17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #include "precompiled.hpp"
26 #include "classfile/vmSymbols.hpp"
27 #include "memory/allocation.inline.hpp"
28 #include "memory/resourceArea.hpp"
29 #include "oops/oop.inline.hpp"
30 #include "os_linux.inline.hpp"
31 #include "runtime/handles.inline.hpp"
32 #include "runtime/perfMemory.hpp"
33 #include "services/memTracker.hpp"
34 #include "utilities/exceptions.hpp"
35
36 // put OS-includes here
37 # include <sys/types.h>
38 # include <sys/mman.h>
39 # include <errno.h>
40 # include <stdio.h>
41 # include <unistd.h>
42 # include <sys/stat.h>
43 # include <signal.h>
44 # include <pwd.h>
45
46 static char* backing_store_file_name = NULL; // name of the backing store
47 // file, if successfully created.
48
49 // Standard Memory Implementation Details
50
51 // create the PerfData memory region in standard memory.
52 //
53 static char* create_standard_memory(size_t size) {
54
55 // allocate an aligned chuck of memory
56 char* mapAddress = os::reserve_memory(size);
516 // directory search
517 char* oldest_user = NULL;
518 time_t oldest_ctime = 0;
519
520 const char* tmpdirname = os::get_temp_directory();
521
522 // open the temp directory
523 DIR* tmpdirp = os::opendir(tmpdirname);
524
525 if (tmpdirp == NULL) {
526 // Cannot open the directory to get the user name, return.
527 return NULL;
528 }
529
530 // for each entry in the directory that matches the pattern hsperfdata_*,
531 // open the directory and check if the file for the given vmid exists.
532 // The file with the expected name and the latest creation date is used
533 // to determine the user name for the process id.
534 //
535 struct dirent* dentry;
536 char* tdbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(tmpdirname), mtInternal);
537 errno = 0;
538 while ((dentry = os::readdir(tmpdirp, (struct dirent *)tdbuf)) != NULL) {
539
540 // check if the directory entry is a hsperfdata file
541 if (strncmp(dentry->d_name, PERFDATA_NAME, strlen(PERFDATA_NAME)) != 0) {
542 continue;
543 }
544
545 char* usrdir_name = NEW_C_HEAP_ARRAY(char,
546 strlen(tmpdirname) + strlen(dentry->d_name) + 2, mtInternal);
547 strcpy(usrdir_name, tmpdirname);
548 strcat(usrdir_name, "/");
549 strcat(usrdir_name, dentry->d_name);
550
551 // open the user directory
552 DIR* subdirp = open_directory_secure(usrdir_name);
553
554 if (subdirp == NULL) {
555 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
556 continue;
557 }
558
559 // Since we don't create the backing store files in directories
560 // pointed to by symbolic links, we also don't follow them when
561 // looking for the files. We check for a symbolic link after the
562 // call to opendir in order to eliminate a small window where the
563 // symlink can be exploited.
564 //
565 if (!is_directory_secure(usrdir_name)) {
566 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
567 os::closedir(subdirp);
568 continue;
569 }
570
571 struct dirent* udentry;
572 char* udbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(usrdir_name), mtInternal);
573 errno = 0;
574 while ((udentry = os::readdir(subdirp, (struct dirent *)udbuf)) != NULL) {
575
576 if (filename_to_pid(udentry->d_name) == vmid) {
577 struct stat statbuf;
578 int result;
579
580 char* filename = NEW_C_HEAP_ARRAY(char,
581 strlen(usrdir_name) + strlen(udentry->d_name) + 2, mtInternal);
582
583 strcpy(filename, usrdir_name);
584 strcat(filename, "/");
585 strcat(filename, udentry->d_name);
586
587 // don't follow symbolic links for the file
588 RESTARTABLE(::lstat(filename, &statbuf), result);
589 if (result == OS_ERR) {
590 FREE_C_HEAP_ARRAY(char, filename, mtInternal);
591 continue;
592 }
593
594 // skip over files that are not regular files.
