diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-02 17:46:22 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-02 17:46:22 +0200 |
commit | a566b2219b7fc6573393c1b7bd3a56ed13029454 (patch) | |
tree | 78dd87441efbdb91921c74f27f1918903e418cf8 /service | |
parent | service: wtf->wts (diff) | |
download | wireguard-windows-a566b2219b7fc6573393c1b7bd3a56ed13029454.tar.xz wireguard-windows-a566b2219b7fc6573393c1b7bd3a56ed13029454.zip |
service: lock OS thread before making inheritable handles
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'service')
-rw-r--r-- | service/service_manager.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/service/service_manager.go b/service/service_manager.go index 25729aed..9d60b57c 100644 --- a/service/service_manager.go +++ b/service/service_manager.go @@ -12,6 +12,7 @@ import ( "golang.zx2c4.com/wireguard/windows/ringlogger" "log" "os" + "runtime" "runtime/debug" "sync" "syscall" @@ -172,6 +173,7 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest stoppingManager := false startProcess = func(session uint32) { + defer runtime.UnlockOSThread() for { if stoppingManager { return @@ -216,6 +218,10 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest return } + //TODO: we lock the OS thread so that these inheritable handles don't escape into other processes that + // might be running in parallel Go routines. But the Go runtime is strange and who knows what's really + // happening with these or what is inherited. We need to do some analysis to be certain of what's going on. + runtime.LockOSThread() ourReader, theirReader, theirReaderStr, ourWriter, theirWriter, theirWriterStr, err := inheritableSocketpairEmulation() if err != nil { log.Printf("Unable to create two inheritable pipes: %v", err) @@ -253,6 +259,7 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest theirReader.Close() theirWriter.Close() theirEvents.Close() + runtime.UnlockOSThread() if err != nil { log.Printf("Unable to start manager UI process: %v", err) return |