Commit Graph

17 Commits

Author SHA1 Message Date
Florian Weimer
8d1f854d60 login: Hidden prototypes for _getpt, __ptsname_r, grantpt, unlockpt
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2021-06-30 07:28:12 +02:00
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
Florian Weimer
27fe5f2e67 Linux: Require properly configured /dev/pts for PTYs
Current systems do not have BSD terminals, so the fallback code in
posix_openpt/getpt does not do anything.  Also remove the file system
check for /dev/pts.  Current systems always have a devpts file system
mounted there if /dev/ptmx exists.

grantpt is now essentially a no-op.  It only verifies that the
argument is a ptmx-descriptor.  Therefore, this change indirectly
addresses bug 24941.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-10-07 14:55:50 +02:00
Adhemerval Zanella
c181840c93 Consolidate non cancellable close call
This patch consolidates all the non cancellable close calls to use
the __close_nocancel{_nostatus} identifier.  For non cancellable targets
it will be just a macro to call the default respective symbol while on Linux
will be a internal one.

Also, since it is used on libcrypto it is also exported in GLIBC_PRIVATE
namespace.

Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu.

	* sysdeps/generic/not-cancel.h (close_not_cancel): Remove macro.
	(close_not_cancel_no_status): Likewise.
	(__close_nocancel): New macro.
	(__close_nocancel_no_status): Likewise.
	* sysdeps/unix/sysv/linux/not-cancel.h (__close_nocancel): Remove
	macro.
	(close_not_cancel): Likewise.
	(close_not_cancel_no_status): Likewise.
	(__close_nocancel): New prototype.
	(__close_nocancel_no_status): New function.
	* sysdeps/unix/sysv/linux/close.c (__close_nocancel): New function.
	* catgets/open_catalog.c (__open_catalog): Replace
	close_not_cancel{_no_status) with __close_nocancel{_nostatus}.
	* gmon/gmon.c (write_gmon): Likewise.
	* iconv/gconv_cache.c (__gconv_load_cache): Likewise.
	* intl/loadmsgcat.c (close): Likewise.
	* io/ftw.c (open_dir_stream): Likewise.
	(ftw_startup): Likewise.
	* libio/fileops.c (_IO_file_open): Likewise.
	(_IO_file_close_mmap): Likewise.
	(_IO_file_close): Likewise.
	* libio/iopopen.c (_IO_dup2): Likewise.
	* locale/loadarchive.c (_nl_load_locale_from_archive): Likewise.
	* locale/loadlocale.c (_nl_load_locale): Likewise.
	* login/utmp_file.c (pututline_file): Likewise.
	(endutent_file): Likewise.
	* misc/daemon.c (daemon): Likewise.
	* nscd/nscd_getai.c (__nscd_getai): Likewise.
	* nscd/nscd_getgr_r.c (nscd_getgr_r): Likewise.
	* nscd/nscd_gethst_r.c (nscd_gethst_r): Likewise.
	* nscd/nscd_getpw_r.c (nscd_getpw_r): Likewise.
	* nscd/nscd_getserv_r.c (nscd_getserv_r): Likewise.
	* nscd/nscd_helper.c (open_socket): Likewise.
	(__nscd_open_socket): Likewise.
	* nscd/nscd_initgroups.c (__nscd_getgrouplist): Likewise.
	* nscd/nscd_netgroup.c (__nscd_setnetgrent): Likewise.
	(__nscd_innetgr): Likewise.
	* nss/nss_db/db-open.c (internal_setent): Likewise.
	* resolv/res-close.c (__res_iclose): Likewise.
	* sunrpc/pm_getmaps.c (pmap_getmaps): Likewise.
	* sysdeps/posix/closedir.c (__closedir): Likewise.
	* sysdeps/posix/getaddrinfo.c (getaddrinfo): Likewise.
	* sysdeps/posix/getcwd.c (__getcwd): Likewise.
	* sysdeps/posix/opendir.c (tryopen_o_directory): Likewise.
	(opendir_tail): Likewise.
	* sysdeps/posix/spawni.c (__spawni_child): Likewise.
	* sysdeps/unix/sysv/linux/check_native.c (__check_native): Likewise.
	* sysdeps/unix/sysv/linux/check_pf.c (__check_pf): Likewise.
	* sysdeps/unix/sysv/linux/fips-private.h (fips_enabled_p): Likewise.
	* sysdeps/unix/sysv/linux/gethostid.c (sethostid): Likewise.
	(gethostid): Likewise.
	* sysdeps/unix/sysv/linux/getloadavg.c (getloadavg): Likewise.
	* sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid):
	Likewise.
	* sysdeps/unix/sysv/linux/getsysstats.c (__get_nprocs): Likewise.
	* sysdeps/unix/sysv/linux/grantpt.c (close_all_fds): Likewise.
	* sysdeps/unix/sysv/linux/i386/smp.h (is_smp_system): Likewise.
	* sysdeps/unix/sysv/linux/ia64/has_cpuclock.c (has_cpuclock):
	Likewise.
	* sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Likewise.
	* sysdeps/unix/sysv/linux/libc_fatal.c (backtrace_and_maps): Likewise.
	* sysdeps/unix/sysv/linux/malloc-sysdep.h (check_may_shrink_heap):
	Likewise.
	* sysdeps/unix/sysv/linux/mq_notify.c (init_mq_netlink): Likewise.
	* sysdeps/unix/sysv/linux/pthread_getname.c (pthread_getname_np):
	Likewise.
	* sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np):
	Likewise.
	* sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Likewise.
	* sysdeps/unix/sysv/linux/sysconf.c (__sysconf): Likewise.
2017-08-18 18:38:55 -03:00
Adhemerval Zanella
c22845744c Consolidate non cancellable open call
This patch consolidates all the non cancellable open calls to use
the __open_nocancel identifier.  For non cancellable targets it will
be just a macro to call the default respective symbol while on Linux
will be a internal one.

To be consistent with the following non cancellable openat call, a
new __open64_nocancel is also added (although not currently used).

Checked on x86_64-linux-gnu, x86_64-linux-gnu-x32, and i686-linux-gnu.

	* sysdeps/generic/not-cancel.h (open_not_cancel): Remove macro.
	(open_not_cancel_2): Likewise.
	(open_nocancel): New macro.
	(open64_nocancel): Likewise.
	* sysdeps/unix/sysv/linux/not-cancel.h (open_not_cancel): Remove macro.
	(open_not_cancel_2): Likewise.
	(__open_nocancel): New prototype.
	(__open64_nocancel): Likewise.
	* sysdeps/unix/sysv/linux/Versions (libc) [GLIBC_PRIVATE]: Add
	__open_nocancel.
	* sysdeps/unix/sysv/linux/open.c (__open_nocancel): New function.
	* sysdeps/unix/sysv/linux/open64.c (__open64_nocancel): Likewise.
	* catgets/open_catalog.c (__open_catalog): Replace open_not_cancel{_2}
	with __open_nocancel.
	* csu/check_fds.c (check_one_fd): Likewise.
	* gmon/gmon.c (write_gmon): Likewise.
	* iconv/gconv_cache.c (__gconv_load_cached): Likewise.
	* intl/loadmsgcat.c (open): Likewise.
	* libio/fileops.c (_IO_file_open): Likewise.
	* locale/loadarchive.c (_nl_load_locale_from_archive): Likewise.
	* locale/loadlocale.c (_nl_load_locale): Likewise.
	* login/utmp_file.c (setutent_file): Likewise.
	* misc/daemon.c (daemon): Likewise.
	* nss/nss_db/db-open.c (internal_setent): Likewise.
	* sysdeps/mach/hurd/opendir.c (__opendirat): Likewise.
	* sysdeps/posix/libc_fatal.c (__libc_message): Likewise.
	* sysdeps/posix/opendir.c (tryopen_o_directory): Likewise.
	(__opendir): Likewise.
	* sysdeps/posix/spawni.c (__spawni_child): Likewise.
	* sysdeps/unix/sysv/linux/fips-private.h (fips_enable_p): Likewise.
	* sysdeps/unix/sysv/linux/gethostid.c (sethostid): Likewise.
	(gethostid): Likewise.
	* sysdeps/unix/sysv/linux/getloadavg.c (getloadavg): Likewise.
	* sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid):
	Likewise.
	* sysdeps/unix/sysv/linux/getsysstats.c (__get_nprocs): Likewise.
	* sysdeps/unix/sysv/linux/grantpt.c (__close_all_fds): Likewise.
	* sysdeps/unix/sysv/linux/i386/smp.h (is_smp_system): Likewise.
	* sysdeps/unix/sysv/linux/ia64/has_cpuclock.c (has_cpuclock):
	Likewise.
	* sysdeps/unix/sysv/linux/libc_fatal.c (backtrace_and_maps):
	Likewise.
	* sysdeps/unix/sysv/linux/malloc-sysdep.h (check_may_shrink_heap):
	Likewise.
	* sysdeps/unix/sysv/linux/powerpc/get_clockfreq.c (__get_clockfreq):
	Likewise.
	* sysdeps/unix/sysv/linux/pthread_getname.c (pthread_getname_np):
	Likewise.
	* sysdeps/unix/sysv/linux/pthread_setname.c (pthread_setname_np):
	Likewise.
	* sysdeps/unix/sysv/linux/spawni.c (__spawni_child): Likewise.
	* sysdeps/unix/sysv/linux/sysconf.c (__sysconf): Likewise.
2017-08-17 16:50:35 -03:00
Carlos O'Donell
e4608715e6 CVE-2013-2207, BZ #15755: Disable pt_chown.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.

