• file
• revisions
• annotate
• diff
• comparison
• raw

src/os/bsd/vm/perfMemory_bsd.cpp@2d23269a45a0 (annotated)

src/os/bsd/vm/perfMemory_bsd.cpp

Wed, 04 Nov 2015 16:23:08 -0800

author

clanger

date

Wed, 04 Nov 2015 16:23:08 -0800

changeset 8210

2d23269a45a0

parent 8177

9f8038f83a6e

child 8604

04d83ba48607

child 9507

7e72702243a4

permissions

-rw-r--r--

8140244: Port fix of JDK-8075773 to AIX and possibly MacOSX
Reviewed-by: stuefe, dcubed

never@3156	1	/*
clanger@8177	2	* Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
never@3156	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
never@3156	4	*
never@3156	5	* This code is free software; you can redistribute it and/or modify it
never@3156	6	* under the terms of the GNU General Public License version 2 only, as
never@3156	7	* published by the Free Software Foundation.
never@3156	8	*
never@3156	9	* This code is distributed in the hope that it will be useful, but WITHOUT
never@3156	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
never@3156	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
never@3156	12	* version 2 for more details (a copy is included in the LICENSE file that
never@3156	13	* accompanied this code).
never@3156	14	*
never@3156	15	* You should have received a copy of the GNU General Public License version
never@3156	16	* 2 along with this work; if not, write to the Free Software Foundation,
never@3156	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
never@3156	18	*
never@3156	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
never@3156	20	* or visit www.oracle.com if you need additional information or have any
never@3156	21	* questions.
never@3156	22	*
never@3156	23	*/
never@3156	24
never@3156	25	#include "precompiled.hpp"
never@3156	26	#include "classfile/vmSymbols.hpp"
never@3156	27	#include "memory/allocation.inline.hpp"
never@3156	28	#include "memory/resourceArea.hpp"
never@3156	29	#include "oops/oop.inline.hpp"
never@3156	30	#include "os_bsd.inline.hpp"
never@3156	31	#include "runtime/handles.inline.hpp"
never@3156	32	#include "runtime/perfMemory.hpp"
zgu@4193	33	#include "services/memTracker.hpp"
never@3156	34	#include "utilities/exceptions.hpp"
never@3156	35
never@3156	36	// put OS-includes here
never@3156	37	# include <sys/types.h>
never@3156	38	# include <sys/mman.h>
never@3156	39	# include <errno.h>
never@3156	40	# include <stdio.h>
never@3156	41	# include <unistd.h>
never@3156	42	# include <sys/stat.h>
never@3156	43	# include <signal.h>
never@3156	44	# include <pwd.h>
never@3156	45
never@3156	46	static char* backing_store_file_name = NULL; // name of the backing store
never@3156	47	// file, if successfully created.
never@3156	48
never@3156	49	// Standard Memory Implementation Details
never@3156	50
never@3156	51	// create the PerfData memory region in standard memory.
never@3156	52	//
never@3156	53	static char* create_standard_memory(size_t size) {
never@3156	54
never@3156	55	// allocate an aligned chuck of memory
never@3156	56	char* mapAddress = os::reserve_memory(size);
never@3156	57
never@3156	58	if (mapAddress == NULL) {
never@3156	59	return NULL;
never@3156	60	}
never@3156	61
never@3156	62	// commit memory
dcubed@5255	63	if (!os::commit_memory(mapAddress, size, !ExecMem)) {
never@3156	64	if (PrintMiscellaneous && Verbose) {
never@3156	65	warning("Could not commit PerfData memory\n");
never@3156	66	}
never@3156	67	os::release_memory(mapAddress, size);
never@3156	68	return NULL;
never@3156	69	}
never@3156	70
never@3156	71	return mapAddress;
never@3156	72	}
never@3156	73
never@3156	74	// delete the PerfData memory region
never@3156	75	//
never@3156	76	static void delete_standard_memory(char* addr, size_t size) {
never@3156	77
never@3156	78	// there are no persistent external resources to cleanup for standard
never@3156	79	// memory. since DestroyJavaVM does not support unloading of the JVM,
never@3156	80	// cleanup of the memory resource is not performed. The memory will be
never@3156	81	// reclaimed by the OS upon termination of the process.
never@3156	82	//
never@3156	83	return;
never@3156	84	}
never@3156	85
never@3156	86	// save the specified memory region to the given file
never@3156	87	//
never@3156	88	// Note: this function might be called from signal handler (by os::abort()),
never@3156	89	// don't allocate heap memory.
never@3156	90	//
never@3156	91	static void save_memory_to_file(char* addr, size_t size) {
never@3156	92
never@3156	93	const char* destfile = PerfMemory::get_perfdata_file_path();
never@3156	94	assert(destfile[0] != '\0', "invalid PerfData file path");
never@3156	95
never@3156	96	int result;
never@3156	97
never@3156	98	RESTARTABLE(::open(destfile, O_CREAT|O_WRONLY|O_TRUNC, S_IREAD|S_IWRITE),
never@3156	99	result);;
never@3156	100	if (result == OS_ERR) {
never@3156	101	if (PrintMiscellaneous && Verbose) {
never@3156	102	warning("Could not create Perfdata save file: %s: %s\n",
never@3156	103	destfile, strerror(errno));
never@3156	104	}
never@3156	105	} else {
never@3156	106	int fd = result;
never@3156	107
never@3156	108	for (size_t remaining = size; remaining > 0;) {
never@3156	109
never@3156	110	RESTARTABLE(::write(fd, addr, remaining), result);
never@3156	111	if (result == OS_ERR) {
never@3156	112	if (PrintMiscellaneous && Verbose) {
never@3156	113	warning("Could not write Perfdata save file: %s: %s\n",
never@3156	114	destfile, strerror(errno));
never@3156	115	}
never@3156	116	break;
never@3156	117	}
never@3156	118
never@3156	119	remaining -= (size_t)result;
never@3156	120	addr += result;
never@3156	121	}
never@3156	122
rdurbin@5264	123	result = ::close(fd);
never@3156	124	if (PrintMiscellaneous && Verbose) {
never@3156	125	if (result == OS_ERR) {
never@3156	126	warning("Could not close %s: %s\n", destfile, strerror(errno));
never@3156	127	}
never@3156	128	}
never@3156	129	}
zgu@3900	130	FREE_C_HEAP_ARRAY(char, destfile, mtInternal);
never@3156	131	}
never@3156	132
never@3156	133
never@3156	134	// Shared Memory Implementation Details
never@3156	135
never@3156	136	// Note: the solaris and bsd shared memory implementation uses the mmap
never@3156	137	// interface with a backing store file to implement named shared memory.
never@3156	138	// Using the file system as the name space for shared memory allows a
never@3156	139	// common name space to be supported across a variety of platforms. It
never@3156	140	// also provides a name space that Java applications can deal with through
never@3156	141	// simple file apis.
never@3156	142	//
never@3156	143	// The solaris and bsd implementations store the backing store file in
never@3156	144	// a user specific temporary directory located in the /tmp file system,
never@3156	145	// which is always a local file system and is sometimes a RAM based file
never@3156	146	// system.
never@3156	147
never@3156	148	// return the user specific temporary directory name.
never@3156	149	//
never@3156	150	// the caller is expected to free the allocated memory.
never@3156	151	//
never@3156	152	static char* get_user_tmp_dir(const char* user) {
never@3156	153
