1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/src/os/aix/vm/attachListener_aix.cpp Wed Apr 27 01:25:04 2016 +0800 1.3 @@ -0,0 +1,574 @@ 1.4 +/* 1.5 + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. 1.6 + * Copyright 2012, 2013 SAP AG. All rights reserved. 1.7 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 1.8 + * 1.9 + * This code is free software; you can redistribute it and/or modify it 1.10 + * under the terms of the GNU General Public License version 2 only, as 1.11 + * published by the Free Software Foundation. 1.12 + * 1.13 + * This code is distributed in the hope that it will be useful, but WITHOUT 1.14 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1.15 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1.16 + * version 2 for more details (a copy is included in the LICENSE file that 1.17 + * accompanied this code). 1.18 + * 1.19 + * You should have received a copy of the GNU General Public License version 1.20 + * 2 along with this work; if not, write to the Free Software Foundation, 1.21 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 1.22 + * 1.23 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 1.24 + * or visit www.oracle.com if you need additional information or have any 1.25 + * questions. 1.26 + * 1.27 + */ 1.28 + 1.29 +#include "precompiled.hpp" 1.30 +#include "runtime/interfaceSupport.hpp" 1.31 +#include "runtime/os.hpp" 1.32 +#include "services/attachListener.hpp" 1.33 +#include "services/dtraceAttacher.hpp" 1.34 + 1.35 +#include <unistd.h> 1.36 +#include <signal.h> 1.37 +#include <sys/types.h> 1.38 +#include <sys/socket.h> 1.39 +#include <sys/un.h> 1.40 +#include <sys/stat.h> 1.41 + 1.42 +#ifndef UNIX_PATH_MAX 1.43 +#define UNIX_PATH_MAX sizeof(((struct sockaddr_un *)0)->sun_path) 1.44 +#endif 1.45 + 1.46 +// The attach mechanism on Linux uses a UNIX domain socket. An attach listener 1.47 +// thread is created at startup or is created on-demand via a signal from 1.48 +// the client tool. The attach listener creates a socket and binds it to a file 1.49 +// in the filesystem. The attach listener then acts as a simple (single- 1.50 +// threaded) server - it waits for a client to connect, reads the request, 1.51 +// executes it, and returns the response to the client via the socket 1.52 +// connection. 1.53 +// 1.54 +// As the socket is a UNIX domain socket it means that only clients on the 1.55 +// local machine can connect. In addition there are two other aspects to 1.56 +// the security: 1.57 +// 1. The well known file that the socket is bound to has permission 400 1.58 +// 2. When a client connect, the SO_PEERID socket option is used to 1.59 +// obtain the credentials of client. We check that the effective uid 1.60 +// of the client matches this process. 1.61 + 1.62 +// forward reference 1.63 +class AixAttachOperation; 1.64 + 1.65 +class AixAttachListener: AllStatic { 1.66 + private: 1.67 + // the path to which we bind the UNIX domain socket 1.68 + static char _path[UNIX_PATH_MAX]; 1.69 + static bool _has_path; 1.70 + // Shutdown marker to prevent accept blocking during clean-up. 1.71 + static bool _shutdown; 1.72 + 1.73 + // the file descriptor for the listening socket 1.74 + static int _listener; 1.75 + 1.76 + static void set_path(char* path) { 1.77 + if (path == NULL) { 1.78 + _has_path = false; 1.79 + } else { 1.80 + strncpy(_path, path, UNIX_PATH_MAX); 1.81 + _path[UNIX_PATH_MAX-1] = '\0'; 1.82 + _has_path = true; 1.83 + } 1.84 + } 1.85 + 1.86 + static void set_listener(int s) { _listener = s; } 1.87 + 1.88 + // reads a request from the given connected socket 1.89 + static AixAttachOperation* read_request(int s); 1.90 + 1.91 + public: 1.92 + enum { 1.93 + ATTACH_PROTOCOL_VER = 1 // protocol version 1.94 + }; 1.95 + enum { 1.96 + ATTACH_ERROR_BADVERSION = 101 // error codes 1.97 + }; 1.98 + 1.99 + // initialize the listener, returns 0 if okay 1.100 + static int init(); 1.101 + 1.102 + static char* path() { return _path; } 1.103 + static bool has_path() { return _has_path; } 1.104 + static int listener() { return _listener; } 1.105 + // Shutdown marker to prevent accept blocking during clean-up 1.106 + static void set_shutdown(bool shutdown) { _shutdown = shutdown; } 1.107 + static bool is_shutdown() { return _shutdown; } 1.108 + 1.109 + // write the given buffer to a socket 1.110 + static int write_fully(int s, char* buf, int len); 1.111 + 1.112 + static AixAttachOperation* dequeue(); 1.113 +}; 1.114 + 1.115 +class AixAttachOperation: public AttachOperation { 1.116 + private: 1.117 + // the connection to the client 1.118 + int _socket; 1.119 + 1.120 + public: 1.121 + void complete(jint res, bufferedStream* st); 1.122 + 1.123 + void set_socket(int s) { _socket = s; } 1.124 + int socket() const { return _socket; } 1.125 + 1.126 + AixAttachOperation(char* name) : AttachOperation(name) { 1.127 + set_socket(-1); 1.128 + } 1.129 +}; 1.130 + 1.131 +// statics 1.132 +char AixAttachListener::_path[UNIX_PATH_MAX]; 1.133 +bool AixAttachListener::_has_path; 1.134 +int AixAttachListener::_listener = -1; 1.135 +// Shutdown marker to prevent accept blocking during clean-up 1.136 +bool AixAttachListener::_shutdown = false; 1.137 + 1.138 +// Supporting class to help split a buffer into individual components 1.139 +class ArgumentIterator : public StackObj { 1.140 + private: 1.141 + char* _pos; 1.142 + char* _end; 1.143 + public: 1.144 + ArgumentIterator(char* arg_buffer, size_t arg_size) { 1.145 + _pos = arg_buffer; 1.146 + _end = _pos + arg_size - 1; 1.147 + } 1.148 + char* next() { 1.149 + if (*_pos == '\0') { 1.150 + return NULL; 1.151 + } 1.152 + char* res = _pos; 1.153 + char* next_pos = strchr(_pos, '\0'); 1.154 + if (next_pos < _end) { 1.155 + next_pos++; 1.156 + } 1.157 + _pos = next_pos; 1.158 + return res; 1.159 + } 1.160 +}; 1.161 + 1.162 +// On AIX if sockets block until all data has been transmitted 1.163 +// successfully in some communication domains a socket "close" may 1.164 +// never complete. We have to take care that after the socket shutdown 1.165 +// the listener never enters accept state. 1.166 + 1.167 +// atexit hook to stop listener and unlink the file that it is 1.168 +// bound too. 1.169 + 1.170 +// Some modifications to the listener logic to prevent deadlocks on exit. 1.171 +// 1. We Shutdown the socket here instead. AixAttachOperation::complete() is not the right place 1.172 +// since more than one agent in a sequence in JPLIS live tests wouldn't work (Listener thread 1.173 +// would be dead after the first operation completion). 1.174 +// 2. close(s) may never return if the listener thread is in socket accept(). Unlinking the file 1.175 +// should be sufficient for cleanup. 