Re: pax pledge issue

Sun, 16 Apr 2017 08:24:07 -0700 

> On Sat, Apr 15, 2017 at 10:27:19PM +0200, Matthieu Herrb wrote:
> > On 6.1 and -current. run 'pax' without any argment.
> > 
> > $ pax
> > Abort (core dumped)
> > Exit 134
> > 
> > $ dmesg | tail -1
> > pax(81327): syscall 54 "tty"
> > 
> > $ ktrace pax
> > $ kdump | tail -4
> >  19681 pax      CALL  ioctl(0,MTIOCGET,0x7f7ffffbd7f0)
> >  19681 pax      PLDG  ioctl, "tty", errno 1 Operation not permitted
> >  19681 pax      PSIG  SIGABRT SIG_DFL
> >  19681 pax      NAMI  "pax.core"
> > 
> > -- 
> > Matthieu Herrb
> > 
> 
> The issue here is, that pledge("tape") does not allow to perform
> MTIOCGET on tty devices. So we should call isatty() beforehand and
> shortcut ioctl() in case the file descriptor is a tty.
> 
> Index: ar_io.c
> ===================================================================
> RCS file: /cvs/src/bin/pax/ar_io.c,v
> retrieving revision 1.62
> diff -u -p -r1.62 ar_io.c
> --- ar_io.c   11 Mar 2017 12:55:47 -0000      1.62
> +++ ar_io.c   16 Apr 2017 07:08:29 -0000
> @@ -170,9 +170,12 @@ ar_open(const char *name)
>               return(-1);
>       }
>  
> -     if (S_ISCHR(arsb.st_mode))
> -             artyp = ioctl(arfd, MTIOCGET, &mb) ? ISCHR : ISTAPE;
> -     else if (S_ISBLK(arsb.st_mode))
> +     if (S_ISCHR(arsb.st_mode)) {
> +             if (isatty(arfd) || ioctl(arfd, MTIOCGET, &mb))
> +                     artyp = ISCHR;
> +             else
> +                     artyp = ISTAPE;
> +     } else if (S_ISBLK(arsb.st_mode))
>               artyp = ISBLK;
>       else if ((lseek(arfd, 0, SEEK_CUR) == -1) && (errno == ESPIPE))
>               artyp = ISPIPE;
> 
> 
> With this diff applied:
> 
> $ pax
> [waiting for input]
> ...

What about cdevs which are not tty, but also not tape.

I am quite averse to pledge inserting errnos rather than failure
because it creates a "posix variant" rather than "enforcement",
however I was wondering about doing a bit different here since the
tape ioctl's are not really POSIX.

Index: kern_pledge.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_pledge.c,v
retrieving revision 1.203
diff -u -p -u -r1.203 kern_pledge.c
--- kern_pledge.c       13 Apr 2017 04:06:46 -0000      1.203
+++ kern_pledge.c       15 Apr 2017 22:28:54 -0000
@@ -1155,9 +1155,12 @@ pledge_ioctl(struct proc *p, long com, s
                case MTIOCTOP:
                        /* for pax(1) and such, checking tapes... */
                        if (fp->f_type == DTYPE_VNODE &&
-                           vp->v_type == VCHR &&
-                           (vp->v_flag & VISTTY) == 0)
-                               return (0);
+                           vp->v_type == VCHR) {
+                               if (vp->v_flag & VISTTY)
+                                       return (ENOTTY);
+                               else
+                                       return (0);
+                       }
                        break;
                }
        }

Reply via email to