123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294 |
- // Copyright 2021 The Go Authors. All rights reserved.
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- package syscall
- import (
- "runtime"
- "unsafe"
- )
- //sysnb raw_procctl(idtype int, id int64, cmd int, data unsafe.Pointer) (ret int, err Errno)
- //procctl(idtype _C_int, id int64, cmd int, data unsafe.Pointer) _C_int
- type SysProcAttr struct {
- Chroot string // Chroot.
- Credential *Credential // Credential.
- Ptrace bool // Enable tracing.
- Setsid bool // Create session.
- // Setpgid sets the process group ID of the child to Pgid,
- // or, if Pgid == 0, to the new child's process ID.
- Setpgid bool
- // Setctty sets the controlling terminal of the child to
- // file descriptor Ctty. Ctty must be a descriptor number
- // in the child process: an index into ProcAttr.Files.
- // This is only meaningful if Setsid is true.
- Setctty bool
- Noctty bool // Detach fd 0 from controlling terminal
- Ctty int // Controlling TTY fd
- // Foreground places the child process group in the foreground.
- // This implies Setpgid. The Ctty field must be set to
- // the descriptor of the controlling TTY.
- // Unlike Setctty, in this case Ctty must be a descriptor
- // number in the parent process.
- Foreground bool
- Pgid int // Child's process group ID if Setpgid.
- Pdeathsig Signal // Signal that the process will get when its parent dies (Linux and FreeBSD only)
- }
- const (
- _P_PID = 0
- _PROC_PDEATHSIG_CTL = 11
- )
- // Implemented in runtime package.
- func runtime_BeforeFork()
- func runtime_AfterFork()
- func runtime_AfterForkInChild()
- // Fork, dup fd onto 0..len(fd), and exec(argv0, argvv, envv) in child.
- // If a dup or exec fails, write the errno error to pipe.
- // (Pipe is close-on-exec so if exec succeeds, it will be closed.)
- // In the child, this function must not acquire any locks, because
- // they might have been locked at the time of the fork. This means
- // no rescheduling, no malloc calls, and no new stack segments.
- // For the same reason compiler does not race instrument it.
- // The calls to RawSyscall are okay because they are assembly
- // functions that do not grow the stack.
- //go:norace
- func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr *ProcAttr, sys *SysProcAttr, pipe int) (pid int, err Errno) {
- // Declare all variables at top in case any
- // declarations require heap allocation (e.g., err1).
- var (
- r1 Pid_t
- err1 Errno
- nextfd int
- i int
- )
- // Record parent PID so child can test if it has died.
- ppid := raw_getpid()
- // guard against side effects of shuffling fds below.
- // Make sure that nextfd is beyond any currently open files so
- // that we can't run the risk of overwriting any of them.
- fd := make([]int, len(attr.Files))
- nextfd = len(attr.Files)
- for i, ufd := range attr.Files {
- if nextfd < int(ufd) {
- nextfd = int(ufd)
- }
- fd[i] = int(ufd)
- }
- nextfd++
- // About to call fork.
- // No more allocation or calls of non-assembly functions.
- runtime_BeforeFork()
- r1, err1 = raw_fork()
- if err1 != 0 {
- runtime_AfterFork()
- return 0, err1
- }
- if r1 != 0 {
- // parent; return PID
- runtime_AfterFork()
- return int(r1), 0
- }
- // Fork succeeded, now in child.
- // Enable tracing if requested.
- if sys.Ptrace {
- err1 = raw_ptrace(_PTRACE_TRACEME, 0, 0, 0)
- if err1 != 0 {
- goto childerror
- }
- }
- // Session ID
- if sys.Setsid {
- err1 = raw_setsid()
- if err1 != 0 {
- goto childerror
- }
- }
- // Set process group
- if sys.Setpgid || sys.Foreground {
- // Place child in process group.
- err1 = raw_setpgid(0, sys.Pgid)
- if err1 != 0 {
- goto childerror
- }
- }
- if sys.Foreground {
- pgrp := Pid_t(sys.Pgid)
- if pgrp == 0 {
- pgrp = raw_getpid()
- }
- // Place process group in foreground.
- err1 = raw_ioctl(sys.Ctty, TIOCSPGRP, unsafe.Pointner(&pgrp))
- if err1 != 0 {
- goto childerror
- }
- }
- // Restore the signal mask. We do this after TIOCSPGRP to avoid
- // having the kernel send a SIGTTOU signal to the process group.
