| blob | c270f389115f5a6ec4267a04f7b012565306b710 |
1 /*
2 * Copyright 2014, Paweł Dziepak, pdziepak@quarnos.org.
3 * Copyright 2008-2016, Ingo Weinhold, ingo_weinhold@gmx.de.
4 * Copyright 2002-2010, Axel Dörfler, axeld@pinc-software.de.
5 * Distributed under the terms of the MIT License.
6 *
7 * Copyright 2001-2002, Travis Geiselbrecht. All rights reserved.
8 * Distributed under the terms of the NewOS License.
9 */
12 /*! Team functions */
15 #include <team.h>
17 #include <errno.h>
18 #include <stdio.h>
19 #include <stdlib.h>
20 #include <string.h>
21 #include <sys/wait.h>
23 #include <OS.h>
25 #include <AutoDeleter.h>
26 #include <FindDirectory.h>
28 #include <extended_system_info_defs.h>
30 #include <commpage.h>
31 #include <boot_device.h>
32 #include <elf.h>
33 #include <file_cache.h>
34 #include <find_directory_private.h>
35 #include <fs/KPath.h>
36 #include <heap.h>
37 #include <int.h>
38 #include <kernel.h>
39 #include <kimage.h>
40 #include <kscheduler.h>
41 #include <ksignal.h>
42 #include <Notifications.h>
43 #include <port.h>
44 #include <posix/realtime_sem.h>
45 #include <posix/xsi_semaphore.h>
46 #include <sem.h>
47 #include <syscall_process_info.h>
48 #include <syscall_restart.h>
49 #include <syscalls.h>
50 #include <tls.h>
51 #include <tracing.h>
52 #include <user_runtime.h>
53 #include <user_thread.h>
54 #include <usergroup.h>
55 #include <vfs.h>
56 #include <vm/vm.h>
57 #include <vm/VMAddressSpace.h>
58 #include <util/AutoLock.h>
63 //#define TRACE_TEAM
64 #ifdef TRACE_TEAM
65 # define TRACE(x) dprintf x
66 #else
67 # define TRACE(x) ;
68 #endif
72 team_id id;
73 };
79 uint32 arg_count;
80 uint32 env_count;
81 mode_t umask;
82 uint32 flags;
83 port_id error_port;
84 uint32 error_token;
85 };
87 #define TEAM_ARGS_FLAG_NO_ASLR 0x01
98 };
101 // #pragma mark - TeamTable
107 // #pragma mark - ProcessGroupHashDefinition
115 {
117 }
120 {
122 }
125 {
127 }
130 {
132 }
133 };
141 // #pragma mark -
144 // the team_id -> Team hash table and the lock protecting it
148 // the pid_t -> ProcessGroup hash table and the lock protecting it
154 // A list of process groups of children of dying session leaders that need to
155 // be signalled, if they have become orphaned and contain stopped processes.
157 static mutex sOrphanedCheckLock
160 // some arbitrarily chosen limits -- should probably depend on the available
161 // memory (the limit is not yet enforced)
171 // #pragma mark - TeamListIterator
175 {
176 // queue the entry
179 }
183 {
184 // remove the entry
187 }
190 Team*
192 {
193 // get the next team -- if there is one, get reference for it
200 }
203 // #pragma mark - Tracing
206 #if TEAM_TRACING
212 :
214 {
216 }
219 {
221 }
224 thread_id fForkedThread;
225 };
232 :
235 {
239 // determine the buffer size we need for the args
244 // allocate a buffer
252 }
253 }
255 // ignore env for the time being
260 }
263 {
271 }
274 }
278 int32 fArgCount;
280 };
285 {
297 }
298 }
304 :
308 {
310 }
313 {
317 }
320 team_id fTeam;
321 job_control_state fNewState;
323 };
329 :
332 {
334 }
337 {
340 }
343 pid_t fChild;
344 uint32 fFlags;
345 };
351 :
357 {
359 }
362 :
364 {
366 }
369 {
374 fSignal);
378 }
379 }
382 job_control_state fState;
383 team_id fTeam;
384 status_t fStatus;
385 uint16 fReason;
386 uint16 fSignal;
387 };
391 # define T(x) new(std::nothrow) TeamTracing::x;
392 #else
393 # define T(x) ;
394 #endif
397 // #pragma mark - TeamNotificationService
402 {
403 }
406 void
408 {
410 KMessage event;
417 }
420 // #pragma mark - Team
424 {
425 // allocate an ID
430 // init mutex
437 }
468 // dead threads
472 // dead children
477 // job control entry
483 }
485 // exit status -- setting initialized to false suffices
495 // init dead/stopped/continued children condition vars
508 }
512 {
513 // get rid of all associated data
531 }
539 }
544 // usually already NULL and transferred to the parent
547 }
552 {
553 // create the team object
562 // check initialization
566 // finish initialization (arch specifics)
574 }
576 // everything went fine
578 }
581 /*! \brief Returns the team with the given ID.
582 Returns a reference to the team.
583 Team and thread spinlock must not be held.
584 */
587 {
592 }
599 }
602 /*! \brief Returns the team with the given ID in a locked state.
