Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932119AbcDTEgZ (ORCPT <rfc822;w@1wt.eu>);
	Wed, 20 Apr 2016 00:36:25 -0400
Received: from mail-wm0-f46.google.com ([74.125.82.46]:35303 "EHLO
	mail-wm0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751900AbcDTEgY (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 20 Apr 2016 00:36:24 -0400
MIME-Version: 1.0
In-Reply-To: <87oa95gevf.fsf_-_@x220.int.ebiederm.org>
References: <878u0s3orx.fsf_-_@x220.int.ebiederm.org>
	<CA+55aFwv7d8XfeN8KvYaVcSs7V9XoHtS-1cqtkG4gF4yJwB5nA@mail.gmail.com>
	<87twjcorwg.fsf@x220.int.ebiederm.org>
	<20160409140909.42315e6d@lxorguk.ukuu.org.uk>
	<83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com>
	<87bn5ij0x1.fsf@x220.int.ebiederm.org>
	<78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com>
	<CA+55aFyB7y8TfQ=_EvMAFONS6oSPs=uY88f+S6n_QWh4MkKTHg@mail.gmail.com>
	<FC521A3F-4BEB-427E-AE8E-CA54C0128AA3@zytor.com>
	<CA+55aFw62q5bjNiK7Q9dEQQEDZs5fbUxNPxDq376OZJ6JKT=Rg@mail.gmail.com>
	<CALCETrUZ=QVZbTCr3gvhSd2-j_U4R02y5fCxbddG_HsQdnuBkw@mail.gmail.com>
	<CA+55aFzs00iDkYhvFCq=AZMVcNL0+oZT4SeimTeVurJq=5ZS3A@mail.gmail.com>
	<CALCETrUQ_Oad61dYvPpYFxDBT++jhZoAT3e4n4yiu22iTNcxNQ@mail.gmail.com>
	<CALCETrUJ_KuGJoVxuUjWGCNHBNs5Vk8E68MtsWoTdURJ+=iJnQ@mail.gmail.com>
	<CA+55aFzchGpOp0R0RjM6Bsk23GWp1t76fgFi8q6FZQndHq5EtA@mail.gmail.com>
	<570D4781.3070600@zytor.com>
	<877ffyzy1j.fsf_-_@x220.int.ebiederm.org>
	<alpine.LFD.2.20.1604161105040.30857@i7>
	<87twixgsnq.fsf@x220.int.ebiederm.org>
	<CA+55aFyOv3jUOsC-JbfeqM-Rs1z1a+QEt2EejpTf-9EfXdttdg@mail.gmail.com>
	<87oa95gevf.fsf_-_@x220.int.ebiederm.org>
Date: Wed, 20 Apr 2016 07:36:22 +0300
Message-ID: <CALYGNiOHRrhhdQawRO_XMK98_F9XaEY9ejjxgsC+GnKMn+jQRQ@mail.gmail.com>
Subject: Re: [PATCH] devpts: Make each mount of devpts an independent filesystem.
From: Konstantin Khlebnikov <koct9i@gmail.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Andy Lutomirski <luto@amacapital.net>, security@debian.org,
        "security@kernel.org" <security@kernel.org>,
        Al Viro <viro@zeniv.linux.org.uk>,
        "security@ubuntu.com >> security" <security@ubuntu.com>,
        Peter Hurley <peter@hurleysoftware.com>,
        Serge Hallyn <serge.hallyn@ubuntu.com>, Willy Tarreau <w@1wt.eu>,
        Aurelien Jarno <aurelien@aurel32.net>,
        One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>,
        Jann Horn <jann@thejh.net>, Greg KH <greg@kroah.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jiri Slaby <jslaby@suse.com>, Florian Weimer <fw@deneb.enyo.de>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2873
Lines: 64

On Wed, Apr 20, 2016 at 6:04 AM, Eric W. Biederman
<ebiederm@xmission.com> wrote:
>
> The /dev/ptmx device node is changed to lookup the directory entry
> "pts" in the same directory as the /dev/ptmx device node was opened
> in.  If there is a "pts" entry and that entry is a devpts filesystem
> /dev/ptmx uses that filesystem.  Otherwise the open of /dev/ptmx
> fails.
>
> The DEVPTS_MULTIPLE_INSTANCES configuration option is removed,
> so that userspace can now safely depend on each mount of devpts
> creating a new instance of the filesystem.
>
> Each mount of devpts is now a separate and equal filesystem.
>
> The kernel.pty.reserve sysctl is neutered with no way currently
> implemented to be able to use the reserved ptys.

I think we could convert this into reserve for init user namespace,
ssh in host will work even if containers eaten all ptys.

>
> A new vfs helper path_pts is introduced that finds a directory entry
> named "pts" in the directory of the passed in path, and changes the
> passed in path to point to it.  The helper path_pts uses a function
> path_parent_directory that was factored out of follow_dotdot.
>
> In the implementation of devpts:
> - devpts_mnt is killed as it is no longer meaningful if all
>   mounts of devpts are equal.
> - pts_sb_from_inode is replaced by just inode->i_sb as all
>   cached inodes in the tty layer are now from the devpts
>   filesystem.
> - devpts_add_ref is rolled into the new function devpts_ptmx.
>   And the unnecessary inode hold is removed.
> - devpts_del_ref is renamed devpts_release and reduced
>   to just a deacrivate_super.
> - The newinstance mount option continues to be accepted but is now ignored.
>
> In devpts_fs.h definitions for when !CONFIG_UNIX98_PTYS are removed
> as they are never used.
>
> Documentation/filesystems/devices.txt is updated to describe
> the current situation.
>
> This has been verified to work properly on openwrt-15.05, centos5,
> centos6, centos7, debian-6.0.2, debian-7.9, debian-8.2,
> ubuntu-14.04.3, ubuntu-15.10, fedora23, magia-5, mint-17.3,
> opensuse-42.1, slackware-14.1, gentoo-20151225 (13.0?),
> archlinux-2015-12-01.  With the caveat that on centos6 and on
> slackware-14.1 that there wind up being two instances of the devpts
> filesystem mounted on /dev/pts, the lower copy does not end up getting
> used.
>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
> ---
>  Documentation/filesystems/devpts.txt | 145 +++----------------------
>  drivers/tty/Kconfig                  |  11 --
>  drivers/tty/pty.c                    |  41 ++++---
>  fs/devpts/inode.c                    | 205 +++++++++--------------------------
>  fs/namei.c                           |  58 ++++++++--
>  include/linux/devpts_fs.h            |  31 ++----
>  include/linux/namei.h                |   2 +
>  7 files changed, 148 insertions(+), 345 deletions(-)