2013-02-12 17:40:24 +01:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2008 The Android Open Source Project
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* * Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer in
|
|
|
|
|
* the documentation and/or other materials provided with the
|
|
|
|
|
* distribution.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
|
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
|
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
|
|
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
|
|
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
|
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
|
|
|
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
|
|
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
|
|
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
|
|
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <pthread.h>
|
|
|
|
|
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <stdio.h> // For snprintf.
|
2015-01-29 03:02:33 +01:00
|
|
|
#include <string.h>
|
2013-02-12 17:40:24 +01:00
|
|
|
#include <sys/prctl.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
|
|
#include "private/ErrnoRestorer.h"
|
2015-03-19 22:19:19 +01:00
|
|
|
#include "pthread_internal.h"
|
2013-02-12 17:40:24 +01:00
|
|
|
|
|
|
|
|
// This value is not exported by kernel headers.
|
|
|
|
|
#define MAX_TASK_COMM_LEN 16
|
2016-03-23 19:20:47 +01:00
|
|
|
|
|
|
|
|
static int __open_task_comm_fd(pthread_t t, int flags) {
|
|
|
|
|
char comm_name[64];
|
Be more strict about using invalid `pthread_t`s.
Another release, another attempt to remove the global thread list.
But this time, let's admit that it's not going away. We can switch to using
a read/write lock for the global thread list, and to aborting rather than
quietly returning ESRCH if we're given an invalid pthread_t.
This change affects pthread_detach, pthread_getcpuclockid,
pthread_getschedparam/pthread_setschedparam, pthread_join, and pthread_kill:
instead of returning ESRCH when passed an invalid pthread_t, if you're
targeting O or above, they'll abort with the message "attempt to use
invalid pthread_t".
Note that this doesn't change behavior as much as you might think: the old
lookup only held the global thread list lock for the duration of the lookup,
so there was still a race between that and the dereference in the caller,
given that callers actually need the tid to pass to some syscall or other,
and sometimes update fields in the pthread_internal_t struct too.
(This patch replaces such users with calls to pthread_gettid_np, which
at least makes the TOCTOU window smaller.)
We can't check thread->tid against 0 to see whether a pthread_t is still
valid because a dead thread gets its thread struct unmapped along with its
stack, so the dereference isn't safe.
Taking the affected functions one by one:
* pthread_getcpuclockid and pthread_getschedparam/pthread_setschedparam
should be fine. Unsafe calls to those seem highly unlikely.
* Unsafe pthread_detach callers probably want to switch to
pthread_attr_setdetachstate instead, or using
pthread_detach(pthread_self()) from the new thread's start routine
rather than doing the detach in the parent.
* pthread_join calls should be safe anyway, because a joinable thread
won't actually exit and unmap until it's joined. If you're joining an
unjoinable thread, the fix is to stop marking it detached. If you're
joining an already-joined thread, you need to rethink your design.
* Unsafe pthread_kill calls aren't portably fixable. (And are obviously
inherently non-portable as-is.) The best alternative on Android is to
use pthread_gettid_np at some point that you know the thread to be
alive, and then call kill/tgkill directly.
That's still not completely safe because if you're too late, the tid
may have been reused, but then your code is inherently unsafe anyway.
Bug: http://b/19636317
Test: ran tests
Change-Id: I0372c4428e8a7f1c3af5c9334f5d9c25f2c73f21
2017-02-14 02:59:29 +01:00
|
|
|
snprintf(comm_name, sizeof(comm_name), "/proc/self/task/%d/comm", pthread_gettid_np(t));
|
2016-03-23 19:20:47 +01:00
|
|
|
return open(comm_name, O_CLOEXEC | flags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int pthread_getname_np(pthread_t t, char* buf, size_t buf_size) {
|
|
|
|
|
ErrnoRestorer errno_restorer;
|
|
|
|
|
|
|
|
|
|
if (buf_size < MAX_TASK_COMM_LEN) return ERANGE;
|
|
|
|
|
|
|
|
|
|
// Getting our own name is an easy special case.
|
|
|
|
|
if (t == pthread_self()) {
|
|
|
|
|
return prctl(PR_GET_NAME, buf) ? errno : 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We have to get another thread's name.
|
|
|
|
|
int fd = __open_task_comm_fd(t, O_RDONLY);
|
|
|
|
|
if (fd == -1) return errno;
|
|
|
|
|
|
|
|
|
|
ssize_t n = TEMP_FAILURE_RETRY(read(fd, buf, buf_size));
|
|
|
|
|
close(fd);
|
|
|
|
|
|
|
|
|
|
if (n == -1) return errno;
|
|
|
|
|
|
|
|
|
|
// The kernel adds a trailing '\n' to the /proc file,
|
|
|
|
|
// so this is actually the normal case for short names.
|
|
|
|
|
if (n > 0 && buf[n - 1] == '\n') {
|
|
|
|
|
buf[n - 1] = '\0';
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (n == static_cast<ssize_t>(buf_size)) return ERANGE;
|
|
|
|
|
buf[n] = '\0';
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2013-02-12 17:40:24 +01:00
|
|
|
|
2013-03-22 04:02:35 +01:00
|
|
|
int pthread_setname_np(pthread_t t, const char* thread_name) {
|
2013-02-12 17:40:24 +01:00
|
|
|
ErrnoRestorer errno_restorer;
|
|
|
|
|
|
|
|
|
|
size_t thread_name_len = strlen(thread_name);
|
2016-03-23 19:20:47 +01:00
|
|
|
if (thread_name_len >= MAX_TASK_COMM_LEN) return ERANGE;
|
2013-02-12 17:40:24 +01:00
|
|
|
|
2016-03-23 19:20:47 +01:00
|
|
|
// Setting our own name is an easy special case.
|
2013-03-22 04:02:35 +01:00
|
|
|
if (t == pthread_self()) {
|
2013-02-15 03:59:37 +01:00
|
|
|
return prctl(PR_SET_NAME, thread_name) ? errno : 0;
|
2013-02-12 17:40:24 +01:00
|
|
|
}
|
|
|
|
|
|
2016-03-23 19:20:47 +01:00
|
|
|
// We have to set another thread's name.
|
|
|
|
|
int fd = __open_task_comm_fd(t, O_WRONLY);
|
|
|
|
|
if (fd == -1) return errno;
|
2015-03-19 22:19:19 +01:00
|
|
|
|
2013-02-12 17:40:24 +01:00
|
|
|
ssize_t n = TEMP_FAILURE_RETRY(write(fd, thread_name, thread_name_len));
|
|
|
|
|
close(fd);
|
|
|
|
|
|
2016-03-23 19:20:47 +01:00
|
|
|
if (n == -1) return errno;
|
|
|
|
|
if (n != static_cast<ssize_t>(thread_name_len)) return EIO;
|
2013-02-12 17:40:24 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
