From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 21539 invoked from network); 16 Aug 2020 12:49:20 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 16 Aug 2020 12:49:20 -0000 Received: (qmail 29945 invoked by uid 550); 16 Aug 2020 12:49:15 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 29925 invoked from network); 16 Aug 2020 12:49:14 -0000 Date: Sun, 16 Aug 2020 14:48:54 +0200 From: Natanael Copa To: Rich Felker Cc: musl@lists.openwall.com Message-ID: <20200816144854.45f8da6b@ncopa-desktop.lan> In-Reply-To: <20200816012700.GV3265@brightrain.aerifal.cx> References: <20200814214136.GP3265@brightrain.aerifal.cx> <20200815095124.526ce794@vostro.wlan> <07D76F82-52CF-4CA1-9D6C-B30A94F728B1@alpinelinux.org> <20200815162547.GU3265@brightrain.aerifal.cx> <20200816012700.GV3265@brightrain.aerifal.cx> X-Mailer: Claws Mail 3.17.6 (GTK+ 2.24.32; x86_64-alpine-linux-musl) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: [musl] Restrictions on child context after multithreaded fork On Sat, 15 Aug 2020 21:27:00 -0400 Rich Felker wrote: > On Sat, Aug 15, 2020 at 12:25:47PM -0400, Rich Felker wrote: > > On Sat, Aug 15, 2020 at 01:51:00PM +0200, Natanael Copa wrote: > > > xfce4-terminal was more or less completely useless so I had to add a workaround for it in two patches: > > > > > > First uncover a useless setenv. Even the comment in the code says that it has no effect: > > > https://git.alpinelinux.org/aports/commit/community/vte3?id=ad687b01b2a5fa9d53fcd9d0ee3743882f3542b4 > > > > > > In the second patch I use some of the hunks in the upstream and replace malloc with alloca: > > > https://git.alpinelinux.org/aports/commit/community/vte3?id=161434fcb87807dae40dffdd332db1624b747bc7 > > > > > > After that xfce4-terminal becomes useable again. > > > > I'm not sure whether the alloca is safe. The parent could just do this > > allocation *before fork* rather than waiting til the last minute to do > > it. The data does not change between fork and exec. Note that the glib > > fix cited above did this right. That's why I called it a workaround and not a fix. They did refactor the code but didn't want to backport it. > > > > The hardcoded fallback for fd limit seems like a bad idea, and I don't > > think I understand your fallback sequence. It looks like RLIM_INFINITY > > gets reinterpreted as 4096. I'm not sure how it should be interpreted; > > in principle, probably as INT_MAX+1U. This is again exposing how the > > whole "close-all" idiom is horribly wrong and these libraries should > > just be documenting that you must use O_CLOEXEC correctly if you don't > > want them to leak file descriptors. > > Fortunately it looks like Linux doesn't let you set RLIM_INFINITY for > RLIM_NOFILE. The value of the rlimit is limited by sysctl fs.nr_open, > and fs.nr_open is limited between sysctl_nr_open_min (==BITS_PER_LONG) > and sysctl_nr_open_max. The latter is INT_MAX/8*8 on 64-bit archs, and > SIZE_MAX/16*4 on 32-bit archs. But in any case, on Linux, you can rely > on sysctl(_SC_OPEN_MAX) to give an actual meaningful number that fits > in the range of long, not -1/unlimited, and thus the invalid fallback > case is never hit. > > Rich I think you have good points. Would be good to forward those upstream: https://gitlab.gnome.org/GNOME/vte/-/commit/ed78b9e2ec47675a9dccf045caca4d7a0b6c9fe8 -nc