1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sandbox/linux/services/init_process_reaper.h"
6
7 #include <signal.h>
8 #include <string.h>
9 #include <sys/socket.h>
10 #include <sys/types.h>
11 #include <sys/wait.h>
12 #include <unistd.h>
13
14 #include "base/callback.h"
15 #include "base/logging.h"
16 #include "base/posix/eintr_wrapper.h"
17
18 namespace sandbox {
19
20 namespace {
21
DoNothingSignalHandler(int signal)22 void DoNothingSignalHandler(int signal) {}
23
24 } // namespace
25
CreateInitProcessReaper(base::Closure * post_fork_parent_callback)26 bool CreateInitProcessReaper(base::Closure* post_fork_parent_callback) {
27 int sync_fds[2];
28 // We want to use send, so we can't use a pipe
29 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sync_fds)) {
30 PLOG(ERROR) << "Failed to create socketpair";
31 return false;
32 }
33 pid_t child_pid = fork();
34 if (child_pid == -1) {
35 int close_ret;
36 close_ret = IGNORE_EINTR(close(sync_fds[0]));
37 DPCHECK(!close_ret);
38 close_ret = IGNORE_EINTR(close(sync_fds[1]));
39 DPCHECK(!close_ret);
40 return false;
41 }
42 if (child_pid) {
43 // In the parent, assuming the role of an init process.
44 // The disposition for SIGCHLD cannot be SIG_IGN or wait() will only return
45 // once all of our childs are dead. Since we're init we need to reap childs
46 // as they come.
47 struct sigaction action;
48 memset(&action, 0, sizeof(action));
49 action.sa_handler = &DoNothingSignalHandler;
50 CHECK(sigaction(SIGCHLD, &action, NULL) == 0);
51
52 int close_ret;
53 close_ret = IGNORE_EINTR(close(sync_fds[0]));
54 DPCHECK(!close_ret);
55 close_ret = shutdown(sync_fds[1], SHUT_RD);
56 DPCHECK(!close_ret);
57 if (post_fork_parent_callback)
58 post_fork_parent_callback->Run();
59 // Tell the child to continue
60 CHECK(HANDLE_EINTR(send(sync_fds[1], "C", 1, MSG_NOSIGNAL)) == 1);
61 close_ret = IGNORE_EINTR(close(sync_fds[1]));
62 DPCHECK(!close_ret);
63
64 for (;;) {
65 // Loop until we have reaped our one natural child
66 siginfo_t reaped_child_info;
67 int wait_ret =
68 HANDLE_EINTR(waitid(P_ALL, 0, &reaped_child_info, WEXITED));
69 if (wait_ret)
70 _exit(1);
71 if (reaped_child_info.si_pid == child_pid) {
72 int exit_code = 0;
73 // We're done waiting
74 if (reaped_child_info.si_code == CLD_EXITED) {
75 exit_code = reaped_child_info.si_status;
76 }
77 // Exit with the same exit code as our child. Exit with 0 if we got
78 // signaled.
79 _exit(exit_code);
80 }
81 }
82 } else {
83 // The child needs to wait for the parent to run the callback to avoid a
84 // race condition.
85 int close_ret;
86 close_ret = IGNORE_EINTR(close(sync_fds[1]));
87 DPCHECK(!close_ret);
88 close_ret = shutdown(sync_fds[0], SHUT_WR);
89 DPCHECK(!close_ret);
90 char should_continue;
91 int read_ret = HANDLE_EINTR(read(sync_fds[0], &should_continue, 1));
92 close_ret = IGNORE_EINTR(close(sync_fds[0]));
93 DPCHECK(!close_ret);
94 if (read_ret == 1)
95 return true;
96 else
97 return false;
98 }
99 }
100
101 } // namespace sandbox.
102