1.176 +extern "C" { 1.177 + static void listener_cleanup() { 1.178 + static int cleanup_done; 1.179 + if (!cleanup_done) { 1.180 + cleanup_done = 1; 1.181 + AixAttachListener::set_shutdown(true); 1.182 + int s = AixAttachListener::listener(); 1.183 + if (s != -1) { 1.184 + ::shutdown(s, 2); 1.185 + } 1.186 + if (AixAttachListener::has_path()) { 1.187 + ::unlink(AixAttachListener::path()); 1.188 + } 1.189 + } 1.190 + } 1.191 +} 1.192 + 1.193 +// Initialization - create a listener socket and bind it to a file 1.194 + 1.195 +int AixAttachListener::init() { 1.196 + char path[UNIX_PATH_MAX]; // socket file 1.197 + char initial_path[UNIX_PATH_MAX]; // socket file during setup 1.198 + int listener; // listener socket (file descriptor) 1.199 + 1.200 + // register function to cleanup 1.201 + ::atexit(listener_cleanup); 1.202 + 1.203 + int n = snprintf(path, UNIX_PATH_MAX, "%s/.java_pid%d", 1.204 + os::get_temp_directory(), os::current_process_id()); 1.205 + if (n < (int)UNIX_PATH_MAX) { 1.206 + n = snprintf(initial_path, UNIX_PATH_MAX, "%s.tmp", path); 1.207 + } 1.208 + if (n >= (int)UNIX_PATH_MAX) { 1.209 + return -1; 1.210 + } 1.211 + 1.212 + // create the listener socket 1.213 + listener = ::socket(PF_UNIX, SOCK_STREAM, 0); 1.214 + if (listener == -1) { 1.215 + return -1; 1.216 + } 1.217 + 1.218 + // bind socket 1.219 + struct sockaddr_un addr; 1.220 + addr.sun_family = AF_UNIX; 1.221 + strcpy(addr.sun_path, initial_path); 1.222 + ::unlink(initial_path); 1.223 + // We must call bind with the actual socketaddr length. This is obligatory for AS400. 1.224 + int res = ::bind(listener, (struct sockaddr*)&addr, SUN_LEN(&addr)); 1.225 + if (res == -1) { 1.226 + RESTARTABLE(::close(listener), res); 1.227 + return -1; 1.228 + } 1.229 + 1.230 + // put in listen mode, set permissions, and rename into place 1.231 + res = ::listen(listener, 5); 1.232 + if (res == 0) { 1.233 + RESTARTABLE(::chmod(initial_path, (S_IREAD|S_IWRITE) & ~(S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)), res); 1.234 + if (res == 0) { 1.235 + res = ::rename(initial_path, path); 1.236 + } 1.237 + } 1.238 + if (res == -1) { 1.239 + RESTARTABLE(::close(listener), res); 1.240 + ::unlink(initial_path); 1.241 + return -1; 1.242 + } 1.243 + set_path(path); 1.244 + set_listener(listener); 1.245 + set_shutdown(false); 1.246 + 1.247 + return 0; 1.248 +} 1.249 + 1.250 +// Given a socket that is connected to a peer we read the request and 1.251 +// create an AttachOperation. As the socket is blocking there is potential 1.252 +// for a denial-of-service if the peer does not response. However this happens 1.253 +// after the peer credentials have been checked and in the worst case it just 1.254 +// means that the attach listener thread is blocked. 1.255 +// 1.256 +AixAttachOperation* AixAttachListener::read_request(int s) { 1.257 + char ver_str[8]; 1.258 + sprintf(ver_str, "%d", ATTACH_PROTOCOL_VER); 1.259 + 1.260 + // The request is a sequence of strings so we first figure out the 1.261 + // expected count and the maximum possible length of the request. 