Hi!
Wen building OpenSSH 8.9p1 for 32-bit PowerPC big endian on Linux 5.4,
with CONFIG_SECCOMP=y in the kernel config, I noticed seccomp is not
supported for ppc in configure.ac:
> configure:9283: checking for seccomp architecture
> configure:9348: result: architecture not supported
With the attached patch adding support for it, building for the device
results in:
> configure:9283: checking for seccomp architecture
> configure:9345: result: "AUDIT_ARCH_PPC"
The resulting sshd output shows it now working with the seccomp sandboxing:
> debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
> debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
Could this ppc support be added to OpenSSH portable?
Thanks!
Dries
diff -urN openssh-8.9p1.old/configure.ac openssh-8.9p1/configure.ac
--- openssh-8.9p1.old/configure.ac 2022-07-13 14:03:17.596135014 +0200
+++ openssh-8.9p1/configure.ac 2022-07-13 14:04:35.144924272 +0200
@@ -924,6 +924,9 @@
s390-*)
seccomp_audit_arch=AUDIT_ARCH_S390
;;
+ powerpc-*)
+ seccomp_audit_arch=AUDIT_ARCH_PPC
+ ;;
powerpc64-*)
seccomp_audit_arch=AUDIT_ARCH_PPC64
;;
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
