Bug 1897712

Summary: openssh SIGSYS on connection attempt
Product: [Fedora] Fedora Reporter: Paul Whalen <pwhalen>
Component: opensshAssignee: Jakub Jelen <jjelen>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: crypto-team, dwalsh, jjelen, lkundrak, mattias.ellert, plautrba, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssh-8.4p1-3.fc33 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-27 01:22:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 245418    
Attachments:
Description Flags
sshd backtrace none

Description Paul Whalen 2020-11-13 20:47:09 UTC 
Description of problem:

Attempting to ssh to an armhfp system running rawhide(f34) fails:

ssh root.122.82
Connection reset by 192.168.122.82 port 22

coredumpctl info
           PID: 10183 (sshd)
           UID: 74 (sshd)
           GID: 74 (sshd)
        Signal: 31 (SYS)
     Timestamp: Fri 2020-11-13 15:34:15 EST (27s ago)
  Command Line: sshd: [net]
    Executable: /usr/sbin/sshd
 Control Group: /system.slice/sshd.service
          Unit: sshd.service
         Slice: system.slice
       Boot ID: 8d2799bb69bc4036b9a98eb197a3da6d
    Machine ID: 9bcaadd8e8ba4302b29cfb084eb68089
      Hostname: localhost.localdomain
       Storage: /var/lib/systemd/coredump/core.sshd.74.8d2799bb69bc4036b9a98eb1>
       Message: Process 10183 (sshd) of user 74 dumped core.
                
                Stack trace of thread 10183:
                #0  0x00000000b6995370 __GI___select64 (libc.so.6 + 0xda370)
                #1  0x00000000004e96e4 ssh_packet_read_seqnr (sshd + 0x596e4)
                #2  0x00000000004e97fc ssh_dispatch_run_fatal (sshd + 0x597fc)
                #3  0x000000000049dcbc do_ssh2_kex (sshd + 0xdcbc)
                #4  0x000000000049b454 main (sshd + 0xb454)
                #5  0x00000000b68d639c __libc_start_main (libc.so.6 + 0x1b39c)
                #6  0x000000000049baf0 .annobin_init.c_end.hot (sshd + 0xbaf0)


Version-Release number of selected component (if applicable):
openssh-8.4p1-2.fc34.armv7hl

How reproducible:
Everytime.
Comment 1 Paul Whalen 2020-11-13 20:49:05 UTC 
Created attachment 1729215 [details]
sshd backtrace
Comment 2 Jakub Jelen 2020-11-16 09:29:24 UTC 
Can you check audit for what syscall was used in your case on ARM which failed? Is it called now select64 or something else?
Comment 3 Paul Whalen 2020-11-17 20:47:39 UTC 
type=SECCOMP msg=audit(1605645779.332:638): auid=4294967295 uid=74 gid=74 ses=4294967295 subj=system_u:system_r:sshd_net_t:s0-s0:c0.c1023 pid=796 comm="sshd" exe="/usr/sbin/sshd" sig=31 arch=40000028 syscall=413 compat=0 ip=0xb68db370 code=0x0AUID="unset" UID="sshd" GID="sshd" ARCH=armeb SYSCALL=unknown-syscall(413)

On arm 413 looks to be pselect6_time64
Comment 4 Jakub Jelen 2020-11-18 14:43:47 UTC 
Thank you for report and checking the syscall. This is something new. The following patch should address the issue:

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index e0768c06..5065ae7e 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -267,6 +267,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR_pselect6
 	SC_ALLOW(__NR_pselect6),
 #endif
+#ifdef __NR_pselect6_time64
+	SC_ALLOW(__NR_pselect6_time64),
+#endif
 #ifdef __NR_read
 	SC_ALLOW(__NR_read),
 #endif

I submitted a scratch build with the patch above. Please, check if it will work for you. Then I can fix it in Fedora and report upstream.

https://koji.fedoraproject.org/koji/taskinfo?taskID=55805956
Comment 5 Paul Whalen 2020-11-18 15:35:58 UTC 
(In reply to Jakub Jelen from comment #4)

> I submitted a scratch build with the patch above. Please, check if it will
> work for you. Then I can fix it in Fedora and report upstream.
> 
> https://koji.fedoraproject.org/koji/taskinfo?taskID=55805956

Thanks! That works as expected.
Comment 6 Fedora Update System 2020-11-19 14:47:07 UTC 
FEDORA-2020-413ab3bca3 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-413ab3bca3
Comment 7 Fedora Update System 2020-11-20 02:15:00 UTC 
FEDORA-2020-413ab3bca3 has been pushed to the Fedora 33 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-413ab3bca3`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-413ab3bca3

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2020-11-27 01:22:51 UTC 
FEDORA-2020-413ab3bca3 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.