From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 9 Sep 2022 16:56:19 +0000 (+0900)
Subject: udev: always open with O_NOCTTY
X-Git-Tag: v252-rc1~162^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=32703bd14cc6c11354795e1c600b1618944722ae;p=thirdparty%2Fsystemd.git

udev: always open with O_NOCTTY

All files or device nodes opened here should not be console tty.
Let's open it the flags for safety.
---

diff --git a/src/udev/ata_id/ata_id.c b/src/udev/ata_id/ata_id.c
index 1fc27f4b642..f451c0d0e15 100644
--- a/src/udev/ata_id/ata_id.c
+++ b/src/udev/ata_id/ata_id.c
@@ -439,7 +439,7 @@ int main(int argc, char *argv[]) {
                 return 1;
         }
 
-        fd = open(node, O_RDONLY|O_NONBLOCK|O_CLOEXEC);
+        fd = open(node, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
         if (fd < 0) {
                 log_error("unable to open '%s'", node);
                 return 1;
diff --git a/src/udev/cdrom_id/cdrom_id.c b/src/udev/cdrom_id/cdrom_id.c
index 2d758c4082f..5945dcbbaec 100644
--- a/src/udev/cdrom_id/cdrom_id.c
+++ b/src/udev/cdrom_id/cdrom_id.c
@@ -743,7 +743,7 @@ static int open_drive(Context *c) {
         assert(c->fd < 0);
 
         for (int cnt = 0;; cnt++) {
-                fd = open(arg_node, O_RDONLY|O_NONBLOCK|O_CLOEXEC);
+                fd = open(arg_node, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
                 if (fd >= 0)
                         break;
                 if (++cnt >= 20 || errno != EBUSY)
diff --git a/src/udev/fido_id/fido_id.c b/src/udev/fido_id/fido_id.c
index a9f5f8f8a64..58a28278180 100644
--- a/src/udev/fido_id/fido_id.c
+++ b/src/udev/fido_id/fido_id.c
@@ -67,7 +67,7 @@ static int run(int argc, char **argv) {
         if (!desc_path)
                 return log_oom();
 
-        fd = open(desc_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
+        fd = open(desc_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC | O_NOCTTY);
         if (fd < 0)
                 return log_device_error_errno(hid_device, errno,
                                               "Failed to open report descriptor at '%s': %m", desc_path);
diff --git a/src/udev/mtd_probe/mtd_probe.c b/src/udev/mtd_probe/mtd_probe.c
index df1f1c173a3..d5fb64f1948 100644
--- a/src/udev/mtd_probe/mtd_probe.c
+++ b/src/udev/mtd_probe/mtd_probe.c
@@ -41,7 +41,7 @@ int main(int argc, char** argv) {
                 return EXIT_FAILURE;
         }
 
-        mtd_fd = open(argv[1], O_RDONLY|O_CLOEXEC);
+        mtd_fd = open(argv[1], O_RDONLY|O_CLOEXEC|O_NOCTTY);
         if (mtd_fd < 0) {
                 log_error_errno(errno, "Failed to open: %m");
                 return EXIT_FAILURE;
diff --git a/src/udev/scsi_id/scsi_serial.c b/src/udev/scsi_id/scsi_serial.c
index 60e2b40c27b..f1ce8601bd8 100644
--- a/src/udev/scsi_id/scsi_serial.c
+++ b/src/udev/scsi_id/scsi_serial.c
@@ -751,7 +751,7 @@ int scsi_std_inquiry(struct scsi_id_device *dev_scsi, const char *devname) {
         struct stat statbuf;
         int err = 0;
 
-        fd = open(devname, O_RDONLY | O_NONBLOCK | O_CLOEXEC);
+        fd = open(devname, O_RDONLY | O_NONBLOCK | O_CLOEXEC | O_NOCTTY);
         if (fd < 0) {
                 log_debug_errno(errno, "scsi_id: cannot open %s: %m", devname);
                 return 1;
@@ -795,7 +795,7 @@ int scsi_get_serial(struct scsi_id_device *dev_scsi, const char *devname,
         for (cnt = 20; cnt > 0; cnt--) {
                 struct timespec duration;
 