603 Returns a reference to the team.
604 Team and thread spinlock must not be held.
605 */
608 {
609 // get the team
614 // lock it
617 // only return the team, when it isn't already dying
622 }
625 }
628 /*! Locks the team and its parent team (if any).
629 The caller must hold a reference to the team or otherwise make sure that
630 it won't be deleted.
631 If the team doesn't have a parent, only the team itself is locked. If the
632 team's parent is the kernel team and \a dontLockParentIfKernel is \c true,
633 only the team itself is locked.
635 \param dontLockParentIfKernel If \c true, the team's parent team is only
636 locked, if it is not the kernel team.
637 */
638 void
640 {
641 // The locking order is parent -> child. Since the parent can change as long
642 // as we don't lock the team, we need to do a trial and error loop.
646 // If the team doesn't have a parent, we're done. Otherwise try to lock
647 // the parent.This will succeed in most cases, simplifying things.
652 }
654 // get a temporary reference to the parent, unlock this team, lock the
655 // parent, and re-lock this team
662 // If the parent hasn't changed in the meantime, we're done.
666 // The parent has changed -- unlock and retry.
668 }
669 }
672 /*! Unlocks the team and its parent team (if any).
673 */
674 void
676 {
681 }
684 /*! Locks the team, its parent team (if any), and the team's process group.
685 The caller must hold a reference to the team or otherwise make sure that
686 it won't be deleted.
687 If the team doesn't have a parent, only the team itself is locked.
688 */
689 void
691 {
694 // We hold the group's and the team's lock, but not the parent team's lock.
695 // If we have a parent, try to lock it.
699 // No success -- unlock the team and let LockTeamAndParent() do the rest of
700 // the job.
703 }
706 /*! Unlocks the team, its parent team (if any), and the team's process group.
707 */
708 void
710 {
717 }
720 void
722 {
723 // The locking order is process group -> child. Since the process group can
724 // change as long as we don't lock the team, we need to do a trial and error
725 // loop.
729 // Try to lock the group. This will succeed in most cases, simplifying
730 // things.
735 // get a temporary reference to the group, unlock this team, lock the
736 // group, and re-lock this team
743 // If the group hasn't changed in the meantime, we're done.
747 // The group has changed -- unlock and retry.
749 }
750 }
753 void
755 {
758 }
761 void
763 {
768 }
771 void
773 {
775 }
778 void
780 {
786 }
787 }
790 void
792 {
793 // We are supposed to keep pending signals. Signal actions shall be reset
794 // partially: SIG_IGN and SIG_DFL dispositions shall be kept as they are
795 // (for SIGCHLD it's implementation-defined). Others shall be reset to
796 // SIG_DFL. SA_ONSTACK shall be cleared. There's no mention of the other
797 // flags, but since there aren't any handlers, they make little sense, so
798 // we clear them.
808 }
809 }
812 void
814 {
816 }
819 /*! Adds the given user timer to the team and, if user-defined, assigns it an
820 ID.
822 The caller must hold the team's lock.
824 \param timer The timer to be added. If it doesn't have an ID yet, it is
825 considered user-defined and will be assigned an ID.
826 \return \c B_OK, if the timer was added successfully, another error code
827 otherwise.
828 */
829 status_t
831 {
832 // don't allow addition of timers when already shutting the team down
836 // If the timer is user-defined, check timer limit and increment
837 // user-defined count.
844 }
847 /*! Removes the given user timer from the team.
849 The caller must hold the team's lock.
851 \param timer The timer to be removed.
853 */
854 void
856 {
861 }
864 /*! Deletes all (or all user-defined) user timers of the team.
866 Timer's belonging to the team's threads are not affected.
867 The caller must hold the team's lock.
869 \param userDefinedOnly If \c true, only the user-defined timers are deleted,
870 otherwise all timers are deleted.
871 */
872 void
874 {
877 }
880 /*! If not at the limit yet, increments the team's user-defined timer count.
881 \return \c true, if the limit wasn't reached yet, \c false otherwise.
882 */
883 bool
885 {
890 }
893 }
896 /*! Subtracts the given count for the team's user-defined timer count.
897 \param count The count to subtract.
898 */
899 void
901 {
903 }
906 void
908 {
914 }
917 /*! Returns the team's current total CPU time (kernel + user + offset).
919 The caller must hold \c time_lock.
921 \param ignoreCurrentRun If \c true and the current thread is one team's
922 threads, don't add the time since the last time \c last_time was
923 updated. Should be used in "thread unscheduled" scheduler callbacks,
924 since although the thread is still running at that time, its time has
925 already been stopped.
926 \return The team's current total CPU time.
927 */
928 bigtime_t
930 {
946 }
950 }
953 }
956 /*! Returns the team's current user CPU time.
958 The caller must hold \c time_lock.
960 \return The team's current user CPU time.
961 */
962 bigtime_t
964 {
976 }
979 }
982 // #pragma mark - ProcessGroup
986 :
991 {
995 }
999 {
1002 // If the group is in the orphaned check list, remove it.
1010 // remove group from the hash table and from the session
1017 }
1020 }
1025 {
1031 }
1034 /*! Adds the group the given session and makes it publicly accessible.
