svn commit: r200732 - in head/sys: fs/devfs kern sys
Kostik Belousov
kostikbel at gmail.com
Sat Dec 19 18:55:02 UTC 2009
On Sat, Dec 19, 2009 at 06:42:12PM +0000, Ed Schouten wrote:
> Author: ed
> Date: Sat Dec 19 18:42:12 2009
> New Revision: 200732
> URL: http://svn.freebsd.org/changeset/base/200732
>
> Log:
> Let access overriding to TTYs depend on the cdev_priv, not the vnode.
>
> Basically this commit changes two things, which improves access to TTYs
> in exceptional conditions. Basically the problem was that when you ran
> jexec(8) to attach to a jail, you couldn't use /dev/tty (well, also the
> node of the actual TTY, e.g. /dev/pts/X). This is very inconvenient if
> you want to attach to screens quickly, use ssh(1), etc.
>
> The fixes:
>
> - Cache the cdev_priv of the controlling TTY in struct session. Change
> devfs_access() to compare against the cdev_priv instead of the vnode.
> This allows you to bypass UNIX permissions, even across different
> mounts of devfs.
>
> - Extend devfs_prison_check() to unconditionally expose the device node
> of the controlling TTY, even if normal prison nesting rules normally
> don't allow this. This actually allows you to interact with this
> device node.
>
> To be honest, I'm not really happy with this solution. We now have to
> store three pointers to a controlling TTY (s_ttyp, s_ttyvp, s_ttydp).
> In an ideal world, we should just get rid of the latter two and only use
> s_ttyp, but this makes certian pieces of code very impractical (e.g.
> devfs, kern_exit.c).
Note that struct devfs_dirent is available as vp->v_data, and
devfs_dirent' de_cdp member contains pointer to cdev_priv. I think this
would allow to remove s_ttydp.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/svn-src-all/attachments/20091219/d46adc8f/attachment.pgp
More information about the svn-src-all
mailing list