Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 10 Mar 2020 11:06:57 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: Pirmin Walthert <pirmin.walthert@...om.ch>
Cc: musl@...ts.openwall.com
Subject: Re: Re: FYI: some observations when testing next-gen malloc

* Pirmin Walthert <pirmin.walthert@...om.ch> [2020-03-10 10:44:46 +0100]:
> Am 09.03.20 um 19:55 schrieb Szabolcs Nagy:
> > * Pirmin Walthert <pirmin.walthert@...om.ch> [2020-03-09 19:14:59 +0100]:
> > > Am 09.03.20 um 18:12 schrieb Rich Felker:
> > > > It's not described very rigorously, but effectively it's in an async
> > > > signal context and can only call functions which are AS-safe.
> > > > 
> > > > A future version of the standard is expected to drop the requirement
> > > > that fork itself be async-signal-safe, and may thereby add
> > > > requirements to synchronize against some or all internal locks so that
> > > > the child can inherit a working context. But the right solution here is
> > > > always to stop using fork without exec.
> > > > 
> > > > Rich
> > > Well, I have now changed the code a bit to make sure that no
> > > async-signal-unsafe command is being executed before execl. Things I've
> > > removed:
> > > 
> > > a call to cap_from_text, cap_set_proc and cap_free has been removed as well
> > > as sched_setscheduler. Now the only thing being executed before execl in the
> > > child process is closefrom()
> > 
> > closefrom is not as-safe.
> > 
> > i think it reads /proc/self/fd directory to close fds.
> > (haven't checked the specific asterisk version)
> > opendir calls malloc so it can deadlock.
> > 
> Indeed I am not able to reproduce the problem any longer with a modified
> version of asterisk. What I've changed is:
> 
> Removed some code that sets the capabilities after fork() (with
> cap_from_text, cap_set_proc, cap_free) and closefrom replaced with a thumb
> loop over all possible fds up to sysconf(_SC_OPEN_MAX). With this
> modification the fd closing procedure with max open files set to 21471 now
> needs 7ms instead of 70ns (so a slowdown by times 100), however this is not
> critical in our environment...
> 
> Will discuss the findings with the asterisk developers.
> 
> Thanks for your hints!

good.

ideally they would use close-on-exec fds and then
you don't need such ugliness.

please don't drop the list from replies.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.