1035 The caller must not hold the process group hash lock.
1036 */
1037 void
1039 {
1042 }
1045 /*! Adds the group to the given session and makes it publicly accessible.
1046 The caller must hold the process group hash lock.
1047 */
1048 void
1050 {
1057 }
1060 /*! Checks whether the process group is orphaned.
1061 The caller must hold the group's lock.
1062 \return \c true, if the group is orphaned, \c false otherwise.
1063 */
1064 bool
1066 {
1067 // Orphaned Process Group: "A process group in which the parent of every
1068 // member is either itself a member of the group or is not a member of the
1069 // group's session." (Open Group Base Specs Issue 7)
1080 }
1085 }
1088 }
1091 void
1093 {
1099 }
1100 }
1103 void
1105 {
1107 }
1110 // #pragma mark - ProcessSession
1114 :
1118 {
1122 }
1126 {
1128 }
1131 // #pragma mark - KDL functions
1134 static void
1136 {
1164 }
1167 static int
1169 {
1170 ulong arg;
1177 else
1180 }
1184 // semi-hack
1187 }
1189 // walk through the thread list, trying to match name or id
1197 }
1198 }
1203 }
1206 static int
1208 {
1215 }
1218 }
1221 // #pragma mark - Private functions
1224 /*! Inserts team \a team into the child list of team \a parent.
1226 The caller must hold the lock of both \a parent and \a team.
1228 \param parent The parent team.
1229 \param team The team to be inserted into \a parent's child list.
1230 */
1231 static void
1233 {
1239 }
1242 /*! Removes team \a team from the child list of team \a parent.
1244 The caller must hold the lock of both \a parent and \a team.
1246 \param parent The parent team.
1247 \param team The team to be removed from \a parent's child list.
1248 */
1249 static void
1251 {
1260 else
1265 }
1267 }
1268 }
1271 /*! Returns whether the given team is a session leader.
1272 The caller must hold the team's lock or its process group's lock.
1273 */
1274 static bool
1276 {
1278 }
1281 /*! Returns whether the given team is a process group leader.
1282 The caller must hold the team's lock or its process group's lock.
1283 */
1284 static bool
1286 {
1288 }
1291 /*! Inserts the given team into the given process group.
1292 The caller must hold the process group's lock, the team's lock, and the
1293 team's parent's lock.
1294 */
1295 static void
1297 {
1305 }
1308 /*! Removes the given team from its process group.
1310 The caller must hold the process group's lock, the team's lock, and the
1311 team's parent's lock. Interrupts must be enabled.
1313 \param team The team that'll be removed from its process group.
1314 */
1315 static void
1317 {
1322 // the team must be in a process group to let this function have any effect
1331 else
1336 }
1338 }
1344 }
1347 static status_t
1349 {
1351 uint32 addressSpec;
1359 }
1364 virtual_address_restrictions virtualRestrictions = {};
1368 else
1374 }
1376 physical_address_restrictions physicalRestrictions = {};
1389 }
1392 static void
1394 {
1398 kTeamUserDataReservedSize);
1407 }
1408 }
1409 }
1412 static status_t
1415 {
1427 // allocate kernel memory
1435 }
1437 // check and relocate the array
1443 // check array null termination
1447 }
1449 // check string
1456 }
1459 }
1460 }
1464 else
1468 }
1471 static void
1473 {
1478 }
1479 }
1482 static status_t
1486 {
1495 }
1497 // copy the args over
1507 // determine the flags from the environment
1513 }
1514 }
1518 }
1521 static status_t
1523 {
1524 status_t err;
1529 addr_t entry;
1542 // Main stack area layout is currently as follows (starting from 0):
1543 //
1544 // size | usage
1545 // ---------------------------------+--------------------------------
1546 // USER_MAIN_THREAD_STACK_SIZE | actual stack
1547 // TLS_SIZE | TLS data
1548 // sizeof(user_space_program_args) | argument structure for the runtime
1549 // | loader
1550 // flat arguments size | flat process arguments and environment
1552 // TODO: ENV_SIZE is a) limited, and b) not used after libroot copied it to
1553 // the heap
1554 // TODO: we could reserve the whole USER_STACK_REGION upfront...
1579 // the team deletion process will clean this mess
1582 }
1586 // set team args and update state
1593 // the arguments are already on the user stack, we no longer need
1594 // them in this form
1596 // Clone commpage area
1603 }
1605 // Register commpage image
1607 extended_image_info imageInfo;
1613 }
1624 }
1626 // NOTE: Normally arch_thread_enter_userspace() never returns, that is
1627 // automatic variables with function scope will never be destroyed.
1628 {
1629 // find runtime_loader path
1630 KPath runtimeLoaderPath;
1637 }
1644 }
1645 }
1648 // Luckily, we don't have to clean up the mess we created - that's
1649 // done for us by the normal team deletion process
1653 }
1657 // enter userspace -- returns only in case of error
1660 }
1663 static status_t
1665 {
1669 // does not return
1671 }
1674 static thread_id
1678 {
1680 thread_id thread;
1681 status_t status;
1685 team_id teamID;
1696 // cut the path from the main thread name
1699 threadName++;
1700 else
1703 // create the main thread object
1710 // create team object
1721 }
1723 // get the parent team
1732 // inherit the parent's user/group
1735 // get a reference to the parent's I/O context -- we need it to create ours
1742 // check the executable's set-user/group-id permission
1751 // args are owned by the team_arg structure now
1753 // create a new io_context for this team
1758 }
1760 // We don't need the parent's I/O context any longer.
