1 /* Copyright (C) 1991,92,93,94,95,96,97,98,99,2000,01
2 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
24 #include <cthreads.h> /* For `struct mutex'. */
26 #include <mach/thread_switch.h>
30 #include <hurd/signal.h>
32 #include "hurdfault.h"
33 #include "hurdmalloc.h" /* XXX */
35 const char *_hurdsig_getenv (const char *);
37 struct mutex _hurd_siglock;
40 /* Port that receives signals and other miscellaneous messages. */
41 mach_port_t _hurd_msgport;
43 /* Thread listening on it. */
44 thread_t _hurd_msgport_thread;
46 /* Thread which receives task-global signals. */
47 thread_t _hurd_sigthread;
49 /* These are set up by _hurdsig_init. */
50 unsigned long int __hurd_sigthread_stack_base;
51 unsigned long int __hurd_sigthread_stack_end;
52 unsigned long int *__hurd_sigthread_variables;
54 /* Linked-list of per-thread signal state. */
55 struct hurd_sigstate *_hurd_sigstates;
57 /* Timeout for RPC's after interrupt_operation. */
58 mach_msg_timeout_t _hurd_interrupted_rpc_timeout = 3000;
61 default_sigaction (struct sigaction actions[NSIG])
65 __sigemptyset (&actions[0].sa_mask);
66 actions[0].sa_flags = SA_RESTART;
67 actions[0].sa_handler = SIG_DFL;
69 for (signo = 1; signo < NSIG; ++signo)
70 actions[signo] = actions[0];
73 struct hurd_sigstate *
74 _hurd_thread_sigstate (thread_t thread)
76 struct hurd_sigstate *ss;
77 __mutex_lock (&_hurd_siglock);
78 for (ss = _hurd_sigstates; ss != NULL; ss = ss->next)
79 if (ss->thread == thread)
83 ss = malloc (sizeof (*ss));
85 __libc_fatal ("hurd: Can't allocate thread sigstate\n");
87 __spin_lock_init (&ss->lock);
89 /* Initialize default state. */
90 __sigemptyset (&ss->blocked);
91 __sigemptyset (&ss->pending);
92 memset (&ss->sigaltstack, 0, sizeof (ss->sigaltstack));
93 ss->preemptors = NULL;
94 ss->suspended = MACH_PORT_NULL;
95 ss->intr_port = MACH_PORT_NULL;
98 /* Initialize the sigaction vector from the default signal receiving
99 thread's state, and its from the system defaults. */
100 if (thread == _hurd_sigthread)
101 default_sigaction (ss->actions);
104 struct hurd_sigstate *s;
105 for (s = _hurd_sigstates; s != NULL; s = s->next)
106 if (s->thread == _hurd_sigthread)
110 __spin_lock (&s->lock);
111 memcpy (ss->actions, s->actions, sizeof (s->actions));
112 __spin_unlock (&s->lock);
115 default_sigaction (ss->actions);
118 ss->next = _hurd_sigstates;
119 _hurd_sigstates = ss;
121 __mutex_unlock (&_hurd_siglock);
125 /* Signal delivery itself is on this page. */
128 #include <hurd/crash.h>
129 #include <hurd/resource.h>
130 #include <hurd/paths.h>
133 #include <sys/wait.h>
134 #include "thread_state.h"
135 #include <hurd/msg_server.h>
136 #include <hurd/msg_reply.h> /* For __msg_sig_post_reply. */
137 #include <hurd/interrupt.h>
142 /* Call the crash dump server to mummify us before we die.
143 Returns nonzero if a core file was written. */
145 write_corefile (int signo, const struct hurd_signal_detail *detail)
148 mach_port_t coreserver;
149 file_t file, coredir;
152 /* Don't bother locking since we just read the one word. */
153 rlim_t corelimit = _hurd_rlimits[RLIMIT_CORE].rlim_cur;
156 /* No core dumping, thank you very much. Note that this makes
157 `ulimit -c 0' prevent crash-suspension too, which is probably
158 what the user wanted. */
162 When we have a protocol to make the server return an error
163 for RLIMIT_FSIZE, then tell the corefile fs server the RLIMIT_CORE
164 value in place of the RLIMIT_FSIZE value. */
166 /* First get a port to the core dumping server. */
167 coreserver = MACH_PORT_NULL;
168 name = _hurdsig_getenv ("CRASHSERVER");
170 coreserver = __file_name_lookup (name, 0, 0);
171 if (coreserver == MACH_PORT_NULL)
172 coreserver = __file_name_lookup (_SERVERS_CRASH, 0, 0);
173 if (coreserver == MACH_PORT_NULL)
176 /* Get a port to the directory where the new core file will reside. */
177 file = MACH_PORT_NULL;
178 name = _hurdsig_getenv ("COREFILE");
181 coredir = __file_name_split (name, (char **) &name);
182 if (coredir != MACH_PORT_NULL)
183 /* Create the new file, but don't link it into the directory yet. */
184 __dir_mkfile (coredir, O_WRONLY|O_CREAT,
185 0600 & ~_hurd_umask, /* XXX ? */
188 /* Call the core dumping server to write the core file. */
189 err = __crash_dump_task (coreserver,
192 signo, detail->code, detail->error,
193 detail->exc, detail->exc_code, detail->exc_subcode,
194 _hurd_ports[INIT_PORT_CTTYID].port,
195 MACH_MSG_TYPE_COPY_SEND);
196 __mach_port_deallocate (__mach_task_self (), coreserver);
198 if (! err && file != MACH_PORT_NULL)
199 /* The core dump into FILE succeeded, so now link it into the
201 err = __dir_link (file, coredir, name, 1);
202 __mach_port_deallocate (__mach_task_self (), file);
203 __mach_port_deallocate (__mach_task_self (), coredir);
204 return !err && file != MACH_PORT_NULL;
208 /* The lowest-numbered thread state flavor value is 1,
209 so we use bit 0 in machine_thread_all_state.set to
210 record whether we have done thread_abort. */
211 #define THREAD_ABORTED 1
213 /* SS->thread is suspended. Abort the thread and get its basic state. */
215 abort_thread (struct hurd_sigstate *ss, struct machine_thread_all_state *state,
216 void (*reply) (void))
218 if (!(state->set & THREAD_ABORTED))
220 error_t err = __thread_abort (ss->thread);
222 /* Clear all thread state flavor set bits, because thread_abort may
223 have changed the state. */
224 state->set = THREAD_ABORTED;
230 machine_get_basic_state (ss->thread, state);
233 /* Find the location of the MiG reply port cell in use by the thread whose
234 state is described by THREAD_STATE. If SIGTHREAD is nonzero, make sure
235 that this location can be set without faulting, or else return NULL. */
238 interrupted_reply_port_location (struct machine_thread_all_state *thread_state,
241 mach_port_t *portloc = (mach_port_t *) __hurd_threadvar_location_from_sp
242 (_HURD_THREADVAR_MIG_REPLY, (void *) thread_state->basic.SP);
244 if (sigthread && _hurdsig_catch_memory_fault (portloc))
245 /* Faulted trying to read the stack. */
248 /* Fault now if this pointer is bogus. */
249 *(volatile mach_port_t *) portloc = *portloc;
252 _hurdsig_end_catch_fault ();
257 #include <hurd/sigpreempt.h>
258 #include "intr-msg.h"
260 /* Timeout on interrupt_operation calls. */
261 mach_msg_timeout_t _hurdsig_interrupt_timeout = 1000;
263 /* SS->thread is suspended.
265 Abort any interruptible RPC operation the thread is doing.
267 This uses only the constant member SS->thread and the unlocked, atomically
268 set member SS->intr_port, so no locking is needed.
270 If successfully sent an interrupt_operation and therefore the thread should
271 wait for its pending RPC to return (possibly EINTR) before taking the
272 incoming signal, returns the reply port to be received on. Otherwise
273 returns MACH_PORT_NULL.
275 SIGNO is used to find the applicable SA_RESTART bit. If SIGNO is zero,
276 the RPC fails with EINTR instead of restarting (thread_cancel).
278 *STATE_CHANGE is set nonzero if STATE->basic was modified and should
279 be applied back to the thread if it might ever run again, else zero. */
282 _hurdsig_abort_rpcs (struct hurd_sigstate *ss, int signo, int sigthread,
283 struct machine_thread_all_state *state, int *state_change,
284 void (*reply) (void))
286 extern const void _hurd_intr_rpc_msg_in_trap;
287 mach_port_t rcv_port = MACH_PORT_NULL;
288 mach_port_t intr_port;
292 intr_port = ss->intr_port;
293 if (intr_port == MACH_PORT_NULL)
294 /* No interruption needs done. */
295 return MACH_PORT_NULL;
297 /* Abort the thread's kernel context, so any pending message send or
298 receive completes immediately or aborts. */
299 abort_thread (ss, state, reply);
301 if (state->basic.PC < (natural_t) &_hurd_intr_rpc_msg_in_trap)
303 /* The thread is about to do the RPC, but hasn't yet entered
304 mach_msg. Mutate the thread's state so it knows not to try
306 INTR_MSG_BACK_OUT (&state->basic);
307 MACHINE_THREAD_STATE_SET_PC (&state->basic,
308 &_hurd_intr_rpc_msg_in_trap);
309 state->basic.SYSRETURN = MACH_SEND_INTERRUPTED;
312 else if (state->basic.PC == (natural_t) &_hurd_intr_rpc_msg_in_trap &&
313 /* The thread was blocked in the system call. After thread_abort,
314 the return value register indicates what state the RPC was in
316 state->basic.SYSRETURN == MACH_RCV_INTERRUPTED)
318 /* The RPC request message was sent and the thread was waiting for
319 the reply message; now the message receive has been aborted, so
320 the mach_msg call will return MACH_RCV_INTERRUPTED. We must tell
321 the server to interrupt the pending operation. The thread must
322 wait for the reply message before running the signal handler (to
323 guarantee that the operation has finished being interrupted), so
324 our nonzero return tells the trampoline code to finish the message
325 receive operation before running the handler. */
327 mach_port_t *reply = interrupted_reply_port_location (state,
329 error_t err = __interrupt_operation (intr_port, _hurdsig_interrupt_timeout);
335 /* The interrupt didn't work.
