attachListener_linux.cpp revision 1472:c18cbe5936b8
1/* 2 * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 * 23 */ 24 25# include "incls/_precompiled.incl" 26# include "incls/_attachListener_linux.cpp.incl" 27 28#include <unistd.h> 29#include <signal.h> 30#include <sys/types.h> 31#include <sys/socket.h> 32#include <sys/un.h> 33#include <sys/stat.h> 34 35// The attach mechanism on Linux uses a UNIX domain socket. An attach listener 36// thread is created at startup or is created on-demand via a signal from 37// the client tool. The attach listener creates a socket and binds it to a file 38// in the filesystem. The attach listener then acts as a simple (single- 39// threaded) server - tt waits for a client to connect, reads the request, 40// executes it, and returns the response to the client via the socket 41// connection. 42// 43// As the socket is a UNIX domain socket it means that only clients on the 44// local machine can connect. In addition there are two other aspects to 45// the security: 46// 1. The well known file that the socket is bound to has permission 400 47// 2. When a client connect, the SO_PEERCRED socket option is used to 48// obtain the credentials of client. We check that the effective uid 49// of the client matches this process. 50 51// forward reference 52class LinuxAttachOperation; 53 54class LinuxAttachListener: AllStatic { 55 private: 56 // the path to which we bind the UNIX domain socket 57 static char _path[PATH_MAX+1]; 58 static bool _has_path; 59 60 // the file descriptor for the listening socket 61 static int _listener; 62 63 static void set_path(char* path) { 64 if (path == NULL) { 65 _has_path = false; 66 } else { 67 strncpy(_path, path, PATH_MAX); 68 _path[PATH_MAX] = '\0'; 69 _has_path = true; 70 } 71 } 72 73 static void set_listener(int s) { _listener = s; } 74 75 // reads a request from the given connected socket 76 static LinuxAttachOperation* read_request(int s); 77 78 public: 79 enum { 80 ATTACH_PROTOCOL_VER = 1 // protocol version 81 }; 82 enum { 83 ATTACH_ERROR_BADVERSION = 101 // error codes 84 }; 85 86 // initialize the listener, returns 0 if okay 87 static int init(); 88 89 static char* path() { return _path; } 90 static bool has_path() { return _has_path; } 91 static int listener() { return _listener; } 92 93 // write the given buffer to a socket 94 static int write_fully(int s, char* buf, int len); 95 96 static LinuxAttachOperation* dequeue(); 97}; 98 99class LinuxAttachOperation: public AttachOperation { 100 private: 101 // the connection to the client 102 int _socket; 103 104 public: 105 void complete(jint res, bufferedStream* st); 106 107 void set_socket(int s) { _socket = s; } 108 int socket() const { return _socket; } 109 110 LinuxAttachOperation(char* name) : AttachOperation(name) { 111 set_socket(-1); 112 } 113}; 114 115// statics 116char LinuxAttachListener::_path[PATH_MAX+1]; 117bool LinuxAttachListener::_has_path; 118int LinuxAttachListener::_listener = -1; 119 120// Supporting class to help split a buffer into individual components 121class ArgumentIterator : public StackObj { 122 private: 123 char* _pos; 124 char* _end; 125 public: 126 ArgumentIterator(char* arg_buffer, size_t arg_size) { 127 _pos = arg_buffer; 128 _end = _pos + arg_size - 1; 129 } 130 char* next() { 131 if (*_pos == '\0') { 132 return NULL; 133 } 134 char* res = _pos; 135 char* next_pos = strchr(_pos, '\0'); 136 if (next_pos < _end) { 137 next_pos++; 138 } 139 _pos = next_pos; 140 return res; 141 } 142}; 143 144 145// atexit hook to stop listener and unlink the file that it is 146// bound too. 147extern "C" { 148 static void listener_cleanup() { 149 static int cleanup_done; 150 if (!cleanup_done) { 151 cleanup_done = 1; 152 int s = LinuxAttachListener::listener(); 153 if (s != -1) { 154 ::close(s); 155 } 156 if (LinuxAttachListener::has_path()) { 157 ::unlink(LinuxAttachListener::path()); 158 } 159 } 160 } 161} 162 163// Initialization - create a listener socket and bind it to a file 164 165int LinuxAttachListener::init() { 166 char path[PATH_MAX+1]; // socket file 167 int listener; // listener socket (file descriptor) 168 169 // register function to cleanup 170 ::atexit(listener_cleanup); 171 172 // create the listener socket 173 listener = ::socket(PF_UNIX, SOCK_STREAM, 0); 174 if (listener == -1) { 175 return -1; 176 } 177 178 int res = -1; 179 struct sockaddr_un addr; 180 addr.sun_family = AF_UNIX; 181 182 // FIXME: Prior to b39 the tool-side API expected to find the well 183 // known file in the working directory. To allow this libjvm.so work with 184 // a pre-b39 SDK we create it in the working directory if 185 // +StartAttachListener is used is used. All