Subject: Re: revoke(2), /dev/console and /dev/ttyE0
To: David Laight <david@l8s.co.uk>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 10/13/2003 15:50:11
--6b3yLyRKT1M6kiA0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Oct 13, 2003 at 06:41:48PM +0100, David Laight wrote:
> I've found a 'little' problem with the way revoke interacts with the cons=
ole.
> Under some circumstances, not all the users of the underlying tty
> go away, which leaves the session attached to the tty.
> This stops the next getty from creating the controlling terminal - leaving
> a tty session with no stdout or stderr!
>=20
> The problem is that the console relies on the tty structure of the
> underlying terminal device.  When a revoke is done on the console, the
> underlying tty isn't affected, similarly a revoke on the underlying
> terminal won't affect the console.
>=20
> So on an i386 system where the console tty is /dev/ttyE0 if anything
> opens /dev/ttyE0 (and nothing will stop it) then it will stop getty
> on /dev/console from working properly.

Part of this issue is that permissions aren't supposed to let you do that.=
=20
So only root can get you into this mess.

Part of it is you're supposed to be using one or the other of /dev/console=
=20
or /dev/ttyXX for getty.

Oh, you do realize that if you are using /dev/console and something opens=
=20
/dev/ttyXX for reads, you have a security issue already, don't you? :-)

> I can't see anyway to fix this without putting knowlege of the
> console into genfs_revoke.

Then we need to think about this.

Have you tried it? Do you have a test case?

What's supposed to happen is that the revoke on one of the nodes will=20
wander through vgonel(), and then to vclean(, DOCLOSE, ), and eventually=20
to a VOP_CLOSE() call on the underlying device. If that close happens on=20
the console device, it will end up closing the underlying device.

I think that the place to fix this issue is actually in spec_close(). It=20
tries to do session cleanup, but I'm not sure if it gets it right. It=20
sounds like it won't get it right for the case you describe.

There's probably more we need to do but I'm not sure what it is. Thoughts=
=20
so far?

I think part of the problem is that if you are using /dev/console, you=20
aren't supposed to use /dev/ttyXX and vis versa. If both get used, bad=20
stuff happens.

Take care,

Bill

--6b3yLyRKT1M6kiA0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQE/iywjWz+3JHUci9cRAkunAJwIv2iAxKpS91PGKXDp9WUTpxSpsQCfSxKf
qgIz9og84tKehx94+ePd19Q=
=dhI+
-----END PGP SIGNATURE-----

--6b3yLyRKT1M6kiA0--