Changing back to per-thread credentials on Linux (fixing native AIO).

Volker Lendecke Volker.Lendecke at SerNet.DE
Sun Jul 1 12:38:13 MDT 2012

On Sun, Jul 01, 2012 at 12:26:54PM -0700, Jeremy Allison wrote:
> On Sun, Jul 01, 2012 at 08:29:39PM +0200, Volker Lendecke wrote:
> > 
> > 1. Just declare the glibc posix aio implementation unusable for
> >    us. Let's make your aio_pthread module the built-in
> >    standard. This does not use signals and thus does not have
> >    the problem. We can provide the native posix aio as a module
> >    as we are doing it now with aio_pthread.
> That's not a bad idea, but doesn't affect the per-thread
> creds code as it is needed for the thread-implementations
> of open() and the other calls I'm planning.
> > 2. Let's contact the glibc maintainers for an official
> >    per-thread credential API.
> The official per-thread creds API *is* the raw
> system call API. There's no need to them to add
> another API, it's already there.

Sorry, I just don't trust the glibc folks on this. They used
to have a syscall() function that returned -errno. This
would have made syscalls portably useable in an environment
using clone() without thread local storage (per-thread
errno). They deliberately removed this facility, completely
crippling clone(). If they feel like it, they will start
intercepting syscall() for the setuid-like values. We would
not even notice before it is too late. Before this aspect is
not officially blessed by the glibc maintainers, I would
rather limit this to a very well-audited set of precise
glibc versions.

Can you get this official blessing in some way?

With best regards,

Volker Lendecke

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen, mailto:kontakt at

More information about the samba-technical mailing list