1764 // remove any fds that have the CLOEXEC flag set (emulating BeOS behaviour)
1767 // create an address space for this team
1776 // create the user data area
1781 // insert the team into its parent and the teams hash
1785 {
1791 sUsedTeams++;
1792 }
1800 // notify team listeners
1806 }
1808 // In case we start the main thread, we shouldn't access the team object
1809 // afterwards, so cache the team's ID.
1812 // Create a kernel thread, but under the context of the new team
1813 // The new thread will take over ownership of teamArgs.
1814 {
1823 }
1824 }
1826 // The team has been created successfully, so we keep the reference. Or
1827 // more precisely: It's owned by the team's main thread, now.
1830 // wait for the loader of the new team to finish its work
1833 // resume the team's main thread
1835 }
1837 // Now suspend ourselves until loading is finished. We will be woken
1838 // either by the thread, when it finished or aborted loading, or when
1839 // the team is going to die (e.g. is killed). In either case the one
1840 // setting `loadingInfo.done' is responsible for removing the info from
1841 // the team structure.
1847 }
1849 // notify the debugger
1854 err6:
1855 // Remove the team structure from the process group, the parent team, and
1856 // the team hash table and delete the team structure.
1866 {
1870 sUsedTeams--;
1871 }
1876 err4:
1878 err2:
1880 err1:
1885 }
1888 /*! Almost shuts down the current team and loads a new image into it.
1889 If successful, this function does not return and will takeover ownership of
1890 the arguments provided.
1891 This function may only be called in a userland team (caused by one of the
1892 exec*() syscalls).
1893 */
1894 static status_t
1897 {
1898 // NOTE: Since this function normally doesn't return, don't use automatic
1899 // variables that need destruction in the function scope.
1912 // switching the kernel at run time is probably not a good idea :)
1916 // we currently need to be single threaded here
1917 // TODO: maybe we should just kill all other threads and
1918 // make the current thread the team's main thread?
1923 // The debug nub thread, a pure kernel thread, is allowed to survive.
1924 // We iterate through the thread list to make sure that there's no other
1925 // thread.
1938 }
1951 // args are owned by the team_arg structure now
1953 // TODO: remove team resources if there are any left
1954 // thread_atkernel_exit() might not be called at all
1970 // update ASLR
1976 // creating the user data failed -- we're toast
1980 }
1984 // rename the team
1990 // cut the path from the team name and rename the main thread, too
1993 threadName++;
1994 else
2000 // Update user/group according to the executable's set-user/group-id
2001 // permission.
2006 // notify team listeners
2009 // get a user thread for the thread
2011 // cannot fail (the allocation for the team would have failed already)
2016 // create the user stack for the thread
2020 // prepare the stack, load the runtime loader, and enter userspace
2022 // does never return
2026 // Sorry, we have to kill ourselves, there is no way out anymore
2027 // (without any areas left and all that).
2030 // We return a status here since the signal that is sent by the
2031 // call above is not immediately handled.
2033 }
2036 static thread_id
2038 {
2044 thread_id threadID;
2045 status_t status;
2046 ssize_t areaCookie;
2054 // create a new team
2055 // TODO: this is very similar to load_image_internal() - maybe we can do
2056 // something about it :)
2058 // create the main thread object
2065 // create the team object
2078 // Inherit the parent's user/group.
2081 // inherit signal handlers
2087 // inherit some team debug flags
2095 }
2097 // create a new io_context for this team
2102 }
2104 // duplicate the realtime sem context
2111 }
2112 }
2114 // create an address space for this team
2120 // copy all areas of the team
2121 // TODO: should be able to handle stack areas differently (ie. don't have
2122 // them copy-on-write)
2127 // don't clone the user area; just create a new one
2140 }
2144 }
2145 }
2151 #if KDEBUG
2154 #endif
2157 }
2169 // copy image list
2173 // insert the team into its parent and the teams hash
2177 {
2183 sUsedTeams++;
2184 }
2192 // notify team listeners
2198 }
2200 // create the main thread
2201 {
2210 }
2211 }
2213 // notify the debugger
2221 err6:
2222 // Remove the team structure from the process group, the parent team, and
2223 // the team hash table and delete the team structure.
2233 {
2237 sUsedTeams--;
2238 }
2241 err5:
2243 err4:
2245 err3:
2247 err2:
2249 err1:
2253 }
2256 /*! Returns if the specified team \a parent has any children belonging to the
2257 process group with the specified ID \a groupID.
2258 The caller must hold \a parent's lock.
2259 */
2260 static bool
2262 {
2268 }
2271 }
2274 /*! Returns the first job control entry from \a children, which matches \a id.
