summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-26 22:34:46 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-27 02:22:58 +0100
commit0c5eb0562abec6f845f07c30b2ad2515900ec1e5 (patch)
tree10a05b9191642ce96812a96ed53031b9338f3528 /src
parentfccd4b67b5fd296cb5840d1b8e0ea8455cb6a1ed (diff)
nss: block various signals while running NSS lookups
Let's make sure our poll() calls don't get interrupted where they shouldn't (SIGALRM, ...), but allow them to be interrupted where they should (SIGINT, ...). Fixes #1965
Diffstat (limited to 'src')
-rw-r--r--src/basic/nss-util.h2
-rw-r--r--src/basic/signal-util.h11
-rw-r--r--src/nss-myhostname/nss-myhostname.c7
-rw-r--r--src/nss-mymachines/nss-mymachines.c13
-rw-r--r--src/nss-resolve/nss-resolve.c7
-rw-r--r--src/test/test-signal-util.c49
6 files changed, 89 insertions, 0 deletions
diff --git a/src/basic/nss-util.h b/src/basic/nss-util.h
index cc30d93aad..4be0136da6 100644
--- a/src/basic/nss-util.h
+++ b/src/basic/nss-util.h
@@ -27,6 +27,8 @@
#include <pwd.h>
#include <resolv.h>
+#define NSS_SIGNALS_BLOCK SIGALRM,SIGVTALRM,SIGPIPE,SIGCHLD,SIGTSTP,SIGIO,SIGHUP,SIGUSR1,SIGUSR2,SIGPROF,SIGURG,SIGWINCH
+
#define NSS_GETHOSTBYNAME_PROTOTYPES(module) \
enum nss_status _nss_##module##_gethostbyname4_r( \
const char *name, \
diff --git a/src/basic/signal-util.h b/src/basic/signal-util.h
index e7393e2dac..5d94d1c363 100644
--- a/src/basic/signal-util.h
+++ b/src/basic/signal-util.h
@@ -41,3 +41,14 @@ int signal_from_string(const char *s) _pure_;
int signal_from_string_try_harder(const char *s);
void nop_signal_handler(int sig);
+
+static inline void block_signals_reset(sigset_t *ss) {
+ assert_se(sigprocmask(SIG_SETMASK, ss, NULL) >= 0);
+}
+
+#define BLOCK_SIGNALS(...) \
+ _cleanup_(block_signals_reset) sigset_t _saved_sigset = ({ \
+ sigset_t t; \
+ assert_se(sigprocmask_many(SIG_BLOCK, &t, __VA_ARGS__, -1) >= 0); \
+ t; \
+ })
diff --git a/src/nss-myhostname/nss-myhostname.c b/src/nss-myhostname/nss-myhostname.c
index ee10b105ea..e438625814 100644
--- a/src/nss-myhostname/nss-myhostname.c
+++ b/src/nss-myhostname/nss-myhostname.c
@@ -31,6 +31,7 @@
#include "local-addresses.h"
#include "macro.h"
#include "nss-util.h"
+#include "signal-util.h"
#include "string-util.h"
#include "util.h"
@@ -63,6 +64,8 @@ enum nss_status _nss_myhostname_gethostbyname4_r(
char *r_name;
unsigned n;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(pat);
assert(buffer);
@@ -327,6 +330,8 @@ enum nss_status _nss_myhostname_gethostbyname3_r(
uint32_t local_address_ipv4 = 0;
int n_addresses = 0;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(host);
assert(buffer);
@@ -409,6 +414,8 @@ enum nss_status _nss_myhostname_gethostbyaddr2_r(
bool additional_from_hostname = false;
unsigned n;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(addr);
assert(host);
assert(buffer);
diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
index dcdbc31a78..3cd29500d0 100644
--- a/src/nss-mymachines/nss-mymachines.c
+++ b/src/nss-mymachines/nss-mymachines.c
@@ -31,6 +31,7 @@
#include "in-addr-util.h"
#include "macro.h"
