bmh10 / rpms / openssh

Forked from rpms/openssh 2 days ago
Clone
Blob Blame History Raw
Zseries only: Leave the hardware filedescriptors open.

All filedescriptors above 2 are getting closed when a new
sshd process to handle a new client connection is
spawned. As the process also chroot into an empty filesystem
without any device nodes, there is no chance to reopen the
files. This patch filters out the reqired fds in the
closefrom function so these are skipped in the close loop.

Author: Harald Freudenberger <freude@de.ibm.com>

---
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -82,7 +82,33 @@ closefrom(int lowfd)
 	    fd = strtol(dent->d_name, &endp, 10);
 	    if (dent->d_name != endp && *endp == '\0' &&
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
+#ifdef __s390__
+		{
+		    /*
+		     * the filedescriptors used to communicate with
+		     * the device drivers to provide hardware support
+		     * should survive. HF <freude@de.ibm.com>
+		     */
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
+				   fdpath, dent->d_name);
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
+			len = readlink(fpath, lpath, sizeof(lpath));
+			if (len > 0) {
+			    lpath[len] = 0;
+			    if (strstr(lpath, "dev/z90crypt")
+				|| strstr(lpath, "dev/zcrypt")
+				|| strstr(lpath, "dev/prandom")
+				|| strstr(lpath, "dev/shm/icastats"))
+				fd = -1;
+			}
+		    }
+		    if (fd >= 0)
+			(void) close((int) fd);
+		}
+#else
 		(void) close((int) fd);
+#endif
 	}
 	(void) closedir(dirp);
     } else