* [PATCH] nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914]
@ 2021-05-26 6:05 Florian Weimer
2021-05-27 12:50 ` Carlos O'Donell
0 siblings, 1 reply; 2+ messages in thread
From: Florian Weimer @ 2021-05-26 6:05 UTC (permalink / raw)
To: libc-alpha
The signal is sent to all threads, some of which may have switched
to very small stacks. If they have also installed an alternate
signal stack, SA_ONSTACK makes this work. The Go runtime needs this:
runtime: C.setuid/C.setgid smashes Go stack
<https://github.com/golang/go/issues/9400>
Doing this for SIGCANCEL is less obviously beneficial and needs further
testing.
Tested on i686-linux-gnu and x86_64-linux-gnu. I verified that a
glibc build for a distribution unbreaks the Go test suite on x86-64.
---
nptl/pthread_create.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c
index 5680687efe..b7073a8285 100644
--- a/nptl/pthread_create.c
+++ b/nptl/pthread_create.c
@@ -83,9 +83,12 @@ late_init (void)
(void) __libc_sigaction (SIGCANCEL, &sa, NULL);
}
- /* Install the handle to change the threads' uid/gid. */
+ /* Install the handle to change the threads' uid/gid. Use
+ SA_ONSTACK because the signal may be sent to threads that are
+ running with custom stacks. (This is less likely for
+ SIGCANCEL.) */
sa.sa_sigaction = __nptl_setxid_sighandler;
- sa.sa_flags = SA_SIGINFO | SA_RESTART;
+ sa.sa_flags = SA_ONSTACK | SA_SIGINFO | SA_RESTART;
(void) __libc_sigaction (SIGSETXID, &sa, NULL);
/* The parent process might have left the signals blocked. Just in
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914]
2021-05-26 6:05 [PATCH] nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914] Florian Weimer
@ 2021-05-27 12:50 ` Carlos O'Donell
0 siblings, 0 replies; 2+ messages in thread
From: Carlos O'Donell @ 2021-05-27 12:50 UTC (permalink / raw)
To: Florian Weimer, libc-alpha
On 5/26/21 2:05 AM, Florian Weimer via Libc-alpha wrote:
> The signal is sent to all threads, some of which may have switched
> to very small stacks. If they have also installed an alternate
> signal stack, SA_ONSTACK makes this work. The Go runtime needs this:
>
> runtime: C.setuid/C.setgid smashes Go stack
> <https://github.com/golang/go/issues/9400>
>
> Doing this for SIGCANCEL is less obviously beneficial and needs further
> testing.
>
> Tested on i686-linux-gnu and x86_64-linux-gnu. I verified that a
> glibc build for a distribution unbreaks the Go test suite on x86-64.
This looks good to me. Fundamentally all internal signals should have used
SA_ONSTACK, but we can fix that later. Thanks for testing this.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> ---
> nptl/pthread_create.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c
> index 5680687efe..b7073a8285 100644
> --- a/nptl/pthread_create.c
> +++ b/nptl/pthread_create.c
> @@ -83,9 +83,12 @@ late_init (void)
> (void) __libc_sigaction (SIGCANCEL, &sa, NULL);
> }
>
> - /* Install the handle to change the threads' uid/gid. */
> + /* Install the handle to change the threads' uid/gid. Use
> + SA_ONSTACK because the signal may be sent to threads that are
> + running with custom stacks. (This is less likely for
> + SIGCANCEL.) */
> sa.sa_sigaction = __nptl_setxid_sighandler;
> - sa.sa_flags = SA_SIGINFO | SA_RESTART;
> + sa.sa_flags = SA_ONSTACK | SA_SIGINFO | SA_RESTART;
> (void) __libc_sigaction (SIGSETXID, &sa, NULL);
>
> /* The parent process might have left the signals blocked. Just in
>
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-05-27 12:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-26 6:05 [PATCH] nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914] Florian Weimer
2021-05-27 12:50 ` Carlos O'Donell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).