From owner-svn-src-head@FreeBSD.ORG Wed Aug 20 15:13:24 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7CD15AC3; Wed, 20 Aug 2014 15:13:24 +0000 (UTC) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 00B5F3AF1; Wed, 20 Aug 2014 15:13:23 +0000 (UTC) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.14.9/8.14.9) with ESMTP id s7KFDAb2049645 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 20 Aug 2014 18:13:10 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.9.2 kib.kiev.ua s7KFDAb2049645 Received: (from kostik@localhost) by tom.home (8.14.9/8.14.9/Submit) id s7KFDA7t049644; Wed, 20 Aug 2014 18:13:10 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 20 Aug 2014 18:13:10 +0300 From: Konstantin Belousov To: Roger Pau Monn?? Subject: Re: svn commit: r265003 - head/secure/usr.sbin/sshd Message-ID: <20140820151310.GB2737@kib.kiev.ua> References: <201404270528.s3R5SEIm054377@svn.freebsd.org> <53F4B381.5010205@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hgy5D1otryeNPdmY" Content-Disposition: inline In-Reply-To: <53F4B381.5010205@FreeBSD.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on tom.home Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2014 15:13:24 -0000 --hgy5D1otryeNPdmY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 20, 2014 at 04:41:05PM +0200, Roger Pau Monn?? wrote: > On 27/04/14 07:28, Konstantin Belousov wrote: > > Author: kib > > Date: Sun Apr 27 05:28:14 2014 > > New Revision: 265003 > > URL: http://svnweb.freebsd.org/changeset/base/265003 > >=20 > > Log: > > Fix order of libthr and libc in the global dso list for sshd, by > > explicitely linking main binary with -lpthread. Before, libthr > > appeared in the list due to dependency of one of the kerberos libs. > > Due to the change in ld(1) behaviour of not copying NEEDED entries > > from direct dependencies into the link results, the order becomes > > reversed. > > =20 > > The libthr must appear before libc to properly interpose libc symbols > > and provide working rtld locks implementation. The symptom was sshd > > hanging on rtld bind lock during nested symbol binding from a signal > > handler. > > =20 > > Approved by: des (openssh maintainer) > > Sponsored by: The FreeBSD Foundation > > MFC after: 1 week > >=20 > > Modified: > > head/secure/usr.sbin/sshd/Makefile > >=20 > > Modified: head/secure/usr.sbin/sshd/Makefile > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > --- head/secure/usr.sbin/sshd/Makefile Sun Apr 27 05:19:01 2014 (r26500= 2) > > +++ head/secure/usr.sbin/sshd/Makefile Sun Apr 27 05:28:14 2014 (r26500= 3) > > @@ -57,6 +57,16 @@ CFLAGS+=3D -DNONE_CIPHER_ENABLED > > DPADD+=3D ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} > > LDADD+=3D -lcrypt -lcrypto -lz > > =20 > > +# Fix the order of NEEDED entries for libthr and libc. The libthr > > +# needs to interpose libc symbols, leaving the libthr loading as > > +# dependency of krb causes reversed order and broken interposing. Put > > +# the threading library last on the linker command line, just before > > +# the -lc added by a compiler driver. > > +.if ${MK_KERBEROS_SUPPORT} !=3D "no" > > +DPADD+=3D ${LIBPTHREAD} > > +LDADD+=3D -lpthread > > +.endif > > + > > .if defined(LOCALBASE) > > CFLAGS+=3D -DXAUTH_PATH=3D\"${LOCALBASE}/bin/xauth\" > > .endif >=20 > Hello, >=20 > This change makes the following simple test program fail on the second=20 > assert. The problem is that sa_handler =3D=3D SIG_DFL, and sa_flags =3D= =3D=20 > SA_SIGINFO, which according to the sigaction(9) man page is not=20 > possible. With this change reverted the test is successful. I do not quite follow. What are the relations between sshd and your test program ? Should the test be run somehow specially ? >=20 > --- > #include > #include > #include >=20 > int main(int argn, char **argv) > { > struct sigaction new, old; > int rc; >=20 > memset(&new, 0, sizeof(new)); > memset(&old, 0, sizeof(old)); >=20 > sigemptyset(&new.sa_mask); > new.sa_handler =3D SIG_DFL; > new.sa_flags =3D 0; >=20 > rc =3D sigaction(SIGCHLD, &new, &old); > assert(rc =3D=3D 0); > assert((old.sa_handler =3D=3D SIG_DFL || old.sa_handler =3D=3D SI= G_IGN) && > !(old.sa_flags & SA_SIGINFO)); >=20 > return (0); > } >=20 --hgy5D1otryeNPdmY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJT9LsGAAoJEJDCuSvBvK1BVvoP/2wZgcRcmIxcS2rpxDyYmeMO 4y8aNjJcWez9OFZTwRQpBMXnBgbzKT0ohQWQItGfcPp9WaRp4Ea/+FEQEaU1c5is 3R8sHIFbKPLkeWotec0Nl56QjDOOn2E4v+9MPCKz0eRR68seNDfViZxpcSSTXpf+ Y/hNsQl+rKMDLgOggNRe2CPa5LDHn9vgm8OOoQVSnvwPiOtp0KTvkMdU1PjUydfe 0rmx5kKvoMWE3BTDKAFbRDmTPHrC1MHxMwEJwIudbXdsTHJBVBvtDgwWkSkmPUPT I2NUD5AmZ8sQwVD1r9THFSpm/ToJ8I38CjKe8Y0sElb4fg6c8wJ5tH+4gcDAyBRz cTilZJj/UYqpt9DDJZM+F384UehWr9pOqQxwW4Vdpj/R1Yweyi5Oj350z9UBXXuP QIOAyxWQh2Mu3Xj6yRfld1swSowtEbpimhNrzLQadbyhRsnqwQcxXsXiawgCPl/r ktwZ6eKK4d97n6f35aE976+6M13bxZydU2WIVhV714Ok0ove2A4jGBxvPwym3Ncl gLvpbrxTBwcrm3MZuTfuAnkCUoDREc83bDwZ6ImSDoQxk60rhpGJIYTTg/HjxJw2 lHJn/th5eDjy7vVl7x8XKmqyzCSWwz4M9JSbaOiAuZcB/4Z7D1U94sJaGzFzL9Lh 0t4ggzLYJaKyIs6i1Ga9 =KKeI -----END PGP SIGNATURE----- --hgy5D1otryeNPdmY--