598 }
599
600 // compare and save filename with latest creation time
601 if (statbuf.st_size > 0 && statbuf.st_ctime > oldest_ctime) {
602
603 if (statbuf.st_ctime > oldest_ctime) {
604 char* user = strchr(dentry->d_name, '_') + 1;
605
606 if (oldest_user != NULL) FREE_C_HEAP_ARRAY(char, oldest_user, mtInternal);
607 oldest_user = NEW_C_HEAP_ARRAY(char, strlen(user)+1, mtInternal);
608
609 strcpy(oldest_user, user);
610 oldest_ctime = statbuf.st_ctime;
611 }
612 }
613
614 FREE_C_HEAP_ARRAY(char, filename, mtInternal);
615 }
616 }
617 os::closedir(subdirp);
618 FREE_C_HEAP_ARRAY(char, udbuf, mtInternal);
619 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
620 }
621 os::closedir(tmpdirp);
622 FREE_C_HEAP_ARRAY(char, tdbuf, mtInternal);
623
624 return(oldest_user);
625 }
626
627 // return the name of the user that owns the JVM indicated by the given vmid.
628 //
629 static char* get_user_name(int vmid, TRAPS) {
630 return get_user_name_slow(vmid, CHECK_NULL);
631 }
632
633 // return the file name of the backing store file for the named
634 // shared memory region for the given user name and vmid.
635 //
636 // the caller is expected to free the allocated memory.
637 //
638 static char* get_sharedmem_filename(const char* dirname, int vmid) {
639
640 // add 2 for the file separator and a null terminator.
641 size_t nbytes = strlen(dirname) + UINT_CHARS + 2;
642
681 //
682 static void cleanup_sharedmem_resources(const char* dirname) {
683
684 int saved_cwd_fd;
685 // open the directory
686 DIR* dirp = open_directory_secure_cwd(dirname, &saved_cwd_fd);
687 if (dirp == NULL) {
688 // directory doesn't exist or is insecure, so there is nothing to cleanup
689 return;
690 }
691
692 // for each entry in the directory that matches the expected file
693 // name pattern, determine if the file resources are stale and if
694 // so, remove the file resources. Note, instrumented HotSpot processes
695 // for this user may start and/or terminate during this search and
696 // remove or create new files in this directory. The behavior of this
697 // loop under these conditions is dependent upon the implementation of
698 // opendir/readdir.
699 //
700 struct dirent* entry;
701 char* dbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(dirname), mtInternal);
702
703 errno = 0;
704 while ((entry = os::readdir(dirp, (struct dirent *)dbuf)) != NULL) {
705
706 pid_t pid = filename_to_pid(entry->d_name);
707
708 if (pid == 0) {
709
710 if (strcmp(entry->d_name, ".") != 0 && strcmp(entry->d_name, "..") != 0) {
711 // attempt to remove all unexpected files, except "." and ".."
712 unlink(entry->d_name);
713 }
714
715 errno = 0;
716 continue;
717 }
718
719 // we now have a file name that converts to a valid integer
720 // that could represent a process id . if this process id
721 // matches the current process id or the process is not running,
722 // then remove the stale file resources.
723 //
724 // process liveness is detected by sending signal number 0 to
725 // the process id (see kill(2)). if kill determines that the
726 // process does not exist, then the file resources are removed.
727 // if kill determines that that we don't have permission to
728 // signal the process, then the file resources are assumed to
729 // be stale and are removed because the resources for such a
730 // process should be in a different user specific directory.
731 //
732 if ((pid == os::current_process_id()) ||
733 (kill(pid, 0) == OS_ERR && (errno == ESRCH || errno == EPERM))) {
734 unlink(entry->d_name);
735 }
736 errno = 0;
737 }
738
739 // close the directory and reset the current working directory
740 close_directory_secure_cwd(dirp, saved_cwd_fd);
741
742 FREE_C_HEAP_ARRAY(char, dbuf, mtInternal);
743 }
744
745 // make the user specific temporary directory. Returns true if
746 // the directory exists and is secure upon return. Returns false
747 // if the directory exists but is either a symlink, is otherwise
748 // insecure, or if an error occurred.
749 //
750 static bool make_user_tmp_dir(const char* dirname) {
751
752 // create the directory with 0755 permissions. note that the directory
753 // will be owned by euid::egid, which may not be the same as uid::gid.
