From c2c8b4787b0882234ba2772ec7513afbf97b563a Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Sun, 29 Jan 2017 13:05:18 +0100
Subject: Add support for dpkg frontend lock

The dpkg frontend lock is a lock dpkg tries to acquire
except if the frontend already acquires it.

This fixes a race condition in the install command where the
dpkg lock is not held for a short period of time between
different dpkg invocations.

For this reason we also define an environment variable
DPKG_FRONTEND_LOCKED for dpkg invocations so dpkg knows
not to try to acquire the frontend lock because it's held
by a parent process.

We can set DPKG_FRONTEND_LOCKED only if the frontend lock
really is held; that is, if our lock count is greater than 0
- otherwise an apt client not using the LockInner family of
functions would run dpkg without the frontend lock set, but
with DPKG_FRONTEND_LOCKED set. Such a process has a weaker
guarantee: Because dpkg would not lock the frontend lock
either, the process is prone to the existing races, and,
more importantly, so is a new style process.

Closes: #869546

[fixups: fix error messages, add public IsLocked() method, and
 make {Un,}LockInner return an error on !debSystem]
---
 apt-pkg/deb/debsystem.cc | 53 +++++++++++++++++++++++++++++++++++++++++-------
 apt-pkg/deb/debsystem.h  |  4 ++++
 apt-pkg/deb/dpkgpm.cc    |  4 ++++
 3 files changed, 54 insertions(+), 7 deletions(-)

(limited to 'apt-pkg/deb')

diff --git a/apt-pkg/deb/debsystem.cc b/apt-pkg/deb/debsystem.cc
index c183ab000..11aa2cfd7 100644
--- a/apt-pkg/deb/debsystem.cc
+++ b/apt-pkg/deb/debsystem.cc
@@ -44,10 +44,11 @@ debSystem debSys;
 
 class APT_HIDDEN debSystemPrivate {
 public:
-   debSystemPrivate() : LockFD(-1), LockCount(0), StatusFile(0)
+   debSystemPrivate() : FrontendLockFD(-1), LockFD(-1), LockCount(0), StatusFile(0)
    {
    }
    // For locking support
+   int FrontendLockFD;
    int LockFD;
    unsigned LockCount;
    
@@ -85,21 +86,29 @@ bool debSystem::Lock()
 
    // Create the lockfile
    string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
-   d->LockFD = GetLock(AdminDir + "lock");
-   if (d->LockFD == -1)
+   string FrontendLockFile = AdminDir + "lock-frontend";
+   d->FrontendLockFD = GetLock(FrontendLockFile);
+   if (d->FrontendLockFD == -1)
    {
       if (errno == EACCES || errno == EAGAIN)
-	 return _error->Error(_("Unable to lock the administration directory (%s), "
-	                        "is another process using it?"),AdminDir.c_str());
+	 return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+	                        "is another process using it?"),FrontendLockFile.c_str());
       else
-	 return _error->Error(_("Unable to lock the administration directory (%s), "
-	                        "are you root?"),AdminDir.c_str());
+	 return _error->Error(_("Unable to acquire the dpkg frontend lock (%s), "
+	                        "are you root?"),FrontendLockFile.c_str());
+   }
+   if (LockInner() == false)
+   {
+      close(d->FrontendLockFD);
+      return false;
    }
    
    // See if we need to abort with a dirty journal
    if (CheckUpdates() == true)
    {
       close(d->LockFD);
+      close(d->FrontendLockFD);
+      d->FrontendLockFD = -1;
       d->LockFD = -1;
       const char *cmd;
       if (getenv("SUDO_USER") != NULL)
@@ -116,6 +125,21 @@ bool debSystem::Lock()
       
    return true;
 }
+
+bool debSystem::LockInner() {
+   string AdminDir = flNotFile(_config->FindFile("Dir::State::status"));
+   d->LockFD = GetLock(AdminDir + "lock");
+   if (d->LockFD == -1)
+   {
+      if (errno == EACCES || errno == EAGAIN)
+	 return _error->Error(_("Unable to lock the administration directory (%s), "
+	                        "is another process using it?"),AdminDir.c_str());
+      else
+	 return _error->Error(_("Unable to lock the administration directory (%s), "
+	                        "are you root?"),AdminDir.c_str());
+   }
+   return true;
+}
 									/*}}}*/
 // System::UnLock - Drop a lock						/*{{{*/
 // ---------------------------------------------------------------------
@@ -129,11 +153,26 @@ bool debSystem::UnLock(bool NoErrors)
       return _error->Error(_("Not locked"));
    if (--d->LockCount == 0)
    {
+      close(d->FrontendLockFD);
       close(d->LockFD);
       d->LockCount = 0;
    }
    
    return true;
+}
+bool debSystem::UnLockInner(bool NoErrors) {
+   (void) NoErrors;
+   close(d->LockFD);
+   return true;
+}
+									/*}}}*/
+// System::IsLocked - Check if system is locked						/*{{{*/
+// ---------------------------------------------------------------------
+/* This checks if the frontend lock is hold. The inner lock might be
+ * released. */
+bool debSystem::IsLocked()
+{
+   return d->LockCount > 0;
 }
 									/*}}}*/
 // System::CheckUpdates - Check if the updates dir is dirty		/*{{{*/
diff --git a/apt-pkg/deb/debsystem.h b/apt-pkg/deb/debsystem.h
index 7b59fc073..4503676fa 100644
--- a/apt-pkg/deb/debsystem.h
+++ b/apt-pkg/deb/debsystem.h
@@ -50,6 +50,10 @@ class debSystem : public pkgSystem
    APT_HIDDEN static pid_t ExecDpkg(std::vector<std::string> const &sArgs, int * const inputFd, int * const outputFd, bool const DiscardOutput);
    APT_HIDDEN static bool SupportsMultiArch();
    APT_HIDDEN static std::vector<std::string> SupportedArchitectures();
+
+   APT_HIDDEN bool LockInner();
+   APT_HIDDEN bool UnLockInner(bool NoErrors=false);
+   APT_HIDDEN bool IsLocked();
 };
 
 extern debSystem debSys;
diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index c6900ec77..790019b98 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -2010,6 +2010,10 @@ bool pkgDPkgPM::Go(APT::Progress::PackageManager *progress)
 	 else
 	    setenv("DPKG_COLORS", "never", 0);
 
+	 if (dynamic_cast<debSystem*>(_system) != nullptr
+	    && dynamic_cast<debSystem*>(_system)->IsLocked() == true) {
+	    setenv("DPKG_FRONTEND_LOCKED", "true", 1);
+	 }
 	 execvp(Args[0], (char**) &Args[0]);
 	 cerr << "Could not exec dpkg!" << endl;
 	 _exit(100);
-- 
cgit v1.2.3