never@3156	154	const char* tmpdir = os::get_temp_directory();
never@3156	155	const char* perfdir = PERFDATA_NAME;
never@3156	156	size_t nbytes = strlen(tmpdir) + strlen(perfdir) + strlen(user) + 3;
zgu@3900	157	char* dirname = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal);
never@3156	158
never@3156	159	// construct the path name to user specific tmp directory
never@3156	160	snprintf(dirname, nbytes, "%s/%s_%s", tmpdir, perfdir, user);
never@3156	161
never@3156	162	return dirname;
never@3156	163	}
never@3156	164
never@3156	165	// convert the given file name into a process id. if the file
never@3156	166	// does not meet the file naming constraints, return 0.
never@3156	167	//
never@3156	168	static pid_t filename_to_pid(const char* filename) {
never@3156	169
never@3156	170	// a filename that doesn't begin with a digit is not a
never@3156	171	// candidate for conversion.
never@3156	172	//
never@3156	173	if (!isdigit(*filename)) {
never@3156	174	return 0;
never@3156	175	}
never@3156	176
never@3156	177	// check if file name can be converted to an integer without
never@3156	178	// any leftover characters.
never@3156	179	//
never@3156	180	char* remainder = NULL;
never@3156	181	errno = 0;
never@3156	182	pid_t pid = (pid_t)strtol(filename, &remainder, 10);
never@3156	183
never@3156	184	if (errno != 0) {
never@3156	185	return 0;
never@3156	186	}
never@3156	187
never@3156	188	// check for left over characters. If any, then the filename is
never@3156	189	// not a candidate for conversion.
never@3156	190	//
never@3156	191	if (remainder != NULL && *remainder != '\0') {
never@3156	192	return 0;
never@3156	193	}
never@3156	194
never@3156	195	// successful conversion, return the pid
never@3156	196	return pid;
never@3156	197	}
never@3156	198
never@3156	199
gthornbr@7493	200	// Check if the given statbuf is considered a secure directory for
gthornbr@7493	201	// the backing store files. Returns true if the directory is considered
gthornbr@7493	202	// a secure location. Returns false if the statbuf is a symbolic link or
gthornbr@7493	203	// if an error occurred.
gthornbr@7493	204	//
gthornbr@7493	205	static bool is_statbuf_secure(struct stat *statp) {
gthornbr@7493	206	if (S_ISLNK(statp->st_mode) || !S_ISDIR(statp->st_mode)) {
gthornbr@7493	207	// The path represents a link or some non-directory file type,
gthornbr@7493	208	// which is not what we expected. Declare it insecure.
gthornbr@7493	209	//
gthornbr@7493	210	return false;
gthornbr@7493	211	}
gthornbr@7493	212	// We have an existing directory, check if the permissions are safe.
gthornbr@7493	213	//
gthornbr@7493	214	if ((statp->st_mode & (S_IWGRP|S_IWOTH)) != 0) {
gthornbr@7493	215	// The directory is open for writing and could be subjected
gthornbr@7493	216	// to a symlink or a hard link attack. Declare it insecure.
gthornbr@7493	217	//
gthornbr@7493	218	return false;
gthornbr@7493	219	}
clanger@8210	220	// If user is not root then see if the uid of the directory matches the effective uid of the process.
clanger@8210	221	uid_t euid = geteuid();
clanger@8210	222	if ((euid != 0) && (statp->st_uid != euid)) {
gthornbr@7493	223	// The directory was not created by this user, declare it insecure.
gthornbr@7493	224	//
gthornbr@7493	225	return false;
gthornbr@7493	226	}
gthornbr@7493	227	return true;
gthornbr@7493	228	}
gthornbr@7493	229
gthornbr@7493	230
gthornbr@7493	231	// Check if the given path is considered a secure directory for
never@3156	232	// the backing store files. Returns true if the directory exists
never@3156	233	// and is considered a secure location. Returns false if the path
never@3156	234	// is a symbolic link or if an error occurred.
never@3156	235	//
never@3156	236	static bool is_directory_secure(const char* path) {
never@3156	237	struct stat statbuf;
never@3156	238	int result = 0;
never@3156	239
never@3156	240	RESTARTABLE(::lstat(path, &statbuf), result);
never@3156	241	if (result == OS_ERR) {
never@3156	242	return false;
never@3156	243	}
never@3156	244
gthornbr@7493	245	// The path exists, see if it is secure.
gthornbr@7493	246	return is_statbuf_secure(&statbuf);
gthornbr@7493	247	}
gthornbr@7493	248
gthornbr@7493	249
gthornbr@7493	250	// Check if the given directory file descriptor is considered a secure
gthornbr@7493	251	// directory for the backing store files. Returns true if the directory
gthornbr@7493	252	// exists and is considered a secure location. Returns false if the path
gthornbr@7493	253	// is a symbolic link or if an error occurred.
gthornbr@7493	254	//
gthornbr@7493	255	static bool is_dirfd_secure(int dir_fd) {
gthornbr@7493	256	struct stat statbuf;
gthornbr@7493	257	int result = 0;
gthornbr@7493	258
gthornbr@7493	259	RESTARTABLE(::fstat(dir_fd, &statbuf), result);
gthornbr@7493	260	if (result == OS_ERR) {
never@3156	261	return false;
never@3156	262	}
gthornbr@7493	263
gthornbr@7493	264	// The path exists, now check its mode.
gthornbr@7493	265	return is_statbuf_secure(&statbuf);
gthornbr@7493	266	}
gthornbr@7493	267
gthornbr@7493	268
gthornbr@7493	269	// Check to make sure fd1 and fd2 are referencing the same file system object.
gthornbr@7493	270	//
gthornbr@7493	271	static bool is_same_fsobject(int fd1, int fd2) {
gthornbr@7493	272	struct stat statbuf1;
gthornbr@7493	273	struct stat statbuf2;
gthornbr@7493	274	int result = 0;
gthornbr@7493	275
gthornbr@7493	276	RESTARTABLE(::fstat(fd1, &statbuf1), result);
gthornbr@7493	277	if (result == OS_ERR) {
gthornbr@7493	278	return false;
gthornbr@7493	279	}
gthornbr@7493	280	RESTARTABLE(::fstat(fd2, &statbuf2), result);
gthornbr@7493	281	if (result == OS_ERR) {
gthornbr@7493	282	return false;
gthornbr@7493	283	}
gthornbr@7493	284
gthornbr@7493	285	if ((statbuf1.st_ino == statbuf2.st_ino) &&
gthornbr@7493	286	(statbuf1.st_dev == statbuf2.st_dev)) {
gthornbr@7493	287	return true;
gthornbr@7493	288	} else {
gthornbr@7493	289	return false;
gthornbr@7493	290	}
gthornbr@7493	291	}
gthornbr@7493	292
gthornbr@7493	293
gthornbr@7493	294	// Open the directory of the given path and validate it.
gthornbr@7493	295	// Return a DIR * of the open directory.
gthornbr@7493	296	//
gthornbr@7493	297	static DIR *open_directory_secure(const char* dirname) {
gthornbr@7493	298	// Open the directory using open() so that it can be verified
gthornbr@7493	299	// to be secure by calling is_dirfd_secure(), opendir() and then check
gthornbr@7493	300	// to see if they are the same file system object. This method does not
gthornbr@7493	301	// introduce a window of opportunity for the directory to be attacked that
gthornbr@7493	302	// calling opendir() and is_directory_secure() does.
gthornbr@7493	303	int result;
gthornbr@7493	304	DIR *dirp = NULL;
gthornbr@7493	305	RESTARTABLE(::open(dirname, O_RDONLY|O_NOFOLLOW), result);
gthornbr@7493	306	if (result == OS_ERR) {
gthornbr@7493	307	// Directory doesn't exist or is a symlink, so there is nothing to cleanup.
gthornbr@7493	308	if (PrintMiscellaneous && Verbose) {
gthornbr@7493	309	if (errno == ELOOP) {
gthornbr@7493	310	warning("directory %s is a symlink and is not secure\n", dirname);
gthornbr@7493	311	} else {
