It is unexpected for an unprivileged process to gain privs by
typing to root's tty:
$ cat installer
#!/bin/sh
whoami
/usr/sbin/sti /dev/tty whoami\\n
$ su unprivileged -c ./installer
unprivileged
$ whoami
root
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control or a pty
that is not being read do not hang indefinitely. Should fix PRs
kern/12534 and kern/17171. This is an updated version of the change
of tty.c 1.263.
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control do not
hang indefinitely. Should fix PR kern/12534. OK christos.
These modules are the core of the tty code that in the long term needs
access to struct tty. (It may be that in the future this can be cut
back to just tty.c; we'll see. For now I'll settle for keeping drivers
out of struct tty.)
which defaults to 1024 as before.
- Add two ioctls TIOC{G,S}QSIZE to read and adjust the queue size on
individual ptys.
NB: ttys (and ptys) still silently (or beepingly (IMAXBEL)) drop
characters if the queue size is exceeded. I.e. you can appear
to succeed writing to the {p,t}ty, but not all characters will
have made it if the queue overflows. CVS:
sys/stdarg.h and expect compiler to provide proper builtins, defaulting
to the GCC interface. lint still has a special fallback.
Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and
derive va_list as required by standards.
In ptcwakeup() do not bother to wake up a client side if it has not been
opened yet.
The old code would spuriously wakeup the client minor(0) [i.e. ttyp0
typically] or crash the kernel if that wasn't open, see PR kern/40688.
(Old names used to match the PR and test case, adjust names for
/dev/ptm[x] resp. /dev/pts/* accordingly)
and the metadata required to interpret it. Callers of namei must now
create a pathbuf and pass it to NDINIT (instead of a string and a
uio_seg), then destroy the pathbuf after the namei session is
complete.
Update all namei call sites accordingly. Add a pathbuf(9) man page and
update namei(9).
The pathbuf interface also now appears in a couple of related
additional places that were passing string/uio_seg pairs that were
later fed into NDINIT. Update other call sites accordingly.
Rename real routines to proc_find() and pgrp_find(), remove PFIND_* flags
and have consistent behaviour. Provide proc_find_raw() for special cases.
Fix memory leak in sysctl_proc_corename().
COMPAT_LINUX: rework ptrace() locking, minimise differences between
different versions per-arch.
Note: while this change adds some formal cosmetics for COMPAT_DARWIN and
COMPAT_IRIX - locking there is utterly broken (for ages).
Fixes PR/43176.
Most times we've come through spec_read() which has already done the test,
but not always (eg pty with ptsfs mounted).
Without this there is a simple local-user panic in ureadc().
Noted Matthew Mondor on tech-kern.
and vtime > 0. It should be allowed to go to sleep for the sleep interval
indicated in vtime. Reported by der Mouse a long while ago, and this is what
other unixes do.
proc_enterpgrp() with proc_leavepgrp() to free process group and/or
session without proc_lock held.
- Rename SESSHOLD() and SESSRELE() to to proc_sesshold() and
proc_sessrele(). The later releases proc_lock now.
Quick OK by <ad>.
type/status/etc inquiries. (PR kern/37915)
This is clearly a design problem in tty, but we need a cheap fix now.
The problem is that ttyinput() tries to pull a spinlock which
is already held on calls to t_oproc.
The workaround is based on the fact that within wscons code, the
wsdisplay_emulinput() function is only called directly from
wsdisplaystart(). So we can be sure that the tty lock is held,
and use an inofficial entry point in ttc.c which avoids the locking.
These ate certainly more assumptions than needed by the fix
proposed in the PR, but it doesn't affect (and slow down) other
tty drivers.
into modules. By and large this commit:
- shuffles header files and ifdefs
- splits code out where necessary to be modular
- adds module glue for each of the components
- adds/replaces hooks for things that can be installed at runtime