- runtime_AfterForkInChild()
- // Chroot
- if chroot != nil {
- err1 = raw_chroot(chroot)
- if err1 != 0 {
- goto childerror
- }
- }
- // User and groups
- if cred := sys.Credential; cred != nil {
- ngroups := len(cred.Groups)
- var groups *Gid_t
- if ngroups > 0 {
- gids := make([]Gid_t, ngroups)
- for i, v := range cred.Groups {
- gids[i] = Gid_t(v)
- }
- groups = &gids[0]
- }
- if !cred.NoSetGroups {
- err1 = raw_setgroups(ngroups, groups)
- if err1 != 0 {
- goto childerror
- }
- }
- err2 := Setgid(int(cred.Gid))
- if err2 != nil {
- err1 = err2.(Errno)
- goto childerror
- }
- err2 = Setuid(int(cred.Uid))
- if err2 != nil {
- err1 = err2.(Errno)
- goto childerror
- }
- }
- // Chdir
- if dir != nil {
- err1 = raw_chdir(dir)
- if err1 != 0 {
- goto childerror
- }
- }
- // Parent death signal
- if sys.Pdeathsig != 0 {
- _, err1 = raw_procctl(_P_PID, 0, _PROC_PDEATHSIG_CTL, unsafe.Pointer(&sys.Pdeathsig))
- if err1 != 0 {
- goto childerror
- }
- // Signal self if parent is already dead. This might cause a
- // duplicate signal in rare cases, but it won't matter when
- // using SIGKILL.
- r1 = raw_getppid()
- if r1 != ppid {
- pid := raw_getpid()
- err1 = raw_kill(pid, sys.Pdeathsig)
- if err1 != 0 {
- goto childerror
- }
- }
- }
- // Pass 1: look for fd[i] < i and move those up above len(fd)
- // so that pass 2 won't stomp on an fd it needs later.
- if pipe < nextfd {
- _, err1 = raw_fcntl(pipe, _F_DUP2FD_CLOEXEC, nextfd)
- if err1 != 0 {
- goto childerror
- }
- pipe = nextfd
- nextfd++
- }
- for i = 0; i < len(fd); i++ {
- if fd[i] >= 0 && fd[i] < int(i) {
- if nextfd == pipe { // don't stomp on pipe
- nextfd++
- }
- err1 = raw_fcntl(fd[i], _F_DUP2FD_CLOEXEC, nextfd)
- if err1 != 0 {
- goto childerror
- }
- fd[i] = nextfd
- nextfd++
- }
- }
- // Pass 2: dup fd[i] down onto i.
- for i = 0; i < len(fd); i++ {
- if fd[i] == -1 {
- raw_close(i)
- continue
- }
- if fd[i] == int(i) {
- // dup2(i, i) won't clear close-on-exec flag on Linux,
- // probably not elsewhere either.
- _, err1 = raw_fcntl(fd[i], _F_SETFD, 0)
- if err1 != 0 {
- goto childerror
- }
- continue
- }
- // The new fd is created NOT close-on-exec,
- // which is exactly what we want.
- err1 = raw_dup2(fd[i], i)
- if err1 != 0 {
- goto childerror
- }
- }
- // By convention, we don't close-on-exec the fds we are
- // started with, so if len(fd) < 3, close 0, 1, 2 as needed.
- // Programs that know they inherit fds >= 3 will need
- // to set them close-on-exec.
- for i = len(fd); i < 3; i++ {
- raw_close(i)
- }
- // Detach fd 0 from tty
- if sys.Noctty {
- _, err = raw_ioctl(0, TIOCNOTTY, 0)
- if err1 != 0 {
- goto childerror
- }
- }
- // Set the controlling TTY to Ctty
- if sys.Setctty {
- _, err1 = raw_ioctl(sys.Cty, TIOCSCTTY, 0)
- if err1 != 0 {
- goto childerror
- }
- }
- // Time to exec.
- err1 = raw_execve(argv0, &argv[0], &envv[0])
- childerror:
- // send error code on pipe
- raw_write(pipe, (*byte)(unsafe.Pointer(&err1)), int(unsafe.Sizeof(err1)))
- for {
- raw_exit(253)
- }
- }
|