754 //
755 if (mkdir(dirname, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH) == OS_ERR) {
756 if (errno == EEXIST) {
757 // The directory already exists and was probably created by another
758 // JVM instance. However, this could also be the result of a
759 // deliberate symlink. Verify that the existing directory is safe.
760 //
761 if (!is_directory_secure(dirname)) {
762 // directory is not secure
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #include "precompiled.hpp"
26 #include "classfile/vmSymbols.hpp"
27 #include "memory/allocation.inline.hpp"
28 #include "memory/resourceArea.hpp"
29 #include "oops/oop.inline.hpp"
30 #include "os_linux.inline.hpp"
31 #include "runtime/handles.inline.hpp"
32 #include "runtime/perfMemory.hpp"
33 #include "services/memTracker.hpp"
34 #include "utilities/exceptions.hpp"
35
36 // put OS-includes here
37 #include <dirent.h>
38 # include <sys/types.h>
39 # include <sys/mman.h>
40 # include <errno.h>
41 # include <stdio.h>
42 # include <unistd.h>
43 # include <sys/stat.h>
44 # include <signal.h>
45 # include <pwd.h>
46
47 static char* backing_store_file_name = NULL; // name of the backing store
48 // file, if successfully created.
49
50 // Standard Memory Implementation Details
51
52 // create the PerfData memory region in standard memory.
53 //
54 static char* create_standard_memory(size_t size) {
55
56 // allocate an aligned chuck of memory
57 char* mapAddress = os::reserve_memory(size);
517 // directory search
518 char* oldest_user = NULL;
519 time_t oldest_ctime = 0;
520
521 const char* tmpdirname = os::get_temp_directory();
522
523 // open the temp directory
524 DIR* tmpdirp = os::opendir(tmpdirname);
525
526 if (tmpdirp == NULL) {
527 // Cannot open the directory to get the user name, return.
528 return NULL;
529 }
530
531 // for each entry in the directory that matches the pattern hsperfdata_*,
532 // open the directory and check if the file for the given vmid exists.
533 // The file with the expected name and the latest creation date is used
534 // to determine the user name for the process id.
535 //
536 struct dirent* dentry;
537 errno = 0;
538 while ((dentry = os::readdir(tmpdirp)) != NULL) {
539
540 // check if the directory entry is a hsperfdata file
541 if (strncmp(dentry->d_name, PERFDATA_NAME, strlen(PERFDATA_NAME)) != 0) {
542 continue;
543 }
544
545 char* usrdir_name = NEW_C_HEAP_ARRAY(char,
546 strlen(tmpdirname) + strlen(dentry->d_name) + 2, mtInternal);
547 strcpy(usrdir_name, tmpdirname);
548 strcat(usrdir_name, "/");
549 strcat(usrdir_name, dentry->d_name);
550
551 // open the user directory
552 DIR* subdirp = open_directory_secure(usrdir_name);
553
554 if (subdirp == NULL) {
555 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
556 continue;
557 }
558
559 // Since we don't create the backing store files in directories
560 // pointed to by symbolic links, we also don't follow them when
561 // looking for the files. We check for a symbolic link after the
562 // call to opendir in order to eliminate a small window where the
563 // symlink can be exploited.
564 //
565 if (!is_directory_secure(usrdir_name)) {
566 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
567 os::closedir(subdirp);
568 continue;
569 }
570
571 struct dirent* udentry;
572 errno = 0;
573 while ((udentry = os::readdir(subdirp)) != NULL) {
574
575 if (filename_to_pid(udentry->d_name) == vmid) {
576 struct stat statbuf;
577 int result;
578
579 char* filename = NEW_C_HEAP_ARRAY(char,
580 strlen(usrdir_name) + strlen(udentry->d_name) + 2, mtInternal);
581
582 strcpy(filename, usrdir_name);
583 strcat(filename, "/");
584 strcat(filename, udentry->d_name);
585
586 // don't follow symbolic links for the file
587 RESTARTABLE(::lstat(filename, &statbuf), result);
588 if (result == OS_ERR) {
589 FREE_C_HEAP_ARRAY(char, filename, mtInternal);
590 continue;
591 }
592
593 // skip over files that are not regular files.
