Skip to content

sss: kill entire process group during decryption cleanup #539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
sergio-correia wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

sss: kill entire process group during decryption cleanup #539

sergio-correia wants to merge 1 commit into from

Conversation

@sergio-correia
Copy link
Collaborator

@sergio-correia sergio-correia commented Dec 18, 2025
edited
Loading

When using SSS with multiple pins (e.g., tang) and threshold < n, after
successful decryption with t pins, the remaining child processes and
their grandchildren (like curl) were not being killed.

The fix uses process groups for decryption only:

  • Add use_pgrp parameter to call() to control process group creation
  • For decryption: use_pgrp=true - child calls setpgid(0, 0) to become
    a process group leader, parent also calls setpgid() to eliminate race
  • For encryption: use_pgrp=false - no process groups needed since we
    wait for all children anyway
  • Cleanup uses kill(-pid, SIGTERM) to kill the entire process group
  • Falls back to direct kill if process group doesn't exist

Resolves: #460

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 18, 2025
View reviewed changes
@sergio-correia sergio-correia mentioned this pull request Dec 18, 2025
Open
@sergio-correia sergio-correia marked this pull request as draft December 18, 2025 15:59
@sergio-correia
sss: kill entire process group during decryption cleanup
c34dd2b 
When using SSS with multiple pins (e.g., tang) and threshold < n, after
successful decryption with t pins, the remaining child processes and
their grandchildren (like curl) were not being killed.

The fix uses process groups for decryption only:
- Add use_pgrp parameter to call() to control process group creation
- For decryption: use_pgrp=true - child calls setpgid(0, 0) to become
a process group leader, parent also calls setpgid() to eliminate race
- For encryption: use_pgrp=false - no process groups needed since we
wait for all children anyway
- Cleanup uses kill(-pid, SIGTERM) to kill the entire process group
- Falls back to direct kill if process group doesn't exist

Signed-off-by: Sergio Correia <scorreia@redhat.com>
@sergio-correia sergio-correia changed the title sss: kill entire process group during cleanup sss: kill entire process group during decryption cleanup Dec 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

clevis-decrypt-sss fails to kill all child processes (and their respective children)

1 participant

@sergio-correia