1 /* 2 * os-posix-lib.c 3 * 4 * Copyright (c) 2003-2008 Fabrice Bellard 5 * Copyright (c) 2010 Red Hat, Inc. 6 * 7 * QEMU library functions on POSIX which are shared between QEMU and 8 * the QEMU tools. 9 * 10 * Permission is hereby granted, free of charge, to any person obtaining a copy 11 * of this software and associated documentation files (the "Software"), to deal 12 * in the Software without restriction, including without limitation the rights 13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 14 * copies of the Software, and to permit persons to whom the Software is 15 * furnished to do so, subject to the following conditions: 16 * 17 * The above copyright notice and this permission notice shall be included in 18 * all copies or substantial portions of the Software. 19 * 20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 23 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 26 * THE SOFTWARE. 27 */ 28 29 #include "qemu/osdep.h" 30 #include <termios.h> 31 32 #include <glib/gprintf.h> 33 34 #include "system/system.h" 35 #include "trace.h" 36 #include "qapi/error.h" 37 #include "qemu/error-report.h" 38 #include "qemu/madvise.h" 39 #include "qemu/sockets.h" 40 #include "qemu/thread.h" 41 #include <libgen.h> 42 #include "qemu/cutils.h" 43 #include "qemu/units.h" 44 #include "qemu/thread-context.h" 45 #include "qemu/main-loop.h" 46 47 #ifdef CONFIG_LINUX 48 #include <sys/syscall.h> 49 #endif 50 51 #ifdef __FreeBSD__ 52 #include <sys/thr.h> 53 #include <sys/user.h> 54 #include <libutil.h> 55 #endif 56 57 #ifdef __NetBSD__ 58 #include <lwp.h> 59 #endif 60 61 #include "qemu/mmap-alloc.h" 62 63 #define MAX_MEM_PREALLOC_THREAD_COUNT 16 64 65 struct MemsetThread; 66 67 static QLIST_HEAD(, MemsetContext) memset_contexts = 68 QLIST_HEAD_INITIALIZER(memset_contexts); 69 70 typedef struct MemsetContext { 71 bool all_threads_created; 72 bool any_thread_failed; 73 struct MemsetThread *threads; 74 int num_threads; 75 QLIST_ENTRY(MemsetContext) next; 76 } MemsetContext; 77 78 struct MemsetThread { 79 char *addr; 80 size_t numpages; 81 size_t hpagesize; 82 QemuThread pgthread; 83 sigjmp_buf env; 84 MemsetContext *context; 85 }; 86 typedef struct MemsetThread MemsetThread; 87 88 /* used by sigbus_handler() */ 89 static MemsetContext *sigbus_memset_context; 90 struct sigaction sigbus_oldact; 91 static QemuMutex sigbus_mutex; 92 93 static QemuMutex page_mutex; 94 static QemuCond page_cond; 95 96 int qemu_get_thread_id(void) 97 { 98 #if defined(__linux__) 99 return syscall(SYS_gettid); 100 #elif defined(__FreeBSD__) 101 /* thread id is up to INT_MAX */ 102 long tid; 103 thr_self(&tid); 104 return (int)tid; 105 #elif defined(__NetBSD__) 106 return _lwp_self(); 107 #elif defined(__OpenBSD__) 108 return getthrid(); 109 #else 110 return getpid(); 111 #endif 112 } 113 114 int qemu_kill_thread(int tid, int sig) 115 { 116 #if defined(__linux__) 117 return syscall(__NR_tgkill, getpid(), tid, sig); 118 #elif defined(__FreeBSD__) 119 return thr_kill2(getpid(), tid, sig); 120 #elif defined(__NetBSD__) 121 return _lwp_kill(tid, sig); 122 #elif defined(__OpenBSD__) 123 return thrkill(tid, sig, NULL); 124 #else 125 return kill(tid, sig); 126 #endif 127 } 128 129 int qemu_daemon(int nochdir, int noclose) 130 { 131 return daemon(nochdir, noclose); 132 } 133 134 bool qemu_write_pidfile(const