unit tests for this feature 186 // currently used this flag. Once b39 SDK has been promoted we can remove 187 // this code. 188 if (StartAttachListener) { 189 sprintf(path, ".java_pid%d", os::current_process_id()); 190 strcpy(addr.sun_path, path); 191 ::unlink(path); 192 res = ::bind(listener, (struct sockaddr*)&addr, sizeof(addr)); 193 } 194 if (res == -1) { 195 snprintf(path, PATH_MAX+1, "%s/.java_pid%d", 196 os::get_temp_directory(), os::current_process_id()); 197 strcpy(addr.sun_path, path); 198 ::unlink(path); 199 res = ::bind(listener, (struct sockaddr*)&addr, sizeof(addr)); 200 } 201 if (res == -1) { 202 RESTARTABLE(::close(listener), res); 203 return -1; 204 } 205 set_path(path); 206 207 // put in listen mode and set permission 208 if ((::listen(listener, 5) == -1) || (::chmod(path, S_IREAD|S_IWRITE) == -1)) { 209 RESTARTABLE(::close(listener), res); 210 ::unlink(path); 211 set_path(NULL); 212 return -1; 213 } 214 set_listener(listener); 215 216 return 0; 217} 218 219// Given a socket that is connected to a peer we read the request and 220// create an AttachOperation. As the socket is blocking there is potential 221// for a denial-of-service if the peer does not response. However this happens 222// after the peer credentials have been checked and in the worst case it just 223// means that the attach listener thread is blocked. 224// 225LinuxAttachOperation* LinuxAttachListener::read_request(int s) { 226 char ver_str[8]; 227 sprintf(ver_str, "%d", ATTACH_PROTOCOL_VER); 228 229 // The request is a sequence of strings so we first figure out the 230 // expected count and the maximum possible length of the request. 231 // The request is: 232 // <ver>0<cmd>0<arg>0<arg>0<arg>0 233 // where <ver> is the protocol version (1), <cmd> is the command 234 // name ("load", "datadump", ...), and <arg> is an argument 235 int expected_str_count = 2 + AttachOperation::arg_count_max; 236 const int max_len = (sizeof(ver_str) + 1) + (AttachOperation::name_length_max + 1) + 237 AttachOperation::arg_count_max*(AttachOperation::arg_length_max + 1); 238 239 char buf[max_len]; 240 int str_count = 0; 241 242 // Read until all (expected) strings have been read, the buffer is 243 // full, or EOF. 244 245 int off = 0; 246 int left = max_len; 247 248 do { 249 int n; 250 RESTARTABLE(read(s, buf+off, left), n); 251 if (n == -1) { 252 return NULL; // reset by peer or other error 253 } 254 if (n == 0) { 255 break; 256 } 257 for (int i=0; i<n; i++) { 258 if (buf[off+i] == 0) { 259 // EOS found 260 str_count++; 261 262 // The first string is <ver> so check it now to 263 // check for protocol mis-match 264 if (str_count == 1) { 265 if ((strlen(buf) != strlen(ver_str)) || 266 (atoi(buf) != ATTACH_PROTOCOL_VER)) { 267 char msg[32]; 268 sprintf(msg, "%d\n", ATTACH_ERROR_BADVERSION); 269 write_fully(s, msg, strlen(msg)); 270 return NULL; 271 } 272 } 273 } 274 } 275 off += n; 276 left -= n; 277 } while (left > 0 && str_count < expected_str_count); 278 279 if (str_count != expected_str_count) { 280 return NULL; // incomplete request 281 } 282 283 // parse request 284 285 ArgumentIterator args(buf, (max_len)-left); 286 287 // version already checked 288 char* v = args.next(); 289 290 char* name = args.next(); 291 if (name == NULL || strlen(name) > AttachOperation::name_length_max) { 292 return NULL; 293 } 294 295 LinuxAttachOperation* op = new LinuxAttachOperation(name); 296 297 for (int i=0; i<AttachOperation::arg_count_max; i++) { 298 char* arg = args.next(); 299 if (arg == NULL) { 300 op->set_arg(i, NULL); 301 } else { 302 if (strlen(arg) > AttachOperation::arg_length_max) { 303 delete op; 304 return NULL; 305 } 306 op->set_arg(i, arg); 307 } 308 } 309 310 op->set_socket(s); 311 return op; 312} 313 314 315// Dequeue an operation 316// 317// In the Linux implementation there is only a single operation and clients 318// cannot queue commands (except at the socket level). 319// 320LinuxAttachOperation* LinuxAttachListener::dequeue() { 321 for (;;) { 322 int s; 323 324 // wait for client to connect 325 struct sockaddr addr; 326 socklen_t len = sizeof(addr); 327 RESTARTABLE(::accept(listener(), &addr, &len), s); 328 if (s == -1) { 329 return NULL; // log a warning? 