1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/src/os/aix/vm/attachListener_aix.cpp Wed Apr 27 01:25:04 2016 +0800
1.3 @@ -0,0 +1,574 @@
1.4 +/*
1.5 + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
1.6 + * Copyright 2012, 2013 SAP AG. All rights reserved.
1.7 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
1.8 + *
1.9 + * This code is free software; you can redistribute it and/or modify it
1.10 + * under the terms of the GNU General Public License version 2 only, as
1.11 + * published by the Free Software Foundation.
1.12 + *
1.13 + * This code is distributed in the hope that it will be useful, but WITHOUT
1.14 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1.15 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
1.16 + * version 2 for more details (a copy is included in the LICENSE file that
1.17 + * accompanied this code).
1.18 + *
1.19 + * You should have received a copy of the GNU General Public License version
1.20 + * 2 along with this work; if not, write to the Free Software Foundation,
1.21 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
1.22 + *
1.23 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
1.24 + * or visit www.oracle.com if you need additional information or have any
1.25 + * questions.
1.26 + *
1.27 + */
1.28 +
1.29 +#include "precompiled.hpp"
1.30 +#include "runtime/interfaceSupport.hpp"
1.31 +#include "runtime/os.hpp"
1.32 +#include "services/attachListener.hpp"
1.33 +#include "services/dtraceAttacher.hpp"
1.34 +
1.35 +#include <unistd.h>
1.36 +#include <signal.h>
1.37 +#include <sys/types.h>
1.38 +#include <sys/socket.h>
1.39 +#include <sys/un.h>
1.40 +#include <sys/stat.h>
1.41 +
1.42 +#ifndef UNIX_PATH_MAX
1.43 +#define UNIX_PATH_MAX sizeof(((struct sockaddr_un *)0)->sun_path)
1.44 +#endif
1.45 +
1.46 +// The attach mechanism on Linux uses a UNIX domain socket. An attach listener
1.47 +// thread is created at startup or is created on-demand via a signal from
1.48 +// the client tool. The attach listener creates a socket and binds it to a file
1.49 +// in the filesystem. The attach listener then acts as a simple (single-
1.50 +// threaded) server - it waits for a client to connect, reads the request,
1.51 +// executes it, and returns the response to the client via the socket
1.52 +// connection.
1.53 +//
1.54 +// As the socket is a UNIX domain socket it means that only clients on the
1.55 +// local machine can connect. In addition there are two other aspects to
1.56 +// the security:
1.57 +// 1. The well known file that the socket is bound to has permission 400
1.58 +// 2. When a client connect, the SO_PEERID socket option is used to
1.59 +// obtain the credentials of client. We check that the effective uid
1.60 +// of the client matches this process.
1.61 +
1.62 +// forward reference
1.63 +class AixAttachOperation;
1.64 +
1.65 +class AixAttachListener: AllStatic {
1.66 + private:
1.67 + // the path to which we bind the UNIX domain socket
1.68 + static char _path[UNIX_PATH_MAX];
1.69 + static bool _has_path;
1.70 + // Shutdown marker to prevent accept blocking during clean-up.
1.71 + static bool _shutdown;
1.72 +
1.73 + // the file descriptor for the listening socket
1.74 + static int _listener;
1.75 +
1.76 + static void set_path(char* path) {
1.77 + if (path == NULL) {
1.78 + _has_path = false;
1.79 + } else {
1.80 + strncpy(_path, path, UNIX_PATH_MAX);
1.81 + _path[UNIX_PATH_MAX-1] = '\0';
1.82 + _has_path = true;
1.83 + }
1.84 + }
1.85 +
1.86 + static void set_listener(int s) { _listener = s; }
1.87 +
1.88 + // reads a request from the given connected socket
1.89 + static AixAttachOperation* read_request(int s);
1.90 +
1.91 + public:
1.92 + enum {
1.93 + ATTACH_PROTOCOL_VER = 1 // protocol version
1.94 + };
1.95 + enum {
1.96 + ATTACH_ERROR_BADVERSION = 101 // error codes
1.97 + };
1.98 +
1.99 + // initialize the listener, returns 0 if okay
1.100 + static int init();
1.101 +
1.102 + static char* path() { return _path; }
1.103 + static bool has_path() { return _has_path; }
1.104 + static int listener() { return _listener; }
1.105 + // Shutdown marker to prevent accept blocking during clean-up
1.106 + static void set_shutdown(bool shutdown) { _shutdown = shutdown; }
1.107 + static bool is_shutdown() { return _shutdown; }
1.108 +
1.109 + // write the given buffer to a socket
1.110 + static int write_fully(int s, char* buf, int len);
1.111 +
1.112 + static AixAttachOperation* dequeue();
1.113 +};
1.114 +
1.115 +class AixAttachOperation: public AttachOperation {
1.116 + private:
1.117 + // the connection to the client
1.118 + int _socket;
1.119 +
1.120 + public:
1.121 + void complete(jint res, bufferedStream* st);
1.122 +
1.123 + void set_socket(int s) { _socket = s; }
1.124 + int socket() const { return _socket; }
1.125 +
1.126 + AixAttachOperation(char* name) : AttachOperation(name) {
1.127 + set_socket(-1);
1.128 + }
1.129 +};
1.130 +
1.131 +// statics
1.132 +char AixAttachListener::_path[UNIX_PATH_MAX];
1.133 +bool AixAttachListener::_has_path;
1.134 +int AixAttachListener::_listener = -1;
1.135 +// Shutdown marker to prevent accept blocking during clean-up
1.136 +bool AixAttachListener::_shutdown = false;
1.137 +
1.138 +// Supporting class to help split a buffer into individual components
1.139 +class ArgumentIterator : public StackObj {
1.140 + private:
1.141 + char* _pos;
1.142 + char* _end;
1.143 + public:
1.144 + ArgumentIterator(char* arg_buffer, size_t arg_size) {
1.145 + _pos = arg_buffer;
1.146 + _end = _pos + arg_size - 1;
1.147 + }
1.148 + char* next() {
1.149 + if (*_pos == '\0') {
1.150 + return NULL;
1.151 + }
1.152 + char* res = _pos;
1.153 + char* next_pos = strchr(_pos, '\0');
1.154 + if (next_pos < _end) {
1.155 + next_pos++;
1.156 + }
1.157 + _pos = next_pos;
1.158 + return res;
1.159 + }
1.160 +};
1.161 +
1.162 +// On AIX if sockets block until all data has been transmitted
1.163 +// successfully in some communication domains a socket "close" may
1.164 +// never complete. We have to take care that after the socket shutdown
1.165 +// the listener never enters accept state.
1.166 +
1.167 +// atexit hook to stop listener and unlink the file that it is
1.168 +// bound too.
1.169 +
1.170 +// Some modifications to the listener logic to prevent deadlocks on exit.
1.171 +// 1. We Shutdown the socket here instead. AixAttachOperation::complete() is not the right place
1.172 +// since more than one agent in a sequence in JPLIS live tests wouldn't work (Listener thread
1.173 +// would be dead after the first operation completion).
1.174 +// 2. close(s) may never return if the listener thread is in socket accept(). Unlinking the file
1.175 +// should be sufficient for cleanup.
1.176 +extern "C" {
1.177 + static void listener_cleanup() {
1.178 + static int cleanup_done;
1.179 + if (!cleanup_done) {
1.180 + cleanup_done = 1;
1.181 + AixAttachListener::set_shutdown(true);
1.182 + int s = AixAttachListener::listener();
1.183 + if (s != -1) {
1.184 + ::shutdown(s, 2);
1.185 + }
1.186 + if (AixAttachListener::has_path()) {
1.187 + ::unlink(AixAttachListener::path());
1.188 + }
1.189 + }
1.190 + }
1.191 +}
1.192 +
1.193 +// Initialization - create a listener socket and bind it to a file
1.194 +
1.195 +int AixAttachListener::init() {
1.196 + char path[UNIX_PATH_MAX]; // socket file
1.197 + char initial_path[UNIX_PATH_MAX]; // socket file during setup
1.198 + int listener; // listener socket (file descriptor)
1.199 +
1.200 + // register function to cleanup
1.201 + ::atexit(listener_cleanup);
1.202 +
1.203 + int n = snprintf(path, UNIX_PATH_MAX, "%s/.java_pid%d",
1.204 + os::get_temp_directory(), os::current_process_id());
1.205 + if (n < (int)UNIX_PATH_MAX) {
1.206 + n = snprintf(initial_path, UNIX_PATH_MAX, "%s.tmp", path);
1.207 + }
1.208 + if (n >= (int)UNIX_PATH_MAX) {
1.209 + return -1;
1.210 + }
1.211 +
1.212 + // create the listener socket
1.213 + listener = ::socket(PF_UNIX, SOCK_STREAM, 0);
1.214 + if (listener == -1) {
1.215 + return -1;
1.216 + }
1.217 +
1.218 + // bind socket
1.219 + struct sockaddr_un addr;
1.220 + addr.sun_family = AF_UNIX;
1.221 + strcpy(addr.sun_path, initial_path);
1.222 + ::unlink(initial_path);
1.223 + // We must call bind with the actual socketaddr length. This is obligatory for AS400.
1.224 + int res = ::bind(listener, (struct sockaddr*)&addr, SUN_LEN(&addr));
1.225 + if (res == -1) {
1.226 + RESTARTABLE(::close(listener), res);
1.227 + return -1;
1.228 + }
1.229 +
1.230 + // put in listen mode, set permissions, and rename into place
1.231 + res = ::listen(listener, 5);
1.232 + if (res == 0) {
1.233 + RESTARTABLE(::chmod(initial_path, (S_IREAD|S_IWRITE) & ~(S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)), res);
1.234 + if (res == 0) {
1.235 + res = ::rename(initial_path, path);
1.236 + }
1.237 + }
1.238 + if (res == -1) {
1.239 + RESTARTABLE(::close(listener), res);
1.240 + ::unlink(initial_path);
1.241 + return -1;
1.242 + }
1.243 + set_path(path);
1.244 + set_listener(listener);
1.245 + set_shutdown(false);
1.246 +
1.247 + return 0;
1.248 +}
1.249 +
1.250 +// Given a socket that is connected to a peer we read the request and
1.251 +// create an AttachOperation. As the socket is blocking there is potential
1.252 +// for a denial-of-service if the peer does not response. However this happens
1.253 +// after the peer credentials have been checked and in the worst case it just
1.254 +// means that the attach listener thread is blocked.
1.255 +//
1.256 +AixAttachOperation* AixAttachListener::read_request(int s) {
1.257 + char ver_str[8];
1.258 + sprintf(ver_str, "%d", ATTACH_PROTOCOL_VER);
1.259 +
1.260 + // The request is a sequence of strings so we first figure out the
1.261 + // expected count and the maximum possible length of the request.
1.262 + // The request is:
1.263 + // <ver>0<cmd>0<arg>0<arg>0<arg>0
1.264 + // where <ver> is the protocol version (1), <cmd> is the command
1.265 + // name ("load", "datadump", ...), and <arg> is an argument
1.266 + int expected_str_count = 2 + AttachOperation::arg_count_max;
1.267 + const int max_len = (sizeof(ver_str) + 1) + (AttachOperation::name_length_max + 1) +
1.268 + AttachOperation::arg_count_max*(AttachOperation::arg_length_max + 1);
1.269 +
1.270 + char buf[max_len];
1.271 + int str_count = 0;
1.272 +
1.273 + // Read until all (expected) strings have been read, the buffer is
1.274 + // full, or EOF.
1.275 +
1.276 + int off = 0;
1.277 + int left = max_len;
1.278 +
1.279 + do {
1.280 + int n;
1.281 + // Don't block on interrupts because this will
1.282 + // hang in the clean-up when shutting down.
1.283 + n = read(s, buf+off, left);
1.284 + if (n == -1) {
1.285 + return NULL; // reset by peer or other error
1.286 + }
1.287 + if (n == 0) { // end of file reached
1.288 + break;
1.289 + }
1.290 + for (int i=0; i<n; i++) {
1.291 + if (buf[off+i] == 0) {
1.292 + // EOS found
1.293 + str_count++;
1.294 +
1.295 + // The first string is <ver> so check it now to
1.296 + // check for protocol mis-match
1.297 + if (str_count == 1) {
1.298 + if ((strlen(buf) != strlen(ver_str)) ||
1.299 + (atoi(buf) != ATTACH_PROTOCOL_VER)) {
1.300 + char msg[32];
1.301 + sprintf(msg, "%d\n", ATTACH_ERROR_BADVERSION);
1.302 + write_fully(s, msg, strlen(msg));
1.303 + return NULL;
1.304 + }
1.305 + }
1.306 + }
1.307 + }
1.308 + off += n;
1.309 + left -= n;
1.310 + } while (left > 0 && str_count < expected_str_count);
1.311 +
1.312 + if (str_count != expected_str_count) {
1.313 + return NULL; // incomplete request
1.314 + }
1.315 +
1.316 + // parse request
1.317 +
1.318 + ArgumentIterator args(buf, (max_len)-left);
1.319 +
1.320 + // version already checked
1.321 + char* v = args.next();
1.322 +
1.323 + char* name = args.next();
1.324 + if (name == NULL || strlen(name) > AttachOperation::name_length_max) {
1.325 + return NULL;
1.326 + }
1.327 +
1.328 + AixAttachOperation* op = new AixAttachOperation(name);
1.329 +
1.330 + for (int i=0; i<AttachOperation::arg_count_max; i++) {
1.331 + char* arg = args.next();
1.332 + if (arg == NULL) {
1.333 + op->set_arg(i, NULL);
1.334 + } else {
1.335 + if (strlen(arg) > AttachOperation::arg_length_max) {
1.336 + delete op;
1.337 + return NULL;
1.338 + }
1.339 + op->set_arg(i, arg);
1.340 + }
1.341 + }
1.342 +
1.343 + op->set_socket(s);
1.344 + return op;
1.345 +}
1.346 +
1.347 +
1.348 +// Dequeue an operation
1.349 +//
1.350 +// In the Linux implementation there is only a single operation and clients
1.351 +// cannot queue commands (except at the socket level).
1.352 +//
1.353 +AixAttachOperation* AixAttachListener::dequeue() {
1.354 + for (;;) {
1.355 + int s;
1.356 +
1.357 + // wait for client to connect
1.358 + struct sockaddr addr;
1.359 + socklen_t len = sizeof(addr);
1.360 + memset(&addr, 0, len);
1.361 + // We must prevent accept blocking on the socket if it has been shut down.
1.362 + // Therefore we allow interrups and check whether we have been shut down already.
1.363 + if (AixAttachListener::is_shutdown()) {
1.364 + return NULL;
1.365 + }
1.366 + s=::accept(listener(), &addr, &len);
1.367 + if (s == -1) {
1.368 + return NULL; // log a warning?
1.369 + }
1.370 +
1.371 + // Added timeouts for read and write. If we get no request within the
1.372 + // next AttachListenerTimeout milliseconds we just finish the connection.
1.373 + struct timeval tv;
1.374 + tv.tv_sec = 0;
1.375 + tv.tv_usec = AttachListenerTimeout * 1000;
1.376 + ::setsockopt(s, SOL_SOCKET, SO_RCVTIMEO, (char*)&tv, sizeof(tv));
1.377 + ::setsockopt(s, SOL_SOCKET, SO_SNDTIMEO, (char*)&tv, sizeof(tv));
1.378 +
1.379 + // get the credentials of the peer and check the effective uid/guid
1.380 + // - check with jeff on this.
1.381 + struct peercred_struct cred_info;
1.382 + socklen_t optlen = sizeof(cred_info);
1.383 + if (::getsockopt(s, SOL_SOCKET, SO_PEERID, (void*)&cred_info, &optlen) == -1) {
1.384 + int res;
1.385 + RESTARTABLE(::close(s), res);
1.386 + continue;
1.387 + }
1.388 + uid_t euid = geteuid();
1.389 + gid_t egid = getegid();
1.390 +
1.391 + if (cred_info.euid != euid || cred_info.egid != egid) {
1.392 + int res;
1.393 + RESTARTABLE(::close(s), res);
1.394 + continue;
1.395 + }
1.396 +
1.397 + // peer credential look okay so we read the request
1.398 + AixAttachOperation* op = read_request(s);
1.399 + if (op == NULL) {
1.400 + int res;
1.401 + RESTARTABLE(::close(s), res);
1.402 + continue;
1.403 + } else {
1.404 + return op;
1.405 + }
1.406 + }
1.407 +}
1.408 +
1.409 +// write the given buffer to the socket
1.410 +int AixAttachListener::write_fully(int s, char* buf, int len) {
1.411 + do {
1.412 + int n = ::write(s, buf, len);
1.413 + if (n == -1) {
1.414 + if (errno != EINTR) return -1;
1.415 + } else {
1.416 + buf += n;
1.417 + len -= n;
1.418 + }
1.419 + }
1.420 + while (len > 0);
1.421 + return 0;
1.422 +}
1.423 +
1.424 +// Complete an operation by sending the operation result and any result
1.425 +// output to the client. At this time the socket is in blocking mode so
1.426 +// potentially we can block if there is a lot of data and the client is
1.427 +// non-responsive. For most operations this is a non-issue because the
1.428 +// default send buffer is sufficient to buffer everything. In the future
1.429 +// if there are operations that involves a very big reply then it the
1.430 +// socket could be made non-blocking and a timeout could be used.
1.431 +
1.432 +void AixAttachOperation::complete(jint result, bufferedStream* st) {
1.433 + JavaThread* thread = JavaThread::current();
1.434 + ThreadBlockInVM tbivm(thread);
1.435 +
1.436 + thread->set_suspend_equivalent();
1.437 + // cleared by handle_special_suspend_equivalent_condition() or
1.438 + // java_suspend_self() via check_and_wait_while_suspended()
1.439 +
1.440 + // write operation result
1.441 + char msg[32];
1.442 + sprintf(msg, "%d\n", result);
1.443 + int rc = AixAttachListener::write_fully(this->socket(), msg, strlen(msg));
1.444 +
1.445 + // write any result data
1.446 + if (rc == 0) {
1.447 + // Shutdown the socket in the cleanup function to enable more than
1.448 + // one agent attach in a sequence (see comments to listener_cleanup()).
1.449 + AixAttachListener::write_fully(this->socket(), (char*) st->base(), st->size());
1.450 + }
1.451 +
1.452 + // done
1.453 + RESTARTABLE(::close(this->socket()), rc);
1.454 +
1.455 + // were we externally suspended while we were waiting?
1.456 + thread->check_and_wait_while_suspended();
1.457 +
1.458 + delete this;
1.459 +}
1.460 +
1.461 +
1.462 +// AttachListener functions
1.463 +
1.464 +AttachOperation* AttachListener::dequeue() {
1.465 + JavaThread* thread = JavaThread::current();
1.466 + ThreadBlockInVM tbivm(thread);
1.467 +
1.468 + thread->set_suspend_equivalent();
1.469 + // cleared by handle_special_suspend_equivalent_condition() or
1.470 + // java_suspend_self() via check_and_wait_while_suspended()
1.471 +
1.472 + AttachOperation* op = AixAttachListener::dequeue();
1.473 +
1.474 + // were we externally suspended while we were waiting?