gthornbr@7493	312	warning("could not open directory %s: %s\n", dirname, strerror(errno));
gthornbr@7493	313	}
never@3156	314	}
gthornbr@7493	315	return dirp;
gthornbr@7493	316	}
gthornbr@7493	317	int fd = result;
gthornbr@7493	318
gthornbr@7493	319	// Determine if the open directory is secure.
gthornbr@7493	320	if (!is_dirfd_secure(fd)) {
gthornbr@7493	321	// The directory is not a secure directory.
gthornbr@7493	322	os::close(fd);
gthornbr@7493	323	return dirp;
gthornbr@7493	324	}
gthornbr@7493	325
gthornbr@7493	326	// Open the directory.
gthornbr@7493	327	dirp = ::opendir(dirname);
gthornbr@7493	328	if (dirp == NULL) {
gthornbr@7493	329	// The directory doesn't exist, close fd and return.
gthornbr@7493	330	os::close(fd);
gthornbr@7493	331	return dirp;
gthornbr@7493	332	}
gthornbr@7493	333
gthornbr@7493	334	// Check to make sure fd and dirp are referencing the same file system object.
gthornbr@7493	335	if (!is_same_fsobject(fd, dirfd(dirp))) {
gthornbr@7493	336	// The directory is not secure.
gthornbr@7493	337	os::close(fd);
gthornbr@7493	338	os::closedir(dirp);
gthornbr@7493	339	dirp = NULL;
gthornbr@7493	340	return dirp;
gthornbr@7493	341	}
gthornbr@7493	342
gthornbr@7493	343	// Close initial open now that we know directory is secure
gthornbr@7493	344	os::close(fd);
gthornbr@7493	345
gthornbr@7493	346	return dirp;
gthornbr@7493	347	}
gthornbr@7493	348
gthornbr@7493	349	// NOTE: The code below uses fchdir(), open() and unlink() because
gthornbr@7493	350	// fdopendir(), openat() and unlinkat() are not supported on all
gthornbr@7493	351	// versions. Once the support for fdopendir(), openat() and unlinkat()
gthornbr@7493	352	// is available on all supported versions the code can be changed
gthornbr@7493	353	// to use these functions.
gthornbr@7493	354
gthornbr@7493	355	// Open the directory of the given path, validate it and set the
gthornbr@7493	356	// current working directory to it.
gthornbr@7493	357	// Return a DIR * of the open directory and the saved cwd fd.
gthornbr@7493	358	//
gthornbr@7493	359	static DIR *open_directory_secure_cwd(const char* dirname, int *saved_cwd_fd) {
gthornbr@7493	360
gthornbr@7493	361	// Open the directory.
gthornbr@7493	362	DIR* dirp = open_directory_secure(dirname);
gthornbr@7493	363	if (dirp == NULL) {
gthornbr@7493	364	// Directory doesn't exist or is insecure, so there is nothing to cleanup.
gthornbr@7493	365	return dirp;
gthornbr@7493	366	}
gthornbr@7493	367	int fd = dirfd(dirp);
gthornbr@7493	368
gthornbr@7493	369	// Open a fd to the cwd and save it off.
gthornbr@7493	370	int result;
gthornbr@7493	371	RESTARTABLE(::open(".", O_RDONLY), result);
gthornbr@7493	372	if (result == OS_ERR) {
gthornbr@7493	373	*saved_cwd_fd = -1;
gthornbr@7493	374	} else {
gthornbr@7493	375	*saved_cwd_fd = result;
gthornbr@7493	376	}
gthornbr@7493	377
clanger@8177	378	// Set the current directory to dirname by using the fd of the directory and
clanger@8177	379	// handle errors, otherwise shared memory files will be created in cwd.
gthornbr@7493	380	result = fchdir(fd);
clanger@8177	381	if (result == OS_ERR) {
clanger@8177	382	if (PrintMiscellaneous && Verbose) {
clanger@8177	383	warning("could not change to directory %s", dirname);
clanger@8177	384	}
clanger@8177	385	if (*saved_cwd_fd != -1) {
clanger@8177	386	::close(*saved_cwd_fd);
clanger@8177	387	*saved_cwd_fd = -1;
clanger@8177	388	}
clanger@8177	389	// Close the directory.
clanger@8177	390	os::closedir(dirp);
clanger@8177	391	return NULL;
clanger@8177	392	} else {
clanger@8177	393	return dirp;
clanger@8177	394	}
gthornbr@7493	395	}
gthornbr@7493	396
gthornbr@7493	397	// Close the directory and restore the current working directory.
gthornbr@7493	398	//
gthornbr@7493	399	static void close_directory_secure_cwd(DIR* dirp, int saved_cwd_fd) {
gthornbr@7493	400
gthornbr@7493	401	int result;
gthornbr@7493	402	// If we have a saved cwd change back to it and close the fd.
gthornbr@7493	403	if (saved_cwd_fd != -1) {
gthornbr@7493	404	result = fchdir(saved_cwd_fd);
gthornbr@7493	405	::close(saved_cwd_fd);
gthornbr@7493	406	}
gthornbr@7493	407
gthornbr@7493	408	// Close the directory.
gthornbr@7493	409	os::closedir(dirp);
gthornbr@7493	410	}
gthornbr@7493	411
gthornbr@7493	412	// Check if the given file descriptor is considered a secure.
gthornbr@7493	413	//
gthornbr@7493	414	static bool is_file_secure(int fd, const char *filename) {
gthornbr@7493	415
gthornbr@7493	416	int result;
gthornbr@7493	417	struct stat statbuf;
gthornbr@7493	418
gthornbr@7493	419	// Determine if the file is secure.
gthornbr@7493	420	RESTARTABLE(::fstat(fd, &statbuf), result);
gthornbr@7493	421	if (result == OS_ERR) {
gthornbr@7493	422	if (PrintMiscellaneous && Verbose) {
gthornbr@7493	423	warning("fstat failed on %s: %s\n", filename, strerror(errno));
gthornbr@7493	424	}
gthornbr@7493	425	return false;
gthornbr@7493	426	}
gthornbr@7493	427	if (statbuf.st_nlink > 1) {
gthornbr@7493	428	// A file with multiple links is not expected.
gthornbr@7493	429	if (PrintMiscellaneous && Verbose) {
gthornbr@7493	430	warning("file %s has multiple links\n", filename);
gthornbr@7493	431	}
gthornbr@7493	432	return false;
never@3156	433	}
never@3156	434	return true;
never@3156	435	}
never@3156	436
never@3156	437	// return the user name for the given user id
never@3156	438	//
never@3156	439	// the caller is expected to free the allocated memory.
never@3156	440	//
never@3156	441	static char* get_user_name(uid_t uid) {
never@3156	442
never@3156	443	struct passwd pwent;
never@3156	444
never@3156	445	// determine the max pwbuf size from sysconf, and hardcode
never@3156	446	// a default if this not available through sysconf.
never@3156	447	//
never@3156	448	long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
never@3156	449	if (bufsize == -1)
never@3156	450	bufsize = 1024;
never@3156	451
zgu@3900	452	char* pwbuf = NEW_C_HEAP_ARRAY(char, bufsize, mtInternal);
never@3156	453
never@3156	454	// POSIX interface to getpwuid_r is used on LINUX
never@3156	455	struct passwd* p;
never@3156	456	int result = getpwuid_r(uid, &pwent, pwbuf, (size_t)bufsize, &p);
never@3156	457
never@3156	458	if (result != 0 || p == NULL || p->pw_name == NULL || *(p->pw_name) == '\0') {
never@3156	459	if (PrintMiscellaneous && Verbose) {
never@3156	460	if (result != 0) {
never@3156	461	warning("Could not retrieve passwd entry: %s\n",
never@3156	462	strerror(result));
never@3156	463	}
never@3156	464	else if (p == NULL) {
never@3156	465	// this check is added to protect against an observed problem
never@3156	466	// with getpwuid_r() on RedHat 9 where getpwuid_r returns 0,
never@3156	467	// indicating success, but has p == NULL. This was observed when
never@3156	468	// inserting a file descriptor exhaustion fault prior to the call
never@3156	469	// getpwuid_r() call. In this case, error is set to the appropriate
never@3156	470	// error condition, but this is undocumented behavior. This check
never@3156	471	// is safe under any condition, but the use of errno in the output
never@3156	472	// message may result in an erroneous message.
never@3156	473	// Bug Id 89052 was opened with RedHat.
