1 /* Copyright (c) 2003, Roger Dingledine
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
8 * \brief Module for working with Unix processes.
11 #define PROCESS_UNIX_PRIVATE
12 #include "lib/intmath/cmp.h"
13 #include "lib/buf/buffers.h"
14 #include "lib/net/buffers_net.h"
15 #include "lib/container/smartlist.h"
16 #include "lib/evloop/compat_libevent.h"
17 #include "lib/log/log.h"
18 #include "lib/log/util_bug.h"
19 #include "lib/process/process.h"
20 #include "lib/process/process_unix.h"
21 #include "lib/process/waitpid.h"
22 #include "lib/process/env.h"
42 #if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
43 #include <sys/prctl.h>
52 /** Maximum number of file descriptors, if we cannot get it via sysconf() */
53 #define DEFAULT_MAX_FD 256
55 /** Internal state for Unix handles. */
56 struct process_unix_handle_t
{
57 /** Unix File Descriptor. */
60 /** Have we reached end of file? */
63 /** Event structure for libevent. */
66 /** Are we writing? */
70 /** Internal state for our Unix process. */
71 struct process_unix_t
{
72 /** Standard in handle. */
73 process_unix_handle_t stdin_handle
;
75 /** Standard out handle. */
76 process_unix_handle_t stdout_handle
;
78 /** Standard error handle. */
79 process_unix_handle_t stderr_handle
;
81 /** The process identifier of our process. */
84 /** Waitpid Callback structure. */
85 waitpid_callback_t
*waitpid
;
88 /** Returns a newly allocated <b>process_unix_t</b>. */
90 process_unix_new(void)
92 process_unix_t
*unix_process
;
93 unix_process
= tor_malloc_zero(sizeof(process_unix_t
));
95 unix_process
->stdin_handle
.fd
= -1;
96 unix_process
->stderr_handle
.fd
= -1;
97 unix_process
->stdout_handle
.fd
= -1;
102 /** Deallocates the given <b>unix_process</b>. */
104 process_unix_free_(process_unix_t
*unix_process
)
109 /* Clean up our waitpid callback. */
110 clear_waitpid_callback(unix_process
->waitpid
);
112 /* FIXME(ahf): Refactor waitpid code? */
113 unix_process
->waitpid
= NULL
;
115 /* Close all our file descriptors. */
116 process_unix_close_file_descriptors(unix_process
);
118 tor_event_free(unix_process
->stdout_handle
.event
);
119 tor_event_free(unix_process
->stderr_handle
.event
);
120 tor_event_free(unix_process
->stdin_handle
.event
);
122 tor_free(unix_process
);
125 /** Executes the given process as a child process of Tor. This function is
126 * responsible for setting up the child process and run it. This includes
127 * setting up pipes for interprocess communication, initialize the waitpid
128 * callbacks, and finally run fork() followed by execve(). Returns
129 * <b>PROCESS_STATUS_RUNNING</b> upon success. */
131 process_unix_exec(process_t
*process
)
133 static int max_fd
= -1;
135 process_unix_t
*unix_process
;
142 unix_process
= process_get_unix_process(process
);
144 /* Create standard in pipe. */
145 retval
= pipe(stdin_pipe
);
149 "Unable to create pipe for stdin "
150 "communication with process: %s",
153 return PROCESS_STATUS_ERROR
;
156 /* Create standard out pipe. */
157 retval
= pipe(stdout_pipe
);
161 "Unable to create pipe for stdout "
162 "communication with process: %s",
165 /** Cleanup standard in pipe. */
166 close(stdin_pipe
[0]);
167 close(stdin_pipe
[1]);
169 return PROCESS_STATUS_ERROR
;
172 /* Create standard error pipe. */
173 retval
= pipe(stderr_pipe
);
177 "Unable to create pipe for stderr "
178 "communication with process: %s",
181 /** Cleanup standard in pipe. */
182 close(stdin_pipe
[0]);
183 close(stdin_pipe
[1]);
185 /** Cleanup standard out pipe. */
186 close(stdout_pipe
[0]);
187 close(stdout_pipe
[1]);
189 return PROCESS_STATUS_ERROR
;
194 max_fd
= (int)sysconf(_SC_OPEN_MAX
);
197 max_fd
= DEFAULT_MAX_FD
;
199 "Cannot find maximum file descriptor, assuming: %d", max_fd
);
202 #else /* !(defined(_SC_OPEN_MAX)) */
203 max_fd
= DEFAULT_MAX_FD
;
204 #endif /* defined(_SC_OPEN_MAX) */
209 /* This code is running in the child process context. */
211 #if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
