https://bugzilla.mindrot.org/show_bug.cgi?id=3702
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3820|0 |1 is obsolete| | --- Comment #6 from Darren Tucker <[email protected]> --- Created attachment 3821 --> https://bugzilla.mindrot.org/attachment.cgi?id=3821&action=edit Provide names for syscalls (In reply to Damien Miller from comment #5) [...] > We could convert the syscall numbers that we know (see attached), > but after writing that I realised that it isn't so useful - it's the > syscall numbers that we *don't* know that are typically the problem. Yeah I started there too and quickly gave that up for the same reason. I ended up extracting the syscalls from part-preprocessed source. I chose to use the seccomp file itself because that guarantees it picks up the same headers, and put it into another compilation unit because otherwise you get problems due to overwriting the generated file. That would be resolvable, but keeping it separate seemed cleaner (well, slightly less icky). It looks like: ssh_sandbox_violation: unexpected system call (arch:0xc000003e,syscall:271(__NR_ppoll) @ 0x7f5cccd1dc3b) [preauth] Probably a bit close to release for something this invasive (at least as far as the build system) but maybe immediately after. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
