rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone

Blame SOURCES/openssh-7.2p2-s390-closefrom.patch

9070b3
Zseries only: Leave the hardware filedescriptors open.
9070b3
9070b3
All filedescriptors above 2 are getting closed when a new
9070b3
sshd process to handle a new client connection is
9070b3
spawned. As the process also chroot into an empty filesystem
9070b3
without any device nodes, there is no chance to reopen the
9070b3
files. This patch filters out the reqired fds in the
9070b3
closefrom function so these are skipped in the close loop.
9070b3
9070b3
Author: Harald Freudenberger <freude@de.ibm.com>
9070b3
9070b3
---
9070b3
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
9070b3
 1 file changed, 26 insertions(+)
9070b3
9070b3
--- a/openbsd-compat/bsd-closefrom.c
9070b3
+++ b/openbsd-compat/bsd-closefrom.c
9070b3
@@ -82,7 +82,33 @@ closefrom(int lowfd)
9070b3
 	    fd = strtol(dent->d_name, &endp, 10);
9070b3
 	    if (dent->d_name != endp && *endp == '\0' &&
9070b3
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
9070b3
+#ifdef __s390__
9070b3
+		{
9070b3
+		    /*
9070b3
+		     * the filedescriptors used to communicate with
9070b3
+		     * the device drivers to provide hardware support
9070b3
+		     * should survive. HF <freude@de.ibm.com>
9070b3
+		     */
9070b3
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
9070b3
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
9070b3
+				   fdpath, dent->d_name);
9070b3
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
9070b3
+			len = readlink(fpath, lpath, sizeof(lpath));
9070b3
+			if (len > 0) {
9070b3
+			    lpath[len] = 0;
9070b3
+			    if (strstr(lpath, "dev/z90crypt")
9070b3
+				|| strstr(lpath, "dev/zcrypt")
9070b3
+				|| strstr(lpath, "dev/prandom")
9070b3
+				|| strstr(lpath, "dev/shm/icastats"))
9070b3
+				fd = -1;
9070b3
+			}
9070b3
+		    }
9070b3
+		    if (fd >= 0)
9070b3
+			(void) close((int) fd);
9070b3
+		}
9070b3
+#else
9070b3
 		(void) close((int) fd);
9070b3
+#endif
9070b3
 	}
9070b3
 	(void) closedir(dirp);
9070b3
 	return;
9070b3