Index: src/untrusted/init/init.cc |
diff --git a/src/untrusted/init/init.cc b/src/untrusted/init/init.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..99c5257893976cab2ec45d5e76d9abcb466a1986 |
--- /dev/null |
+++ b/src/untrusted/init/init.cc |
@@ -0,0 +1,370 @@ |
+// Copyright (c) 2013 The Native Client Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include <errno.h> |
+#include <pthread.h> |
+#include <string.h> |
+#include <stdlib.h> |
+#include <unistd.h> |
+ |
+#include "native_client/src/include/nacl_scoped_ptr.h" |
+#include "native_client/src/public/imc_syscalls.h" |
+#include "native_client/src/shared/srpc/nacl_srpc.h.h" |
+#include "native_client/src/untrusted/irt/irt.h" |
+ |
+#include "native_client/src/untrusted/init/scoped_lock.h" |
+#include "native_client/src/untrusted/init/scoped_non_ptr.h" |
+ |
+namespace nacl { |
+ |
+class Pidmap { |
+ std::bitset<PID_MAX_LIMIT> pids_; |
+}; |
+ |
+typedef std::map<int, SrpcChannel> PidMap; |
+ |
+class PidNamespace { |
+ private: |
+ PidMap pids_; |
+}; |
+ |
+} |
+ |
+static void print_error(const char *message) { |
+ write(2, message, strlen(message)); |
+} |
+ |
+/* Mutex to guard kernel channel initialization. */ |
+static pthread_mutex_t kernel_service_mutex = PTHREAD_MUTEX_INITIALIZER; |
+static int kernel_channel_initialized = 0; |
+static struct NaClSrpcChannel kernel_channel; |
+ |
+static int get_kernel_channel_locked(struct NaClSrpcChannel **result) { |
+ int status; |
+ int kernel; |
+ int kernel_conn; |
+ |
+ if (kernel_channel_initialized) { |
+ *result = &manifest_channel; |
+ return 0; |
+ } |
+ *result = NULL; |
+ |
+ status = irt_nameservice_lookup("KernelService", O_RDWR, &kernel); |
+ if (NACL_NAME_SERVICE_SUCCESS != status) { |
+ print_error("Kernel service lookup failed\n"); |
+ return EIO; |
+ } |
+ |
+ if (-1 == kernel) { |
+ print_error("Kernel service descriptor is invalid\n"); |
+ return EIO; |
+ } |
+ kernel_conn = imc_connect(kernel); |
+ close(kernel); |
+ if (-1 == kernel_conn) { |
+ print_error("Error connecting to Kernel service\n"); |
+ return EIO; |
+ } |
+ if (!NaClSrpcClientCtor(&kernel_channel, kernel_conn)) { |
+ print_error("Error establishing Kernel SRPC channel\n"); |
+ return EIO; |
+ } |
+ *result = &kernel_channel; |
+ kernel_channel_initialized = 1; |
+ return 0; |
+} |
+ |
+int get_kernel_channel(struct NaClSrpcChannel **result) { |
+ int error; |
+ pthread_mutex_lock(&kernel_service_mutex); |
+ error = get_kernel_channel_locked(result); |
+ pthread_mutex_unlock(&kernel_service_mutex); |
+ return error; |
+} |
+ |
+int create_process(struct NaClSrpcChannel *kernel_channel) { |
+ int status; |
+ |
+ if (NACL_SRPC_RESULT_OK != |
+ NaClSrpcInvokeBySignature(kern_chan, NACL_KERNEL_SERVICE_CREATE_PROCESS, |
+ &status, &g_sock_addr, &g_app_addr)) { |
+ fprintf(stderr, "create process failed, status %d\n", status); |
+ return 0; |
+ } |
+ assert(0 == status); |
+ |
+ if (!NaClLdrSetupCommandChannel(g_sock_addr, &g_command_channel)) { |
+ fprintf(stderr, "failed to setup command channel\n"); |
+ return 0; |
+ } |
+ |
+ return 1; |
+} |
+ |
+static int nacl_irt_posix_spawn(pid_t *pid, const char *path, |
+ const posix_spawn_file_actions_t *file_actions, |
+ const posix_spawnattr_t *attrp, |
+ char *const argv[], char *const envp[]) { |
+ int status; |
+ struct NaClSrpcChannel *kernel_channel; |
+ int sock_addr; |
+ int app_addr; |
+ int nexe_fd; |
+ struct NaClSrpcChannel command_channel; |
+ int app_conn; |
+ struct NaClSrpcChannel app_channel; |
+ |
