2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2008 Ed Schouten <ed@FreeBSD.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
32 #include "namespace.h"
33 #include <sys/param.h>
34 #include <sys/queue.h>
45 #include "un-namespace.h"
46 #include "libc_private.h"
48 extern char **environ;
50 struct __posix_spawnattr {
53 struct sched_param sa_schedparam;
55 sigset_t sa_sigdefault;
59 struct __posix_spawn_file_actions {
60 STAILQ_HEAD(, __posix_spawn_file_actions_entry) fa_list;
63 typedef struct __posix_spawn_file_actions_entry {
64 STAILQ_ENTRY(__posix_spawn_file_actions_entry) fae_list;
78 #define fae_path fae_data.open.path
80 #define fae_oflag fae_data.open.oflag
82 #define fae_mode fae_data.open.mode
86 #define fae_newfildes fae_data.dup2.newfildes
89 } posix_spawn_file_actions_entry_t;
96 process_spawnattr(const posix_spawnattr_t sa)
98 struct sigaction sigact = { .sa_flags = 0, .sa_handler = SIG_DFL };
102 * POSIX doesn't really describe in which order everything
103 * should be set. We'll just set them in the order in which they
107 /* Set process group */
108 if (sa->sa_flags & POSIX_SPAWN_SETPGROUP) {
109 if (setpgid(0, sa->sa_pgroup) != 0)
113 /* Set scheduler policy */
114 if (sa->sa_flags & POSIX_SPAWN_SETSCHEDULER) {
115 if (sched_setscheduler(0, sa->sa_schedpolicy,
116 &sa->sa_schedparam) != 0)
118 } else if (sa->sa_flags & POSIX_SPAWN_SETSCHEDPARAM) {
119 if (sched_setparam(0, &sa->sa_schedparam) != 0)
123 /* Reset user ID's */
124 if (sa->sa_flags & POSIX_SPAWN_RESETIDS) {
125 if (setegid(getgid()) != 0)
127 if (seteuid(getuid()) != 0)
132 * Set signal masks/defaults.
133 * Use unwrapped syscall, libthr is in undefined state after vfork().
135 if (sa->sa_flags & POSIX_SPAWN_SETSIGMASK) {
136 __sys_sigprocmask(SIG_SETMASK, &sa->sa_sigmask, NULL);
139 if (sa->sa_flags & POSIX_SPAWN_SETSIGDEF) {
140 for (i = 1; i <= _SIG_MAXSIG; i++) {
141 if (sigismember(&sa->sa_sigdefault, i))
142 if (__sys_sigaction(i, &sigact, NULL) != 0)
151 process_file_actions_entry(posix_spawn_file_actions_entry_t *fae)
155 switch (fae->fae_action) {
157 /* Perform an open(), make it use the right fd */
158 fd = _open(fae->fae_path, fae->fae_oflag, fae->fae_mode);
161 if (fd != fae->fae_fildes) {
162 if (_dup2(fd, fae->fae_fildes) == -1) {
165 return (saved_errno);
167 if (_close(fd) != 0) {
172 if (_fcntl(fae->fae_fildes, F_SETFD, 0) == -1)
176 /* Perform a dup2() */
177 if (_dup2(fae->fae_fildes, fae->fae_newfildes) == -1)
179 if (_fcntl(fae->fae_newfildes, F_SETFD, 0) == -1)
183 /* Perform a close(), do not fail if already closed */
184 (void)_close(fae->fae_fildes);
187 if (chdir(fae->fae_path) != 0)
191 if (fchdir(fae->fae_fildes) != 0)
195 closefrom(fae->fae_fildes);
202 process_file_actions(const posix_spawn_file_actions_t fa)
204 posix_spawn_file_actions_entry_t *fae;
207 /* Replay all file descriptor modifications */
208 STAILQ_FOREACH(fae, &fa->fa_list, fae_list) {
209 error = process_file_actions_entry(fae);
216 struct posix_spawn_args {
218 const posix_spawn_file_actions_t *fa;
219 const posix_spawnattr_t *sa;
226 #define PSPAWN_STACK_ALIGNMENT 16
227 #define PSPAWN_STACK_ALIGNBYTES (PSPAWN_STACK_ALIGNMENT - 1)
228 #define PSPAWN_STACK_ALIGN(sz) \
229 (((sz) + PSPAWN_STACK_ALIGNBYTES) & ~PSPAWN_STACK_ALIGNBYTES)
231 #if defined(__i386__) || defined(__amd64__)
233 * Below we'll assume that _RFORK_THREAD_STACK_SIZE is appropriately aligned for
234 * the posix_spawn() case where we do not end up calling _execvpe and won't ever
235 * try to allocate space on the stack for argv[].
237 #define _RFORK_THREAD_STACK_SIZE 4096
238 _Static_assert((_RFORK_THREAD_STACK_SIZE % PSPAWN_STACK_ALIGNMENT) == 0,
239 "Inappropriate stack size alignment");
243 _posix_spawn_thr(void *data)
245 struct posix_spawn_args *psa;
249 if (psa->sa != NULL) {
250 psa->error = process_spawnattr(*psa->sa);
254 if (psa->fa != NULL) {
255 psa->error = process_file_actions(*psa->fa);
259 envp = psa->envp != NULL ? psa->envp : environ;
260 if (psa->use_env_path)
261 _execvpe(psa->path, psa->argv, envp);
263 _execve(psa->path, psa->argv, envp);
266 /* This is called in such a way that it must not exit. */
271 do_posix_spawn(pid_t *pid, const char *path,
272 const posix_spawn_file_actions_t *fa,
273 const posix_spawnattr_t *sa,
274 char * const argv[], char * const envp[], int use_env_path)
276 struct posix_spawn_args psa;
278 #ifdef _RFORK_THREAD_STACK_SIZE
282 stacksz = _RFORK_THREAD_STACK_SIZE;
285 * We need to make sure we have enough room on the stack for the
286 * potential alloca() in execvPe if it gets kicked back an
287 * ENOEXEC from execve(2), plus the original buffer we gave
288 * ourselves; this protects us in the event that the caller
289 * intentionally or inadvertently supplies enough arguments to
290 * make us blow past the stack we've allocated from it.
292 for (cnt = 0; argv[cnt] != NULL; ++cnt)
294 stacksz += MAX(3, cnt + 2) * sizeof(char *);
295 stacksz = PSPAWN_STACK_ALIGN(stacksz);
299 * aligned_alloc is not safe to use here, because we can't guarantee
300 * that aligned_alloc and free will be provided by the same
301 * implementation. We've actively hit at least one application that
302 * will provide its own malloc/free but not aligned_alloc leading to
303 * a free by the wrong allocator.
305 stack = malloc(stacksz);
308 stacksz = (((uintptr_t)stack + stacksz) & ~PSPAWN_STACK_ALIGNBYTES) -
316 psa.use_env_path = use_env_path;
320 * Passing RFSPAWN to rfork(2) gives us effectively a vfork that drops
321 * non-ignored signal handlers. We'll fall back to the slightly less
322 * ideal vfork(2) if we get an EINVAL from rfork -- this should only
323 * happen with newer libc on older kernel that doesn't accept
326 #ifdef _RFORK_THREAD_STACK_SIZE
328 * x86 stores the return address on the stack, so rfork(2) cannot work
329 * as-is because the child would clobber the return address om the
330 * parent. Because of this, we must use rfork_thread instead while
331 * almost every other arch stores the return address in a register.
333 p = rfork_thread(RFSPAWN, stack + stacksz, _posix_spawn_thr, &psa);
338 /* _posix_spawn_thr does not return */
339 _posix_spawn_thr(&psa);
342 * The above block should leave us in a state where we've either
343 * succeeded and we're ready to process the results, or we need to
344 * fallback to vfork() if the kernel didn't like RFSPAWN.
347 if (p == -1 && errno == EINVAL) {
350 /* _posix_spawn_thr does not return */
351 _posix_spawn_thr(&psa);
356 /* Failed; ready to reap */
357 _waitpid(p, NULL, WNOHANG);
358 else if (pid != NULL)
365 posix_spawn(pid_t *pid, const char *path,
366 const posix_spawn_file_actions_t *fa,
367 const posix_spawnattr_t *sa,
368 char * const argv[], char * const envp[])
370 return (do_posix_spawn(pid, path, fa, sa, argv, envp, 0));
374 posix_spawnp(pid_t *pid, const char *path,
375 const posix_spawn_file_actions_t *fa,
376 const posix_spawnattr_t *sa,
377 char * const argv[], char * const envp[])
379 return (do_posix_spawn(pid, path, fa, sa, argv, envp, 1));
383 * File descriptor actions
387 posix_spawn_file_actions_init(posix_spawn_file_actions_t *ret)
389 posix_spawn_file_actions_t fa;
391 fa = malloc(sizeof(struct __posix_spawn_file_actions));
395 STAILQ_INIT(&fa->fa_list);
401 posix_spawn_file_actions_destroy(posix_spawn_file_actions_t *fa)
403 posix_spawn_file_actions_entry_t *fae;
405 while ((fae = STAILQ_FIRST(&(*fa)->fa_list)) != NULL) {
406 /* Remove file action entry from the queue */
407 STAILQ_REMOVE_HEAD(&(*fa)->fa_list, fae_list);
409 /* Deallocate file action entry */
410 if (fae->fae_action == FAE_OPEN ||
411 fae->fae_action == FAE_CHDIR)
421 posix_spawn_file_actions_addopen(posix_spawn_file_actions_t * __restrict fa,
422 int fildes, const char * __restrict path, int oflag, mode_t mode)
