| blob | 6597198464b43b641cc26812d4e0317046028aaf |
1 /* Copyright (C) 1991, 92, 93, 94, 95, 96, 97 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Library General Public License as
6 published by the Free Software Foundation; either version 2 of the
7 License, or (at your option) any later version.
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Library General Public License for more details.
14 You should have received a copy of the GNU Library General Public
15 License along with the GNU C Library; see the file COPYING.LIB. If not,
16 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
17 Boston, MA 02111-1307, USA. */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <hurd.h>
22 #include <hurd/signal.h>
24 #include <string.h>
25 #include <hurd/id.h>
34 /* Port that receives signals and other miscellaneous messages. */
35 mach_port_t _hurd_msgport;
37 /* Thread listening on it. */
38 thread_t _hurd_msgport_thread;
40 /* Thread which receives task-global signals. */
41 thread_t _hurd_sigthread;
43 /* These are set up by _hurdsig_init. */
48 /* Linked-list of per-thread signal state. */
51 /* Timeout for RPC's after interrupt_operation. */
53 \f
54 static void
56 {
65 }
69 {
76 {
83 /* Initialize default state. */
92 /* Initialize the sigaction vector from the default signal receiving
93 thread's state, and its from the system defaults. */
96 else
97 {
103 {
107 }
108 else
110 }
114 }
117 }
118 \f
119 /* Signal delivery itself is on this page. */
121 #include <hurd/fd.h>
122 #include <hurd/crash.h>
123 #include <hurd/paths.h>
124 #include <setjmp.h>
125 #include <fcntl.h>
126 #include <sys/wait.h>
128 #include <hurd/msg_server.h>
130 #include <hurd/interrupt.h>
131 #include <assert.h>
132 #include <unistd.h>
136 /* Call the crash dump server to mummify us before we die.
137 Returns nonzero if a core file was written. */
138 static int
140 {
141 error_t err;
142 mach_port_t coreserver;
146 /* XXX RLIMIT_CORE:
147 When we have a protocol to make the server return an error
148 for RLIMIT_FSIZE, then tell the corefile fs server the RLIMIT_CORE
149 value in place of the RLIMIT_FSIZE value. */
151 /* First get a port to the core dumping server. */
161 /* Get a port to the directory where the new core file will reside. */
168 /* Create the new file, but don't link it into the directory yet. */
173 /* Call the core dumping server to write the core file. */
176 file,
180 MACH_MSG_TYPE_COPY_SEND);
184 /* The core dump into FILE succeeded, so now link it into the
185 directory. */
190 }
193 /* The lowest-numbered thread state flavor value is 1,
194 so we use bit 0 in machine_thread_all_state.set to
195 record whether we have done thread_abort. */
196 #define THREAD_ABORTED 1
198 /* SS->thread is suspended. Abort the thread and get its basic state. */
199 static void
202 {
204 {
207 /* Clear all thread state flavor set bits, because thread_abort may
208 have changed the state. */
210 }
216 }
218 /* Find the location of the MiG reply port cell in use by the thread whose
219 state is described by THREAD_STATE. If SIGTHREAD is nonzero, make sure
220 that this location can be set without faulting, or else return NULL. */
225 {
230 /* Faulted trying to read the stack. */
233 /* Fault now if this pointer is bogus. */
240 }
241 \f
242 #include <hurd/sigpreempt.h>
245 /* Timeout on interrupt_operation calls. */
248 /* SS->thread is suspended.
250 Abort any interruptible RPC operation the thread is doing.
252 This uses only the constant member SS->thread and the unlocked, atomically
253 set member SS->intr_port, so no locking is needed.
255 If successfully sent an interrupt_operation and therefore the thread should
256 wait for its pending RPC to return (possibly EINTR) before taking the
257 incoming signal, returns the reply port to be received on. Otherwise
258 returns MACH_PORT_NULL.
260 SIGNO is used to find the applicable SA_RESTART bit. If SIGNO is zero,
261 the RPC fails with EINTR instead of restarting (thread_cancel).
263 *STATE_CHANGE is set nonzero if STATE->basic was modified and should
264 be applied back to the thread if it might ever run again, else zero. */
266 mach_port_t
270 {
273 mach_port_t intr_port;
279 /* No interruption needs done. */
282 /* Abort the thread's kernel context, so any pending message send or
283 receive completes immediately or aborts. */
287 {
288 /* The thread is about to do the RPC, but hasn't yet entered
289 mach_msg. Mutate the thread's state so it knows not to try
290 the RPC. */
296 }
298 /* The thread was blocked in the system call. After thread_abort,
299 the return value register indicates what state the RPC was in
300 when interrupted. */
302 {
303 /* The RPC request message was sent and the thread was waiting for
304 the reply message; now the message receive has been aborted, so
305 the mach_msg call will return MACH_RCV_INTERRUPTED. We must tell
306 the server to interrupt the pending operation. The thread must
307 wait for the reply message before running the signal handler (to
308 guarantee that the operation has finished being interrupted), so
309 our nonzero return tells the trampoline code to finish the message
310 receive operation before running the handler. */
313 sigthread);
317 {
319 {
320 /* The interrupt didn't work.
