Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753133AbcDJAPS (ORCPT ); Sat, 9 Apr 2016 20:15:18 -0400 Received: from [198.137.202.10] ([198.137.202.10]:33918 "EHLO mail.zytor.com" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1751986AbcDJAPR (ORCPT ); Sat, 9 Apr 2016 20:15:17 -0400 User-Agent: K-9 Mail for Android In-Reply-To: References: <878u0s3orx.fsf_-_@x220.int.ebiederm.org> <1459819769-30387-1-git-send-email-ebiederm@xmission.com> <87twjcorwg.fsf@x220.int.ebiederm.org> <20160409140909.42315e6d@lxorguk.ukuu.org.uk> <83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com> <87bn5ij0x1.fsf@x220.int.ebiederm.org> <78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Subject: Re: [PATCH 01/13] devpts: Teach /dev/ptmx to find the associated devpts via path lookup From: "H. Peter Anvin" Date: Sat, 09 Apr 2016 17:06:52 -0700 To: Linus Torvalds CC: "Eric W. Biederman" , One Thousand Gnomes , Peter Hurley , Greg KH , Jiri Slaby , Aurelien Jarno , Andy Lutomirski , Florian Weimer , Al Viro , Serge Hallyn , Jann Horn , "security@kernel.org" , "security@ubuntu.com >> security" , security@debian.org, Willy Tarreau , Linux Kernel Mailing List Message-ID: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1831 Lines: 42 On April 9, 2016 5:01:27 PM PDT, Linus Torvalds wrote: >On Sat, Apr 9, 2016 at 3:37 PM, H. Peter Anvin wrote: >> >> On the flipside, if we were to allow ourselves to break userspace, at >this point I would suggest making /dev/pts/ptmx have a different device >number and make the legacy /dev/ptmx print a warning message, after >which it can at least eventually be deleted. > >You don't need a different device number. > >The /dev/pts/ptmx file may look like it's the same node as /dev/ptmx, >but it is trivial to recognize as the pts one: > > if (dentry->d_sb->s_magic == DEVPTS_SUPER_MAGIC) > >and you're done. > >But nobody actually uses /dev/pts/ptmx, because it has never had sane >permissions. > >So the fact is, /dev/ptmx is what people use, and we're not breaking >userspace. > >But when we fix bad semantics (and always just looking up the initial >pts mount really is crazy semantics) that doesn't mean that we have to >bend over backwards to not make the changed semantics visible. We >don't _break_ user space, but we also don't care about some random >test-program that checks for particular semantics. > >And I can pretty much _guarantee_ that nobody has ever done the "let's >bind-mount a 'ptmx' node in a /dev directory, and then expect that to >bind to some _other_ pts thing than the one in /dev/pts/". > >Except as a test-program, or possibly as a "why the f*ck doesn't this >work? Oh, I need to use the single-instance thing because the >multi-instance pts thing is broken. Damn shitty implementation". > > Linus Fixing the default permissions is trivial, of course. The intent from the beginning was to make a ptmx -> pts/ptmx, but user space never did... -- Sent from my Android device with K-9 Mail. Please excuse brevity and formatting.