Hi! Wen building OpenSSH 8.9p1 for 32-bit PowerPC big endian on Linux 5.4, with CONFIG_SECCOMP=y in the kernel config, I noticed seccomp is not supported for ppc in configure.ac: > configure:9283: checking for seccomp architecture > configure:9348: result: architecture not supported With the attached patch adding support for it, building for the device results in: > configure:9283: checking for seccomp architecture > configure:9345: result: "AUDIT_ARCH_PPC" The resulting sshd output shows it now working with the seccomp sandboxing: > debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth] > debug3: ssh_sandbox_child: attaching seccomp filter program [preauth] Could this ppc support be added to OpenSSH portable? Thanks! Dries -------------- next part -------------- A non-text attachment was scrubbed... Name: seccomp-on-powerpc.patch Type: text/x-patch Size: 396 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220713/f287b136/attachment.bin>
On Thu, 14 Jul 2022 at 04:56, Dries Deschout <dries.deschout at dodeco.eu> wrote: [...]> Could this ppc support be added to OpenSSH portable?Patch applied, thanks! -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.