mirror of
git://slackware.nl/current.git
synced 2025-01-07 05:25:35 +01:00
7716b728c1
a/kernel-firmware-20181008_c6b6265-noarch-1.txz: Upgraded. a/kernel-generic-4.14.75-x86_64-1.txz: Upgraded. a/kernel-huge-4.14.75-x86_64-1.txz: Upgraded. a/kernel-modules-4.14.75-x86_64-1.txz: Upgraded. d/git-2.19.1-x86_64-1.txz: Upgraded. Submodules' "URL"s come from the untrusted .gitmodules file, but we blindly gave it to "git clone" to clone submodules when "git clone --recurse-submodules" was used to clone a project that has such a submodule. The code has been hardened to reject such malformed URLs (e.g. one that begins with a dash). Credit for finding and fixing this vulnerability goes to joernchen and Jeff King, respectively. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456 (* Security fix *) d/kernel-headers-4.14.75-x86-1.txz: Upgraded. d/make-4.2.1-x86_64-4.txz: Rebuilt. Use a non-blocking read with pselect to avoid hangs. Thanks to Linux.tar.gz and David Spencer. d/subversion-1.10.3-x86_64-1.txz: Upgraded. k/kernel-source-4.14.75-noarch-1.txz: Upgraded. Config changes since 4.14.74: FB_HYPERV n -> m Thanks to walecha. l/librsvg-2.44.7-x86_64-1.txz: Upgraded. l/python-pillow-5.3.0-x86_64-1.txz: Upgraded. n/nghttp2-1.34.0-x86_64-1.txz: Upgraded. x/libSM-1.2.3-x86_64-1.txz: Upgraded. x/libX11-1.6.7-x86_64-1.txz: Upgraded. x/libdrm-2.4.95-x86_64-1.txz: Upgraded. x/libxcb-1.13.1-x86_64-1.txz: Upgraded. x/vulkan-sdk-1.1.85.0-x86_64-1.txz: Upgraded. Thanks to dugan. xap/gnuplot-5.2.5-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
170 lines
4.3 KiB
Diff
170 lines
4.3 KiB
Diff
From b552b05251980f693c729e251f93f5225b400714 Mon Sep 17 00:00:00 2001
|
|
From: Paul Smith <psmith@gnu.org>
|
|
Date: Sat, 3 Jun 2017 16:20:51 -0400
|
|
Subject: [SV 51159] Use a non-blocking read with pselect to avoid hangs.
|
|
|
|
* posixos.c (set_blocking): Set blocking on a file descriptor.
|
|
(jobserver_setup): Set non-blocking on the jobserver read side.
|
|
(jobserver_parse_auth): Ditto.
|
|
(jobserver_acquire_all): Set blocking to avoid a busy-wait loop.
|
|
(jobserver_acquire): If the non-blocking read() returns without
|
|
taking a token then try again.
|
|
---
|
|
posixos.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++-----------------
|
|
1 file changed, 71 insertions(+), 26 deletions(-)
|
|
|
|
diff --git a/posixos.c b/posixos.c
|
|
index e642d7f..dbafa51 100644
|
|
--- a/posixos.c
|
|
+++ b/posixos.c
|
|
@@ -62,6 +62,24 @@ make_job_rfd (void)
|
|
#endif
|
|
}
|
|
|
|
+static void
|
|
+set_blocking (int fd, int blocking)
|
|
+{
|
|
+ // If we're not using pselect() don't change the blocking
|
|
+#ifdef HAVE_PSELECT
|
|
+ int flags;
|
|
+ EINTRLOOP (flags, fcntl (fd, F_GETFL));
|
|
+ if (flags >= 0)
|
|
+ {
|
|
+ int r;
|
|
+ flags = blocking ? (flags & ~O_NONBLOCK) : (flags | O_NONBLOCK);
|
|
+ EINTRLOOP (r, fcntl (fd, F_SETFL, flags));
|
|
+ if (r < 0)
|
|
+ pfatal_with_name ("fcntl(O_NONBLOCK)");
|
|
+ }
|
|
+#endif
|
|
+}
|
|
+
|
|
unsigned int
|
|
jobserver_setup (int slots)
|
|
{
|
|
@@ -86,6 +104,9 @@ jobserver_setup (int slots)
|
|
