From 1d522f1a866f911980b5eaad87182bf58c58fa32 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 14 Jan 2025 12:05:05 +0100
Subject: [PATCH] terminal-util: drop support for pre-TIOCGPTPEER kernels

Our minimum baseline is now far beyond 4.13, hence let's drop these
fallback paths.
---
 README                    |  1 +
 src/basic/terminal-util.c | 33 +--------------------------------
 src/basic/terminal-util.h |  1 -
 src/machine/machine.c     |  8 +-------
 src/run/run.c             |  7 ++-----
 5 files changed, 5 insertions(+), 45 deletions(-)

diff --git a/README b/README
index 3aba52921a5..2480f10d5dc 100644
--- a/README
+++ b/README
@@ -37,6 +37,7 @@ REQUIREMENTS:
                      ≥ 4.9 for RENAME_NOREPLACE support in vfat
                      ≥ 4.10 for cgroup-bpf egress and ingress hooks
                      ≥ 4.11 for nsfs NS_GET_NSTYPE
+                     ≥ 4.13 for TIOCGPTPEER
                      ≥ 4.15 for cgroup-bpf device hook and cpu controller in cgroup v2
                      ≥ 4.17 for cgroup-bpf socket address hooks and /sys/power/resume_offset
                      ≥ 4.20 for PSI (used by systemd-oomd)
diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
index b5dc3f21b87..f1967a15c07 100644
--- a/src/basic/terminal-util.c
+++ b/src/basic/terminal-util.c
@@ -2324,7 +2324,7 @@ int terminal_is_pty_fd(int fd) {
         return true;
 }
 
-int pty_open_peer_racefree(int fd, int mode) {
+int pty_open_peer(int fd, int mode) {
         assert(fd >= 0);
 
         /* Opens the peer PTY using the new race-free TIOCGPTPEER ioctl() (kernel 4.13).
@@ -2339,9 +2339,6 @@ int pty_open_peer_racefree(int fd, int mode) {
                 if (peer_fd >= 0)
                         return peer_fd;
 
-                if (ERRNO_IS_IOCTL_NOT_SUPPORTED(errno)) /* new ioctl() is not supported, return a clear error */
-                        return -EOPNOTSUPP;
-
                 if (errno != EIO)
                         return -errno;
 
@@ -2352,31 +2349,3 @@ int pty_open_peer_racefree(int fd, int mode) {
                 (void) usleep_safe(50 * USEC_PER_MSEC);
         }
 }
-
-int pty_open_peer(int fd, int mode) {
-        int r;
-
-        assert(fd >= 0);
-
-        /* Opens the peer PTY using the new race-free TIOCGPTPEER ioctl() (kernel 4.13) if it is
-         * available. Otherwise falls back to the POSIX ptsname() + open() logic.
-         *
-         * Because of the fallback path this is not safe to be called on PTYs from other namespaces. (Because
-         * we open the peer PTY name there via a path in the file system.) */
-
-        // TODO: Remove fallback path once baseline is updated to >= 4.13, i.e. systemd v258
-
-        int peer_fd = pty_open_peer_racefree(fd, mode);
-        if (peer_fd >= 0)
-                return peer_fd;
-        if (!ERRNO_IS_NEG_NOT_SUPPORTED(peer_fd))
-                return peer_fd;
-
-        /* The racy fallback path */
-        _cleanup_free_ char *peer_path = NULL;
-        r = ptsname_malloc(fd, &peer_path);
-        if (r < 0)
-                return r;
-
-        return open_terminal(peer_path, mode);
-}
diff --git a/src/basic/terminal-util.h b/src/basic/terminal-util.h
index 7ebfe61eb4f..a9c8ba7789d 100644
--- a/src/basic/terminal-util.h
+++ b/src/basic/terminal-util.h
@@ -165,7 +165,6 @@ int terminal_fix_size(int input_fd, int output_fd);
 
 int terminal_is_pty_fd(int fd);
 
-int pty_open_peer_racefree(int fd, int mode);
 int pty_open_peer(int fd, int mode);
 
 static inline bool osc_char_is_valid(char c) {
diff --git a/src/machine/machine.c b/src/machine/machine.c
index 70714c30b48..3bb7a94ddd4 100644
--- a/src/machine/machine.c
+++ b/src/machine/machine.c
@@ -805,13 +805,7 @@ int machine_start_shell(
         if (!p || !utmp_id)
                 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Path of pseudo TTY has unexpected prefix");
 
-        /* First try to get an fd for the PTY peer via the new racefree ioctl(), directly. Otherwise go via
-         * joining the namespace, because it goes by path */
-        pty_fd = pty_open_peer_racefree(ptmx_fd, O_RDWR|O_NOCTTY|O_CLOEXEC);
-        if (ERRNO_IS_NEG_NOT_SUPPORTED(pty_fd)) {
-                log_debug_errno(pty_fd, "Failed to get PTY peer via racefree ioctl() (ptmx_fd=%d). Trying via joining the namespace (ptmx_name=%s): %m", ptmx_fd, ptmx_name);
-                pty_fd = machine_open_terminal(m, ptmx_name, O_RDWR|O_NOCTTY|O_CLOEXEC);
-        }
+        pty_fd = pty_open_peer(ptmx_fd, O_RDWR|O_NOCTTY|O_CLOEXEC);
         if (pty_fd < 0)
                 return log_debug_errno(pty_fd, "Failed to open terminal: %m");
 
diff --git a/src/run/run.c b/src/run/run.c
index 4a7a5d939c1..3f7e0a6360b 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -1964,11 +1964,8 @@ static int start_transient_service(sd_bus *bus) {
                         if (!pty_path)
                                 return log_oom();
 
-                        peer_fd = pty_open_peer_racefree(pty_fd, O_RDWR|O_NOCTTY|O_CLOEXEC);
-                        if (ERRNO_IS_NEG_NOT_SUPPORTED(peer_fd))
-                                log_debug_errno(r, "TIOCGPTPEER ioctl not available, falling back to race-ful PTY peer opening: %m");
-                                /* We do not open the peer_fd in this case, we let systemd on the remote side open it instead */
-                        else if (peer_fd < 0)
+                        peer_fd = pty_open_peer(pty_fd, O_RDWR|O_NOCTTY|O_CLOEXEC);
+                        if (peer_fd < 0)
                                 return log_debug_errno(peer_fd, "Failed to open PTY peer: %m");
 
                         // FIXME: Introduce OpenMachinePTYEx() that accepts ownership/permission as param