never@3156	474	//
never@3156	475	warning("Could not retrieve passwd entry: %s\n",
never@3156	476	strerror(errno));
never@3156	477	}
never@3156	478	else {
never@3156	479	warning("Could not determine user name: %s\n",
never@3156	480	p->pw_name == NULL ? "pw_name = NULL" :
never@3156	481	"pw_name zero length");
never@3156	482	}
never@3156	483	}
zgu@3900	484	FREE_C_HEAP_ARRAY(char, pwbuf, mtInternal);
never@3156	485	return NULL;
never@3156	486	}
never@3156	487
zgu@3900	488	char* user_name = NEW_C_HEAP_ARRAY(char, strlen(p->pw_name) + 1, mtInternal);
never@3156	489	strcpy(user_name, p->pw_name);
never@3156	490
zgu@3900	491	FREE_C_HEAP_ARRAY(char, pwbuf, mtInternal);
never@3156	492	return user_name;
never@3156	493	}
never@3156	494
never@3156	495	// return the name of the user that owns the process identified by vmid.
never@3156	496	//
never@3156	497	// This method uses a slow directory search algorithm to find the backing
never@3156	498	// store file for the specified vmid and returns the user name, as determined
never@3156	499	// by the user name suffix of the hsperfdata_<username> directory name.
never@3156	500	//
never@3156	501	// the caller is expected to free the allocated memory.
never@3156	502	//
never@3156	503	static char* get_user_name_slow(int vmid, TRAPS) {
never@3156	504
never@3156	505	// short circuit the directory search if the process doesn't even exist.
never@3156	506	if (kill(vmid, 0) == OS_ERR) {
never@3156	507	if (errno == ESRCH) {
never@3156	508	THROW_MSG_0(vmSymbols::java_lang_IllegalArgumentException(),
never@3156	509	"Process not found");
never@3156	510	}
never@3156	511	else /* EPERM */ {
never@3156	512	THROW_MSG_0(vmSymbols::java_io_IOException(), strerror(errno));
never@3156	513	}
never@3156	514	}
never@3156	515
never@3156	516	// directory search
never@3156	517	char* oldest_user = NULL;
never@3156	518	time_t oldest_ctime = 0;
never@3156	519
never@3156	520	const char* tmpdirname = os::get_temp_directory();
never@3156	521
gthornbr@7493	522	// open the temp directory
never@3156	523	DIR* tmpdirp = os::opendir(tmpdirname);
never@3156	524
never@3156	525	if (tmpdirp == NULL) {
gthornbr@7493	526	// Cannot open the directory to get the user name, return.
never@3156	527	return NULL;
never@3156	528	}
never@3156	529
never@3156	530	// for each entry in the directory that matches the pattern hsperfdata_*,
never@3156	531	// open the directory and check if the file for the given vmid exists.
never@3156	532	// The file with the expected name and the latest creation date is used
never@3156	533	// to determine the user name for the process id.
never@3156	534	//
never@3156	535	struct dirent* dentry;
zgu@3900	536	char* tdbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(tmpdirname), mtInternal);
never@3156	537	errno = 0;
never@3156	538	while ((dentry = os::readdir(tmpdirp, (struct dirent *)tdbuf)) != NULL) {
never@3156	539
never@3156	540	// check if the directory entry is a hsperfdata file
never@3156	541	if (strncmp(dentry->d_name, PERFDATA_NAME, strlen(PERFDATA_NAME)) != 0) {
never@3156	542	continue;
never@3156	543	}
never@3156	544
never@3156	545	char* usrdir_name = NEW_C_HEAP_ARRAY(char,
zgu@3900	546	strlen(tmpdirname) + strlen(dentry->d_name) + 2, mtInternal);
never@3156	547	strcpy(usrdir_name, tmpdirname);
never@3156	548	strcat(usrdir_name, "/");
never@3156	549	strcat(usrdir_name, dentry->d_name);
never@3156	550
gthornbr@7493	551	// open the user directory
gthornbr@7493	552	DIR* subdirp = open_directory_secure(usrdir_name);
never@3156	553
never@3156	554	if (subdirp == NULL) {
zgu@3900	555	FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
never@3156	556	continue;
never@3156	557	}
never@3156	558
never@3156	559	struct dirent* udentry;
zgu@3900	560	char* udbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(usrdir_name), mtInternal);
never@3156	561	errno = 0;
never@3156	562	while ((udentry = os::readdir(subdirp, (struct dirent *)udbuf)) != NULL) {
never@3156	563
never@3156	564	if (filename_to_pid(udentry->d_name) == vmid) {
never@3156	565	struct stat statbuf;
never@3156	566	int result;
never@3156	567
never@3156	568	char* filename = NEW_C_HEAP_ARRAY(char,
zgu@3900	569	strlen(usrdir_name) + strlen(udentry->d_name) + 2, mtInternal);
never@3156	570
never@3156	571	strcpy(filename, usrdir_name);
never@3156	572	strcat(filename, "/");
never@3156	573	strcat(filename, udentry->d_name);
never@3156	574
never@3156	575	// don't follow symbolic links for the file
never@3156	576	RESTARTABLE(::lstat(filename, &statbuf), result);
never@3156	577	if (result == OS_ERR) {
zgu@3900	578	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	579	continue;
never@3156	580	}
never@3156	581
never@3156	582	// skip over files that are not regular files.
never@3156	583	if (!S_ISREG(statbuf.st_mode)) {
zgu@3900	584	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	585	continue;
never@3156	586	}
never@3156	587
never@3156	588	// compare and save filename with latest creation time
never@3156	589	if (statbuf.st_size > 0 && statbuf.st_ctime > oldest_ctime) {
never@3156	590
never@3156	591	if (statbuf.st_ctime > oldest_ctime) {
never@3156	592	char* user = strchr(dentry->d_name, '_') + 1;
never@3156	593
zgu@3900	594	if (oldest_user != NULL) FREE_C_HEAP_ARRAY(char, oldest_user, mtInternal);
zgu@3900	595	oldest_user = NEW_C_HEAP_ARRAY(char, strlen(user)+1, mtInternal);
never@3156	596
never@3156	597	strcpy(oldest_user, user);
never@3156	598	oldest_ctime = statbuf.st_ctime;
never@3156	599	}
never@3156	600	}
never@3156	601
zgu@3900	602	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	603	}
never@3156	604	}
never@3156	605	os::closedir(subdirp);
zgu@3900	606	FREE_C_HEAP_ARRAY(char, udbuf, mtInternal);
zgu@3900	607	FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
never@3156	608	}
never@3156	609	os::closedir(tmpdirp);
zgu@3900	610	FREE_C_HEAP_ARRAY(char, tdbuf, mtInternal);
never@3156	611
never@3156	612	return(oldest_user);
never@3156	613	}
never@3156	614
never@3156	615	// return the name of the user that owns the JVM indicated by the given vmid.
never@3156	616	//
never@3156	617	static char* get_user_name(int vmid, TRAPS) {
never@3156	618	return get_user_name_slow(vmid, CHECK_NULL);
never@3156	619	}
never@3156	620
never@3156	621	// return the file name of the backing store file for the named
never@3156	622	// shared memory region for the given user name and vmid.
never@3156	623	//
never@3156	624	// the caller is expected to free the allocated memory.
never@3156	625	//
never@3156	626	static char* get_sharedmem_filename(const char* dirname, int vmid) {
never@3156	627
never@3156	628	// add 2 for the file separator and a null terminator.
never@3156	629	size_t nbytes = strlen(dirname) + UINT_CHARS + 2;
never@3156	630
zgu@3900	631	char* name = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal);
never@3156	632	snprintf(name, nbytes, "%s/%d", dirname, vmid);
never@3156	633
never@3156	634	return name;
never@3156	635	}
never@3156	636
never@3156	637
never@3156	638	// remove file
never@3156	639	//
never@3156	640	// this method removes the file specified by the given path
