diff mbox series

openssh: Default to not using sandbox when cross compiling

Message ID 20220317223845.3691239-1-raj.khem@gmail.com
State Accepted, archived
Commit 90895a627be5e8a4e4943fa9195b5553416086d3
Headers show
Series openssh: Default to not using sandbox when cross compiling | expand

Commit Message

Khem Raj March 17, 2022, 10:38 p.m. UTC 
backport a patch to fix sandboxing issues seen on ppc32 and also on
riscv32 [1]

[1] https://bugzilla.mindrot.org/show_bug.cgi?id=3398

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 ...t-using-sandbox-when-cross-compiling.patch | 33 +++++++++++++++++++
 .../openssh/openssh_8.9p1.bb                  |  4 +--
 2 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
new file mode 100644
index 00000000000..0241c290ac4
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
@@ -0,0 +1,33 @@ 
+From 56194e9a6043873b0ec84f9d15c6e4caca2580c8 Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@dtucker.net>
+Date: Tue, 8 Mar 2022 20:04:06 +1100
+Subject: [PATCH] Default to not using sandbox when cross compiling.
+
+On most systems poll(2) does not work when the number of FDs is reduced
+with setrlimit, so assume it doesn't when cross compiling and we can't
+run the test.  bz#3398.
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Backport [https://anongit.mindrot.org/openssh.git/patch/?id=8cf5275452a950869cb90eeac7d220b01f77b12e]
+---
+ configure.ac | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 17fb1e6..a165d08 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3574,8 +3574,8 @@ AC_RUN_IFELSE(
+ 	 select_works_with_rlimit=yes],
+ 	[AC_MSG_RESULT([no])
+ 	 select_works_with_rlimit=no],
+-	[AC_MSG_WARN([cross compiling: assuming yes])
+-	 select_works_with_rlimit=yes]
++	[AC_MSG_WARN([cross compiling: assuming no])
++	 select_works_with_rlimit=no]
+ )
+ 
+ AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[
+-- 
+2.35.1
+
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
index 6c5c1912e82..f306b1245ac 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -25,6 +25,7 @@  SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
            file://sshd_check_keys \
            file://add-test-support-for-busybox.patch \
            file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
+           file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
            "
 SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
 
@@ -77,9 +78,6 @@  EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
 # musl doesn't implement wtmp/utmp and logwtmp
 EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
 
-# https://bugzilla.mindrot.org/show_bug.cgi?id=3398
-EXTRA_OECONF:append:powerpc = " --with-sandbox=no"
-
 # Since we do not depend on libbsd, we do not want configure to use it
 # just because it finds libutil.h.  But, specifying --disable-libutil
 # causes compile errors, so...