336 Destroy the receive right the thread is blocked on. */
337 __mach_port_destroy (__mach_task_self (), *reply);
338 *reply = MACH_PORT_NULL;
341 /* The system call return value register now contains
342 MACH_RCV_INTERRUPTED; when mach_msg resumes, it will retry the
343 call. Since we have just destroyed the receive right, the
344 retry will fail with MACH_RCV_INVALID_NAME. Instead, just
345 change the return value here to EINTR so mach_msg will not
346 retry and the EINTR error code will propagate up. */
347 state->basic.SYSRETURN = EINTR;
353 /* All threads whose RPCs were interrupted by the interrupt_operation
354 call above will retry their RPCs unless we clear SS->intr_port.
355 So we clear it for the thread taking a signal when SA_RESTART is
356 clear, so that its call returns EINTR. */
357 if (! signo || !(ss->actions[signo].sa_flags & SA_RESTART))
358 ss->intr_port = MACH_PORT_NULL;
365 /* Abort the RPCs being run by all threads but this one;
366 all other threads should be suspended. If LIVE is nonzero, those
367 threads may run again, so they should be adjusted as necessary to be
368 happy when resumed. STATE is clobbered as a scratch area; its initial
369 contents are ignored, and its contents on return are not useful. */
372 abort_all_rpcs (int signo, struct machine_thread_all_state *state, int live)
374 /* We can just loop over the sigstates. Any thread doing something
375 interruptible must have one. We needn't bother locking because all
376 other threads are stopped. */
378 struct hurd_sigstate *ss;
380 mach_port_t *reply_ports;
382 /* First loop over the sigstates to count them.
383 We need to know how big a vector we will need for REPLY_PORTS. */
385 for (ss = _hurd_sigstates; ss != NULL; ss = ss->next)
388 reply_ports = alloca (nthreads * sizeof *reply_ports);
391 for (ss = _hurd_sigstates; ss != NULL; ss = ss->next, ++nthreads)
392 if (ss->thread == _hurd_msgport_thread)
393 reply_ports[nthreads] = MACH_PORT_NULL;
397 state->set = 0; /* Reset scratch area. */
399 /* Abort any operation in progress with interrupt_operation.
400 Record the reply port the thread is waiting on.
401 We will wait for all the replies below. */
402 reply_ports[nthreads] = _hurdsig_abort_rpcs (ss, signo, 1,
403 state, &state_changed,
407 if (reply_ports[nthreads] != MACH_PORT_NULL)
409 /* We will wait for the reply to this RPC below, so the
410 thread must issue a new RPC rather than waiting for the
411 reply to the one it sent. */
412 state->basic.SYSRETURN = EINTR;
416 /* Aborting the RPC needed to change this thread's state,
417 and it might ever run again. So write back its state. */
418 __thread_set_state (ss->thread, MACHINE_THREAD_STATE_FLAVOR,
419 (natural_t *) &state->basic,
420 MACHINE_THREAD_STATE_COUNT);
424 /* Wait for replies from all the successfully interrupted RPCs. */
425 while (nthreads-- > 0)
426 if (reply_ports[nthreads] != MACH_PORT_NULL)
429 mach_msg_header_t head;
430 err = __mach_msg (&head, MACH_RCV_MSG|MACH_RCV_TIMEOUT, 0, sizeof head,
431 reply_ports[nthreads],
432 _hurd_interrupted_rpc_timeout, MACH_PORT_NULL);
435 case MACH_RCV_TIMED_OUT:
436 case MACH_RCV_TOO_LARGE:
445 struct hurd_signal_preemptor *_hurdsig_preemptors = 0;
446 sigset_t _hurdsig_preempted_set;
448 /* XXX temporary to deal with spelling fix */
449 weak_alias (_hurdsig_preemptors, _hurdsig_preempters)
451 /* Mask of stop signals. */
452 #define STOPSIGS (sigmask (SIGTTIN) | sigmask (SIGTTOU) | \
453 sigmask (SIGSTOP) | sigmask (SIGTSTP))
455 /* Deliver a signal. SS is not locked. */
457 _hurd_internal_post_signal (struct hurd_sigstate *ss,
458 int signo, struct hurd_signal_detail *detail,
459 mach_port_t reply_port,
460 mach_msg_type_name_t reply_port_type,
464 struct machine_thread_all_state thread_state;
465 enum { stop, ignore, core, term, handle } act;
466 sighandler_t handler;
470 /* Reply to this sig_post message. */
471 __typeof (__msg_sig_post_reply) *reply_rpc
472 = (untraced ? __msg_sig_post_untraced_reply : __msg_sig_post_reply);
476 if (reply_port == MACH_PORT_NULL)
478 err = (*reply_rpc) (reply_port, reply_port_type, 0);
479 reply_port = MACH_PORT_NULL;
480 if (err != MACH_SEND_INVALID_DEST) /* Ignore dead reply port. */
484 /* Mark the signal as pending. */
485 void mark_pending (void)
487 __sigaddset (&ss->pending, signo);
488 /* Save the details to be given to the handler when SIGNO is
490 ss->pending_data[signo] = *detail;
493 /* Suspend the process with SIGNO. */
496 /* Stop all other threads and mark ourselves stopped. */
499 /* Hold the siglock while stopping other threads to be
500 sure it is not held by another thread afterwards. */
