1// Copyright 2019 The Chromium OS Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5// +build libc_exec 6 7package main 8 9// #include <errno.h> 10// #include <stdio.h> 11// #include <stdlib.h> 12// #include <string.h> 13// #include <unistd.h> 14// #include <sys/types.h> 15// #include <sys/wait.h> 16// 17// int libc_exec(const char *pathname, char *const argv[], char *const envp[]) { 18// // Since fork() brings us to one thread, we can only use async-signal-safe funcs below. 19// pid_t pid = fork(); 20// if (pid == 0) { 21// // crbug.com/1166017: we're (very rarely) getting ERESTARTSYS on some builders. 22// // Documentation indicates that this is a bug in the kernel. Work around it by 23// // retrying. 25 is an arbitrary retry number that Should Be Enough For Anyone(TM). 24// int i = 0; 25// for (; i < 25; i++) { 26// execve(pathname, argv, envp); 27// if (errno != 512) { 28// break; 29// } 30// // Sleep a bit. Not sure if this helps, but if the condition we're seeing is 31// // transient, it *hopefully* should. nanosleep isn't async-signal safe, so 32// // we have to live with sleep() 33// sleep(1); 34// } 35// fprintf(stderr, "exec failed (errno: %d)\n", errno); 36// _exit(1); 37// } 38// if (pid < 0) { 39// return errno; 40// } 41// 42// int wstatus; 43// pid_t waited = waitpid(pid, &wstatus, 0); 44// if (waited == -1) { 45// return errno; 46// } 47// exit(WEXITSTATUS(wstatus)); 48//} 49import "C" 50import ( 51 "os/exec" 52 "unsafe" 53) 54 55// Replacement for syscall.Execve that uses the libc. 56// This allows tools that rely on intercepting syscalls via 57// LD_PRELOAD to work properly (e.g. gentoo sandbox). 58// Note that this changes the go binary to be a dynamically linked one. 59// See crbug.com/1000863 for details. 60// To use this version of exec, please add '-tags libc_exec' when building Go binary. 61// Without the tags, libc_exec.go will not be used. 62 63func execCmd(env env, cmd *command) error { 64 freeList := []unsafe.Pointer{} 65 defer func() { 66 for _, ptr := range freeList { 67 C.free(ptr) 68 } 69 }() 70 71 goStrToC := func(goStr string) *C.char { 72 cstr := C.CString(goStr) 73 freeList = append(freeList, unsafe.Pointer(cstr)) 74 return cstr 75 } 76 77 goSliceToC := func(goSlice []string) **C.char { 78 // len(goSlice)+1 as the c array needs to be null terminated. 79 cArray := C.malloc(C.size_t(len(goSlice)+1) * C.size_t(unsafe.Sizeof(uintptr(0)))) 80 freeList = append(freeList, cArray) 81 82 // Convert the C array to a Go Array so we can index it. 83 // Note: Storing pointers to the c heap in go pointer types is ok 84 // (see https://golang.org/cmd/cgo/). 85 cArrayForIndex := (*[1<<30 - 1]*C.char)(cArray) 86 for i, str := range goSlice { 87 cArrayForIndex[i] = goStrToC(str) 88 } 89 cArrayForIndex[len(goSlice)] = nil 90 91 return (**C.char)(cArray) 92 } 93 94 execCmd := exec.Command(cmd.Path, cmd.Args...) 95 mergedEnv := mergeEnvValues(env.environ(), cmd.EnvUpdates) 96 if errno := C.libc_exec(goStrToC(execCmd.Path), goSliceToC(execCmd.Args), goSliceToC(mergedEnv)); errno != 0 { 97 return newErrorwithSourceLocf("exec error: %d", errno) 98 } 99 100 return nil 101} 102