2275 \a id can be:
2276 - \code > 0 \endcode: Matching an entry with that team ID.
2277 - \code == -1 \endcode: Matching any entry.
2278 - \code < -1 \endcode: Matching any entry with a process group ID of \c -id.
2279 \c 0 is an invalid value for \a id.
2281 The caller must hold the lock of the team that \a children belongs to.
2283 \param children The job control entry list to check.
2284 \param id The match criterion.
2285 \return The first matching entry or \c NULL, if none matches.
2286 */
2289 {
2299 pid_t processGroup
2303 }
2304 }
2307 }
2310 /*! Returns the first job control entry from one of team's dead, continued, or
2311 stopped children which matches \a id.
2312 \a id can be:
2313 - \code > 0 \endcode: Matching an entry with that team ID.
2314 - \code == -1 \endcode: Matching any entry.
2315 - \code < -1 \endcode: Matching any entry with a process group ID of \c -id.
2316 \c 0 is an invalid value for \a id.
2318 The caller must hold \a team's lock.
2320 \param team The team whose dead, stopped, and continued child lists shall be
2321 checked.
2322 \param id The match criterion.
2323 \param flags Specifies which children shall be considered. Dead children
2324 are considered when \a flags is ORed bitwise with \c WEXITED, stopped
2325 children are considered when \a flags is ORed bitwise with \c WUNTRACED
2326 or \c WSTOPPED, continued children when \a flags is ORed bitwise with
2327 \c WCONTINUED.
2328 \return The first matching entry or \c NULL, if none matches.
2329 */
2332 {
2345 }
2349 :
2351 {
2352 }
2356 {
2365 }
2370 }
2371 }
2374 /*! Invoked when the owning team is dying, initializing the entry according to
2375 the dead state.
2377 The caller must hold the owning team's lock and the scheduler lock.
2378 */
2379 void
2381 {
2400 }
2401 }
2404 job_control_entry&
2406 {
2420 }
2423 /*! This is the kernel backend for waitid().
2424 */
2425 static thread_id
2428 {
2443 }
2451 // lock the team
2454 // A 0 child argument means to wait for all children in the process
2455 // group of the calling team.
2458 // check whether any condition holds
2461 // If we don't have an entry yet, check whether there are any children
2462 // complying to the process group specification at all.
2464 // No success yet -- check whether there are any children complying
2465 // to the process group specification at all.
2476 }
2477 }
2480 // there is no child we could wait for
2483 // the children we're waiting for are still running
2485 }
2487 // got something
2490 // unless WNOWAIT has been specified, "consume" the wait state
2493 // The child is dead. Reap its death entry.
2498 // The child is well. Reset its job control state.
2501 }
2502 }
2503 }
2505 // If we haven't got anything yet, prepare for waiting for the
2506 // condition variable.
2507 ConditionVariableEntry deadWaitEntry;
2514 // we got our entry and can return to our caller
2517 // ... unless we shall ignore found entries
2521 }
2524 }
2529 }
2535 }
2537 // If SA_NOCLDWAIT is set or SIGCHLD is ignored, we shall wait until
2538 // all our children are dead and fail with ECHILD. We check the
2539 // condition at this point.
2547 }
2552 }
2553 }
2557 // When we got here, we have a valid death entry, and already got
2558 // unregistered from the team or group. Fill in the returned info.
2563 // TODO: Fill in si_errno?
2582 // can't happen
2584 }
2586 // If SIGCHLD is blocked, we shall clear pending SIGCHLDs, if no other child
2587 // status is available.
2595 }
2601 // When the team is dead, the main thread continues to live in the kernel
2602 // team for a very short time. To avoid surprises for the caller we rather
2603 // wait until the thread is really gone.
2610 }
2613 /*! Fills the team_info structure with information from the specified team.
2614 Interrupts must be enabled. The team must not be locked.
2615 */
2616 static status_t
2618 {
2622 // TODO: Set more informations for team_info
2626 // immutable
2628 // protected by sImageMutex
2634 //info->area_count =
2644 }
2647 /*! Returns whether the process group contains stopped processes.
2648 The caller must hold the process group's lock.
2649 */
2650 static bool
2652 {
2655 // the parent team's lock guards the job control entry -- acquire it
2662 }
2667 }
2670 }
2673 /*! Iterates through all process groups queued in team_remove_team() and signals
2674 those that are orphaned and have stopped processes.
2675 The caller must not hold any team or process group locks.
2676 */
2677 static void
2679 {
2680 // process as long as there are groups in the list
2682 // remove the head from the list
2696 // If the group is orphaned and contains stopped processes, we're
2697 // supposed to send SIGHUP + SIGCONT.
2706 }
2707 }
2708 }
2711 static status_t
2713 uint32 flags)
2714 {
2718 // get the team
2729 }
2736 {
2743 }
2748 }
2751 {
2762 }
2766 }
2771 }
2772 }
2778 }
2781 // #pragma mark - Private kernel API
2784 status_t
2786 {
2787 // create the team hash table
2796 // create initial session and process groups
2810 // create the kernel team
2835 // stick it in the team hash
2855 }
2858 int32
2860 {
2862 }
2865 int32
2867 {
2870 }
2873 /*! Returns a death entry of a child team specified by ID (if any).
