Hi!
Wen building OpenSSH 8.9p1 for 32-bit PowerPC big endian on Linux 5.4,
with CONFIG_SECCOMP=y in the kernel config, I noticed seccomp is not
supported for ppc in configure.ac:
> configure:9283: checking for seccomp architecture
> configure:9348: result: architecture not supported
With the attached patch adding support for it, building for the device
results in:
> configure:9283: checking for seccomp architecture
> configure:9345: result: "AUDIT_ARCH_PPC"
The resulting sshd output shows it now working with the seccomp sandboxing:
> debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
> debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
Could this ppc support be added to OpenSSH portable?
Thanks!
Dries
Wen building OpenSSH 8.9p1 for 32-bit PowerPC big endian on Linux 5.4,
with CONFIG_SECCOMP=y in the kernel config, I noticed seccomp is not
supported for ppc in configure.ac:
> configure:9283: checking for seccomp architecture
> configure:9348: result: architecture not supported
With the attached patch adding support for it, building for the device
results in:
> configure:9283: checking for seccomp architecture
> configure:9345: result: "AUDIT_ARCH_PPC"
The resulting sshd output shows it now working with the seccomp sandboxing:
> debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
> debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
Could this ppc support be added to OpenSSH portable?
Thanks!
Dries
Attached Files:
-
seccomp-on-powerpc.patch (0.39 KB)