330 } 331 332 // get the credentials of the peer and check the effective uid/guid 333 // - check with jeff on this. 334 struct ucred cred_info; 335 socklen_t optlen = sizeof(cred_info); 336 if (::getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void*)&cred_info, &optlen) == -1) { 337 int res; 338 RESTARTABLE(::close(s), res); 339 continue; 340 } 341 uid_t euid = geteuid(); 342 gid_t egid = getegid(); 343 344 if (cred_info.uid != euid || cred_info.gid != egid) { 345 int res; 346 RESTARTABLE(::close(s), res); 347 continue; 348 } 349 350 // peer credential look okay so we read the request 351 LinuxAttachOperation* op = read_request(s); 352 if (op == NULL) { 353 int res; 354 RESTARTABLE(::close(s), res); 355 continue; 356 } else { 357 return op; 358 } 359 } 360} 361 362// write the given buffer to the socket 363int LinuxAttachListener::write_fully(int s, char* buf, int len) { 364 do { 365 int n = ::write(s, buf, len); 366 if (n == -1) { 367 if (errno != EINTR) return -1; 368 } else { 369 buf += n; 370 len -= n; 371 } 372 } 373 while (len > 0); 374 return 0; 375} 376 377// Complete an operation by sending the operation result and any result 378// output to the client. At this time the socket is in blocking mode so 379// potentially we can block if there is a lot of data and the client is 380// non-responsive. For most operations this is a non-issue because the 381// default send buffer is sufficient to buffer everything. In the future 382// if there are operations that involves a very big reply then it the 383// socket could be made non-blocking and a timeout could be used. 384 385void LinuxAttachOperation::complete(jint result, bufferedStream* st) { 386 JavaThread* thread = JavaThread::current(); 387 ThreadBlockInVM tbivm(thread); 388 389 thread->set_suspend_equivalent(); 390 // cleared by handle_special_suspend_equivalent_condition() or 391 // java_suspend_self() via check_and_wait_while_suspended() 392 393 // write operation result 394 char msg[32]; 395 sprintf(msg, "%d\n", result); 396 int rc = LinuxAttachListener::write_fully(this->socket(), msg, strlen(msg)); 397 398 // write any result data 399 if (rc == 0) { 400 LinuxAttachListener::write_fully(this->socket(), (char*) st->base(), st->size()); 401 ::shutdown(this->socket(), 2); 402 } 403 404 // done 405 RESTARTABLE(::close(this->socket()), rc); 406 407 // were we externally suspended while we were waiting? 408 thread->check_and_wait_while_suspended(); 409 410 delete this; 411} 412 413 414// AttachListener functions 415 416AttachOperation* AttachListener::dequeue() { 417 JavaThread* thread = JavaThread::current(); 418 ThreadBlockInVM tbivm(thread); 419 420 thread->set_suspend_equivalent(); 421 // cleared by handle_special_suspend_equivalent_condition() or 422 // java_suspend_self() via check_and_wait_while_suspended() 423 424 AttachOperation* op = LinuxAttachListener::dequeue(); 425 426 // were we externally suspended while we were waiting? 427 thread->check_and_wait_while_suspended(); 428 429 return op; 430} 431 432int AttachListener::pd_init() { 433 JavaThread* thread = JavaThread::current(); 434 ThreadBlockInVM tbivm(thread); 435 436 thread->set_suspend_equivalent(); 437 // cleared by handle_special_suspend_equivalent_condition() or 438 // java_suspend_self() via check_and_wait_while_suspended() 439 440 int ret_code = LinuxAttachListener::init(); 441 442 // were we externally suspended while we were waiting? 443 thread->check_and_wait_while_suspended(); 444 445 return ret_code; 446} 447 448// Attach Listener is started lazily except in the case when 449// +ReduseSignalUsage is used 450bool AttachListener::init_at_startup() { 451 if (ReduceSignalUsage) { 452 return true; 453 } else { 454 return false; 455 } 456} 457 458// If the file .attach_pid<pid> exists in the working directory 459// or /tmp then this is the trigger to start the attach mechanism 460bool AttachListener::is_init_trigger() { 461 if (init_at_startup() || is_initialized()) { 462 return false; // initialized at startup or already initialized 463 } 464 char fn[PATH_MAX+1]; 465 sprintf(fn, ".attach_pid%d", os::current_process_id()); 466 int ret; 467 struct stat64 st; 468 RESTARTABLE(::stat64(fn, &st), ret); 469 if (ret == -1) { 470 snprintf(fn, sizeof(fn), "%s/.attach_pid%d", 471 os::get_temp_directory(), os::current_process_id()); 472 RESTARTABLE(::stat64(fn, &st), ret); 473 } 474 if (ret == 0) { 475 // simple check to avoid starting the attach mechanism when 476 // a bogus user creates the file 477 if (st.st_uid == geteuid()) { 478 init(); 479 return true; 480 } 481 } 482 return false; 483} 484 485// if VM aborts then remove listener 486void AttachListener::abort() { 487 listener_cleanup(); 488} 489 490void AttachListener::pd_data_dump() { 491 os::signal_notify(SIGQUIT); 492} 493 494AttachOperationFunctionInfo* AttachListener::pd_find_operation(const char* n) { 495 return NULL; 496} 497 498jint AttachListener::pd_set_flag(AttachOperation* op, outputStream* out) { 499 out->print_cr("flag '%s' cannot be changed", op->arg(0)); 500 return JNI_ERR; 501} 502 503void AttachListener::pd_detachall() { 504 // do nothing for now 505} 506