From 0ec74af9db249f3d4fed541b1c112bc0d044afc4 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de>
Date: Sat, 10 Jun 2017 03:01:47 +1000
Subject: [PATCH] ioctl_tty.2: Add TIOCGPTPEER documentation

This is an ioctl(2) recently added by myself, to allow for
container runtimes and other programs that interact with
(potentially hostile) Linux namespaces to safely create
{master,slave} pseudoterminal pairs without needing to open
potentially unsafe /dev/pts/... filenames that may be malicious
mount points or similar in an untrusted namespace (avoiding the
endless issues with ptsname(3) and similar approaches).

Cc: <containers@lists.linux-foundation.org>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/ioctl_tty.2 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/man2/ioctl_tty.2 b/man2/ioctl_tty.2
index 28a90bfc1..2ca7beea8 100644
--- a/man2/ioctl_tty.2
+++ b/man2/ioctl_tty.2
@@ -380,6 +380,21 @@ Place the current lock state of the pseudoterminal slave device
 in the location pointed to by
 .IR argp
 (since Linux 3.8).
+.TP
+.BI "TIOCGPTPEER	int " flags
+Opens and returns a new file handle to the pseudoterminal slave
+device with the given
+.BR open (2)-style
+.IR flags ,
+regardless of whether the path is accessible through the calling process's
+mount namespaces.
+
+Security-conscious programs interacting with namespaces may wish to use this
+over
+.BR open (2)
+with the path provided by
+.BR ptsname (3),
+and similar library methods that have insecure APIs (since Linux 4.13).
 .PP
 The BSD ioctls
 .BR TIOCSTOP ,