openssh: Default to not using sandbox when cross compiling

backport a patch to fix sandboxing issues seen on ppc32 and also on riscv32 [1] [1] https://bugzilla.mindrot.org/show_bug.cgi?id=3398 (From OE-Core rev: 90895a627be5e8a4e4943fa9195b5553416086d3) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Khem Raj <raj.khem@gmail.com> 2022-03-17 15:38:45 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-20 00:02:22 +0000
commit: afcbe8232028acd1be034fdbc13d3338c6ce1732 (patch)
tree: 7aaff2b6f8c75f453ad533050e4f8ac45538b2a6 /meta/recipes-connectivity/openssh
parent: f8134d36926efc7b4b2150a3e4fe98281a476212 (diff)
download: poky-afcbe8232028acd1be034fdbc13d3338c6ce1732.tar.gz
2 files changed, 34 insertions, 3 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
new file mode 100644
index 0000000000..0241c290ac
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
@@ -0,0 +1,33 @@
+From 56194e9a6043873b0ec84f9d15c6e4caca2580c8 Mon Sep 17 00:00:00 2001
+From: Darren Tucker <dtucker@dtucker.net>
+Date: Tue, 8 Mar 2022 20:04:06 +1100
+Subject: [PATCH] Default to not using sandbox when cross compiling.
+On most systems poll(2) does not work when the number of FDs is reduced
+with setrlimit, so assume it doesn't when cross compiling and we can't
+run the test.  bz#3398.
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Backport [https://anongit.mindrot.org/openssh.git/patch/?id=8cf5275452a950869cb90eeac7d220b01f77b12e]
+---
+ configure.ac | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/configure.ac b/configure.ac
+index 17fb1e6..a165d08 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -3574,8 +3574,8 @@ AC_RUN_IFELSE(
+         select_works_with_rlimit=yes],
+        [AC_MSG_RESULT([no])
+         select_works_with_rlimit=no],
+-       [AC_MSG_WARN([cross compiling: assuming yes])
+-        select_works_with_rlimit=yes]
+       [AC_MSG_WARN([cross compiling: assuming no])
+        select_works_with_rlimit=no]
+ )
+ 
+ AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[
+-- 
+2.35.1
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
index 6c5c1912e8..f306b1245a 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -25,6 +25,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
           file://sshd_check_keys \
           file://add-test-support-for-busybox.patch \
           file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
+           file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
           "
 SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
@@ -77,9 +78,6 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
 # musl doesn't implement wtmp/utmp and logwtmp
 EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
-# https://bugzilla.mindrot.org/show_bug.cgi?id=3398
-EXTRA_OECONF:append:powerpc = " --with-sandbox=no"
 # Since we do not depend on libbsd, we do not want configure to use it
 # just because it finds libutil.h.  But, specifying --disable-libutil
 # causes compile errors, so...
author	Khem Raj <raj.khem@gmail.com>	2022-03-17 15:38:45 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-03-20 00:02:22 +0000
commit	afcbe8232028acd1be034fdbc13d3338c6ce1732 (patch)
tree	7aaff2b6f8c75f453ad533050e4f8ac45538b2a6 /meta/recipes-connectivity/openssh
parent	f8134d36926efc7b4b2150a3e4fe98281a476212 (diff)
download	poky-afcbe8232028acd1be034fdbc13d3338c6ce1732.tar.gz

diff --git a/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch new file mode 100644 index 0000000000..0241c290ac --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-Default-to-not-using-sandbox-when-cross-compiling.patch
@@ -0,0 +1,33 @@
		1	From 56194e9a6043873b0ec84f9d15c6e4caca2580c8 Mon Sep 17 00:00:00 2001
		2	From: Darren Tucker <dtucker@dtucker.net>
		3	Date: Tue, 8 Mar 2022 20:04:06 +1100
		4	Subject: [PATCH] Default to not using sandbox when cross compiling.
		5
		6	On most systems poll(2) does not work when the number of FDs is reduced
		7	with setrlimit, so assume it doesn't when cross compiling and we can't
		8	run the test. bz#3398.
		9
		10	Signed-off-by: Khem Raj <raj.khem@gmail.com>
		11	Upstream-Status: Backport [https://anongit.mindrot.org/openssh.git/patch/?id=8cf5275452a950869cb90eeac7d220b01f77b12e]
		12	---
		13	configure.ac \| 4 ++--
		14	1 file changed, 2 insertions(+), 2 deletions(-)
		15
		16	diff --git a/configure.ac b/configure.ac
		17	index 17fb1e6..a165d08 100644
		18	--- a/configure.ac
		19	+++ b/configure.ac
		20	@@ -3574,8 +3574,8 @@ AC_RUN_IFELSE(
		21	select_works_with_rlimit=yes],
		22	[AC_MSG_RESULT([no])
		23	select_works_with_rlimit=no],
		24	- [AC_MSG_WARN([cross compiling: assuming yes])
		25	- select_works_with_rlimit=yes]
		26	+ [AC_MSG_WARN([cross compiling: assuming no])
		27	+ select_works_with_rlimit=no]
		28	)
		29
		30	AC_CHECK_MEMBERS([struct pollfd.fd], [], [], [[
		31	--
		32	2.35.1
		33


diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index 6c5c1912e8..f306b1245a 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -25,6 +25,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
25	file://sshd_check_keys \	25	file://sshd_check_keys \
26	file://add-test-support-for-busybox.patch \	26	file://add-test-support-for-busybox.patch \
27	file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \	27	file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
		28	file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
28	"	29	"
29	SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"	30	SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
30		31
@@ -77,9 +78,6 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
77	# musl doesn't implement wtmp/utmp and logwtmp	78	# musl doesn't implement wtmp/utmp and logwtmp
78	EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"	79	EXTRA_OECONF:append:libc-musl = " --disable-wtmp --disable-lastlog"
79		80
80	# https://bugzilla.mindrot.org/show_bug.cgi?id=3398
81	EXTRA_OECONF:append:powerpc = " --with-sandbox=no"
82
83	# Since we do not depend on libbsd, we do not want configure to use it	81	# Since we do not depend on libbsd, we do not want configure to use it
84	# just because it finds libutil.h. But, specifying --disable-libutil	82	# just because it finds libutil.h. But, specifying --disable-libutil
85	# causes compile errors, so...	83	# causes compile errors, so...