linux ttyname and ttyname_r: return link if appropriate
Commit Message
On Thu, Aug 11, 2016 at 02:18:18AM +0300, Dmitry V. Levin wrote:
> On Wed, Aug 10, 2016 at 06:03:51PM -0500, Serge E. Hallyn wrote:
> [...]
> > But, even if we decide that part is dangerous, the part where we do not
> > return /dev/pts/N when /proc/self/fd/M is from a different devpts mount
> > than the /dev/pts/N in caller's namespace is I think very important, and
> > should at least be separately applied.
>
> I agree.
> In that case, what should ttyname/ttyname_r set errno to? ENOTTY?
I chose ENODEV below. I like that as it is more meaningful to uptodate
userspace. Is it ok with you?
thanks,
-serge
From 72de5a6616dde09c2851554b917a07dd7ebc1449 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Fri, 15 Apr 2016 10:21:07 -0500
Subject: [PATCH 1/1] linux ttyname and ttyname_r: do not return wrong results
If a link (say /proc/self/fd/0) pointint to a device, say /dev/pts/2, in
a parent mount namespace is passed to ttyname, and a /dev/pts/2 exists
(in a different devpts) in the current namespace, then it returns
/dev/pts/2. But /dev/pts/2 is NOT the current tty, it is a different
file and device.
Detect this case and return ENODEV. Userspace can choose to take this
as a hint that the fd points to a tty device but to act on the fd rather
than the link.
---
sysdeps/unix/sysv/linux/ttyname.c | 25 +++++++++++++++++++++++--
sysdeps/unix/sysv/linux/ttyname_r.c | 26 ++++++++++++++++++++++++--
2 files changed, 47 insertions(+), 4 deletions(-)
Comments
On Okt 03 2016, "Serge E. Hallyn" <serge@hallyn.com> wrote:
> @@ -170,12 +184,19 @@ ttyname (int fd)
> #ifdef _STATBUF_ST_RDEV
> && S_ISCHR (st1.st_mode)
> && st1.st_rdev == st.st_rdev
> -#else
> +#endif
> && st1.st_ino == st.st_ino
> && st1.st_dev == st.st_dev
> -#endif
> )
Please unfold the paren.
> @@ -152,12 +166,20 @@ __ttyname_r (int fd, char *buf, size_t buflen)
> #ifdef _STATBUF_ST_RDEV
> && S_ISCHR (st1.st_mode)
> && st1.st_rdev == st.st_rdev
> -#else
> +#endif
> && st1.st_ino == st.st_ino
> && st1.st_dev == st.st_dev
> -#endif
> )
Likewise.
Andreas.
On 10/03/2016 08:16 AM, Serge E. Hallyn wrote:
> +/* Return true if this is a UNIX98 pty device, as defined in
> + linux/Documentation/devices.txt. */
> +static int
> +is_pty (struct stat64 *sb)
> +{
> +#ifdef _STATBUF_ST_RDEV
> + int m = major (sb->st_rdev);
> + return (136 <= m && m <= 143);
> +#else
> + return false;
> +#endif
> +}
> +
Ideally, this function should go into a separate header file which is
included. A static inline function would be fine for this.
> + /* If the link doesn't exist, then it points to a device in another
> + namespace. If it is a UNIX98 pty, then return the /proc/self
> + fd, as it points to a name unreachable in our namespace. */
This comment does not appear to be correct (the /proc/self part).
Thanks,
Florian
On Tue, Oct 04, 2016 at 11:53:50AM +0200, Florian Weimer wrote:
> On 10/03/2016 08:16 AM, Serge E. Hallyn wrote:
>
> >+/* Return true if this is a UNIX98 pty device, as defined in
> >+ linux/Documentation/devices.txt. */
> >+static int
> >+is_pty (struct stat64 *sb)
> >+{
> >+#ifdef _STATBUF_ST_RDEV
> >+ int m = major (sb->st_rdev);
> >+ return (136 <= m && m <= 143);
> >+#else
> >+ return false;
> >+#endif
> >+}
> >+
>
> Ideally, this function should go into a separate header file which
> is included. A static inline function would be fine for this.
Yeah that would be nicer.
> >+ /* If the link doesn't exist, then it points to a device in another
> >+ namespace. If it is a UNIX98 pty, then return the /proc/self
> >+ fd, as it points to a name unreachable in our namespace. */
>
> This comment does not appear to be correct (the /proc/self part).
D'oh, yeah that's no longer true.
@@ -25,6 +25,7 @@
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
+#include <sys/sysmacros.h>
#include <_itoa.h>
@@ -33,6 +34,19 @@
char *__ttyname;
#endif
+/* Return true if this is a UNIX98 pty device, as defined in
+ linux/Documentation/devices.txt. */
+static int
+is_pty (struct stat64 *sb)
+{
+#ifdef _STATBUF_ST_RDEV
+ int m = major (sb->st_rdev);
+ return (136 <= m && m <= 143);
+#else
+ return false;
+#endif
+}
+
static char *getttyname (const char *dev, dev_t mydev,
ino64_t myino, int save, int *dostat)
internal_function;
@@ -170,12 +184,19 @@ ttyname (int fd)
#ifdef _STATBUF_ST_RDEV
&& S_ISCHR (st1.st_mode)
&& st1.st_rdev == st.st_rdev
-#else
+#endif
&& st1.st_ino == st.st_ino
&& st1.st_dev == st.st_dev
-#endif
)
return ttyname_buf;
+
+ /* If the link doesn't exist, then it points to a device in another
+ namespace. */
+ if (is_pty (&st))
+ {
+ __set_errno (ENODEV);
+ return NULL;
+ }
}
if (__xstat64 (_STAT_VER, "/dev/pts", &st1) == 0 && S_ISDIR (st1.st_mode))
@@ -25,6 +25,7 @@
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
+#include <sys/sysmacros.h>
#include <_itoa.h>
@@ -32,6 +33,19 @@ static int getttyname_r (char *buf, size_t buflen,
dev_t mydev, ino64_t myino, int save,
int *dostat) internal_function;
+/* Return true if this is a UNIX98 pty device, as defined in
+ linux/Documentation/devices.txt. */
+static int
+is_pty (struct stat64 *sb)
+{
+#ifdef _STATBUF_ST_RDEV
+ int m = major (sb->st_rdev);
+ return (136 <= m && m <= 143);
+#else
+ return false;
+#endif
+}
+
static int
internal_function attribute_compat_text_section
getttyname_r (char *buf, size_t buflen, dev_t mydev, ino64_t myino,
@@ -152,12 +166,20 @@ __ttyname_r (int fd, char *buf, size_t buflen)
#ifdef _STATBUF_ST_RDEV
&& S_ISCHR (st1.st_mode)
&& st1.st_rdev == st.st_rdev
-#else
+#endif
&& st1.st_ino == st.st_ino
&& st1.st_dev == st.st_dev
-#endif
)
return 0;
+
+ /* If the link doesn't exist, then it points to a device in another
+ namespace. If it is a UNIX98 pty, then return the /proc/self
+ fd, as it points to a name unreachable in our namespace. */
+ if (is_pty (&st))
+ {
+ __set_errno (ENODEV);
+ return ENODEV;
+ }
}
/* Prepare the result buffer. */