]> git.ipfire.org Git - thirdparty/openssh-portable.git/commitdiff
projects / thirdparty / openssh-portable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b30d321)
sandbox-seccomp-filter: allow gettid
authorAlex James <theracermaster@gmail.com>
Sun, 30 Jan 2022 22:13:36 +0000 (16:13 -0600)
committerDarren Tucker <dtucker@dtucker.net>
Mon, 31 Jan 2022 05:45:10 +0000 (16:45 +1100)
Some allocators (such as Scudo) use gettid while tracing allocations [1].
Allow gettid in preauth to prevent sshd from crashing with Scudo.

[1]: https://github.com/llvm/llvm-project/blob/llvmorg-13.0.0/compiler-rt/lib/gwp_asan/common.cpp#L46

sandbox-seccomp-filter.c patch | blob | blame | history

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index f5e462806e05a675eb353628911ac4a189979567..2e065ba3edb69a64addd4c1ac7135f2ce8da1250 100644 (file)
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -228,6 +228,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR_getrandom
        SC_ALLOW(__NR_getrandom),
 #endif
+#ifdef __NR_gettid
+       SC_ALLOW(__NR_gettid),
+#endif
 #ifdef __NR_gettimeofday
        SC_ALLOW(__NR_gettimeofday),
 #endif
Mirror of https://github.com/openssh/openssh-portable.git