Bug 1810142 - glibc: Fix /etc/resolv.conf reloading defects.
Summary: glibc: Fix /etc/resolv.conf reloading defects.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: glibc
Version: 8.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.3
Assignee: DJ Delorie
QA Contact: qe-baseos-tools-bugs
URL:
Whiteboard:
Depends On:
Blocks: 1819440 1825061
TreeView+ depends on / blocked
 
Reported: 2020-03-04 15:37 UTC by Carlos O'Donell
Modified: 2023-07-18 14:30 UTC (History)
9 users (show)

Fixed In Version: glibc-2.28-102.el8
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-11-04 01:33:21 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:4444 0 None None None 2020-11-04 01:33:42 UTC
Sourceware 25420 0 P2 RESOLVED Race condition in resolv_conf.c can result in caching stale configuration forever 2020-10-13 08:00:00 UTC
Sourceware 25429 0 P2 ASSIGNED res_vinit_1 leaks fp stdio stream on error 2020-10-13 08:00:11 UTC

Description Carlos O'Donell 2020-03-04 15:37:13 UTC 
Upstream testing of the /etc/resolv.conf reloading has found a few defects in the reloading mechanism. We propose they get fixed in the next RHEL 8 y-stream update.

The upstream commits come with the following new test:
io/tst-file_change_detection.c

The required commits are as follows:

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=6c80c6e8767b860a5e18e136d04a80be2a8dce15

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=9642b85fd0dfa5731020a3271c08e33e1dc05c85

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=a1a20f029299dc27170912bb9233070c8403444d

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=dd0b4df329ff7ff2a656404db271c8ee8379ff9d

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=fa00db0a6eb755837ae5d413515e0da582b304f3

Logs:

commit 6c80c6e8767b860a5e18e136d04a80be2a8dce15
Author: Florian Weimer <fweimer>
Date:   Tue Feb 11 13:52:06 2020 +0100

    Add internal <file_change_detection.h> header file
    
    The code started out with bits form resolv/resolv_conf.c, but it
    was enhanced to deal with directories and FIFOs in a more predictable
    manner.  A test case is included as well.
    
    This will be used to implement the /etc/resolv.conf change detection.
    
    This currently lives in a header file only.  Once there are multiple
    users, the implementations should be moved into C files.

commit 9642b85fd0dfa5731020a3271c08e33e1dc05c85
Author: Florian Weimer <fweimer>
Date:   Tue Jan 21 16:52:33 2020 +0100

    resolv: Use <file_change_detection.h> in __resolv_conf_get_current
    
    Only minor functional changes (i.e., regarding the handling of
    directories, which are now treated as empty files).
    
    Reviewed-by: Adhemerval Zanella <adhemerval.zanella>


commit a1a20f029299dc27170912bb9233070c8403444d
Author: Florian Weimer <fweimer>
Date:   Tue Jan 21 17:11:01 2020 +0100

    resolv: Fix file handle leak in __resolv_conf_load [BZ #25429]
    
    res_vinit_1 did not close the stream on errors, only on success.
    This change moves closing the stream to __resolv_conf_load, for both
    the success and error cases.
    
    Fixes commit 89f187a40fc0ad4e22838526bfe34d73f758b776 ("resolv: Use
    getline for configuration file reading in res_vinit_1") and commit
    3f853f22c87f0b671c0366eb290919719fa56c0e ("resolv: Lift domain search
    list limits [BZ #19569] [BZ #21475]"), where memory allocation was
    introduced into res_vinit_1.
    
    Reviewed-by: Adhemerval Zanella <adhemerval.zanella>

commit dd0b4df329ff7ff2a656404db271c8ee8379ff9d
Author: Florian Weimer <fweimer>
Date:   Tue Jan 21 17:25:39 2020 +0100

    resolv: Enhance __resolv_conf_load to capture file change data
    
    The data is captured after reading the file.  This allows callers
    to check the change data against an earlier measurement.
    
    Reviewed-by: Adhemerval Zanella <adhemerval.zanella>

commit fa00db0a6eb755837ae5d413515e0da582b304f3
Author: Florian Weimer <fweimer>
Date:   Tue Jan 21 17:38:15 2020 +0100

    resolv: Fix ABA race in /etc/resolv.conf change detection [BZ #25420]
    
    __resolv_conf_get_current should only record the initial file
    change data if after verifying that file just read matches the
    original measurement.  Fixes commit aef16cc8a4c670036d45590877
    ("resolv: Automatically reload a changed /etc/resolv.conf file
    [BZ #984]").
    
    Reviewed-by: Adhemerval Zanella <adhemerval.zanella>
Comment 1 Carlos O'Donell 2020-03-04 15:48:49 UTC 
Add one more commit:

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=631cf64bc1d8306e011ef39f60b8cb6de91bd271

commit 631cf64bc1d8306e011ef39f60b8cb6de91bd271
Author: Florian Weimer <fweimer>
Date:   Tue Feb 18 13:44:48 2020 +0100

    Move implementation of <file_change_detection.h> into a C file
    
    file_change_detection_for_stat partially initialize
    struct file_change_detection in some cases, when the size member
    alone determines the outcome of all comparisons.  This results
    in maybe-uninitialized compiler warnings in case of sufficiently
    aggressive inlining.
    
    Once the implementation is moved into a separate C file, this kind
    of inlining is no longer possible, so the compiler warnings are gone.
Comment 2 DJ Delorie 2020-03-27 03:11:16 UTC 
Fixed in glibc-2.28-102.el8
Comment 5 Sergey Kolosov 2020-09-07 13:01:37 UTC 
Verified with io/tst-file_change_detection.
Comment 8 errata-xmlrpc 2020-11-04 01:33:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: glibc security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4444
Note You need to log in before you can comment on or make changes to this bug.