clone3: support CLONE_CLEAR_SIGHAND and don't clear if not set

Previously fork-like invocations of clone incorrectly reset signal handlers, as if `CLONE_CLEAR_SIGHAND` was used. The default is now fixed to copy signal handlers from the parent process, and we add support for the `CLONE_CLEAR_SIGHAND` flag to clear them.
shadow · Jan 17, 2024 · ca84567 · ca84567
1 parent 9497f7a
commit ca84567
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,11 +10,12 @@ MAJOR changes (breaking):
 
 MINOR changes (backwards-compatible):
 
-*
+* Added support for the `CLONE_CLEAR_SIGHAND` flag for the `clone3` syscall.
 
 PATCH changes (bugfixes):
 
-*
+* On fork and fork-like invocations of `clone`, signal handlers are now correctly copied
+from the parent instead of reset to default (unless `CLONE_CLEAR_SIGHAND` is used).
 
 Full changelog since v3.1.0:
 

diff --git a/src/lib/shadow-shim-helper-rs/src/shim_shmem.rs b/src/lib/shadow-shim-helper-rs/src/shim_shmem.rs
@@ -230,6 +230,14 @@ impl ProcessShmemProtected {
         self.pending_standard_siginfos[signal_idx(signal)] = *info;
     }
 
+    /// # Safety
+    ///
+    /// Only valid if pointers in `src` sigactions are valid in `self`'s address
+    /// space (e.g. `src` is a parent that just forked this process).
+    pub unsafe fn clone_signal_actions(&mut self, src: &Self) {
+        self.signal_actions = src.signal_actions
+    }
+
     /// # Safety
     ///
     /// Function pointers in `shd_kernel_sigaction::u` are valid only

diff --git a/src/main/host/syscall/handler/clone.rs b/src/main/host/syscall/handler/clone.rs
@@ -172,6 +172,19 @@ impl SyscallHandler {
         let do_child_cleartid = flags.contains(CloneFlags::CLONE_CHILD_CLEARTID);
         handled_flags.insert(CloneFlags::CLONE_CHILD_CLEARTID);
 
+        let do_copy_sighandlers = if flags.contains(CloneFlags::CLONE_CLEAR_SIGHAND) {
+            // clone(2): Specifying this flag together with CLONE_SIGHAND is
+            // nonsensical and disallowed.
+            if flags.contains(CloneFlags::CLONE_SIGHAND) {
+                return Err(Errno::EINVAL.into());
+            }
+            false
+        } else {
+            // We only need to copy if they're not shared.
+            !flags.contains(CloneFlags::CLONE_SIGHAND)
+        };
+        handled_flags.insert(CloneFlags::CLONE_CLEAR_SIGHAND);
+
         if flags.contains(CloneFlags::CLONE_PARENT) {
             // Handled in `new_forked_process` when creating a new process.
             // No-op when not creating a new process.
@@ -261,6 +274,18 @@ impl SyscallHandler {
             child.set_tid_address(ctid);
         }
 
+        if do_copy_sighandlers {
+            let shmem_lock = ctx.objs.host.shim_shmem_lock_borrow_mut().unwrap();
+
+            let parent_shmem = ctx.objs.process.shmem();
+            let parent_shmem_prot = parent_shmem.protected.borrow(&shmem_lock.root);
+
+            let child_shmem = child_process_borrow.as_ref().unwrap().shmem();
+            let mut child_shmem_prot = child_shmem.protected.borrow_mut(&shmem_lock.root);
+            // Safety: pointers in the parent are valid in the child.
+            unsafe { child_shmem_prot.clone_signal_actions(&parent_shmem_prot) };
+        }
+
         drop(child_process_borrow);
         if let Some(c) = child_process_rc {
             c.explicit_drop(ctx.objs.host.root())

diff --git a/src/test/clone/test_fork.rs b/src/test/clone/test_fork.rs
@@ -1889,8 +1889,7 @@ fn main() -> Result<(), Box<dyn Error>> {
         tests.push(ShadowTest::new(
             &format!("test_handles_CLONE_CLEAR_SIGHAND={value}"),
             move || test_clone_clear_sighand(value),
-            // TODO: https://github.com/shadow/shadow/issues/3266
-            libc_only.clone(),
+            all_envs.clone(),
         ));
     }