char *path, Error **errp) 135 { 136 int fd; 137 char pidstr[32]; 138 139 while (1) { 140 struct stat a, b; 141 struct flock lock = { 142 .l_type = F_WRLCK, 143 .l_whence = SEEK_SET, 144 .l_len = 0, 145 }; 146 147 fd = qemu_create(path, O_WRONLY, S_IRUSR | S_IWUSR, errp); 148 if (fd == -1) { 149 return false; 150 } 151 152 if (fstat(fd, &b) < 0) { 153 error_setg_errno(errp, errno, "Cannot stat file"); 154 goto fail_close; 155 } 156 157 if (fcntl(fd, F_SETLK, &lock)) { 158 error_setg_errno(errp, errno, "Cannot lock pid file"); 159 goto fail_close; 160 } 161 162 /* 163 * Now make sure the path we locked is the same one that now 164 * exists on the filesystem. 165 */ 166 if (stat(path, &a) < 0) { 167 /* 168 * PID file disappeared, someone else must be racing with 169 * us, so try again. 170 */ 171 close(fd); 172 continue; 173 } 174 175 if (a.st_ino == b.st_ino) { 176 break; 177 } 178 179 /* 180 * PID file was recreated, someone else must be racing with 181 * us, so try again. 182 */ 183 close(fd); 184 } 185 186 if (ftruncate(fd, 0) < 0) { 187 error_setg_errno(errp, errno, "Failed to truncate pid file"); 188 goto fail_unlink; 189 } 190 191 snprintf(pidstr, sizeof(pidstr), FMT_pid "\n", getpid()); 192 if (qemu_write_full(fd, pidstr, strlen(pidstr)) != strlen(pidstr)) { 193 error_setg(errp, "Failed to write pid file"); 194 goto fail_unlink; 195 } 196 197 return true; 198 199 fail_unlink: 200 unlink(path); 201 fail_close: 202 close(fd); 203 return false; 204 } 205 206 /* alloc shared memory pages */ 207 void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment, bool shared, 208 bool noreserve) 209 { 210 const uint32_t qemu_map_flags = (shared ? QEMU_MAP_SHARED : 0) | 211 (noreserve ? QEMU_MAP_NORESERVE : 0); 212 size_t align = QEMU_VMALLOC_ALIGN; 213 void *ptr = qemu_ram_mmap(-1, size, align, qemu_map_flags, 0); 214 215 if (ptr == MAP_FAILED) { 216 return NULL; 217 } 218 219 if (alignment) { 220 *alignment = align; 221 } 222 223 trace_qemu_anon_ram_alloc(size, ptr); 224 return ptr; 225 } 226 227 void qemu_anon_ram_free(void *ptr, size_t size) 228 { 229 trace_qemu_anon_ram_free(ptr, size); 230 qemu_ram_munmap(-1, ptr, size); 231 } 232 233 void qemu_socket_set_block(int fd) 234 { 235 g_unix_set_fd_nonblocking(fd, false, NULL); 236 } 237 238 int qemu_socket_try_set_nonblock(int fd) 239 { 240 return g_unix_set_fd_nonblocking(fd, true, NULL) ? 0 : -errno; 241 } 242 243 void qemu_socket_set_nonblock(int fd) 244 { 245 int f; 246 f = qemu_socket_try_set_nonblock(fd); 247 assert(f == 0); 248 } 249 250 int socket_set_fast_reuse(int fd) 251 { 252 int val = 1, ret; 253 254 ret = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, 255 (const char *)&val, sizeof(val)); 256 257 assert(ret == 0); 258 259 return ret; 260 } 261 262 void qemu_set_cloexec(int fd) 263 { 264 int f; 265 f = fcntl(fd, F_GETFD); 266 assert(f != -1); 267 f = fcntl(fd, F_SETFD, f | FD_CLOEXEC); 268 assert(f != -1); 269 } 270 271 int qemu_socketpair(int domain, int type, int protocol, int sv[2]) 272 { 273 int ret; 274 275 #ifdef SOCK_CLOEXEC 276 ret = socketpair(domain, type | SOCK_CLOEXEC, protocol, sv); 277 if (ret != -1 || errno != EINVAL) { 278 return ret; 279 } 280 #endif 281 ret = socketpair(domain, type, protocol, sv); 282 if (ret == 0) { 283 qemu_set_cloexec(sv[0]); 284 qemu_set_cloexec(sv[1]); 285 } 286 287 