diff options
Diffstat (limited to 'debian/patches/startup-0005-startup-do-not-pass-signals-on-to-the-child.patch')
| -rw-r--r-- | debian/patches/startup-0005-startup-do-not-pass-signals-on-to-the-child.patch | 251 |
1 files changed, 251 insertions, 0 deletions
diff --git a/debian/patches/startup-0005-startup-do-not-pass-signals-on-to-the-child.patch b/debian/patches/startup-0005-startup-do-not-pass-signals-on-to-the-child.patch new file mode 100644 index 00000000..33046438 --- /dev/null +++ b/debian/patches/startup-0005-startup-do-not-pass-signals-on-to-the-child.patch @@ -0,0 +1,251 @@ +From b7eed065f9118964dc875e4f03c8b07332b44a65 Mon Sep 17 00:00:00 2001 +From: Justus Winter <4winter@informatik.uni-hamburg.de> +Date: Wed, 18 Sep 2013 22:58:11 +0200 +Subject: [PATCH 5/8] startup: do not pass signals on to the child + +Formerly /hurd/startup would forward all signals to the child it +started (e.g. /libexec/runsystem). + +The motivation for doing so is not revealed in the comments, nor it is +mentioned in the history of the version control system. + +This patch removes the forwarding of signals to the child. + +* startup/startup.c (process_signal): Do not pass signals on to the child. +* startup/stubs.c: Remove file. +* startup/Makefile: Remove stubs.c. +--- + startup/Makefile | 2 +- + startup/startup.c | 49 ------------------- + startup/stubs.c | 139 ------------------------------------------------------ + 3 files changed, 1 insertion(+), 189 deletions(-) + delete mode 100644 startup/stubs.c + +diff --git a/startup/Makefile b/startup/Makefile +index 2d6b892..277fee4 100644 +--- a/startup/Makefile ++++ b/startup/Makefile +@@ -18,7 +18,7 @@ + dir := startup + makemode := server + +-SRCS = startup.c stubs.c ++SRCS = startup.c + OBJS = $(SRCS:.c=.o) \ + startupServer.o notifyServer.o startup_replyUser.o msgServer.o \ + startup_notifyUser.o +diff --git a/startup/startup.c b/startup/startup.c +index 29269a6..4c91d4c 100644 +--- a/startup/startup.c ++++ b/startup/startup.c +@@ -904,9 +904,6 @@ frob_kernel_process (void) + static pid_t child_pid; /* PID of the child we run */ + static task_t child_task; /* and its (original) task port */ + +-error_t send_signal (mach_port_t msgport, int signal, mach_port_t refport, +- mach_msg_timeout_t); +- + static void launch_something (const char *why); + + +@@ -965,52 +962,6 @@ process_signal (int signo) + } + } + } +- else +- { +- /* Pass the signal on to the child. */ +- task_t task; +- error_t err; +- +- err = proc_pid2task (procserver, child_pid, &task); +- if (err) +- { +- error (0, err, "proc_pid2task on %d", child_pid); +- task = child_task; +- } +- else +- { +- mach_port_deallocate (mach_task_self (), child_task); +- child_task = task; +- } +- +- if (signo == SIGKILL) +- { +- err = task_terminate (task); +- if (err != MACH_SEND_INVALID_DEST) +- error (0, err, "task_terminate"); +- } +- else +- { +- mach_port_t msgport; +- err = proc_getmsgport (procserver, child_pid, &msgport); +- if (err) +- error (0, err, "proc_getmsgport"); +- else +- { +- err = send_signal (msgport, signo, task, +- 500); /* Block only half a second. */ +- mach_port_deallocate (mach_task_self (), msgport); +- if (err) +- { +- error (0, err, "cannot send %s to child %d", +- strsignal (signo), child_pid); +- err = task_terminate (task); +- if (err != MACH_SEND_INVALID_DEST) +- error (0, err, "task_terminate"); +- } +- } +- } +- } + } + + /* Start the child program PROG. It is run via /libexec/console-run +diff --git a/startup/stubs.c b/startup/stubs.c +deleted file mode 100644 +index 5292ab6..0000000 +--- a/startup/stubs.c ++++ /dev/null +@@ -1,139 +0,0 @@ +-/* By-hand stubs for some RPC calls +- Copyright (C) 1994,96,99,2000 Free Software Foundation, Inc. +- +- This program is free software; you can redistribute it and/or +- modify it under the terms of the GNU General Public License as +- published by the