github.com/FenixAra/go@v0.0.0-20170127160404-96ea0918e670/src/syscall/exec_bsd.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build darwin dragonfly freebsd netbsd openbsd 6 7 package syscall 8 9 import ( 10 "runtime" 11 "unsafe" 12 ) 13 14 type SysProcAttr struct { 15 Chroot string // Chroot. 16 Credential *Credential // Credential. 17 Ptrace bool // Enable tracing. 18 Setsid bool // Create session. 19 Setpgid bool // Set process group ID to Pgid, or, if Pgid == 0, to new pid. 20 Setctty bool // Set controlling terminal to fd Ctty 21 Noctty bool // Detach fd 0 from controlling terminal 22 Ctty int // Controlling TTY fd 23 Foreground bool // Place child's process group in foreground. (Implies Setpgid. Uses Ctty as fd of controlling TTY) 24 Pgid int // Child's process group ID if Setpgid. 25 } 26 27 // Implemented in runtime package. 28 func runtime_BeforeFork() 29 func runtime_AfterFork() 30 31 // Fork, dup fd onto 0..len(fd), and exec(argv0, argvv, envv) in child. 32 // If a dup or exec fails, write the errno error to pipe. 33 // (Pipe is close-on-exec so if exec succeeds, it will be closed.) 34 // In the child, this function must not acquire any locks, because 35 // they might have been locked at the time of the fork. This means 36 // no rescheduling, no malloc calls, and no new stack segments. 37 // For the same reason compiler does not race instrument it. 38 // The calls to RawSyscall are okay because they are assembly 39 // functions that do not grow the stack. 40 //go:norace 41 func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr *ProcAttr, sys *SysProcAttr, pipe int) (pid int, err Errno) { 42 // Declare all variables at top in case any 43 // declarations require heap allocation (e.g., err1). 44 var ( 45 r1, r2 uintptr 46 err1 Errno 47 nextfd int 48 i int 49 ) 50 51 // guard against side effects of shuffling fds below. 52 // Make sure that nextfd is beyond any currently open files so 53 // that we can't run the risk of overwriting any of them. 54 fd := make([]int, len(attr.Files)) 55 nextfd = len(attr.Files) 56 for i, ufd := range attr.Files { 57 if nextfd < int(ufd) { 58 nextfd = int(ufd) 59 } 60 fd[i] = int(ufd) 61 } 62 nextfd++ 63 64 darwin := runtime.GOOS == "darwin" 65 66 // About to call fork. 67 // No more allocation or calls of non-assembly functions. 68 runtime_BeforeFork() 69 r1, r2, err1 = RawSyscall(SYS_FORK, 0, 0, 0) 70 if err1 != 0 { 71 runtime_AfterFork() 72 return 0, err1 73 } 74 75 // On Darwin: 76 // r1 = child pid in both parent and child. 77 // r2 = 0 in parent, 1 in child. 78 // Convert to normal Unix r1 = 0 in child. 79 if darwin && r2 == 1 { 80 r1 = 0 81 } 82 83 if r1 != 0 { 84 // parent; return PID 85 runtime_AfterFork() 86 return int(r1), 0 87 } 88 89 // Fork succeeded, now in child. 90 91 // Enable tracing if requested. 92 if sys.Ptrace { 93 _, _, err1 = RawSyscall(SYS_PTRACE, uintptr(PTRACE_TRACEME), 0, 0) 94 if err1 != 0 { 95 goto childerror 96 } 97 } 98 99 // Session ID 100 if sys.Setsid { 101 _, _, err1 = RawSyscall(SYS_SETSID, 0, 0, 0) 102 if err1 != 0 { 103 goto childerror 104 } 105 } 106 107 // Set process group 108 if sys.Setpgid || sys.Foreground { 109 // Place child in process group. 110 _, _, err1 = RawSyscall(SYS_SETPGID, 0, uintptr(sys.Pgid), 0) 111 if err1 != 0 { 112 goto childerror 113 } 114 } 115 116 if sys.Foreground { 117 pgrp := sys.Pgid 118 if pgrp == 0 { 119 r1, _, err1 = RawSyscall(SYS_GETPID, 0, 0, 0) 120 if err1 != 0 { 121 goto childerror 122 } 123 124 pgrp = int(r1) 125 } 126 127 // Place process group in foreground. 