From: Zizhi Wo wozizhi@huaweicloud.com
[ Upstream commit da7e8b3823962b13e713d4891e136a261ed8e6a2 ]
In vt_ioctl(), the handler for VT_RESIZE always returns 0, which prevents users from detecting errors. Add the missing return value so that errors can be properly reported to users like vt_resizex().
Signed-off-by: Zizhi Wo wozizhi@huaweicloud.com Link: https://lore.kernel.org/r/20250904023955.3892120-1-wozizhi@huaweicloud.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Sasha Levin sashal@kernel.org ---
LLM Generated explanations, may be completely bogus:
YES
- What it fixes: VT_RESIZE ioctl silently masked errors. In the VT_RESIZE handler, the kernel invoked `__vc_resize(...)` but ignored its return value and then fell through to the function’s final `return 0`, making user space believe resize always succeeded even when it failed (e.g., allocation failure, invalid dimensions, or driver refusal). The patch propagates the error so users can detect failures.
- Precise change: In `drivers/tty/vt/vt_ioctl.c:911`, the VT_RESIZE path now captures and checks the return from `__vc_resize(...)`: - Before: `__vc_resize(vc_cons[i].d, cc, ll, true);` then `break` → function ending `return 0`. - After: `ret = __vc_resize(vc_cons[i].d, cc, ll, true); if (ret) return ret;` ensuring a proper error code is returned to userspace on failure. - Context: `guard(console_lock)();` wraps the loop; early returns correctly release the console lock via the cleanup guard (include/linux/console.h:669, include/linux/cleanup.h:390).
- Consistency with VT_RESIZEX: `VT_RESIZEX` already reports errors, directly returning the error from `__vc_resize()`, as seen in `drivers/tty/vt/vt_ioctl.c:662` (inside `vt_resizex`) and the VT_RESIZEX case path `drivers/tty/vt/vt_ioctl.c:919`. This patch brings VT_RESIZE in line with VT_RESIZEX behavior, improving interface consistency.
- Error sources now visible to users: - `__vc_resize()` simply forwards the result of `vc_do_resize(...)` (`drivers/tty/vt/vt.c:1300`), so errors like: - `-EINVAL` for invalid sizes (e.g., exceeding limits) in `vc_do_resize` (`drivers/tty/vt/vt.c:1141` start; early checks inside return `-EINVAL`). - `-ENOMEM` for allocation failures in `vc_do_resize` (kzalloc failure in that function). - Driver-specific failures from `con_resize` via `resize_screen(...)`, which `vc_do_resize` propagates. - These conditions were previously hidden from users when using VT_RESIZE.
- Scope and risk: - Small, contained change in a single file and single switch-case path (`drivers/tty/vt/vt_ioctl.c`). - No API or ABI changes; only error return propagation. - Locks remain correct: early returns under `guard(console_lock)()` still release the lock via scope-based cleanup. - Behavior on success remains unchanged (still returns 0). - The change may expose previously masked errors to userspace, but that aligns with kernel/user ABI expectations for ioctls and matches VT_RESIZEX.
- Stable policy fit: - Fixes a real user-visible bug (silent success on failure). - Minimal and low-risk; no architectural changes. - Confined to the VT/TTY ioctl handling path.
Given these points, this is a clear, low-risk bugfix that improves error reporting, aligns VT_RESIZE with VT_RESIZEX, and should be backported to stable trees.
drivers/tty/vt/vt_ioctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c index 61342e06970a0..eddb25bec996e 100644 --- a/drivers/tty/vt/vt_ioctl.c +++ b/drivers/tty/vt/vt_ioctl.c @@ -923,7 +923,9 @@ int vt_ioctl(struct tty_struct *tty,
if (vc) { /* FIXME: review v tty lock */ - __vc_resize(vc_cons[i].d, cc, ll, true); + ret = __vc_resize(vc_cons[i].d, cc, ll, true); + if (ret) + return ret; } } console_unlock();