openpty: use TIOCGPTPEER to open slave side fd

Newer kernels expose the ioctl TIOCGPTPEER [1] call to userspace which allows to
safely allocate a file descriptor for a pty slave based solely on the master
file descriptor. This allows us to avoid path-based operations and makes this
function a lot safer in the face of devpts mounts in different mount namespaces.

[1]: https://patchwork.kernel.org/patch/9760743/

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-10-08 14:10:46 +02:00
parent 98e0742024
commit 645ac9aaf8
2 changed files with 27 additions and 6 deletions

View File

@ -2,6 +2,9 @@
* login/openpty.c (openpty): Close slave pty file descriptor on error.
* login/openpty.c (openpty): If defined, use the TIOCGPTPEER ioctl()
call to allocate the slave pty file descriptor.
2017-10-06 Joseph Myers <joseph@codesourcery.com>
* sysdeps/ieee754/ldbl-128/s_fma.c: Include <libm-alias-double.h>.

View File

@ -94,6 +94,8 @@ openpty (int *amaster, int *aslave, char *name,
char *buf = _buf;
int master, ret = -1, slave = -1;
*buf = '\0';
master = getpt ();
if (master == -1)
return -1;
@ -104,12 +106,22 @@ openpty (int *amaster, int *aslave, char *name,
if (unlockpt (master))
goto on_error;
if (pts_name (master, &buf, sizeof (_buf)))
goto on_error;
slave = open (buf, O_RDWR | O_NOCTTY);
#ifdef TIOCGPTPEER
/* Try to allocate slave fd solely based on master fd first. */
slave = ioctl (master, TIOCGPTPEER, O_RDWR | O_NOCTTY);
#endif
if (slave == -1)
goto on_error;
{
/* Fallback to path-based slave fd allocation in case kernel doesn't
* support TIOCGPTPEER.
*/
if (pts_name (master, &buf, sizeof (_buf)))
goto on_error;
slave = open (buf, O_RDWR | O_NOCTTY);
if (slave == -1)
goto on_error;
}
/* XXX Should we ignore errors here? */
if (termp)
@ -122,7 +134,13 @@ openpty (int *amaster, int *aslave, char *name,
*amaster = master;
*aslave = slave;
if (name != NULL)
strcpy (name, buf);
{
if (*buf == '\0')
if (pts_name (master, &buf, sizeof (_buf)))
goto on_error;
strcpy (name, buf);
}
ret = 0;