about summary refs log tree commit diff
path: root/rt
diff options
context:
space:
mode:
authorAdhemerval Zanella <adhemerval.zanella@linaro.org>2019-12-09 14:33:33 -0300
committerAdhemerval Zanella <adhemerval.zanella@linaro.org>2020-02-19 13:46:31 -0300
commit27d83441a2f900059d0421339d0e8c27220ffa36 (patch)
tree22b8a2d04bfc965462d96a99b32da18fc17eb2b5 /rt
parent8d42bf859a289944749d9f978c076cd318119867 (diff)
downloadglibc-27d83441a2f900059d0421339d0e8c27220ffa36.tar.gz
glibc-27d83441a2f900059d0421339d0e8c27220ffa36.tar.xz
glibc-27d83441a2f900059d0421339d0e8c27220ffa36.zip
Block all signals on timer_create thread (BZ#10815)
The behavior of the signal mask on threads created by timer_create
for SIGEV_THREAD timers are implementation-defined and glibc explicit
unblocks all signals before calling the user-defined function.

This behavior, although not incorrect standard-wise, opens a race if a
program using a blocked rt-signal plus sigwaitinfo (and without an
installed signal handler for the rt-signal) receives a signal while
executing the used-defined function for SIGEV_THREAD.

A better alternative discussed in bug report is to rather block all
signals (besides the internal ones not available to application
usage).

This patch fixes this issue by only unblocking SIGSETXID (used on
set*uid function) and SIGCANCEL (used for thread cancellation).

Checked on x86_64-linux-gnu and i686-linux-gnu.
Diffstat (limited to 'rt')
-rw-r--r--rt/Makefile7
-rw-r--r--rt/tst-timer-sigmask.c78
2 files changed, 83 insertions, 2 deletions
diff --git a/rt/Makefile b/rt/Makefile
index 935d968716..dab5d62a57 100644
--- a/rt/Makefile
+++ b/rt/Makefile
@@ -47,6 +47,7 @@ tests := tst-shm tst-timer tst-timer2 \
 	 tst-timer3 tst-timer4 tst-timer5 \
 	 tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
 	 tst-shm-cancel
+tests-internal := tst-timer-sigmask
 
 extra-libs := librt
 extra-libs-others := $(extra-libs)
@@ -63,9 +64,11 @@ LDFLAGS-rt.so = -Wl,--enable-new-dtags,-z,nodelete
 $(objpfx)librt.so: $(shared-thread-library)
 
 ifeq (yes,$(build-shared))
-$(addprefix $(objpfx),$(tests)): $(objpfx)librt.so $(shared-thread-library)
+$(addprefix $(objpfx),$(tests) $(tests-internal)): \
+	$(objpfx)librt.so $(shared-thread-library)
 else
-$(addprefix $(objpfx),$(tests)): $(objpfx)librt.a $(static-thread-library)
+$(addprefix $(objpfx),$(tests)) $(tests-internal): \
+	$(objpfx)librt.a $(static-thread-library)
 endif
 
 tst-mqueue7-ARGS = -- $(host-test-program-cmd)
diff --git a/rt/tst-timer-sigmask.c b/rt/tst-timer-sigmask.c
new file mode 100644
index 0000000000..22e250f738
--- /dev/null
+++ b/rt/tst-timer-sigmask.c
@@ -0,0 +1,78 @@
+/* Check resulting signal mask from POSIX timer using SIGEV_THREAD.
+   Copyright (C) 2020 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdio.h>
+#include <time.h>
+#include <signal.h>
+#include <stdbool.h>
+
+#include <support/check.h>
+#include <support/test-driver.h>
+#include <support/xthread.h>
+
+#include <internal-signals.h>
+
+static pthread_barrier_t barrier;
+
+static void
+thread_handler (union sigval sv)
+{
+  sigset_t ss;
+  sigprocmask (SIG_BLOCK, NULL, &ss);
+  if (test_verbose > 0)
+    printf ("%s: blocked signal mask = { ", __func__);
+  for (int sig = 1; sig < NSIG; sig++)
+    {
+      /* POSIX timers threads created to handle SIGEV_THREAD block all
+	 signals except SIGKILL, SIGSTOP and glibc internals ones.  */
+      if (sigismember (&ss, sig))
+	{
+	  TEST_VERIFY (sig != SIGKILL && sig != SIGSTOP);
+	  TEST_VERIFY (!__is_internal_signal (sig));
+	}
+      if (test_verbose && sigismember (&ss, sig))
+	printf ("%d, ", sig);
+    }
+  if (test_verbose > 0)
+    printf ("}\n");
+
+  xpthread_barrier_wait (&barrier);
+}
+
+static int
+do_test (void)
+{
+  struct sigevent sev = { 0 };
+  sev.sigev_notify = SIGEV_THREAD;
+  sev.sigev_notify_function = &thread_handler;
+
+  timer_t timerid;
+  TEST_COMPARE (timer_create (CLOCK_REALTIME, &sev, &timerid), 0);
+
+  xpthread_barrier_init (&barrier, NULL, 2);
+
+  struct itimerspec trigger = { 0 };
+  trigger.it_value.tv_nsec = 1000000;
+  TEST_COMPARE (timer_settime (timerid, 0, &trigger, NULL), 0);
+
+  xpthread_barrier_wait (&barrier);
+
+  return 0;
+}
+
+#include <support/test-driver.c>