github.com/MerlinKodo/gvisor@v0.0.0-20231110090155-957f62ecf90e/pkg/sentry/platform/systrap/sysmsg_thread_unsafe.go (about)

     1  // Copyright 2020 The gVisor Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package systrap
    16  
    17  import (
    18  	"fmt"
    19  	"unsafe"
    20  
    21  	"github.com/MerlinKodo/gvisor/pkg/abi/linux"
    22  	"github.com/MerlinKodo/gvisor/pkg/sentry/arch"
    23  	"github.com/MerlinKodo/gvisor/pkg/sentry/platform/systrap/sysmsg"
    24  	"golang.org/x/sys/unix"
    25  )
    26  
    27  func (p *sysmsgThread) unmapStackFromSentry() {
    28  	_, _, errno := unix.RawSyscall(unix.SYS_MUNMAP, sysmsg.MsgToStackAddr(uintptr(unsafe.Pointer(p.msg))), sysmsg.PerThreadSharedStackSize, 0)
    29  	if errno != 0 {
    30  		panic("failed to unmap: " + errno.Error())
    31  	}
    32  }
    33  
    34  func (p *sysmsgThread) setMsg(addr uintptr) {
    35  	// add is always from the stub mapping which is mapped once and never
    36  	// moved, so it is safe to use unsafe.Pointer here.
    37  	p.msg = (*sysmsg.Msg)(unsafe.Pointer(addr))
    38  }
    39  
    40  func (p *sysmsgThread) init(sentryAddr, guestAddr uintptr) {
    41  	t := p.thread
    42  	// Set the sysmsg signal stack.
    43  	//
    44  	// sentryAddr is from the stub mapping which is mapped once and never
    45  	// moved, so it is safe to use unsafe.Pointer here.
    46  	alt := (*linux.SignalStack)(unsafe.Pointer(sentryAddr))
    47  	*alt = linux.SignalStack{}
    48  	alt.Addr = uint64(guestAddr)
    49  	alt.Size = uint64(sysmsg.MsgOffsetFromSharedStack)
    50  	_, err := t.syscallIgnoreInterrupt(&t.initRegs, unix.SYS_SIGALTSTACK,
    51  		arch.SyscallArgument{Value: guestAddr},
    52  		arch.SyscallArgument{Value: 0},
    53  		arch.SyscallArgument{Value: 0},
    54  		arch.SyscallArgument{Value: 0},
    55  		arch.SyscallArgument{Value: 0},
    56  		arch.SyscallArgument{Value: 0},
    57  	)
    58  	if err != nil {
    59  		panic(fmt.Sprintf("sigaltstack: %v", err))
    60  	}
    61  }
    62  
    63  // sysmsgSigactions installs signal handles for signals which can be triggered
    64  // by stubProcess and have to be handled by Sentry.
    65  //
    66  // It is called in a child process after fork(), so the race instrumentation
    67  // has to be disabled.
    68  //
    69  //go:nosplit
    70  //go:norace
    71  func sysmsgSigactions(stubSysmsgStart uintptr) unix.Errno {
    72  	act := linux.SigAction{
    73  		Handler:  uint64(stubSysmsgStart) + uint64(sysmsg.Sighandler_blob_offset____export_sighandler),
    74  		Flags:    linux.SA_ONSTACK | linux.SA_RESTORER | linux.SA_SIGINFO,
    75  		Restorer: uint64(stubSysmsgStart) + uint64(sysmsg.Sighandler_blob_offset____export_restore_rt),
    76  		Mask:     1<<(linux.SIGCHLD-1) | 1<<(linux.SIGSYS-1),
    77  	}
    78  
    79  	for _, s := range []unix.Signal{
    80  		unix.SIGSYS,
    81  		unix.SIGBUS,
    82  		unix.SIGFPE,
    83  		unix.SIGILL,
    84  		unix.SIGCHLD,
    85  		unix.SIGTRAP,
    86  		unix.SIGSEGV,
    87  	} {
    88  		_, _, errno := unix.RawSyscall6(unix.SYS_RT_SIGACTION, uintptr(s), uintptr(unsafe.Pointer(&act)), 0, 8, 0, 0)
    89  		if errno != 0 {
    90  			return errno
    91  		}
    92  	}
    93  
    94  	return 0
    95  }