2874 The caller must hold the team's lock.
2876 \param team The team whose dead children list to check.
2877 \param child The ID of the child for whose death entry to lock. Must be > 0.
2878 \param _deleteEntry Return variable, indicating whether the caller needs to
2879 delete the returned entry.
2880 \return The death entry of the matching team, or \c NULL, if no death entry
2881 for the team was found.
2882 */
2883 job_control_entry*
2885 {
2890 child);
2892 // remove the entry only, if the caller is the parent of the found team
2899 }
2900 }
2903 }
2906 /*! Quick check to see if we have a valid team ID. */
2907 bool
2909 {
2916 }
2919 Team*
2921 {
2923 }
2926 void
2928 {
2929 // lock the team, so its session won't change while we're playing with it
2933 // get and lock the session
2937 // set the session's fields
2940 }
2943 int32
2945 {
2946 // lock the team, so its session won't change while we're playing with it
2950 // get and lock the session
2954 // get the session's field
2956 }
2959 status_t
2961 {
2962 // lock the team, so its session won't change while we're playing with it
2967 // get and lock the session
2971 // check given TTY -- must be the controlling tty of the calling process
2975 // check given process group -- must belong to our session
2976 {
2981 }
2983 // If we are a background group, we can do that unharmed only when we
2984 // ignore or block SIGTTOU. Otherwise the group gets a SIGTTOU.
3001 }
3002 }
3007 }
3010 /*! Removes the specified team from the global team hash, from its process
3011 group, and from its parent.
3012 It also moves all of its children to the kernel team.
3014 The caller must hold the following locks:
3015 - \a team's process group's lock,
3016 - the kernel team's lock,
3017 - \a team's parent team's lock (might be the kernel team), and
3018 - \a team's lock.
3019 */
3020 void
3022 {
3025 // remember how long this team lasted
3031 // remove the team from the hash table
3034 sUsedTeams--;
3037 // The team can no longer be accessed by ID. Navigation to it is still
3038 // possible from its process group and its parent and children, but that
3039 // will be rectified shortly.
3042 // If we're a controlling process (i.e. a session leader with controlling
3043 // terminal), there's a bit of signalling we have to do. We can't do any of
3044 // the signaling here due to the bunch of locks we're holding, but we need
3045 // to determine, whom to signal.
3058 }
3060 // remove us from our process group
3063 // move the team's children to the kernel team
3065 // remove the child from the current team and add it to the kernel team
3071 // move job control entries too
3077 // If the team was a session leader with controlling terminal,
3078 // we need to send SIGHUP + SIGCONT to all newly-orphaned process
3079 // groups with stopped processes. Due to locking complications we can't
3080 // do that here, so we only check whether we were a reason for the
3081 // child's process group not being an orphan and, if so, schedule a
3082 // later check (cf. orphaned_process_group_check()).
3088 }
3089 }
3091 // Note, we don't move the dead children entries. Those will be deleted
3092 // when the team structure is deleted.
3093 }
3095 // remove us from our parent
3097 }
3100 /*! Kills all threads but the main thread of the team and shuts down user
3101 debugging for it.
3102 To be called on exit of the team's main thread. No locks must be held.
3104 \param team The team in question.
3105 \return The port of the debugger for the team, -1 if none. To be passed to
3106 team_delete_team().
3107 */
3108 port_id
3110 {
3115 // Make sure debugging changes won't happen anymore.
3118 // If a debugger change is in progress for the team, we'll have to
3119 // wait until it is done.
3120 ConditionVariableEntry waitForDebuggerEntry;
3130 // The team is being debugged. That will stop with the termination
3131 // of the nub thread. Since we set the team state to death, no one
3132 // can install a debugger anymore. We fetch the debugger's port to
3133 // send it a message at the bitter end.
3135 }
3142 // wait for the debugger change to be finished
3148 }
3150 // Mark the team as shutting down. That will prevent new threads from being
3151 // created and debugger changes from taking place.
3154 // delete all timers
3157 // deactivate CPU time user timers for the team
3165 // kill all threads but the main thread
3166 team_death_entry deathEntry;
3179 }
3182 }
3187 // there are threads to wait for
3188 ConditionVariableEntry entry;
3196 }
3201 }
3204 /*! Called on team exit to notify threads waiting on the team and free most
3205 resources associated with it.
3206 The caller shouldn't hold any locks.
3207 */
3208 void
3210 {
3211 // Not quite in our job description, but work that has been left by
3212 // team_remove_team() and that can be done now that we're not holding any
3213 // locks.
3220 // If someone is waiting for this team to be loaded, but it dies
3221 // unexpectedly before being done, we need to notify the waiting
3222 // thread now.
3227 // there's indeed someone waiting
3234 // wake up the waiting thread
3236 }
3238 // notify team watchers
3240 {
3241 // we're not reachable from anyone anymore at this point, so we
3242 // can safely access the list without any locking
3248 }
3249 }
3255 // free team resources
3264 // notify the debugger, that the team is gone
3266 }
3269 Team*
3271 {
3273 }
3276 team_id
3278 {
3283 }
3286 team_id
3288 {
3290 }
3293 status_t
3295 {
3297 // we're the kernel team, so we don't have to go through all
3298 // the hassle (locking and hash lookup)
3301 }
3312 }
3315 /*! Sets the team's job control state.
