summaryrefslogtreecommitdiffstats
path: root/security/commoncap.c
diff options
context:
space:
mode:
authorPeter Hurley <peter@hurleysoftware.com>2014-10-16 14:59:49 -0400
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2014-11-05 16:26:14 -0800
commite218eb32f508c828dc87d0d724c70e2cf9b7866e (patch)
tree52ad8dc062bd5266757924eabef81e225927ec04 /security/commoncap.c
parente1c2296c3485158304bfad5a80e89078463d70c8 (diff)
downloadtalos-obmc-linux-e218eb32f508c828dc87d0d724c70e2cf9b7866e.tar.gz
talos-obmc-linux-e218eb32f508c828dc87d0d724c70e2cf9b7866e.zip
tty: Serialize proc_set_tty() with tty_lock
Setting the controlling terminal for a session occurs with either the first open of a non-pty master tty or with ioctl(TIOCSCTTY). Since only the session leader can set the controlling terminal for a session (and the session leader cannot change), it is not necessary to prevent a process from attempting to set different ttys as the controlling terminal concurrently. So it's only necessary to prevent the same tty from becoming the controlling terminal for different session leaders. The tty_lock() is sufficient to prevent concurrent proc_set_tty() for the same tty. Remove the tty_mutex lock region; add tty_lock() to tiocsctty(). While this may appear to allow a race condition between opening the controlling tty via tty_open_current_tty() and stealing the controlling tty via ioctl(TIOCSCTTY, 1), that race condition already existed. Even if the tty_mutex prevented stealing the controlling tty while tty_open_current_tty() returned the original controlling tty, it cannot prevent stealing the controlling tty before tty_open() returns. Thus, tty_open() could already return a no-longer-controlling tty when opening /dev/tty. Signed-off-by: Peter Hurley <peter@hurleysoftware.com> Reviewed-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security/commoncap.c')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud