Skip to content

R
raspberrypi-kernel

openeuler / raspberrypi-kernel

通知 13
Star 1
Fork 0
R
raspberrypi-kernel
切换分支/标签
  1. 24 7月, 2013 1 次提交
  3. 18 6月, 2013 2 次提交
  5. 01 5月, 2013 1 次提交
    • L
      tty: fix up atime/mtime mess, take three · b0b88565
      Linus Torvalds 提交于 
      We first tried to avoid updating atime/mtime entirely (commit
b0de59b5: "TTY: do not update atime/mtime on read/write"), and then
limited it to only update it occasionally (commit 37b7f3c7: "TTY:
fix atime/mtime regression"), but it turns out that this was both
insufficient and overkill.

It was insufficient because we let people attach to the shared ptmx node
to see activity without even reading atime/mtime, and it was overkill
because the "only once a minute" means that you can't really tell an
idle person from an active one with 'w'.

So this tries to fix the problem properly.  It marks the shared ptmx
node as un-notifiable, and it lowers the "only once a minute" to a few
seconds instead - still long enough that you can't time individual
keystrokes, but short enough that you can tell whether somebody is
active or not.
Reported-by: NSimon Kirby <sim@hostway.ca>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b0b88565
  7. 26 4月, 2013 1 次提交
    • J
      TTY: fix atime/mtime regression · 37b7f3c7
      Jiri Slaby 提交于 
      In commit b0de59b5 ("TTY: do not update atime/mtime on read/write")
we removed timestamps from tty inodes to fix a security issue and waited
if something breaks.  Well, 'w', the utility to find out logged users
and their inactivity time broke.  It shows that users are inactive since
the time they logged in.

To revert to the old behaviour while still preventing attackers to
guess the password length, we update the timestamps in one-minute
intervals by this patch.
Signed-off-by: NJiri Slaby <jslaby@suse.cz>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      37b7f3c7
  9. 26 3月, 2013 1 次提交
  11. 19 3月, 2013 5 次提交
  13. 16 3月, 2013 5 次提交
    • P
      tty: Signal SIGHUP before hanging up ldisc · 25fdf243
      Peter Hurley 提交于 
      An exiting session leader can hang if a foreground process is
blocking for line discipline i/o, eg. in n_tty_read(). This happens
because the blocking reader is holding an ldisc reference (indicating
the line discipline is in-use) which prevents __tty_hangup() from
recycling the line discipline. Although waiters are woken before
attempting to gain exclusive access for changing the ldisc, the
blocking reader in this case will not exit the i/o loop since it
has not yet received SIGHUP (because it has not been sent).

Instead, perform signalling first, then recycle the line discipline.

Fixes:

