Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

runtime: use tgkill instead of tkill #27548

prattmic opened this issue Sep 7, 2018 · 1 comment

runtime: use tgkill instead of tkill #27548

prattmic opened this issue Sep 7, 2018 · 1 comment


Copy link

@prattmic prattmic commented Sep 7, 2018

This has been proposed previously (#24924), but was closed because Android allows tkill.

However, generally tgkill allows creation of a stricter sandbox (note that tkill is only used in runtime.raise to send a signal to the current thread).

With kill and tgkill, the sandbox policy (e.g., seccomp) can prevent the program from sending signals to other processes by checking that the first argument == getpid().

With tkill, the policy must whitelist all tids in the process, which is effectively impossible given Go's dynamic thread creation.

Specifically, this applies to the gVisor project, where we do not allow tkill in our seccomp policy. At the moment, we attempt to emulate the standard Go runtime signal behavior. This works, but I don't see any downsides to using tgkill in raise, and other sandboxed Go programs could benefit, hence this feature request.

cc @ianlancetaylor @eliasnaur

Copy link

@gopherbot gopherbot commented Sep 7, 2018

Change mentions this issue: runtime: use tgkill for raise

@tklauser tklauser added the OS-Linux label Sep 7, 2018
@bcmills bcmills added this to the Go1.12 milestone Sep 7, 2018
@gopherbot gopherbot closed this in 43f54c8 Sep 7, 2018
@golang golang locked and limited conversation to collaborators Sep 7, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.