pfatal_with_name (_("init jobserver pipe"));
|
|
}
|
|
|
|
+ /* When using pselect() we want the read to be non-blocking. */
|
|
+ set_blocking (job_fds[0], 0);
|
|
+
|
|
return 1;
|
|
}
|
|
|
|
@@ -121,6 +142,9 @@ jobserver_parse_auth (const char *auth)
|
|
return 0;
|
|
}
|
|
|
|
+ /* When using pselect() we want the read to be non-blocking. */
|
|
+ set_blocking (job_fds[0], 0);
|
|
+
|
|
return 1;
|
|
}
|
|
|
|
@@ -169,7 +193,10 @@ jobserver_acquire_all (void)
|
|
{
|
|
unsigned int tokens = 0;
|
|
|
|
- /* Close the write side, so the read() won't hang. */
|
|
+ /* Use blocking reads to wait for all outstanding jobs. */
|
|
+ set_blocking (job_fds[0], 1);
|
|
+
|
|
+ /* Close the write side, so the read() won't hang forever. */
|
|
close (job_fds[1]);
|
|
job_fds[1] = -1;
|
|
|
|
@@ -236,18 +263,12 @@ jobserver_pre_acquire (void)
|
|
unsigned int
|
|
jobserver_acquire (int timeout)
|
|
{
|
|
- sigset_t empty;
|
|
- fd_set readfds;
|
|
struct timespec spec;
|
|
struct timespec *specp = NULL;
|
|
- int r;
|
|
- char intake;
|
|
+ sigset_t empty;
|
|
|
|
sigemptyset (&empty);
|
|
|
|
- FD_ZERO (&readfds);
|
|
- FD_SET (job_fds[0], &readfds);
|
|
-
|
|
if (timeout)
|
|
{
|
|
/* Alarm after one second (is this too granular?) */
|
|
@@ -256,28 +277,52 @@ jobserver_acquire (int timeout)
|
|
specp = &spec;
|
|
}
|
|
|
|
- r = pselect (job_fds[0]+1, &readfds, NULL, NULL, specp, &empty);
|
|
-
|
|
- if (r == -1)
|
|
+ while (1)
|
|
{
|
|
- /* Better be SIGCHLD. */
|
|
- if (errno != EINTR)
|
|
- pfatal_with_name (_("pselect jobs pipe"));
|
|
- return 0;
|
|
- }
|
|
+ fd_set readfds;
|
|
+ int r;
|
|
+ char intake;
|
|
|
|
- if (r == 0)
|
|
- /* Timeout. */
|
|
- return 0;
|
|
+ FD_ZERO (&readfds);
|
|
+ FD_SET (job_fds[0], &readfds);
|
|
|
|
- /* The read FD is ready: read it! */
|
|
- EINTRLOOP (r, read (job_fds[0], &intake, 1));
|
|
- if (r < 0)
|
|
- pfatal_with_name (_("read jobs pipe"));
|
|
+ r = pselect (job_fds[0]+1, &readfds, NULL, NULL, specp, &empty);
|
|
+ if (r < 0)
|
|
+ switch (errno)
|
|
+ {
|
|
+ case EINTR:
|
|
+ /* SIGCHLD will show up as an EINTR. */
|
|
+ return 0;
|
|
+
|
|
+ case EBADF:
|
|
+ /* Someone closed the jobs pipe.
|
|
+ That shouldn't happen but if it does we're done. */
|
|
+ O (fatal, NILF, _("job server shut down"));
|
|
|
|
- /* What does it mean if read() returns 0? It shouldn't happen because only
|
|
- the master make can reap all the tokens and close the write side...?? */
|
|
- return r > 0;
|
|
+ default:
|
|
+ pfatal_with_name (_("pselect jobs pipe"));
|
|
+ }
|
|
+
|
|
+ if (r == 0)
|
|
+ /* Timeout. */
|
|
+ return 0;
|
|
+
|
|
+ /* The read FD is ready: read it! This is non-blocking. */
|
|
+ EINTRLOOP (r, read (job_fds[0], &intake, 1));
|
|
+
|
|
+ if (r < 0)
|
|
+ {
|
|
+ /* Someone sniped our token! Try again. */
|
|
+ if (errno == EAGAIN)
|
|
+ continue;
|
|
+
|
|
+ pfatal_with_name (_("read jobs pipe"));
|
|
+ }
|
|
+
|
|
+ /* read() should never return 0: only the master make can reap all the
|
|
+ tokens and close the write side...?? */
|
|
+ return r > 0;
|
|
+ }
|
|
}
|
|
|
|
#else
|
|
--
|
|
cgit v1.0-41-gc330
|
|
|