github.com/tidwall/go@v0.0.0-20170415222209-6694a6888b7d/src/syscall/exec_bsd.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build darwin dragonfly freebsd netbsd openbsd 6 7 package syscall 8 9 import ( 10 "runtime" 11 "unsafe" 12 ) 13 14 type SysProcAttr struct { 15 Chroot string // Chroot. 16 Credential *Credential // Credential. 17 Ptrace bool // Enable tracing. 18 Setsid bool // Create session. 19 Setpgid bool // Set process group ID to Pgid, or, if Pgid == 0, to new pid. 20 Setctty bool // Set controlling terminal to fd Ctty 21 Noctty bool // Detach fd 0 from controlling terminal 22 Ctty int // Controlling TTY fd 23 Foreground bool // Place child's process group in foreground. (Implies Setpgid. Uses Ctty as fd of controlling TTY) 24 Pgid int // Child's process group ID if Setpgid. 25 } 26 27 // Implemented in runtime package. 28 func runtime_BeforeFork() 29 func runtime_AfterFork() 30 31 // Fork, dup fd onto 0..len(fd), and exec(argv0, argvv, envv) in child. 32 // If a dup or exec fails, write the errno error to pipe. 33 // (Pipe is close-on-exec so if exec succeeds, it will be closed.) 34 // In the child, this function must not acquire any locks, because 35 // they might have been locked at the time of the fork. This means 36 // no rescheduling, no malloc calls, and no new stack segments. 37 // For the same reason compiler does not race instrument it. 38 // The calls to RawSyscall are okay because they are assembly 39 // functions that do not grow the stack. 40 //go:norace 41 func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr *ProcAttr, sys *SysProcAttr, pipe int) (pid int, err Errno) { 42 // Declare all variables at top in case any 43 // declarations require heap allocation (e.g., err1). 44 var ( 45 r1, r2 uintptr 46 err1 Errno 47 nextfd int 48 i int 49 ) 50 51 // guard against side effects of shuffling fds below. 52 // Make sure that nextfd is beyond any currently open files so 53 // that we can't run the risk of overwriting any of them. 54 fd := make([]int, len(attr.Files)) 55 nextfd = len(attr.Files) 56 for i, ufd := range attr.Files { 57 if nextfd < int(ufd) { 58 nextfd = int(ufd) 59 } 60 fd[i] = int(ufd) 61 } 62 nextfd++ 63 64 darwin := runtime.GOOS == "darwin" 65 66 // About to call fork. 67 // No more allocation or calls of non-assembly functions. 68 runtime_BeforeFork() 69 r1, r2, err1 = RawSyscall(SYS_FORK, 0, 0, 0) 70 if err1 != 0 { 71 runtime_AfterFork() 72 return 0, err1 73 } 74 75 // On Darwin: 76 // r1 = child pid in both parent and child. 77 // r2 = 0 in parent, 1 in child. 78 // Convert to normal Unix r1 = 0 in child. 79 if darwin && r2 == 1 { 80 r1 = 0 81 } 82 83 if r1 != 0 { 84 // parent; return PID 85 runtime_AfterFork() 86 return int(r1), 0 87 } 88 89 // Fork succeeded, now in child. 90 91 // Enable tracing if requested. 92 if sys.Ptrace { 93 _, _, err1 = RawSyscall(SYS_PTRACE, uintptr(PTRACE_TRACEME), 0, 0) 94 if err1 != 0 { 95 goto childerror 96 } 97 } 98 99 // Session ID 100 if sys.Setsid { 101 _, _, err1 = RawSyscall(SYS_SETSID, 0, 0, 0) 102 if err1 != 0 { 103 goto childerror 104 } 105 } 106 107 // Set process group 108 if sys.Setpgid || sys.Foreground { 109 // Place child in process group. 110 _, _, err1 = RawSyscall(SYS_SETPGID, 0, uintptr(sys.Pgid), 0) 111 if err1 != 0 { 112 goto childerror 113 } 114 } 115 116 if sys.Foreground { 117 pgrp := sys.Pgid 118 if pgrp == 0 { 119 r1, _, err1 = RawSyscall(SYS_GETPID, 0, 0, 0) 120 if err1 != 0 { 121 goto childerror 122 } 123 124 pgrp = int(r1) 125 } 126 127 // Place process group in foreground. 