#include "nss-util.h"
+#include "signal-util.h"
#include "string-util.h"
#include "user-util.h"
#include "util.h"
@@ -94,6 +95,8 @@ enum nss_status _nss_mymachines_gethostbyname4_r(
char *r_name;
int n_ifindices, r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(pat);
assert(buffer);
@@ -242,6 +245,8 @@ enum nss_status _nss_mymachines_gethostbyname3_r(
size_t l, idx, ms, alen;
int r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(result);
assert(buffer);
@@ -404,6 +409,8 @@ enum nss_status _nss_mymachines_getpwnam_r(
size_t l;
int r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(pwd);
@@ -491,6 +498,8 @@ enum nss_status _nss_mymachines_getpwuid_r(
uint32_t mapped;
int r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
if (!uid_is_valid(uid)) {
r = -EINVAL;
goto fail;
@@ -564,6 +573,8 @@ enum nss_status _nss_mymachines_getgrnam_r(
size_t l;
int r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(gr);
@@ -649,6 +660,8 @@ enum nss_status _nss_mymachines_getgrgid_r(
uint32_t mapped;
int r;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
if (!gid_is_valid(gid)) {
r = -EINVAL;
goto fail;
diff --git a/src/nss-resolve/nss-resolve.c b/src/nss-resolve/nss-resolve.c
index 2b716a69d1..7864e5370b 100644
--- a/src/nss-resolve/nss-resolve.c
+++ b/src/nss-resolve/nss-resolve.c
@@ -34,6 +34,7 @@
#include "nss-util.h"
#include "string-util.h"
#include "util.h"
+#include "signal-util.h"
NSS_GETHOSTBYNAME_PROTOTYPES(resolve);
NSS_GETHOSTBYADDR_PROTOTYPES(resolve);
@@ -127,6 +128,8 @@ enum nss_status _nss_resolve_gethostbyname4_r(
char *r_name;
int c, r, i = 0;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(pat);
assert(buffer);
@@ -307,6 +310,8 @@ enum nss_status _nss_resolve_gethostbyname3_r(
const char *canonical;
int c, r, i = 0;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(name);
assert(result);
assert(buffer);
@@ -512,6 +517,8 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
const char *n;
int r, ifindex;
+ BLOCK_SIGNALS(NSS_SIGNALS_BLOCK);
+
assert(addr);
assert(result);
assert(buffer);
diff --git a/src/test/test-signal-util.c b/src/test/test-signal-util.c
new file mode 100644
index 0000000000..3083501ce9
--- /dev/null
+++ b/src/test/test-signal-util.c
@@ -0,0 +1,49 @@
+/***
+ This file is part of systemd.
+
+ Copyright 2016 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include "signal-util.h"
+
+static void test_block_signals(void) {
+ sigset_t ss;
+
+ assert_se(sigprocmask(0, NULL, &ss) >= 0);
+
+ assert_se(sigismember(&ss, SIGUSR1) == 0);
+ assert_se(sigismember(&ss, SIGALRM) == 0);
+ assert_se(sigismember(&ss, SIGVTALRM) == 0);
+
+ {
+ BLOCK_SIGNALS(SIGUSR1, SIGVTALRM);
+
+ assert_se(sigprocmask(0, NULL, &ss) >= 0);
+ assert_se(sigismember(&ss, SIGUSR1) == 1);
+ assert_se(sigismember(&ss, SIGALRM) == 0);
+ assert_se(sigismember(&ss, SIGVTALRM) == 1);
+
+ }
+
+ assert_se(sigprocmask(0, NULL, &ss) >= 0);
+ assert_se(sigismember(&ss, SIGUSR1) == 0);
+ assert_se(sigismember(&ss, SIGALRM) == 0);
+ assert_se(sigismember(&ss, SIGVTALRM) == 0);
+}
+
+int main(int argc, char *argv[]) {
+ test_block_signals();
+}