[PATCH] Don't call TIOCGWINSZ on non-ttys
Add Reply
Nick Kralevich
2018-10-20 15:31:36 UTC
Prior to calling TIOCGWINSZ on stdin/stdout/stderr, check to see if the
file descriptor is a tty. Calling TIOCGWINSZ on a non-tty doesn't make
any sense.

Calling TIOCGWINSZ on a non-tty is mildly problematic for systems like
Android where strict ioctl filtering is in place, and generates SELinux
audit noise.

Strict ioctl filtering for non-filesystem fifo_files (eg pipe() or
pipe2() generated pipes) was enabled in Android in commit

Steps to reproduce:
* Run "echo foo | ls"

* No SELinux denials on Android with strict ioctl filtering enabled

* An SELinux denial of the form:

type=1400 audit(1540046406.055:1357): avc: denied { ioctl }
for comm="ls" path="pipe:[332719]" dev="pipefs" ino=332719
ioctlcmd=0x5413 scontext=u:r:shell:s0 tcontext=u:r:shell:s0
tclass=fifo_file permissive=0

type=1400 audit(0.0:46): avc: denied { ioctl } for comm="ls"
path="pipe:[196102]" dev="pipefs" ino=196102 ioctlcmd=0x5413
tclass=fifo_file permissive=0 app=com.microsoft.office.outlook

(ioctl 0x5413 is TIOCGWINSZ)

Signed-off-by: Nick Kralevich <***@google.com>
lib/interestingtimes.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/interestingtimes.c b/lib/interestingtimes.c
index c3ed9f9..ffb5ab5 100644
--- a/lib/interestingtimes.c
+++ b/lib/interestingtimes.c
@@ -27,7 +27,7 @@ int terminal_size(unsigned *xx, unsigned *yy)
// stdin, stdout, stderr
for (i=0; i<3; i++) {
memset(&ws, 0, sizeof(ws));
- if (!ioctl(i, TIOCGWINSZ, &ws)) {
+ if (isatty(i) && !ioctl(i, TIOCGWINSZ, &ws)) {
if (ws.ws_col) x = ws.ws_col;
if (ws.ws_row) y = ws.ws_row;