321 Destroy the receive right the thread is blocked on. */
324 }
326 /* The system call return value register now contains
327 MACH_RCV_INTERRUPTED; when mach_msg resumes, it will retry the
328 call. Since we have just destroyed the receive right, the
329 retry will fail with MACH_RCV_INVALID_NAME. Instead, just
330 change the return value here to EINTR so mach_msg will not
331 retry and the EINTR error code will propagate up. */
334 }
338 /* All threads whose RPCs were interrupted by the interrupt_operation
339 call above will retry their RPCs unless we clear SS->intr_port.
340 So we clear it for the thread taking a signal when SA_RESTART is
341 clear, so that its call returns EINTR. */
344 }
347 }
350 /* Abort the RPCs being run by all threads but this one;
351 all other threads should be suspended. If LIVE is nonzero, those
352 threads may run again, so they should be adjusted as necessary to be
353 happy when resumed. STATE is clobbered as a scratch area; its initial
354 contents are ignored, and its contents on return are not useful. */
356 static void
358 {
359 /* We can just loop over the sigstates. Any thread doing something
360 interruptible must have one. We needn't bother locking because all
361 other threads are stopped. */
367 /* First loop over the sigstates to count them.
368 We need to know how big a vector we will need for REPLY_PORTS. */
379 else
380 {
384 /* Abort any operation in progress with interrupt_operation.
385 Record the reply port the thread is waiting on.
386 We will wait for all the replies below. */
389 NULL);
391 {
393 {
394 /* We will wait for the reply to this RPC below, so the
395 thread must issue a new RPC rather than waiting for the
396 reply to the one it sent. */
399 }
401 /* Aborting the RPC needed to change this thread's state,
402 and it might ever run again. So write back its state. */
405 MACHINE_THREAD_STATE_COUNT);
406 }
407 }
409 /* Wait for replies from all the successfully interrupted RPCs. */
412 {
413 error_t err;
414 mach_msg_header_t head;
419 {
426 }
427 }
428 }
431 sigset_t _hurdsig_preempted_set;
433 /* XXX temporary to deal with spelling fix */
436 /* Mask of stop signals. */
437 #define STOPSIGS (sigmask (SIGTTIN) | sigmask (SIGTTOU) | \
438 sigmask (SIGSTOP) | sigmask (SIGTSTP))
440 /* Deliver a signal. SS is not locked. */
441 void
444 mach_port_t reply_port,
445 mach_msg_type_name_t reply_port_type,
447 {
448 error_t err;
452 sighandler_t handler;
453 sigset_t pending;
456 /* Reply to this sig_post message. */
460 {
461 error_t err;
468 }
470 /* Mark the signal as pending. */
472 {
474 /* Save the details to be given to the handler when SIGNO is
475 unblocked. */
477 }
479 /* Suspend the process with SIGNO. */
481 {
482 /* Stop all other threads and mark ourselves stopped. */
484 ({
485 /* Hold the siglock while stopping other threads to be
486 sure it is not held by another thread afterwards. */
493 }));
495 }
496 /* Resume the process after a suspension. */
498 {
499 /* Resume the process from being stopped. */
502 error_t err;
507 /* Tell the proc server we are continuing. */
509 /* Fetch ports to all our threads and resume them. */
513 {
516 {
519 }
523 }
529 /* The thread that will run the handler is already suspended. */
531 }
534 {
536 /* This is PTRACE_CONTINUE. */
539 /* This call is just to check for pending signals. */
542 }
544 post_signal:
550 /* Check for a preempted signal. Preempted signals can arrive during
551 critical sections. */
559 {
565 }
570 /* Ignore the signal altogether. */
573 /* Run the preemption-provided handler. */
575 else
576 {
577 /* No preemption. Do normal handling. */
580 {
581 /* We are being traced. Stop to tell the debugger of the signal. */
583 /* Already stopped. Mark the signal as pending;
584 when resumed, we will notice it and stop again. */
586 else
591 }
596 /* Figure out the default action for this signal. */
598 {
600 /* A sig_post msg with SIGNO==0 is sent to
601 tell us to check for pending signals. */
634 {
635 /* We are the process group leader. Since there is no
636 user-specified handler for SIGINFO, we use a default one
637 which prints something interesting. We use the normal
638 handler mechanism instead of just doing it here to avoid
639 the signal thread faulting or blocking in this
640 potentially hairy operation. */
643 }
644 else
651 }
654 else
658 /* Stop signals clear a pending SIGCONT even if they
659 are handled or ignored (but not if preempted). */
661 else
662 {
664 /* Even if handled or ignored (but not preempted), SIGCONT clears
665 stop signals and resumes the process. */
670 }
671 }
676 {
677 /* If we would ordinarily stop for a job control signal, but we are
678 orphaned so noone would ever notice and continue us again, we just
679 quietly die, alone and in the dark. */
683 }
685 /* Handle receipt of a blocked signal, or any signal while stopped. */
689 {
692 }
694 /* Perform the chosen action for the signal. */
696 {
699 {
700 /* We are already stopped, but receiving an untraced stop
701 signal. Instead of resuming and suspending again, just
702 notify the proc server of the new stop signal. */
706 }
707 else
708 /* Suspend the process. */
713 /* Nobody cares about this signal. If there was a call to resume
714 above in SIGCONT processing and we've left a thread suspended,
715 now's the time to set it going. */
717 {
721 }
724 sigbomb:
725 /* We got a fault setting up the stack frame for the handler.
