drivers/tty/vt/vt_ioctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
In vt_ioctl(), the handler for VT_RESIZE always returns 0, which prevents
users from detecting errors. Add the missing return value so that errors
can be properly reported to users like vt_resizex().
Signed-off-by: Zizhi Wo <wozizhi@huaweicloud.com>
---
drivers/tty/vt/vt_ioctl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c
index c9f11c4bd9fe..28993a3d0acb 100644
--- a/drivers/tty/vt/vt_ioctl.c
+++ b/drivers/tty/vt/vt_ioctl.c
@@ -908,7 +908,9 @@ int vt_ioctl(struct tty_struct *tty,
if (vc) {
/* FIXME: review v tty lock */
- __vc_resize(vc_cons[i].d, cc, ll, true);
+ ret = __vc_resize(vc_cons[i].d, cc, ll, true);
+ if (ret)
+ return ret;
}
}
break;
--
2.39.2On 04. 09. 25, 4:39, Zizhi Wo wrote:
> In vt_ioctl(), the handler for VT_RESIZE always returns 0, which prevents
> users from detecting errors. Add the missing return value so that errors
> can be properly reported to users like vt_resizex().
>
> Signed-off-by: Zizhi Wo <wozizhi@huaweicloud.com>
> ---
> drivers/tty/vt/vt_ioctl.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c
> index c9f11c4bd9fe..28993a3d0acb 100644
> --- a/drivers/tty/vt/vt_ioctl.c
> +++ b/drivers/tty/vt/vt_ioctl.c
> @@ -908,7 +908,9 @@ int vt_ioctl(struct tty_struct *tty,
>
> if (vc) {
> /* FIXME: review v tty lock */
> - __vc_resize(vc_cons[i].d, cc, ll, true);
> + ret = __vc_resize(vc_cons[i].d, cc, ll, true);
> + if (ret)
> + return ret;
The change looks good per se. But I wonder if userspace users do handle
or ignore errors? Have you checked any of them?
thanks,
--
js
suse labs
在 2025/9/8 14:50, Jiri Slaby 写道:
> On 04. 09. 25, 4:39, Zizhi Wo wrote:
>> In vt_ioctl(), the handler for VT_RESIZE always returns 0, which prevents
>> users from detecting errors. Add the missing return value so that errors
>> can be properly reported to users like vt_resizex().
>>
>> Signed-off-by: Zizhi Wo <wozizhi@huaweicloud.com>
>> ---
>> drivers/tty/vt/vt_ioctl.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c
>> index c9f11c4bd9fe..28993a3d0acb 100644
>> --- a/drivers/tty/vt/vt_ioctl.c
>> +++ b/drivers/tty/vt/vt_ioctl.c
>> @@ -908,7 +908,9 @@ int vt_ioctl(struct tty_struct *tty,
>> if (vc) {
>> /* FIXME: review v tty lock */
>> - __vc_resize(vc_cons[i].d, cc, ll, true);
>> + ret = __vc_resize(vc_cons[i].d, cc, ll, true);
>> + if (ret)
>> + return ret;
>
> The change looks good per se. But I wonder if userspace users do handle
> or ignore errors? Have you checked any of them?
>
> thanks,
Thanks for the question.
In fact, I discovered this while reproducing a syzkaller issue[1]
myself. When I executed ioctl(tty_fd, KDFONTOP, &op) (setting the width
and height fields to some extremely unreasonable values), there was no
error reported, but the expected result did not occur—that is, the size
was not actually changed.
So, I looked into the code and found that width and height must meet
certain criteria and constraints. However, because the ioctl call here
did not check the return value of __vc_resize(), I was unable to quickly
identify this issue.
I haven’t checked whether other userspace code would check this return
value. However, even if some userspace programs currently ignore the
return value, I think it's still beneficial for the kernel to return
accurate error codes? This makes debugging easier and allows future
tools or developers to rely on correct behavior.
[1] https://lore.kernel.org/all/20250905024340.337521-1-
wozizhi@huaweicloud.com/
Thanks,
Zizhi Wo
© 2016 - 2025 Red Hat, Inc.