501 __mutex_lock (&_hurd_siglock);
502 __proc_dostop (port, _hurd_msgport_thread);
503 __mutex_unlock (&_hurd_siglock);
504 abort_all_rpcs (signo, &thread_state, 1);
506 __proc_mark_stop (port, signo, detail->code);
510 /* Resume the process after a suspension. */
513 /* Resume the process from being stopped. */
515 mach_msg_type_number_t nthreads, i;
521 /* Tell the proc server we are continuing. */
522 __USEPORT (PROC, __proc_mark_cont (port));
523 /* Fetch ports to all our threads and resume them. */
524 err = __task_threads (__mach_task_self (), &threads, &nthreads);
526 for (i = 0; i < nthreads; ++i)
528 if (threads[i] != _hurd_msgport_thread &&
529 (act != handle || threads[i] != ss->thread))
531 err = __thread_resume (threads[i]);
534 err = __mach_port_deallocate (__mach_task_self (),
538 __vm_deallocate (__mach_task_self (),
539 (vm_address_t) threads,
540 nthreads * sizeof *threads);
543 /* The thread that will run the handler is already suspended. */
550 /* This is PTRACE_CONTINUE. */
553 /* This call is just to check for pending signals. */
554 __spin_lock (&ss->lock);
555 goto check_pending_signals;
560 thread_state.set = 0; /* We know nothing. */
562 __spin_lock (&ss->lock);
564 /* Check for a preempted signal. Preempted signals can arrive during
565 critical sections. */
567 inline sighandler_t try_preemptor (struct hurd_signal_preemptor *pe)
568 { /* PE cannot be null. */
571 if (HURD_PREEMPT_SIGNAL_P (pe, signo, detail->code))
575 sighandler_t handler = (*pe->preemptor) (pe, ss,
577 if (handler != SIG_ERR)
588 handler = ss->preemptors ? try_preemptor (ss->preemptors) : SIG_ERR;
590 /* If no thread-specific preemptor, check for a global one. */
591 if (handler == SIG_ERR && (__sigmask (signo) & _hurdsig_preempted_set))
593 __mutex_lock (&_hurd_siglock);
594 handler = try_preemptor (_hurdsig_preemptors);
595 __mutex_unlock (&_hurd_siglock);
601 if (handler == SIG_IGN)
602 /* Ignore the signal altogether. */
604 else if (handler != SIG_ERR)
605 /* Run the preemption-provided handler. */
609 /* No preemption. Do normal handling. */
611 if (!untraced && __sigismember (&_hurdsig_traced, signo))
613 /* We are being traced. Stop to tell the debugger of the signal. */
615 /* Already stopped. Mark the signal as pending;
616 when resumed, we will notice it and stop again. */
620 __spin_unlock (&ss->lock);
625 handler = ss->actions[signo].sa_handler;
627 if (handler == SIG_DFL)
628 /* Figure out the default action for this signal. */
632 /* A sig_post msg with SIGNO==0 is sent to
633 tell us to check for pending signals. */
665 if (_hurd_pgrp == _hurd_pid)
667 /* We are the process group leader. Since there is no
668 user-specified handler for SIGINFO, we use a default one
669 which prints something interesting. We use the normal
670 handler mechanism instead of just doing it here to avoid
671 the signal thread faulting or blocking in this
672 potentially hairy operation. */
674 handler = _hurd_siginfo_handler;
684 else if (handler == SIG_IGN)
689 if (__sigmask (signo) & STOPSIGS)
690 /* Stop signals clear a pending SIGCONT even if they
691 are handled or ignored (but not if preempted). */
692 ss->pending &= ~sigmask (SIGCONT);
695 if (signo == SIGCONT)
696 /* Even if handled or ignored (but not preempted), SIGCONT clears
697 stop signals and resumes the process. */
698 ss->pending &= ~STOPSIGS;
700 if (_hurd_stopped && act != stop && (untraced || signo == SIGCONT))
705 if (_hurd_orphaned && act == stop &&
706 (__sigmask (signo) & (__sigmask (SIGTTIN) | __sigmask (SIGTTOU) |
707 __sigmask (SIGTSTP))))
709 /* If we would ordinarily stop for a job control signal, but we are
710 orphaned so noone would ever notice and continue us again, we just
711 quietly die, alone and in the dark. */
712 detail->code = signo;
717 /* Handle receipt of a blocked signal, or any signal while stopped. */
718 if (act != ignore && /* Signals ignored now are forgotten now. */
719 __sigismember (&ss->blocked, signo) ||
720 (signo != SIGKILL && _hurd_stopped))
726 /* Perform the chosen action for the signal. */
732 /* We are already stopped, but receiving an untraced stop
733 signal. Instead of resuming and suspending again, just
734 notify the proc server of the new stop signal. */
735 error_t err = __USEPORT (PROC, __proc_mark_stop
736 (port, signo, detail->code));
740 /* Suspend the process. */
745 /* Nobody cares about this signal. If there was a call to resume
746 above in SIGCONT processing and we've left a thread suspended,
747 now's the time to set it going. */
750 err = __thread_resume (ss->thread);
757 /* We got a fault setting up the stack frame for the handler.