1.262 + // The request is: 1.263 + // <ver>0<cmd>0<arg>0<arg>0<arg>0 1.264 + // where <ver> is the protocol version (1), <cmd> is the command 1.265 + // name ("load", "datadump", ...), and <arg> is an argument 1.266 + int expected_str_count = 2 + AttachOperation::arg_count_max; 1.267 + const int max_len = (sizeof(ver_str) + 1) + (AttachOperation::name_length_max + 1) + 1.268 + AttachOperation::arg_count_max*(AttachOperation::arg_length_max + 1); 1.269 + 1.270 + char buf[max_len]; 1.271 + int str_count = 0; 1.272 + 1.273 + // Read until all (expected) strings have been read, the buffer is 1.274 + // full, or EOF. 1.275 + 1.276 + int off = 0; 1.277 + int left = max_len; 1.278 + 1.279 + do { 1.280 + int n; 1.281 + // Don't block on interrupts because this will 1.282 + // hang in the clean-up when shutting down. 1.283 + n = read(s, buf+off, left); 1.284 + if (n == -1) { 1.285 + return NULL; // reset by peer or other error 1.286 + } 1.287 + if (n == 0) { // end of file reached 1.288 + break; 1.289 + } 1.290 + for (int i=0; i<n; i++) { 1.291 + if (buf[off+i] == 0) { 1.292 + // EOS found 1.293 + str_count++; 1.294 + 1.295 + // The first string is <ver> so check it now to 1.296 + // check for protocol mis-match 1.297 + if (str_count == 1) { 1.298 + if ((strlen(buf) != strlen(ver_str)) || 1.299 + (atoi(buf) != ATTACH_PROTOCOL_VER)) { 1.300 + char msg[32]; 1.301 + sprintf(msg, "%d\n", ATTACH_ERROR_BADVERSION); 1.302 + write_fully(s, msg, strlen(msg)); 1.303 + return NULL; 1.304 + } 1.305 + } 1.306 + } 1.307 + } 1.308 + off += n; 1.309 + left -= n; 1.310 + } while (left > 0 && str_count < expected_str_count); 1.311 + 1.312 + if (str_count != expected_str_count) { 1.313 + return NULL; // incomplete request 1.314 + } 1.315 + 1.316 + // parse request 1.317 + 1.318 + ArgumentIterator args(buf, (max_len)-left); 1.319 + 1.320 + // version already checked 1.321 + char* v = args.next(); 1.322 + 1.323 + char* name = args.next(); 1.324 + if (name == NULL || strlen(name) > AttachOperation::name_length_max) { 1.325 + return NULL; 1.326 + } 1.327 + 1.328 + AixAttachOperation* op = new AixAttachOperation(name); 1.329 + 1.330 + for (int i=0; i<AttachOperation::arg_count_max; i++) { 1.331 + char* arg = args.next(); 1.332 + if (arg == NULL) { 1.333 + op->set_arg(i, NULL); 1.334 + } else { 1.335 + if (strlen(arg) > AttachOperation::arg_length_max) { 1.336 + delete op; 1.337 + return NULL; 1.338 + } 1.339 + op->set_arg(i, arg); 1.340 + } 1.341 + } 1.342 + 1.343 + op->set_socket(s); 1.344 + return op; 1.345 +} 1.346 + 1.347 + 1.348 +// Dequeue an operation 1.349 +// 1.350 +// In the Linux implementation there is only a single operation and clients 1.351 +// cannot queue commands (except at the socket level). 1.352 +// 1.353 +AixAttachOperation* AixAttachListener::dequeue() { 1.354 + for (;;) { 1.355 + int s; 1.356 + 1.357 + // wait for client to connect 1.358 + struct sockaddr addr; 1.359 + socklen_t len = sizeof(addr); 1.360 + memset(&addr, 0, len); 1.361 + // We must prevent accept blocking on the socket if it has been shut down. 1.362 + // Therefore we allow interrups and check whether we have been shut down already. 1.363 + if (AixAttachListener::is_shutdown()) { 1.364 + return NULL; 1.365 + } 1.366 + s=::accept(listener(), &addr, &len); 1.367 + if (s == -1) { 1.368 + return NULL; // log a warning? 1.369 + } 1.370 + 1.371 + // Added timeouts for read and write. If we get no request within the 1.372 + // next AttachListenerTimeout milliseconds we just finish the connection. 