Changing back to per-thread credentials on Linux (fixing native AIO).

simo idra at samba.org
Sun Jul 1 17:44:25 MDT 2012 

On Sun, 2012-07-01 at 20:38 +0200, Volker Lendecke wrote: 
> On Sun, Jul 01, 2012 at 12:26:54PM -0700, Jeremy Allison wrote:
> > On Sun, Jul 01, 2012 at 08:29:39PM +0200, Volker Lendecke wrote:
> > > 
> > > 1. Just declare the glibc posix aio implementation unusable for
> > >    us. Let's make your aio_pthread module the built-in
> > >    standard. This does not use signals and thus does not have
> > >    the problem. We can provide the native posix aio as a module
> > >    as we are doing it now with aio_pthread.
> > 
> > That's not a bad idea, but doesn't affect the per-thread
> > creds code as it is needed for the thread-implementations
> > of open() and the other calls I'm planning.
> > 
> > > 2. Let's contact the glibc maintainers for an official
> > >    per-thread credential API.
> > 
> > The official per-thread creds API *is* the raw
> > system call API. There's no need to them to add
> > another API, it's already there.
> 
> Sorry, I just don't trust the glibc folks on this. They used
> to have a syscall() function that returned -errno. This
> would have made syscalls portably useable in an environment
> using clone() without thread local storage (per-thread
> errno). They deliberately removed this facility, completely
> crippling clone(). If they feel like it, they will start
> intercepting syscall() for the setuid-like values. We would
> not even notice before it is too late. Before this aspect is
> not officially blessed by the glibc maintainers, I would
> rather limit this to a very well-audited set of precise
> glibc versions.
> 
> Can you get this official blessing in some way?

Volker, a couple of years back, at a RH Summit (2010 I think) I spoke
with Uli (then RH and upstream glibc maintainer) about per thread ids.

He said that using the syscalls directly would have worked. I do not
know how official this may have been at the time, and I am not sure how
official an answer you may get now, but intentionally breaking syscall()
is something I do not see ever happening, it would be stupid and
useless.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>

More information about the samba-technical mailing list