From nobody Tue Nov 26 04:05:19 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Xy89q4ptvz5dmvc; Tue, 26 Nov 2024 04:05:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Xy89q45Kqz4DHP; Tue, 26 Nov 2024 04:05:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732593919; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dCtB+wyOW27KRN2Qzh1J1nz/rkiyFtu8ZwmNncwTZhU=; b=RcRoItNF6psEH/PydGYliTd5Z66nZKrg/KeAWgfO3x2dJVUlj8umUYfMbR1nBC79TVcvP+ +RP655/jFLP+dP2fh5VjFAqGtXeErZf4A0zfhKVwefF/BaXaoD79ZG2TSTviiSXj6cMqSb JnqVxdXGiv+Qwd5w2ZH+RmFef7w+3RJjFKpwmZ7WVO8k1rl/+T75bD4qMkGV3kpfu5QOaV mOMwyW3h8ElG9ID9HncRVG2KEBmpfblAqQI4i9Rtqzwi9h41tt0eqBV6wArX8CY9UUupww 2mX9uvmTOt7dtjYTBXaXPYD9EaQGW1fTWrgqQYEDR4fxUE/ERpvfNckech5xEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732593919; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dCtB+wyOW27KRN2Qzh1J1nz/rkiyFtu8ZwmNncwTZhU=; b=hPRmrf0bj228JUQvpAq0gQUClycwlDmhGb0psHNwDIyBgE8wXTBaLiQ2Iq9L1v3aiuwDx8 4HCt5GkdR1MGfG/OoF6zyfmsrD0di2v4rmG3qXTwFt0MaM5zWNERdqydVhqF1g3wAaW3y4 YF4e+DvnjgOHcAbYufmYb8IXiue9BicFWGdUIGGJIrjgfzv4YPc6fzLGcFpDrUVJTZ7rva UmntFy9IMe/aMF18ZS6OmenVhoPUbgpTxzmZ80BDJ7E3cSZ37m+3H/UeU2yRfM2YPqaM25 0OHR4P5Jeaf7lLUgIGkX/+LN5RVYGxtX++AI3c1P/nUsdbMo+x8s5Hsdu67Vug== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732593919; a=rsa-sha256; cv=none; b=H7NSx7toKOHaJvhQ6Q+i+9YckXXXSghBV2x2jSmWXUh4vV0A6hckTvsXSlrcJ01VBq5Ib9 dwc1tpbJGb/OHjT6Hq29UfpWV+nE7USh2/DCgp/gs14vURAWYJuNlfHz04Dei+hTyq0K9A 2OEuJG9VLYZFNCms0JCN6NsFouMHHtRIe3PfShXvli5UmG3LaEWDSuYB8AtBPVXtKG+JZk IbsF5VCKJIp0MMujjit+YGAWEVyTyno94a3KXmouC4fpvFjgIuwctvj+jsXsU5HVqAdNgl eN+42T3VZZ1FiRHAbM1tYjGuSR9BDDOyd2jzCL+QyLnvaep+fvzjp2DlpjpX4w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Xy89q3gLgz18bt; Tue, 26 Nov 2024 04:05:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AQ45Jwa093877; Tue, 26 Nov 2024 04:05:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AQ45J3i093874; Tue, 26 Nov 2024 04:05:19 GMT (envelope-from git) Date: Tue, 26 Nov 2024 04:05:19 GMT Message-Id: <202411260405.4AQ45J3i093874@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kyle Evans Subject: git: ccb973da1f1b - main - kern: restore signal mask before ast() for pselect/ppoll List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ccb973da1f1b65879eade8e65cdd2885e125f90e Auto-Submitted: auto-generated The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=ccb973da1f1b65879eade8e65cdd2885e125f90e commit ccb973da1f1b65879eade8e65cdd2885e125f90e Author: Kyle Evans AuthorDate: 2024-11-26 04:04:48 +0000 Commit: Kyle Evans CommitDate: 2024-11-26 04:04:48 +0000 kern: restore signal mask before ast() for pselect/ppoll It's possible to take a signal after pselect/ppoll have set their return value, but before we actually return to userland. This results in taking a signal without reflecting it in the return value, which weakens the guarantees provided by these functions. Switch both to restore the signal mask before we would deliver signals on return to userland. If a signal was received after the wait was over, then we'll just have the signal queued up for the next time it comes unblocked. The modified signal mask is retained if we were interrupted so that ast() actually handles the signal, at which point the signal mask is restored. des@ has a test case demonstrating the issue in D47738 which will follow. Note for MFC: TDA_PSELECT is a KBI break, we should just inline ast_sigsuspend() in pselect/ppoll for stable branches. It's not exactly the same, but it will be close enough. Reported by: des Reviewed by: des (earlier version), kib Sponsored by: Klara, Inc. Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D47741 --- sys/kern/sys_generic.c | 40 +++++++++++++++++++++++++++++++--------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/sys/kern/sys_generic.c b/sys/kern/sys_generic.c index 99b018dee26c..6fc7d5d2eefa 100644 --- a/sys/kern/sys_generic.c +++ b/sys/kern/sys_generic.c @@ -1049,14 +1049,26 @@ kern_pselect(struct thread *td, int nd, fd_set *in, fd_set *ou, fd_set *ex, if (error != 0) return (error); td->td_pflags |= TDP_OLDMASK; + } + error = kern_select(td, nd, in, ou, ex, tvp, abi_nfdbits); + if (uset != NULL) { /* * Make sure that ast() is called on return to * usermode and TDP_OLDMASK is cleared, restoring old - * sigmask. + * sigmask. If we didn't get interrupted, then the caller is + * likely not expecting a signal to hit that should normally be + * blocked by its signal mask, so we restore the mask before + * any signals could be delivered. */ - ast_sched(td, TDA_SIGSUSPEND); + if (error == EINTR) { + ast_sched(td, TDA_SIGSUSPEND); + } else { + /* *select(2) should never restart. */ + MPASS(error != ERESTART); + ast_sched(td, TDA_PSELECT); + } } - error = kern_select(td, nd, in, ou, ex, tvp, abi_nfdbits); + return (error); } @@ -1528,12 +1540,6 @@ kern_poll_kfds(struct thread *td, struct pollfd *kfds, u_int nfds, if (error) return (error); td->td_pflags |= TDP_OLDMASK; - /* - * Make sure that ast() is called on return to - * usermode and TDP_OLDMASK is cleared, restoring old - * sigmask. - */ - ast_sched(td, TDA_SIGSUSPEND); } seltdinit(td); @@ -1556,6 +1562,22 @@ kern_poll_kfds(struct thread *td, struct pollfd *kfds, u_int nfds, error = EINTR; if (error == EWOULDBLOCK) error = 0; + + if (uset != NULL) { + /* + * Make sure that ast() is called on return to + * usermode and TDP_OLDMASK is cleared, restoring old + * sigmask. If we didn't get interrupted, then the caller is + * likely not expecting a signal to hit that should normally be + * blocked by its signal mask, so we restore the mask before + * any signals could be delivered. + */ + if (error == EINTR) + ast_sched(td, TDA_SIGSUSPEND); + else + ast_sched(td, TDA_PSELECT); + } + return (error); }