1.373 + struct timeval tv; 1.374 + tv.tv_sec = 0; 1.375 + tv.tv_usec = AttachListenerTimeout * 1000; 1.376 + ::setsockopt(s, SOL_SOCKET, SO_RCVTIMEO, (char*)&tv, sizeof(tv)); 1.377 + ::setsockopt(s, SOL_SOCKET, SO_SNDTIMEO, (char*)&tv, sizeof(tv)); 1.378 + 1.379 + // get the credentials of the peer and check the effective uid/guid 1.380 + // - check with jeff on this. 1.381 + struct peercred_struct cred_info; 1.382 + socklen_t optlen = sizeof(cred_info); 1.383 + if (::getsockopt(s, SOL_SOCKET, SO_PEERID, (void*)&cred_info, &optlen) == -1) { 1.384 + int res; 1.385 + RESTARTABLE(::close(s), res); 1.386 + continue; 1.387 + } 1.388 + uid_t euid = geteuid(); 1.389 + gid_t egid = getegid(); 1.390 + 1.391 + if (cred_info.euid != euid || cred_info.egid != egid) { 1.392 + int res; 1.393 + RESTARTABLE(::close(s), res); 1.394 + continue; 1.395 + } 1.396 + 1.397 + // peer credential look okay so we read the request 1.398 + AixAttachOperation* op = read_request(s); 1.399 + if (op == NULL) { 1.400 + int res; 1.401 + RESTARTABLE(::close(s), res); 1.402 + continue; 1.403 + } else { 1.404 + return op; 1.405 + } 1.406 + } 1.407 +} 1.408 + 1.409 +// write the given buffer to the socket 1.410 +int AixAttachListener::write_fully(int s, char* buf, int len) { 1.411 + do { 1.412 + int n = ::write(s, buf, len); 1.413 + if (n == -1) { 1.414 + if (errno != EINTR) return -1; 1.415 + } else { 1.416 + buf += n; 1.417 + len -= n; 1.418 + } 1.419 + } 1.420 + while (len > 0); 1.421 + return 0; 1.422 +} 1.423 + 1.424 +// Complete an operation by sending the operation result and any result 1.425 +// output to the client. At this time the socket is in blocking mode so 1.426 +// potentially we can block if there is a lot of data and the client is 1.427 +// non-responsive. For most operations this is a non-issue because the 1.428 +// default send buffer is sufficient to buffer everything. In the future 1.429 +// if there are operations that involves a very big reply then it the 1.430 +// socket could be made non-blocking and a timeout could be used. 1.431 + 1.432 +void AixAttachOperation::complete(jint result, bufferedStream* st) { 1.433 + JavaThread* thread = JavaThread::current(); 1.434 + ThreadBlockInVM tbivm(thread); 1.435 + 1.436 + thread->set_suspend_equivalent(); 1.437 + // cleared by handle_special_suspend_equivalent_condition() or 1.438 + // java_suspend_self() via check_and_wait_while_suspended() 1.439 + 1.440 + // write operation result 1.441 + char msg[32]; 1.442 + sprintf(msg, "%d\n", result); 1.443 + int rc = AixAttachListener::write_fully(this->socket(), msg, strlen(msg)); 1.444 + 1.445 + // write any result data 1.446 + if (rc == 0) { 1.447 + // Shutdown the socket in the cleanup function to enable more than 1.448 + // one agent attach in a sequence (see comments to listener_cleanup()). 1.449 + AixAttachListener::write_fully(this->socket(), (char*) st->base(), st->size()); 1.450 + } 1.451 + 1.452 + // done 1.453 + RESTARTABLE(::close(this->socket()), rc); 1.454 + 1.455 + // were we externally suspended while we were waiting? 1.456 + thread->check_and_wait_while_suspended(); 1.457 + 1.458 + delete this; 1.459 +} 1.460 + 1.461 + 1.462 +// AttachListener functions 1.463 + 1.464 +AttachOperation* AttachListener::dequeue() { 1.465 + JavaThread* thread = JavaThread::current(); 1.466 + ThreadBlockInVM tbivm(thread); 1.467 + 1.468 + thread->set_suspend_equivalent(); 1.469 + // cleared by handle_special_suspend_equivalent_condition() or 1.470 + // java_suspend_self() via check_and_wait_while_suspended() 1.471 + 1.472 + AttachOperation* op = AixAttachListener::dequeue(); 1.473 + 1.474 + // were we externally suspended while we were waiting? 