never@3156	641	//
never@3156	642	static void remove_file(const char* path) {
never@3156	643
never@3156	644	int result;
never@3156	645
never@3156	646	// if the file is a directory, the following unlink will fail. since
never@3156	647	// we don't expect to find directories in the user temp directory, we
never@3156	648	// won't try to handle this situation. even if accidentially or
never@3156	649	// maliciously planted, the directory's presence won't hurt anything.
never@3156	650	//
never@3156	651	RESTARTABLE(::unlink(path), result);
never@3156	652	if (PrintMiscellaneous && Verbose && result == OS_ERR) {
never@3156	653	if (errno != ENOENT) {
never@3156	654	warning("Could not unlink shared memory backing"
never@3156	655	" store file %s : %s\n", path, strerror(errno));
never@3156	656	}
never@3156	657	}
never@3156	658	}
never@3156	659
never@3156	660
never@3156	661	// cleanup stale shared memory resources
never@3156	662	//
never@3156	663	// This method attempts to remove all stale shared memory files in
never@3156	664	// the named user temporary directory. It scans the named directory
never@3156	665	// for files matching the pattern ^$[0-9]*$. For each file found, the
never@3156	666	// process id is extracted from the file name and a test is run to
never@3156	667	// determine if the process is alive. If the process is not alive,
never@3156	668	// any stale file resources are removed.
never@3156	669	//
never@3156	670	static void cleanup_sharedmem_resources(const char* dirname) {
never@3156	671
gthornbr@7493	672	int saved_cwd_fd;
gthornbr@7493	673	// open the directory and set the current working directory to it
gthornbr@7493	674	DIR* dirp = open_directory_secure_cwd(dirname, &saved_cwd_fd);
never@3156	675	if (dirp == NULL) {
gthornbr@7493	676	// directory doesn't exist or is insecure, so there is nothing to cleanup
never@3156	677	return;
never@3156	678	}
never@3156	679
never@3156	680	// for each entry in the directory that matches the expected file
never@3156	681	// name pattern, determine if the file resources are stale and if
never@3156	682	// so, remove the file resources. Note, instrumented HotSpot processes
never@3156	683	// for this user may start and/or terminate during this search and
never@3156	684	// remove or create new files in this directory. The behavior of this
never@3156	685	// loop under these conditions is dependent upon the implementation of
never@3156	686	// opendir/readdir.
never@3156	687	//
never@3156	688	struct dirent* entry;
zgu@3900	689	char* dbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(dirname), mtInternal);
gthornbr@7493	690
never@3156	691	errno = 0;
never@3156	692	while ((entry = os::readdir(dirp, (struct dirent *)dbuf)) != NULL) {
never@3156	693
never@3156	694	pid_t pid = filename_to_pid(entry->d_name);
never@3156	695
never@3156	696	if (pid == 0) {
never@3156	697
never@3156	698	if (strcmp(entry->d_name, ".") != 0 && strcmp(entry->d_name, "..") != 0) {
never@3156	699
never@3156	700	// attempt to remove all unexpected files, except "." and ".."
gthornbr@7493	701	unlink(entry->d_name);
never@3156	702	}
never@3156	703
never@3156	704	errno = 0;
never@3156	705	continue;
never@3156	706	}
never@3156	707
never@3156	708	// we now have a file name that converts to a valid integer
never@3156	709	// that could represent a process id . if this process id
never@3156	710	// matches the current process id or the process is not running,
never@3156	711	// then remove the stale file resources.
never@3156	712	//
never@3156	713	// process liveness is detected by sending signal number 0 to
never@3156	714	// the process id (see kill(2)). if kill determines that the
never@3156	715	// process does not exist, then the file resources are removed.
never@3156	716	// if kill determines that that we don't have permission to
never@3156	717	// signal the process, then the file resources are assumed to
never@3156	718	// be stale and are removed because the resources for such a
never@3156	719	// process should be in a different user specific directory.
never@3156	720	//
never@3156	721	if ((pid == os::current_process_id()) ||
never@3156	722	(kill(pid, 0) == OS_ERR && (errno == ESRCH || errno == EPERM))) {
never@3156	723
gthornbr@7493	724	unlink(entry->d_name);
never@3156	725	}
never@3156	726	errno = 0;
never@3156	727	}
gthornbr@7493	728
gthornbr@7493	729	// close the directory and reset the current working directory
gthornbr@7493	730	close_directory_secure_cwd(dirp, saved_cwd_fd);
gthornbr@7493	731
zgu@3900	732	FREE_C_HEAP_ARRAY(char, dbuf, mtInternal);
never@3156	733	}
never@3156	734
never@3156	735	// make the user specific temporary directory. Returns true if
never@3156	736	// the directory exists and is secure upon return. Returns false
never@3156	737	// if the directory exists but is either a symlink, is otherwise
never@3156	738	// insecure, or if an error occurred.
never@3156	739	//
never@3156	740	static bool make_user_tmp_dir(const char* dirname) {
never@3156	741
never@3156	742	// create the directory with 0755 permissions. note that the directory
never@3156	743	// will be owned by euid::egid, which may not be the same as uid::gid.
never@3156	744	//
never@3156	745	if (mkdir(dirname, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH) == OS_ERR) {
never@3156	746	if (errno == EEXIST) {
never@3156	747	// The directory already exists and was probably created by another
never@3156	748	// JVM instance. However, this could also be the result of a
never@3156	749	// deliberate symlink. Verify that the existing directory is safe.
never@3156	750	//
never@3156	751	if (!is_directory_secure(dirname)) {
never@3156	752	// directory is not secure
never@3156	753	if (PrintMiscellaneous && Verbose) {
never@3156	754	warning("%s directory is insecure\n", dirname);
never@3156	755	}
never@3156	756	return false;
never@3156	757	}
never@3156	758	}
never@3156	759	else {
never@3156	760	// we encountered some other failure while attempting
never@3156	761	// to create the directory
never@3156	762	//
never@3156	763	if (PrintMiscellaneous && Verbose) {
never@3156	764	warning("could not create directory %s: %s\n",
never@3156	765	dirname, strerror(errno));
never@3156	766	}
never@3156	767	return false;
never@3156	768	}
never@3156	769	}
never@3156	770	return true;
never@3156	771	}
never@3156	772
never@3156	773	// create the shared memory file resources
never@3156	774	//
never@3156	775	// This method creates the shared memory file with the given size
never@3156	776	// This method also creates the user specific temporary directory, if
never@3156	777	// it does not yet exist.
never@3156	778	//
never@3156	779	static int create_sharedmem_resources(const char* dirname, const char* filename, size_t size) {
never@3156	780
never@3156	781	// make the user temporary directory
never@3156	782	if (!make_user_tmp_dir(dirname)) {
never@3156	783	// could not make/find the directory or the found directory
never@3156	784	// was not secure
never@3156	785	return -1;
never@3156	786	}
never@3156	787
gthornbr@7493	788	int saved_cwd_fd;
