From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-91054-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 31647 invoked by alias); 15 Mar 2018 12:08:22 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 31614 invoked by uid 89); 15 Mar 2018 12:08:21 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-20.1 required=5.0 tests=AWL,BAYES_00,FSL_HELO_FAKE,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_LAZY_DOMAIN_SECURITY,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=H*RU:gmail.com, Hx-spam-relays-external:gmail.com, H*r:gmail.com
X-HELO: youngberry.canonical.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=gOiPTvu0N3zdn8Aodp+rw7GxOGci0AqXvCtjmAMphgE=;
        b=mCnpgZGzV/IG7r6E1K19cHkqE0az52NA2chBjIMXyRuo7ATkuRa18Q1fFIgHbgQ73C
         Jeui7jALD9kT15/kOq2T5RFYAO3ZaZHR+uuqazdJaLer/f37Ct+OpwFh2rnaM+KJvuKq
         melmn5y+BOJXWXQPhgXnCgmn6U/9qJkwkKtJ1hfOzkdY/uxJiv2clkz8pj/lyGndZdqd
         epRpXp1y6dW6MhK07Gg+q5tWuIpYvOQkmh5tjePUzanZlQmYEwauTGpvl6gAukxzsAe9
         2iK4Z+vYVCK6SsHpoBU8C1lnrS911Dk0avK9emUUNRewj9yMuSBWdrObuIQ3iyxk/oa2
         yOxA==
X-Gm-Message-State: AElRT7E8ATX4uf+9Vr955MBd/9XXmfKb8qZxfNQNer4jF7TZAlzDYLFO
	aLpJiDBZr6b7mxsYCGPZDNuSwPX0SlHPXIav7SrtL3CLZHeqQWmBu5R4ZG0TsEifvQUeFmsuWwg
	CLjSlAc1Fy2vZJbq2vLXVJSHET+xqX3VTYFnRZw==
X-Received: by 10.223.163.136 with SMTP id l8mr7335905wrb.270.1521115697271;
        Thu, 15 Mar 2018 05:08:17 -0700 (PDT)
X-Google-Smtp-Source: AG47ELsLySGruddZCINMvuAyvRNXJC2VOCLrvU6kZjC3xf2P4ivcRZ+0hlYDbQ5CgeaLNUmBcZuNvQ==
X-Received: by 10.223.163.136 with SMTP id l8mr7335888wrb.270.1521115696942;
        Thu, 15 Mar 2018 05:08:16 -0700 (PDT)
Date: Thu, 15 Mar 2018 12:08:00 -0000
From: Christian Brauner <christian.brauner@canonical.com>
To: Christian Brauner <christian.brauner@ubuntu.com>
Cc: ebiederm@xmission.com, libc-alpha@sourceware.org
Subject: Re: [PATCH] getpt: use /dev/pts/ptmx as default ptmx master
Message-ID: <20180315120814.GA15013@gmail.com>
References: <20180315120651.14107-1-christian.brauner@ubuntu.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20180315120651.14107-1-christian.brauner@ubuntu.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-SW-Source: 2018-03/txt/msg00361.txt.bz2

