Merge pull request #9504 from poettering/nss-deadlock

some nss deadlock love
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-07-26 10:16:25 +0200
committer: GitHub <noreply@github.com> 2018-07-26 10:16:25 +0200
commit: 54fe2ce1b943b55162cc35b28e976c4fbf490dae (patch)
tree: a5b741a72b9229b1e549eecf3ca9b8cbb2f88e45 /src/nss-resolve
parent: Merge pull request #9484 from poettering/permille-everywhere (diff)
parent: bus-unit-util: tiny coding style fix (diff)
download: systemd-54fe2ce1b943b55162cc35b28e976c4fbf490dae.tar.xz
systemd-54fe2ce1b943b55162cc35b28e976c4fbf490dae.zip
1 files changed, 29 insertions, 0 deletions
diff --git a/src/nss-resolve/nss-resolve.c b/src/nss-resolve/nss-resolve.c
index b2bb698ded..a28b5d8ba8 100644
--- a/src/nss-resolve/nss-resolve.c
+++ b/src/nss-resolve/nss-resolve.c
@@ -91,6 +91,20 @@ static uint32_t ifindex_to_scopeid(int family, const void *a, int ifindex) {
         return IN6_IS_ADDR_LINKLOCAL(&in6) ? ifindex : 0;
 }
 
+static bool avoid_deadlock(void) {
+
+        /* Check whether this lookup might have a chance of deadlocking because we are called from the service manager
+         * code activating systemd-resolved.service. After all, we shouldn't synchronously do lookups to
+         * systemd-resolved if we are required to finish before it can be started. This of course won't detect all
+         * possible dead locks of this kind, but it should work for the most obvious cases. */
+
+        if (geteuid() != 0) /* Ignore the env vars unless we are privileged. */
+                return false;
+
+        return streq_ptr(getenv("SYSTEMD_ACTIVATION_UNIT"), "systemd-resolved.service") &&
+               streq_ptr(getenv("SYSTEMD_ACTIVATION_SCOPE"), "system");
+}
+
 enum nss_status _nss_resolve_gethostbyname4_r(
                 const char *name,
                 struct gaih_addrtuple **pat,
@@ -117,6 +131,11 @@ enum nss_status _nss_resolve_gethostbyname4_r(
         assert(errnop);
         assert(h_errnop);
 
+        if (avoid_deadlock()) {
+                r = -EDEADLK;
+                goto fail;
+        }
+
         r = sd_bus_open_system(&bus);
         if (r < 0)
                 goto fail;
@@ -292,6 +311,11 @@ enum nss_status _nss_resolve_gethostbyname3_r(
                 goto fail;
         }
 
+        if (avoid_deadlock()) {
+                r = -EDEADLK;
+                goto fail;
+        }
+
         r = sd_bus_open_system(&bus);
         if (r < 0)
                 goto fail;
@@ -479,6 +503,11 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
                 return NSS_STATUS_UNAVAIL;
         }
 
+        if (avoid_deadlock()) {
+                r = -EDEADLK;
+                goto fail;
+        }
+
         r = sd_bus_open_system(&bus);
         if (r < 0)
                 goto fail;
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-07-26 10:16:25 +0200
committer	GitHub <noreply@github.com>	2018-07-26 10:16:25 +0200
commit	54fe2ce1b943b55162cc35b28e976c4fbf490dae (patch)
tree	a5b741a72b9229b1e549eecf3ca9b8cbb2f88e45 /src/nss-resolve
parent	Merge pull request #9484 from poettering/permille-everywhere (diff)
parent	bus-unit-util: tiny coding style fix (diff)
download	systemd-54fe2ce1b943b55162cc35b28e976c4fbf490dae.tar.xz systemd-54fe2ce1b943b55162cc35b28e976c4fbf490dae.zip