signal-util: do not abort when sigprocmask() failed

BLOCK_SIGNALS() is also used in nss modules. If an application is
running with a too strict seccomp loads our nss modules, then the
assertion may be triggered.

Fixes #38582.

diff --git a/src/basic/signal-util.h b/src/basic/signal-util.h
index 7d8a284c50361606ffab4537b03cb4341701431a..04f3e73c78e1e9ec825b696c4ee360913abb0b9f 100644 (file)
--- a/src/basic/signal-util.h
+++ b/src/basic/signal-util.h
@@ -36,16 +36,21 @@ int signal_from_string(const char *s) _pure_;
 
 void nop_signal_handler(int sig);
 
-static inline void block_signals_reset(sigset_t *ss) {
-        assert_se(sigprocmask(SIG_SETMASK, ss, NULL) >= 0);
+static inline void block_signals_reset(sigset_t **ss) {
+        assert(ss);
+
+        if (!*ss)
+                return;
+
+        assert_log(sigprocmask(SIG_SETMASK, *ss, NULL) >= 0);
 }
 
-#define BLOCK_SIGNALS(...)                                                         \
-        _cleanup_(block_signals_reset) _unused_ sigset_t _saved_sigset = ({        \
-                sigset_t _t;                                                       \
-                assert_se(sigprocmask_many(SIG_BLOCK, &_t, __VA_ARGS__) >= 0);     \
-                _t;                                                                \
-        })
+#define BLOCK_SIGNALS(...)                                              \
+        sigset_t _saved_sigset;                                         \
+        _cleanup_(block_signals_reset) _unused_ sigset_t *_saved_sigsetp = \
+                assert_log(sigprocmask_many(SIG_BLOCK, &_saved_sigset, __VA_ARGS__) >= 0) ? \
+                &_saved_sigset : NULL;
+
 #define SIGNO_INVALID (-EINVAL)
 
 static inline bool SIGNAL_VALID(int signo) {