From: Steve Dickson <steved@redhat.com>
To: Ian Kent <raven@themaw.net>,
Charles Hedrick <hedrick@rutgers.edu>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>
Subject: Re: probable big in nfs-utils
Date: Sun, 6 Oct 2024 08:43:42 -0400 [thread overview]
Message-ID: <ef43bc4b-c445-4a0e-aaac-6cb57aca7c35@redhat.com> (raw)
In-Reply-To: <b6744232-7d0b-4278-a71a-b9d744b8372d@themaw.net>
On 10/4/24 10:58 PM, Ian Kent wrote:
> Here we go again ...
>
> On 5/10/24 10:47, Ian Kent wrote:
>> Umm, let's try that again ...
>>
>> On 5/10/24 10:41, Ian Kent wrote:
>>> Hi Steve,
>>>
>>> On 5/10/24 03:54, Steve Dickson wrote:
>>>> Hello,
>>>>
>>>> On 10/4/24 2:14 PM, Charles Hedrick wrote:
>>>>> While looking into a problem that turns out to be somewhere else, I
>>>>> noticed that in gssd_proc.c , getpwuid is used. The context is
>>>>> threaded, and I verified with strace that the thread is sharing
>>>>> memory with other threads. I believe this should be changed to
>>>>> getpwuid_r. Similarly the following call to getpwnam.
>>>>>
>>>>> Is this the right place for reports on nfs-utils?
>>>> Yes... but I'm not a fan of change code, that been around
>>>> for a while, without fixing a problem... What problem does changing
>>>> getpwuid to getpwuid_r fix?
>>>>
>>>> Patches are always welcome!
>>>>
>>>> steved.
>>>>
>>>>
>>>
>>> Yeah, getpwuid(3) and getpwnam() aren't thread safe and presumably
>>> gssd is a service so it
>>>
>>> could have multiple concurrent callers.
>>>
>>>
>
> [PATCH} nfs-utils: use getpwuid_r() and getpwnam_r() in gssd
>
>
> gssd uses getpwuid(3) and getpwnam(3) in a pthreads context but
> these functions are not thread safe.
>
> Signed-off-by: Ian Kent <raven@themaw.net>
>
> diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
> index 2ad84c59..2a376b8f 100644
> --- a/utils/gssd/gssd_proc.c
> +++ b/utils/gssd/gssd_proc.c
> @@ -489,7 +489,10 @@ success:
> static int
> change_identity(uid_t uid)
> {
> - struct passwd *pw;
> + struct passwd pw;
> + struct passwd *ppw;
> + char *pw_tmp;
> + long tmplen;
> int res;
>
> /* drop list of supplimentary groups first */
> @@ -502,15 +505,25 @@ change_identity(uid_t uid)
> return errno;
> }
>
> + tmplen = sysconf(_SC_GETPW_R_SIZE_MAX);
> + if (tmplen < 0)
> + bufsize = 16384;
> +
> + pw_tmp = malloc(tmplen);
> + if (!pw_tmp) {
> + printerr(0, "WARNING: unable to allocate passwd buffer\n");
> + return errno ? errno : ENOMEM;
> + }
> +
> /* try to get pwent for user */
> - pw = getpwuid(uid);
> - if (!pw) {
> + res = getpwuid_r(uid, &pw, pw_tmp, tmplen, &ppw);
> + if (!ppw) {
> /* if that doesn't work, try to get one for "nobody" */
> - errno = 0;
> - pw = getpwnam("nobody");
> - if (!pw) {
> + res = getpwnam_r("nobody", &pw, pw_tmp, tmplen, &ppw);
> + if (!ppw) {
> printerr(0, "WARNING: unable to determine gid
> for uid %u\n", uid);
> - return errno ? errno : ENOENT;
> + free(pw_tmp);
> + return res ? res : ENOENT;
> }
> }
>
> @@ -521,12 +534,13 @@ change_identity(uid_t uid)
> * other threads. To bypass this, we have to call syscall()
> directly.
> */
> #ifdef __NR_setresgid32
> - res = syscall(SYS_setresgid32, pw->pw_gid, pw->pw_gid, pw->pw_gid);
> + res = syscall(SYS_setresgid32, pw.pw_gid, pw.pw_gid, pw.pw_gid);
> #else
> - res = syscall(SYS_setresgid, pw->pw_gid, pw->pw_gid, pw->pw_gid);
> + res = syscall(SYS_setresgid, pw.pw_gid, pw.pw_gid, pw.pw_gid);
> #endif
> + free(pw_tmp);
> if (res != 0) {
> - printerr(0, "WARNING: failed to set gid to %u!\n", pw-
> >pw_gid);
> + printerr(0, "WARNING: failed to set gid to %u!\n",
> pw.pw_gid);
> return errno;
> }
>
>
checking file utils/gssd/gssd_proc.c
Hunk #1 FAILED at 489.
Hunk #2 FAILED at 502.
Hunk #3 FAILED at 521.
3 out of 3 hunks FAILED
What branch are you applying this patch to?
Maybe it is me copying the patch over...
Try git format-patch that seems to work.
steved.
next prev parent reply other threads:[~2024-10-06 12:43 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-04 18:14 probable big in nfs-utils Charles Hedrick
2024-10-04 19:54 ` Steve Dickson
2024-10-05 2:41 ` Ian Kent
2024-10-05 2:47 ` Ian Kent
2024-10-05 2:52 ` Ian Kent
2024-10-05 2:58 ` Ian Kent
2024-10-06 12:43 ` Steve Dickson [this message]
2024-10-06 23:53 ` Ian Kent
2024-10-18 13:10 ` Steve Dickson
2024-10-18 23:19 ` Ian Kent
2024-10-19 12:40 ` Steve Dickson
2024-10-21 0:46 ` Ian Kent
2024-10-23 0:51 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ef43bc4b-c445-4a0e-aaac-6cb57aca7c35@redhat.com \
--to=steved@redhat.com \
--cc=hedrick@rutgers.edu \
--cc=linux-nfs@vger.kernel.org \
--cc=raven@themaw.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox