Samba hangs (pthread?)
Rainer Weikusat
rainer.weikusat at sncag.com
Sun Jun 11 19:29:01 GMT 2006
Jeremy Allison <jra at samba.org> writes:
> On Sun, Jun 11, 2006 at 06:25:30PM +0200, Rainer Weikusat wrote:
>> For LinuxThreads (ie not NPTL) it decidedly should (and will), because
>> Samba changes its uid on oaccasion, which may result in some threads
>> running with uid 0 and some other threads with a non-priviledged one,
>> which in turn can cause the pthread sleep/ wakeup-mechanism, which
>> relies on the ability of a thread to send a signal to any other thread
>> within the same process, to fail (the signal isn't delivered to the
>> target thread due to EPERM and the sending thread "hangs", waiting for
>> some action to be taken because of the signal).
>>
>> NPTL appears[*] to use signals for something, too, so it may be
>> affected by the same issue, considering that setuid is still not per
>> process.
>>
>> [*] the code is mostly incomprehensible, due to unbounded
>> over-abstraction
>>
>> NB: This is just an issue I happen to know of. There is an easy
>> kernel-level workaround for that: allow signals among threads running
>> in the same address space.
[...]
> What kernel API should we use to ensure we can allow signals
> between threads in the same address space ? It's ok if it's
> Linux-specific, we can add a configure test for it.
The Right Thing[tm] would be to fix the kernel, so that setuid() is
per-process and not per-thread (if this hasn't been done in the
meantime). Otherwise, I fear, its the kernel source API called patch.
This is what I am using on the embedded target (2.4 based) where this
affects me:
int bad_signal(int sig, struct siginfo *info, struct task_struct *t)
{
return
(!info || ((unsigned long)info != 1 && SI_FROMUSER(info)))
&& ((sig != SIGCONT) || (current->session != t->session))
&& (current->euid ^ t->suid)
&& (current->euid ^ t->uid)
&& (current->uid ^ t->suid)
&& (current->uid ^ t->uid)
&& !capable(CAP_KILL)
&& (current->active_mm != t->active_mm);
}
[.../linux/kernel/signal.c, last line]
Disclaimer: I think this is a reasonably sane thing do, considering that
the threads can likely muck with each others state at will if they
share a mm, anyway. But as I am only running this in a controlled
(single-CPU) environment, I haven't bothered to check very thoroughly
and I am decidedly not an expert for this area of the kernel.
More information about the samba-technical
mailing list