758 Nothing to do but die; BSD gets SIGILL in this case. */
759 detail->code = signo; /* XXX ? */
764 case term: /* Time to die. */
765 case core: /* And leave a rotting corpse. */
766 /* Have the proc server stop all other threads in our task. */
767 err = __USEPORT (PROC, __proc_dostop (port, _hurd_msgport_thread));
769 /* No more user instructions will be executed.
770 The signal can now be considered delivered. */
772 /* Abort all server operations now in progress. */
773 abort_all_rpcs (signo, &thread_state, 0);
776 int status = W_EXITCODE (0, signo);
777 /* Do a core dump if desired. Only set the wait status bit saying we
778 in fact dumped core if the operation was actually successful. */
779 if (act == core && write_corefile (signo, detail))
781 /* Tell proc how we died and then stick the saber in the gut. */
787 /* Call a handler for this signal. */
789 struct sigcontext *scp, ocontext;
790 int wait_for_reply, state_changed;
792 /* Stop the thread and abort its pending RPC operations. */
795 err = __thread_suspend (ss->thread);
799 /* Abort the thread's kernel context, so any pending message send
800 or receive completes immediately or aborts. If an interruptible
801 RPC is in progress, abort_rpcs will do this. But we must always
802 do it before fetching the thread's state, because
803 thread_get_state is never kosher before thread_abort. */
804 abort_thread (ss, &thread_state, NULL);
808 /* We have a previous sigcontext that sigreturn was about
809 to restore when another signal arrived. */
813 if (_hurdsig_catch_memory_fault (ss->context))
815 /* We faulted reading the thread's stack. Forget that
816 context and pretend it wasn't there. It almost
817 certainly crash if this handler returns, but that's it's
823 /* Copy the context from the thread's stack before
824 we start diddling the stack to set up the handler. */
825 ocontext = *ss->context;
826 ss->context = &ocontext;
828 _hurdsig_end_catch_fault ();
830 if (! machine_get_basic_state (ss->thread, &thread_state))
832 loc = interrupted_reply_port_location (&thread_state, 1);
833 if (loc && *loc != MACH_PORT_NULL)
834 /* This is the reply port for the context which called
835 sigreturn. Since we are abandoning that context entirely
836 and restoring SS->context instead, destroy this port. */
837 __mach_port_destroy (__mach_task_self (), *loc);
839 /* The thread was in sigreturn, not in any interruptible RPC. */
842 assert (! __spin_lock_locked (&ss->critical_section_lock));
846 int crit = __spin_lock_locked (&ss->critical_section_lock);
849 = (_hurdsig_abort_rpcs (ss,
850 /* In a critical section, any RPC
851 should be cancelled instead of
852 restarted, regardless of
853 SA_RESTART, so the entire
854 "atomic" operation can be aborted
857 &thread_state, &state_changed,
863 /* The thread is in a critical section. Mark the signal as
864 pending. When it finishes the critical section, it will
865 check for pending signals. */
868 /* Some cases of interrupting an RPC must change the
869 thread state to back out the call. Normally this
870 change is rolled into the warping to the handler and
871 sigreturn, but we are not running the handler now
872 because the thread is in a critical section. Instead,
873 mutate the thread right away for the RPC interruption
874 and resume it; the RPC will return early so the
875 critical section can end soon. */
876 __thread_set_state (ss->thread, MACHINE_THREAD_STATE_FLAVOR,
877 (natural_t *) &thread_state.basic,
878 MACHINE_THREAD_STATE_COUNT);
880 ss->intr_port = MACH_PORT_NULL;
881 __thread_resume (ss->thread);
886 /* Call the machine-dependent function to set the thread up
887 to run the signal handler, and preserve its old context. */
888 scp = _hurd_setup_sighandler (ss, handler, signo, detail,
889 wait_for_reply, &thread_state);
893 /* Set the machine-independent parts of the signal context. */
896 /* Fetch the thread variable for the MiG reply port,
897 and set it to MACH_PORT_NULL. */
898 mach_port_t *loc = interrupted_reply_port_location (&thread_state,
902 scp->sc_reply_port = *loc;
903 *loc = MACH_PORT_NULL;
906 scp->sc_reply_port = MACH_PORT_NULL;
908 /* Save the intr_port in use by the interrupted code,
909 and clear the cell before running the trampoline. */
910 scp->sc_intr_port = ss->intr_port;
911 ss->intr_port = MACH_PORT_NULL;
915 /* After the handler runs we will restore to the state in
916 SS->context, not the state of the thread now. So restore
917 that context's reply port and intr port. */
919 scp->sc_reply_port = ss->context->sc_reply_port;
920 scp->sc_intr_port = ss->context->sc_intr_port;
926 /* Backdoor extra argument to signal handler. */
927 scp->sc_error = detail->error;
929 /* Block SIGNO and requested signals while running the handler. */
930 scp->sc_mask = ss->blocked;
931 ss->blocked |= __sigmask (signo) | ss->actions[signo].sa_mask;
933 /* Start the thread running the handler (or possibly waiting for an
934 RPC reply before running the handler). */
935 err = __thread_set_state (ss->thread, MACHINE_THREAD_STATE_FLAVOR,
936 (natural_t *) &thread_state.basic,
937 MACHINE_THREAD_STATE_COUNT);
939 err = __thread_resume (ss->thread);
941 thread_state.set = 0; /* Everything we know is now wrong. */
946 /* The signal has either been ignored or is now being handled. We can
947 consider it delivered and reply to the killer. */
950 /* We get here unless the signal was fatal. We still hold SS->lock.
