Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp2414243rdb;
        Fri, 8 Dec 2023 07:30:39 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEnsujw1Hto4tt5Ftkvwbq29YApivMzlxx1pDLbs0aWKdxv9x0ttpWBKqs5VtIUPMpVYnMC
X-Received: by 2002:a17:902:e74e:b0:1cf:9c44:62e with SMTP id p14-20020a170902e74e00b001cf9c44062emr242244plf.34.1702049438509;
        Fri, 08 Dec 2023 07:30:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702049438; cv=none;
        d=google.com; s=arc-20160816;
        b=sd8Ld5Hijrgl/jQ30FNVuyRFFLA82W4HLXq6SIebTSQf/SMowZpgNtWIW6WjGCwhqy
         lvVNWInSAeFBg7oLz+W5wv4XnLM9RrBJEHVNWzPM11Ym+D3+U71XWHoYaZa3DTh59lMO
         8ix+17t5bO3GMgUa567o71pATbbg+woekm7Zo2/zdYBSSlraXA32SfgaqcuRuauX/oJx
         /UL2YqOQtEs2u7k/b2Mkxw7t+cwIaesHg3ZFUsxqxqBpbma91lMDP+uE9jn3KziF8OaK
         uF8N0YzpQ/aVhIiGoSvDbnSlA1rOjFLgBxMaVUztkJ5s626kBtxAR1JuXiINciJ1h5dK
         J2Ow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:cc:to:subject
         :message-id:date:from:in-reply-to:references:mime-version
         :dkim-signature;
        bh=B+K3YCrkZaiNrcUYXyCv6UBN5xE5owY2kTVg/Ts8dS8=;
        fh=AF4/a2wEhrmCp0ABgy/rx8X3kPMwowSFOx2qsMZKSbE=;
        b=VMMwTYhSJTLWeEJUYBthT6Jae0WeN2YeF7IDT6KMbuSwQXFB0bmheAHH9XA6kgfI/j
         43NNLih6P9YfrVwya8UzdcDIaeM9lvnCuQriu7NonGZQTcoueS7l9UIRyvj0QTeg2ONV
         34brhtTUMySfMutHzx117TDqaUPLl6CRaLjRVwlWu1DJIylwRNPIRiGFqi0jKJHubd55
         Rm5ZHsqMsVMVBYE9UqAoTU82pMqR/Alr1/zGHopI7cpmSxg51OrqN9dfU1xkFCELn7P8
         An0Jw7GKg26fWbhSC04GbzlhX1xW7Z03sxA5pcd++3ZmJMI9DQvkn1hNDeph3/QuFnt4
         iMOQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=MNtJh7BM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
        by mx.google.com with ESMTPS id i13-20020a170902c94d00b001c754f13381si1807329pla.455.2023.12.08.07.30.37
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 08 Dec 2023 07:30:38 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=MNtJh7BM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id 7061A837CF0F;
	Fri,  8 Dec 2023 07:30:02 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1574335AbjLHP3p (ORCPT <rfc822;abhi.c.pawar@gmail.com>
        + 99 others); Fri, 8 Dec 2023 10:29:45 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47744 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233554AbjLHP3o (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 8 Dec 2023 10:29:44 -0500
Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80367173F;
        Fri,  8 Dec 2023 07:29:50 -0800 (PST)
Received: by mail-lj1-x22c.google.com with SMTP id 38308e7fff4ca-2ca0c36f5beso27960701fa.1;
        Fri, 08 Dec 2023 07:29:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1702049389; x=1702654189; darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=B+K3YCrkZaiNrcUYXyCv6UBN5xE5owY2kTVg/Ts8dS8=;
        b=MNtJh7BM/owvuIDE7gVSaqR4CsZNxzq1l8gHParrq8YxLY+uTxQS265WxOl0BFlDRL
         xyTZ6sdPHK/VqSdaUEINQ9Rk8TSsMUSTQMINEatJufQNRVII5ozMDHVK7qR7KDc+bRwD
         4WazgDygnJLIlvb1JxkxeGBRPKOLpPRxtp54IDBMjnlcEJFZZoLCdNlU+hEhQZdlPhec
         b5vAEHCbC9gmJPWfcZqASyg2vgxc4/PorJJJ0Xs054RAbqVhIIxSnsVQskYPVgnAIM+1
         0h1Q6uSIUFYwzdi8InT5FVuTRBefDu8N4b1lOBJYRN0Ey2SwYYxXJbBCouNvikGpHi15
         fyAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1702049389; x=1702654189;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=B+K3YCrkZaiNrcUYXyCv6UBN5xE5owY2kTVg/Ts8dS8=;
        b=lCh+MoPFPTXRtMmGTJ5ptf6/JcLXFqEV6kngPsJHxXlsELrM4xH757bK1nY6ZvHF/Q
         xbQudDD3jBqRJdrfkic9avx6l+/Ny03gZIlvKn0EFa/owG+vB1D0szoP6mFEKmGH2eR2
         ipSjguNc1zMfNzJYQTSnWYB1SX5PNZNdn807zvDniMS+PKQRGR2qOlisNsBZmScZHaWw
         Hr4NfdrBkpQkM4TaqFSxwhdsRk8bSZaUMQdt/1ZpUMyB0T8LsLuo/DXN8xIZZUFFkgRH
         RFrzsdaazNv3RPurbdl2oy7wbNbusY21Cg4J0viV3NuCUF1idv5/b1cEn4ayS7Z9unuL
         0d3A==
X-Gm-Message-State: AOJu0Yz+g6mjcT0zrIuRvyGLgDc3PrUO7CGpyuJUEQmM0wf1WO6y/OO7
        vE05dQ0XMBWofw1C6Kyhi4kAF64WMkjnlVytG9JW0UZC
X-Received: by 2002:a2e:2e0b:0:b0:2c9:f7a1:2f93 with SMTP id
 u11-20020a2e2e0b000000b002c9f7a12f93mr34313lju.105.1702049388258; Fri, 08 Dec
 2023 07:29:48 -0800 (PST)
MIME-Version: 1.0
References: <20231208143656.1019-1-areber@redhat.com>
In-Reply-To: <20231208143656.1019-1-areber@redhat.com>
From:   Andrei Vagin <avagin@gmail.com>
Date:   Fri, 8 Dec 2023 07:29:35 -0800
Message-ID: <CANaxB-wro4DRGosRhi1bB2jYdjM+1OihYTsnFOuAi_RKHnOm5w@mail.gmail.com>
Subject: Re: [PATCH v2] tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
To:     Adrian Reber <areber@redhat.com>
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Jiri Slaby <jirislaby@kernel.org>,
        linux-kernel@vger.kernel.org, linux-serial@vger.kernel.org,
        Christian Brauner <brauner@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Fri, 08 Dec 2023 07:30:02 -0800 (PST)

On Fri, Dec 8, 2023 at 6:37=E2=80=AFAM Adrian Reber <areber@redhat.com> wro=
te:
>
> The capability CAP_CHECKPOINT_RESTORE was introduced to allow non-root
> users to checkpoint and restore processes as non-root with CRIU.
>
> This change extends CAP_CHECKPOINT_RESTORE to enable the CRIU option
> '--shell-job' as non-root. CRIU's man-page describes the '--shell-job'
> option like this:
>
>   Allow one to dump shell jobs. This implies the restored task will
>   inherit session and process group ID from the criu itself. This option
>   also allows to migrate a single external tty connection, to migrate
>   applications like top.
>
> TIOCSLCKTRMIOS can only be done if the process has CAP_SYS_ADMIN and
> this change extends it to CAP_SYS_ADMIN or CAP_CHECKPOINT_RESTORE.
>
> With this change it is possible to checkpoint and restore processes
> which have a tty connection as non-root if CAP_CHECKPOINT_RESTORE is
> set.
>

Acked-by: Andrei Vagin <avagin@gmail.com>

> Acked-by: Christian Brauner <brauner@kernel.org>
> Signed-off-by: Adrian Reber <areber@redhat.com>
> ---
> Changes in v2:
> - replaced "if (!capable(CAP_SYS_ADMIN) && !capable(CAP_CHECKPOINT_RESTOR=
E))"
>   with "if (!checkpoint_restore_ns_capable(&init_user_ns))" as suggested
>   by Christian Brauner
> - v1: https://lore.kernel.org/linux-serial/20231206134340.7093-1-areber@r=
edhat.com/
> ---
>  drivers/tty/tty_ioctl.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/tty/tty_ioctl.c b/drivers/tty/tty_ioctl.c
> index 4b499301a3db..85de90eebc7b 100644
> --- a/drivers/tty/tty_ioctl.c
> +++ b/drivers/tty/tty_ioctl.c
> @@ -844,7 +844,7 @@ int tty_mode_ioctl(struct tty_struct *tty, unsigned i=
nt cmd, unsigned long arg)
>                         ret =3D -EFAULT;
>                 return ret;
>         case TIOCSLCKTRMIOS:
> -               if (!capable(CAP_SYS_ADMIN))
> +               if (!checkpoint_restore_ns_capable(&init_user_ns))
>                         return -EPERM;
>                 copy_termios_locked(real_tty, &kterm);
>                 if (user_termios_to_kernel_termios(&kterm,
> @@ -861,7 +861,7 @@ int tty_mode_ioctl(struct tty_struct *tty, unsigned i=
nt cmd, unsigned long arg)
>                         ret =3D -EFAULT;
>                 return ret;
>         case TIOCSLCKTRMIOS:
> -               if (!capable(CAP_SYS_ADMIN))
> +               if (!checkpoint_restore_ns_capable(&init_user_ns))
>                         return -EPERM;
>                 copy_termios_locked(real_tty, &kterm);
>                 if (user_termios_to_kernel_termios_1(&kterm,
>
> base-commit: 98b1cc82c4affc16f5598d4fa14b1858671b2263
> --
> 2.43.0
>