picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

nss: block various signals while running NSS lookups

Browse source 
Let's make sure our poll() calls don't get interrupted where they shouldn't (SIGALRM, ...), but allow them to be
interrupted where they should (SIGINT, ...).

Fixes #1965
This commit is contained in:
Lennart Poettering 2016-01-26 22:34:46 +01:00
parent fccd4b67b5
commit 0c5eb0562a
8 changed files with 98 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -255,6 +255,7 @@
/test-sched-prio
/test-set
/test-sigbus
/test-signal-util
/test-siphash24
/test-sleep
/test-socket-util

9
Makefile.am
View file

@ -1500,7 +1500,8 @@ tests += \
test-arphrd-list \
test-dns-domain \
test-install-root \
test-rlimit-util
test-rlimit-util \
test-signal-util
if HAVE_ACL
tests += \
@ -1881,6 +1882,12 @@ test_ask_password_api_SOURCES = \
test_ask_password_api_LDADD = \
libshared.la
test_signal_util_SOURCES = \
src/test/test-signal-util.c
test_signal_util_LDADD = \
libshared.la
BUILT_SOURCES += \
src/test/test-hashmap-ordered.c

2
src/basic/nss-util.h
View file

@ -27,6 +27,8 @@
#include <pwd.h>
#include <resolv.h>
#define NSS_SIGNALS_BLOCK SIGALRM,SIGVTALRM,SIGPIPE,SIGCHLD,SIGTSTP,SIGIO,SIGHUP,SIGUSR1,SIGUSR2,SIGPROF,SIGURG,SIGWINCH
#define NSS_GETHOSTBYNAME_PROTOTYPES(module) \
enum nss_status _nss_##module##_gethostbyname4_r( \
const char *name, \

11
src/basic/signal-util.h
View file

@ -41,3 +41,14 @@ int signal_from_string(const char *s) _pure_;
int signal_from_string_try_harder(const char *s);
void nop_signal_handler(int sig);
static inline void block_signals_reset(sigset_t *ss) {
assert_se(sigprocmask(SIG_SETMASK, ss, NULL) >= 0);
}
#define BLOCK_SIGNALS(...) \
_cleanup_(block_signals_reset) sigset_t _saved_sigset = ({ \
sigset_t t; \
assert_se(sigprocmask_many(SIG_BLOCK, &t, __VA_ARGS__, -1) >= 0); \
t; \
})

7
src/nss-myhostname/nss-myhostname.c
View file

@ -31,6 +31,7 @@
#include "local-addresses.h"
#include "macro.h"
#include "nss-util.h"
#include "signal-util.h"
#include "string-util.h"
#include "util.h"
@ -63,6 +64,8 @@ enum nss_status _nss_myhostname_gethostbyname4_r(
char *r_name;
unsigned n;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(pat);
assert(buffer);
@ -327,6 +330,8 @@ enum nss_status _nss_myhostname_gethostbyname3_r(
uint32_t local_address_ipv4 = 0;
int n_addresses = 0;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(host);
assert(buffer);
@ -409,6 +414,8 @@ enum nss_status _nss_myhostname_gethostbyaddr2_r(
bool additional_from_hostname = false;
unsigned n;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(addr);
assert(host);
assert(buffer);

13
src/nss-mymachines/nss-mymachines.c
View file

@ -31,6 +31,7 @@
#include "in-addr-util.h"
#include "macro.h"
#include "nss-util.h"
#include "signal-util.h"
#include "string-util.h"
#include "user-util.h"
#include "util.h"
@ -94,6 +95,8 @@ enum nss_status _nss_mymachines_gethostbyname4_r(
char *r_name;
int n_ifindices, r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(pat);
assert(buffer);
@ -242,6 +245,8 @@ enum nss_status _nss_mymachines_gethostbyname3_r(
size_t l, idx, ms, alen;
int r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(result);
assert(buffer);
@ -404,6 +409,8 @@ enum nss_status _nss_mymachines_getpwnam_r(
size_t l;
int r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(pwd);
@ -491,6 +498,8 @@ enum nss_status _nss_mymachines_getpwuid_r(
uint32_t mapped;
int r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!uid_is_valid(uid)) {
r = -EINVAL;
goto fail;
@ -564,6 +573,8 @@ enum nss_status _nss_mymachines_getgrnam_r(
size_t l;
int r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(gr);
@ -649,6 +660,8 @@ enum nss_status _nss_mymachines_getgrgid_r(
uint32_t mapped;
int r;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
if (!gid_is_valid(gid)) {
r = -EINVAL;
goto fail;

7
src/nss-resolve/nss-resolve.c
View file

@ -34,6 +34,7 @@
#include "nss-util.h"
#include "string-util.h"
#include "util.h"
#include "signal-util.h"
NSS_GETHOSTBYNAME_PROTOTYPES(resolve);
NSS_GETHOSTBYADDR_PROTOTYPES(resolve);
@ -127,6 +128,8 @@ enum nss_status _nss_resolve_gethostbyname4_r(
char *r_name;
int c, r, i = 0;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(pat);
assert(buffer);
@ -307,6 +310,8 @@ enum nss_status _nss_resolve_gethostbyname3_r(
const char *canonical;
int c, r, i = 0;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(name);
assert(result);
assert(buffer);
@ -512,6 +517,8 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
const char *n;
int r, ifindex;
BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
assert(addr);
assert(result);
assert(buffer);

49
src/test/test-signal-util.c Normal file
View file

@ -0,0 +1,49 @@
/***
This file is part of systemd.
Copyright 2016 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#include "signal-util.h"
static void test_block_signals(void) {
sigset_t ss;
assert_se(sigprocmask(0, NULL, &ss) >= 0);
assert_se(sigismember(&ss, SIGUSR1) == 0);
assert_se(sigismember(&ss, SIGALRM) == 0);
assert_se(sigismember(&ss, SIGVTALRM) == 0);
{
BLOCK_SIGNALS(SIGUSR1, SIGVTALRM);
assert_se(sigprocmask(0, NULL, &ss) >= 0);
assert_se(sigismember(&ss, SIGUSR1) == 1);
assert_se(sigismember(&ss, SIGALRM) == 0);
assert_se(sigismember(&ss, SIGVTALRM) == 1);
}
assert_se(sigprocmask(0, NULL, &ss) >= 0);
assert_se(sigismember(&ss, SIGUSR1) == 0);
assert_se(sigismember(&ss, SIGALRM) == 0);
assert_se(sigismember(&ss, SIGVTALRM) == 0);
}
int main(int argc, char *argv[]) {
test_block_signals();
}