This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH 2/2 v2] openpty: use TIOCGPTPEER to open slave side fd
- From: Christian Brauner <christian dot brauner at ubuntu dot com>
- To: libc-alpha at sourceware dot org, stgraber at stgraber dot org, serge at hallyn dot com, fweimer at redhat dot com, joseph at codesourcery dot com
- Cc: Christian Brauner <christian dot brauner at ubuntu dot com>
- Date: Mon, 28 Aug 2017 14:11:06 +0200
- Subject: [PATCH 2/2 v2] openpty: use TIOCGPTPEER to open slave side fd
- Authentication-results: sourceware.org; auth=none
- References: <3496d984-a55e-d56b-2c25-a23200327dca@redhat.com>
Newer kernels expose the ioctl TIOCGPTPEER [1] call to userspace which allows to
safely allocate a file descriptor for a pty slave based solely on the master
file descriptor. This allows us to avoid path-based operations and makes this
function a lot safer in the face of devpts mounts in different mount namespaces.
[1]: https://patchwork.kernel.org/patch/9760743/
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
Changelog 2017-08-28:
* Instead of #ifdefing the TIOCGPTPEER ioctl flag we now try the ioctl() first
and if it fails we fallback to path-based allocation of the slave fd. This
allows us retain backward compatibility with kernels that do not support this
ioctl call.
* A note on the following codepath
if (name != NULL)
{
if (*buf == '\0')
if (pts_name (master, &buf, sizeof (_buf)))
goto fail;
strcpy (name, buf);
}
"buf" is guaranteed to be allocated in this case. If the pts_name() call above
failed we would have never reached this code path. If it has been called
succesfully it will either have handed us a valid buffer or "buf" will still
point to the static char array "_buf" which is initialized to 0.
---
ChangeLog | 5 +++++
login/openpty.c | 36 +++++++++++++++++++++++++-----------
2 files changed, 30 insertions(+), 11 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index bc5fb8e27f..30829e4c16 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2017-08-26 Christian Brauner <christian.brauner@ubuntu.com>
+
+ * login/openpty.c (openpty): If defined, use the TIOCGPTPEER ioctl call
+ to allocate the slave pty file descriptor.
+
2017-08-26 Christian Brauner <christian.brauner@ubuntu.com>
* login/openpty.c (openpty): Close slave pty file descriptor on error.
diff --git a/login/openpty.c b/login/openpty.c
index 8fbc66a3ef..43b34d7a9c 100644
--- a/login/openpty.c
+++ b/login/openpty.c
@@ -87,9 +87,9 @@ openpty (int *amaster, int *aslave, char *name,
const struct termios *termp, const struct winsize *winp)
{
#ifdef PATH_MAX
- char _buf[PATH_MAX];
+ char _buf[PATH_MAX] = {0};
#else
- char _buf[512];
+ char _buf[512] = {0};
#endif
char *buf = _buf;
int master, slave = -1;
@@ -104,16 +104,24 @@ openpty (int *amaster, int *aslave, char *name,
if (unlockpt (master))
goto fail;
- if (pts_name (master, &buf, sizeof (_buf)))
- goto fail;
-
- slave = open (buf, O_RDWR | O_NOCTTY);
+ /* Try to allocate slave fd solely based on master fd first. */
+ slave = ioctl (master, TIOCGPTPEER, O_RDWR | O_NOCTTY);
if (slave == -1)
{
- if (buf != _buf)
- free (buf);
-
- goto fail;
+ /* Fallback to path-based slave fd allocation in case kernel doesn't
+ * support TIOCGPTPEER.
+ */
+ if (pts_name (master, &buf, sizeof (_buf)))
+ goto fail;
+
+ slave = open (buf, O_RDWR | O_NOCTTY);
+ if (slave == -1)
+ {
+ if (buf != _buf)
+ free (buf);
+
+ goto fail;
+ }
}
/* XXX Should we ignore errors here? */
@@ -127,7 +135,13 @@ openpty (int *amaster, int *aslave, char *name,
*amaster = master;
*aslave = slave;
if (name != NULL)
- strcpy (name, buf);
+ {
+ if (*buf == '\0')
+ if (pts_name (master, &buf, sizeof (_buf)))
+ goto fail;
+
+ strcpy (name, buf);
+ }
if (buf != _buf)
free (buf);
--
2.14.1