986497
Zseries only: Leave the hardware filedescriptors open.
986497
986497
All filedescriptors above 2 are getting closed when a new
986497
sshd process to handle a new client connection is
986497
spawned. As the process also chroot into an empty filesystem
986497
without any device nodes, there is no chance to reopen the
986497
files. This patch filters out the reqired fds in the
986497
closefrom function so these are skipped in the close loop.
986497
986497
Author: Harald Freudenberger <freude@de.ibm.com>
986497
986497
---
986497
 openbsd-compat/bsd-closefrom.c |   26 ++++++++++++++++++++++++++
986497
 1 file changed, 26 insertions(+)
986497
986497
--- a/openbsd-compat/bsd-closefrom.c
986497
+++ b/openbsd-compat/bsd-closefrom.c
986497
@@ -82,7 +82,33 @@ closefrom(int lowfd)
986497
 	    fd = strtol(dent->d_name, &endp, 10);
986497
 	    if (dent->d_name != endp && *endp == '\0' &&
986497
 		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
986497
+#ifdef __s390__
986497
+		{
986497
+		    /*
986497
+		     * the filedescriptors used to communicate with
986497
+		     * the device drivers to provide hardware support
986497
+		     * should survive. HF <freude@de.ibm.com>
986497
+		     */
986497
+		    char fpath[PATH_MAX], lpath[PATH_MAX];
986497
+		    len = snprintf(fpath, sizeof(fpath), "%s/%s",
986497
+				   fdpath, dent->d_name);
986497
+		    if (len > 0 && (size_t)len <= sizeof(fpath)) {
986497
+			len = readlink(fpath, lpath, sizeof(lpath));
986497
+			if (len > 0) {
986497
+			    lpath[len] = 0;
986497
+			    if (strstr(lpath, "dev/z90crypt")
986497
+				|| strstr(lpath, "dev/zcrypt")
986497
+				|| strstr(lpath, "dev/prandom")
986497
+				|| strstr(lpath, "dev/shm/icastats"))
986497
+				fd = -1;
986497
+			}
986497
+		    }
986497
+		    if (fd >= 0)
986497
+			(void) close((int) fd);
986497
+		}
986497
+#else
986497
 		(void) close((int) fd);
986497
+#endif
986497
 	}
986497
 	(void) closedir(dirp);
986497
     } else
986497