424 posix_spawn_file_actions_entry_t *fae;
430 /* Allocate object */
431 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
435 /* Set values and store in queue */
436 fae->fae_action = FAE_OPEN;
437 fae->fae_path = strdup(path);
438 if (fae->fae_path == NULL) {
443 fae->fae_fildes = fildes;
444 fae->fae_oflag = oflag;
445 fae->fae_mode = mode;
447 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
452 posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t *fa,
453 int fildes, int newfildes)
455 posix_spawn_file_actions_entry_t *fae;
457 if (fildes < 0 || newfildes < 0)
460 /* Allocate object */
461 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
465 /* Set values and store in queue */
466 fae->fae_action = FAE_DUP2;
467 fae->fae_fildes = fildes;
468 fae->fae_newfildes = newfildes;
470 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
475 posix_spawn_file_actions_addclose(posix_spawn_file_actions_t *fa,
478 posix_spawn_file_actions_entry_t *fae;
483 /* Allocate object */
484 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
488 /* Set values and store in queue */
489 fae->fae_action = FAE_CLOSE;
490 fae->fae_fildes = fildes;
492 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
497 posix_spawn_file_actions_addchdir_np(posix_spawn_file_actions_t *
498 __restrict fa, const char *__restrict path)
500 posix_spawn_file_actions_entry_t *fae;
503 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
507 fae->fae_action = FAE_CHDIR;
508 fae->fae_path = strdup(path);
509 if (fae->fae_path == NULL) {
515 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
520 posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t *__restrict fa,
523 posix_spawn_file_actions_entry_t *fae;
528 /* Allocate object */
529 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
533 fae->fae_action = FAE_FCHDIR;
534 fae->fae_fildes = fildes;
536 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
541 posix_spawn_file_actions_addclosefrom_np (posix_spawn_file_actions_t *
542 __restrict fa, int from)
544 posix_spawn_file_actions_entry_t *fae;
549 /* Allocate object */
550 fae = malloc(sizeof(posix_spawn_file_actions_entry_t));
554 fae->fae_action = FAE_CLOSEFROM;
555 fae->fae_fildes = from;
557 STAILQ_INSERT_TAIL(&(*fa)->fa_list, fae, fae_list);
566 posix_spawnattr_init(posix_spawnattr_t *ret)
568 posix_spawnattr_t sa;
570 sa = calloc(1, sizeof(struct __posix_spawnattr));
574 /* Set defaults as specified by POSIX, cleared above */
580 posix_spawnattr_destroy(posix_spawnattr_t *sa)
587 posix_spawnattr_getflags(const posix_spawnattr_t * __restrict sa,
588 short * __restrict flags)
590 *flags = (*sa)->sa_flags;
595 posix_spawnattr_getpgroup(const posix_spawnattr_t * __restrict sa,
596 pid_t * __restrict pgroup)
598 *pgroup = (*sa)->sa_pgroup;
603 posix_spawnattr_getschedparam(const posix_spawnattr_t * __restrict sa,
604 struct sched_param * __restrict schedparam)
606 *schedparam = (*sa)->sa_schedparam;
611 posix_spawnattr_getschedpolicy(const posix_spawnattr_t * __restrict sa,
612 int * __restrict schedpolicy)
614 *schedpolicy = (*sa)->sa_schedpolicy;
619 posix_spawnattr_getsigdefault(const posix_spawnattr_t * __restrict sa,
620 sigset_t * __restrict sigdefault)
622 *sigdefault = (*sa)->sa_sigdefault;
627 posix_spawnattr_getsigmask(const posix_spawnattr_t * __restrict sa,
628 sigset_t * __restrict sigmask)
630 *sigmask = (*sa)->sa_sigmask;
635 posix_spawnattr_setflags(posix_spawnattr_t *sa, short flags)
637 (*sa)->sa_flags = flags;
642 posix_spawnattr_setpgroup(posix_spawnattr_t *sa, pid_t pgroup)
644 (*sa)->sa_pgroup = pgroup;
649 posix_spawnattr_setschedparam(posix_spawnattr_t * __restrict sa,
650 const struct sched_param * __restrict schedparam)
652 (*sa)->sa_schedparam = *schedparam;
657 posix_spawnattr_setschedpolicy(posix_spawnattr_t *sa, int schedpolicy)
659 (*sa)->sa_schedpolicy = schedpolicy;
664 posix_spawnattr_setsigdefault(posix_spawnattr_t * __restrict sa,
665 const sigset_t * __restrict sigdefault)
667 (*sa)->sa_sigdefault = *sigdefault;
672 posix_spawnattr_setsigmask(posix_spawnattr_t * __restrict sa,
673 const sigset_t * __restrict sigmask)
675 (*sa)->sa_sigmask = *sigmask;
projects / FreeBSD / FreeBSD.git / blob