rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone

Blame SOURCES/openssh-7.2p2-s390-closefrom.patch

943807
Zseries only: Leave the hardware filedescriptors open.
943807
943807
All filedescriptors above 2 are getting closed when a new
943807
sshd process to handle a new client connection is
943807
spawned. As the process also chroot into an empty filesystem
943807
without any device nodes, there is no chance to reopen the
943807
files. This patch filters out the reqired fds in the
943807
closefrom function so these are skipped in the close loop.
943807
943807
Author: Harald Freudenberger <freude@de.ibm.com>
943807
943807
---
943807
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
943807
 1 file changed, 26 insertions(+)
943807
943807
--- a/openbsd-compat/bsd-closefrom.c
943807
+++ b/openbsd-compat/bsd-closefrom.c
943807
@@ -82,7 +82,33 @@ closefrom(int lowfd)
943807
 	    fd = strtol(dent->d_name, &endp, 10);
943807
 	    if (dent->d_name != endp && *endp == '\0' &&
943807
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
943807
+#ifdef __s390__
943807
+		{
943807
+		    /*
943807
+		     * the filedescriptors used to communicate with
943807
+		     * the device drivers to provide hardware support
943807
+		     * should survive. HF <freude@de.ibm.com>
943807
+		     */
943807
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
943807
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
943807
+				   fdpath, dent->d_name);
943807
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
943807
+			len = readlink(fpath, lpath, sizeof(lpath));
943807
+			if (len > 0) {
943807
+			    lpath[len] = 0;
943807
+			    if (strstr(lpath, "dev/z90crypt")
943807
+				|| strstr(lpath, "dev/zcrypt")
943807
+				|| strstr(lpath, "dev/prandom")
943807
+				|| strstr(lpath, "dev/shm/icastats"))
943807
+				fd = -1;
943807
+			}
943807
+		    }
943807
+		    if (fd >= 0)
943807
+			(void) close((int) fd);
943807
+		}
943807
+#else
943807
 		(void) close((int) fd);
943807
+#endif
943807
 	}
943807
 	(void) closedir(dirp);
943807
 	return;
943807