On Fri, Dec 11, 2015 at 11:40 AM, Eric W. Biederman
<ebied...@xmission.com> wrote:
>
>
> +struct inode *devpts_ptmx(struct inode *inode, struct file *filp)
> +{
> +#ifdef CONFIG_DEVPTS_MULTIPLE_INSTANCES
> + struct path path, old;
> + struct super_block *sb;
> + struct dentry *root;
> +
> + if (inode->i_sb->s_magic == DEVPTS_SUPER_MAGIC)
> + return inode;
> +
> + old = filp->f_path;
> + path = old;
> + path_get(&path);
> + if (kern_path_pts(&path)) {
> + path_put(&path);
> + return ERR_PTR(-EINVAL);
> + }
So this is definitely crap.
You can't return an error. You should just return the old inode. If
somebody doesn't have /dev/pts/ mounted there, the legacy /dev/ptmx
should still work, not return ENOENT or whatever.
> + sb = path.mnt->mnt_sb;
> + if (sb->s_magic != DEVPTS_SUPER_MAGIC) {
> + path_put(&path);
> + return ERR_PTR(-EINVAL);
> + }
Same deal. Returning an error is wrong.
Of, alternatively, make the caller not consider an error an error, but
fall back to the old behavior in the caller.
> + /*
> + * Update filp with the new path so that userspace can use
> + * fstat to know which instance of devpts is open, and so
> + * userspace can use readlink /proc/self/fd/NNN to find the
> + * path to the devpts filesystem for reporting slave inodes.
> + */
Hmm. I'm not 100% convinced about this. Normally we do *not* allow
f_path and f_inode to change. I guess this file descriptor hasn't been
exposed yet, so it might be ok, but it makes me a bit nervous that
this code violates the basic filp rules..
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
