On Sun, Jul 02, 2023 at 01:59:18AM +0200, Samuel Thibault wrote:
> 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled") broke BRLTTY's
> ability to simulate keypresses on the console, thus effectively breaking
> braille keyboards of blind users.
>
> This restores the TIOCSTI feature for CAP_SYS_ADMIN processes, which
> BRLTTY is, thus fixing braille keyboards without re-opening the security
> issue.
>
> Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>
> Fixes: 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled")
Based on the design of brltty, this appears to be the only solution. I
remain surprised that FreeBSD had no brltty support, which is why they
didn't run into this problem.
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
-Kees
>
> Index: linux-6.4/drivers/tty/tty_io.c
> ===================================================================
> --- linux-6.4.orig/drivers/tty/tty_io.c
> +++ linux-6.4/drivers/tty/tty_io.c
> @@ -2276,7 +2276,7 @@ static int tiocsti(struct tty_struct *tt
> char ch, mbz = 0;
> struct tty_ldisc *ld;
>
> - if (!tty_legacy_tiocsti)
> + if (!tty_legacy_tiocsti && !capable(CAP_SYS_ADMIN))
> return -EIO;
>
> if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
--
Kees Cook
