Quoting Dwight Engen (dwight.en...@oracle.com):
> On Mon, 25 Feb 2013 20:26:21 -0800
> ebied...@xmission.com (Eric W. Biederman) wrote:
...
> > For pty's since they only have the single device node. We can
> > probably do kuid_has_mapping and kgid_has_mapping to see if we should
> > have super user privileges over the pty. But that is specific to
> > ptys on /dev/pts. Normal devices potentially can have device nodes
> > with different permissions in different places so we can't figure out
> > an owner for the device.
> >
> > Eric
> >
>
> Yeah, I agree we don't want something pty specific. The following patch
> assumes we define a tty as belonging to the user ns of its session
> leader (and if it doesn't have one then to init_user_ns) as you first
> suggested. I added locking which avoids the race with
> disassociate_tty() and ensures the user ns doesn't get unrefed by way of
> put_pid(tty->session).
>
> Note that I think TIOCVHANGUP should be checking for CAP_SYS_TTY_CONFIG
> instead of CAP_SYS_ADMIN to be consistent with vhangup(2), but I did
> not change that in the refactoring here.
>
> --
>
> From 697f842ffc709312e5775e3d1d0782079c3070dc Mon Sep 17 00:00:00 2001
> From: Dwight Engen <dwight.en...@oracle.com>
> Date: Fri, 1 Mar 2013 13:49:58 -0500
> Subject: [PATCH] make vhangup and TIOCVHANGUP namespace aware
>
> Signed-off-by: Dwight Engen <dwight.en...@oracle.com>
It looks good to me. Eric?
Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com>
> ---
> drivers/tty/tty_io.c | 36 ++++++++++++++++++++++++++++++------
> fs/open.c | 6 +-----
> include/linux/tty.h | 2 +-
> 3 files changed, 32 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
> index a057db8..764d4e7 100644
> --- a/drivers/tty/tty_io.c
> +++ b/drivers/tty/tty_io.c
> @@ -104,6 +104,7 @@
>
> #include <linux/kmod.h>
> #include <linux/nsproxy.h>
> +#include <linux/pid_namespace.h>
>
> #undef TTY_DEBUG_HANGUP
>
> @@ -722,6 +723,29 @@ void tty_vhangup(struct tty_struct *tty)
>
> EXPORT_SYMBOL(tty_vhangup);
>
> +/**
> + * tty_vhangup_check_cap - process vhangup checking for capablity
> + *
> + * Perform a vhangup on the given tty
> + */
> +
> +static int tty_vhangup_check_cap(struct tty_struct *tty, int cap)
> +{
> + unsigned long flags;
> + int retval = 0;
> + struct user_namespace *ns = &init_user_ns;
> +
> + spin_lock_irqsave(&tty->ctrl_lock, flags);
> + if (tty->session)
> + ns = ns_of_pid(tty->session)->user_ns;
> + if (!ns_capable(ns, cap))
> + retval = -EPERM;
> + spin_unlock_irqrestore(&tty->ctrl_lock, flags);
> +
> + if (!retval)
> + tty_vhangup(tty);
> + return retval;
> +}
>
> /**
> * tty_vhangup_self - process vhangup for own ctty
> @@ -729,15 +753,18 @@ EXPORT_SYMBOL(tty_vhangup);
> * Perform a vhangup on the current controlling tty
> */
>
> -void tty_vhangup_self(void)
> +int tty_vhangup_self(void)
> {
> struct tty_struct *tty;
> + int retval = 0;
>
> tty = get_current_tty();
> if (tty) {
> - tty_vhangup(tty);
> + retval = tty_vhangup_check_cap(tty, CAP_SYS_TTY_CONFIG);
> tty_kref_put(tty);
> }
> +
> + return retval;
> }
>
> /**
> @@ -2710,10 +2737,7 @@ long tty_ioctl(struct file *file, unsigned int cmd,
> unsigned long arg)
> case TIOCSETD:
> return tiocsetd(tty, p);
> case TIOCVHANGUP:
> - if (!capable(CAP_SYS_ADMIN))
> - return -EPERM;
> - tty_vhangup(tty);
> - return 0;
> + return tty_vhangup_check_cap(tty, CAP_SYS_ADMIN);
> case TIOCGDEV:
> {
> unsigned int ret = new_encode_dev(tty_devnum(real_tty));
> diff --git a/fs/open.c b/fs/open.c
> index 9b33c0c..19ac16e 100644
> --- a/fs/open.c
> +++ b/fs/open.c
> @@ -1059,11 +1059,7 @@ EXPORT_SYMBOL(sys_close);
> */
> SYSCALL_DEFINE0(vhangup)
> {
> - if (capable(CAP_SYS_TTY_CONFIG)) {
> - tty_vhangup_self();
> - return 0;
> - }
> - return -EPERM;
> + return tty_vhangup_self();
> }
>
> /*
> diff --git a/include/linux/tty.h b/include/linux/tty.h
> index 8db1b56..c9d0e9c 100644
> --- a/include/linux/tty.h
> +++ b/include/linux/tty.h
> @@ -379,7 +379,7 @@ extern int tty_signal(int sig, struct tty_struct *tty);
> extern void tty_hangup(struct tty_struct *tty);
> extern void tty_vhangup(struct tty_struct *tty);
> extern void tty_vhangup_locked(struct tty_struct *tty);
> -extern void tty_vhangup_self(void);
> +extern int tty_vhangup_self(void);
> extern void tty_unhangup(struct file *filp);
> extern int tty_hung_up_p(struct file *filp);
> extern void do_SAK(struct tty_struct *tty);
> --
> 1.7.12.3
>
------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