726 Nothing to do but die; BSD gets SIGILL in this case. */
730 /* FALLTHROUGH */
734 /* Have the proc server stop all other threads in our task. */
737 /* No more user instructions will be executed.
738 The signal can now be considered delivered. */
740 /* Abort all server operations now in progress. */
743 {
745 /* Do a core dump if desired. Only set the wait status bit saying we
746 in fact dumped core if the operation was actually successful. */
749 /* Tell proc how we died and then stick the saber in the gut. */
751 /* NOTREACHED */
752 }
755 /* Call a handler for this signal. */
756 {
760 /* Stop the thread and abort its pending RPC operations. */
762 {
765 }
767 /* Abort the thread's kernel context, so any pending message send
768 or receive completes immediately or aborts. If an interruptible
769 RPC is in progress, abort_rpcs will do this. But we must always
770 do it before fetching the thread's state, because
771 thread_get_state is never kosher before thread_abort. */
775 {
776 /* We have a previous sigcontext that sigreturn was about
777 to restore when another signal arrived. */
782 {
783 /* We faulted reading the thread's stack. Forget that
784 context and pretend it wasn't there. It almost
785 certainly crash if this handler returns, but that's it's
786 problem. */
788 }
789 else
790 {
791 /* Copy the context from the thread's stack before
792 we start diddling the stack to set up the handler. */
795 }
802 /* This is the reply port for the context which called
803 sigreturn. Since we are abandoning that context entirely
804 and restoring SS->context instead, destroy this port. */
807 /* The thread was in sigreturn, not in any interruptible RPC. */
811 }
812 else
813 {
816 wait_for_reply
818 /* In a critical section, any RPC
819 should be cancelled instead of
820 restarted, regardless of
821 SA_RESTART, so the entire
822 "atomic" operation can be aborted
823 as a unit. */
830 {
831 /* The thread is in a critical section. Mark the signal as
832 pending. When it finishes the critical section, it will
833 check for pending signals. */
836 /* Some cases of interrupting an RPC must change the
837 thread state to back out the call. Normally this
838 change is rolled into the warping to the handler and
839 sigreturn, but we are not running the handler now
840 because the thread is in a critical section. Instead,
841 mutate the thread right away for the RPC interruption
842 and resume it; the RPC will return early so the
843 critical section can end soon. */
846 MACHINE_THREAD_STATE_COUNT);
847 /* */
851 }
852 }
854 /* Call the machine-dependent function to set the thread up
855 to run the signal handler, and preserve its old context. */
861 /* Set the machine-independent parts of the signal context. */
863 {
864 /* Fetch the thread variable for the MiG reply port,
865 and set it to MACH_PORT_NULL. */
869 {
872 }
873 else
876 /* Save the intr_port in use by the interrupted code,
877 and clear the cell before running the trampoline. */
882 {
883 /* After the handler runs we will restore to the state in
884 SS->context, not the state of the thread now. So restore
885 that context's reply port and intr port. */
891 }
892 }
894 /* Backdoor extra argument to signal handler. */
897 /* Block SIGNO and requested signals while running the handler. */
901 /* Start the thread running the handler (or possibly waiting for an
902 RPC reply before running the handler). */
905 MACHINE_THREAD_STATE_COUNT);
911 }
912 }
914 /* The signal has either been ignored or is now being handled. We can
915 consider it delivered and reply to the killer. */
918 /* We get here unless the signal was fatal. We still hold SS->lock.
919 Check for pending signals, and loop to post them. */
920 {
921 /* Return nonzero if SS has any signals pending we should worry about.
922 We don't worry about any pending signals if we are stopped, nor if
923 SS is in a critical section. We are guaranteed to get a sig_post
924 message before any of them become deliverable: either the SIGCONT
925 signal, or a sig_post with SIGNO==0 as an explicit poll when the
926 thread finishes its critical section. */
928 {
932 }
934 check_pending_signals:
938 {
941 {
942 deliver_pending:
947 }
948 }
950 /* No pending signals left undelivered for this thread.