1.475 + thread->check_and_wait_while_suspended(); 1.476 + 1.477 + return op; 1.478 +} 1.479 + 1.480 +// Performs initialization at vm startup 1.481 +// For AIX we remove any stale .java_pid file which could cause 1.482 +// an attaching process to think we are ready to receive on the 1.483 +// domain socket before we are properly initialized 1.484 + 1.485 +void AttachListener::vm_start() { 1.486 + char fn[UNIX_PATH_MAX]; 1.487 + struct stat64 st; 1.488 + int ret; 1.489 + 1.490 + int n = snprintf(fn, UNIX_PATH_MAX, "%s/.java_pid%d", 1.491 + os::get_temp_directory(), os::current_process_id()); 1.492 + assert(n < (int)UNIX_PATH_MAX, "java_pid file name buffer overflow"); 1.493 + 1.494 + RESTARTABLE(::stat64(fn, &st), ret); 1.495 + if (ret == 0) { 1.496 + ret = ::unlink(fn); 1.497 + if (ret == -1) { 1.498 + debug_only(warning("failed to remove stale attach pid file at %s", fn)); 1.499 + } 1.500 + } 1.501 +} 1.502 + 1.503 +int AttachListener::pd_init() { 1.504 + JavaThread* thread = JavaThread::current(); 1.505 + ThreadBlockInVM tbivm(thread); 1.506 + 1.507 + thread->set_suspend_equivalent(); 1.508 + // cleared by handle_special_suspend_equivalent_condition() or 1.509 + // java_suspend_self() via check_and_wait_while_suspended() 1.510 + 1.511 + int ret_code = AixAttachListener::init(); 1.512 + 1.513 + // were we externally suspended while we were waiting? 1.514 + thread->check_and_wait_while_suspended(); 1.515 + 1.516 + return ret_code; 1.517 +} 1.518 + 1.519 +// Attach Listener is started lazily except in the case when 1.520 +// +ReduseSignalUsage is used 1.521 +bool AttachListener::init_at_startup() { 1.522 + if (ReduceSignalUsage) { 1.523 + return true; 1.524 + } else { 1.525 + return false; 1.526 + } 1.527 +} 1.528 + 1.529 +// If the file .attach_pid<pid> exists in the working directory 1.530 +// or /tmp then this is the trigger to start the attach mechanism 1.531 +bool AttachListener::is_init_trigger() { 1.532 + if (init_at_startup() || is_initialized()) { 1.533 + return false; // initialized at startup or already initialized 1.534 + } 1.535 + char fn[PATH_MAX+1]; 1.536 + sprintf(fn, ".attach_pid%d", os::current_process_id()); 1.537 + int ret; 1.538 + struct stat64 st; 1.539 + RESTARTABLE(::stat64(fn, &st), ret); 1.540 + if (ret == -1) { 1.541 + snprintf(fn, sizeof(fn), "%s/.attach_pid%d", 1.542 + os::get_temp_directory(), os::current_process_id()); 1.543 + RESTARTABLE(::stat64(fn, &st), ret); 1.544 + } 1.545 + if (ret == 0) { 1.546 + // simple check to avoid starting the attach mechanism when 1.547 + // a bogus user creates the file 1.548 + if (st.st_uid == geteuid()) { 1.549 + init(); 1.550 + return true; 1.551 + } 1.552 + } 1.553 + return false; 1.554 +} 1.555 + 1.556 +// if VM aborts then remove listener 1.557 +void AttachListener::abort() { 1.558 + listener_cleanup(); 1.559 +} 1.560 + 1.561 +void AttachListener::pd_data_dump() { 1.562 + os::signal_notify(SIGQUIT); 1.563 +} 1.564 + 1.565 +AttachOperationFunctionInfo* AttachListener::pd_find_operation(const char* n) { 1.566 + return NULL; 1.567 +} 1.568 + 1.569 +jint AttachListener::pd_set_flag(AttachOperation* op, outputStream* out) { 1.570 + out->print_cr("flag '%s' cannot be changed", op->arg(0)); 1.571 + return JNI_ERR; 1.572 +} 1.573 + 1.574 +void AttachListener::pd_detachall() { 1.575 + // Cleanup server socket to detach clients. 1.576 + listener_cleanup(); 1.577 +}