Bug 664783 - race condition in radvd pidfile creation
race condition in radvd pidfile creation
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: radvd (Show other bugs)
6.0
Unspecified Unspecified
low Severity high
: rc
: ---
Assigned To: Pavel Šimerda (pavlix)
qe-baseos-daemons
http://lists.litech.org/pipermail/rad...
: Patch
Depends On:
Blocks: 836160
  Show dependency treegraph
 
Reported: 2010-12-21 11:18 EST by Laine Stump
Modified: 2016-07-21 09:13 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 811997 (view as bug list)
Environment:
Last Closed: 2016-07-21 09:13:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Reproducer (632 bytes, text/plain)
2012-04-12 09:22 EDT, Petr Pisar
no flags Details
Upsteam patch ported to 1.6 (5.75 KB, patch)
2012-04-13 05:52 EDT, Petr Pisar
no flags Details | Diff

  None (edit)
Description Laine Stump 2010-12-21 11:18:41 EST
radvd uses daemonize() to daemonize itself, then creates its pidfile afterwards. This means that the process that exec'ed radvd will get back control before the pidfile has been created and/or populated, which could lead to a race condition.

This creates a problem for libvirt, which attempts to run an instance of radvd and determine its pid (for later termination) by immediately reading the pidfile. The pidfile isn't yet created when libvirtd gets back control after waitpid'ing for the radvd process, so it fails to learn the pid.

Instead of using daemonize() and creating the pidfile from the child process, radvd should do the fork manually, then create the pidfile in the parent, prior to exiting.
Comment 1 Laine Stump 2010-12-21 11:28:52 EST
Actually it's been pointed out to me that the pidfile is *created* by the parent process, but written to by the child, after daemonize is called. So the process that exec's radvd will always find the file, but it may not yet have anything in it.
Comment 3 RHEL Product and Program Management 2011-01-07 10:51:18 EST
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 4 Petr Pisar 2012-04-05 09:36:11 EDT
Reproducer (unreliable as for all races):

$ radvd; kill -n 0 $(</var/run/radvd.pid)
Comment 5 Petr Pisar 2012-04-05 09:44:50 EDT
Actually radvd in RHEL-6 stores PID into /var/run/radvd/radvd.pid.
Comment 6 Petr Pisar 2012-04-12 07:32:45 EDT
Upstream has fixed this issue by using libdaemon with the following patch set:

commit 1cda2ef33f505be34e690d1b7a1e5eac632819af
Author: Petr Písař <ppisar@redhat.com>
Date:   Wed Apr 11 13:52:24 2012 +0200

    Use pkg-config to discover libdaemon

commit 4ff814023cf62e59a6048a2cc57c62e0664d3c56
Author: Petr Písař <ppisar@redhat.com>
Date:   Thu Apr 5 15:24:22 2012 +0200

    Use libdaemon for daemonization
    
    The libc daemon(3) function suffers from race bewtween exiting parent
    and saving PID into a file.
    
    Using libdaemon library one can avoid this race and can simplify PID
    file manipulation.
    
    The only difference against older implementation is, the PID file will
    be inspected, created, and removed only if daemonization is requested.
Comment 7 Petr Pisar 2012-04-12 09:22:08 EDT
Created attachment 577068 [details]
Reproducer

Use positional arguments to select executable, timeout, and PID file location.
Comment 8 Petr Pisar 2012-04-13 05:52:40 EDT
Created attachment 577285 [details]
Upsteam patch ported to 1.6
Comment 9 Petr Pisar 2012-04-13 05:55:43 EDT
Notice for testers: radvd-1.6 requires enabled global (all device) IPv6 forwarding and a valid configuration file. One can use veth interface pair instead of real ethernet to not jam real network.
Comment 10 RHEL Product and Program Management 2012-09-07 00:59:29 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 11 RHEL Product and Program Management 2013-10-13 21:13:08 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 15 Pavel Šimerda (pavlix) 2016-07-21 09:13:17 EDT
Red Hat Enterprise Linux version 6 is entering the Production 2 phase of its lifetime and this bug doesn't meet the criteria for it, i.e. only high severity issues will be fixed. Please see https://access.redhat.com/support/policy/updates/errata/ for further information.

This issue is fixed in Red Hat Enterprise Linux version 7.

Note You need to log in before you can comment on or make changes to this bug.