return ret; 288 } 289 290 char * 291 qemu_get_local_state_dir(void) 292 { 293 return get_relocated_path(CONFIG_QEMU_LOCALSTATEDIR); 294 } 295 296 void qemu_set_tty_echo(int fd, bool echo) 297 { 298 struct termios tty; 299 300 tcgetattr(fd, &tty); 301 302 if (echo) { 303 tty.c_lflag |= ECHO | ECHONL | ICANON | IEXTEN; 304 } else { 305 tty.c_lflag &= ~(ECHO | ECHONL | ICANON | IEXTEN); 306 } 307 308 tcsetattr(fd, TCSANOW, &tty); 309 } 310 311 #ifdef CONFIG_LINUX 312 static void sigbus_handler(int signal, siginfo_t *siginfo, void *ctx) 313 #else /* CONFIG_LINUX */ 314 static void sigbus_handler(int signal) 315 #endif /* CONFIG_LINUX */ 316 { 317 int i; 318 319 if (sigbus_memset_context) { 320 for (i = 0; i < sigbus_memset_context->num_threads; i++) { 321 MemsetThread *thread = &sigbus_memset_context->threads[i]; 322 323 if (qemu_thread_is_self(&thread->pgthread)) { 324 siglongjmp(thread->env, 1); 325 } 326 } 327 } 328 329 #ifdef CONFIG_LINUX 330 /* 331 * We assume that the MCE SIGBUS handler could have been registered. We 332 * should never receive BUS_MCEERR_AO on any of our threads, but only on 333 * the main thread registered for PR_MCE_KILL_EARLY. Further, we should not 334 * receive BUS_MCEERR_AR triggered by action of other threads on one of 335 * our threads. So, no need to check for unrelated SIGBUS when seeing one 336 * for our threads. 337 * 338 * We will forward to the MCE handler, which will either handle the SIGBUS 339 * or reinstall the default SIGBUS handler and reraise the SIGBUS. The 340 * default SIGBUS handler will crash the process, so we don't care. 341 */ 342 if (sigbus_oldact.sa_flags & SA_SIGINFO) { 343 sigbus_oldact.sa_sigaction(signal, siginfo, ctx); 344 return; 345 } 346 #endif /* CONFIG_LINUX */ 347 warn_report("qemu_prealloc_mem: unrelated SIGBUS detected and ignored"); 348 } 349 350 static void *do_touch_pages(void *arg) 351 { 352 MemsetThread *memset_args = (MemsetThread *)arg; 353 sigset_t set, oldset; 354 int ret = 0; 355 356 /* 357 * On Linux, the page faults from the loop below can cause mmap_sem 358 * contention with allocation of the thread stacks. Do not start 359 * clearing until all threads have been created. 360 */ 361 qemu_mutex_lock(&page_mutex); 362 while (!memset_args->context->all_threads_created) { 363 qemu_cond_wait(&page_cond, &page_mutex); 364 } 365 qemu_mutex_unlock(&page_mutex); 366 367 /* unblock SIGBUS */ 368 sigemptyset(&set); 369 sigaddset(&set, SIGBUS); 370 pthread_sigmask(SIG_UNBLOCK, &set, &oldset); 371 372 if (sigsetjmp(memset_args->env, 1)) { 373 ret = -EFAULT; 374 } else { 375 char *addr = memset_args->addr; 376 size_t numpages = memset_args->numpages; 377 size_t hpagesize = memset_args->hpagesize; 378 size_t i; 379 for (i = 0; i < numpages; i++) { 380 /* 381 * Read & write back the same value, so we don't 382 * corrupt existing user/app data that might be 383 * stored. 