-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Eliminate removal of nonblocking flag for "special" files #7530
Eliminate removal of nonblocking flag for "special" files #7530
Conversation
Do you think that's true for the other platforms? |
Something I just noticed is that the non blocking branch in the We should add that check. |
8a7ec85
to
8266a93
Compare
The status of this PR is that even after rebasing to master, the tests are still failing on Debug linux builds. I am currently looking into this, but it is confusing as it does build in release. Does anyone have an idea what is different in debug linux builds? @directionless Based on testing on each platform and reading the documentation for each platform, I believe the same holds. I am still investigating the debug linux build though so maybe I am wrong. @Smjert I agree, and I will address these issues in this PR. Not sure this will be done for 5.3 but I will continue with updates here as I get a better sense. |
The build itself is working, it's the tests that runs in the Debug build that are not.
But in general, there isn't nothing particular in osquery debug builds. |
On Linux (also macos and Windows) special files *can* be read in non-blocking mode. A test is added to ensure that opening and reading a special file behaves as expected.
8266a93
to
328fcfd
Compare
After much toying around, the simplest fix seemed to be to just have special files use the blocking_io path when reading. This ensures the existing code that reads from special files doesn't have any behavior change. Even after working with this code, I am unsure why the separate paths for blocking and non_blocking exist for reading files? I even tried on linux, and just deleting the if/else and always using the blocking_io path has all the tests failing. What am I missing here? |
Currently, when opening or reading a named pipe (or fifo), osquery will block. This is a potential avenue for a denial of service attack.
After some investigation, I believe the comment here is incorrect.
According to The Linux Programming Interface Section 5.9
Given this, the best solution seemed to be to get rid of the check for
fd->isSpecialFile()
and the non-blocking mode will handle not blocking and for fifo's it will just return an error that we can handle.A test is also added to make sure this change behaves properly on Windows as well.