tty: Sanitize tty parasite-side dumping

Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

tty: Sanitize tty parasite-side dumping
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
33c0add2 · Pavel Emelyanov · 9fb384f9 · 33c0add2 · 33c0add2 · 33c0add2
Commit 33c0add2 authored Oct 15, 2012 by Pavel Emelyanov
Showing with 19 additions and 39 deletions

parasite-syscall.h include/parasite-syscall.h +1 -3

parasite.h include/parasite.h +1 -1

parasite-syscall.c parasite-syscall.c +7 -5

parasite.c parasite.c +3 -3

tty.c tty.c +7 -27

No files found.
--- a/include/parasite-syscall.h
+++ b/include/parasite-syscall.h
@@ -22,8 +22,6 @@ struct parasite_ctl {
 	int			tsock;					/* transport socket for transfering fds */
 };

-extern void *parasite_args(struct parasite_ctl *ctl, int args_size);
-
 struct cr_fdset;
 struct list_head;

@@ -51,6 +49,6 @@ extern int parasite_cure_seized(struct parasite_ctl *ctl);
 extern struct parasite_ctl *parasite_infect_seized(pid_t pid,
 						   struct list_head *vma_area_list);

-extern int parasite_dump_tty(struct parasite_ctl *ctl);
+extern struct parasite_tty_args *parasite_dump_tty(struct parasite_ctl *ctl, int fd);

 #endif /* PARASITE_SYSCALL_H_ */
--- a/include/parasite.h
+++ b/include/parasite.h
@@ -106,7 +106,7 @@ static inline int drain_fds_size(struct parasite_drain_fd *dfds)
 	return sizeof(dfds->nr_fds) + dfds->nr_fds * sizeof(dfds->fds[0]);
 }

-struct parasite_dump_tty {
+struct parasite_tty_args {
 	int	fd;

 	int	sid;

--- a/parasite-syscall.c
+++ b/parasite-syscall.c
@@ -223,7 +223,7 @@ err:
 	return ret;
 }

-void *parasite_args(struct parasite_ctl *ctl, int args_size)
+static void *parasite_args(struct parasite_ctl *ctl, int args_size)
 {
 	BUG_ON(args_size > PARASITE_ARG_SIZE);
 	return ctl->addr_args;
@@ -532,15 +532,17 @@ int parasite_dump_misc_seized(struct parasite_ctl *ctl, struct parasite_dump_mis
 	return 0;
 }

-int parasite_dump_tty(struct parasite_ctl *ctl)
+struct parasite_tty_args *parasite_dump_tty(struct parasite_ctl *ctl, int fd)
 {
-	struct parasite_dump_tty *p;
+	struct parasite_tty_args *p;

 	p = parasite_args(ctl, sizeof(*p));
+	p->fd = fd;
+
 	if (parasite_execute(PARASITE_CMD_DUMP_TTY, ctl) < 0)
-		return -1;
+		return NULL;

-	return 0;
+	return p;
 }

 int parasite_dump_creds(struct parasite_ctl *ctl, CredsEntry *ce)

--- a/parasite.c
+++ b/parasite.c
@@ -452,7 +452,7 @@ out_send_fd:
 	return ret;
 }

-static int parasite_dump_tty(struct parasite_dump_tty *args)
+static int parasite_dump_tty(struct parasite_tty_args *args)
 {
 	int ret;

@@ -520,7 +520,7 @@ int __used parasite_service(unsigned int cmd, void *args)
 	BUILD_BUG_ON(sizeof(struct parasite_dump_misc) > PARASITE_ARG_SIZE);
 	BUILD_BUG_ON(sizeof(struct parasite_dump_tid_info) > PARASITE_ARG_SIZE);
 	BUILD_BUG_ON(sizeof(struct parasite_drain_fd) > PARASITE_ARG_SIZE);
-	BUILD_BUG_ON(sizeof(struct parasite_dump_tty) > PARASITE_ARG_SIZE);
+	BUILD_BUG_ON(sizeof(struct parasite_tty_args) > PARASITE_ARG_SIZE);

 	pr_info("Parasite cmd %d/%x process\n", cmd, cmd);

@@ -552,7 +552,7 @@ int __used parasite_service(unsigned int cmd, void *args)
 	case PARASITE_CMD_GET_PROC_FD:
 		return parasite_get_proc_fd();
 	case PARASITE_CMD_DUMP_TTY:
-		return parasite_dump_tty((struct parasite_dump_tty *)args);
+		return parasite_dump_tty((struct parasite_tty_args *)args);
 	}

 	pr_err("Unknown command to parasite\n");

--- a/tty.c
+++ b/tty.c
@@ -313,27 +313,6 @@ static int lock_pty(int fd)
 	return 0;
 }

-static int tty_get_sid_pgrp(const struct fd_parms *p, int major,
-			    int *sid, int *pgrp, bool *hangup)
-{
-	struct parasite_dump_tty *args = parasite_args(p->ctl, sizeof(*args));
-	int ret;
-
-	*args = (struct parasite_dump_tty) {
-		.fd = p->fd,
-	};
-
-	ret = parasite_dump_tty(p->ctl);
-	if (ret)
-		return -1;
-
-	*sid = args->sid;
-	*pgrp = args->pgrp;
-	*hangup = args->hangup;
-
-	return 0;
-}
-
 static int tty_set_sid(int fd)
 {
 	if (ioctl(fd, TIOCSCTTY, 1)) {
@@ -909,12 +888,12 @@ static int dump_pty_info(int lfd, u32 id, const struct fd_parms *p, int major, i
 	TermiosEntry termios_locked	= TERMIOS_ENTRY__INIT;
 	WinsizeEntry winsize		= WINSIZE_ENTRY__INIT;
 	TtyPtyEntry pty			= TTY_PTY_ENTRY__INIT;
+	struct parasite_tty_args *pti;

-	bool hangup = false;
 	struct termios t;
 	struct winsize w;

-	int ret = -1, sid, pgrp;
+	int ret = -1;

 	/*
 	 * Make sure the structures the system provides us
@@ -924,13 +903,14 @@ static int dump_pty_info(int lfd, u32 id, const struct fd_parms *p, int major, i
 	BUILD_BUG_ON(sizeof(termios.c_cc) != sizeof(void *));
 	BUILD_BUG_ON((sizeof(termios.c_cc) * TERMIOS_NCC) < sizeof(t.c_cc));

-	if (tty_get_sid_pgrp(p, major, &sid, &pgrp, &hangup))
+	pti = parasite_dump_tty(p->ctl, p->fd);
+	if (!pti)
 		return -1;

 	info.id			= id;
 	info.type		= TTY_TYPE__PTY;
-	info.sid		= sid;
-	info.pgrp		= pgrp;
+	info.sid		= pti->sid;
+	info.pgrp		= pti->pgrp;
 	info.rdev		= p->stat.st_rdev;
 	info.pty		= &pty;

@@ -941,7 +921,7 @@ static int dump_pty_info(int lfd, u32 id, const struct fd_parms *p, int major, i
 	 * just write out minimum information we can
 	 * gather.
 	 */
-	if (hangup)
+	if (pti->hangup)
 		return pb_write_one(fdset_fd(glob_fdset, CR_FD_TTY_INFO), &info, PB_TTY_INFO);

 	/*