Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753571AbbLNT4Z (ORCPT <rfc822;w@1wt.eu>);
	Mon, 14 Dec 2015 14:56:25 -0500
Received: from terminus.zytor.com ([198.137.202.10]:59799 "EHLO mail.zytor.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753454AbbLNT4Y (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 14 Dec 2015 14:56:24 -0500
Subject: Re: [PATCH] devpts: Sensible /dev/ptmx & force newinstance
To: Peter Hurley <peter@hurleysoftware.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>
References: <43AD2BA7-B594-4299-95F3-D86FD38AF21B@zytor.com>
 <87egexpf4o.fsf@x220.int.ebiederm.org>
 <CA+55aFw9Bg+Zh_T4zP487n3ieaxoMHgZ_nNJVdpSR4kQK9gQ9w@mail.gmail.com>
 <1CB621EF-1647-463B-A144-D611DB150E15@zytor.com>
 <20151208223135.GA8352@kroah.com> <87oae0h2bo.fsf@x220.int.ebiederm.org>
 <56677DE3.5040705@zytor.com> <20151209012311.GA11794@kroah.com>
 <84B136DF-55E4-476A-9CB2-062B15677EE5@zytor.com>
 <20151209013859.GA12442@kroah.com> <20151209083225.GA30452@1wt.eu>
 <87wpskyds7.fsf_-_@x220.int.ebiederm.org> <566F1CD7.20502@hurleysoftware.com>
Cc: Greg KH <greg@kroah.com>, Jiri Slaby <jslaby@suse.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Aurelien Jarno <aurelien@aurel32.net>,
        Andy Lutomirski <luto@amacapital.net>,
        Florian Weimer <fw@deneb.enyo.de>, Al Viro <viro@zeniv.linux.org.uk>,
        Serge Hallyn <serge.hallyn@ubuntu.com>, Jann Horn <jann@thejh.net>,
        "security@kernel.org" <security@kernel.org>,
        "security@ubuntu.com >> security" <security@ubuntu.com>,
        security@debian.org, Willy Tarreau <w@1wt.eu>,
        linux-kernel@vger.kernel.org
From: "H. Peter Anvin" <hpa@zytor.com>
Message-ID: <566F1E9A.4090501@zytor.com>
Date: Mon, 14 Dec 2015 11:55:06 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <566F1CD7.20502@hurleysoftware.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1574
Lines: 36

On 12/14/15 11:47, Peter Hurley wrote:
> On 12/11/2015 11:40 AM, Eric W. Biederman wrote:
>> Forcing newinstance for every mount of the devpts filesystem actually
>> requires the association between /dev/ptmx and the currently mounted
>> instance of devpts at /dev/pts.  Simply remembering the first mount of
>> the devpts filesystem and associating that with /dev/ptmx is not
>> enough.  I am aware of at least one instance where an initramfs mounts
>> devpts before the main system instance of devpts is mounted.
> 
> Can you point me to that usage please?
> 
> I ask because there's a patch to move devpts init from module initcall
> up to fs initcall (neither devpts nor the pty driver is actually built
> as a module anyway), and I'd like to look at what the consequences
> might be for that userspace configuration.
> 
> 
>> In that system ptys simply did not work after boot when I tested
>> associating /dev/ptmx with the first mount of the devpts filesystem.
> 
> Assuming userspace isn't broken by that patch, is a fixed association
> with first mount otherwise an acceptable solution for magic /dev/ptmx
> (where /dev/ptmx is not a symlink to /dev/pts/ptmx)?
> 

The problem is containers, I would think, if they create a new /dev/ptmx
and then mount a separate devpts instance instead of doing a bind mount.

	-hpa


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/