static int signal_and_wait_for_handlers(pid_t own_pid, int own_tid) noexcept
{
- // No allocations allowed in this function
int ret = 0;
int time_left = MAX_SIG_WAIT_TIME;
do {
g_th_barrier = 0;
+ // No allocations allowed beyond this point
int ret = signal_and_wait_for_handlers(own_pid, own_tid);
- if (ret != 0) {
- LogError("Error occured during signaling: " << ret);
+ if (ret != 0)
abort();
- }
// here, all TIDs except current one are waiting to start changing attributes
// We can assume these TIDs will continue to live (no need to read /proc again), since no logic
if (ready)
break;
usleep(SLEEP_CONST); // 10 ms
- if (i % 500 == 0)
- LogWarning("Still waiting for threads to finalize handlers.");
}
if (!ready) {
// not all TIDs reached this stage, aborting!
- LogError("Too much waiting for sig handler completion, aborting!");
abort();
}
/*
* Change attributes of one last thread, the main thread.
*/
- if (g_p_app_label && label_for_self_internal(own_tid) != 0) {
- LogError("label_for_self_internal failed for main thread");
+ if (g_p_app_label && label_for_self_internal(own_tid) != 0)
abort();
- }
- if (cap_set_proc(g_cap)) {
- LogError("Can't drop main thread capabilities");
+ if (cap_set_proc(g_cap))
abort();
- }
+ // No allocations allowed before this point
g_th_barrier++; // this starts signal handlers to proceed once they wake up - logic in app starts in env where all have changed labels
- Syscall::sigaction(SIGSETXID, &old, nullptr);
+
+ if (Syscall::sigaction(SIGSETXID, &old, nullptr) < 0) {
+ LogError("Error in sigaction()");
+ abort();
+ }
return SECURITY_MANAGER_SUCCESS;
}
projects / platform / core / security / security-manager.git / commitdiff