From 2cd19499a0ab85e2c48e397a53a1bad0f025c31c Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 17 Jul 2024 15:06:27 +0200 Subject: [PATCH] tree-wide: acquire /dev/console lock around any attempts to reset TTY --- src/basic/terminal-util.c | 14 ++++++++++++++ src/basic/terminal-util.h | 1 + src/core/exec-invoke.c | 4 ++++ src/firstboot/firstboot.c | 2 +- src/home/homectl.c | 2 +- .../tty-ask-password-agent.c | 2 +- 6 files changed, 22 insertions(+), 3 deletions(-) diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c index 93f356bde06..058f8df1097 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c @@ -599,6 +599,10 @@ void reset_dev_console_fd(int fd, bool switch_to_text) { assert(fd >= 0); + _cleanup_close_ int lock_fd = lock_dev_console(); + if (lock_fd < 0) + log_debug_errno(lock_fd, "Failed to lock /dev/console, ignoring: %m"); + r = terminal_reset_ioctl(fd, switch_to_text); if (r < 0) log_warning_errno(r, "Failed to reset /dev/console, ignoring: %m"); @@ -1592,6 +1596,16 @@ int terminal_reset_defensive(int fd, bool switch_to_text) { return r; } +int terminal_reset_defensive_locked(int fd, bool switch_to_text) { + assert(fd >= 0); + + _cleanup_close_ int lock_fd = lock_dev_console(); + if (lock_fd < 0) + log_debug_errno(lock_fd, "Failed to acquire lock for /dev/console, ignoring: %m"); + + return terminal_reset_defensive(fd, switch_to_text); +} + void termios_disable_echo(struct termios *termios) { assert(termios); diff --git a/src/basic/terminal-util.h b/src/basic/terminal-util.h index 3cf0ff98485..84d4731ea8b 100644 --- a/src/basic/terminal-util.h +++ b/src/basic/terminal-util.h @@ -30,6 +30,7 @@ bool isatty_safe(int fd); int terminal_reset_defensive(int fd, bool switch_to_text); +int terminal_reset_defensive_locked(int fd, bool switch_to_text); int terminal_set_cursor_position(int fd, unsigned row, unsigned column); diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c index 2521e940c9b..4c6f35827cb 100644 --- a/src/core/exec-invoke.c +++ b/src/core/exec-invoke.c @@ -660,6 +660,10 @@ static int setup_confirm_stdio( if (fd < 0) return fd; + _cleanup_close_ int lock_fd = lock_dev_console(); + if (lock_fd < 0) + log_debug_errno(lock_fd, "Failed to lock /dev/console, ignoring: %m"); + r = chown_terminal(fd, getuid()); if (r < 0) return r; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index 86aa8e8c181..c70bfa468fd 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -133,7 +133,7 @@ static void print_welcome(int rfd) { pn = os_release_pretty_name(pretty_name, os_name); ac = isempty(ansi_color) ? "0" : ansi_color; - (void) terminal_reset_defensive(STDOUT_FILENO, /* switch_to_text= */ false); + (void) terminal_reset_defensive_locked(STDOUT_FILENO, /* switch_to_text= */ false); if (colors_enabled()) printf("\nWelcome to your new installation of \x1B[%sm%s\x1B[0m!\n", ac, pn); diff --git a/src/home/homectl.c b/src/home/homectl.c index 8022694f704..a71548439e2 100644 --- a/src/home/homectl.c +++ b/src/home/homectl.c @@ -2438,7 +2438,7 @@ static int create_interactively(void) { (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password); - (void) terminal_reset_defensive(STDOUT_FILENO, /* switch_to_text= */ false); + (void) terminal_reset_defensive_locked(STDOUT_FILENO, /* switch_to_text= */ false); for (;;) { username = mfree(username); diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index b411c9c309d..4b1e8487490 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -150,7 +150,7 @@ static int agent_ask_password_tty( if (tty_fd < 0) return log_error_errno(tty_fd, "Failed to acquire %s: %m", con); - (void) terminal_reset_defensive(tty_fd, /* switch_to_text= */ true); + (void) terminal_reset_defensive_locked(tty_fd, /* switch_to_text= */ true); log_info("Starting password query on %s.", con); } -- 2.47.3