jonathancammack / rpms / openssh

Forked from rpms/openssh 9 months ago
Clone
Petr Šabata 81d24c
Zseries only: Leave the hardware filedescriptors open.
Petr Šabata 81d24c
Petr Šabata 81d24c
All filedescriptors above 2 are getting closed when a new
Petr Šabata 81d24c
sshd process to handle a new client connection is
Petr Šabata 81d24c
spawned. As the process also chroot into an empty filesystem
Petr Šabata 81d24c
without any device nodes, there is no chance to reopen the
Petr Šabata 81d24c
files. This patch filters out the reqired fds in the
Petr Šabata 81d24c
closefrom function so these are skipped in the close loop.
Petr Šabata 81d24c
Petr Šabata 81d24c
Author: Harald Freudenberger <freude@de.ibm.com>
Petr Šabata 81d24c
Petr Šabata 81d24c
---
Petr Šabata 81d24c
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
Petr Šabata 81d24c
 1 file changed, 26 insertions(+)
Petr Šabata 81d24c
Petr Šabata 81d24c
--- a/openbsd-compat/bsd-closefrom.c
Petr Šabata 81d24c
+++ b/openbsd-compat/bsd-closefrom.c
Petr Šabata 81d24c
@@ -82,7 +82,33 @@ closefrom(int lowfd)
Petr Šabata 81d24c
 	    fd = strtol(dent->d_name, &endp, 10);
Petr Šabata 81d24c
 	    if (dent->d_name != endp && *endp == '\0' &&
Petr Šabata 81d24c
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
Petr Šabata 81d24c
+#ifdef __s390__
Petr Šabata 81d24c
+		{
Petr Šabata 81d24c
+		    /*
Petr Šabata 81d24c
+		     * the filedescriptors used to communicate with
Petr Šabata 81d24c
+		     * the device drivers to provide hardware support
Petr Šabata 81d24c
+		     * should survive. HF <freude@de.ibm.com>
Petr Šabata 81d24c
+		     */
Petr Šabata 81d24c
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
Petr Šabata 81d24c
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
Petr Šabata 81d24c
+				   fdpath, dent->d_name);
Petr Šabata 81d24c
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
Petr Šabata 81d24c
+			len = readlink(fpath, lpath, sizeof(lpath));
Petr Šabata 81d24c
+			if (len > 0) {
Petr Šabata 81d24c
+			    lpath[len] = 0;
Petr Šabata 81d24c
+			    if (strstr(lpath, "dev/z90crypt")
Petr Šabata 81d24c
+				|| strstr(lpath, "dev/zcrypt")
Petr Šabata 81d24c
+				|| strstr(lpath, "dev/prandom")
Petr Šabata 81d24c
+				|| strstr(lpath, "dev/shm/icastats"))
Petr Šabata 81d24c
+				fd = -1;
Petr Šabata 81d24c
+			}
Petr Šabata 81d24c
+		    }
Petr Šabata 81d24c
+		    if (fd >= 0)
Petr Šabata 81d24c
+			(void) close((int) fd);
Petr Šabata 81d24c
+		}
Petr Šabata 81d24c
+#else
Petr Šabata 81d24c
 		(void) close((int) fd);
Petr Šabata 81d24c
+#endif
Petr Šabata 81d24c
 	}
Petr Šabata 81d24c
 	(void) closedir(dirp);
Petr Šabata 81d24c
 	return;
Petr Šabata 81d24c