951 If we were sent signal 0, we need to check for pending
952 signals for all threads. */
954 {
958 {
963 /* We "deliver" immediately pending blocked signals whose
964 action might be to ignore, so that if ignored they are
965 dropped right away. */
968 {
971 }
973 }
975 }
976 else
977 {
978 /* No more signals pending; SS->lock is still locked.
979 Wake up any sigsuspend call that is blocking SS->thread. */
981 {
982 /* There is a sigsuspend waiting. Tell it to wake up. */
983 error_t err;
984 mach_msg_header_t msg;
987 MACH_MSG_TYPE_MAKE_SEND);
992 /* These values do not matter. */
998 MACH_PORT_NULL);
1000 }
1002 }
1003 }
1005 /* All pending signals delivered to all threads.
1006 Now we can send the reply message even for signal 0. */
1008 }
1009 \f
1010 /* Decide whether REFPORT enables the sender to send us a SIGNO signal.
1011 Returns zero if so, otherwise the error code to return to the sender. */
1013 static error_t
1015 {
1020 /* Can send any signal. */
1023 /* Avoid needing to check for this below. */
1028 {
1037 /* Job control signals can be sent by the controlling terminal. */
1043 {
1044 /* A continue signal can be sent by anyone in the session. */
1045 mach_port_t sessport;
1047 {
1051 }
1052 }
1057 {
1058 /* Any io object a file descriptor refers to might send us
1059 one of these signals using its async ID port for REFPORT.
1061 This is pretty wide open; it is not unlikely that some random
1062 process can at least open for reading something we have open,
1063 get its async ID port, and send us a spurious SIGIO or SIGURG
1064 signal. But BSD is actually wider open than that!--you can set
1065 the owner of an io object to any process or process group
1066 whatsoever and send them gratuitous signals.
1068 Someday we could implement some reasonable scheme for
1069 authorizing SIGIO and SIGURG signals properly. */
1075 {
1077 io_t port;
1078 mach_port_t asyncid;
1083 {
1085 /* Break out of the loop on the next iteration. */
1088 }
1090 }
1091 /* If we found a lucky winner, we've set D to -1 in the loop. */
1094 }
1095 }
1097 /* If this signal is legit, we have done `goto win' by now.
1098 When we return the error, mig deallocates REFPORT. */
1101 win:
1102 /* Deallocate the REFPORT send right; we are done with it. */
1106 }
1108 /* Implement the sig_post RPC from <hurd/msg.defs>;
1109 sent when someone wants us to get a signal. */
1110 kern_return_t
1114 mach_port_t refport)
1115 {
1116 error_t err;
1125 /* Post the signal to the designated signal-receiving thread. This will
1126 reply when the signal can be considered delivered. */
1132 }
1134 /* Implement the sig_post_untraced RPC from <hurd/msg.defs>;
1135 sent when the debugger wants us to really get a signal
1136 even if we are traced. */
1137 kern_return_t
1139 mach_port_t reply_port,
1140 mach_msg_type_name_t reply_port_type,
1142 mach_port_t refport)
1143 {
1144 error_t err;
1153 /* Post the signal to the designated signal-receiving thread. This will
1154 reply when the signal can be considered delivered. */
1160 }
1161 \f
1164 #include <mach/task_special_ports.h>
1166 /* Initialize the message port and _hurd_sigthread and start the signal
1167 thread. */
1169 void
1171 {
1172 error_t err;
1173 vm_size_t stacksize;
1178 MACH_PORT_RIGHT_RECEIVE,
1182 /* Make a send right to the signal port. */
1184 _hurd_msgport,
1185 _hurd_msgport,
1186 MACH_MSG_TYPE_MAKE_SEND);
1189 /* Set the default thread to receive task-global signals
1190 to this one, the main (first) user thread. */
1193 /* Start the signal thread listening on the message port. */
1200 _hurd_msgport_receive,
1206 __hurd_sigthread_variables =
1211 /* Reinitialize the MiG support routines so they will use a per-thread
1212 variable for the cached reply port. */
1220 /* Receive exceptions on the signal port. */
1223 }
1225 /* Reauthenticate with the proc server. */
1227 static void
1229 {
1235 MACH_MSG_TYPE_MAKE_SEND) ||
1237 MACH_MSG_TYPE_MAKE_SEND,
1243 /* Set the owner of the process here too. */
1254 }
1256 \f
1257 /* Like `getenv', but safe for the signal thread to run.
1258 If the environment is trashed, this will just return NULL. */
1262 {
1264 /* We bombed in getenv. */
1266 else
1267 {
1272 {
1277 {
1287 }
1290 }
1293 }
1294 }