On Thu, Mar 15, 2018 at 01:06:51PM +0100, Christian Brauner wrote:
> For a long time now Linux has placed the ptmx character device directly
> under the devpts mount at /dev/pts/ptmx. The /dev/ptmx path today is
> usually either a symlink, an additional character device or a bind-mount.
> 
> The idea has always been to slowly fade-out /dev/ptmx and switch to using
> /dev/pts/ptmx exclusively. The kernel currently maintains code to retain
> backwards compatibility for anyone going through /dev/ptmx.
> 
> Specifically, if the ptmx device is opened through /dev/ptmx the kernel
> will look for a "pts" directory in the same directory where the /dev/ptmx
> device node resides. This implies that the devpts mount at /dev/pts and the
> /dev/ptmx mount need to have a common ancestor directory. This assumption
> is usually fulfilled when a symlink or separate device node is used.
> However, this assumption will be broken when /dev/ptmx is a bind-mount of
> /dev/pts/ptmx because they are located on different devices. For a detailed
> analysis of this problem please refer to my upstream patch [1].
> 
> It is time to start switching to using /dev/pts/ptmx and use /dev/ptmx as a
> fallback only. As far as I can tell, we have three cases to reason about:
> 
> 1. /dev/ptmx is a symlink to /dev/pts/ptmx
>    In this case devpts must have either been mounted with ptmxmode=0666 or
>    chmod 0666 /dev/pts/ptmx must have been called.
>    So any open() on /dev/pts/ptmx will succeed.
> 2. /dev/ptmx is a bind-mount of /dev/pts/ptmx
>    Analogous to 1. devpts must have either been mounted with ptmxmode=0666
>    or chmod 0666 /dev/pts/ptmx must have been called.
>    So any open() on /dev/pts/ptmx will succeed.
> 3. /dev/ptmx is a separate ptmx device node
>    In this case devpts can either be mounted with ptmxmode=0666 or
>    ptmxmode=0000. In the latter case privileged opens of /dev/pts/ptmx will
>    succeed while unprivileged opens will fail. The unprivileged failure
>    case will be unproblematic since we always fallback to opening /dev/ptmx
>    which should have permission 0666. If it doesn't then we would fail the
>    exact same way we always did.
> 
> [1]: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=a319b01d9095da6f6c54bd20c1f1300762506255
> 
> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

In addition to the usual consensus I'd like Eric to comment on this as
well.

Thanks!
Christian

> ---
>  ChangeLog                       |  6 ++++++
>  sysdeps/unix/sysv/linux/getpt.c | 18 +++++++++++++++---
>  2 files changed, 21 insertions(+), 3 deletions(-)
> 
> diff --git a/ChangeLog b/ChangeLog
> index 38154c20ab..01926472cc 100644
> --- a/ChangeLog
> +++ b/ChangeLog
> @@ -1,3 +1,9 @@
> +2018-03-15  Christian Brauner  <christian.brauner@ubuntu.com>
> +
> +	* sysdeps/unix/sysv/linux/getpt.c (__posix_openpt): Try to open
> +	ptmx device node through /dev/pts/ptmx and use /dev/ptmx as a
> +	fallback.
> +
>  2018-03-15  Siddhesh Poyarekar  <siddhesh@sourceware.org>
>  
>  	* sysdeps/aarch64/strncmp.S (strncmp): Use lsr instead of
> diff --git a/sysdeps/unix/sysv/linux/getpt.c b/sysdeps/unix/sysv/linux/getpt.c
> index 77aa468d83..c12a984a36 100644
> --- a/sysdeps/unix/sysv/linux/getpt.c
> +++ b/sysdeps/unix/sysv/linux/getpt.c
> @@ -25,11 +25,15 @@
>  
>  #include "linux_fsinfo.h"
>  
> -/* Path to the master pseudo terminal cloning device.  */
> -#define _PATH_DEVPTMX _PATH_DEV "ptmx"
>  /* Directory containing the UNIX98 pseudo terminals.  */
>  #define _PATH_DEVPTS _PATH_DEV "pts"
>  
> +/* Path to the master pseudo terminal cloning device.  */
> +#define _PATH_DEVPTMX _PATH_DEV "ptmx"
> +
> +/* Path to the master pseudo terminal cloning device under devpts mount.  */
> +#define _PATH_DEVPTS_PTMX _PATH_DEVPTS "/ptmx"
> +
>  /* Prototype for function that opens BSD-style master pseudo-terminals.  */
>  extern int __bsd_getpt (void) attribute_hidden;
>  
> @@ -42,7 +46,15 @@ __posix_openpt (int oflag)
>  
>    if (!have_no_dev_ptmx)
>      {
> -      fd = __open (_PATH_DEVPTMX, oflag);
> +      /* Try to open ptmx master pseudo terminal cloning device under the
> +       * devpts mount.
> +       */
> +      fd = __open (_PATH_DEVPTS_PTMX, oflag);
> +      if (fd == -1)
> +        /* Fallback to opening the legacy ptmx master pseudo terminal
> +         * cloning device.
> +         */
> +        fd = __open (_PATH_DEVPTMX, oflag);
>        if (fd != -1)
>  	{
>  	  struct statfs fsbuf;
> -- 
> 2.15.1
>