#define MAX_SIG_WAIT_TIME 5000 // times 2 ms thats 10 seconds
-// Hackish, but decided NOT to use signal SIGSETXID used by glibc
-// as this was proven to cause interference with app candidate
-// processes using glibc at the time of security-manager operation
-#define SIGNAL_NUM (__SIGRTMIN + 2)
+// Hackish, based on glibc's definition in sysdeps/unix/sysv/linux/nptl-signals.h
+#define SIGSETXID (__SIGRTMIN + 1)
SECURITY_MANAGER_API
const char *security_manager_strerror(enum lib_retcode rc)
g_threads_count--;
};
- if (Syscall::sigaction(SIGNAL_NUM, &act, &old) < 0) {
+ if (Syscall::sigaction(SIGSETXID, &act, &old) < 0) {
LogError("Error in sigaction()");
return SECURITY_MANAGER_ERROR_UNKNOWN;
}
synced_tids.push_back(tid); // this will not add current TID (but its already added)
g_tid_status[tid_index++].tid = tid;
- if (Syscall::tgkill(cur_pid, tid, SIGNAL_NUM) < 0) {
+ if (Syscall::tgkill(cur_pid, tid, SIGSETXID) < 0) {
const auto err = errno;
if (ESRCH == err) { // thread already gone
threads_gone++;
}
}
- Syscall::sigaction(SIGNAL_NUM, &old, nullptr);
+ Syscall::sigaction(SIGSETXID, &old, nullptr);
if (g_threads_count) {
LogError("Not all threads synchronized: threads left: " << g_threads_count);