Some applications repeatedly re-exec themselves, and if they use the
com_err library, they can leak a file descriptor for each re-exec.
Fix this by setting the close-on-exec flag on the debug file
descriptor. In addition, if the COMERR_DEBUG environment variable
isn't set, don't open the file handle at all.
Addresses-Red-Hat-Bugzilla: #464689
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
SuSE has been carrying a patch for a long time to prevent a largely
theoretical race condition if a multi-threaded application adds and
removes error tables in multiple threads. Unfortunately SuSE's
approach breaks compatibility by forcing applications to link and
compile with the -pthread option; using pthread mutexes has
historically been problematic.
This commit fixes things in a more portable way by using
sem_post/sem_wait instead, which is an older interface that doesn't
require the pthreads library. Linux happens to implement
sem_post/sem_init using futexes, and -lrt ends up pulling in
-lpthread, but the advantage of using POSIX semaphores is that
applications don't have to be built using -pthread, unlike the use of
pthread mutexes.
The add_error_table() and remove_error_table() interfaces are the
preferred interfaces and locking protection have been added to only
these interfaces. I have not added locking protection to the
generated initialize_xxx_error_table and initialize_xxx_error_table_r
interfaces, to avoid adding symbol dependencies that would cause a
library to fail to work when linking against older com_err libraries
that do not export et_list_lock() and et_list_unlock(). Threaded
applications shouldn't be using these interfaces in any case.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Address the theoretical problem of two threads trying to format a
different unknown error code by using TLS.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
On 64-bit systems (or anything with sizeof(long) > sizeof(int)), we
sometimes get error codes passed to error_message which have been cast
from an (int) to an (unsigned int). This almost always happens if
you're using libgssapi_krb5, which returns an error code which is less
than 0 but is returned in an (unsigned int).
For example, -1765328377L gets cast to 2529638919, which is
0x96c73a07, not 0xffffffff96c73a07, so error_message() fails to find a
matching error table.
When error_message() then calls the error_table_name() function to get a
name to use in the "unknown code" message, it gets a correct value back.
This happens because error_table_name() drops most of the higher bits of
the parameter it's passed before doing anything else with it (& 077777777f,
or & 0xffffff). If we did the same thing in error_message(), we wouldn't
have a problem there, either.
Problem reported and fixed by: Nalin Dahyabhai
Addresses-Sourceforge-Bug: #1809658
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If the environment variable COMERR_DEBUG is set to 1, print out debugging
messages as error tables are added and removed from the com_err library.
If the COMERR_DEBUG_FILE environment variable is set (and the process is
not setuid) the debugging messages may be redirected to a file.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
via add_error_table() and the other dynamic methods from
the ones allocated via initialize_xxx_error_table() so
that we won't fail even for error tables created using old
versions of compile_et. Thanks to Nalin Dahyabhai for
this suggested patch.
instead of <com_err.h>, so the current version of the header file
is used.
Add a --build-tree option to compile_et to make sure that it uses
the et_?.awk files from the build tree.
Remove legacy support for varargs.h, K&R C, and pre-POSIX signal
support. Also fixed gcc -Wall nits.
structure from the internal error_table.h to com_err.h,
since it now needs to be public.
et_c.awk, et_h.awk: Import changes from krb5's et library so
that the error_table structure is defined and available
publically.
error_message.c: Import krb5 and heimdall com_err extensions to
the et library.
partinfo.c: Fix minor compilation bugs pointed out by Yann Dirson.
mke2fs.c: Don't turn on sparse superblocks by default on pre-2.2 kernels.
mke2fs.8.in: Add the possible valid block sizes for mke2fs. Document
the -n flag, and the new defaults for the -s flag.
dumpe2fs.c, dumpe2fs.8.in: Add new options -f (force) and -h (header-only).
mke2fs.c (PRS): Fix logic for turning on/off the sparse superblock option.
Many files:
Updated copyright statements to reflect the GPL with permission of the
original authors.
error_table.h:
et_name.c (error_table_name):
error_message.c (error_message.c): Make code be 16-bit safe.
ChangeLog, e2fsck.c:
e2fsck.c (check_mount): Add stronger warning message about the perils
of running e2fsck on a mounted filesystem.