Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp986750rdb;
        Wed, 6 Dec 2023 05:53:28 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFQNG1dS8OKKSWSaZPQu7mdE8RbcbvfB7ihIXlB3w213lUI2SfmowpTv7+WpMHXTomEMLA8
X-Received: by 2002:a92:cdad:0:b0:35d:6284:6b54 with SMTP id g13-20020a92cdad000000b0035d62846b54mr1252897ild.36.1701870808619;
        Wed, 06 Dec 2023 05:53:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701870808; cv=none;
        d=google.com; s=arc-20160816;
        b=HnitPRI+mViLKtQV4tK8gJ2etAFqIX6ttDP384QQ4yPeI/9+cwvkTyOMhPdT1oRmNN
         aAG24tlli8t8V6Eqq0/QTy/cbruF1D5RzwLmWKbm+h3qySSJ4j0ljzLt3xN+e8S0if1S
         1/uOYfMNsyNPvDfyZyk8FYOfVfv7Eb1DKlalD0etC42LZFdf/ByNNjB15kg+6BM6k9Cr
         EPqu5AnpfFbf5qDS5nZxN6tu6T+PUpuU/xYkYrLR57G8jOnkN7ouSbEUrgvS/7nzyZF3
         iUDEi0GBBO3ddhAkZ3D3K/NPjfs37G8mxnLnz0BSfg/nR6Jkt3TaLQqvoji21AhHhD+m
         eHrA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=FMAXIXmcSSSOoR08giMLESCzRQOgkUw85vy83Wo1seg=;
        fh=RSTqdIl5aceIwD3S/DVxCGxpAFnUugKWbNoI5DOSl4s=;
        b=mxfssBwzGShhUkXF/JKzQ5Ii1kh8FLNIbP1aeRj5d5iihBMgo8Jv2x0XRQ4WEaS9Ui
         WTeMaW3ObivNp58J1xsFLb8DzUY+Klgl+q6ZBMnt3Ne8QKOm0qxVUTm7gXo2EXaKZF/R
         U2I/rxWnIQftOIjEexcZ+PFCRSjv+ofiz+3tW8ECvlloQODk3pZ77jZ5PJxgfiojOV8G
         PfdwKfuONVSek2aCvujbqa7sb7g/tIE4VpXk+7D0O3Ax9Oe2H7OalXnL5/11UQ3jUXbe
         crdOwTVPkstkkxFbHLR+o8FPtsVmTbHqIFNyu07ORy736vYsJvFpuMn/cn2kncI4XgbD
         /HMg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from fry.vger.email (fry.vger.email. [23.128.96.38])
        by mx.google.com with ESMTPS id q33-20020a635061000000b005c60319034csi11519243pgl.644.2023.12.06.05.53.28
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 06 Dec 2023 05:53:28 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by fry.vger.email (Postfix) with ESMTP id AAB0A80BE87C;
	Wed,  6 Dec 2023 05:53:25 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1378646AbjLFNxF (ORCPT <rfc822;a.bouin@gmail.com> + 99 others);
        Wed, 6 Dec 2023 08:53:05 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42496 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1378633AbjLFNxE (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Dec 2023 08:53:04 -0500
X-Greylist: delayed 535 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 06 Dec 2023 05:53:10 PST
Received: from rhlx01.hs-esslingen.de (rhlx01.hs-esslingen.de [129.143.116.10])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB6BFC3;
        Wed,  6 Dec 2023 05:53:10 -0800 (PST)
Received: from lela.futurama.org (localhost.localdomain [IPv6:::1])
        by rhlx01.hs-esslingen.de (Postfix) with ESMTP id A63DC28323F0;
        Wed,  6 Dec 2023 14:44:13 +0100 (CET)
Received: from dcbf.. (unknown [192.168.1.149])
        by lela.futurama.org (Postfix) with ESMTP id 96C1E8032518;
        Wed,  6 Dec 2023 14:44:13 +0100 (CET)
From:   Adrian Reber <areber@redhat.com>
To:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Jiri Slaby <jirislaby@kernel.org>,
        linux-kernel@vger.kernel.org, linux-serial@vger.kernel.org
Cc:     Christian Brauner <brauner@kernel.org>
Subject: [PATCH] tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
Date:   Wed,  6 Dec 2023 14:43:40 +0100
Message-ID: <20231206134340.7093-1-areber@redhat.com>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Wed, 06 Dec 2023 05:53:26 -0800 (PST)

The capability CAP_CHECKPOINT_RESTORE was introduced to allow non-root
users to checkpoint and restore processes as non-root with CRIU.

This change extends CAP_CHECKPOINT_RESTORE to enable the CRIU option
'--shell-job' as non-root. CRIU's man-page describes the '--shell-job'
option like this:

  Allow one to dump shell jobs. This implies the restored task will
  inherit session and process group ID from the criu itself. This option
  also allows to migrate a single external tty connection, to migrate
  applications like top.

TIOCSLCKTRMIOS can only be done if the process has CAP_SYS_ADMIN and
this change extends it to CAP_SYS_ADMIN or CAP_CHECKPOINT_RESTORE.

With this change it is possible to checkpoint and restore processes
which have a tty connection as non-root if CAP_CHECKPOINT_RESTORE is
set.

Signed-off-by: Adrian Reber <areber@redhat.com>
---
 drivers/tty/tty_ioctl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/tty/tty_ioctl.c b/drivers/tty/tty_ioctl.c
index 4b499301a3db..95d14d7128cc 100644
--- a/drivers/tty/tty_ioctl.c
+++ b/drivers/tty/tty_ioctl.c
@@ -844,7 +844,7 @@ int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
 			ret = -EFAULT;
 		return ret;
 	case TIOCSLCKTRMIOS:
-		if (!capable(CAP_SYS_ADMIN))
+		if (!capable(CAP_SYS_ADMIN) && !capable(CAP_CHECKPOINT_RESTORE))
 			return -EPERM;
 		copy_termios_locked(real_tty, &kterm);
 		if (user_termios_to_kernel_termios(&kterm,
@@ -861,7 +861,7 @@ int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
 			ret = -EFAULT;
 		return ret;
 	case TIOCSLCKTRMIOS:
-		if (!capable(CAP_SYS_ADMIN))
+		if (!capable(CAP_SYS_ADMIN) && !capable(CAP_CHECKPOINT_RESTORE))
 			return -EPERM;
 		copy_termios_locked(real_tty, &kterm);
 		if (user_termios_to_kernel_termios_1(&kterm,

base-commit: 98b1cc82c4affc16f5598d4fa14b1858671b2263
-- 
2.43.0