ssh/tailssh: lock OS thread during incubator

This makes it less likely that we trip over bugs like golang/go#1435. Updates #7616 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: Ic28c03c3ad8ed5274a795c766b767fa876029f0e
2025-11-04 00:55:11 +00:00 · 2023-03-23 12:49:11 -04:00
parent c350cd1f06
commit 9de8287d47
1 changed files with 10 additions and 0 deletions
--- a/ssh/tailssh/incubator.go
+++ b/ssh/tailssh/incubator.go
@@ -204,6 +204,16 @@ func parseIncubatorArgs(args []string) (a incubatorArgs) {
 // OS, sets its UID and groups to the specified `--uid`, `--gid` and
 // `--groups` and then launches the requested `--cmd`.
 func beIncubator(args []string) error {
+	// To defend against issues like https://golang.org/issue/1435,
+	// defensively lock our current goroutine's thread to the current
+	// system thread before we start making any UID/GID/group changes.
+	//
+	// This shouldn't matter on Linux because syscall.AllThreadsSyscall is
+	// used to invoke syscalls on all OS threads, but (as of 2023-03-23)
+	// that function is not implemented on all platforms.
+	runtime.LockOSThread()
+	defer runtime.UnlockOSThread()
+
 	ia := parseIncubatorArgs(args)
 	if ia.isSFTP && ia.isShell {
 		return fmt.Errorf("--sftp and --shell are mutually exclusive")