Consensus on MT-, AS- and AC-Safety docs.

[Florian Weimer]

On 11/27/2013 02:34 PM, Joseph S. Myers wrote:
> On Wed, 27 Nov 2013, Florian Weimer wrote:
>> I think we should do that in the code that wraps the signal handler call, to
>> address this class of errors once and for all.  Is this feasible?
>
> On many architectures the signal trampoline is provided by the kernel and
> so has no access to libc implementation details like errno.  As far as I
> understand, even when provided by libc all it does is call the sigreturn
> syscall and provide appropriate unwind information for the registers the
> kernel saved on the stack - that is, there is no userspace code called
> before the signal handler that would have a chance to save errno.

The number of signals is fixed and small, so it should be feasible to 
install our own handler in the kernel and store the user-supplied 
handler in a lookup table that gets called from our handler.  There 
might be a slight performance impact, though.

But if we think this errno issue is serious, rather than patching almost 
any signal handler out there right now, we should address it in glibc.

-- 
Florian Weimer / Red Hat Product Security Team