Fix: libc internal mutex races with run_as

[lttng-tools.git] / src / bin / lttng-consumerd / lttng-consumerd.c

diff --git a/src/bin/lttng-consumerd/lttng-consumerd.c b/src/bin/lttng-consumerd/lttng-consumerd.c
index b43e8f1503869c857889f85ba177fd95357ec9b6..7ecbe7a3439a9f148719289a703da8014968357a 100644 (file)
--- a/src/bin/lttng-consumerd/lttng-consumerd.c
+++ b/src/bin/lttng-consumerd/lttng-consumerd.c
@@ -47,6 +47,7 @@
 #include <common/consumer.h>
 #include <common/consumer-timer.h>
 #include <common/compat/poll.h>
+#include <common/compat/getenv.h>
 #include <common/sessiond-comm/sessiond-comm.h>
 #include <common/utils.h>
 
@@ -108,7 +109,9 @@ static void sighandler(int sig)
                return;
        }
 
-       lttng_consumer_should_exit(ctx);
+       if (ctx) {
+               lttng_consumer_should_exit(ctx);
+       }
 }
 
 /*
@@ -223,16 +226,31 @@ static int parse_args(int argc, char **argv)
                        }
                        break;
                case 'c':
-                       snprintf(command_sock_path, PATH_MAX, "%s", optarg);
+                       if (lttng_is_setuid_setgid()) {
+                               WARN("Getting '%s' argument from setuid/setgid binary refused for security reasons.",
+                                       "-c, --consumerd-cmd-sock");
+                       } else {
+                               snprintf(command_sock_path, PATH_MAX, "%s", optarg);
+                       }
                        break;
                case 'e':
-                       snprintf(error_sock_path, PATH_MAX, "%s", optarg);
+                       if (lttng_is_setuid_setgid()) {
+                               WARN("Getting '%s' argument from setuid/setgid binary refused for security reasons.",
+                                       "-e, --consumerd-err-sock");
+                       } else {
+                               snprintf(error_sock_path, PATH_MAX, "%s", optarg);
+                       }
                        break;
                case 'd':
                        opt_daemon = 1;
                        break;
                case 'g':
-                       tracing_group_name = optarg;
+                       if (lttng_is_setuid_setgid()) {
+                               WARN("Getting '%s' argument from setuid/setgid binary refused for security reasons.",
+                                       "-g, --group");
+                       } else {
+                               tracing_group_name = optarg;
+                       }
                        break;
                case 'h':
                        usage(stdout);
@@ -296,6 +314,7 @@ int main(int argc, char **argv)
 {
        int ret = 0, retval = 0;
        void *status;
+       struct lttng_consumer_local_data *tmp_ctx;
 
        if (set_signal_handler()) {
                retval = -1;
@@ -346,7 +365,10 @@ int main(int argc, char **argv)
        }
 
        /* Set up max poll set size */
-       lttng_poll_set_max_size();
+       if (lttng_poll_set_max_size()) {
+               retval = -1;
+               goto exit_init_data;
+       }
 
        if (*command_sock_path == '\0') {
                switch (opt_type) {
@@ -400,6 +422,10 @@ int main(int argc, char **argv)
                set_ulimit();
        }
 
+       if (run_as_create_worker(argv[0]) < 0) {
+               goto exit_init_data;
+       }
+
        /* create the consumer instance with and assign the callbacks */
        ctx = lttng_consumer_create(opt_type, lttng_consumer_read_subbuffer,
                NULL, lttng_consumer_on_recv_stream, NULL);
@@ -607,7 +633,10 @@ exit_health_thread:
 exit_health_pipe:
 
 exit_init_data:
-       lttng_consumer_destroy(ctx);
+       tmp_ctx = ctx;
+       ctx = NULL;
+       cmm_barrier();  /* Clear ctx for signal handler. */
+       lttng_consumer_destroy(tmp_ctx);
        lttng_consumer_cleanup();
 
        if (health_consumerd) {
@@ -618,6 +647,9 @@ exit_health_consumerd_cleanup:
 exit_options:
 
 exit_set_signal_handler:
+       /* Ensure all prior call_rcu are done. */
+       rcu_barrier();
+
        if (!retval) {
                exit(EXIT_SUCCESS);
        } else {