384 * 385 * 'volatile' to stop compiler optimizing this away 386 * to a no-op 387 */ 388 *(volatile char *)addr = *addr; 389 addr += hpagesize; 390 } 391 } 392 pthread_sigmask(SIG_SETMASK, &oldset, NULL); 393 return (void *)(uintptr_t)ret; 394 } 395 396 static void *do_madv_populate_write_pages(void *arg) 397 { 398 MemsetThread *memset_args = (MemsetThread *)arg; 399 const size_t size = memset_args->numpages * memset_args->hpagesize; 400 char * const addr = memset_args->addr; 401 int ret = 0; 402 403 /* See do_touch_pages(). */ 404 qemu_mutex_lock(&page_mutex); 405 while (!memset_args->context->all_threads_created) { 406 qemu_cond_wait(&page_cond, &page_mutex); 407 } 408 qemu_mutex_unlock(&page_mutex); 409 410 if (size && qemu_madvise(addr, size, QEMU_MADV_POPULATE_WRITE)) { 411 ret = -errno; 412 } 413 return (void *)(uintptr_t)ret; 414 } 415 416 static inline int get_memset_num_threads(size_t hpagesize, size_t numpages, 417 int max_threads) 418 { 419 long host_procs = sysconf(_SC_NPROCESSORS_ONLN); 420 int ret = 1; 421 422 if (host_procs > 0) { 423 ret = MIN(MIN(host_procs, MAX_MEM_PREALLOC_THREAD_COUNT), max_threads); 424 } 425 426 /* Especially with gigantic pages, don't create more threads than pages. */ 427 ret = MIN(ret, numpages); 428 /* Don't start threads to prealloc comparatively little memory. */ 429 ret = MIN(ret, MAX(1, hpagesize * numpages / (64 * MiB))); 430 431 /* In case sysconf() fails, we fall back to single threaded */ 432 return ret; 433 } 434 435 static int wait_and_free_mem_prealloc_context(MemsetContext *context) 436 { 437 int i, ret = 0, tmp; 438 439 for (i = 0; i < context->num_threads; i++) { 440 tmp = (uintptr_t)qemu_thread_join(&context->threads[i].pgthread); 441 442 if (tmp) { 443 ret = tmp; 444 } 445 } 446 g_free(context->threads); 447 g_free(context); 448 return ret; 449 } 450 451 static int touch_all_pages(char *area, size_t hpagesize, size_t numpages, 452 int max_threads, ThreadContext *tc, bool async, 453 bool use_madv_populate_write) 454 { 455 static gsize initialized = 0; 456 MemsetContext *context = g_malloc0(sizeof(MemsetContext)); 457 size_t numpages_per_thread, leftover; 458 void *(*touch_fn)(void *); 459 int ret, i = 0; 460 char *addr = area; 461 462 /* 463 * Asynchronous preallocation is only allowed when using MADV_POPULATE_WRITE 464 * and prealloc context for thread placement. 465 */ 466 if (!use_madv_populate_write || !tc) { 467 async = false; 468 } 469 470 context->num_threads = 471 get_memset_num_threads(hpagesize, numpages, max_threads); 472 473 if (g_once_init_enter(&initialized)) { 474 qemu_mutex_init(&page_mutex); 475 qemu_cond_init(&page_cond); 476 g_once_init_leave(&initialized, 1); 477 } 478 479 if (use_madv_populate_write) { 480 /* 481 * Avoid creating a single thread for MADV_POPULATE_WRITE when 482 * preallocating synchronously. 483 */ 484 if (context->num_threads == 1 && !async) { 485 ret = 0; 486 if (qemu_madvise(area, hpagesize * numpages, 487 QEMU_MADV_POPULATE_WRITE)) { 488 ret = -errno; 489 } 490 g_free(context); 491 return ret; 492 } 493 touch_fn = do_madv_populate_write_pages; 494 } else { 495 touch_fn = do_touch_pages; 496 } 497 498 context->threads = g_new0(MemsetThread, context->num_threads); 499 numpages_per_thread = numpages / context->num_threads; 500 leftover = numpages % context->num_threads; 501 for (i = 0; i < context->num_threads; i++) { 502 context->threads[i].addr = addr; 503 context->threads[i].numpages = numpages_per_thread + (i < leftover); 504 context->threads[i].hpagesize = hpagesize; 505 context->threads[i].context = context; 506 if (tc) { 507 thread_context_create_thread(tc, &context->threads[i].pgthread, 508 "touch_pages", 509 touch_fn, &context->threads[i], 510 QEMU_THREAD_JOINABLE); 511 } else { 512 qemu_thread_create(&context->threads[i].pgthread, "touch_pages", 513 touch_fn, &context->threads[i], 514 QEMU_THREAD_JOINABLE); 515 } 516 addr += context->threads[i].numpages * hpagesize; 517 } 518 519 if (async) { 520 /* 521 * async requests currently require the BQL. Add it to the list and kick 522 * preallocation off during qemu_finish_async_prealloc_mem(). 