunni@netestate.de ---
(In reply to Damien Miller from comment #22)
> It looks like the only thing remaining from this bug is the
> SECCOMP_AUDIT_ARCH setting in configure. Can you tell me what
> configure identifies your host system as? Maybe we can fix this.
> Look for the line like:
>
> checking host system type... x86_64-pc-linux-gnu

I still have the old system with the 64bit kernel and the 32bit
toolchain.

Which version of openSSH should I use?

--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #24 from Damien Miller <djm@mindrot.org> ---
For testing this, any really. OpenSSH 8.3 is ideal since it uses the
most recent version of GNU configure.

--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #25 from brunni@netestate.de ---
(In reply to Damien Miller from comment #22)
> It looks like the only thing remaining from this bug is the
> SECCOMP_AUDIT_ARCH setting in configure. Can you tell me what
> configure identifies your host system as? Maybe we can fix this.
> Look for the line like:
>
> checking host system type... x86_64-pc-linux-gnu

./configure
checking for cc... cc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether cc accepts -g... yes
checking for cc option to accept ISO C89... none needed
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #26 from Damien Miller <djm@mindrot.org> ---
Created attachment 3427
--> https://bugzilla.mindrot.org/attachment.cgi?id=3427&action=edit
Detect X32 when setting seccomp audit_arch

Please try this patch. It should detect X32 and set the audit arch to
i386.

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #27 from brunni@netestate.de ---
(In reply to Damien Miller from comment #26)
> Created attachment 3427 [details]
> Detect X32 when setting seccomp audit_arch
>
> Please try this patch. It should detect X32 and set the audit arch
> to i386.

Nope:

checking for seccomp architecture... "AUDIT_ARCH_X86_64"

grep SECCOMP_AUDIT_ARCH config.h
#define SECCOMP_AUDIT_ARCH AUDIT_ARCH_X86_64

I applied the patch and called autoconf and then configure. I also
manually checked configure contains the patch.

--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

--- Comment #28 from brunni@netestate.de ---
$ac_cv_sizeof_size_t is 4 for me btw - not 32. Sounds about right. So I
changed it to:

if test "$ac_cv_sizeof_size_t" = "4" ; then

And that looks better:

grep SECCOMP_AUDIT_ARCH config.h
#define SECCOMP_AUDIT_ARCH AUDIT_ARCH_I386

OpenSSH also compiles fine then. Did not do any further tests.

--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3085] seccomp issue after upgrading openssl [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=3085

Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED

--- Comment #29 from Damien Miller <djm@mindrot.org> ---
corrected fix committed and will be in OpenSSH 8.4 - thanks

--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs