1 //
2 // Copyright (C) 2012 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 // http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16
17 #include "update_engine/common/subprocess.h"
18
19 #include <fcntl.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <unistd.h>
23
24 #include <chrono>
25 #include <memory>
26 #include <string>
27 #include <utility>
28 #include <vector>
29
30 #include <base/bind.h>
31 #include <base/logging.h>
32 #include <base/posix/eintr_wrapper.h>
33 #include <base/stl_util.h>
34 #include <base/strings/string_util.h>
35 #include <base/strings/stringprintf.h>
36 #include <brillo/secure_blob.h>
37
38 #include "update_engine/common/utils.h"
39
40 using brillo::MessageLoop;
41 using std::string;
42 using std::unique_ptr;
43 using std::vector;
44
45 namespace chromeos_update_engine {
46
47 namespace {
48
SetupChild(const std::map<string,string> & env,uint32_t flags)49 bool SetupChild(const std::map<string, string>& env, uint32_t flags) {
50 // Setup the environment variables.
51 clearenv();
52 if (setpgid(0, 0) != 0) {
53 PLOG(ERROR) << "Failed to setpgid on subprocess " << getpid();
54 return false;
55 }
56 for (const auto& key_value : env) {
57 setenv(key_value.first.c_str(), key_value.second.c_str(), 0);
58 }
59
60 if ((flags & Subprocess::kRedirectStderrToStdout) != 0) {
61 if (HANDLE_EINTR(dup2(STDOUT_FILENO, STDERR_FILENO)) != STDERR_FILENO)
62 return false;
63 }
64
65 int fd = HANDLE_EINTR(open("/dev/null", O_RDONLY));
66 if (fd < 0)
67 return false;
68 if (HANDLE_EINTR(dup2(fd, STDIN_FILENO)) != STDIN_FILENO)
69 return false;
70 IGNORE_EINTR(close(fd));
71
72 return true;
73 }
74
75 // Helper function to launch a process with the given Subprocess::Flags.
76 // This function only sets up and starts the process according to the |flags|.
77 // The caller is responsible for watching the termination of the subprocess.
78 // Return whether the process was successfully launched and fills in the |proc|
79 // Process.
LaunchProcess(const vector<string> & cmd,uint32_t flags,const vector<int> & output_pipes,brillo::Process * proc)80 bool LaunchProcess(const vector<string>& cmd,
81 uint32_t flags,
82 const vector<int>& output_pipes,
83 brillo::Process* proc) {
84 for (const string& arg : cmd)
85 proc->AddArg(arg);
86 proc->SetSearchPath((flags & Subprocess::kSearchPath) != 0);
87
88 // Create an environment for the child process with just the required PATHs.
89 std::map<string, string> env;
90 for (const char* key : {"LD_LIBRARY_PATH", "PATH"}) {
91 const char* value = getenv(key);
92 if (value)
93 env.emplace(key, value);
94 }
95
96 for (const int fd : output_pipes) {
97 proc->RedirectUsingPipe(fd, false);
98 }
99 proc->SetCloseUnusedFileDescriptors(true);
100 proc->RedirectUsingPipe(STDOUT_FILENO, false);
101 proc->SetPreExecCallback(base::Bind(&SetupChild, env, flags));
102
103 LOG(INFO) << "Running \"" << base::JoinString(cmd, " ") << "\"";
104 return proc->Start();
105 }
106
107 } // namespace
108
Init(brillo::AsynchronousSignalHandlerInterface * async_signal_handler)109 void Subprocess::Init(
110 brillo::AsynchronousSignalHandlerInterface* async_signal_handler) {
111 if (subprocess_singleton_ == this)
112 return;
113 CHECK(subprocess_singleton_ == nullptr);
114 subprocess_singleton_ = this;
115
116 process_reaper_.Register(async_signal_handler);
117 }
118
~Subprocess()119 Subprocess::~Subprocess() {
120 if (subprocess_singleton_ == this)
121 subprocess_singleton_ = nullptr;
122 }
123
OnStdoutReady(SubprocessRecord * record)124 void Subprocess::OnStdoutReady(SubprocessRecord* record) {
125 char buf[1024];
126 size_t bytes_read;
127 do {
128 bytes_read = 0;
129 bool eof;
130 bool ok = utils::ReadAll(
131 record->stdout_fd, buf, base::size(buf), &bytes_read, &eof);
132 record->stdout_str.append(buf, bytes_read);
133 if (!ok || eof) {
134 // There was either an error or an EOF condition, so we are done watching
135 // the file descriptor.
136 record->stdout_controller.reset();
137 return;
138 }
139 } while (bytes_read);
140 }
141
ChildExitedCallback(const siginfo_t & info)142 void Subprocess::ChildExitedCallback(const siginfo_t& info) {
143 auto pid_record = subprocess_records_.find(info.si_pid);
144 if (pid_record == subprocess_records_.end())
145 return;
146 SubprocessRecord* record = pid_record->second.get();
147
148 // Make sure we read any remaining process output and then close the pipe.
149 OnStdoutReady(record);
150
151 record->stdout_controller.reset();
152
153 // Don't print any log if the subprocess exited with exit code 0.
154 if (info.si_code != CLD_EXITED) {
155 LOG(INFO) << "Subprocess " << info.si_pid << " terminated with si_code "
156 << info.si_code;
157 } else if (info.si_status != 0) {
158 LOG(INFO) << "Subprocess " << info.si_pid
159 << " exited with si_status: " << info.si_status;
160 }
161
162 if (!record->stdout_str.empty()) {
163 LOG(INFO) << "Subprocess output:\n" << record->stdout_str;
164 }
165 if (!record->callback.is_null()) {
166 record->callback.Run(info.si_status, record->stdout_str);
167 }
168 // Release and close all the pipes after calling the callback so our
169 // redirected pipes are still alive. Releasing the process first makes
170 // Reset(0) not attempt to kill the process, which is already a zombie at this
171 // point.
172 record->proc.Release();
173 record->proc.Reset(0);
174
175 subprocess_records_.erase(pid_record);
176 }
177
Exec(const vector<string> & cmd,const ExecCallback & callback)178 pid_t Subprocess::Exec(const vector<string>& cmd,
179 const ExecCallback& callback) {
180 return ExecFlags(cmd, kRedirectStderrToStdout, {}, callback);
181 }
182
ExecFlags(const vector<string> & cmd,uint32_t flags,const vector<int> & output_pipes,const ExecCallback & callback)183 pid_t Subprocess::ExecFlags(const vector<string>& cmd,
184 uint32_t flags,
185 const vector<int>& output_pipes,
186 const ExecCallback& callback) {
187 unique_ptr<SubprocessRecord> record(new SubprocessRecord(callback));
188
189 if (!LaunchProcess(cmd, flags, output_pipes, &record->proc)) {
190 LOG(ERROR) << "Failed to launch subprocess";
191 return 0;
192 }
193
194 pid_t pid = record->proc.pid();
195 CHECK(process_reaper_.WatchForChild(
196 FROM_HERE,
197 pid,
198 base::Bind(&Subprocess::ChildExitedCallback, base::Unretained(this))));
199
200 record->stdout_fd = record->proc.GetPipe(STDOUT_FILENO);
201 // Capture the subprocess output. Make our end of the pipe non-blocking.
202 int fd_flags = fcntl(record->stdout_fd, F_GETFL, 0) | O_NONBLOCK;
203 if (HANDLE_EINTR(fcntl(record->stdout_fd, F_SETFL, fd_flags)) < 0) {
204 LOG(ERROR) << "Unable to set non-blocking I/O mode on fd "
205 << record->stdout_fd << ".";
206 }
207
208 record->stdout_controller = base::FileDescriptorWatcher::WatchReadable(
209 record->stdout_fd,
210 base::BindRepeating(&Subprocess::OnStdoutReady, record.get()));
211
212 subprocess_records_[pid] = std::move(record);
213 return pid;
214 }
215
WaitForProcessGroup(pid_t pid,std::chrono::milliseconds timeout)216 bool WaitForProcessGroup(pid_t pid, std::chrono::milliseconds timeout) {
217 using std::chrono::system_clock;
218 auto start = system_clock::now();
219 do {
220 pid_t w = waitpid(-pid, nullptr, WNOHANG);
221 if (w < 0) {
222 // When all of the child process with this process group ID exits, waitpid
223 // will return ECHILD. Until that point, keep callilng waitpid() as there
224 // might be multiple child processes with the same process group id.
225 if (errno == ECHILD) {
226 LOG(INFO) << "All processes with process group id " << pid << " exited";
227 return true;
228 }
229 PLOG(ERROR) << "Waitpid returned " << w;
230 return false;
231 }
232 usleep(100);
233 } while ((system_clock::now() - start) <= timeout);
234 LOG(INFO) << "process group " << pid << " did not exit in " << timeout.count()
235 << " milliseconds";
236 return false;
237 }
238
KillExec(pid_t pid)239 void Subprocess::KillExec(pid_t pid) {
240 using namespace std::chrono_literals;
241 auto pid_record = subprocess_records_.find(pid);
242 if (pid_record == subprocess_records_.end())
243 return;
244 pid_record->second->callback.Reset();
245 // We don't care about output/return code, so we use SIGKILL here to ensure it
246 // will be killed, SIGTERM might lead to leaked subprocess.