523 */ 524 assert(bql_locked()); 525 QLIST_INSERT_HEAD(&memset_contexts, context, next); 526 return 0; 527 } 528 529 if (!use_madv_populate_write) { 530 sigbus_memset_context = context; 531 } 532 533 qemu_mutex_lock(&page_mutex); 534 context->all_threads_created = true; 535 qemu_cond_broadcast(&page_cond); 536 qemu_mutex_unlock(&page_mutex); 537 538 ret = wait_and_free_mem_prealloc_context(context); 539 540 if (!use_madv_populate_write) { 541 sigbus_memset_context = NULL; 542 } 543 return ret; 544 } 545 546 bool qemu_finish_async_prealloc_mem(Error **errp) 547 { 548 int ret = 0, tmp; 549 MemsetContext *context, *next_context; 550 551 /* Waiting for preallocation requires the BQL. */ 552 assert(bql_locked()); 553 if (QLIST_EMPTY(&memset_contexts)) { 554 return true; 555 } 556 557 qemu_mutex_lock(&page_mutex); 558 QLIST_FOREACH(context, &memset_contexts, next) { 559 context->all_threads_created = true; 560 } 561 qemu_cond_broadcast(&page_cond); 562 qemu_mutex_unlock(&page_mutex); 563 564 QLIST_FOREACH_SAFE(context, &memset_contexts, next, next_context) { 565 QLIST_REMOVE(context, next); 566 tmp = wait_and_free_mem_prealloc_context(context); 567 if (tmp) { 568 ret = tmp; 569 } 570 } 571 572 if (ret) { 573 error_setg_errno(errp, -ret, 574 "qemu_prealloc_mem: preallocating memory failed"); 575 return false; 576 } 577 return true; 578 } 579 580 static bool madv_populate_write_possible(char *area, size_t pagesize) 581 { 582 return !qemu_madvise(area, pagesize, QEMU_MADV_POPULATE_WRITE) || 583 errno != EINVAL; 584 } 585 586 bool qemu_prealloc_mem(int fd, char *area, size_t sz, int max_threads, 587 ThreadContext *tc, bool async, Error **errp) 588 { 589 static gsize initialized; 590 int ret; 591 size_t hpagesize = qemu_fd_getpagesize(fd); 592 size_t numpages = DIV_ROUND_UP(sz, hpagesize); 593 bool use_madv_populate_write; 594 struct sigaction act; 595 bool rv = true; 596 597 /* 598 * Sense on every invocation, as MADV_POPULATE_WRITE cannot be used for 599 * some special mappings, such as mapping /dev/mem. 600 */ 601 use_madv_populate_write = madv_populate_write_possible(area, hpagesize); 602 603 if (!use_madv_populate_write) { 604 if (g_once_init_enter(&initialized)) { 605 qemu_mutex_init(&sigbus_mutex); 606 g_once_init_leave(&initialized, 1); 607 } 608 609 qemu_mutex_lock(&sigbus_mutex); 610 memset(&act, 0, sizeof(act)); 611 #ifdef CONFIG_LINUX 612 act.sa_sigaction = &sigbus_handler; 613 act.sa_flags = SA_SIGINFO; 614 #else /* CONFIG_LINUX */ 615 act.sa_handler = &sigbus_handler; 616 act.sa_flags = 0; 617 #endif /* CONFIG_LINUX */ 618 619 ret = sigaction(SIGBUS, &act, &sigbus_oldact); 620 if (ret) { 621 qemu_mutex_unlock(&sigbus_mutex); 622 error_setg_errno(errp, errno, 623 "qemu_prealloc_mem: failed to install signal handler"); 624 return false; 625 } 626 } 627 628 /* touch pages simultaneously */ 629 ret = touch_all_pages(area, hpagesize, numpages, max_threads, tc, async, 630 use_madv_populate_write); 631 if (ret) { 632 error_setg_errno(errp, -ret, 