212 /* Attempt to have the kernel issue a SIGTERM if the parent
213 * goes away. Certain attributes of the binary being execve()ed
214 * will clear this during the execve() call, but it's better
217 prctl(PR_SET_PDEATHSIG
, SIGTERM
);
218 #endif /* defined(HAVE_SYS_PRCTL_H) && defined(__linux__) */
220 /* Link process stdout to the write end of the pipe. */
221 retval
= dup2(stdout_pipe
[1], STDOUT_FILENO
);
225 /* Link process stderr to the write end of the pipe. */
226 retval
= dup2(stderr_pipe
[1], STDERR_FILENO
);
230 /* Link process stdin to the read end of the pipe */
231 retval
= dup2(stdin_pipe
[0], STDIN_FILENO
);
235 /* Close our pipes now after they have been dup2()'ed. */
236 close(stderr_pipe
[0]);
237 close(stderr_pipe
[1]);
238 close(stdout_pipe
[0]);
239 close(stdout_pipe
[1]);
240 close(stdin_pipe
[0]);
241 close(stdin_pipe
[1]);
243 /* Close all other fds, including the read end of the pipe. XXX: We should
244 * now be doing enough FD_CLOEXEC setting to make this needless.
246 for (fd
= STDERR_FILENO
+ 1; fd
< max_fd
; fd
++)
249 /* Create the argv value for our new process. */
250 char **argv
= process_get_argv(process
);
252 /* Create the env value for our new process. */
253 process_environment_t
*env
= process_get_environment(process
);
255 /* Call the requested program. */
256 retval
= execve(argv
[0], argv
, env
->unixoid_environment_block
);
258 /* If we made it here it is because execve failed :-( */
260 fprintf(stderr
, "Call to execve() failed: %s", strerror(errno
));
263 process_environment_free(env
);
265 tor_assert_unreached();
268 /* LCOV_EXCL_START */
269 fprintf(stderr
, "Error from child process: %s", strerror(errno
));
274 /* We are in the parent process. */
277 "Failed to create child process: %s", strerror(errno
));
279 /** Cleanup standard in pipe. */
280 close(stdin_pipe
[0]);
281 close(stdin_pipe
[1]);
283 /** Cleanup standard out pipe. */
284 close(stdout_pipe
[0]);
285 close(stdout_pipe
[1]);
287 /** Cleanup standard error pipe. */
288 close(stderr_pipe
[0]);
289 close(stderr_pipe
[1]);
291 return PROCESS_STATUS_ERROR
;
294 /* Register our PID. */
295 unix_process
->pid
= pid
;
297 /* Setup waitpid callbacks. */
298 unix_process
->waitpid
= set_waitpid_callback(pid
,
299 process_unix_waitpid_callback
,
302 /* Handle standard out. */
303 unix_process
->stdout_handle
.fd
= stdout_pipe
[0];
304 retval
= close(stdout_pipe
[1]);
307 log_warn(LD_PROCESS
, "Failed to close write end of standard out pipe: %s",
311 /* Handle standard error. */
312 unix_process
->stderr_handle
.fd
= stderr_pipe
[0];
313 retval
= close(stderr_pipe
[1]);
317 "Failed to close write end of standard error pipe: %s",
321 /* Handle standard in. */
322 unix_process
->stdin_handle
.fd
= stdin_pipe
[1];
323 retval
= close(stdin_pipe
[0]);
326 log_warn(LD_PROCESS
, "Failed to close read end of standard in pipe: %s",
330 /* Setup our handles. */
331 process_unix_setup_handle(process
,
332 &unix_process
->stdout_handle
,
334 stdout_read_callback
);
336 process_unix_setup_handle(process
,
337 &unix_process
->stderr_handle
,
339 stderr_read_callback
);
341 process_unix_setup_handle(process
,
342 &unix_process
->stdin_handle
,
344 stdin_write_callback
);
346 /* Start reading from standard out and standard error. */
347 process_unix_start_reading(&unix_process
->stdout_handle
);
348 process_unix_start_reading(&unix_process
->stderr_handle
);
350 return PROCESS_STATUS_RUNNING
;
353 /** Terminate the given process. Returns true on success, otherwise false. */
355 process_unix_terminate(process_t
*process
)
359 process_unix_t
*unix_process
= process_get_unix_process(process
);
361 /* All running processes should have a waitpid. */
362 if (BUG(unix_process
->waitpid
== NULL
))
367 /* Send a SIGTERM to our child process. */
370 ret
= kill(unix_process
->pid
, SIGTERM
);
373 log_warn(LD_PROCESS
, "Unable to terminate process: %s",
378 /* Close all our FD's. */
379 if (! process_unix_close_file_descriptors(unix_process