951 Check for pending signals, and loop to post them. */
953 /* Return nonzero if SS has any signals pending we should worry about.
954 We don't worry about any pending signals if we are stopped, nor if
955 SS is in a critical section. We are guaranteed to get a sig_post
956 message before any of them become deliverable: either the SIGCONT
957 signal, or a sig_post with SIGNO==0 as an explicit poll when the
958 thread finishes its critical section. */
959 inline int signals_pending (void)
961 if (_hurd_stopped || __spin_lock_locked (&ss->critical_section_lock))
963 return pending = ss->pending & ~ss->blocked;
966 check_pending_signals:
969 if (signals_pending ())
971 for (signo = 1; signo < NSIG; ++signo)
972 if (__sigismember (&pending, signo))
975 __sigdelset (&ss->pending, signo);
976 *detail = ss->pending_data[signo];
977 __spin_unlock (&ss->lock);
982 /* No pending signals left undelivered for this thread.
983 If we were sent signal 0, we need to check for pending
984 signals for all threads. */
987 __spin_unlock (&ss->lock);
988 __mutex_lock (&_hurd_siglock);
989 for (ss = _hurd_sigstates; ss != NULL; ss = ss->next)
991 __spin_lock (&ss->lock);
992 for (signo = 1; signo < NSIG; ++signo)
993 if (__sigismember (&ss->pending, signo)
994 && (!__sigismember (&ss->blocked, signo)
995 /* We "deliver" immediately pending blocked signals whose
996 action might be to ignore, so that if ignored they are
997 dropped right away. */
998 || ss->actions[signo].sa_handler == SIG_IGN
999 || ss->actions[signo].sa_handler == SIG_DFL))
1001 mutex_unlock (&_hurd_siglock);
1002 goto deliver_pending;
1004 __spin_unlock (&ss->lock);
1006 __mutex_unlock (&_hurd_siglock);
1010 /* No more signals pending; SS->lock is still locked.
1011 Wake up any sigsuspend call that is blocking SS->thread. */
1012 if (ss->suspended != MACH_PORT_NULL)
1014 /* There is a sigsuspend waiting. Tell it to wake up. */
1016 mach_msg_header_t msg;
1017 msg.msgh_bits = MACH_MSGH_BITS (MACH_MSG_TYPE_MAKE_SEND, 0);
1018 msg.msgh_remote_port = ss->suspended;
1019 msg.msgh_local_port = MACH_PORT_NULL;
1020 /* These values do not matter. */
1021 msg.msgh_id = 8675309; /* Jenny, Jenny. */
1022 msg.msgh_seqno = 17; /* Random. */
1023 ss->suspended = MACH_PORT_NULL;
1024 err = __mach_msg (&msg, MACH_SEND_MSG, sizeof msg, 0,
1025 MACH_PORT_NULL, MACH_MSG_TIMEOUT_NONE,
1027 assert_perror (err);
1029 __spin_unlock (&ss->lock);
1033 /* All pending signals delivered to all threads.
1034 Now we can send the reply message even for signal 0. */
1038 /* Decide whether REFPORT enables the sender to send us a SIGNO signal.
1039 Returns zero if so, otherwise the error code to return to the sender. */
1042 signal_allowed (int signo, mach_port_t refport)
1044 if (signo < 0 || signo >= NSIG)
1047 if (refport == __mach_task_self ())
1048 /* Can send any signal. */
1051 /* Avoid needing to check for this below. */
1052 if (refport == MACH_PORT_NULL)
1065 /* Job control signals can be sent by the controlling terminal. */
1066 if (__USEPORT (CTTYID, port == refport))
1072 /* A continue signal can be sent by anyone in the session. */
1073 mach_port_t sessport;
1074 if (! __USEPORT (PROC, __proc_getsidport (port, &sessport)))
1076 __mach_port_deallocate (__mach_task_self (), sessport);
1077 if (refport == sessport)
1086 /* Any io object a file descriptor refers to might send us
1087 one of these signals using its async ID port for REFPORT.