633 "qemu_prealloc_mem: preallocating memory failed"); 634 rv = false; 635 } 636 637 if (!use_madv_populate_write) { 638 ret = sigaction(SIGBUS, &sigbus_oldact, NULL); 639 if (ret) { 640 /* Terminate QEMU since it can't recover from error */ 641 perror("qemu_prealloc_mem: failed to reinstall signal handler"); 642 exit(1); 643 } 644 qemu_mutex_unlock(&sigbus_mutex); 645 } 646 return rv; 647 } 648 649 char *qemu_get_pid_name(pid_t pid) 650 { 651 char *name = NULL; 652 653 #if defined(__FreeBSD__) 654 /* BSDs don't have /proc, but they provide a nice substitute */ 655 struct kinfo_proc *proc = kinfo_getproc(pid); 656 657 if (proc) { 658 name = g_strdup(proc->ki_comm); 659 free(proc); 660 } 661 #else 662 /* Assume a system with reasonable procfs */ 663 char *pid_path; 664 size_t len; 665 666 pid_path = g_strdup_printf("/proc/%d/cmdline", pid); 667 g_file_get_contents(pid_path, &name, &len, NULL); 668 g_free(pid_path); 669 #endif 670 671 return name; 672 } 673 674 675 void *qemu_alloc_stack(size_t *sz) 676 { 677 void *ptr; 678 int flags; 679 #ifdef CONFIG_DEBUG_STACK_USAGE 680 void *ptr2; 681 #endif 682 size_t pagesz = qemu_real_host_page_size(); 683 #ifdef _SC_THREAD_STACK_MIN 684 /* avoid stacks smaller than _SC_THREAD_STACK_MIN */ 685 long min_stack_sz = sysconf(_SC_THREAD_STACK_MIN); 686 *sz = MAX(MAX(min_stack_sz, 0), *sz); 687 #endif 688 /* adjust stack size to a multiple of the page size */ 689 *sz = ROUND_UP(*sz, pagesz); 690 /* allocate one extra page for the guard page */ 691 *sz += pagesz; 692 693 flags = MAP_PRIVATE | MAP_ANONYMOUS; 694 #if defined(MAP_STACK) && defined(__OpenBSD__) 695 /* Only enable MAP_STACK on OpenBSD. Other OS's such as 696 * Linux/FreeBSD/NetBSD have a flag with the same name 697 * but have differing functionality. OpenBSD will SEGV 698 * if it spots execution with a stack pointer pointing 699 * at memory that was not allocated with MAP_STACK. 700 */ 701 flags |= MAP_STACK; 702 #endif 703 704 ptr = mmap(NULL, *sz, PROT_READ | PROT_WRITE, flags, -1, 0); 705 if (ptr == MAP_FAILED) { 706 perror("failed to allocate memory for stack"); 707 abort(); 708 } 709 710 /* Stack grows down -- guard page at the bottom. */ 711 if (mprotect(ptr, pagesz, PROT_NONE) != 0) { 712 perror("failed to set up stack guard page"); 713 abort(); 714 } 715 716 #ifdef CONFIG_DEBUG_STACK_USAGE 717 for (ptr2 = ptr + pagesz; ptr2 < ptr + *sz; ptr2 += sizeof(uint32_t)) { 718 *(uint32_t *)ptr2 = 0xdeadbeaf; 719 } 720 #endif 721 722 return ptr; 723 } 724 725 #ifdef CONFIG_DEBUG_STACK_USAGE 726 static __thread unsigned int max_stack_usage; 727 #endif 728 729 void qemu_free_stack(void *stack, size_t sz) 730 { 731 #ifdef CONFIG_DEBUG_STACK_USAGE 732 unsigned int usage; 733 void *ptr; 734 735 for (ptr = stack + qemu_real_host_page_size(); ptr < stack + sz; 736 ptr += sizeof(uint32_t)) { 737 if (*(uint32_t *)ptr != 0xdeadbeaf) { 738 break; 739 } 740 } 741 usage = sz - (uintptr_t) (ptr - stack); 742 if (usage > max_stack_usage) { 743 error_report("thread %d max stack usage increased from %u to %u", 744 qemu_get_thread_id(), max_stack_usage, usage); 745 max_stack_usage = usage; 746 } 747 #endif 748 749 munmap(stack, sz); 750 } 751 752 /* 753 * Disable CFI checks. 