* sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
* sunrpc/svc.c: Include time.h.
(__svc_accept_failed): New function.
* sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
any reason other than EINTR, call __svc_accept_failed.
* sunrpc/svc_udp.c (svcudp_recv): Similarly.
* sunrpc/svc_unix.c (rendezvous_request): Similarly.
+2012-11-28 Jeff Law <law@redhat.com>
+ Martin Osvald <mosvald@redhat.com>
+
+ [BZ #14889]
+ * sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
+ * sunrpc/svc.c: Include time.h.
+ (__svc_accept_failed): New function.
+ * sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
+ any reason other than EINTR, call __svc_accept_failed.
+ * sunrpc/svc_udp.c (svcudp_recv): Similarly.
+ * sunrpc/svc_unix.c (rendezvous_request): Similarly.
+
2012-11-28 Andreas Schwab <schwab@suse.de>
* scripts/abilist.awk: Also handle indirect functions in .opd
14621, 14638, 14645, 14648, 14652, 14660, 14661, 14669, 14672, 14683,
14694, 14716, 14719, 14743, 14767, 14783, 14784, 14785, 14793, 14796,
14797, 14801, 14805, 14807, 14811, 14815, 14821, 14822, 14824, 14828,
- 14831, 14835, 14838, 14856, 14863, 14865, 14866, 14868, 14869, 14871.
+ 14831, 14835, 14838, 14856, 14863, 14865, 14866, 14868, 14869, 14871,
+ 14889.
+
+* CVE-2011-4609 svc_run() produces high cpu usage when accept fails with
+ EMFILE has been fixed (Bugzilla #14889).
* The add-on ports collection is now distributed in the "ports" subdirectory
of the main GNU C Library distribution, rather than separately.
/*
* svc.h, Server-side remote procedure call interface.
*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ *
+ * The GNU C Library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * The GNU C Library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with the GNU C Library; if not, see
+ * <http://www.gnu.org/licenses/>.
+ *
* Copyright (c) 2010, Oracle America, Inc.
*
* Redistribution and use in source and binary forms, with or without
__END_DECLS
+extern void __svc_accept_failed (void) attribute_hidden;
#endif /* rpc/svc.h */
* There are two sets of procedures here. The xprt routines are
* for handling transport handles. The svc routines handle the
* list of service routines.
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ * Contributed by Ulrich Drepper <drepper@redhat.com>, 2002.
+ *
+ * The GNU C Library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * The GNU C Library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with the GNU C Library; if not, see
+ * <http://www.gnu.org/licenses/>.
*
* Copyright (c) 2010, Oracle America, Inc.
*
#include <rpc/svc.h>
#include <rpc/pmap_clnt.h>
#include <sys/poll.h>
+#include <time.h>
#ifdef _RPC_THREAD_SAFE_
#define xports RPC_THREAD_VARIABLE(svc_xports_s)
}
libc_hidden_nolink_sunrpc (svc_getreq_common, GLIBC_2_2)
+/* If there are no file descriptors available, then accept will fail.
+ We want to delay here so the connection request can be dequeued;
+ otherwise we can bounce between polling and accepting, never giving the
+ request a chance to dequeue and eating an enormous amount of cpu time
+ in svc_run if we're polling on many file descriptors. */
+void
+__svc_accept_failed (void)
+{
+ if (errno == EMFILE)
+ {
+ struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
+ __nanosleep (&ts, NULL);
+ }
+}
+
#ifdef _RPC_THREAD_SAFE_
void
/*
* svc_tcp.c, Server side for TCP/IP based RPC.
*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ *
+ * The GNU C Library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * The GNU C Library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with the GNU C Library; if not, see
+ * <http://www.gnu.org/licenses/>.
+ *
* Copyright (c) 2010, Oracle America, Inc.
*
* Redistribution and use in source and binary forms, with or without
{
if (errno == EINTR)
goto again;
+ __svc_accept_failed ();
return FALSE;
}
/*
* Server side for UDP/IP based RPC. (Does some caching in the hopes of
* achieving execute-at-most-once semantics.)
*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ *
+ * The GNU C Library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * The GNU C Library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with the GNU C Library; if not, see
+ * <http://www.gnu.org/licenses/>.
+ *
* Copyright (c) 2010, Oracle America, Inc.
*
* Redistribution and use in source and binary forms, with or without
(int) su->su_iosz, 0,
(struct sockaddr *) &(xprt->xp_raddr), &len);
xprt->xp_addrlen = len;
- if (rlen == -1 && errno == EINTR)
- goto again;
+ if (rlen == -1)
+ {
+ if (errno == EINTR)
+ goto again;
+ __svc_accept_failed ();
+ }
if (rlen < 16) /* < 4 32-bit ints? */
return FALSE;
xdrs->x_op = XDR_DECODE;
/*
* svc_unix.c, Server side for TCP/IP based RPC.
*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ *
+ * The GNU C Library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * The GNU C Library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with the GNU C Library; if not, see
+ * <http://www.gnu.org/licenses/>.
+ *
* Copyright (c) 2010, Oracle America, Inc.
*
* Redistribution and use in source and binary forms, with or without
{
if (errno == EINTR)
goto again;
+ __svc_accept_failed ();
return FALSE;
}
/*