128 _, _, err1 = RawSyscall(SYS_IOCTL, uintptr(sys.Ctty), uintptr(TIOCSPGRP), uintptr(unsafe.Pointer(&pgrp))) 129 if err1 != 0 { 130 goto childerror 131 } 132 } 133 134 // Chroot 135 if chroot != nil { 136 _, _, err1 = RawSyscall(SYS_CHROOT, uintptr(unsafe.Pointer(chroot)), 0, 0) 137 if err1 != 0 { 138 goto childerror 139 } 140 } 141 142 // User and groups 143 if cred := sys.Credential; cred != nil { 144 ngroups := uintptr(len(cred.Groups)) 145 groups := uintptr(0) 146 if ngroups > 0 { 147 groups = uintptr(unsafe.Pointer(&cred.Groups[0])) 148 } 149 _, _, err1 = RawSyscall(SYS_SETGROUPS, ngroups, groups, 0) 150 if err1 != 0 { 151 goto childerror 152 } 153 _, _, err1 = RawSyscall(SYS_SETGID, uintptr(cred.Gid), 0, 0) 154 if err1 != 0 { 155 goto childerror 156 } 157 _, _, err1 = RawSyscall(SYS_SETUID, uintptr(cred.Uid), 0, 0) 158 if err1 != 0 { 159 goto childerror 160 } 161 } 162 163 // Chdir 164 if dir != nil { 165 _, _, err1 = RawSyscall(SYS_CHDIR, uintptr(unsafe.Pointer(dir)), 0, 0) 166 if err1 != 0 { 167 goto childerror 168 } 169 } 170 171 // Pass 1: look for fd[i] < i and move those up above len(fd) 172 // so that pass 2 won't stomp on an fd it needs later. 173 if pipe < nextfd { 174 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(pipe), uintptr(nextfd), 0) 175 if err1 != 0 { 176 goto childerror 177 } 178 RawSyscall(SYS_FCNTL, uintptr(nextfd), F_SETFD, FD_CLOEXEC) 179 pipe = nextfd 180 nextfd++ 181 } 182 for i = 0; i < len(fd); i++ { 183 if fd[i] >= 0 && fd[i] < int(i) { 184 if nextfd == pipe { // don't stomp on pipe 185 nextfd++ 186 } 187 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(fd[i]), uintptr(nextfd), 0) 188 if err1 != 0 { 189 goto childerror 190 } 191 RawSyscall(SYS_FCNTL, uintptr(nextfd), F_SETFD, FD_CLOEXEC) 192 fd[i] = nextfd 193 nextfd++ 194 } 195 } 196 197 // Pass 2: dup fd[i] down onto i. 198 for i = 0; i < len(fd); i++ { 199 if fd[i] == -1 { 200 RawSyscall(SYS_CLOSE, uintptr(i), 0, 0) 201 continue 202 } 203 if fd[i] == int(i) { 204 // dup2(i, i) won't clear close-on-exec flag on Linux, 205 // probably not elsewhere either. 206 _, _, err1 = RawSyscall(SYS_FCNTL, uintptr(fd[i]), F_SETFD, 0) 207 if err1 != 0 { 208 goto childerror 209 } 210 continue 211 } 212 // The new fd is created NOT close-on-exec, 213 // which is exactly what we want. 214 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(fd[i]), uintptr(i), 0) 215 if err1 != 0 { 216 goto childerror 217 } 218 } 219 220 // By convention, we don't close-on-exec the fds we are 221 // started with, so if len(fd) < 3, close 0, 1, 2 as needed. 222 // Programs that know they inherit fds >= 3 will need 223 // to set them close-on-exec. 224 for i = len(fd); i < 3; i++ { 225 RawSyscall(SYS_CLOSE, uintptr(i), 0, 0) 226 } 227 228 // Detach fd 0 from tty 229 if sys.Noctty { 230 _, _, err1 = RawSyscall(SYS_IOCTL, 0, uintptr(TIOCNOTTY), 0) 231 if err1 != 0 { 232 goto childerror 233 } 234 } 235 236 // Set the controlling TTY to Ctty 237 if sys.Setctty { 238 _, _, err1 = RawSyscall(SYS_IOCTL, uintptr(sys.Ctty), uintptr(TIOCSCTTY), 0) 239 if err1 != 0 { 240 goto childerror 241 } 242 } 243 244 // Time to exec. 245 _, _, err1 = RawSyscall(SYS_EXECVE, 246 uintptr(unsafe.Pointer(argv0)), 247 uintptr(unsafe.Pointer(&argv[0])), 248 uintptr(unsafe.Pointer(&envv[0]))) 249 250 childerror: 251 // send error code on pipe 252 RawSyscall(SYS_WRITE, uintptr(pipe), uintptr(unsafe.Pointer(&err1)), unsafe.Sizeof(err1)) 253 for { 254 RawSyscall(SYS_EXIT, 253, 0, 0) 255 } 256 } 257 258 // Try to open a pipe with O_CLOEXEC set on both file descriptors. 259 func forkExecPipe(p []int) error { 260 err := Pipe(p) 261 if err != nil { 262 return err 263 } 264 _, err = fcntl(p[0], F_SETFD, FD_CLOEXEC) 265 if err != nil { 266 return err 267 } 268 _, err = fcntl(p[1], F_SETFD, FD_CLOEXEC) 269 return err 270 }