gthornbr@7493	789	// open the directory and set the current working directory to it
gthornbr@7493	790	DIR* dirp = open_directory_secure_cwd(dirname, &saved_cwd_fd);
gthornbr@7493	791	if (dirp == NULL) {
gthornbr@7493	792	// Directory doesn't exist or is insecure, so cannot create shared
gthornbr@7493	793	// memory file.
gthornbr@7493	794	return -1;
gthornbr@7493	795	}
gthornbr@7493	796
gthornbr@7493	797	// Open the filename in the current directory.
gthornbr@7493	798	// Cannot use O_TRUNC here; truncation of an existing file has to happen
gthornbr@7493	799	// after the is_file_secure() check below.
never@3156	800	int result;
gthornbr@7493	801	RESTARTABLE(::open(filename, O_RDWR|O_CREAT|O_NOFOLLOW, S_IREAD|S_IWRITE), result);
never@3156	802	if (result == OS_ERR) {
never@3156	803	if (PrintMiscellaneous && Verbose) {
gthornbr@7493	804	if (errno == ELOOP) {
gthornbr@7493	805	warning("file %s is a symlink and is not secure\n", filename);
gthornbr@7493	806	} else {
gthornbr@7493	807	warning("could not create file %s: %s\n", filename, strerror(errno));
gthornbr@7493	808	}
never@3156	809	}
gthornbr@7493	810	// close the directory and reset the current working directory
gthornbr@7493	811	close_directory_secure_cwd(dirp, saved_cwd_fd);
gthornbr@7493	812
never@3156	813	return -1;
never@3156	814	}
gthornbr@7493	815	// close the directory and reset the current working directory
gthornbr@7493	816	close_directory_secure_cwd(dirp, saved_cwd_fd);
never@3156	817
never@3156	818	// save the file descriptor
never@3156	819	int fd = result;
never@3156	820
gthornbr@7493	821	// check to see if the file is secure
gthornbr@7493	822	if (!is_file_secure(fd, filename)) {
gthornbr@7493	823	::close(fd);
gthornbr@7493	824	return -1;
gthornbr@7493	825	}
gthornbr@7493	826
gthornbr@7493	827	// truncate the file to get rid of any existing data
gthornbr@7493	828	RESTARTABLE(::ftruncate(fd, (off_t)0), result);
gthornbr@7493	829	if (result == OS_ERR) {
gthornbr@7493	830	if (PrintMiscellaneous && Verbose) {
gthornbr@7493	831	warning("could not truncate shared memory file: %s\n", strerror(errno));
gthornbr@7493	832	}
gthornbr@7493	833	::close(fd);
gthornbr@7493	834	return -1;
gthornbr@7493	835	}
never@3156	836	// set the file size
never@3156	837	RESTARTABLE(::ftruncate(fd, (off_t)size), result);
never@3156	838	if (result == OS_ERR) {
never@3156	839	if (PrintMiscellaneous && Verbose) {
never@3156	840	warning("could not set shared memory file size: %s\n", strerror(errno));
never@3156	841	}
rdurbin@5264	842	::close(fd);
never@3156	843	return -1;
never@3156	844	}
never@3156	845
never@3156	846	// Verify that we have enough disk space for this file.
never@3156	847	// We'll get random SIGBUS crashes on memory accesses if
never@3156	848	// we don't.
never@3156	849
never@3156	850	for (size_t seekpos = 0; seekpos < size; seekpos += os::vm_page_size()) {
never@3156	851	int zero_int = 0;
never@3156	852	result = (int)os::seek_to_file_offset(fd, (jlong)(seekpos));
never@3156	853	if (result == -1 ) break;
never@3156	854	RESTARTABLE(::write(fd, &zero_int, 1), result);
never@3156	855	if (result != 1) {
never@3156	856	if (errno == ENOSPC) {
never@3156	857	warning("Insufficient space for shared memory file:\n %s\nTry using the -Djava.io.tmpdir= option to select an alternate temp location.\n", filename);
never@3156	858	}
never@3156	859	break;
never@3156	860	}
never@3156	861	}
never@3156	862
never@3156	863	if (result != -1) {
never@3156	864	return fd;
never@3156	865	} else {
rdurbin@5264	866	::close(fd);
never@3156	867	return -1;
never@3156	868	}
never@3156	869	}
never@3156	870
never@3156	871	// open the shared memory file for the given user and vmid. returns
never@3156	872	// the file descriptor for the open file or -1 if the file could not
never@3156	873	// be opened.
never@3156	874	//
never@3156	875	static int open_sharedmem_file(const char* filename, int oflags, TRAPS) {
never@3156	876
never@3156	877	// open the file
never@3156	878	int result;
never@3156	879	RESTARTABLE(::open(filename, oflags), result);
never@3156	880	if (result == OS_ERR) {
never@3156	881	if (errno == ENOENT) {
ccheung@4893	882	THROW_MSG_(vmSymbols::java_lang_IllegalArgumentException(),
ccheung@4893	883	"Process not found", OS_ERR);
never@3156	884	}
never@3156	885	else if (errno == EACCES) {
ccheung@4893	886	THROW_MSG_(vmSymbols::java_lang_IllegalArgumentException(),
ccheung@4893	887	"Permission denied", OS_ERR);
never@3156	888	}
never@3156	889	else {
ccheung@4893	890	THROW_MSG_(vmSymbols::java_io_IOException(), strerror(errno), OS_ERR);
never@3156	891	}
never@3156	892	}
gthornbr@7493	893	int fd = result;
never@3156	894
gthornbr@7493	895	// check to see if the file is secure
gthornbr@7493	896	if (!is_file_secure(fd, filename)) {
gthornbr@7493	897	::close(fd);
gthornbr@7493	898	return -1;
gthornbr@7493	899	}
gthornbr@7493	900
gthornbr@7493	901	return fd;
never@3156	902	}
never@3156	903
never@3156	904	// create a named shared memory region. returns the address of the
never@3156	905	// memory region on success or NULL on failure. A return value of
never@3156	906	// NULL will ultimately disable the shared memory feature.
never@3156	907	//
never@3156	908	// On Solaris and Bsd, the name space for shared memory objects
never@3156	909	// is the file system name space.
never@3156	910	//
never@3156	911	// A monitoring application attaching to a JVM does not need to know
never@3156	912	// the file system name of the shared memory object. However, it may
never@3156	913	// be convenient for applications to discover the existence of newly
never@3156	914	// created and terminating JVMs by watching the file system name space
never@3156	915	// for files being created or removed.
never@3156	916	//
never@3156	917	static char* mmap_create_shared(size_t size) {
never@3156	918
never@3156	919	int result;
never@3156	920	int fd;
never@3156	921	char* mapAddress;
never@3156	922
never@3156	923	int vmid = os::current_process_id();
never@3156	924
never@3156	925	char* user_name = get_user_name(geteuid());
never@3156	926
never@3156	927	if (user_name == NULL)
never@3156	928	return NULL;
never@3156	929
never@3156	930	char* dirname = get_user_tmp_dir(user_name);
never@3156	931	char* filename = get_sharedmem_filename(dirname, vmid);
never@3156	932
gthornbr@7493	933	// get the short filename
gthornbr@7493	934	char* short_filename = strrchr(filename, '/');
gthornbr@7493	935	if (short_filename == NULL) {
gthornbr@7493	936	short_filename = filename;
gthornbr@7493	937	} else {
gthornbr@7493	938	short_filename++;
gthornbr@7493	939	}
gthornbr@7493	940
never@3156	941	// cleanup any stale shared memory files
never@3156	942	cleanup_sharedmem_resources(dirname);
never@3156	943
never@3156	944	assert(((size > 0) && (size % os::vm_page_size() == 0)),
never@3156	945	"unexpected PerfMemory region size");
never@3156	946
gthornbr@7493	947	fd = create_sharedmem_resources(dirname, short_filename, size);
never@3156	948
zgu@3900	949	FREE_C_HEAP_ARRAY(char, user_name, mtInternal);
zgu@3900	950	FREE_C_HEAP_ARRAY(char, dirname, mtInternal);
never@3156	951
never@3156	952	if (fd == -1) {
