|
|
|
From 175c446fc5ca6adbeeb25dfe0ef725e2f1914259 Mon Sep 17 00:00:00 2001
|
|
|
|
From: Tom Gundersen <teg@jklm.no>
|
|
|
|
Date: Mon, 9 Mar 2015 16:16:23 +0100
|
|
|
|
Subject: [PATCH] udevd: close race in udev settle
|
|
|
|
|
|
|
|
The udev-settle guarantees that udevd is no longer processing any of the
|
|
|
|
events casued by udev-trigger. The way this works is that it sends a
|
|
|
|
synchronous PING to udevd after udev-trigger has ran, and when that returns
|
|
|
|
it knows that udevd has started processing the events from udev-trigger.
|
|
|
|
udev-settle will then wait for the event queue to empty before returning.
|
|
|
|
|
|
|
|
However, there was a race here, as we would only update the /run state at
|
|
|
|
the beginning of the event loop, before reading out new events and before
|
|
|
|
processing the ping.
|
|
|
|
|
|
|
|
That means that if the first uevent arrived in the same event-loop iteration
|
|
|
|
as the PING, we would return the ping before updating the queue state in /run
|
|
|
|
(which would happen on the next iteration).
|
|
|
|
|
|
|
|
The race window here is tiny (as the /run state would probably get updated
|
|
|
|
before udev-settle got a chance to read /run), but still a possibility.
|
|
|
|
|
|
|
|
Fix the problem by updating the /run state as the last step before returning
|
|
|
|
the PING.
|
|
|
|
|
|
|
|
We must still update it at the beginning of the loop as well, otherwise we
|
|
|
|
risk being stuck in poll() with a stale state in /run.
|
|
|
|
|
|
|
|
Reported-by: Daniel Drake <drake@endlessm.com>
|
|
|
|
(cherry picked from commit db93e063bdffe0a8b95fcc522aeacddf62d1a9f9)
|
|
|
|
---
|
|
|
|
src/udev/udevd.c | 26 +++++++++++++++++---------
|
|
|
|
1 file changed, 17 insertions(+), 9 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
|
|
|
|
index 99d4c8983a..e98c1fd6da 100644
|
|
|
|
--- a/src/udev/udevd.c
|
|
|
|
+++ b/src/udev/udevd.c
|
|
|
|
@@ -909,6 +909,17 @@ static void handle_signal(struct udev *udev, int signo) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
+static void event_queue_update(void) {
|
|
|
|
+ if (!udev_list_node_is_empty(&event_list)) {
|
|
|
|
+ int fd;
|
|
|
|
+
|
|
|
|
+ fd = open("/run/udev/queue", O_WRONLY|O_CREAT|O_CLOEXEC|O_TRUNC|O_NOFOLLOW, 0444);
|
|
|
|
+ if (fd >= 0)
|
|
|
|
+ close(fd);
|
|
|
|
+ } else
|
|
|
|
+ unlink("/run/udev/queue");
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
static int systemd_fds(struct udev *udev, int *rctrl, int *rnetlink) {
|
|
|
|
int ctrl = -1, netlink = -1;
|
|
|
|
int fd, n;
|
|
|
|
@@ -1369,15 +1380,7 @@ int main(int argc, char *argv[]) {
|
|
|
|
}
|
|
|
|
|
|
|
|
/* tell settle that we are busy or idle */
|
|
|
|
- if (!udev_list_node_is_empty(&event_list)) {
|
|
|
|
- int fd;
|
|
|
|
-
|
|
|
|
- fd = open("/run/udev/queue", O_WRONLY|O_CREAT|O_CLOEXEC|O_TRUNC|O_NOFOLLOW, 0444);
|
|
|
|
- if (fd >= 0)
|
|
|
|
- close(fd);
|
|
|
|
- } else {
|
|
|
|
- unlink("/run/udev/queue");
|
|
|
|
- }
|
|
|
|
+ event_queue_update();
|
|
|
|
|
|
|
|
fdcount = epoll_wait(fd_ep, ev, ELEMENTSOF(ev), timeout);
|
|
|
|
if (fdcount < 0)
|
|
|
|
@@ -1502,6 +1505,11 @@ int main(int argc, char *argv[]) {
|
|
|
|
if (is_inotify)
|
|
|
|
handle_inotify(udev);
|
|
|
|
|
|
|
|
+ /* tell settle that we are busy or idle, this needs to be before the
|
|
|
|
+ * PING handling
|
|
|
|
+ */
|
|
|
|
+ event_queue_update();
|
|
|
|
+
|
|
|
|
/*
|
|
|
|
* This needs to be after the inotify handling, to make sure,
|
|
|
|
* that the ping is send back after the possibly generated
|