128 _, _, err1 = RawSyscall(SYS_IOCTL, uintptr(sys.Ctty), uintptr(TIOCSPGRP), uintptr(unsafe.Pointer(&pgrp))) 129 if err1 != 0 { 130 goto childerror 131 } 132 } 133 134 // Chroot 135 if chroot != nil { 136 _, _, err1 = RawSyscall(SYS_CHROOT, uintptr(unsafe.Pointer(chroot)), 0, 0) 137 if err1 != 0 { 138 goto childerror 139 } 140 } 141 142 // User and groups 143 if cred := sys.Credential; cred != nil { 144 ngroups := uintptr(len(cred.Groups)) 145 groups := uintptr(0) 146 if ngroups > 0 { 147 groups = uintptr(unsafe.Pointer(&cred.Groups[0])) 148 } 149 if !cred.NoSetGroups { 150 _, _, err1 = RawSyscall(SYS_SETGROUPS, ngroups, groups, 0) 151 if err1 != 0 { 152 goto childerror 153 } 154 } 155 _, _, err1 = RawSyscall(SYS_SETGID, uintptr(cred.Gid), 0, 0) 156 if err1 != 0 { 157 goto childerror 158 } 159 _, _, err1 = RawSyscall(SYS_SETUID, uintptr(cred.Uid), 0, 0) 160 if err1 != 0 { 161 goto childerror 162 } 163 } 164 165 // Chdir 166 if dir != nil { 167 _, _, err1 = RawSyscall(SYS_CHDIR, uintptr(unsafe.Pointer(dir)), 0, 0) 168 if err1 != 0 { 169 goto childerror 170 } 171 } 172 173 // Pass 1: look for fd[i] < i and move those up above len(fd) 174 // so that pass 2 won't stomp on an fd it needs later. 175 if pipe < nextfd { 176 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(pipe), uintptr(nextfd), 0) 177 if err1 != 0 { 178 goto childerror 179 } 180 RawSyscall(SYS_FCNTL, uintptr(nextfd), F_SETFD, FD_CLOEXEC) 181 pipe = nextfd 182 nextfd++ 183 } 184 for i = 0; i < len(fd); i++ { 185 if fd[i] >= 0 && fd[i] < int(i) { 186 if nextfd == pipe { // don't stomp on pipe 187 nextfd++ 188 } 189 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(fd[i]), uintptr(nextfd), 0) 190 if err1 != 0 { 191 goto childerror 192 } 193 RawSyscall(SYS_FCNTL, uintptr(nextfd), F_SETFD, FD_CLOEXEC) 194 fd[i] = nextfd 195 nextfd++ 196 } 197 } 198 199 // Pass 2: dup fd[i] down onto i. 200 for i = 0; i < len(fd); i++ { 201 if fd[i] == -1 { 202 RawSyscall(SYS_CLOSE, uintptr(i), 0, 0) 203 continue 204 } 205 if fd[i] == int(i) { 206 // dup2(i, i) won't clear close-on-exec flag on Linux, 207 // probably not elsewhere either. 208 _, _, err1 = RawSyscall(SYS_FCNTL, uintptr(fd[i]), F_SETFD, 0) 209 if err1 != 0 { 210 goto childerror 211 } 212 continue 213 } 214 // The new fd is created NOT close-on-exec, 215 // which is exactly what we want. 216 _, _, err1 = RawSyscall(SYS_DUP2, uintptr(fd[i]), uintptr(i), 0) 217 if err1 != 0 { 218 goto childerror 219 } 220 } 221 222 // By convention, we don't close-on-exec the fds we are 223 // started with, so if len(fd) < 3, close 0, 1, 2 as needed. 224 // Programs that know they inherit fds >= 3 will need 225 // to set them close-on-exec. 226 for i = len(fd); i < 3; i++ { 227 RawSyscall(SYS_CLOSE, uintptr(i), 0, 0) 228 } 229 230 // Detach fd 0 from tty 231 if sys.Noctty { 232 _, _, err1 = RawSyscall(SYS_IOCTL, 0, uintptr(TIOCNOTTY), 0) 233 if err1 != 0 { 234 goto childerror 235 } 236 } 237 238 // Set the controlling TTY to Ctty 239 if sys.Setctty { 240 _, _, err1 = RawSyscall(SYS_IOCTL, uintptr(sys.Ctty), uintptr(TIOCSCTTY), 0) 241 if err1 != 0 { 242 goto childerror 243 } 244 } 245 246 // Time to exec. 247 _, _, err1 = RawSyscall(SYS_EXECVE, 248 uintptr(unsafe.Pointer(argv0)), 249 uintptr(unsafe.Pointer(&argv[0])), 250 uintptr(unsafe.Pointer(&envv[0]))) 251 252 childerror: 253 // send error code on pipe 254 RawSyscall(SYS_WRITE, uintptr(pipe), uintptr(unsafe.Pointer(&err1)), unsafe.Sizeof(err1)) 255 for { 256 RawSyscall(SYS_EXIT, 253, 0, 0) 257 } 258 }