+ status = get_kernel_channel(&kernel_channel); |
+ if (0 != status) { |
+ return status; |
+ } |
+ |
+ pthread_mutex_lock(&kernel_service_mutex); |
+ if (NACL_SRPC_RESULT_OK == NaClSrpcInvokeBySignature( |
+ kernel_channel, NACL_KERNEL_SERVICE_CREATE_PROCESS, |
+ &status, &sock_addr, &app_addr)) { |
+ status = 0; |
+ } |
+ pthread_mutex_unlock(&kernel_service_mutex); |
+ |
+ if (!NaClLdrSetupCommandChannel(sock_addr, &command_channel)) { |
+ print_error(stderr, "Failed to setup command channel\n"); |
+ return 0; |
+ } |
+ |
+ status = nacl_irt_resource_open.open_resource(path, &nexe_fd); |
+ if (0 != status) { |
+ print_error(stderr, "Failed to open module nexe\n"); |
+ goto cleanup_channel; |
+ } |
+ |
+ if (!NaClLdrLoadModule(&command_channel, nexe_fd)) { |
+ print_error(stderr, "Failed to load module\n"); |
+ goto cleanup_channel; |
+ } |
+ |
+ if (!NaClLdrStartModule(&command_channel)) { |
+ print_error(stderr, "Failed to start module\n"); |
+ goto cleanup_channel; |
+ } |
+ |
+ app_conn = imc_connect(app_addr); |
+ close(app_addr); |
+ if (-1 == app_conn) { |
+ print_error("Error connecting to application\n"); |
+ return EIO; |
+ } |
+ if (!NaClSrpcClientCtor(&app_channel, app_conn)) { |
+ fprintf(stderr, "Application SRPC channel ctor failed\n"); |
+ return 1; |
+ } |
+ |
+cleanup_channel: |
+ NaClSrpcDtor(&command_channel); |
+ return status; |
+} |
+ |
+// Each connection can be stateful and that state is tracked by this |
+// object. |
+class SrpcHandlerState { |
+ public: |
+ explicit SrpcHandlerState(int desc) |
+ : desc_(desc) {} |
+ void Run(); |
+ private: |
+ static void SignalHandler(struct NaClSrpcRpc *rpc, |
+ struct NaClSrpcArg *args[], |
+ struct NaClSrpcArg *rets[], |
+ struct NaClSrpcClosure *done); |
+ static void WaitHandler(struct NaClSrpcRpc *rpc, |
+ struct NaClSrpcArg *args[], |
+ struct NaClSrpcArg *rets[], |
+ struct NaClSrpcClosure *done); |
+ |
+ int desc_; |
+ |
+ static struct NaClSrpcHandlerDesc const table[]; |
+}; |
+ |
+static void CreateProcess() { |
+ nacl::scoped_ptr<NaClProcessLib::NameServiceClient> name_service( |
+ g_name_service_factory->NameService()); |
+ ScopedNonPtr<int, close_desc> ks_cap(name_service->Resolve("KernelService")); |
+ if (-1 == ks_cap) { |
+ fprintf(stderr, "No Kernel Service!?!\n"); |
+ return 1; |
+ } |
+ nacl::KernelServiceClient kernel_service; |
+ kernel_service.InitializeFromConnectionCapability(ks_cap); |
+ |
+ int sr_cap; |
+ int app_cap; |
+ |
+ if (!kernel_service.CreateProcess(&sr_cap, &app_cap)) { |
+ return 1; |
+ } |
+ |
+ nacl::scoped_ptr<nacl::ServiceRuntimeClient> service_runtime( |
+ kernel_service.ServiceRuntimeClientFactory(sr_cap_)); |
+ |
+ ScopedNonPtr<int, close_desc> manifest_desc( |
+ name_service->Resolve("ManifestNameService")); |
+ if (-1 == manifest_desc) { |
+ fprintf(stderr, "init: no manifest name service\n"); |
+ return 1; |
+ } |
+ |
+ NaClProcessLib::NameServiceClient manifest_service; |
+ if (!manifest_service.InitializeFromConnectionCapability(manifest_desc)) { |
+ fprintf(stderr, "Could not connect to manifest name service\n"); |
+ return 1; |
+ } |
+ |
+ ScopedNonPtr<int, close_desc> nexe_desc(manifest_service.Resolve(path)); |
+ if (-1 == nexe_desc) { |
+ fprintf(stderr, "init: cannot resolve path '%s' in manifest name service\n", |
+ path); |
+ return 1; |
+ } |
+ |
+ NaClErrorCode status; |
+ if (LOAD_OK != (status = service_runtime->RunNaClModule(nexe_desc))) { |
+ fprintf(stderr, "init: error while loading program (%d)\n", status); |
+ return 1; |
