FS#77745 - Please enable CONFIG_LEGACY_TIOCSTI as per the kernel default

Attached to Project: Arch Linux
Opened by Storm (stormdragon2976) - Monday, 06 March 2023, 17:43 GMT
Last edited by Toolybird (Toolybird) - Wednesday, 15 March 2023, 03:04 GMT
Task Type Feature Request
Category Kernel
Status Closed
Assigned To Jan Alexander Steffens (heftig)
Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

While testing a bug fix in kernel 6.2, I noticed that TIOCSTI is disabled by default now. Some accessibility software such as the Fenrir screen reader depends on this functionality. I also discovered that it cannot yet be turned back on with a sysctl command, but that should be fixed soon. It was suggested that I open a ticket here and request that it be enabled by default because that's the default for the kernel itself. The excerpt from the email is below.

Additional info:

Maybe it would also make sense to open a ticket to ArchLinux to enable
CONFIG_LEGACY_TIOCSTI again, as per the kernel default.

In accordance with the options help text:

"Say 'Y here only if you have confirmed that yout system's userspace
depends on this functionality to continue operating normally"

Could you create such a ticket if think it's necessary?


* package version(s)

linux 6.2+

* config and/or log files etc.
* link to upstream bug report, if any

Steps to reproduce:

#!/bin/python3
import termios
import fcntl

def injectTextToScreen(text):
useScreen = "/dev/tty5"
with open(useScreen, 'w') as fd:
for c in text:
fcntl.ioctl(fd, termios.TIOCSTI, c)

injectTextToScreen('this is a test that works')
This task depends upon

Closed by  Toolybird (Toolybird)
Wednesday, 15 March 2023, 03:04 GMT
Reason for closing:  Fixed
Additional comments about closing:  linux 6.2.6.arch1-1
Comment by Levente Polyak (anthraxx) - Monday, 06 March 2023, 18:52 GMT
This shouldn't be enabled by default. Once the sysctl is fixed (any upstream reference where its broken?) thats the way such functionality should be opted-in on a case by case basis.

The option help text also provides this addition if we quote everything from it.
Historically the kernel has allowed TIOCSTI, which will push characters into a controlling TTY. This continues to be used as a malicious privilege escalation mechanism, and provides no meaningful real-world utility any more. Its use is considered a dangerous legacy operation, and can be disabled on most systems.
Comment by loqs (loqs) - Monday, 06 March 2023, 19:07 GMT
I think the fix / discussion is [1] which is queued for 6.2.3 [2].

[1] https://lore.kernel.org/lkml/20230210145823.756906-1-omosnace%40redhat.com/
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/queue-6.2/sysctl-fix-proc_dobool-usability.patch?id=36ab87b7c2443d02df9bded4736ebaf130066113
Comment by loqs (loqs) - Sunday, 12 March 2023, 16:02 GMT
Are you able to use the dev.tty.legacy_tiocsti sysctl on linux 6.2.3+ to enable the desired functionality?
Comment by Maniaxx (Maniaxx) - Tuesday, 14 March 2023, 18:31 GMT
As of 6.2.6 the 'sysctl' is working.
Comment by Storm (stormdragon2976) - Tuesday, 14 March 2023, 23:02 GMT
I tried 6.2.6 today and can confirm, it does in deed work now.

Loading...