INFO: task init:1 blocked for more than 120 seconds.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
init            D 00000000001d7180  2688     1      0 0x00000002
 ffff8800b9acfba8 0000000000000002 00000000001d7180 ffff8800b9b10048
 ffff8800b94cb000 ffff8800b9b10000 00000000001d7180 00000000001d7180
 ffff8800b9b10000 ffff8800b9acffd8 00000000001d7180 00000000001d7180
Call Trace:
 [<ffffffff83db9909>] __schedule+0x2e9/0x3b0
 [<ffffffff83db9b35>] schedule+0x55/0x60
 [<ffffffff83db74ba>] schedule_timeout+0x3a/0x370
 [<ffffffff81182349>] ? mark_held_locks+0xf9/0x130
 [<ffffffff83dbab38>] ? down_failed+0x108/0x200
 [<ffffffff83dbb7ab>] ? _raw_spin_unlock_irq+0x2b/0x80
 [<ffffffff81182608>] ? trace_hardirqs_on_caller+0x128/0x160
 [<ffffffff83dbab61>] down_failed+0x131/0x200
 [<ffffffff83dbbfad>] ? tty_ldisc_lock_pair_timeout+0xcd/0x120
 [<ffffffff83dbae03>] ldsem_down_write+0xd3/0x113
 [<ffffffff83dbbfad>] ? tty_ldisc_lock_pair_timeout+0xcd/0x120
 [<ffffffff8118264d>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff83dbbfad>] tty_ldisc_lock_pair_timeout+0xcd/0x120
 [<ffffffff81c3df60>] tty_ldisc_hangup+0xd0/0x220
 [<ffffffff81c35bd7>] __tty_hangup+0x137/0x4f0
 [<ffffffff81c37c7c>] disassociate_ctty+0x6c/0x230
 [<ffffffff8111290c>] do_exit+0x41c/0x590
 [<ffffffff8107ad34>] ? syscall_trace_enter+0x24/0x2e0
 [<ffffffff81112b4a>] do_group_exit+0x8a/0xc0
 [<ffffffff81112b92>] sys_exit_group+0x12/0x20
 [<ffffffff83dc49d8>] tracesys+0xe1/0xe6
1 lock held by init/1:
 #0: (&tty->ldisc_sem){++++++}, at: [<ffffffff83dbbfad>] tty_ldisc_lock_pair_timeout+0xcd/0x120
Reported-by: NSasha Levin <levinsasha928@gmail.com>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      25fdf243
    • P
      tty: Signal foreground group processes in hangup · f91e2590
      Peter Hurley 提交于 
      When the session leader is exiting, signal the foreground group
processes as part of the hangup sequence, instead of after the
hangup is complete. This prepares for hanging up the
line discipline _after_ signalling processes which
may be blocking on ldisc i/o.

Parameterize __tty_hangup() to distinguish between when the
session leader is exiting and all other hangups; signal the
foreground group after signalling the session leader and its
process group, which preserves the original signal order.
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      f91e2590
    • P
      tty: Use spin_lock() inside existing critical region · bc30c3b2
      Peter Hurley 提交于 
      The interrupt state does not need to be saved, disabled and
restored here; interrupts are already off because this lock
is bracketed by spin_lock_irq/spin_unlock_irq.
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      bc30c3b2
    • P
      tty: Fix spinlock flavor in non-atomic __tty_hangup() · 20cc225b
      Peter Hurley 提交于 
      __tty_hangup() and tty_vhangup() cannot be called from atomic context,
so locks do not need to preserve the interrupt state (although,
still disable interrupts).
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      20cc225b
    • P
      tty: Refactor session leader SIGHUP from __tty_hangup() · ea648a47
      Peter Hurley 提交于 
      Reduce complexity of __tty_hangup(); separate SIGHUP signalling
into tty_signal_session_leader().
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      ea648a47
  15. 28 2月, 2013 1 次提交
  17. 16 2月, 2013 1 次提交
    • J
      TTY: do not update atime/mtime on read/write · b0de59b5
      Jiri Slaby 提交于 
      On http://vladz.devzero.fr/013_ptmx-timing.php, we can see how to find
out length of a password using timestamps of /dev/ptmx. It is
documented in "Timing Analysis of Keystrokes and Timing Attacks on
SSH". To avoid that problem, do not update time when reading
from/writing to a TTY.

I am afraid of regressions as this is a behavior we have since 0.97
and apps may expect the time to be current, e.g. for monitoring
whether there was a change on the TTY. Now, there is no change. So
this would better have a lot of testing before it goes upstream.

References: CVE-2013-0160
Signed-off-by: NJiri Slaby <jslaby@suse.cz>
Cc: stable <stable@vger.kernel.org> # after 3.9 is out
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      b0de59b5
  19. 14 2月, 2013 1 次提交
    • M
      s390/3270: asynchronous size sensing · 4d334fd1
      Martin Schwidefsky 提交于 
      Convert the synchronous size sense code to an interrupt driven
approach. This allows to set the device online even if the
terminal is not connected. With the new code views can be
registered without a connected terminal, the tty can be opened
as soon as the device is online. After the terminal has been
connected and the size has been determined the tty is resized
to match the device characteristics..
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>
      4d334fd1
  21. 07 2月, 2013 1 次提交
  23. 16 1月, 2013 1 次提交
  25. 22 11月, 2012 1 次提交
  27. 26 10月, 2012 1 次提交
    • C
      tty: Add get- ioctls to fetch tty status v3 · 84fd7bdf
      Cyrill Gorcunov 提交于 
      For checkpoint/restore we need to know if tty has
exclusive or packet mode set, as well as if pty
is currently locked. Just to be able to restore
this characteristics.