1.475 + thread->check_and_wait_while_suspended();
1.476 +
1.477 + return op;
1.478 +}
1.479 +
1.480 +// Performs initialization at vm startup
1.481 +// For AIX we remove any stale .java_pid file which could cause
1.482 +// an attaching process to think we are ready to receive on the
1.483 +// domain socket before we are properly initialized
1.484 +
1.485 +void AttachListener::vm_start() {
1.486 + char fn[UNIX_PATH_MAX];
1.487 + struct stat64 st;
1.488 + int ret;
1.489 +
1.490 + int n = snprintf(fn, UNIX_PATH_MAX, "%s/.java_pid%d",
1.491 + os::get_temp_directory(), os::current_process_id());
1.492 + assert(n < (int)UNIX_PATH_MAX, "java_pid file name buffer overflow");
1.493 +
1.494 + RESTARTABLE(::stat64(fn, &st), ret);
1.495 + if (ret == 0) {
1.496 + ret = ::unlink(fn);
1.497 + if (ret == -1) {
1.498 + debug_only(warning("failed to remove stale attach pid file at %s", fn));
1.499 + }
1.500 + }
1.501 +}
1.502 +
1.503 +int AttachListener::pd_init() {
1.504 + JavaThread* thread = JavaThread::current();
1.505 + ThreadBlockInVM tbivm(thread);
1.506 +
1.507 + thread->set_suspend_equivalent();
1.508 + // cleared by handle_special_suspend_equivalent_condition() or
1.509 + // java_suspend_self() via check_and_wait_while_suspended()
1.510 +
1.511 + int ret_code = AixAttachListener::init();
1.512 +
1.513 + // were we externally suspended while we were waiting?
1.514 + thread->check_and_wait_while_suspended();
1.515 +
1.516 + return ret_code;
1.517 +}
1.518 +
1.519 +// Attach Listener is started lazily except in the case when
1.520 +// +ReduseSignalUsage is used
1.521 +bool AttachListener::init_at_startup() {
1.522 + if (ReduceSignalUsage) {
1.523 + return true;
1.524 + } else {
1.525 + return false;
1.526 + }
1.527 +}
1.528 +
1.529 +// If the file .attach_pid<pid> exists in the working directory
1.530 +// or /tmp then this is the trigger to start the attach mechanism
1.531 +bool AttachListener::is_init_trigger() {
1.532 + if (init_at_startup() || is_initialized()) {
1.533 + return false; // initialized at startup or already initialized
1.534 + }
1.535 + char fn[PATH_MAX+1];
1.536 + sprintf(fn, ".attach_pid%d", os::current_process_id());
1.537 + int ret;
1.538 + struct stat64 st;
1.539 + RESTARTABLE(::stat64(fn, &st), ret);
1.540 + if (ret == -1) {
1.541 + snprintf(fn, sizeof(fn), "%s/.attach_pid%d",
1.542 + os::get_temp_directory(), os::current_process_id());
1.543 + RESTARTABLE(::stat64(fn, &st), ret);
1.544 + }
1.545 + if (ret == 0) {
1.546 + // simple check to avoid starting the attach mechanism when
1.547 + // a bogus user creates the file
1.548 + if (st.st_uid == geteuid()) {
1.549 + init();
1.550 + return true;
1.551 + }
1.552 + }
1.553 + return false;
1.554 +}
1.555 +
1.556 +// if VM aborts then remove listener
1.557 +void AttachListener::abort() {
1.558 + listener_cleanup();
1.559 +}
1.560 +
1.561 +void AttachListener::pd_data_dump() {
1.562 + os::signal_notify(SIGQUIT);
1.563 +}
1.564 +
1.565 +AttachOperationFunctionInfo* AttachListener::pd_find_operation(const char* n) {
1.566 + return NULL;
1.567 +}
1.568 +
1.569 +jint AttachListener::pd_set_flag(AttachOperation* op, outputStream* out) {
1.570 + out->print_cr("flag '%s' cannot be changed", op->arg(0));
1.571 + return JNI_ERR;
1.572 +}
1.573 +
1.574 +void AttachListener::pd_detachall() {
1.575 + // Cleanup server socket to detach clients.
1.576 + listener_cleanup();
1.577 +}
