From patchwork Thu Oct 12 03:53:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Luke Shumaker X-Patchwork-Id: 23490 Received: (qmail 128901 invoked by alias); 12 Oct 2017 04:02:34 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 128845 invoked by uid 89); 12 Oct 2017 04:02:33 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RP_MATCHES_RCVD, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.2 spammy=PTY, life X-HELO: mav.lukeshu.com From: Luke Shumaker To: libc-alpha@sourceware.org Cc: christian.brauner@mailbox.org Subject: [PATCH 5/5] linux ttyname and ttyname_r: Fix namespace check [BZ #22145] Date: Wed, 11 Oct 2017 23:53:21 -0400 Message-Id: <20171012035321.22094-6-lukeshu@parabola.nu> In-Reply-To: <20171012035321.22094-1-lukeshu@parabola.nu> References: <20171012035321.22094-1-lukeshu@parabola.nu> In commit 15e9a4f Christian Brauner introduced logic for ttyname() sending back ENODEV to signal that we can't get a name for the TTY because we inherited it from a different mount namespace. However, just because we inherited it from a different mount namespace, and it isn't available at its original path, doesn't mean that its name is unknowable; we can still find it by allowing the normal fall back on iterating through devices. A common scenario where this happens is with "/dev/console" in containers. Common container managers (including systemd-nspawn) will call openpty() on a ptmx device in the host's mount namespace to allocate a pty master/slave pair, then send the slave FD to the container, and bind-mounted at "/dev/console" in the container's mount namespace. Inside of the container, the slave-end isn't available at its original path ("/dev/pts/$X"), since the container mount namespace has a separate devpts instance from the host (that path may or may not exist in the container; if it does exist, it's not the same PTY slave device). Currently ttyname{_r}() sees that the original path isn't a match, and fails early and gives up, even though if it kept searching it would find the TTY at "/dev/console". This fixes that so that the ENODEV path does not force an early return inhibiting the fall-back search. --- ChangeLog | 5 +++++ sysdeps/unix/sysv/linux/ttyname.c | 19 ++++++++++++------- sysdeps/unix/sysv/linux/ttyname_r.c | 20 ++++++++++++-------- 3 files changed, 29 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5973b9d50b..28f31d345b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ 2017-10-11 Luke Shumaker + [BZ #22145] + * sysdeps/unix/sysv/linux/ttyname.c (ttyname): + Defer is_pty check until end. + * sysdeps/unix/sysv/linux/ttyname_r.c (ttyname_r): Likewise. + [BZ #22145] * sysdeps/unix/sysv/linux/ttyname.h (is_mytty): New function. * sysdeps/unix/sysv/linux/ttyname.c: Call it. diff --git a/sysdeps/unix/sysv/linux/ttyname.c b/sysdeps/unix/sysv/linux/ttyname.c index 138a8a57f8..ebd916f68e 100644 --- a/sysdeps/unix/sysv/linux/ttyname.c +++ b/sysdeps/unix/sysv/linux/ttyname.c @@ -115,6 +115,7 @@ ttyname (int fd) char procname[30]; struct stat64 st, st1; int dostat = 0; + int doispty = 0; char *name; int save = errno; struct termios term; @@ -165,13 +166,7 @@ ttyname (int fd) && is_mytty (&st, &st1)) return ttyname_buf; - /* If the link doesn't exist, then it points to a device in another - namespace. */ - if (is_pty (&st)) - { - __set_errno (ENODEV); - return NULL; - } + doispty = 1; } if (__xstat64 (_STAT_VER, "/dev/pts", &st1) == 0 && S_ISDIR (st1.st_mode)) @@ -195,5 +190,15 @@ ttyname (int fd) name = getttyname ("/dev", &st, save, &dostat); } + if (!name && doispty && is_pty (&st)) + { + /* We failed to figure out the TTY's name, but we can at least + * signal that we did verify that it really is a PTY slave. + * This happens when we have inherited the file descriptor from + * a different mount namespace. */ + __set_errno (ENODEV); + return NULL; + } + return name; } diff --git a/sysdeps/unix/sysv/linux/ttyname_r.c b/sysdeps/unix/sysv/linux/ttyname_r.c index d975d95d0d..adcffacb2c 100644 --- a/sysdeps/unix/sysv/linux/ttyname_r.c +++ b/sysdeps/unix/sysv/linux/ttyname_r.c @@ -95,6 +95,7 @@ __ttyname_r (int fd, char *buf, size_t buflen) char procname[30]; struct stat64 st, st1; int dostat = 0; + int doispty = 0; int save = errno; /* Test for the absolute minimal size. This makes life easier inside @@ -149,14 +150,7 @@ __ttyname_r (int fd, char *buf, size_t buflen) && is_mytty (&st, &st1)) return 0; - /* If the link doesn't exist, then it points to a device in another - * namespace. - */ - if (is_pty (&st)) - { - __set_errno (ENODEV); - return ENODEV; - } + doispty = 1; } /* Prepare the result buffer. */ @@ -190,6 +184,16 @@ __ttyname_r (int fd, char *buf, size_t buflen) save, &dostat); } + if (ret && doispty && is_pty (&st)) + { + /* We failed to figure out the TTY's name, but we can at least + * signal that we did verify that it really is a PTY slave. + * This happens when we have inherited the file descriptor from + * a different mount namespace. */ + __set_errno (ENODEV); + return ENODEV; + } + return ret; }