summaryrefslogtreecommitdiff
path: root/nptl
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2010-03-05 11:23:28 -0800
committerUlrich Drepper <drepper@redhat.com>2010-03-05 11:23:28 -0800
commit66f1b8eeb20c49c8566abeeacf36540f258ad5f4 (patch)
tree1149fbc80470ff586f1815d334b5308ad24cc4cb /nptl
parent01f1f5ee8b58d5a3dce5250ed3514e9dfa5ceff4 (diff)
downloadglibc-66f1b8eeb20c49c8566abeeacf36540f258ad5f4.tar.gz
Fix setxid race with thread creation
Diffstat (limited to 'nptl')
-rw-r--r--nptl/ChangeLog11
-rw-r--r--nptl/allocatestack.c13
-rw-r--r--nptl/pthread_create.c9
-rw-r--r--nptl/sysdeps/pthread/createthread.c14
4 files changed, 39 insertions, 8 deletions
diff --git a/nptl/ChangeLog b/nptl/ChangeLog
index c81eb03b75..e0e1a5392f 100644
--- a/nptl/ChangeLog
+++ b/nptl/ChangeLog
@@ -1,3 +1,14 @@
+2010-03-05 Andreas Schwab <schwab@redhat.com>
+ Ulrich Drepper <drepper@redhat.com>
+
+ * allocatestack.c (setxid_mark_thread): Delay handling of thread if
+ it is creating a thread or it is just being created.
+ * pthread_create.c (start_thread): Wake setxid thread if it is
+ waiting.
+ (__pthread_create_2_1): Initialize setxid_futex.
+ * sysdeps/pthread/createthread.c (do_clone): Wake setxid thread if it
+ is waiting.
+
2010-01-15 Ulrich Drepper <drepper@redhat.com>
* sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S:
diff --git a/nptl/allocatestack.c b/nptl/allocatestack.c
index 3c3585fe37..899c0e8eee 100644
--- a/nptl/allocatestack.c
+++ b/nptl/allocatestack.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2002-2007, 2009 Free Software Foundation, Inc.
+/* Copyright (C) 2002-2007, 2009, 2010 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@redhat.com>, 2002.
@@ -380,7 +380,7 @@ allocate_stack (const struct pthread_attr *attr, struct pthread **pdp,
- TLS_TCB_SIZE - adj);
#elif TLS_DTV_AT_TP
pd = (struct pthread *) (((uintptr_t) attr->stackaddr
- - __static_tls_size - adj)
+ - __static_tls_size - adj)
- TLS_PRE_TCB_SIZE);
#endif
@@ -546,7 +546,7 @@ allocate_stack (const struct pthread_attr *attr, struct pthread **pdp,
#ifndef __ASSUME_PRIVATE_FUTEX
/* The thread must know when private futexes are supported. */
pd->header.private_futex = THREAD_GETMEM (THREAD_SELF,
- header.private_futex);
+ header.private_futex);
#endif
#ifdef NEED_DL_SYSINFO
@@ -969,6 +969,13 @@ setxid_mark_thread (struct xid_command *cmdp, struct pthread *t)
{
int ch;
+ /* Wait until this thread is cloned. */
+ if (t->setxid_futex == -1
+ && ! atomic_compare_and_exchange_bool_acq (&t->setxid_futex, -2, -1))
+ do
+ lll_futex_wait (&t->setxid_futex, -2, LLL_PRIVATE);
+ while (t->setxid_futex == -2);
+
/* Don't let the thread exit before the setxid handler runs. */
t->setxid_futex = 0;
diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c
index 89938b3fb8..194a8ba0ab 100644
--- a/nptl/pthread_create.c
+++ b/nptl/pthread_create.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2002-2007,2008,2009 Free Software Foundation, Inc.
+/* Copyright (C) 2002-2007,2008,2009,2010 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@redhat.com>, 2002.
@@ -239,6 +239,10 @@ start_thread (void *arg)
/* Initialize resolver state pointer. */
__resp = &pd->res;
+ /* Allow setxid from now onwards. */
+ if (__builtin_expect (atomic_exchange_acq (&pd->setxid_futex, 0) == -2, 0))
+ lll_futex_wake (&pd->setxid_futex, 1, LLL_PRIVATE);
+
#ifdef __NR_set_robust_list
# ifndef __ASSUME_SET_ROBUST_LIST
if (__set_robust_list_avail >= 0)
@@ -538,6 +542,9 @@ __pthread_create_2_1 (newthread, attr, start_routine, arg)
}
}
+ /* Don't allow setxid until cloned. */
+ pd->setxid_futex = -1;
+
/* Pass the descriptor to the caller. */
*newthread = (pthread_t) pd;
diff --git a/nptl/sysdeps/pthread/createthread.c b/nptl/sysdeps/pthread/createthread.c
index 66fafe8050..3bb3915281 100644
--- a/nptl/sysdeps/pthread/createthread.c
+++ b/nptl/sysdeps/pthread/createthread.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2002-2007, 2008 Free Software Foundation, Inc.
+/* Copyright (C) 2002-2007, 2008, 2010 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@redhat.com>, 2002.
@@ -28,7 +28,7 @@
#include "kernel-features.h"
-#define CLONE_SIGNAL (CLONE_SIGHAND | CLONE_THREAD)
+#define CLONE_SIGNAL (CLONE_SIGHAND | CLONE_THREAD)
/* Unless otherwise specified, the thread "register" is going to be
initialized with a pointer to the TCB. */
@@ -72,8 +72,14 @@ do_clone (struct pthread *pd, const struct pthread_attr *attr,
that cares whether the thread count is correct. */
atomic_increment (&__nptl_nthreads);
- if (ARCH_CLONE (fct, STACK_VARIABLES_ARGS, clone_flags,
- pd, &pd->tid, TLS_VALUE, &pd->tid) == -1)
+ int rc = ARCH_CLONE (fct, STACK_VARIABLES_ARGS, clone_flags,
+ pd, &pd->tid, TLS_VALUE, &pd->tid);
+
+ /* Allow setxid from now onwards. */
+ if (__builtin_expect (atomic_exchange_acq (&pd->setxid_futex, 0) == -2, 0))
+ lll_futex_wake (&pd->setxid_futex, 1, LLL_PRIVATE);
+
+ if (__builtin_expect (rc == -1, 0))
{
atomic_decrement (&__nptl_nthreads); /* Oops, we lied for a second. */