754 * We are going to call a signal handler directly. Such handler may or may not 755 * have been defined in our binary, so there's no guarantee that the pointer 756 * used to set the handler is a cfi-valid pointer. Since the handlers are 757 * stored in kernel memory, changing the handler to an attacker-defined 758 * function requires being able to call a sigaction() syscall, 759 * which is not as easy as overwriting a pointer in memory. 760 */ 761 QEMU_DISABLE_CFI 762 void sigaction_invoke(struct sigaction *action, 763 struct qemu_signalfd_siginfo *info) 764 { 765 siginfo_t si = {}; 766 si.si_signo = info->ssi_signo; 767 si.si_errno = info->ssi_errno; 768 si.si_code = info->ssi_code; 769 770 /* Convert the minimal set of fields defined by POSIX. 771 * Positive si_code values are reserved for kernel-generated 772 * signals, where the valid siginfo fields are determined by 773 * the signal number. But according to POSIX, it is unspecified 774 * whether SI_USER and SI_QUEUE have values less than or equal to 775 * zero. 776 */ 777 if (info->ssi_code == SI_USER || info->ssi_code == SI_QUEUE || 778 info->ssi_code <= 0) { 779 /* SIGTERM, etc. */ 780 si.si_pid = info->ssi_pid; 781 si.si_uid = info->ssi_uid; 782 } else if (info->ssi_signo == SIGILL || info->ssi_signo == SIGFPE || 783 info->ssi_signo == SIGSEGV || info->ssi_signo == SIGBUS) { 784 si.si_addr = (void *)(uintptr_t)info->ssi_addr; 785 } else if (info->ssi_signo == SIGCHLD) { 786 si.si_pid = info->ssi_pid; 787 si.si_status = info->ssi_status; 788 si.si_uid = info->ssi_uid; 789 } 790 action->sa_sigaction(info->ssi_signo, &si, NULL); 791 } 792 793 size_t qemu_get_host_physmem(void) 794 { 795 #ifdef _SC_PHYS_PAGES 796 long pages = sysconf(_SC_PHYS_PAGES); 797 if (pages > 0) { 798 if (pages > SIZE_MAX / qemu_real_host_page_size()) { 799 return SIZE_MAX; 800 } else { 801 return pages * qemu_real_host_page_size(); 802 } 803 } 804 #endif 805 return 0; 806 } 807 808 int qemu_msync(void *addr, size_t length, int fd) 809 { 810 size_t align_mask = ~(qemu_real_host_page_size() - 1); 811 812 /** 813 * There are no strict reqs as per the length of mapping 814 * to be synced. Still the length needs to follow the address 815 * alignment changes. Additionally - round the size to the multiple 816 * of PAGE_SIZE 817 */ 818 length += ((uintptr_t)addr & (qemu_real_host_page_size() - 1)); 819 length = (length + ~align_mask) & align_mask; 820 821 addr = (void *)((uintptr_t)addr & align_mask); 822 823 return msync(addr, length, MS_SYNC); 824 } 825 826 static bool qemu_close_all_open_fd_proc(const int *skip, unsigned int nskip) 827 { 828 struct dirent *de; 829 int fd, dfd; 830 DIR *dir; 831 unsigned int skip_start = 0, skip_end = nskip; 832 833 dir = opendir("/proc/self/fd"); 834 if (!dir) { 835 /* If /proc is not mounted, there is nothing that can be done. */ 836 return false; 837 } 838 /* Avoid closing the directory. */ 839 dfd = dirfd(dir); 840 841 for (de = readdir(dir); de; de = readdir(dir)) { 842 bool close_fd = true; 843 844 if (de->d_name[0] == '.') { 845 continue; 846 } 847 fd = atoi(de->d_name); 848 if (fd == dfd) { 849 continue; 850 } 851 852 for (unsigned int i = skip_start; i < skip_end; i++) { 853 if (fd < skip[i]) { 854 /* We are below the next skipped fd, break */ 855 break; 856 } else if (fd == skip[i]) { 857 close_fd = false; 858 /* Restrict the range as we found fds matching start/end */ 859 if (i == skip_start) { 860 skip_start++; 861 } else