1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
|
From 10e8001ad876d8cb3b5a17c7492e713bbc047975 Mon Sep 17 00:00:00 2001
From: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Date: Thu, 28 Mar 2019 18:31:29 -0400
Subject: [PATCH] Fix: getgrnam is not MT-Safe, use getgrnam_r
Running the test suite under a Yocto musl build resulted in musl
coredump due to double freeing.
We get the following backtraces:
0 a_crash () at ./arch/x86_64/atomic_arch.h:108
1 unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2 free (p=<optimized out>) at src/malloc/malloc.c:526
3 0x00007f46d9dc3849 in __getgrent_a (f=f@entry=0x7f46d9d1f7e0, gr=gr@entry=0x7f46d9e24460 <gr>, line=line@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=nmem@entry=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgrent_a.c:45
4 0x00007f46d9dc2e6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f46d9e24460 <gr>, buf=buf@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgr_a.c:30
5 0x00007f46d9dc3733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6 0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7 0x000000000044ee69 in thread_manage_health (data=<optimized out>) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/main.c:4115
8 0x00007f46d9de1541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
9 0x00007f46d9dee661 in __clone () at src/thread/x86_64/clone.s:22
From another run:
0 a_crash () at ./arch/x86_64/atomic_arch.h:108
1 unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2 free (p=<optimized out>) at src/malloc/malloc.c:526
3 0x00007f5abc210849 in __getgrent_a (f=f@entry=0x7f5abc2733e0, gr=gr@entry=0x7f5abc271460 <gr>, line=line@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=nmem@entry=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgrent_a.c:45
4 0x00007f5abc20fe6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f5abc271460 <gr>, buf=buf@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgr_a.c:30
5 0x00007f5abc210733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6 0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7 0x000000000042dee4 in notification_channel_socket_create () at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:238
8 init_thread_state (state=0x7f5abaef5560, handle=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:375
9 thread_notification (data=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:495
10 0x00007f5abc22e541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
11 0x00007f5abc23b661 in __clone () at src/thread/x86_64/clone.s:22
The problem was easily reproducible (~6 crash on ~300 runs). A prototype fix
using mutex around the getgrnam yielded no crash in over 1000 runs. This
patch yielded the same results as the prototype fix.
Unfortunately we cannot rely on a mutex in liblttng-ctl since we cannot
enforce the locking for the application using the lib.
Use getgrnam_r instead.
The previous implementation of utils_get_group_id returned the gid of
the root group (0) on error/not found. lttng_check_tracing_group needs
to know if an error/not found occured, returning the root group is not
enough. We now return the gid via the passed parameter. The caller is
responsible for either defaulting to the root group or propagating the
error.
We also do not want to warn when used in liblttng-ctl context. We might
want to move the warning elsewhere in the future. For now, pass a bool
if we need to warn or not.
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Upstream-Status: Submitted [https://patchwork.lttng.org/patch/2314703]
---
src/bin/lttng-consumerd/health-consumerd.c | 10 ++-
src/bin/lttng-relayd/health-relayd.c | 20 ++++--
src/bin/lttng-sessiond/main.c | 24 +++++--
src/bin/lttng-sessiond/notification-thread.c | 10 ++-
src/common/utils.c | 75 +++++++++++++++++---
src/common/utils.h | 4 +-
src/lib/lttng-ctl/lttng-ctl.c | 8 +--
7 files changed, 122 insertions(+), 29 deletions(-)
diff --git a/src/bin/lttng-consumerd/health-consumerd.c b/src/bin/lttng-consumerd/health-consumerd.c
index 1e2f31e4..6045401a 100644
--- a/src/bin/lttng-consumerd/health-consumerd.c
+++ b/src/bin/lttng-consumerd/health-consumerd.c
@@ -184,8 +184,14 @@ void *thread_manage_health(void *data)