3316 The caller must hold the parent team's lock. Interrupts are allowed to be
3317 enabled or disabled.
3318 \a team The team whose job control state shall be set.
3319 \a newState The new state to be set.
3320 \a signal The signal the new state was caused by. Can \c NULL, if none. Then
3321 the caller is responsible for filling in the following fields of the
3322 entry before releasing the parent team's lock, unless the new state is
3323 \c JOB_CONTROL_STATE_NONE:
3324 - \c signal: The number of the signal causing the state change.
3325 - \c signaling_user: The real UID of the user sending the signal.
3326 */
3327 void
3330 {
3334 // don't touch anything, if the state stays the same or the team is already
3335 // dead
3342 // remove from the old list
3345 // entry is in no list ATM
3348 // can't get here
3356 }
3363 }
3365 // add to new list
3369 // entry doesn't get into any list
3381 }
3386 }
3387 }
3390 /*! Inits the given team's exit information, if not yet initialized, to some
3391 generic "killed" status.
3392 The caller must not hold the team's lock. Interrupts must be enabled.
3394 \param team The team whose exit info shall be initialized.
3395 */
3396 void
3398 {
3407 }
3408 }
3411 /*! Adds a hook to the team that is called as soon as this team goes away.
3412 This call might get public in the future.
3413 */
3414 status_t
3416 {
3420 // create the watcher object
3428 // add watcher, if the team isn't already dying
3429 // get the team
3434 }
3441 }
3444 status_t
3446 {
3450 // get team and remove watcher (if present)
3455 // search for watcher
3460 // got it!
3463 }
3464 }
3473 }
3476 /*! Allocates a user_thread structure from the team.
3477 The team lock must be held, unless the function is called for the team's
3478 main thread. Interrupts must be enabled.
3479 */
3482 {
3486 // take an entry from the free list, if any
3492 }
3495 // enough space left?
3498 // try to resize the area
3502 }
3504 // resized user area successfully -- try to allocate the user_thread
3505 // again
3508 }
3510 // allocate the user_thread
3511 user_thread* thread
3516 }
3517 }
3520 /*! Frees the given user_thread structure.
3521 The team's lock must not be held. Interrupts must be enabled.
3522 \param team The team the user thread was allocated from.
3523 \param userThread The user thread to free.
3524 */
3525 void
3527 {
3531 // create a free list entry
3532 free_user_thread* entry
3535 // we have to leak the user thread :-/
3537 }
3539 // add to free list
3545 }
3548 // #pragma mark - Associated data interface
3552 :
3554 {
3555 }
3559 {
3560 }
3563 void
3565 {
3566 }
3570 {
3572 }
3576 {
3578 }
3581 bool
3583 {
3594 }
3597 bool
3599 {
3613 }
3616 void
3618 {
3621 // move all data to a temporary list and unset the owner
3622 DataList list;
3628 }
3632 // call the notification hooks and release our references
3636 }
3637 }
3640 /*! Associates data with the current team.
3641 When the team is deleted, the data object is notified.
3642 The team acquires a reference to the object.
3644 \param data The data object.
3645 \return \c true on success, \c false otherwise. Fails only when the supplied
3646 data object is already associated with another owner.
3647 */
3648 bool
3650 {
3652 }
3655 /*! Dissociates data from the current team.
3656 Balances an earlier call to team_associate_data().
3658 \param data The data object.
3659 \return \c true on success, \c false otherwise. Fails only when the data
3660 object is not associated with the current team.
3661 */
3662 bool
3664 {
3666 }
3669 // #pragma mark - Public kernel API
3672 thread_id
3674 {
3677 }
3680 thread_id
3683 {
3684 // we need to flatten the args and environment
3689 // determine total needed size
3703 // allocate space
3711 // copy arguments and environment
3717 }
3726 }
3734 // load_image_internal() unset our variable if it took over ownership
3737 }
3740 status_t
3742 {
3743 // check whether the team exists
3754 // wait for the main thread (it has the same ID as the team)
3756 }
3759 status_t
3761 {
3775 // Just kill the team's main thread (it has same ID as the team). The
3776 // cleanup code there will take care of the team.
3778 }
3781 status_t
3783 {
3784 // get the team
3790 // fill in the info
3792 }
3795 status_t
3797 {
3805 // TODO: This is broken, since the id can wrap around!
3807 // get next valid team
3810 slot++;
3815 // get a reference to the team and unlock
3819 // fill in the info
3822 }
3825 status_t
3827 {
3832 }
3835 pid_t
3837 {
3839 }
3842 pid_t
3844 {
3850 }
3853 pid_t
3855 {
3859 }
3862 // get process group of the calling process
3866 }
3868 // get the team
3873 }
3875 // get the team's process group ID
3881 }
3884 pid_t
3886 {
3890 }
3893 // get session of the calling process
3897 }
3899 // get the team
3904 }
3906 // get the team's session ID
3912 }
3915 // #pragma mark - User syscalls
3918 status_t
3921 {
3922 // NOTE: Since this function normally doesn't return, don't use automatic
3923 // variables that need destruction in the function scope.
