Commit:     98a27ba485c7508ef9d9527fe06e4686f3a163dc
Parent:     2a65f1d9fe78475720bd8f0e0fbbf1973b1b5ac2
Author:     Eric W. Biederman <[EMAIL PROTECTED]>
AuthorDate: Tue May 8 00:26:56 2007 -0700
Committer:  Linus Torvalds <[EMAIL PROTECTED]>
CommitDate: Tue May 8 11:15:04 2007 -0700

    tty: introduce no_tty and use it in selinux
    While researching the tty layer pid leaks I found a weird case in selinux 
    we drop a controlling tty because of inadequate permissions we don't do the
    normal hangup processing.  Which is a problem if it happens the session 
    has exec'd something that can no longer access the tty.
    We already have code in the kernel to handle this case in the form of the
    TIOCNOTTY ioctl.  So this patch factors out a helper function that is the
    essence of that ioctl and calls it from the selinux code.
    This removes the inconsistency in handling dropping of a controlling tty and
    who knows it might even make some part of user space happy because it 
    a SIGHUP it was expecting.
    In addition since this removes the last user of proc_set_tty outside of
    tty_io.c proc_set_tty is made static and removed from tty.h
    Signed-off-by: Eric W. Biederman <[EMAIL PROTECTED]>
    Acked-by: Alan Cox <[EMAIL PROTECTED]>
    Cc: James Morris <[EMAIL PROTECTED]>
    Cc: Stephen Smalley <[EMAIL PROTECTED]>
    Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
    Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
 drivers/char/tty_io.c    |   19 +++++++++++++++----
 include/linux/tty.h      |    2 +-
 security/selinux/hooks.c |    7 +++----
 3 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index 39db186..5d405a1 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -154,6 +154,7 @@ int tty_ioctl(struct inode * inode, struct file * file,
 static int tty_fasync(int fd, struct file * filp, int on);
 static void release_tty(struct tty_struct *tty, int idx);
 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
+static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
  *     alloc_tty_struct        -       allocate a tty object
@@ -1558,6 +1559,18 @@ void disassociate_ctty(int on_exit)
+ *
+ *     no_tty  - Ensure the current process does not have a controlling tty
+ */
+void no_tty(void)
+       struct task_struct *tsk = current;
+       if (tsk->signal->leader)
+               disassociate_ctty(0);
+       proc_clear_tty(tsk);
  *     stop_tty        -       propogate flow control
@@ -3280,9 +3293,7 @@ int tty_ioctl(struct inode * inode, struct file * file,
                case TIOCNOTTY:
                        if (current->signal->tty != tty)
                                return -ENOTTY;
-                       if (current->signal->leader)
-                               disassociate_ctty(0);
-                       proc_clear_tty(current);
+                       no_tty();
                        return 0;
                case TIOCSCTTY:
                        return tiocsctty(tty, arg);
@@ -3844,7 +3855,7 @@ static void __proc_set_tty(struct task_struct *tsk, 
struct tty_struct *tty)
        tsk->signal->tty_old_pgrp = NULL;
-void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
+static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
        __proc_set_tty(tsk, tty);
diff --git a/include/linux/tty.h b/include/linux/tty.h
index dee72b9..bb45760 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -313,6 +313,7 @@ extern int tty_hung_up_p(struct file * filp);
 extern void do_SAK(struct tty_struct *tty);
 extern void __do_SAK(struct tty_struct *tty);
 extern void disassociate_ctty(int priv);
+extern void no_tty(void);
 extern void tty_flip_buffer_push(struct tty_struct *tty);
 extern speed_t tty_get_baud_rate(struct tty_struct *tty);
 extern speed_t tty_termios_baud_rate(struct ktermios *termios);
@@ -333,7 +334,6 @@ extern int tty_ioctl(struct inode *inode, struct file 
*file, unsigned int cmd,
 extern dev_t tty_devnum(struct tty_struct *tty);
 extern void proc_clear_tty(struct task_struct *p);
-extern void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
 extern struct tty_struct *get_current_tty(void);
 extern struct mutex tty_mutex;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 885a9a9..fa9dbb6 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1758,12 +1758,11 @@ static inline void flush_unauthorized_files(struct 
files_struct * files)
-               /* Reset controlling tty. */
-               if (drop_tty)
-                       proc_set_tty(current, NULL);
+       /* Reset controlling tty. */
+       if (drop_tty)
+               no_tty();
        /* Revalidate access to inherited open files. */
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to