Fix: pthread::mutex unlock must not throw
[lttng-tools.git] / src / common / shm.cpp
CommitLineData
0fdd1e2c 1/*
21cf9b6b 2 * Copyright (C) 2011 EfficiOS Inc.
ab5be9fa 3 * Copyright (C) 2011 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
0fdd1e2c 4 *
ab5be9fa 5 * SPDX-License-Identifier: GPL-2.0-only
0fdd1e2c 6 *
0fdd1e2c
DG
7 */
8
6c1c0768 9#define _LGPL_SOURCE
0fdd1e2c
DG
10#include <fcntl.h>
11#include <limits.h>
12#include <sys/mman.h>
13#include <sys/stat.h>
14#include <sys/types.h>
15#include <sys/wait.h>
16#include <unistd.h>
17#include <urcu.h>
18
c9e313bc 19#include <common/error.hpp>
0fdd1e2c 20
c9e313bc 21#include "shm.hpp"
0fdd1e2c
DG
22
23/*
24 * Using fork to set umask in the child process (not multi-thread safe). We
25 * deal with the shm_open vs ftruncate race (happening when the sessiond owns
26 * the shm and does not let everybody modify it, to ensure safety against
27 * shm_unlink) by simply letting the mmap fail and retrying after a few
28 * seconds. For global shm, everybody has rw access to it until the sessiond
29 * starts.
30 */
31static int get_wait_shm(char *shm_path, size_t mmap_size, int global)
32{
33 int wait_shm_fd, ret;
0fdd1e2c
DG
34 mode_t mode;
35
a0377dfe 36 LTTNG_ASSERT(shm_path);
0525e9ae 37
0fdd1e2c
DG
38 /* Default permissions */
39 mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP;
40
7972d619
DG
41 /*
42 * Change owner of the shm path.
43 */
0fdd1e2c 44 if (global) {
0fdd1e2c 45 /*
7972d619
DG
46 * If global session daemon, any application can
47 * register. Make it initially writeable so applications
48 * registering concurrently can do ftruncate() by
49 * themselves.
0fdd1e2c 50 */
7972d619 51 mode |= S_IROTH | S_IWOTH;
0fdd1e2c
DG
52 }
53
54 /*
7d051034
DG
55 * We're alone in a child process, so we can modify the process-wide
56 * umask.
0fdd1e2c 57 */
7d051034 58 umask(~mode);
0fdd1e2c 59
7d051034
DG
60 /*
61 * Try creating shm (or get rw access). We don't do an exclusive open,
62 * because we allow other processes to create+ftruncate it concurrently.
cf86ff2c
JG
63 *
64 * A sysctl, fs.protected_regular may prevent the session daemon from
65 * opening a previously created shm when the O_CREAT flag is provided.
66 * Systemd enables this ABI-breaking change by default since v241.
67 *
68 * First, attempt to use the create-or-open semantic that is
69 * desired here. If this fails with EACCES, work around this broken
70 * behaviour and attempt to open the shm without the O_CREAT flag.
71 *
72 * The two attempts are made in this order since applications are
73 * expected to race with the session daemon to create this shm.
74 * Attempting an shm_open() without the O_CREAT flag first could fail
75 * because the file doesn't exist. It could then be created by an
76 * application, which would cause a second try with the O_CREAT flag to
77 * fail with EACCES.
78 *
79 * Note that this introduces a new failure mode where a user could
80 * launch an application (creating the shm) and unlink the shm while
81 * the session daemon is launching, causing the second attempt
82 * to fail. This is not recovered-from as unlinking the shm will
83 * prevent userspace tracing from succeeding anyhow: the sessiond would
84 * use a now-unlinked shm, while the next application would create
85 * a new named shm.
7d051034
DG
86 */
87 wait_shm_fd = shm_open(shm_path, O_RDWR | O_CREAT, mode);
88 if (wait_shm_fd < 0) {
cf86ff2c
JG
89 if (errno == EACCES) {
90 /* Work around sysctl fs.protected_regular. */
91 DBG("shm_open of %s returned EACCES, this may be caused "
92 "by the fs.protected_regular sysctl. "
93 "Attempting to open the shm without "
94 "creating it.", shm_path);
95 wait_shm_fd = shm_open(shm_path, O_RDWR, mode);
96 }
97 if (wait_shm_fd < 0) {
6c33300e 98 PERROR("Failed to open \"wait\" shared memory object: path = '%s'", shm_path);
cf86ff2c
JG
99 goto error;
100 }
7d051034 101 }
0fdd1e2c 102
7d051034
DG
103 ret = ftruncate(wait_shm_fd, mmap_size);
104 if (ret < 0) {
6c33300e
JG
105 PERROR("Failed to truncate \"wait\" shared memory object: fd = %d, size = %zu",
106 wait_shm_fd, mmap_size);
7d051034
DG
107 exit(EXIT_FAILURE);
108 }
0fdd1e2c 109
7972d619
DG
110 if (global) {
111 ret = fchown(wait_shm_fd, 0, 0);
112 if (ret < 0) {
6c33300e
JG
113 PERROR("Failed to set ownership of \"wait\" shared memory object: fd = %d, owner = 0, group = 0",
114 wait_shm_fd);
7972d619
DG
115 exit(EXIT_FAILURE);
116 }
117 /*
118 * If global session daemon, any application can
119 * register so the shm needs to be set in read-only mode
120 * for others.
121 */
122 mode &= ~S_IWOTH;
123 ret = fchmod(wait_shm_fd, mode);
124 if (ret < 0) {
6c33300e
JG
125 PERROR("Failed to set the mode of the \"wait\" shared memory object: fd = %d, mode = %d",
126 wait_shm_fd, mode);
7972d619
DG
127 exit(EXIT_FAILURE);
128 }
129 } else {
130 ret = fchown(wait_shm_fd, getuid(), getgid());
131 if (ret < 0) {
6c33300e
JG
132 PERROR("Failed to set ownership of \"wait\" shared memory object: fd = %d, owner = %d, group = %d",
133 wait_shm_fd, getuid(), getgid());
7972d619
DG
134 exit(EXIT_FAILURE);
135 }
0fdd1e2c
DG
136 }
137
6c33300e
JG
138 DBG("Wait shared memory file descriptor created successfully: path = '%s', mmap_size = %zu, global = %s, fd = %d",
139 shm_path, mmap_size, global ? "true" : "false",
140 wait_shm_fd);
0fdd1e2c
DG
141
142 return wait_shm_fd;
143
144error:
6c33300e
JG
145 DBG("Failed to open shared memory file descriptor: path = '%s', mmap_size = %zu, global = %s",
146 shm_path, mmap_size, global ? "true" : "false");
0fdd1e2c
DG
147
148 return -1;
149}
150
151/*
152 * Return the wait shm mmap for UST application notification. The global
153 * variable is used to indicate if the the session daemon is global
154 * (root:tracing) or running with an unprivileged user.
155 *
156 * This returned value is used by futex_wait_update() in futex.c to WAKE all
157 * waiters which are UST application waiting for a session daemon.
158 */
159char *shm_ust_get_mmap(char *shm_path, int global)
160{
6c699394 161 size_t mmap_size;
0fdd1e2c
DG
162 int wait_shm_fd, ret;
163 char *wait_shm_mmap;
6c699394 164 long sys_page_size;
0fdd1e2c 165
a0377dfe 166 LTTNG_ASSERT(shm_path);
0525e9ae 167
6c699394
DG
168 sys_page_size = sysconf(_SC_PAGE_SIZE);
169 if (sys_page_size < 0) {
6c33300e 170 PERROR("Failed to get PAGE_SIZE of system");
6c699394
DG
171 goto error;
172 }
173 mmap_size = sys_page_size;
174
0fdd1e2c
DG
175 wait_shm_fd = get_wait_shm(shm_path, mmap_size, global);
176 if (wait_shm_fd < 0) {
177 goto error;
178 }
179
a6bc4ca9 180 wait_shm_mmap = (char *) mmap(NULL, mmap_size, PROT_WRITE | PROT_READ,
0fdd1e2c 181 MAP_SHARED, wait_shm_fd, 0);
7d051034 182
0fdd1e2c
DG
183 /* close shm fd immediately after taking the mmap reference */
184 ret = close(wait_shm_fd);
185 if (ret) {
6c33300e
JG
186 PERROR("Failed to close \"wait\" shared memory object file descriptor: fd = %d",
187 wait_shm_fd);
0fdd1e2c
DG
188 }
189
190 if (wait_shm_mmap == MAP_FAILED) {
6c33300e
JG
191 DBG("Failed to mmap the \"wait\" shareed memory object (can be caused by race with ust): path = '%s', global = %s",
192 shm_path, global ? "true" : "false");
0fdd1e2c
DG
193 goto error;
194 }
195
196 return wait_shm_mmap;
197
198error:
199 return NULL;
200}
b7fc068d
FD
201
202/*
203 * shm_create_anonymous is never called concurrently within a process.
204 */
205int shm_create_anonymous(const char *owner_name)
206{
207 char tmp_name[NAME_MAX];
208 int shmfd, ret;
209
210 ret = snprintf(tmp_name, NAME_MAX, "/shm-%s-%d", owner_name, getpid());
211 if (ret < 0) {
6c33300e
JG
212 PERROR("Failed to format shm path: owner_name = '%s', pid = %d",
213 owner_name, getpid());
b7fc068d
FD
214 return -1;
215 }
6c33300e 216
b7fc068d
FD
217 /*
218 * Allocate shm, and immediately unlink its shm oject, keeping only the
219 * file descriptor as a reference to the object.
220 */
221 shmfd = shm_open(tmp_name, O_CREAT | O_EXCL | O_RDWR, 0700);
222 if (shmfd < 0) {
6c33300e 223 PERROR("Failed to open shared memory object: path = '%s'", tmp_name);
b7fc068d
FD
224 goto error_shm_open;
225 }
6c33300e 226
b7fc068d
FD
227 ret = shm_unlink(tmp_name);
228 if (ret < 0 && errno != ENOENT) {
6c33300e
JG
229 PERROR("Failed to unlink shared memory object: path = '%s'",
230 tmp_name);
b7fc068d
FD
231 goto error_shm_release;
232 }
6c33300e 233
b7fc068d
FD
234 return shmfd;
235
236error_shm_release:
237 ret = close(shmfd);
238 if (ret) {
6c33300e
JG
239 PERROR("Failed to close shared memory object file descriptor: fd = %d, path = '%s'",
240 shmfd, tmp_name);
b7fc068d
FD
241 }
242error_shm_open:
243 return -1;
244}
This page took 0.087391 seconds and 4 git commands to generate.