))
385 /** Returns the unique process identifier for the given <b>process</b>. */
387 process_unix_get_pid(process_t
*process
)
391 process_unix_t
*unix_process
= process_get_unix_process(process
);
392 return (process_pid_t
)unix_process
->pid
;
395 /** Write the given <b>buffer</b> as input to the given <b>process</b>'s
396 * standard input. Returns the number of bytes written. */
398 process_unix_write(process_t
*process
, buf_t
*buffer
)
403 process_unix_t
*unix_process
= process_get_unix_process(process
);
405 size_t buffer_flush_len
= buf_datalen(buffer
);
406 const size_t max_to_write
= MIN(PROCESS_MAX_WRITE
, buffer_flush_len
);
408 /* If we have data to write (when buffer_flush_len > 0) and we are not
409 * currently getting file descriptor events from the kernel, we tell the
410 * kernel to start notifying us about when we can write to our file
411 * descriptor and return. */
412 if (buffer_flush_len
> 0 && ! unix_process
->stdin_handle
.is_writing
) {
413 process_unix_start_writing(&unix_process
->stdin_handle
);
417 /* We don't have any data to write, but the kernel is currently notifying us
418 * about whether we are able to write or not. Tell the kernel to stop
419 * notifying us until we have data to write. */
420 if (buffer_flush_len
== 0 && unix_process
->stdin_handle
.is_writing
) {
421 process_unix_stop_writing(&unix_process
->stdin_handle
);
425 /* We have data to write and the kernel have told us to write it. */
426 return buf_flush_to_pipe(buffer
,
427 process_get_unix_process(process
)->stdin_handle
.fd
,
428 max_to_write
, &buffer_flush_len
);
431 /** Read data from the given process's standard output and put it into
432 * <b>buffer</b>. Returns the number of bytes read. */
434 process_unix_read_stdout(process_t
*process
, buf_t
*buffer
)
439 process_unix_t
*unix_process
= process_get_unix_process(process
);
441 return process_unix_read_handle(process
,
442 &unix_process
->stdout_handle
,
446 /** Read data from the given process's standard error and put it into
447 * <b>buffer</b>. Returns the number of bytes read. */
449 process_unix_read_stderr(process_t
*process
, buf_t
*buffer
)
454 process_unix_t
*unix_process
= process_get_unix_process(process
);
456 return process_unix_read_handle(process
,
457 &unix_process
->stderr_handle
,
461 /** This function is called whenever libevent thinks we have data that could be
462 * read from the child process's standard output. We notify the Process
463 * subsystem, which is then responsible for calling back to us for doing the
464 * actual reading of the data. */
466 stdout_read_callback(evutil_socket_t fd
, short event
, void *data
)
471 process_t
*process
= data
;
474 process_notify_event_stdout(process
);
477 /** This function is called whenever libevent thinks we have data that could be
478 * read from the child process's standard error. We notify the Process
479 * subsystem, which is then responsible for calling back to us for doing the
480 * actual reading of the data. */
482 stderr_read_callback(evutil_socket_t fd
, short event
, void *data
)
487 process_t
*process
= data
;
490 process_notify_event_stderr(process
);
493 /** This function is called whenever libevent thinks we have data that could be
494 * written the child process's standard input. We notify the Process subsystem,
495 * which is then responsible for calling back to us for doing the actual write
498 stdin_write_callback(evutil_socket_t fd
, short event
, void *data
)
503 process_t
*process
= data
;
506 process_notify_event_stdin(process
);
509 /** This function tells libevent that we are interested in receiving read
510 * events from the given <b>handle</b>. */
512 process_unix_start_reading(process_unix_handle_t
*handle
)
516 if (event_add(handle
->event
, NULL
))
518 "Unable to add libevent event for handle.");
521 /** This function tells libevent that we are no longer interested in receiving
522 * read events from the given <b>handle</b>. */