-                fd = open(devname, O_RDONLY | O_NONBLOCK | O_CLOEXEC);
+                fd = open(devname, O_RDONLY | O_NONBLOCK | O_CLOEXEC | O_NOCTTY);
                 if (fd >= 0 || errno != EBUSY)
                         break;
                 duration.tv_sec = 0;
diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c
index f992c8f4c5d..6de470c71dd 100644
--- a/src/udev/udev-builtin-blkid.c
+++ b/src/udev/udev-builtin-blkid.c
@@ -310,7 +310,7 @@ static int builtin_blkid(sd_device *dev, sd_netlink **rtnl, int argc, char *argv
         if (r < 0)
                 return log_device_debug_errno(dev, r, "Failed to get device name: %m");
 
-        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
+        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (fd < 0) {
                 bool ignore = ERRNO_IS_DEVICE_ABSENT(fd);
                 log_device_debug_errno(dev, fd, "Failed to open block device %s%s: %m",
diff --git a/src/udev/udev-builtin-btrfs.c b/src/udev/udev-builtin-btrfs.c
index f9d4f1dd4ef..8cd627807f9 100644
--- a/src/udev/udev-builtin-btrfs.c
+++ b/src/udev/udev-builtin-btrfs.c
@@ -21,7 +21,7 @@ static int builtin_btrfs(sd_device *dev, sd_netlink **rtnl, int argc, char *argv
         if (argc != 3 || !streq(argv[1], "ready"))
                 return log_device_error_errno(dev, SYNTHETIC_ERRNO(EINVAL), "Invalid arguments");
 
-        fd = open("/dev/btrfs-control", O_RDWR|O_CLOEXEC);
+        fd = open("/dev/btrfs-control", O_RDWR|O_CLOEXEC|O_NOCTTY);
         if (fd < 0) {
                 if (ERRNO_IS_DEVICE_ABSENT(errno)) {
                         /* Driver not installed? Then we aren't ready. This is useful in initrds that lack
diff --git a/src/udev/udev-builtin-input_id.c b/src/udev/udev-builtin-input_id.c
index 6da8ad85bb0..07421202483 100644
--- a/src/udev/udev-builtin-input_id.c
+++ b/src/udev/udev-builtin-input_id.c
@@ -50,7 +50,7 @@ static void extract_info(sd_device *dev, bool test) {
         struct input_absinfo xabsinfo = {}, yabsinfo = {};
         _cleanup_close_ int fd = -1;
 
-        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
+        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (fd < 0)
                 return;
 
diff --git a/src/udev/udev-builtin-usb_id.c b/src/udev/udev-builtin-usb_id.c
index eb326612555..d94718f4680 100644
--- a/src/udev/udev-builtin-usb_id.c
+++ b/src/udev/udev-builtin-usb_id.c
@@ -158,7 +158,7 @@ static int dev_if_packed_info(sd_device *dev, char *ifs_str, size_t len) {
                 return r;
 
         filename = strjoina(syspath, "/descriptors");
-        fd = open(filename, O_RDONLY|O_CLOEXEC);
+        fd = open(filename, O_RDONLY|O_CLOEXEC|O_NOCTTY);
         if (fd < 0)
                 return log_device_debug_errno(dev, errno, "Failed to open \"%s\": %m", filename);
 
diff --git a/src/udev/udevadm-lock.c b/src/udev/udevadm-lock.c
index a3be2336afe..35e9999c015 100644
--- a/src/udev/udevadm-lock.c
+++ b/src/udev/udevadm-lock.c
@@ -180,7 +180,7 @@ static int lock_device(
         struct stat st;
         int r;
 
-        fd = open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
+        fd = open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (fd < 0)
                 return log_error_errno(errno, "Failed to open '%s': %m", path);
 
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index c2a4a8a7bd6..5316adf6ec4 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -544,7 +544,7 @@ static int worker_lock_whole_disk(sd_device *dev, int *ret_fd) {
         if (r == 0)
                 goto nolock;
 
-        fd = sd_device_open(dev_whole_disk, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
+        fd = sd_device_open(dev_whole_disk, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (fd < 0) {
                 bool ignore = ERRNO_IS_DEVICE_ABSENT(fd);
 
@@ -599,7 +599,7 @@ static int worker_mark_block_device_read_only(sd_device *dev) {
         if (STARTSWITH_SET(val, "dm-", "md", "drbd", "loop", "nbd", "zram"))
                 return 0;
 
-        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
+        fd = sd_device_open(dev, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (fd < 0)
                 return log_device_debug_errno(dev, fd, "Failed to open '%s', ignoring: %m", val);