On Wed, Nov 17, 2021 at 4:05 PM Kees Cook keescook@chromium.org wrote:
(nit: should the "sigdfl" argument be renamed "immutable" for clarity in this function?)
I don't think that would necessarily clarify anything. Neither "sigdfl" nor "immutable" makes at least me go "Ahh, that explains things".
Both "sigdfl" and "immutable" are about random internal implementation choices ("force SIGDFL" and "set SA_IMMUTABLE" respectively).
I think naming things by random internal implementation things is questionable in general, but it's particularly questionable when they aren't even some really fundamental thing.
I think you generally want to name things not by how they do something, but by *WHAT* they do.
So I think the proper name for it would be "fatal" or something like that. It's basically saying "This signal is fatal, even if you have a handler for it or not". That "set it to SIGDFL" just happens to be how we made it fatal.
And then we should perhaps also make such a signal uncatchable by the debugger (rather than just "debugger cannot undo or modify it" like the SA_IMMUTABLE bit does).
Anybody want to take on that renaming / uncatchable part? Please take my (now at least tested by Kees) patch and make it your own.
Linus