is_root = !getuid();
if (is_root) {
/* lttng health client socket path permissions */
- ret = chown(health_unix_sock_path, 0,
- utils_get_group_id(tracing_group_name));
+ gid_t gid;
+
+ ret = utils_get_group_id(tracing_group_name, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group. */
+ }
+
+ ret = chown(health_unix_sock_path, 0, gid);
if (ret < 0) {
ERR("Unable to set group on %s", health_unix_sock_path);
PERROR("chown");
diff --git a/src/bin/lttng-relayd/health-relayd.c b/src/bin/lttng-relayd/health-relayd.c
index ba996621..962e88c4 100644
--- a/src/bin/lttng-relayd/health-relayd.c
+++ b/src/bin/lttng-relayd/health-relayd.c
@@ -105,8 +105,14 @@ static int create_lttng_rundir_with_perm(const char *rundir)
int is_root = !getuid();
if (is_root) {
- ret = chown(rundir, 0,
- utils_get_group_id(tracing_group_name));
+ gid_t gid;
+
+ ret = utils_get_group_id(tracing_group_name, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group.*/
+ }
+
+ ret = chown(rundir, 0, gid);
if (ret < 0) {
ERR("Unable to set group on %s", rundir);
PERROR("chown");
@@ -256,8 +262,14 @@ void *thread_manage_health(void *data)
is_root = !getuid();
if (is_root) {
/* lttng health client socket path permissions */
- ret = chown(health_unix_sock_path, 0,
- utils_get_group_id(tracing_group_name));
+ gid_t gid;
+
+ ret = utils_get_group_id(tracing_group_name, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group */
+ }
+
+ ret = chown(health_unix_sock_path, 0, gid);
if (ret < 0) {
ERR("Unable to set group on %s", health_unix_sock_path);
PERROR("chown");
diff --git a/src/bin/lttng-sessiond/main.c b/src/bin/lttng-sessiond/main.c
index fa6fa483..49307064 100644
--- a/src/bin/lttng-sessiond/main.c
+++ b/src/bin/lttng-sessiond/main.c
@@ -4112,8 +4112,14 @@ static void *thread_manage_health(void *data)
if (is_root) {
/* lttng health client socket path permissions */
- ret = chown(config.health_unix_sock_path.value, 0,
- utils_get_group_id(config.tracing_group_name.value));
+ gid_t gid;
+
+ ret = utils_get_group_id(config.tracing_group_name.value, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group */
+ }
+
+ ret = chown(config.health_unix_sock_path.value, 0, &gid);
if (ret < 0) {
ERR("Unable to set group on %s", config.health_unix_sock_path.value);
PERROR("chown");
@@ -5238,7 +5244,10 @@ static int set_permissions(char *rundir)
int ret;
gid_t gid;
- gid = utils_get_group_id(config.tracing_group_name.value);
+ ret = utils_get_group_id(config.tracing_group_name.value, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group */
+ }
/* Set lttng run dir */
ret = chown(rundir, 0, gid);
@@ -5349,7 +5358,14 @@ static int set_consumer_sockets(struct consumer_data *consumer_data)
goto error;
}
if (is_root) {
- ret = chown(path, 0, utils_get_group_id(config.tracing_group_name.value));
+ gid_t gid;
+
+ ret = utils_get_group_id(config.tracing_group_name.value, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group */
+ }
+
+ ret = chown(path, 0, gid);
if (ret < 0) {
ERR("Unable to set group on %s", path);
PERROR("chown");
diff --git a/src/bin/lttng-sessiond/notification-thread.c b/src/bin/lttng-sessiond/notification-thread.c
index 92ac597f..18a264d9 100644
--- a/src/bin/lttng-sessiond/notification-thread.c
+++ b/src/bin/lttng-sessiond/notification-thread.c
@@ -235,8 +235,14 @@ int notification_channel_socket_create(void)
}
if (getuid() == 0) {
- ret = chown(sock_path, 0,
- utils_get_group_id(config.tracing_group_name.value));
+ gid_t gid;
+
+ ret = utils_get_group_id(config.tracing_group_name.value, true, &gid);
+ if (ret) {
+ gid = 0; /* Default to root group. */
+ }
+
+ ret = chown(sock_path, 0, gid);
if (ret) {
ERR("Failed to set the notification channel socket's group");
ret = -1;
diff --git a/src/common/utils.c b/src/common/utils.c
index c0bb031e..778bc00f 100644
--- a/src/common/utils.c
+++ b/src/common/utils.c
@@ -1231,24 +1231,77 @@ size_t utils_get_current_time_str(const char *format, char *dst, size_t len)
}
/*
- * Return the group ID matching name, else 0 if it cannot be found.
+ * Return 0 on success and set *gid to the group_ID matching the passed name.
+ * Else -1 if it cannot be found or an error occurred.
