From 4a609606e050a9a4693541a965e34d8ac366f153 Mon Sep 17 00:00:00 2001 From: haozi007 Date: Thu, 16 Apr 2020 15:56:21 +0800 Subject: [PATCH 45/49] restore default signal handler Signed-off-by: haozi007 --- hooks/Makefile.am | 3 +++ src/lxc/attach.c | 16 ++++++++++++++++ src/lxc/initutils.c | 4 ++++ src/lxc/start.c | 19 +++++++++++++++++++ 4 files changed, 42 insertions(+) diff --git a/hooks/Makefile.am b/hooks/Makefile.am index 5ae73d7..ddfd4bc 100644 --- a/hooks/Makefile.am +++ b/hooks/Makefile.am @@ -10,6 +10,8 @@ hooks_SCRIPTS = \ squid-deb-proxy-client \ nvidia + +if !HAVE_ISULAD binhooks_PROGRAMS = \ unmount-namespace @@ -20,5 +22,6 @@ if IS_BIONIC unmount_namespace_SOURCES += \ ../src/include/lxcmntent.c ../src/include/lxcmntent.h endif +endif EXTRA_DIST=$(hooks_SCRIPTS) diff --git a/src/lxc/attach.c b/src/lxc/attach.c index 734cddd..1dd2b47 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c @@ -679,12 +679,28 @@ static int attach_child_main(struct attach_clone_payload *payload) init_ctx->lsm_label; #ifdef HAVE_ISULAD int msg_fd = -1; + sigset_t mask; /*isulad: record errpipe fd*/ msg_fd = init_ctx->container->lxc_conf->errpipe[1]; init_ctx->container->lxc_conf->errpipe[1] = -1; /*isulad: set system umask */ umask(init_ctx->container->lxc_conf->umask); + + /*isulad: restore default signal handlers and unblock all signals*/ + for (int i = 1; i < NSIG; i++) + signal(i, SIG_DFL); + + ret = sigfillset(&mask); + if (ret < 0) { + SYSERROR("Failed to fill signal mask"); + goto on_error;; + } + ret = sigprocmask(SIG_UNBLOCK, &mask, NULL); + if (ret < 0) { + SYSERROR("Failed to set signal mask"); + goto on_error; + } #endif /* A description of the purpose of this functionality is provided in the diff --git a/src/lxc/initutils.c b/src/lxc/initutils.c index 5549c2e..76f0048 100644 --- a/src/lxc/initutils.c +++ b/src/lxc/initutils.c @@ -54,12 +54,16 @@ const char *lxc_global_config_value(const char *option_name) { NULL, NULL }, }; +#ifdef HAVE_ISULAD + static const char *values[sizeof(options) / sizeof(options[0])] = {0}; +#else /* placed in the thread local storage pool for non-bionic targets */ #ifdef HAVE_TLS static thread_local const char *values[sizeof(options) / sizeof(options[0])] = {0}; #else static const char *values[sizeof(options) / sizeof(options[0])] = {0}; #endif +#endif /* user_config_path is freed as soon as it is used */ char *user_config_path = NULL; diff --git a/src/lxc/start.c b/src/lxc/start.c index 6779cee..5d2faee 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -1290,6 +1290,25 @@ static int do_start(void *data) lxc_sync_fini_parent(handler); +#ifdef HAVE_ISULAD + sigset_t mask; + + /*isulad: restore default signal handlers and unblock all signals*/ + for (int i = 1; i < NSIG; i++) + signal(i, SIG_DFL); + + ret = sigfillset(&mask); + if (ret < 0) { + SYSERROR("Failed to fill signal mask"); + goto out_warn_father; + } + ret = sigprocmask(SIG_UNBLOCK, &mask, NULL); + if (ret < 0) { + SYSERROR("Failed to set signal mask"); + goto out_warn_father; + } +#endif + if (lxc_abstract_unix_recv_fds(data_sock1, &status_fd, 1, NULL, 0) < 0) { ERROR("Failed to receive status file descriptor to child process"); goto out_warn_father; -- 1.8.3.1