lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 7 May 2015 17:37:48 -0700
From:	josh@...htriplett.org
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Fengguang Wu <fengguang.wu@...el.com>,
	Iulia Manda <iulia.manda21@...il.com>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	Fabian Frederick <fabf@...net.be>,
	Linux Memory Management List <linux-mm@...ck.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] devpts: If initialization failed, don't crash when
 opening /dev/ptmx

On Thu, May 07, 2015 at 03:59:19PM -0700, Andrew Morton wrote:
> On Wed, 6 May 2015 17:35:47 -0700 Josh Triplett <josh@...htriplett.org> wrote:
> 
> > If devpts failed to initialize, it would store an ERR_PTR in the global
> > devpts_mnt.  A subsequent open of /dev/ptmx would call devpts_new_index,
> > which would dereference devpts_mnt and crash.
> > 
> > Avoid storing invalid values in devpts_mnt; leave it NULL instead.
> > Make both devpts_new_index and devpts_pty_new fail gracefully with
> > ENODEV in that case, which then becomes the return value to the
> > userspace open call on /dev/ptmx.
> 
> It looks like the system is pretty crippled if init_devptr_fs() fails. 
> Can the user actually get access to consoles and do useful things in
> this situation?  Maybe it would be better to just give up and panic?

Mounting devpts doesn't work without it, but you don't *need* to do that
to run a viable system.  A full-featured terminal might be unhappy.
init=/bin/sh works, and a console login doesn't strictly require
/dev/pts.  A substantial initramfs or rescue system should work without
/dev/pts mounted.

I think this falls under Linus's comments elsewhere about BUG versus
WARN.  The system can continue and will function to some degree.
panic() is more suitable for "if I even return from this function,
horrible things will start happening".  With this patch, all the
functions provided by devpts gracefully fail if devpts did, so I don't
see a good reason to panic().

> > @@ -676,12 +689,15 @@ static int __init init_devpts_fs(void)
> >  	struct ctl_table_header *table;
> >  
> >  	if (!err) {
> > +		static struct vfsmount *mnt;
> 
> static is weird.  I assume this was a braino?

Copy/paste issue, yes.  Fixed in v2.

- Josh Triplett
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