Skip to content

Commit 9ff27d2

Browse files
committed
No need to pass signal mask to child since we unblock early.
Previously, signals were blocked until shortly before execve(). Now that signals handlers are installed early and signals are unblocked before fork we don't need to do this.
1 parent 7699820 commit 9ff27d2

6 files changed

Lines changed: 13 additions & 20 deletions

File tree

src/exec.c

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -247,8 +247,7 @@ exec_setup(struct command_details *details, int intercept_fd, int errfd)
247247
* If the exec fails, cstat is filled in with the value of errno.
248248
*/
249249
void
250-
exec_cmnd(struct command_details *details, sigset_t *mask,
251-
int intercept_fd, int errfd)
250+
exec_cmnd(struct command_details *details, int intercept_fd, int errfd)
252251
{
253252
debug_decl(exec_cmnd, SUDO_DEBUG_EXEC);
254253

@@ -262,8 +261,6 @@ exec_cmnd(struct command_details *details, sigset_t *mask,
262261
}
263262
#endif /* HAVE_PTRACE_INTERCEPT */
264263

265-
if (mask != NULL)
266-
sigprocmask(SIG_SETMASK, mask, NULL);
267264
restore_signals();
268265
if (exec_setup(details, intercept_fd, errfd) == true) {
269266
/* headed for execve() */
@@ -476,7 +473,7 @@ sudo_execute(struct command_details *details,
476473
*/
477474
if (direct_exec_allowed(details)) {
478475
if (!sudo_terminated(cstat)) {
479-
exec_cmnd(details, NULL, -1, -1);
476+
exec_cmnd(details, -1, -1);
480477
cstat->type = CMD_ERRNO;
481478
cstat->val = errno;
482479
}

src/exec_monitor.c

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -345,8 +345,8 @@ mon_backchannel_cb(int fd, int what, void *v)
345345
* Returns only if execve() fails.
346346
*/
347347
static void
348-
exec_cmnd_pty(struct command_details *details, sigset_t *mask,
349-
bool foreground, int intercept_fd, int errfd)
348+
exec_cmnd_pty(struct command_details *details, bool foreground,
349+
int intercept_fd, int errfd)
350350
{
351351
volatile pid_t self = getpid();
352352
debug_decl(exec_cmnd_pty, SUDO_DEBUG_EXEC);
@@ -396,7 +396,7 @@ exec_cmnd_pty(struct command_details *details, sigset_t *mask,
396396
/* Execute command; only returns on error. */
397397
sudo_debug_printf(SUDO_DEBUG_INFO, "executing %s in the %s",
398398
details->command, foreground ? "foreground" : "background");
399-
exec_cmnd(details, mask, intercept_fd, errfd);
399+
exec_cmnd(details, intercept_fd, errfd);
400400

401401
debug_return;
402402
}
@@ -542,12 +542,11 @@ pty_make_controlling(const char *follower)
542542
* resets signal handlers and forks a child to call exec_cmnd_pty().
543543
* Waits for status changes from the command and relays them to the
544544
* parent and relays signals from the parent to the command.
545-
* Must be called with signals blocked and the old signal mask in oset.
546545
* Returns an error if fork(2) fails, else calls _exit(2).
547546
*/
548547
int
549-
exec_monitor(struct command_details *details, sigset_t *oset,
550-
bool foreground, int backchannel, int intercept_fd)
548+
exec_monitor(struct command_details *details, bool foreground,
549+
int backchannel, int intercept_fd)
551550
{
552551
struct monitor_closure mc;
553552
struct command_status cstat;
@@ -622,9 +621,6 @@ exec_monitor(struct command_details *details, sigset_t *oset,
622621
*/
623622
init_exec_events_monitor(&mc, errsock[0]);
624623

625-
/* Restore signal mask now that signal handlers are setup. */
626-
sigprocmask(SIG_SETMASK, oset, NULL);
627-
628624
mc.cmnd_pid = sudo_debug_fork();
629625
switch (mc.cmnd_pid) {
630626
case -1:
@@ -641,7 +637,7 @@ exec_monitor(struct command_details *details, sigset_t *oset,
641637
close(backchannel);
642638
close(errsock[0]);
643639
/* setup tty and exec command */
644-
exec_cmnd_pty(details, oset, foreground, intercept_fd, errsock[1]);
640+
exec_cmnd_pty(details, foreground, intercept_fd, errsock[1]);
645641
if (send(errsock[1], &errno, sizeof(int), 0) == -1)
646642
sudo_warn(U_("unable to execute %s"), details->command);
647643
_exit(EXIT_FAILURE);

src/exec_nopty.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -647,7 +647,7 @@ exec_nopty(struct command_details *details,
647647
close(io_pipe[STDERR_FILENO][0]);
648648
close(io_pipe[STDERR_FILENO][1]);
649649
}
650-
exec_cmnd(details, &oset, intercept_sv[1], errpipe[1]);
650+
exec_cmnd(details, intercept_sv[1], errpipe[1]);
651651
while (write(errpipe[1], &errno, sizeof(int)) == -1) {
652652
if (errno != EINTR)
653653
break;

src/exec_pty.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1375,7 +1375,7 @@ exec_pty(struct command_details *details,
13751375
* from /dev/tty. In this case, we rely on the command receiving
13761376
* SIGTTOU or SIGTTIN when it needs access to the controlling tty.
13771377
*/
1378-
exec_monitor(details, &oset, cmnd_foreground, sv[1], intercept_sv[1]);
1378+
exec_monitor(details, cmnd_foreground, sv[1], intercept_sv[1]);
13791379
cstat->type = CMD_ERRNO;
13801380
cstat->val = errno;
13811381
if (send(sv[1], cstat, sizeof(*cstat), 0) == -1) {

src/regress/intercept/test_ptrace.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ main(int argc, char *argv[])
188188
if (!set_exec_filter())
189189
_exit(EXIT_FAILURE);
190190

191-
/* Child waits until tracer seizes control and sends SIGUSR1. */
191+
/* Child waits until tracer seizes control and sends a message. */
192192
close(intercept_sv[0]);
193193
recv(intercept_sv[1], &ch, sizeof(ch), 0);
194194

src/sudo_exec.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -176,7 +176,7 @@ union sudo_token_un {
176176

177177
/* exec.c */
178178
struct stat;
179-
void exec_cmnd(struct command_details *details, sigset_t *mask, int intercept_fd, int errfd);
179+
void exec_cmnd(struct command_details *details, int intercept_fd, int errfd);
180180
void terminate_command(pid_t pid, bool use_pgrp);
181181
bool sudo_terminated(struct command_status *cstat);
182182
void free_exec_closure(struct exec_closure *ec);
@@ -215,7 +215,7 @@ bool exec_pty(struct command_details *details, const struct user_details *user_d
215215
extern int io_fds[6];
216216

217217
/* exec_monitor.c */
218-
int exec_monitor(struct command_details *details, sigset_t *omask, bool foreground, int backchannel, int intercept_fd);
218+
int exec_monitor(struct command_details *details, bool foreground, int backchannel, int intercept_fd);
219219

220220
/* utmp.c */
221221
bool utmp_login(const char *from_line, const char *to_line, int ttyfd,

0 commit comments

Comments
 (0)