524 process_unix_stop_reading(process_unix_handle_t
*handle
)
528 if (handle
->event
== NULL
)
531 if (event_del(handle
->event
))
533 "Unable to delete libevent event for handle.");
536 /** This function tells libevent that we are interested in receiving write
537 * events from the given <b>handle</b>. */
539 process_unix_start_writing(process_unix_handle_t
*handle
)
543 if (event_add(handle
->event
, NULL
))
545 "Unable to add libevent event for handle.");
547 handle
->is_writing
= true;
550 /** This function tells libevent that we are no longer interested in receiving
551 * write events from the given <b>handle</b>. */
553 process_unix_stop_writing(process_unix_handle_t
*handle
)
557 if (handle
->event
== NULL
)
560 if (event_del(handle
->event
))
562 "Unable to delete libevent event for handle.");
564 handle
->is_writing
= false;
567 /** This function is called when the waitpid system have detected that our
568 * process have terminated. We disable the waitpid system and notify the
569 * Process subsystem that we have terminated. */
571 process_unix_waitpid_callback(int status
, void *data
)
575 process_t
*process
= data
;
576 process_unix_t
*unix_process
= process_get_unix_process(process
);
578 /* Remove our waitpid callback. */
579 clear_waitpid_callback(unix_process
->waitpid
);
580 unix_process
->waitpid
= NULL
;
582 /* Notify our process. */
583 process_notify_event_exit(process
, status
);
585 /* Make sure you don't modify the process after we have called
586 * process_notify_event_exit() on it, to allow users to process_free() it in
587 * the exit callback. */
590 /** This function sets the file descriptor in the <b>handle</b> as non-blocking
591 * and configures the libevent event structure based on the given <b>flags</b>
592 * to ensure that <b>callback</b> is called whenever we have events on the
593 * given <b>handle</b>. */
595 process_unix_setup_handle(process_t
*process
,
596 process_unix_handle_t
*handle
,
598 event_callback_fn callback
)
602 tor_assert(callback
);
604 /* Put our file descriptor into non-blocking mode. */
605 if (fcntl(handle
->fd
, F_SETFL
, O_NONBLOCK
) < 0) {
606 log_warn(LD_PROCESS
, "Unable mark Unix handle as non-blocking: %s",
610 /* Setup libevent event. */
611 handle
->event
= tor_event_new(tor_libevent_get_base(),
618 /** This function reads data from the given <b>handle</b> and puts it into
619 * <b>buffer</b>. Returns the number of bytes read this way. */
621 process_unix_read_handle(process_t
*process
,
622 process_unix_handle_t
*handle
,
633 ret
= buf_read_from_pipe(buffer
,
641 "Unable to read data: %s", strerror(error
));
644 handle
->reached_eof
= true;
645 process_unix_stop_reading(handle
);
651 /** Close the standard in, out, and error handles of the given
652 * <b>unix_process</b>. */
654 process_unix_close_file_descriptors(process_unix_t
*unix_process
)
656 tor_assert(unix_process
);
661 /* Stop reading and writing before we close() our
662 * file descriptors. */
663 if (! unix_process
->stdout_handle
.reached_eof
)
664 process_unix_stop_reading(&unix_process
->stdout_handle
);
666 if (! unix_process
->stderr_handle
.reached_eof
)
667 process_unix_stop_reading(&unix_process
->stderr_handle
);
669 if (unix_process
->stdin_handle
.is_writing
)
670 process_unix_stop_writing(&unix_process
->stdin_handle
);
672 if (unix_process
->stdin_handle
.fd
!= -1) {
673 ret
= close(unix_process
->stdin_handle
.fd
);
675 log_warn(LD_PROCESS
, "Unable to close standard in");
679 unix_process
->stdin_handle
.fd
= -1;
682 if (unix_process
->stdout_handle
.fd
!= -1) {
683 ret
= close(unix_process
->stdout_handle
.fd
);
685 log_warn(LD_PROCESS
, "Unable to close standard out");
689 unix_process
->stdout_handle
.fd
= -1;
692 if (unix_process
->stderr_handle
.fd
!= -1) {
693 ret
= close(unix_process
->stderr_handle
.fd
);
695 log_warn(LD_PROCESS
, "Unable to close standard error");
699 unix_process
->stderr_handle
.fd
= -1;
705 #endif /* defined(_WIN32). */