openssh bugs - Mar 2021 - [Bug 3268] New: ssh_sandbox_violation: unexpected system call: getpid on Linux x32

https://bugzilla.mindrot.org/show_bug.cgi?id=3268

            Bug ID: 3268
           Summary: ssh_sandbox_violation: unexpected system call: getpid
                    on Linux x32
           Product: Portable OpenSSH
           Version: 8.4p1
          Hardware: x32
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: arekm at maven.pl

On Linux x32, glibc 2.33 and kernel 4.9.256 I'm getting sshd killed due
to sandbox violation. With debugging:

9563  getpid()                          = 1073741863
9563  --- SIGSYS {si_signo=SIGSYS, si_code=SYS_SECCOMP,
si_call_addr=0xf71b164b, si_syscall=__NR_getpid,
si_arch=AUDIT_ARCH_X86_64} ---
9563  write(8, "\0\0\0g\0\0\0\1\0\0\0_ssh_sandbox_violation: unexpected
system call (arch:0xc000003e,syscall:1073741863 @ 0xf71b164b)", 107)
1073741825

1073741863 is getpid on x32


but there is
        SC_ALLOW(__NR_getpid),
already there, so should allow it right?

I even tried:
    SC_ALLOW(1073741863),
to see if that will work but it doesn't.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3268

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Could you please try git HEAD from
https://github.com/openssh/openssh-portable ?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3268

Arkadiusz Mi?kiewicz <arekm at maven.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #2 from Arkadiusz Mi?kiewicz <arekm at maven.pl> ---
commit e3f27006f15abacb7e89fda3f5e9a0bd420b7e38
Author: Damien Miller <djm at mindrot.org>
Date:   Fri Nov 13 14:20:43 2020 +1100

    Revert "detect Linux/X32 systems"

    This reverts commit 5b56bd0affea7b02b540bdbc4d1d271b0e4fc885.

    The approach used was incorrect; discussion in bz#3085


fixed it, thanks.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3268

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
close bugs that were resolved in OpenSSH 8.5 release cycle

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.