From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Aleksa Sarai <asarai@suse.de>
Cc: Jiri Slaby <jslaby@suse.com>, Arnd Bergmann <arnd@arndb.de>,
linux-kernel@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-mips@linux-mips.org, linux-parisc@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-sh@vger.kernel.org,
sparclinux@vger.kernel.org, linux-xtensa@linux-xtensa.org,
linux-arch@vger.kernel.org,
Christian Brauner <christian.brauner@ubuntu.com>,
Valentin Rothberg <vrothberg@suse.com>
Subject: Re: [PATCH v4 2/2] tty: add TIOCGPTPEER ioctl
Date: Fri, 9 Jun 2017 11:26:59 +0200 [thread overview]
Message-ID: <20170609092659.GA26933@kroah.com> (raw)
In-Reply-To: <20170603141515.9529-3-asarai@suse.de>
On Sun, Jun 04, 2017 at 12:15:15AM +1000, Aleksa Sarai wrote:
> When opening the slave end of a PTY, it is not possible for userspace to
> safely ensure that /dev/pts/$num is actually a slave (in cases where the
> mount namespace in which devpts was mounted is controlled by an
> untrusted process). In addition, there are several unresolvable
> race conditions if userspace were to attempt to detect attacks through
> stat(2) and other similar methods [in addition it is not clear how
> userspace could detect attacks involving FUSE].
>
> Resolve this by providing an interface for userpace to safely open the
> "peer" end of a PTY file descriptor by using the dentry cached by
> devpts. Since it is not possible to have an open master PTY without
> having its slave exposed in /dev/pts this interface is safe. This
> interface currently does not provide a way to get the master pty (since
> it is not clear whether such an interface is safe or even useful).
>
> Cc: Christian Brauner <christian.brauner@ubuntu.com>
> Cc: Valentin Rothberg <vrothberg@suse.com>
> Signed-off-by: Aleksa Sarai <asarai@suse.de>
Is this going to be documented anywhere? Is there a man page update
that also goes along with this? What userspace program wants to use
this?
I'm not objecting to this, I just want to know that people will use
this, and that they can find out information about it if they want to.
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Aleksa Sarai <asarai@suse.de>
Cc: Jiri Slaby <jslaby@suse.com>, Arnd Bergmann <arnd@arndb.de>,
linux-kernel@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-mips@linux-mips.org, linux-parisc@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-sh@vger.kernel.org,
sparclinux@vger.kernel.org, linux-xtensa@linux-xtensa.org,
linux-arch@vger.kernel.org,
Christian Brauner <christian.brauner@ubuntu.com>,
Valentin Rothberg <vrothberg@suse.com>
Subject: Re: [PATCH v4 2/2] tty: add TIOCGPTPEER ioctl
Date: Fri, 09 Jun 2017 09:26:59 +0000 [thread overview]
Message-ID: <20170609092659.GA26933@kroah.com> (raw)
In-Reply-To: <20170603141515.9529-3-asarai@suse.de>
On Sun, Jun 04, 2017 at 12:15:15AM +1000, Aleksa Sarai wrote:
> When opening the slave end of a PTY, it is not possible for userspace to
> safely ensure that /dev/pts/$num is actually a slave (in cases where the
> mount namespace in which devpts was mounted is controlled by an
> untrusted process). In addition, there are several unresolvable
> race conditions if userspace were to attempt to detect attacks through
> stat(2) and other similar methods [in addition it is not clear how
> userspace could detect attacks involving FUSE].
>
> Resolve this by providing an interface for userpace to safely open the
> "peer" end of a PTY file descriptor by using the dentry cached by
> devpts. Since it is not possible to have an open master PTY without
> having its slave exposed in /dev/pts this interface is safe. This
> interface currently does not provide a way to get the master pty (since
> it is not clear whether such an interface is safe or even useful).
>
> Cc: Christian Brauner <christian.brauner@ubuntu.com>
> Cc: Valentin Rothberg <vrothberg@suse.com>
> Signed-off-by: Aleksa Sarai <asarai@suse.de>
Is this going to be documented anywhere? Is there a man page update
that also goes along with this? What userspace program wants to use
this?
I'm not objecting to this, I just want to know that people will use
this, and that they can find out information about it if they want to.
thanks,
greg k-h
next prev parent reply other threads:[~2017-06-09 9:26 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-03 14:15 [PATCH v4 0/2] tty: add TIOCGPTPEER ioctl Aleksa Sarai
2017-06-03 14:15 ` Aleksa Sarai
2017-06-03 14:15 ` [PATCH v4 1/2] tty: add compat_ioctl callbacks Aleksa Sarai
2017-06-03 14:15 ` Aleksa Sarai
2017-06-06 12:49 ` Arnd Bergmann
2017-06-06 12:49 ` Arnd Bergmann
2017-06-03 14:15 ` [PATCH v4 2/2] tty: add TIOCGPTPEER ioctl Aleksa Sarai
2017-06-03 14:15 ` Aleksa Sarai
2017-06-09 9:26 ` Greg Kroah-Hartman [this message]
2017-06-09 9:26 ` Greg Kroah-Hartman
2017-06-09 9:50 ` Aleksa Sarai
2017-06-09 9:50 ` Aleksa Sarai
2017-06-09 10:04 ` Greg Kroah-Hartman
2017-06-09 10:04 ` Greg Kroah-Hartman
2017-06-09 10:04 ` Greg Kroah-Hartman
2017-06-09 10:04 ` Greg Kroah-Hartman
2017-06-09 10:24 ` Aleksa Sarai
2017-06-09 10:24 ` Aleksa Sarai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170609092659.GA26933@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=arnd@arndb.de \
--cc=asarai@suse.de \
--cc=christian.brauner@ubuntu.com \
--cc=jslaby@suse.com \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux-xtensa@linux-xtensa.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=sparclinux@vger.kernel.org \
--cc=vrothberg@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.