Commit e98d4137 authored by Eric W. Biederman's avatar Eric W. Biederman Committed by Greg Kroah-Hartman

devpts: Change the owner of /dev/pts/ptmx to the mounter of /dev/pts

In 99.99% of the cases only root in a user namespace can mount /dev/pts
and in those cases the owner of /dev/pts/ptmx will remain root.root

In the oddball case where someone else has CAP_SYS_ADMIN this code
modifies the /dev/pts mount code to use current_fsuid and current_fsgid
as the values to use when creating the /dev/ptmx inode.  As is done
when any other file is created.

This is a code simplification, and it allows running without a root
user entirely.
Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 6bd1d875
...@@ -272,13 +272,8 @@ static int mknod_ptmx(struct super_block *sb) ...@@ -272,13 +272,8 @@ static int mknod_ptmx(struct super_block *sb)
struct dentry *root = sb->s_root; struct dentry *root = sb->s_root;
struct pts_fs_info *fsi = DEVPTS_SB(sb); struct pts_fs_info *fsi = DEVPTS_SB(sb);
struct pts_mount_opts *opts = &fsi->mount_opts; struct pts_mount_opts *opts = &fsi->mount_opts;
kuid_t root_uid; kuid_t ptmx_uid = current_fsuid();
kgid_t root_gid; kgid_t ptmx_gid = current_fsgid();
root_uid = make_kuid(current_user_ns(), 0);
root_gid = make_kgid(current_user_ns(), 0);
if (!uid_valid(root_uid) || !gid_valid(root_gid))
return -EINVAL;
inode_lock(d_inode(root)); inode_lock(d_inode(root));
...@@ -309,8 +304,8 @@ static int mknod_ptmx(struct super_block *sb) ...@@ -309,8 +304,8 @@ static int mknod_ptmx(struct super_block *sb)
mode = S_IFCHR|opts->ptmxmode; mode = S_IFCHR|opts->ptmxmode;
init_special_inode(inode, mode, MKDEV(TTYAUX_MAJOR, 2)); init_special_inode(inode, mode, MKDEV(TTYAUX_MAJOR, 2));
inode->i_uid = root_uid; inode->i_uid = ptmx_uid;
inode->i_gid = root_gid; inode->i_gid = ptmx_gid;
d_add(dentry, inode); d_add(dentry, inode);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment