** Description changed:
- Hey guys,
+ Hey,
I just pushed a patch series by Luke to glibc master that fixes a bug
with pty file descriptors from devpts mounts in a different mount
namespace. Here's the description:
linux ttyname{_r}: Don't bail prematurely [BZ #22145]
Commit 15e9a4f378c8607c2ae1aa465436af4321db0e23 introduced logic for ttyname()
sending back ENODEV to signal that we can't get a name for the TTY because we
inherited it from a different mount namespace.
However, just because we inherited it from a different mount namespace and it
isn't available at its original path, doesn't mean that its name is
unknowable;
we can still try to find it by allowing the normal fall back on iterating
through devices.
An example scenario where this happens is with "/dev/console" in containers.
It's a common practice among container managers to allocate a PTY master/slave
pair in the host's mount namespace (the slave having a path like
"/dev/pty/$X"),
bind mount the slave to "/dev/console" in the container's mount namespace, and
send the slave FD to a process in the container. Inside of the
container, the slave-end isn't available at its original path ("/dev/pts/$X"),
since the container mount namespace has a separate devpts instance from the
host
(that path may or may not exist in the container; if it does exist, it's not
the
- same PTY slave device). Currently ttyname{_r} sees that the file at the
+ same PTY slave device). Currently ttyname{_r} sees that the file at the
original "/dev/pts/$X" path doesn't match the FD passed to it, and fails early
and gives up, even though if it kept searching it would find the TTY at
"/dev/console". Fix that; don't have the ENODEV path force an early return
inhibiting the fall-back search.
This change is based on the previous patch that adds use of is_mytty in
getttyname and getttyname_r. Without that change, this effectively reverts
15e9a4f, which made us disregard the false similarity of file pointed to by
"/proc/self/fd/$Y", because if it doesn't bail prematurely then that file
("/dev/pts/$X") will just come up again anyway in the fall-back search.
Reviewed-by: Christian Brauner <[email protected]>
The relevant patches from glibc master are:
495a56fdeb05d20a88304ff5da577d23a8e81ae1
9b5a87502d048905c383b65c51768f4a1db8c685
d10d6cab168ffa26ef6a506655ee5dc8537c8ed7
2fbce9c2031e70b6bd67876accfc34b0ec492878
a09dfc19edcbac3f96d5410529b724db0a583879
d9611e308592355718b36fe085b7b61aa52911e5
The patches will be in glibc 2.27 but this should be backported to glibc
2.26.
** Description changed:
Hey,
I just pushed a patch series by Luke to glibc master that fixes a bug
with pty file descriptors from devpts mounts in a different mount
namespace. Here's the description:
linux ttyname{_r}: Don't bail prematurely [BZ #22145]
Commit 15e9a4f378c8607c2ae1aa465436af4321db0e23 introduced logic for ttyname()
sending back ENODEV to signal that we can't get a name for the TTY because we
inherited it from a different mount namespace.
However, just because we inherited it from a different mount namespace and it
isn't available at its original path, doesn't mean that its name is
unknowable;
we can still try to find it by allowing the normal fall back on iterating
through devices.
An example scenario where this happens is with "/dev/console" in containers.
It's a common practice among container managers to allocate a PTY master/slave
pair in the host's mount namespace (the slave having a path like
"/dev/pty/$X"),
bind mount the slave to "/dev/console" in the container's mount namespace, and
send the slave FD to a process in the container. Inside of the
container, the slave-end isn't available at its original path ("/dev/pts/$X"),
since the container mount namespace has a separate devpts instance from the
host
(that path may or may not exist in the container; if it does exist, it's not
the
same PTY slave device). Currently ttyname{_r} sees that the file at the
original "/dev/pts/$X" path doesn't match the FD passed to it, and fails early
and gives up, even though if it kept searching it would find the TTY at
"/dev/console". Fix that; don't have the ENODEV path force an early return
inhibiting the fall-back search.
This change is based on the previous patch that adds use of is_mytty in
getttyname and getttyname_r. Without that change, this effectively reverts
15e9a4f, which made us disregard the false similarity of file pointed to by
"/proc/self/fd/$Y", because if it doesn't bail prematurely then that file
("/dev/pts/$X") will just come up again anyway in the fall-back search.
Reviewed-by: Christian Brauner <[email protected]>
The relevant patches from glibc master are:
495a56fdeb05d20a88304ff5da577d23a8e81ae1
9b5a87502d048905c383b65c51768f4a1db8c685
d10d6cab168ffa26ef6a506655ee5dc8537c8ed7
2fbce9c2031e70b6bd67876accfc34b0ec492878
a09dfc19edcbac3f96d5410529b724db0a583879
d9611e308592355718b36fe085b7b61aa52911e5
The patches will be in glibc 2.27 but this should be backported to glibc
2.26.
+
+ Christian
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732550
Title:
linux ttyname{_r}: Don't bail prematurely [BZ #22145]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1732550/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
