Page MenuHome GnuPG
Create Task
Maniphest T7151

graceful shutdown: DEVINFO should be a gpg-agent command: also watching input close
Testing, HighPublic
Actions

Description

scdaemon supports DEVINFO --watch command to keep watching the device removal.
It loops forever (for the current implementation), and the only way to stop watcing is killing scdaemon.

It should work in the following way, like:
(1) It simultaneously polls device info updates and client input close.
(2) On device info update, send the information to client.
(3) On the client input close, finish the command (and finish the connection from client).

But it is not only scdaemon, but also gpg-agent should behave like that, because gpgme uses gpg-agent to access scdaemon.
That is:
(1) gpg-agent (for DEVINFO command) should simultaneously polls on (a) scdaemon's output and (b) client input close.
(2) On the scdaemon output, send the information to client.
(3) On the client input close, finish the command and finish the connection to scdaemon, and finish the connection from client).

Revisions and Commits

rG GnuPG
rGc98385d311ca scd: Fix DEVINFO, allowing no clients which watch the change.
rG0a94582af5b1 scd: Fix DEVINFO, allowing no clients which watch the change.
rG32476f870d62 scd: Fix DEVINFO to allow multiple clients.
rGfc30f7059650 scd: Fix DEVINFO to allow multiple clients.
rG5746c944cd78 agent: Require use of "SCD DEVINFO --watch" command with socket.
rG0ed8e9ae3e75 agent: Handle SCD DEVINFO --watch command in a special way.
rGfd9872295b33 agent:daemon: Add an argument to specify requiring socket connection.
rG59e785b5434d scd: Restrict use of DEVINFO --watch command for socket connection.
rG6996e5f6ff5d scd: Finish DEVINFO --watch command on input close.
rG70bb9c512727 scd: Fix how scdaemon pipe server finishes.
rGc4ff9c5def1a agent: Require use of "SCD DEVINFO --watch" command with socket.
rG5d980802acb3 agent:daemon: Add an argument to specify requiring socket connection.
rGb3f1f2cd192b agent: Handle SCD DEVINFO --watch command in a special way.
rGd98521b934ec scd: Restrict use of DEVINFO --watch command for socket connection.
rG36d8cffc6cd2 scd: Finish DEVINFO --watch command on input close.
AuditedrG01fa318be0f8 scd: Fix how scdaemon pipe server finishes.

Related Objects
Search...

Event Timeline

gniibe claimed this task.Jun 12 2024, 6:42 AM
gniibe created this task.
werner added a subscriber: ikloecker.Jun 13 2024, 10:19 AM
werner triaged this task as High priority.Jun 13 2024, 12:38 PM
werner added a project: gnupg24.
gniibe added projects: scd, gpgagent.Jun 17 2024, 4:49 AM
gniibe added a commit: rG01fa318be0f8: scd: Fix how scdaemon pipe server finishes..Jun 17 2024, 4:54 AM
gniibe added a comment.EditedJun 24 2024, 4:24 AM

Did some experiment and I concluded (for now) that new command for gpg-agent would not be needed.
Instead, it might be better doing following in GPGME.

(1) Asking gpg-agent for socket name of scdaemon (if gpg-agent is not yet running, start it).
(2) Then, use the socket to connect scdaemon for DEVINFO --watch.

Note that this (1) is the way how Poldi works to access scdaemon.

By doing this, we don't need to touch gpg-agent, and we don't need to consider difference between how to watch pipe connection and how to watch socket connection on Windows for gpg-agent.

And... for scdaemon, we can assume the connection is socket for DEVINFO --watch command, which allows use of select.

werner added a subscriber: werner.Jun 24 2024, 9:05 AM

Maybe we can support this directly in gpgme's assuan API.

gniibe added a commit: rG36d8cffc6cd2: scd: Finish DEVINFO --watch command on input close..Jun 25 2024, 8:35 AM
gniibe added a comment.Jun 25 2024, 10:56 AM

scdaemon part was done in: rG36d8cffc6cd2: scd: Finish DEVINFO --watch command on input close.

gniibe added a commit: rGd98521b934ec: scd: Restrict use of DEVINFO --watch command for socket connection..Jun 26 2024, 4:17 AM
gniibe added a commit: rG5d980802acb3: agent:daemon: Add an argument to specify requiring socket connection..Jun 27 2024, 8:32 AM
gniibe added a commit: rGb3f1f2cd192b: agent: Handle SCD DEVINFO --watch command in a special way..
gniibe added a comment.Jun 27 2024, 8:38 AM

Asking a change of gpgme would need more time... So, I decided to change gpg-agent side.
gpg-agent part was done in: rGb3f1f2cd192b: agent: Handle SCD DEVINFO --watch command in a special way.