Pre-conditions for the attack:

 * Attacker with local user account
 * Kernel with FUSE support
 * "user_allow_other" in /etc/fuse.conf
 * Victim with allocated slave in /dev/pts

Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own.  It cannot access /dev/pts/ptmx however.

In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
2013-07-21 15:39:55 -04:00
Chris Metcalf
540d7568ae Use <> brackets for not-cancel.h in sysdeps/unix/sysv/linux/grantpt.c. 2012-01-28 11:51:44 -05:00
Ulrich Drepper
0f622686af Avoid local PLTs. 2009-11-24 18:47:26 -08:00
Ulrich Drepper
139ee080b6 Prevent unintended file desriptor leak in grantpt.
The pt_chown program is completely transparently called.  It might
not be able to live with the various file descriptors the program
has open at the time of the call (e.g., under SELinux).  Close all
but the needed descriptor and connect stdin, stdout, and stderr
with /dev/null.  pt_chown shouldn't print anything when called to
do real work.
2009-11-24 18:24:14 -08:00
Ulrich Drepper
b34de9ea81 Fold Linux-specific grantpt code into Unix version. 2009-06-16 07:59:09 -07:00
Ulrich Drepper
292e3abebf Fix permission of slave device on devpts if necessary.
If devptr is misconfigured the slave device permission after grantpt
might not be 0620.  BZ #10166
2009-06-15 22:56:51 -07:00
Ulrich Drepper
739d440d2a Update.
2002-07-19  Ulrich Drepper  <drepper@redhat.com>

	* configure.in: Add test for __thread support in compiler.
	* config.h.in: Add HAVE___THREAD.
	* Makefile (headers): Remove errno.h, sys/errno.h, and bits/errno.h.
	* include/sys/errno.h: Moved to...
	* stdlib/sys/errno.h: ...here.  New file.
	* stdlib/errno.h: New file.  Moved from...
	* include/errno.h: ...here.  Changed into an internal header defining
	libc-local things like __set_errno.
	* stdlib/Makefile (headers): Add errno.h, sys/errno.h, and
	bits/errno.h.
	* elf/dl-minimal.c: Include <tls.h>.  Define errno as thread-local
	variable if USE_TLS && HAVE___THREAD.  Don't define __errno_location
	either.
	* elf/rtld.c (_dl_start): Add code to initialize TLS for ld.so
	from...
	(_dl_start_final): ...here.  Add code to initialize tls elements from
	bootstrap_map.
	* sysdeps/generic/errno-loc.c: Define errno as thread-local variable
	if USE_TLS && HAVE___THREAD.
	* sysdeps/generic/bits/errno.h: Remove __set_errno definition.
	* sysdeps/mach/hurd/bits/errno.h: Likewise.
	* sysdeps/standalone/arm/bits/errno.h: Likewise.
	* sysdeps/standalone/bits/errno.h: Likewise.
	* sysdeps/unix/bsd/bsd4.4/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/aix/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/hpux/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/linux/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/linux/hppa/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/linux/mips/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/sysv4/solaris2/bits/errno.h: Likewise.
	* sysdeps/i386/dl-machine.c (elf_machine_rel) [RTLD_BOOTSTRAP]: Don't
	use GL(dl_rtld_map), use map parameter.
	* sysdeps/sh/dl-machine.h (elf_machine_rela): Likewise.
	* sysdeps/unix/sysv/linux/i386/sysdep.S: Define errno in .tbss if
	USE_TLS && HAVE___THREAD.
	* sysdeps/unix/sysv/linux/i386/sysdep.h: Unify SETUP_PIC_REG
	definitions.  If USE_TLS && HAVE___THREAD store errooor value using
	TLS code sequence.
	* sysdeps/unix/sysv/linux/i386/i686/sysdep.h: Likewise.

	* sysdeps/unix/sysv/linux/getcwd.c: No real need to restore errno.
	* sysdeps/unix/sysv/linux/grantpt.c: Likewise.
	* sysdeps/unix/sysv/linux/internal_statvfs.c: Likewise.
	* sysdeps/unix/sysv/linux/msgctl.c: Likewise.
	* sysdeps/unix/sysv/linux/readv.c: Likewise.
	* sysdeps/unix/sysv/linux/writev.c: Likewise.
2002-07-20 01:14:41 +00:00
Ulrich Drepper
9cddf9deda Update.
2001-12-18  Jakub Jelinek  <jakub@redhat.com>

	* sysdeps/unix/sysv/linux/sparc/sparc64/clone.S (clone): Subtract
	stack bias from child stack pointer before passing it to clone syscall.

