Index: base/synchronization/lock_impl_posix.cc |
diff --git a/base/synchronization/lock_impl_posix.cc b/base/synchronization/lock_impl_posix.cc |
index 5619adaf5d829df72f93fd57b0687d551fb9390d..f6d6f4af16cbabf50013e2547c9e64925766bcc8 100644 |
--- a/base/synchronization/lock_impl_posix.cc |
+++ b/base/synchronization/lock_impl_posix.cc |
@@ -8,26 +8,30 @@ |
#include <string.h> |
#include "base/logging.h" |
+#include "base/synchronization/lock.h" |
namespace base { |
namespace internal { |
LockImpl::LockImpl() { |
-#ifndef NDEBUG |
- // In debug, setup attributes for lock error checking. |
pthread_mutexattr_t mta; |
int rv = pthread_mutexattr_init(&mta); |
DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
+#if PRIORITY_INHERITANCE_LOCKS_POSSIBLE() |
danakj
2016/07/27 22:47:53
Alternatively, if guarding everything else by OS_P
robliao
2016/07/28 20:06:09
We're already in a POSIX-only file, so OS_POSIX sh
|
+ if (PriorityInheritanceAvailable()) { |
+ rv = pthread_mutexattr_setprotocol(&mta, PTHREAD_PRIO_INHERIT); |
+ } |
+ DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
danakj
2016/07/27 22:47:53
put this inside the if?
robliao
2016/07/28 20:06:09
Done.
|
+#endif |
+#ifndef NDEBUG |
+ // In debug, setup attributes for lock error checking. |
rv = pthread_mutexattr_settype(&mta, PTHREAD_MUTEX_ERRORCHECK); |
DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
+#endif |
rv = pthread_mutex_init(&native_handle_, &mta); |
DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
rv = pthread_mutexattr_destroy(&mta); |
DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
-#else |
- // In release, go with the default lock attributes. |
- pthread_mutex_init(&native_handle_, NULL); |
-#endif |
} |
LockImpl::~LockImpl() { |
@@ -51,5 +55,29 @@ void LockImpl::Unlock() { |
DCHECK_EQ(rv, 0) << ". " << strerror(rv); |
} |
+// static |
+bool LockImpl::PriorityInheritanceAvailable() { |
+#if PRIORITY_INHERITANCE_LOCKS_POSSIBLE() && defined(OS_MACOSX) |
+ return true; |
+#else |
+ // Security concerns prevent the use of priority inheritance mutexes on Linux. |
+ // * CVE-2010-0622 - wake_futex_pi unlocks incorrect, possible DoS. |
+ // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 |
+ // * CVE-2012-6647 - Linux < 3.5.1, futex_wait_requeue_pi possible DoS. |
+ // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6647 |
+ // * CVE-2014-3153 - Linux <= 3.14.5, futex_requeue, privilege escalation. |
+ // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153 |
+ // |
+ // If the above were all addressed, we still need a runtime check to deal with |
+ // the bug below. |
+ // * glibc Bug 14652: https://sourceware.org/bugzilla/show_bug.cgi?id=14652 |
+ // Fixed in glibc 2.17. |
+ // Priority inheritance mutexes may deadlock with condition variables |
+ // during recacquisition of the mutex after the condition variable is |
+ // signalled. |
+ return false; |
+#endif |
+} |
+ |
} // namespace internal |
} // namespace base |