Tested on Debian machine. Test scenario is like following.

(1) Prepare gpg-agent running. Identify the PID by ps command and see the number of threads by ps -m -L PID command

(2) Run the following command to watch the device information

gpg-connect-agent "SCD DEVINFO --watch"

(3) On another terminal, you can see the number of threads of gpg-agent is now increased.

(4) With Ctrl-C, kill the gpg-connect-agent command

(5) Check the number of threads of gpg-agent again, it's now decreased.

Please test on Windows.

gniibe added a commit: rGc4ff9c5def1a: agent: Require use of "SCD DEVINFO --watch" command with socket..Jun 28 2024, 6:54 AM
gniibe changed the task status from Open to Testing.Jul 1 2024, 4:25 AM
gniibe changed the status of subtask T7160: scd: pipe server shutdown from Open to Testing.
werner added a commit: rG70bb9c512727: scd: Fix how scdaemon pipe server finishes..Jul 1 2024, 2:39 PM
werner added a commit: rG6996e5f6ff5d: scd: Finish DEVINFO --watch command on input close..
werner added a commit: rGfd9872295b33: agent:daemon: Add an argument to specify requiring socket connection..
werner added a commit: rG59e785b5434d: scd: Restrict use of DEVINFO --watch command for socket connection..
werner added a commit: rG0ed8e9ae3e75: agent: Handle SCD DEVINFO --watch command in a special way..
werner added a commit: rG5746c944cd78: agent: Require use of "SCD DEVINFO --watch" command with socket..
werner mentioned this in T7189: Release GnuPG 2.5.0.Jul 5 2024, 2:42 PM
gniibe added a comment.Sep 18 2024, 4:57 AM

I realized that I put a bug on POSIX; When multiple clients do DEVINFO --watch, it is possible for scdaemon to hang (waiting pselect and read, read by one, read by another is blocked).

gniibe added a commit: rGfc30f7059650: scd: Fix DEVINFO to allow multiple clients..Sep 18 2024, 6:47 AM
gniibe added a comment.Sep 18 2024, 6:52 AM

Fixed in rGfc30f7059650: scd: Fix DEVINFO to allow multiple clients.

gniibe mentioned this in T7291: scdaemon randomly hangs when trying to access a token.Sep 18 2024, 6:55 AM
werner added a comment.Sep 18 2024, 6:30 PM

You mean it is possible that the initialization function is called by several threads - or that two scdaemon's are running before they realize that one of them is in the way?

gniibe added a comment.EditedSep 19 2024, 1:43 AM

I mean: two gpg-agent requests simultaneously running DEVINFO --watch.
Single scdaemon, two threads handling DEVINFO --watch simultaneously, by pselect + read.
Two threads waken up, but it was only one thread which can read(2), another was blocked (before the fix).

werner added a comment.Sep 19 2024, 8:56 AM

I see. the systemd race of having two gpg-agent processes. The second gpg-agent should eventually go away but than it is already too late.

werner added a commit: rG32476f870d62: scd: Fix DEVINFO to allow multiple clients..Sep 19 2024, 4:31 PM
gniibe added a commit: rG0a94582af5b1: scd: Fix DEVINFO, allowing no clients which watch the change..Sep 20 2024, 3:48 AM
gniibe added a comment.Sep 20 2024, 3:51 AM

Found another thinko; When there is no clients with DEVINFO --watch, the pipe to be notified is not consumed at all (no read). It eventually results blocked by write(2), when the pipe is filled.

Fixed in rG0a94582af5b1: scd: Fix DEVINFO, allowing no clients which watch the change.

werner added a commit: rGc98385d311ca: scd: Fix DEVINFO, allowing no clients which watch the change..Sep 20 2024, 12:07 PM
werner mentioned this in T7030: Release GnuPG 2.4.6.Mon, Oct 21, 3:29 PM