rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone

Blame SOURCES/openssh-6.6p1-s390-closefrom.patch

f8987c
Zseries only: Leave the hardware filedescriptors open.
f8987c
f8987c
All filedescriptors above 2 are getting closed when a new
f8987c
sshd process to handle a new client connection is
f8987c
spawned. As the process also chroot into an empty filesystem
f8987c
without any device nodes, there is no chance to reopen the
f8987c
files. This patch filters out the reqired fds in the
f8987c
closefrom function so these are skipped in the close loop.
f8987c
f8987c
Author: Harald Freudenberger <freude@de.ibm.com>
f8987c
f8987c
---
f8987c
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
f8987c
 1 file changed, 26 insertions(+)
f8987c
f8987c
--- a/openbsd-compat/bsd-closefrom.c
f8987c
+++ b/openbsd-compat/bsd-closefrom.c
f8987c
@@ -82,7 +82,33 @@ closefrom(int lowfd)
f8987c
 	    fd = strtol(dent->d_name, &endp, 10);
f8987c
 	    if (dent->d_name != endp && *endp == '\0' &&
f8987c
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
f8987c
+#ifdef __s390__
f8987c
+		{
f8987c
+		    /*
f8987c
+		     * the filedescriptors used to communicate with
f8987c
+		     * the device drivers to provide hardware support
f8987c
+		     * should survive. HF <freude@de.ibm.com>
f8987c
+		     */
f8987c
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
f8987c
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
f8987c
+				   fdpath, dent->d_name);
f8987c
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
f8987c
+			len = readlink(fpath, lpath, sizeof(lpath));
f8987c
+			if (len > 0) {
f8987c
+			    lpath[len] = 0;
f8987c
+			    if (strstr(lpath, "dev/z90crypt")
f8987c
+				|| strstr(lpath, "dev/zcrypt")
f8987c
+				|| strstr(lpath, "dev/prandom")
f8987c
+				|| strstr(lpath, "dev/shm/icastats"))
f8987c
+				fd = -1;
f8987c
+			}
f8987c
+		    }
f8987c
+		    if (fd >= 0)
f8987c
+			(void) close((int) fd);
f8987c
+		}
f8987c
+#else
f8987c
 		(void) close((int) fd);
f8987c
+#endif
f8987c
 	}
f8987c
 	(void) closedir(dirp);
f8987c
     } else
f8987c