From 76b0c59e333da6fd4103e478b63522636d9d232b Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 27 May 2021 15:37:35 +0200
Subject: nptl: Install SIGSETXID handler with SA_ONSTACK [BZ #27914]

The signal is sent to all threads, some of which may have switched
to very small stacks.  If they have also installed an alternate
signal stack, SA_ONSTACK makes this work.  The Go runtime needs this:

  runtime: C.setuid/C.setgid smashes Go stack
  <https://github.com/golang/go/issues/9400>

Doing this for SIGCANCEL is less obviously beneficial and needs further
testing.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
---
 nptl/pthread_create.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'nptl/pthread_create.c')

diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c
index 5680687efe..b7073a8285 100644
--- a/nptl/pthread_create.c
+++ b/nptl/pthread_create.c
@@ -83,9 +83,12 @@ late_init (void)
       (void) __libc_sigaction (SIGCANCEL, &sa, NULL);
     }
 
-  /* Install the handle to change the threads' uid/gid.  */
+  /* Install the handle to change the threads' uid/gid.  Use
+     SA_ONSTACK because the signal may be sent to threads that are
+     running with custom stacks.  (This is less likely for
+     SIGCANCEL.)  */
   sa.sa_sigaction = __nptl_setxid_sighandler;
-  sa.sa_flags = SA_SIGINFO | SA_RESTART;
+  sa.sa_flags = SA_ONSTACK | SA_SIGINFO | SA_RESTART;
   (void) __libc_sigaction (SIGSETXID, &sa, NULL);
 
   /* The parent process might have left the signals blocked.  Just in
-- 
cgit 1.4.1