if (i == skip_end) { 862 skip_end--; 863 } 864 break; 865 } 866 } 867 868 if (close_fd) { 869 close(fd); 870 } 871 } 872 closedir(dir); 873 874 return true; 875 } 876 877 static bool qemu_close_all_open_fd_close_range(const int *skip, 878 unsigned int nskip, 879 int open_max) 880 { 881 #ifdef CONFIG_CLOSE_RANGE 882 int max_fd = open_max - 1; 883 int first = 0, last; 884 unsigned int cur_skip = 0; 885 int ret; 886 887 do { 888 /* Find the start boundary of the range to close */ 889 while (cur_skip < nskip && first == skip[cur_skip]) { 890 cur_skip++; 891 first++; 892 } 893 894 /* Find the upper boundary of the range to close */ 895 last = max_fd; 896 if (cur_skip < nskip) { 897 last = skip[cur_skip] - 1; 898 last = MIN(last, max_fd); 899 } 900 901 /* With the adjustments to the range, we might be done. */ 902 if (first > last) { 903 break; 904 } 905 906 ret = close_range(first, last, 0); 907 if (ret < 0) { 908 return false; 909 } 910 911 first = last + 1; 912 } while (last < max_fd); 913 914 return true; 915 #else 916 return false; 917 #endif 918 } 919 920 static void qemu_close_all_open_fd_fallback(const int *skip, unsigned int nskip, 921 int open_max) 922 { 923 unsigned int cur_skip = 0; 924 925 /* Fallback */ 926 for (int i = 0; i < open_max; i++) { 927 if (cur_skip < nskip && i == skip[cur_skip]) { 928 cur_skip++; 929 continue; 930 } 931 close(i); 932 } 933 } 934 935 /* 936 * Close all open file descriptors. 937 */ 938 void qemu_close_all_open_fd(const int *skip, unsigned int nskip) 939 { 940 int open_max = sysconf(_SC_OPEN_MAX); 941 942 assert(skip != NULL || nskip == 0); 943 944 if (!qemu_close_all_open_fd_close_range(skip, nskip, open_max) && 945 !qemu_close_all_open_fd_proc(skip, nskip)) { 946 qemu_close_all_open_fd_fallback(skip, nskip, open_max); 947 } 948 } 949 950 int qemu_shm_alloc(size_t size, Error **errp) 951 { 952 g_autoptr(GString) shm_name = g_string_new(NULL); 953 int fd, oflag, cur_sequence; 954 static int sequence; 955 mode_t mode; 956 957 cur_sequence = qatomic_fetch_inc(&sequence); 958 959 /* 960 * Let's use `mode = 0` because we don't want other processes to open our 961 * memory unless we share the file descriptor with them. 962 */ 963 mode = 0; 964 oflag = O_RDWR | O_CREAT | O_EXCL; 965 966 /* 967 * Some operating systems allow creating anonymous POSIX shared memory 968 * objects (e.g. FreeBSD provides the SHM_ANON constant), but this is not 969 * defined by POSIX, so let's create a unique name. 970 * 971 * From Linux's shm_open(3) man-page: 972 * For portable use, a shared memory object should be identified 973 * by a name of the form /somename;" 974 */ 975 g_string_printf(shm_name, "/qemu-" FMT_pid "-shm-%d", getpid(), 976 cur_sequence); 977 978 fd = shm_open(shm_name->str, oflag, mode); 979 if (fd < 0) { 980 error_setg_errno(errp, errno, 981 "failed to create POSIX shared memory"); 982 return -1; 983 } 984 985 /* 986 * We have the file descriptor, so we no longer need to expose the 987 * POSIX shared memory object. However it will remain allocated as long as 988 * there are file descriptors pointing to it. 989 */ 990 shm_unlink(shm_name->str); 991 992 if (ftruncate(fd, size) == -1) { 993 error_setg_errno(errp, errno, 994 "failed to resize POSIX shared memory to %zu", size); 995 close(fd); 996 return -1; 997 } 998 999 return fd; 1000 } 1001