2001-12-18  Ulrich Drepper  <drepper@redhat.com>

	* sysdeps/posix/sysconf.c (__sysconf): Respect POSIX minimum for
	_SC_TZNAME_MAX.
	* sysdeps/generic/sysconf.c (__sysconf): Likewise.
	Reported by Thorsten Kukuk <kukuk@suse.de>.

	* sysdeps/unix/grantpt.c (grantpt): Correct typo in comment and
	add some casts.

	* sysdeps/unix/sysv/linux/grantpt.c: Make __unix_grantpt static.

2001-12-18  Thorsten Kukuk  <kukuk@suse.de>

	* sysdeps/unix/sysv/linux/grantpt.c: Make errno results standard
	conforming: return EBADF if file descriptor is invalid and EINVAL
	if file descriptor is no valid tty.
	* login/tst-grantpt.c: New file.
	* login/Makefile (tests): Add tst-grantpt.
2001-12-19 00:21:23 +00:00
Andreas Jaeger
41bdb6e20c Update to LGPL v2.1.
2001-07-06  Paul Eggert  <eggert@twinsun.com>

	* manual/argp.texi: Remove ignored LGPL copyright notice; it's
	not appropriate for documentation anyway.
	* manual/libc-texinfo.sh: "Library General Public License" ->
	"Lesser General Public License".

2001-07-06  Andreas Jaeger  <aj@suse.de>

	* All files under GPL/LGPL version 2: Place under LGPL version
	2.1.
2001-07-06 04:58:11 +00:00
Ulrich Drepper
1503837c6a Update.
1999-11-18  Andreas Jaeger  <aj@suse.de>

	* sysdeps/unix/sysv/linux/linux_fsinfo.h: Sorted entries and added
	comments.

	* sysdeps/unix/sysv/linux/getpt.c: Include linux_fsinfo.h instead
	of defining *_SUPER_MAGIC.
	* sysdeps/unix/sysv/linux/grantpt.c: Likewise.
1999-11-18 16:42:11 +00:00
Ulrich Drepper
9c9f3b1785 Update.
1999-11-09  Andreas Jaeger  <aj@suse.de>

	* sysdeps/unix/sysv/linux/grantpt.c (grantpt): Add support for devfs.

	* sysdeps/unix/sysv/linux/getpt.c (__getpt): Check for devfs.
	Patch by German Jose Gomez Garcia <german@pinon.ccu.uniovi.es>.

	* sysdeps/unix/sysv/linux/linux_fsinfo.h (DEVFS_SUPER_MAGIC): Added.
1999-11-17 20:37:54 +00:00
Ulrich Drepper
9b3c7c3c71 Update.
1998-09-17 19:34  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/unix/sysv/sysv4/bits/utsname.h: Fix typo.
	Patch by John Tobey <jtobey@banta-im.com>.

1998-09-17  Mark Kettenis  <kettenis@phys.uva.nl>

	* login/pty-internal.h: Removed.  Moved constants related to the
	`grantpt' helper program protocol to ...
	* login/pty-private.h: ... here.  New file.
	* sysdeps/unix/sysv/linux/ptsname.c (ptsname): Reimplementation
	to make the function work with kernels >= 2.1.115.
	* sysdeps/unix/sysv/linux/getpt.c (getpt): Reimplement to call BSD
	version if using the cloning device fails.
	* sysdeps/unix/sysv/linux/grantpt.c: New file.
	* sysdeps/unix/sysv/linux/unlockpt.c: General cleanup.
	* sysdeps/unix/bsd/getpt.c (__getpt): Largely rewritten to allow
	use by Linux specific code.
	* sysdeps/unix/bsd/unlockpt.c: General cleanup.
	* sysdeps/unix/grantpt.c: Largely rewritten.  (pts_name): New
	function.  (grantpt): Use pts_name, check group and permission
	mode in addition to owner.  Try to set the owner, group and
	permission mode first without invoking the helper program.
	* login/programs/pt_chown.c: Largely rewritten.  Add argp and
	internationalization support.  Use symbolic constants instead of
	hardwired numbers for permission mode.
	* sysdeps/unix/bsd/ptsname.c: New file.

1998-09-17 22:04  Tim Waugh  <tim@cyberelk.demon.co.uk>

	* posix/wordexp-test.c: Undo last change.

	* posix/wordexp.c: Undo last change.
1998-09-17 19:51:33 +00:00