247 CHECK_EQ(pid_record->second->proc.pid(), pid);
248 if (kill(-pid, SIGKILL) != 0) {
249 PLOG(WARNING) << "Failed to kill subprocess group " << pid;
250 }
251 WaitForProcessGroup(pid, 5000ms);
252 // Release the pid now so we don't try to kill it if Subprocess is destroyed
253 // before the corresponding ChildExitedCallback() is called.
254 pid_record->second->proc.Release();
255 if (subprocess_records_.count(pid)) {
256 siginfo_t info;
257 info.si_code = CLD_KILLED;
258 info.si_status = SIGKILL;
259 info.si_pid = pid;
260 ChildExitedCallback(info);
261 }
262 }
263
GetPipeFd(pid_t pid,int fd) const264 int Subprocess::GetPipeFd(pid_t pid, int fd) const {
265 auto pid_record = subprocess_records_.find(pid);
266 if (pid_record == subprocess_records_.end())
267 return -1;
268 return pid_record->second->proc.GetPipe(fd);
269 }
270
SynchronousExec(const vector<string> & cmd,int * return_code,string * stdout_str,string * stderr_str)271 bool Subprocess::SynchronousExec(const vector<string>& cmd,
272 int* return_code,
273 string* stdout_str,
274 string* stderr_str) {
275 // The default for |SynchronousExec| is to use |kSearchPath| since the code
276 // relies on that.
277 return SynchronousExecFlags(
278 cmd, kSearchPath, return_code, stdout_str, stderr_str);
279 }
280
SynchronousExecFlags(const vector<string> & cmd,uint32_t flags,int * return_code,string * stdout_str,string * stderr_str)281 bool Subprocess::SynchronousExecFlags(const vector<string>& cmd,
282 uint32_t flags,
283 int* return_code,
284 string* stdout_str,
285 string* stderr_str) {
286 brillo::ProcessImpl proc;
287 if (!LaunchProcess(cmd, flags, {STDERR_FILENO}, &proc)) {
288 LOG(ERROR) << "Failed to launch subprocess";
289 return false;
290 }
291
292 if (stdout_str) {
293 stdout_str->clear();
294 }
295 if (stderr_str) {
296 stderr_str->clear();
297 }
298
299 // Read from both stdout and stderr individually.
300 int stdout_fd = proc.GetPipe(STDOUT_FILENO);
301 int stderr_fd = proc.GetPipe(STDERR_FILENO);
302 vector<char> buffer(32 * 1024);
303 bool stdout_closed = false, stderr_closed = false;
304 while (!stdout_closed || !stderr_closed) {
305 if (!stdout_closed) {
306 int rc = HANDLE_EINTR(read(stdout_fd, buffer.data(), buffer.size()));
307 if (rc <= 0) {
308 stdout_closed = true;
309 if (rc < 0)
310 PLOG(ERROR) << "Reading from child's stdout";
311 } else if (stdout_str != nullptr) {
312 stdout_str->append(buffer.data(), rc);
313 }
314 }
315
316 if (!stderr_closed) {
317 int rc = HANDLE_EINTR(read(stderr_fd, buffer.data(), buffer.size()));
318 if (rc <= 0) {
319 stderr_closed = true;
320 if (rc < 0)
321 PLOG(ERROR) << "Reading from child's stderr";
322 } else if (stderr_str != nullptr) {
323 stderr_str->append(buffer.data(), rc);
324 }
325 }
326 }
327
328 // At this point, the subprocess already closed the output, so we only need to
329 // wait for it to finish.
330 int proc_return_code = proc.Wait();
331 if (return_code)
332 *return_code = proc_return_code;
333 return proc_return_code != brillo::Process::kErrorExitStatus;
334 }
335
FlushBufferedLogsAtExit()336 void Subprocess::FlushBufferedLogsAtExit() {
337 if (!subprocess_records_.empty()) {
338 LOG(INFO) << "We are exiting, but there are still in flight subprocesses!";
339 for (auto& pid_record : subprocess_records_) {
340 SubprocessRecord* record = pid_record.second.get();
341 // Make sure we read any remaining process output.
342 OnStdoutReady(record);
343 if (!record->stdout_str.empty()) {
344 LOG(INFO) << "Subprocess(" << pid_record.first << ") output:\n"
345 << record->stdout_str;
346 }
347 }
348 }
349 }
350
351 Subprocess* Subprocess::subprocess_singleton_ = nullptr;
352
353 } // namespace chromeos_update_engine
354