1089 This is pretty wide open; it is not unlikely that some random
1090 process can at least open for reading something we have open,
1091 get its async ID port, and send us a spurious SIGIO or SIGURG
1092 signal. But BSD is actually wider open than that!--you can set
1093 the owner of an io object to any process or process group
1094 whatsoever and send them gratuitous signals.
1096 Someday we could implement some reasonable scheme for
1097 authorizing SIGIO and SIGURG signals properly. */
1100 int lucky = 0; /* True if we find a match for REFPORT. */
1101 __mutex_lock (&_hurd_dtable_lock);
1102 for (d = 0; !lucky && (unsigned) d < (unsigned) _hurd_dtablesize; ++d)
1104 struct hurd_userlink ulink;
1106 mach_port_t asyncid;
1107 if (_hurd_dtable[d] == NULL)
1109 port = _hurd_port_get (&_hurd_dtable[d]->port, &ulink);
1110 if (! __io_get_icky_async_id (port, &asyncid))
1112 if (refport == asyncid)
1113 /* Break out of the loop on the next iteration. */
1115 __mach_port_deallocate (__mach_task_self (), asyncid);
1117 _hurd_port_free (&_hurd_dtable[d]->port, &ulink, port);
1119 /* If we found a lucky winner, we've set D to -1 in the loop. */
1125 /* If this signal is legit, we have done `goto win' by now.
1126 When we return the error, mig deallocates REFPORT. */
1130 /* Deallocate the REFPORT send right; we are done with it. */
1131 __mach_port_deallocate (__mach_task_self (), refport);
1136 /* Implement the sig_post RPC from <hurd/msg.defs>;
1137 sent when someone wants us to get a signal. */
1139 _S_msg_sig_post (mach_port_t me,
1140 mach_port_t reply_port, mach_msg_type_name_t reply_port_type,
1141 int signo, natural_t sigcode,
1142 mach_port_t refport)
1145 struct hurd_signal_detail d;
1147 if (err = signal_allowed (signo, refport))
1153 /* Post the signal to the designated signal-receiving thread. This will
1154 reply when the signal can be considered delivered. */
1155 _hurd_internal_post_signal (_hurd_thread_sigstate (_hurd_sigthread),
1156 signo, &d, reply_port, reply_port_type,
1157 0); /* Stop if traced. */
1159 return MIG_NO_REPLY; /* Already replied. */
1162 /* Implement the sig_post_untraced RPC from <hurd/msg.defs>;
1163 sent when the debugger wants us to really get a signal
1164 even if we are traced. */
1166 _S_msg_sig_post_untraced (mach_port_t me,
1167 mach_port_t reply_port,
1168 mach_msg_type_name_t reply_port_type,
1169 int signo, natural_t sigcode,
1170 mach_port_t refport)
1173 struct hurd_signal_detail d;
1175 if (err = signal_allowed (signo, refport))
1181 /* Post the signal to the designated signal-receiving thread. This will
1182 reply when the signal can be considered delivered. */
1183 _hurd_internal_post_signal (_hurd_thread_sigstate (_hurd_sigthread),
1184 signo, &d, reply_port, reply_port_type,
1185 1); /* Untraced flag. */
1187 return MIG_NO_REPLY; /* Already replied. */
1190 extern void __mig_init (void *);
1192 #include <mach/task_special_ports.h>
1194 /* Initialize the message port and _hurd_sigthread and start the signal
1198 _hurdsig_init (const int *intarray, size_t intarraysize)
1201 vm_size_t stacksize;
1202 struct hurd_sigstate *ss;
1204 __mutex_init (&_hurd_siglock);
1206 err = __mach_port_allocate (__mach_task_self (),
1207 MACH_PORT_RIGHT_RECEIVE,
1209 assert_perror (err);
1211 /* Make a send right to the signal port. */
1212 err = __mach_port_insert_right (__mach_task_self (),
1215 MACH_MSG_TYPE_MAKE_SEND);
1216 assert_perror (err);
1218 /* Initialize the main thread's signal state. */
1219 ss = _hurd_self_sigstate ();
1221 /* Copy inherited values from our parent (or pre-exec process state)
1222 into the signal settings of the main thread. */
1223 if (intarraysize > INIT_SIGMASK)
1224 ss->blocked = intarray[INIT_SIGMASK];
1225 if (intarraysize > INIT_SIGPENDING)
1226 ss->blocked = intarray[INIT_SIGPENDING];
1227 if (intarraysize > INIT_SIGIGN && intarray[INIT_SIGIGN] != 0)
1230 for (signo = 1; signo < NSIG; ++signo)
1231 if (intarray[INIT_SIGIGN] & __sigmask(signo))
1232 ss->actions[signo].sa_handler = SIG_IGN;
1235 /* Set the default thread to receive task-global signals
1236 to this one, the main (first) user thread. */
1237 _hurd_sigthread = ss->thread;
1239 /* Start the signal thread listening on the message port. */
1241 if (__hurd_threadvar_stack_mask == 0)
