bmh10 / rpms / openssh

Forked from rpms/openssh 13 days ago
Clone

Blame SOURCES/openssh-6.6p1-s390-closefrom.patch

8f2528
Zseries only: Leave the hardware filedescriptors open.
8f2528
8f2528
All filedescriptors above 2 are getting closed when a new
8f2528
sshd process to handle a new client connection is
8f2528
spawned. As the process also chroot into an empty filesystem
8f2528
without any device nodes, there is no chance to reopen the
8f2528
files. This patch filters out the reqired fds in the
8f2528
closefrom function so these are skipped in the close loop.
8f2528
8f2528
Author: Harald Freudenberger <freude@de.ibm.com>
8f2528
8f2528
---
8f2528
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
8f2528
 1 file changed, 26 insertions(+)
8f2528
8f2528
--- a/openbsd-compat/bsd-closefrom.c
8f2528
+++ b/openbsd-compat/bsd-closefrom.c
8f2528
@@ -82,7 +82,33 @@ closefrom(int lowfd)
8f2528
 	    fd = strtol(dent->d_name, &endp, 10);
8f2528
 	    if (dent->d_name != endp && *endp == '\0' &&
8f2528
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
8f2528
+#ifdef __s390__
8f2528
+		{
8f2528
+		    /*
8f2528
+		     * the filedescriptors used to communicate with
8f2528
+		     * the device drivers to provide hardware support
8f2528
+		     * should survive. HF <freude@de.ibm.com>
8f2528
+		     */
8f2528
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
8f2528
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
8f2528
+				   fdpath, dent->d_name);
8f2528
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
8f2528
+			len = readlink(fpath, lpath, sizeof(lpath));
8f2528
+			if (len > 0) {
8f2528
+			    lpath[len] = 0;
8f2528
+			    if (strstr(lpath, "dev/z90crypt")
8f2528
+				|| strstr(lpath, "dev/zcrypt")
8f2528
+				|| strstr(lpath, "dev/prandom")
8f2528
+				|| strstr(lpath, "dev/shm/icastats"))
8f2528
+				fd = -1;
8f2528
+			}
8f2528
+		    }
8f2528
+		    if (fd >= 0)
8f2528
+			(void) close((int) fd);
8f2528
+		}
8f2528
+#else
8f2528
 		(void) close((int) fd);
8f2528
+#endif
8f2528
 	}
8f2528
 	(void) closedir(dirp);
8f2528
     } else
8f2528