There is an issue with the security model of lib ring buffer (lttng-ust)
vs SIGBUS handling by consumer daemon. We do not handle SIGBUS in the
consumer daemon. An application using ftruncate on a ring buffer shm
could cause the consumer to be killed with SIGBUS.
Expose the relevant APIs to allow consumer daemon to handle SIGBUS.
It requires the user application (consumerd) to define the TLS sigbus
state with DEFINE_LTTNG_UST_SIGBUS_STATE(), and to invoke
lttng_ust_ctl_sigbus_handle() when a SIGBUS is received, passing the
address causing the SIGBUS (siginfo->si_addr) as parameter.
Internally, liblttng-ust-ctl uses sigsetjmp and siglongjmp to recover
from SIGBUS, and track all accesses to shared memory ranges within the
library.
This modifies the API of liblttng-ust-ctl, and requires the user
application to define the TLS sigbus state with
DEFINE_LTTNG_UST_SIGBUS_STATE(). It therefore needs to be introduced in
locked-step between lttng-ust and lttng-tools.
It requires a major version bump of liblttng-ust-ctl soname.
projects / lttng-ust.git / commit