+ } |
+ |
+ nacl::SrpcClientConnection app_conn; |
+ if (!app_conn.InitializeFromConnectionCapability(app_cap)) { |
+ fprintf(stderr, "Could not connect to subprogram\n"); |
+ return 1; |
+ } |
+ |
+ close(sr_cap); |
+ close(app_cap); |
+} |
+ |
+void SrpcHandlerState::PosixSpawnHandler( |
+ struct NaClSrpcRpc *rpc, |
+ struct NaClSrpcArg *in_args[], |
+ struct NaClSrpcArg *out_args[], |
+ struct NaClSrpcClosure *done_cls) { |
+ NaClSrpcClosureRunner on_scope_exit(done_cls); |
+ rpc->result = NACL_SRPC_RESULT_OK; |
+ |
+ SerializationBuffer deserializer( |
+ reinterpret_cast<uint8_t *>(in_args[0]->arrays.carr), |
+ static_cast<size_t>(in_args[0]->u.count)); |
+ |
+ std::vector<nacl::string> argv; |
+ if (!deserializer.Deserialize(&argv)) { |
+ goto cleanup_args; |
+ } |
+ |
+ std::vector<nacl::string> envp; |
+ if (!deserializer.Deserialize(&envp)) { |
+ goto cleanup_args; |
+ } |
+ |
+ int pid; |
+ // HandleSpawn(path, argv, envp, &pid); |
+ |
+ return; |
+ |
+ cleanup_args: |
+ // Use 0 instead of -1 for invalid pid; we avoid having a buggy |
+ // program do kill(-1, SIGKILL). By using 0, a buggy program will |
+ // just kill every process in its own process group, which will |
+ // (hopefully) make the bug quite apparent, without taking all of |
+ // the user's processes down. |
+ out_args[0]->u.ival = 0; |
+} |
+ |
+void SrpcHandlerState::SignalHandler( |
+ struct NaClSrpcRpc *rpc, |
+ struct NaClSrpcArg *args[], |
+ struct NaClSrpcArg *rets[], |
+ struct NaClSrpcClosure *done) { |
+ NaClSrpcClosureRunner on_scope_exit(done); |
+ rpc->result = NACL_SRPC_RESULT_OK; |
+ |
+ pid_t pid = args[0]->u.ival; |
+ int signal = args[1]->u.ival; |
+ |
+ Pidmap::iterator it = pids_.find(pid); |
+ if (it != pids_.end()) { |
+ NaClAppClient client = it->second; |
+ |
+ client->signal(signal); |
+ } |
+ |
+ fflush(stdout); |
+} |
+ |
+void SrpcHandlerState::WaitHandler( |
+ struct NaClSrpcRpc *rpc, |
+ struct NaClSrpcArg *args[], |
+ struct NaClSrpcArg *rets[], |
+ struct NaClSrpcClosure *done) { |
+ NaClSrpcClosureRunner on_scope_exit(done); |
+ rpc->result = NACL_SRPC_RESULT_OK; |
+} |
+ |
+const struct nacl_irt_dev_process nacl_irt_dev_process = { |
+ nacl_irt_getpid, |
+ nacl_irt_getppid, |
+ nacl_irt_setpgid, |
+ nacl_irt_getpgid, |
+ nacl_irt_getsid, |
+ nacl_irt_setsid, |
+ nacl_irt_kill, |
+ nacl_irt_posix_spawn, |
+ nacl_irt_signal, |
+ nacl_irt_sigprocmask, |
+ nacl_irt_wait, |
+ nacl_irt_waitpid, |
+}; |
+ |
+struct NaClSrpcHandlerDesc const SrpcHandlerState::table[] = { |
+ { "posix_spawn:sC:i", SpawnHandler, }, |
+ { "kill:ii:", SignalHandler, }, |
+ { "wait:iiii:", WaitHandler, }, |
+ { static_cast<char const *>(NULL), static_cast<NaClSrpcMethod>(NULL), }, |
+}; |
+ |
+void SrpcHandlerState::Run() { |
+ if (!NaClSrpcServerLoop(desc_, table, NULL)) { |
+ fprintf(stderr, "NaClSrpcServerLoop failed\n"); |
+ abort(); |
+ } |
+ if (-1 == close(desc_)) { |
+ perror("close RPC connection"); |
+ abort(); |
+ } |
+} |
+ |
+static void *RpcHandler(void *arg) { |
+ int desc = reinterpret_cast<int>(arg); |
+ SrpcHandlerState handler(desc); |
+ |
+ handler.Run(); |
+ return NULL; |
+} |
+ |
+int main(int argc, char **argv) { |
+ int d; |
+ |
+ NaClSrpcModuleInit(); |
+ while ((d = imc_accept(3)) != -1) { |
+ pthread_t thread; |
+ if (0 != pthread_create(&thread, static_cast<pthread_attr_t *>(NULL), |
+ RpcHandler, reinterpret_cast<void *>(d))) { |
+ perror("pthread_create for RpcHandler"); |
+ abort(); |
+ } |
+ } |
+ NaClSrpcModuleFini(); |
+ |
+ return 0; |
+} |