597 }
598
599 // compare and save filename with latest creation time
600 if (statbuf.st_size > 0 && statbuf.st_ctime > oldest_ctime) {
601
602 if (statbuf.st_ctime > oldest_ctime) {
603 char* user = strchr(dentry->d_name, '_') + 1;
604
605 if (oldest_user != NULL) FREE_C_HEAP_ARRAY(char, oldest_user, mtInternal);
606 oldest_user = NEW_C_HEAP_ARRAY(char, strlen(user)+1, mtInternal);
607
608 strcpy(oldest_user, user);
609 oldest_ctime = statbuf.st_ctime;
610 }
611 }
612
613 FREE_C_HEAP_ARRAY(char, filename, mtInternal);
614 }
615 }
616 os::closedir(subdirp);
617 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal);
618 }
619 os::closedir(tmpdirp);
620
621 return(oldest_user);
622 }
623
624 // return the name of the user that owns the JVM indicated by the given vmid.
625 //
626 static char* get_user_name(int vmid, TRAPS) {
627 return get_user_name_slow(vmid, CHECK_NULL);
628 }
629
630 // return the file name of the backing store file for the named
631 // shared memory region for the given user name and vmid.
632 //
633 // the caller is expected to free the allocated memory.
634 //
635 static char* get_sharedmem_filename(const char* dirname, int vmid) {
636
637 // add 2 for the file separator and a null terminator.
638 size_t nbytes = strlen(dirname) + UINT_CHARS + 2;
639
678 //
679 static void cleanup_sharedmem_resources(const char* dirname) {
680
681 int saved_cwd_fd;
682 // open the directory
683 DIR* dirp = open_directory_secure_cwd(dirname, &saved_cwd_fd);
684 if (dirp == NULL) {
685 // directory doesn't exist or is insecure, so there is nothing to cleanup
686 return;
687 }
688
689 // for each entry in the directory that matches the expected file
690 // name pattern, determine if the file resources are stale and if
691 // so, remove the file resources. Note, instrumented HotSpot processes
692 // for this user may start and/or terminate during this search and
693 // remove or create new files in this directory. The behavior of this
694 // loop under these conditions is dependent upon the implementation of
695 // opendir/readdir.
696 //
697 struct dirent* entry;
698 errno = 0;
699 while ((entry = os::readdir(dirp)) != NULL) {
700
701 pid_t pid = filename_to_pid(entry->d_name);
702
703 if (pid == 0) {
704
705 if (strcmp(entry->d_name, ".") != 0 && strcmp(entry->d_name, "..") != 0) {
706 // attempt to remove all unexpected files, except "." and ".."
707 unlink(entry->d_name);
708 }
709
710 errno = 0;
711 continue;
712 }
713
714 // we now have a file name that converts to a valid integer
715 // that could represent a process id . if this process id
716 // matches the current process id or the process is not running,
717 // then remove the stale file resources.
718 //
719 // process liveness is detected by sending signal number 0 to
720 // the process id (see kill(2)). if kill determines that the
721 // process does not exist, then the file resources are removed.
722 // if kill determines that that we don't have permission to
723 // signal the process, then the file resources are assumed to
724 // be stale and are removed because the resources for such a
725 // process should be in a different user specific directory.
726 //
727 if ((pid == os::current_process_id()) ||
728 (kill(pid, 0) == OS_ERR && (errno == ESRCH || errno == EPERM))) {
729 unlink(entry->d_name);
730 }
731 errno = 0;
732 }
733
734 // close the directory and reset the current working directory
735 close_directory_secure_cwd(dirp, saved_cwd_fd);
736 }
737
738 // make the user specific temporary directory. Returns true if
739 // the directory exists and is secure upon return. Returns false
740 // if the directory exists but is either a symlink, is otherwise
741 // insecure, or if an error occurred.
742 //
743 static bool make_user_tmp_dir(const char* dirname) {
744
745 // create the directory with 0755 permissions. note that the directory
746 // will be owned by euid::egid, which may not be the same as uid::gid.
747 //
748 if (mkdir(dirname, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH) == OS_ERR) {
749 if (errno == EEXIST) {
750 // The directory already exists and was probably created by another
751 // JVM instance. However, this could also be the result of a
752 // deliberate symlink. Verify that the existing directory is safe.
753 //
754 if (!is_directory_secure(dirname)) {
755 // directory is not secure
|