Free Software Foundation; either version 2, or (at +- your option) any later version. +- +- This program is distributed in the hope that it will be useful, but +- WITHOUT ANY WARRANTY; without even the implied warranty of +- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- General Public License for more details. +- +- You should have received a copy of the GNU General Public License +- along with this program; if not, write to the Free Software +- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +- +-#include <stdlib.h> +-#include <hurd/hurd_types.h> +-#include <mach.h> +-#include <string.h> +-#include <assert.h> +- +-/* From hurd/msg.defs: */ +-#define RPCID_SIG_POST 23000 +- +- +-/* Send signal SIGNO to MSGPORT with REFPORT as reference. Don't +- block in any fashion. */ +-error_t +-send_signal (mach_port_t msgport, +- int signal, +- mach_port_t refport, +- mach_msg_timeout_t timeout) +-{ +- error_t err; +- +- /* This message buffer might be modified by mach_msg in some error cases, +- so we cannot safely reuse a static buffer. */ +- struct +- { +- mach_msg_header_t head; +- mach_msg_type_t signaltype; +- int signal; +- mach_msg_type_t sigcode_type; +- natural_t sigcode; +- mach_msg_type_t refporttype; +- mach_port_t refport; +- } +- message = +- { +- { +- /* Message header: */ +- (MACH_MSGH_BITS_COMPLEX +- | MACH_MSGH_BITS (MACH_MSG_TYPE_COPY_SEND, +- MACH_MSG_TYPE_MAKE_SEND_ONCE)), /* msgh_bits */ +- sizeof message, /* msgh_size */ +- msgport, /* msgh_remote_port */ +- MACH_PORT_NULL, /* msgh_local_port */ +- 0, /* msgh_seqno */ +- RPCID_SIG_POST, /* msgh_id */ +- }, +- { +- /* Type descriptor for signo */ +- MACH_MSG_TYPE_INTEGER_32, /* msgt_name */ +- 32, /* msgt_size */ +- 1, /* msgt_number */ +- 1, /* msgt_inline */ +- 0, /* msgt_longform */ +- 0, /* msgt_deallocate */ +- 0, /* msgt_unused */ +- }, +- /* Signal number */ +- signal, +- /* Type descriptor for sigcode */ +- { +- MACH_MSG_TYPE_INTEGER_32, /* msgt_name */ +- 32, /* msgt_size */ +- 1, /* msgt_number */ +- 1, /* msgt_inline */ +- 0, /* msgt_longform */ +- 0, /* msgt_deallocate */ +- 0, /* msgt_unused */ +- }, +- /* Sigcode */ +- 0, +- { +- /* Type descriptor for refport */ +- MACH_MSG_TYPE_COPY_SEND, /* msgt_name */ +- 32, /* msgt_size */ +- 1, /* msgt_number */ +- 1, /* msgt_inline */ +- 0, /* msgt_longform */ +- 0, /* msgt_deallocate */ +- 0, /* msgt_unused */ +- }, +- /* Reference port */ +- refport +- }; +- +- err = mach_msg (&message.head, +- MACH_SEND_MSG|MACH_SEND_TIMEOUT, sizeof message, 0, +- MACH_PORT_NULL, timeout, MACH_PORT_NULL); +- +- switch (err) +- { +- case MACH_SEND_TIMED_OUT: +- /* The send could not complete in time. In this error case, the +- kernel has modified the message buffer in a pseudo-receive +- operation. That means our COPY_SEND refs might now be MOVE_SEND +- refs, in which case each has gained user ref accordingly. To +- avoid leaking those refs, we must clean up the buffer. We don't +- use mach_msg_destroy because it assumes the local/remote ports in +- the header have been reversed as from a real receive, while a +- pseudo-receive leaves them as they were. */ +- if (MACH_MSGH_BITS_REMOTE (message.head.msgh_bits) +- == MACH_MSG_TYPE_MOVE_SEND) +- mach_port_deallocate (mach_task_self (), +- message.head.msgh_remote_port); +- if (message.refporttype.msgt_name == MACH_MSG_TYPE_MOVE_SEND) +- mach_port_deallocate (mach_task_self (), message.refport); +- break; +- +- /* These are the other codes that mean a pseudo-receive modified +- the message buffer and we might need to clean up the send rights. +- None of them should be possible in our usage. */ +- case MACH_SEND_INTERRUPTED: +- case MACH_SEND_INVALID_NOTIFY: +- case MACH_SEND_NO_NOTIFY: +- case MACH_SEND_NOTIFY_IN_PROGRESS: +- assert_perror (err); +- break; +- +- default: /* Other errors are safe to ignore. */ +- break; +- } +- +- return err; +-} +-- +2.1.0 + |