dropbear ssh server with vfork and no fork

Thomas Vajzovic thomas.vajzovic at irisys.co.uk
Wed Aug 21 22:34:00 WST 2013


I am interested in running dropbear ssh server under uClinux on an embedded blackfin platform (using the buildroot distribution).

This platform does not have a full MMU, so fork() is not available.

I notice that in one or two places in dropbear, fork() has been replaced with vfork() if the macro __uClinux__ is defined.

In scp.c, there are comments about the requirement to call exec immediately in the child after vfork returns, and this is done.

In other places some of the things that are done after vfork but before exec are quite big, eg:

* writing to stack data
* writing to global data
 * closing and dup-ing file descriptors
 * changing signal handlers
 * writing to the login record
 * malloc-ing memory
 * setting environment variables
 * setuid/setgid

In svr-chansession.c the code commented "wipe the hostkey" is not performed if vfork was used, so presumably that bit was found to not work, but what about the rest?

Are people running the dropbear server on no-MMU systems and it just happens to work for them, or has someone verified that it will always work?

If people agree that this is wrong, then I could spend some time fixing it...

Best regards,

Mr T. Vajzovic
Software Engineer
Infrared Integrated Systems Ltd
Visit us at www.irisys.co.uk
Disclaimer: This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the original message and the sent message from your computer. Infrared Integrated Systems Limited Park Circle Tithe Barn Way Swan Valley Northampton NN4 9BG Registration Number: 3186364.

More information about the Dropbear mailing list