3930 // copy and relocate the flat arguments
3938 // this one only returns in case of error
3939 }
3943 }
3946 thread_id
3948 {
3950 }
3953 pid_t
3956 {
3962 siginfo_t info;
3963 team_usage_info usage_info;
3968 // copy info back to userland
3971 // copy usage_info back to userland
3975 }
3978 }
3981 pid_t
3983 {
3984 // we only allow to return the parent of the current process
3989 pid_t result;
4002 }
4005 }
4008 pid_t
4010 {
4011 // setpgid() can be called either by the parent of the target process or
4012 // by the process itself to do one of two things:
4013 // * Create a new process group with the target process' ID and the target
4014 // process as group leader.
4015 // * Set the target process' process group to an already existing one in the
4016 // same session.
4025 // if the group ID is not specified, use the target process' ID
4029 // We loop when running into the following race condition: We create a new
4030 // process group, because there isn't one with that ID yet, but later when
4031 // trying to publish it, we find that someone else created and published
4032 // a group with that ID in the meantime. In that case we just restart the
4033 // whole action.
4035 // Look up the process group by ID. If it doesn't exist yet and we are
4036 // allowed to create a new one, do that.
4048 }
4051 // get the target team
4057 // lock the new process group and the team's current process group
4059 // lock the team's current process group
4064 // it's the same as the target group, so just bail out
4067 }
4071 // lock the target process group, if locking order allows it
4075 }
4077 // try to lock
4081 // no dice -- unlock the team's current process group and relock in
4082 // the correct order
4088 // check whether things are still the same
4093 // something changed -- unlock everything and retry
4098 }
4100 // we now have references and locks of both new and old process group
4105 // also lock the target team and its parent
4110 // perform the checks
4112 // we set our own group
4114 // we must not change our process group ID if we're a session leader
4118 // Calling team != target team. The target team must be a child of
4119 // the calling team and in the same session. (If that's the case it
4120 // isn't a session leader either.)
4124 }
4126 // The call is also supposed to fail on a child, when the child has
4127 // already executed exec*() [EACCES].
4130 }
4132 // If we created a new process group, publish it now.
4136 // A group with the group ID appeared since we first checked.
4137 // Back to square one.
4139 }
4143 // The existing target process group belongs to a different session.
4144 // That's not allowed.
4146 }
4148 // Everything is ready -- set the group.
4152 // Changing the process group might have changed the situation for a
4153 // parent waiting in wait_for_child(). Hence we notify it.
4157 }
4158 }
4161 pid_t
4163 {
4166 // create a new process group and session
4178 // lock the team's current process group, parent, and the team itself
4185 // the team must not already be a process group leader
4189 // remove the team from the old and add it to the new process group
4194 // Changing the process group might have changed the situation for a
4195 // parent waiting in wait_for_child(). Hence we notify it.
4199 }
4202 status_t
4204 {
4205 status_t returnCode;
4206 status_t status;
4217 }
4220 }
4223 thread_id
4227 {
4233 // copy and relocate the flat arguments
4242 errorToken);
4245 // load_image_internal() unset our variable if it took over ownership
4248 }
4251 void
4253 {
4257 // set this thread's exit status
4260 // set the team exit status
4269 }
4273 // Stop the thread, if the team is being debugged and that has been
4274 // requested.
4278 // Send this thread a SIGKILL. This makes sure the thread will not return to
4279 // userland. The signal handling code forwards the signal to the main
4280 // thread (if that's not already this one), which will take the team down.
4283 }
4286 status_t
4288 {
4290 }
4293 status_t
4295 {
4296 status_t status;
4297 team_info info;
4306 }
4309 }
4312 status_t
4314 {
4315 status_t status;
4316 team_info info;
4317 int32 cookie;
4333 }
4336 team_id
4338 {
4340 }
4343 status_t
4346 {
4350 team_usage_info info;
4352 B_CHECK_PERMISSION);
4357 }
4360 }
4363 status_t
4366 {
4367 // check parameters
4372 }
4374 KMessage info;
4377 // allocate memory for a copy of the needed team data
4379 team_id id;
4380 pid_t group_id;
4381 pid_t session_id;
4382 uid_t real_uid;
4383 gid_t real_gid;
4384 uid_t effective_uid;
4385 gid_t effective_gid;
4387 };
4389 ExtendedTeamData* teamClone
4391 // It would be nicer to use new, but then we'd have to use
4392 // ObjectDeleter and declare the structure outside of the function
4393 // due to template parameter restrictions.
4399 {
4400 // get the team structure
4407 // copy the data
4417 // also fetch a reference to the I/O context
4420 }
4424 // add the basic data to the info message
4434 }
4436 // get the current working directory from the I/O context
4437 dev_t cwdDevice;
4438 ino_t cwdDirectory;
4439 {
4442 }
4447 }
4448 }
4450 // TODO: Support the other flags!
4452 // copy the needed size and, if it fits, the message back to userland
4464 }