1243 err = __thread_create (__mach_task_self (), &_hurd_msgport_thread);
1244 assert_perror (err);
1246 stacksize = __vm_page_size * 8; /* Small stack for signal thread. */
1247 err = __mach_setup_thread (__mach_task_self (), _hurd_msgport_thread,
1248 _hurd_msgport_receive,
1249 (vm_address_t *) &__hurd_sigthread_stack_base,
1251 assert_perror (err);
1253 __hurd_sigthread_stack_end = __hurd_sigthread_stack_base + stacksize;
1254 __hurd_sigthread_variables =
1255 malloc (__hurd_threadvar_max * sizeof (unsigned long int));
1256 if (__hurd_sigthread_variables == NULL)
1257 __libc_fatal ("hurd: Can't allocate threadvars for signal thread\n");
1259 /* Reinitialize the MiG support routines so they will use a per-thread
1260 variable for the cached reply port. */
1261 __mig_init ((void *) __hurd_sigthread_stack_base);
1263 err = __thread_resume (_hurd_msgport_thread);
1264 assert_perror (err);
1268 /* When cthreads is being used, we need to make the signal thread a
1269 proper cthread. Otherwise it cannot use mutex_lock et al, which
1270 will be the cthreads versions. Various of the message port RPC
1271 handlers need to take locks, so we need to be able to call into
1272 cthreads code and meet its assumptions about how our thread and
1273 its stack are arranged. Since cthreads puts it there anyway,
1274 we'll let the signal thread's per-thread variables be found as for
1275 any normal cthread, and just leave the magic __hurd_sigthread_*
1276 values all zero so they'll be ignored. */
1277 #pragma weak cthread_fork
1278 #pragma weak cthread_detach
1279 cthread_detach (cthread_fork ((cthread_fn_t) &_hurd_msgport_receive, 0));
1281 /* XXX We need the thread port for the signal thread further on
1282 in this thread (see hurdfault.c:_hurdsigfault_init).
1283 Therefore we block until _hurd_msgport_thread is initialized
1284 by the newly created thread. This really shouldn't be
1285 necessary; we should be able to fetch the thread port for a
1286 cthread from here. */
1287 while (_hurd_msgport_thread == 0)
1291 /* Receive exceptions on the signal port. */
1292 __task_set_special_port (__mach_task_self (),
1293 TASK_EXCEPTION_PORT, _hurd_msgport);
1295 /* Sanity check. Any pending, unblocked signals should have been
1296 taken by our predecessor incarnation (i.e. parent or pre-exec state)
1297 before packing up our init ints. This assert is last (not above)
1298 so that signal handling is all set up to handle the abort. */
1299 assert ((ss->pending &~ ss->blocked) == 0);
1302 /* Reauthenticate with the proc server. */
1305 reauth_proc (mach_port_t new)
1307 mach_port_t ref, ignore;
1309 ref = __mach_reply_port ();
1310 if (! HURD_PORT_USE (&_hurd_ports[INIT_PORT_PROC],
1311 __proc_reauthenticate (port, ref,
1312 MACH_MSG_TYPE_MAKE_SEND) ||
1313 __auth_user_authenticate (new, ref,
1314 MACH_MSG_TYPE_MAKE_SEND,
1316 && ignore != MACH_PORT_NULL)
1317 __mach_port_deallocate (__mach_task_self (), ignore);
1318 __mach_port_destroy (__mach_task_self (), ref);
1320 /* Set the owner of the process here too. */
1321 mutex_lock (&_hurd_id.lock);
1322 if (!_hurd_check_ids ())
1323 HURD_PORT_USE (&_hurd_ports[INIT_PORT_PROC],
1324 __proc_setowner (port,
1326 ? _hurd_id.gen.uids[0] : 0),
1327 !_hurd_id.gen.nuids));
1328 mutex_unlock (&_hurd_id.lock);
1330 (void) &reauth_proc; /* Silence compiler warning. */
1332 text_set_element (_hurd_reauth_hook, reauth_proc);
1334 /* Like `getenv', but safe for the signal thread to run.
1335 If the environment is trashed, this will just return NULL. */
1338 _hurdsig_getenv (const char *variable)
1340 if (_hurdsig_catch_memory_fault (__environ))
1341 /* We bombed in getenv. */
1345 const size_t len = strlen (variable);
1347 char *volatile *ep = __environ;
1350 const char *p = *ep;
1351 _hurdsig_fault_preemptor.first = (long int) p;
1352 _hurdsig_fault_preemptor.last = VM_MAX_ADDRESS;
1353 if (! strncmp (p, variable, len) && p[len] == '=')
1357 valuelen = strlen (p);
1358 _hurdsig_fault_preemptor.last = (long int) (p + valuelen);
1359 value = malloc (++valuelen);
1361 memcpy (value, p, valuelen);
1364 _hurdsig_fault_preemptor.first = (long int) ++ep;
1365 _hurdsig_fault_preemptor.last = (long int) (ep + 1);
1367 _hurdsig_end_catch_fault ();
projects / platform / upstream / glibc.git / blob