For this sake the following ioctl codes are introduced

 - TIOCGPKT to get packet mode state
 - TIOCGPTLCK to get Pty locked state
 - TIOCGEXCL to get Exclusive mode state

Note this ioctls are a bit unsafe in terms of data
obtained consistency. The tty characteristics might
be changed right after ioctl complete. Keep it in
mind and use this ioctl carefully.

v2:
 - Use TIOC prefix for ioctl codes (by jslaby@)
Signed-off-by: NCyrill Gorcunov <gorcunov@openvz.org>
CC: Alan Cox <alan@lxorguk.ukuu.org.uk>
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: Pavel Emelyanov <xemul@parallels.com>
CC: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      84fd7bdf
  29. 23 10月, 2012 5 次提交
  31. 27 9月, 2012 2 次提交
    • A
      make get_file() return its argument · cb0942b8
      Al Viro 提交于 
      simplifies a bunch of callers...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      cb0942b8
    • A
      new helper: iterate_fd() · c3c073f8
      Al Viro 提交于 
      iterates through the opened files in given descriptor table,
calling a supplied function; we stop once non-zero is returned.
Callback gets struct file *, descriptor number and const void *
argument passed to iterator.  It is called with files->file_lock
held, so it is not allowed to block.

tty_io, netprio_cgroup and selinux flush_unauthorized_files()
converted to its use.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      c3c073f8
  33. 07 9月, 2012 2 次提交
  35. 06 9月, 2012 1 次提交
  37. 17 8月, 2012 1 次提交
  39. 14 8月, 2012 3 次提交
  41. 11 8月, 2012 3 次提交
    • J
      TTY: pass flags to alloc_tty_driver · 7f0bc6a6
      Jiri Slaby 提交于 
      We need to allow drivers that use neither tty_port_install nor
tty_port_register_device to link a tty_port to a tty somehow.  To
avoid a race with open, this has to be performed before
tty_register_device. But currently tty_driver->ports is allocated even
in tty_register_device because we do not know whether this is the PTY
driver. The PTY driver is special here due to an excessive count of
lines it declares to handle. We cannot handle tty_ports there this
way.

To circumvent this, we start passing tty_driver flags to
alloc_tty_driver already and we create tty_alloc_driver for this
purpose. There we can allocate tty_driver->ports and do all the magic
between tty_alloc_driver and tty_register_device. Later we will
introduce tty_port_link_device function for that purpose.

All drivers should eventually switch to this new tty driver allocation
interface.
Signed-off-by: NJiri Slaby <jslaby@suse.cz>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      7f0bc6a6
    • A
      tty: localise the lock · 89c8d91e
      Alan Cox 提交于 
      The termios and other changes mean the other protections needed on the driver
tty arrays should be adequate. Turn it all back on.

This contains pieces folded in from the fixes made to the original patches

| From: Geert Uytterhoeven <geert@linux-m68k.org>	(fix m68k)
| From: Paul Gortmaker <paul.gortmaker@windriver.com>	(fix cris)
| From: Jiri Kosina <jkosina@suze.cz>			(lockdep)
| From: Eric Dumazet <eric.dumazet@gmail.com>		(lockdep)
Signed-off-by: NAlan Cox <alan@linux.intel.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      89c8d91e
    • D
      tty: handle NULL parameters in free_tty_struct() · dc6802a7
      Dan Carpenter 提交于 
      We sometimes pass NULL pointers to free_tty_struct().  One example where
it can happen is in the error handling code in pty_common_install().
Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      dc6802a7