zgu@3900	953	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	954	return NULL;
never@3156	955	}
never@3156	956
never@3156	957	mapAddress = (char*)::mmap((char*)0, size, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
never@3156	958
rdurbin@5264	959	result = ::close(fd);
never@3156	960	assert(result != OS_ERR, "could not close file");
never@3156	961
never@3156	962	if (mapAddress == MAP_FAILED) {
never@3156	963	if (PrintMiscellaneous && Verbose) {
never@3156	964	warning("mmap failed - %s\n", strerror(errno));
never@3156	965	}
never@3156	966	remove_file(filename);
zgu@3900	967	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	968	return NULL;
never@3156	969	}
never@3156	970
never@3156	971	// save the file name for use in delete_shared_memory()
never@3156	972	backing_store_file_name = filename;
never@3156	973
never@3156	974	// clear the shared memory region
never@3156	975	(void)::memset((void*) mapAddress, 0, size);
never@3156	976
zgu@4193	977	// it does not go through os api, the operation has to record from here
zgu@7074	978	MemTracker::record_virtual_memory_reserve_and_commit((address)mapAddress, size, CURRENT_PC, mtInternal);
zgu@4193	979
never@3156	980	return mapAddress;
never@3156	981	}
never@3156	982
never@3156	983	// release a named shared memory region
never@3156	984	//
never@3156	985	static void unmap_shared(char* addr, size_t bytes) {
never@3156	986	os::release_memory(addr, bytes);
never@3156	987	}
never@3156	988
never@3156	989	// create the PerfData memory region in shared memory.
never@3156	990	//
never@3156	991	static char* create_shared_memory(size_t size) {
never@3156	992
never@3156	993	// create the shared memory region.
never@3156	994	return mmap_create_shared(size);
never@3156	995	}
never@3156	996
never@3156	997	// delete the shared PerfData memory region
never@3156	998	//
never@3156	999	static void delete_shared_memory(char* addr, size_t size) {
never@3156	1000
never@3156	1001	// cleanup the persistent shared memory resources. since DestroyJavaVM does
never@3156	1002	// not support unloading of the JVM, unmapping of the memory resource is
never@3156	1003	// not performed. The memory will be reclaimed by the OS upon termination of
never@3156	1004	// the process. The backing store file is deleted from the file system.
never@3156	1005
never@3156	1006	assert(!PerfDisableSharedMem, "shouldn't be here");
never@3156	1007
never@3156	1008	if (backing_store_file_name != NULL) {
never@3156	1009	remove_file(backing_store_file_name);
never@3156	1010	// Don't.. Free heap memory could deadlock os::abort() if it is called
never@3156	1011	// from signal handler. OS will reclaim the heap memory.
never@3156	1012	// FREE_C_HEAP_ARRAY(char, backing_store_file_name);
never@3156	1013	backing_store_file_name = NULL;
never@3156	1014	}
never@3156	1015	}
never@3156	1016
never@3156	1017	// return the size of the file for the given file descriptor
never@3156	1018	// or 0 if it is not a valid size for a shared memory file
never@3156	1019	//
never@3156	1020	static size_t sharedmem_filesize(int fd, TRAPS) {
never@3156	1021
never@3156	1022	struct stat statbuf;
never@3156	1023	int result;
never@3156	1024
never@3156	1025	RESTARTABLE(::fstat(fd, &statbuf), result);
never@3156	1026	if (result == OS_ERR) {
never@3156	1027	if (PrintMiscellaneous && Verbose) {
never@3156	1028	warning("fstat failed: %s\n", strerror(errno));
never@3156	1029	}
never@3156	1030	THROW_MSG_0(vmSymbols::java_io_IOException(),
never@3156	1031	"Could not determine PerfMemory size");
never@3156	1032	}
never@3156	1033
never@3156	1034	if ((statbuf.st_size == 0) ||
never@3156	1035	((size_t)statbuf.st_size % os::vm_page_size() != 0)) {
never@3156	1036	THROW_MSG_0(vmSymbols::java_lang_Exception(),
never@3156	1037	"Invalid PerfMemory size");
never@3156	1038	}
never@3156	1039
never@3156	1040	return (size_t)statbuf.st_size;
never@3156	1041	}
never@3156	1042
never@3156	1043	// attach to a named shared memory region.
never@3156	1044	//
never@3156	1045	static void mmap_attach_shared(const char* user, int vmid, PerfMemory::PerfMemoryMode mode, char** addr, size_t* sizep, TRAPS) {
never@3156	1046
never@3156	1047	char* mapAddress;
never@3156	1048	int result;
never@3156	1049	int fd;
ccheung@4893	1050	size_t size = 0;
never@3156	1051	const char* luser = NULL;
never@3156	1052
never@3156	1053	int mmap_prot;
never@3156	1054	int file_flags;
never@3156	1055
never@3156	1056	ResourceMark rm;
never@3156	1057
never@3156	1058	// map the high level access mode to the appropriate permission
never@3156	1059	// constructs for the file and the shared memory mapping.
never@3156	1060	if (mode == PerfMemory::PERF_MODE_RO) {
never@3156	1061	mmap_prot = PROT_READ;
gthornbr@7493	1062	file_flags = O_RDONLY | O_NOFOLLOW;
never@3156	1063	}
never@3156	1064	else if (mode == PerfMemory::PERF_MODE_RW) {
never@3156	1065	#ifdef LATER
never@3156	1066	mmap_prot = PROT_READ | PROT_WRITE;
gthornbr@7493	1067	file_flags = O_RDWR | O_NOFOLLOW;
never@3156	1068	#else
never@3156	1069	THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(),
never@3156	1070	"Unsupported access mode");
never@3156	1071	#endif
never@3156	1072	}
never@3156	1073	else {
never@3156	1074	THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(),
never@3156	1075	"Illegal access mode");
never@3156	1076	}
never@3156	1077
never@3156	1078	if (user == NULL || strlen(user) == 0) {
never@3156	1079	luser = get_user_name(vmid, CHECK);
never@3156	1080	}
never@3156	1081	else {
never@3156	1082	luser = user;
never@3156	1083	}
never@3156	1084
never@3156	1085	if (luser == NULL) {
never@3156	1086	THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(),
never@3156	1087	"Could not map vmid to user Name");
never@3156	1088	}
never@3156	1089
never@3156	1090	char* dirname = get_user_tmp_dir(luser);
never@3156	1091
never@3156	1092	// since we don't follow symbolic links when creating the backing
never@3156	1093	// store file, we don't follow them when attaching either.
never@3156	1094	//
never@3156	1095	if (!is_directory_secure(dirname)) {
zgu@3900	1096	FREE_C_HEAP_ARRAY(char, dirname, mtInternal);
never@3156	1097	THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(),
never@3156	1098	"Process not found");
never@3156	1099	}
never@3156	1100
never@3156	1101	char* filename = get_sharedmem_filename(dirname, vmid);
never@3156	1102
never@3156	1103	// copy heap memory to resource memory. the open_sharedmem_file
never@3156	1104	// method below need to use the filename, but could throw an
never@3156	1105	// exception. using a resource array prevents the leak that
never@3156	1106	// would otherwise occur.
never@3156	1107	char* rfilename = NEW_RESOURCE_ARRAY(char, strlen(filename) + 1);
never@3156	1108	strcpy(rfilename, filename);
never@3156	1109
never@3156	1110	// free the c heap resources that are no longer needed
zgu@3900	1111	if (luser != user) FREE_C_HEAP_ARRAY(char, luser, mtInternal);
zgu@3900	1112	FREE_C_HEAP_ARRAY(char, dirname, mtInternal);
zgu@3900	1113	FREE_C_HEAP_ARRAY(char, filename, mtInternal);
never@3156	1114
never@3156	1115	// open the shared memory file for the give vmid
never@3156	1116	fd = open_sharedmem_file(rfilename, file_flags, CHECK);
never@3156	1117	assert(fd != OS_ERR, "unexpected value");
never@3156	1118
never@3156	1119	if (*sizep == 0) {
never@3156	1120	size = sharedmem_filesize(fd, CHECK);
ccheung@4893	1121	} else {
ccheung@4893	1122	size = *sizep;
never@3156	1123	}
never@3156	1124
ccheung@4893	1125	assert(size > 0, "unexpected size <= 0");
ccheung@4893	1126
never@3156	1127	mapAddress = (char*)::mmap((char*)0, size, mmap_prot, MAP_SHARED, fd, 0);
never@3156	1128
never@3156	1129	// attempt to close the file - restart if it gets interrupted,
never@3156	1130	// but ignore other failures
rdurbin@5264	1131	result = ::close(fd);
never@3156	1132	assert(result != OS_ERR, "could not close file");
never@3156	1133
never@3156	1134	if (mapAddress == MAP_FAILED) {
never@3156	1135	if (PrintMiscellaneous && Verbose) {
never@3156	1136	warning("mmap failed: %s\n", strerror(errno));
never@3156	1137	}
never@3156	1138	THROW_MSG(vmSymbols::java_lang_OutOfMemoryError(),
never@3156	1139	"Could not map PerfMemory");
never@3156	1140	}
never@3156	1141
zgu@4193	1142	// it does not go through os api, the operation has to record from here
zgu@7074	1143	MemTracker::record_virtual_memory_reserve_and_commit((address)mapAddress, size, CURRENT_PC, mtInternal);
zgu@4193	1144
never@3156	1145	*addr = mapAddress;
never@3156	1146	*sizep = size;
never@3156	1147
never@3156	1148	if (PerfTraceMemOps) {
never@3156	1149	tty->print("mapped " SIZE_FORMAT " bytes for vmid %d at "
drchase@6680	1150	INTPTR_FORMAT "\n", size, vmid, p2i((void*)mapAddress));
never@3156	1151	}
never@3156	1152	}
never@3156	1153
never@3156	1154
never@3156	1155
never@3156	1156
never@3156	1157	// create the PerfData memory region
never@3156	1158	//
never@3156	1159	// This method creates the memory region used to store performance
never@3156	1160	// data for the JVM. The memory may be created in standard or
never@3156	1161	// shared memory.
never@3156	1162	//
never@3156	1163	void PerfMemory::create_memory_region(size_t size) {
never@3156	1164
never@3156	1165	if (PerfDisableSharedMem) {
never@3156	1166	// do not share the memory for the performance data.
never@3156	1167	_start = create_standard_memory(size);
never@3156	1168	}
never@3156	1169	else {
never@3156	1170	_start = create_shared_memory(size);
never@3156	1171	if (_start == NULL) {
never@3156	1172
never@3156	1173	// creation of the shared memory region failed, attempt
never@3156	1174	// to create a contiguous, non-shared memory region instead.
never@3156	1175	//
never@3156	1176	if (PrintMiscellaneous && Verbose) {
never@3156	1177	warning("Reverting to non-shared PerfMemory region.\n");
never@3156	1178	}
never@3156	1179	PerfDisableSharedMem = true;
never@3156	1180	_start = create_standard_memory(size);
never@3156	1181	}
never@3156	1182	}
never@3156	1183
never@3156	1184	if (_start != NULL) _capacity = size;
never@3156	1185
never@3156	1186	}
never@3156	1187
never@3156	1188	// delete the PerfData memory region
never@3156	1189	//
never@3156	1190	// This method deletes the memory region used to store performance
never@3156	1191	// data for the JVM. The memory region indicated by the <address, size>
never@3156	1192	// tuple will be inaccessible after a call to this method.
never@3156	1193	//
never@3156	1194	void PerfMemory::delete_memory_region() {
never@3156	1195
never@3156	1196	assert((start() != NULL && capacity() > 0), "verify proper state");
never@3156	1197
never@3156	1198	// If user specifies PerfDataSaveFile, it will save the performance data
never@3156	1199	// to the specified file name no matter whether PerfDataSaveToFile is specified
never@3156	1200	// or not. In other word, -XX:PerfDataSaveFile=.. overrides flag
never@3156	1201	// -XX:+PerfDataSaveToFile.
never@3156	1202	if (PerfDataSaveToFile || PerfDataSaveFile != NULL) {
never@3156	1203	save_memory_to_file(start(), capacity());
never@3156	1204	}
never@3156	1205
never@3156	1206	if (PerfDisableSharedMem) {
never@3156	1207	delete_standard_memory(start(), capacity());
never@3156	1208	}
never@3156	1209	else {
never@3156	1210	delete_shared_memory(start(), capacity());
never@3156	1211	}
never@3156	1212	}
never@3156	1213
never@3156	1214	// attach to the PerfData memory region for another JVM
never@3156	1215	//
never@3156	1216	// This method returns an <address, size> tuple that points to
never@3156	1217	// a memory buffer that is kept reasonably synchronized with
never@3156	1218	// the PerfData memory region for the indicated JVM. This
never@3156	1219	// buffer may be kept in synchronization via shared memory
never@3156	1220	// or some other mechanism that keeps the buffer updated.
never@3156	1221	//
never@3156	1222	// If the JVM chooses not to support the attachability feature,
never@3156	1223	// this method should throw an UnsupportedOperation exception.
never@3156	1224	//
never@3156	1225	// This implementation utilizes named shared memory to map
never@3156	1226	// the indicated process's PerfData memory region into this JVMs
never@3156	1227	// address space.
never@3156	1228	//
never@3156	1229	void PerfMemory::attach(const char* user, int vmid, PerfMemoryMode mode, char** addrp, size_t* sizep, TRAPS) {
never@3156	1230
never@3156	1231	if (vmid == 0 || vmid == os::current_process_id()) {
never@3156	1232	*addrp = start();
never@3156	1233	*sizep = capacity();
never@3156	1234	return;
never@3156	1235	}
never@3156	1236
never@3156	1237	mmap_attach_shared(user, vmid, mode, addrp, sizep, CHECK);
never@3156	1238	}
never@3156	1239
never@3156	1240	// detach from the PerfData memory region of another JVM
never@3156	1241	//
never@3156	1242	// This method detaches the PerfData memory region of another
never@3156	1243	// JVM, specified as an <address, size> tuple of a buffer
never@3156	1244	// in this process's address space. This method may perform
never@3156	1245	// arbitrary actions to accomplish the detachment. The memory
never@3156	1246	// region specified by <address, size> will be inaccessible after
never@3156	1247	// a call to this method.
never@3156	1248	//
never@3156	1249	// If the JVM chooses not to support the attachability feature,
never@3156	1250	// this method should throw an UnsupportedOperation exception.
never@3156	1251	//
never@3156	1252	// This implementation utilizes named shared memory to detach
never@3156	1253	// the indicated process's PerfData memory region from this
never@3156	1254	// process's address space.
never@3156	1255	//
never@3156	1256	void PerfMemory::detach(char* addr, size_t bytes, TRAPS) {
never@3156	1257
never@3156	1258	assert(addr != 0, "address sanity check");
never@3156	1259	assert(bytes > 0, "capacity sanity check");
never@3156	1260
never@3156	1261	if (PerfMemory::contains(addr) || PerfMemory::contains(addr + bytes - 1)) {
never@3156	1262	// prevent accidental detachment of this process's PerfMemory region
never@3156	1263	return;
never@3156	1264	}
never@3156	1265
never@3156	1266	unmap_shared(addr, bytes);
never@3156	1267	}
never@3156	1268
never@3156	1269	char* PerfMemory::backing_store_filename() {
never@3156	1270	return backing_store_file_name;
never@3156	1271	}