*/
LTTNG_HIDDEN
-gid_t utils_get_group_id(const char *name)
+int utils_get_group_id(const char *name, bool warn, gid_t *gid)
{
- struct group *grp;
+ static volatile int warn_once;
- grp = getgrnam(name);
- if (!grp) {
- static volatile int warn_once;
+ int ret;
+ long sys_len;
+ size_t len;
+ struct group grp;
+ struct group *result;
+ char *buffer = NULL;
- if (!warn_once) {
- WARN("No tracing group detected");
- warn_once = 1;
+ /* Get the system limit if it exists */
+ sys_len = sysconf(_SC_GETGR_R_SIZE_MAX);
+ if (sys_len == -1) {
+ len = 1024;
+ } else {
+ len = (size_t) sys_len;
+ }
+
+ buffer = malloc(len);
+ if (!buffer) {
+ PERROR("getgrnam_r malloc");
+ ret = -1;
+ goto error;
+ }
+
+ while ((ret = getgrnam_r(name, &grp, buffer, len, &result)) == ERANGE)
+ {
+ /* Buffer is not big enough, increase its size. */
+ size_t new_len = 2 * len;
+ char *new_buffer = NULL;
+ if (new_len < len) {
+ ERR("getgrnam_r buffer size overflow");
+ ret = -1;
+ goto error;
+ }
+ len = new_len;
+ new_buffer = realloc(buffer, len);
+ if (!new_buffer) {
+ PERROR("getgrnam_r realloc");
+ ret = -1;
+ goto error;
}
- return 0;
+ buffer = new_buffer;
+ }
+ if (ret != 0) {
+ PERROR("getgrnam_r");
+ ret = -1;
+ goto error;
+ }
+
+ /* Group not found. */
+ if (!result) {
+ ret = -1;
+ goto error;
+ }
+
+ *gid = result->gr_gid;
+ ret = 0;
+
+error:
+ free(buffer);
+ if (ret && warn && !warn_once) {
+ WARN("No tracing group detected");
+ warn_once = 1;
}
- return grp->gr_gid;
+ return ret;
}
/*
diff --git a/src/common/utils.h b/src/common/utils.h
index 18f19ef1..9c72431d 100644
--- a/src/common/utils.h
+++ b/src/common/utils.h
@@ -22,6 +22,8 @@
#include <unistd.h>
#include <stdint.h>
#include <getopt.h>
+#include <stdbool.h>
+#include <sys/types.h>
#define KIBI_LOG2 10
#define MEBI_LOG2 20
@@ -52,7 +54,7 @@ int utils_get_count_order_u64(uint64_t x);
char *utils_get_home_dir(void);
char *utils_get_user_home_dir(uid_t uid);
size_t utils_get_current_time_str(const char *format, char *dst, size_t len);
-gid_t utils_get_group_id(const char *name);
+int utils_get_group_id(const char *name, bool warn, gid_t *gid);
char *utils_generate_optstring(const struct option *long_options,
size_t opt_count);
int utils_create_lock_file(const char *filepath);
diff --git a/src/lib/lttng-ctl/lttng-ctl.c b/src/lib/lttng-ctl/lttng-ctl.c
index 2d84aad9..561b0bcf 100644
--- a/src/lib/lttng-ctl/lttng-ctl.c
+++ b/src/lib/lttng-ctl/lttng-ctl.c
@@ -208,15 +208,13 @@ end:
LTTNG_HIDDEN
int lttng_check_tracing_group(void)
{
- struct group *grp_tracing; /* no free(). See getgrnam(3) */
- gid_t *grp_list;
+ gid_t *grp_list, tracing_gid;
int grp_list_size, grp_id, i;
int ret = -1;
const char *grp_name = tracing_group;
/* Get GID of group 'tracing' */
- grp_tracing = getgrnam(grp_name);
- if (!grp_tracing) {
+ if (utils_get_group_id(grp_name, false, &tracing_gid)) {
/* If grp_tracing is NULL, the group does not exist. */
goto end;
}
@@ -241,7 +239,7 @@ int lttng_check_tracing_group(void)
}
for (i = 0; i < grp_list_size; i++) {
- if (grp_list[i] == grp_tracing->gr_gid) {
+ if (grp_list[i] == tracing_gid) {
ret = 1;
break;
}
--
2.17.1
|
