FS#63129 - [vsftpd] Seccomp kills child process after clock_gettime syscall
Attached to Project:
Community Packages
Opened by Szunti (Szunti) - Monday, 08 July 2019, 17:31 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:00 GMT
Opened by Szunti (Szunti) - Monday, 08 July 2019, 17:31 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:00 GMT
|
Details
Description:
Maybe should go upstream, but I saw that other syscalls were whitelisted with a patch recently. gettimeofday is already whitelisted, but it's never called. Its in the vdso and if the tsc clocksource is used by the kernel a syscall is not made at all, if the clocksource is not tsc (kernel deemed it unreliable in my case) then it falls back on the clock_gettime syscall. Then every attempt to connect to the server is closed immediately with 500 OOPS: child died Patching seccompsandbox.c: allow_nr(__NR_gettimeofday); /* Used by logging. */ +allow_nr(__NR_clock_gettime); fixes it. Additional info: * package version(s) vsftpd 3.0.3-6 Steps to reproduce: 1) Set clocksource to hpet (echo hpet > /sys/devices/system/clocksource/clocksource0/current_clocksource) 2) Run vsftpd 3) Get 500 OOPS: children died error in client |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:00 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/vsftpd/issues/2
Saturday, 25 November 2023, 20:00 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/vsftpd/issues/2
Comment by
Buggy McBugFace (bugbot) - Tuesday,
08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2
years. Please reply if you still experience this bug otherwise
this issue will be closed after 1 month.