From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 15127 invoked from network); 16 Aug 2020 01:27:15 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 16 Aug 2020 01:27:15 -0000 Received: (qmail 9325 invoked by uid 550); 16 Aug 2020 01:27:13 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 9307 invoked from network); 16 Aug 2020 01:27:12 -0000 Date: Sat, 15 Aug 2020 21:27:00 -0400 From: Rich Felker To: musl@lists.openwall.com Message-ID: <20200816012700.GV3265@brightrain.aerifal.cx> References: <20200814214136.GP3265@brightrain.aerifal.cx> <20200815095124.526ce794@vostro.wlan> <07D76F82-52CF-4CA1-9D6C-B30A94F728B1@alpinelinux.org> <20200815162547.GU3265@brightrain.aerifal.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200815162547.GU3265@brightrain.aerifal.cx> User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: [musl] Restrictions on child context after multithreaded fork On Sat, Aug 15, 2020 at 12:25:47PM -0400, Rich Felker wrote: > On Sat, Aug 15, 2020 at 01:51:00PM +0200, Natanael Copa wrote: > > xfce4-terminal was more or less completely useless so I had to add a workaround for it in two patches: > > > > First uncover a useless setenv. Even the comment in the code says that it has no effect: > > https://git.alpinelinux.org/aports/commit/community/vte3?id=ad687b01b2a5fa9d53fcd9d0ee3743882f3542b4 > > > > In the second patch I use some of the hunks in the upstream and replace malloc with alloca: > > https://git.alpinelinux.org/aports/commit/community/vte3?id=161434fcb87807dae40dffdd332db1624b747bc7 > > > > After that xfce4-terminal becomes useable again. > > I'm not sure whether the alloca is safe. The parent could just do this > allocation *before fork* rather than waiting til the last minute to do > it. The data does not change between fork and exec. Note that the glib > fix cited above did this right. > > The hardcoded fallback for fd limit seems like a bad idea, and I don't > think I understand your fallback sequence. It looks like RLIM_INFINITY > gets reinterpreted as 4096. I'm not sure how it should be interpreted; > in principle, probably as INT_MAX+1U. This is again exposing how the > whole "close-all" idiom is horribly wrong and these libraries should > just be documenting that you must use O_CLOEXEC correctly if you don't > want them to leak file descriptors. Fortunately it looks like Linux doesn't let you set RLIM_INFINITY for RLIM_NOFILE. The value of the rlimit is limited by sysctl fs.nr_open, and fs.nr_open is limited between sysctl_nr_open_min (==BITS_PER_LONG) and sysctl_nr_open_max. The latter is INT_MAX/8*8 on 64-bit archs, and SIZE_MAX/16*4 on 32-bit archs. But in any case, on Linux, you can rely on sysctl(_SC_OPEN_MAX) to give an actual meaningful number that fits in the range of long, not -1/unlimited, and thus the invalid fallback case is never hit. Rich