1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
|
From b7eed065f9118964dc875e4f03c8b07332b44a65 Mon Sep 17 00:00:00 2001
From: Justus Winter <4winter@informatik.uni-hamburg.de>
Date: Wed, 18 Sep 2013 22:58:11 +0200
Subject: [PATCH 5/8] startup: do not pass signals on to the child
Formerly /hurd/startup would forward all signals to the child it
started (e.g. /libexec/runsystem).
The motivation for doing so is not revealed in the comments, nor it is
mentioned in the history of the version control system.
This patch removes the forwarding of signals to the child.
* startup/startup.c (process_signal): Do not pass signals on to the child.
* startup/stubs.c: Remove file.
* startup/Makefile: Remove stubs.c.
---
startup/Makefile | 2 +-
startup/startup.c | 49 -------------------
startup/stubs.c | 139 ------------------------------------------------------
3 files changed, 1 insertion(+), 189 deletions(-)
delete mode 100644 startup/stubs.c
diff --git a/startup/Makefile b/startup/Makefile
index 2d6b892..277fee4 100644
--- a/startup/Makefile
+++ b/startup/Makefile
@@ -18,7 +18,7 @@
dir := startup
makemode := server
-SRCS = startup.c stubs.c
+SRCS = startup.c
OBJS = $(SRCS:.c=.o) \
startupServer.o notifyServer.o startup_replyUser.o msgServer.o \
startup_notifyUser.o
diff --git a/startup/startup.c b/startup/startup.c
index 29269a6..4c91d4c 100644
--- a/startup/startup.c
+++ b/startup/startup.c
@@ -904,9 +904,6 @@ frob_kernel_process (void)
static pid_t child_pid; /* PID of the child we run */
static task_t child_task; /* and its (original) task port */
-error_t send_signal (mach_port_t msgport, int signal, mach_port_t refport,
- mach_msg_timeout_t);
-
static void launch_something (const char *why);
@@ -965,52 +962,6 @@ process_signal (int signo)
}
}
}
- else
- {
- /* Pass the signal on to the child. */
- task_t task;
- error_t err;
-
- err = proc_pid2task (procserver, child_pid, &task);
- if (err)
- {
- error (0, err, "proc_pid2task on %d", child_pid);
- task = child_task;
- }
- else
- {
- mach_port_deallocate (mach_task_self (), child_task);
- child_task = task;
- }
-
- if (signo == SIGKILL)
- {
- err = task_terminate (task);
- if (err != MACH_SEND_INVALID_DEST)
- error (0, err, "task_terminate");
- }
- else
- {
- mach_port_t msgport;
- err = proc_getmsgport (procserver, child_pid, &msgport);
- if (err)
- error (0, err, "proc_getmsgport");
- else
- {
- err = send_signal (msgport, signo, task,
- 500); /* Block only half a second. */
- mach_port_deallocate (mach_task_self (), msgport);
- if (err)
- {
- error (0, err, "cannot send %s to child %d",
- strsignal (signo), child_pid);
- err = task_terminate (task);
- if (err != MACH_SEND_INVALID_DEST)
- error (0, err, "task_terminate");
- }
- }
- }
- }
}
/* Start the child program PROG. It is run via /libexec/console-run
diff --git a/startup/stubs.c b/startup/stubs.c
deleted file mode 100644
index 5292ab6..0000000
--- a/startup/stubs.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* By-hand stubs for some RPC calls
- Copyright (C) 1994,96,99,2000 Free Software Foundation, Inc.
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License as
- published by the Free Software Foundation; either version 2, or (at
- your option) any later version.
-
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
-
-#include <stdlib.h>
-#include <hurd/hurd_types.h>
-#include <mach.h>
-#include <string.h>
-#include <assert.h>
-
-/* From hurd/msg.defs: */
-#define RPCID_SIG_POST 23000
-
-
-/* Send signal SIGNO to MSGPORT with REFPORT as reference. Don't
- block in any fashion. */
-error_t
-send_signal (mach_port_t msgport,
- int signal,
- mach_port_t refport,
- mach_msg_timeout_t timeout)
-{
- error_t err;
-
- /* This message buffer might be modified by mach_msg in some error cases,
- so we cannot safely reuse a static buffer. */
- struct
- {
- mach_msg_header_t head;
- mach_msg_type_t signaltype;
- int signal;
- mach_msg_type_t sigcode_type;
- natural_t sigcode;
- mach_msg_type_t refporttype;
- mach_port_t refport;
- }
- message =
- {
- {
- /* Message header: */
- (MACH_MSGH_BITS_COMPLEX
- | MACH_MSGH_BITS (MACH_MSG_TYPE_COPY_SEND,
- MACH_MSG_TYPE_MAKE_SEND_ONCE)), /* msgh_bits */
- sizeof message, /* msgh_size */
- msgport, /* msgh_remote_port */
- MACH_PORT_NULL, /* msgh_local_port */
- 0, /* msgh_seqno */
- RPCID_SIG_POST, /* msgh_id */
- },
- {
- /* Type descriptor for signo */
- MACH_MSG_TYPE_INTEGER_32, /* msgt_name */
- 32, /* msgt_size */
- 1, /* msgt_number */
- 1, /* msgt_inline */
- 0, /* msgt_longform */
- 0, /* msgt_deallocate */
- 0, /* msgt_unused */
- },
- /* Signal number */
- signal,
- /* Type descriptor for sigcode */
- {
- MACH_MSG_TYPE_INTEGER_32, /* msgt_name */
- 32, /* msgt_size */
- 1, /* msgt_number */
- 1, /* msgt_inline */
- 0, /* msgt_longform */
- 0, /* msgt_deallocate */
- 0, /* msgt_unused */
- },
- /* Sigcode */
- 0,
- {
- /* Type descriptor for refport */
- MACH_MSG_TYPE_COPY_SEND, /* msgt_name */
- 32, /* msgt_size */
- 1, /* msgt_number */
- 1, /* msgt_inline */
- 0, /* msgt_longform */
- 0, /* msgt_deallocate */
- 0, /* msgt_unused */
- },
- /* Reference port */
- refport
- };
-
- err = mach_msg (&message.head,
- MACH_SEND_MSG|MACH_SEND_TIMEOUT, sizeof message, 0,
- MACH_PORT_NULL, timeout, MACH_PORT_NULL);
-
- switch (err)
- {
- case MACH_SEND_TIMED_OUT:
- /* The send could not complete in time. In this error case, the
- kernel has modified the message buffer in a pseudo-receive
- operation. That means our COPY_SEND refs might now be MOVE_SEND
- refs, in which case each has gained user ref accordingly. To
- avoid leaking those refs, we must clean up the buffer. We don't
- use mach_msg_destroy because it assumes the local/remote ports in
- the header have been reversed as from a real receive, while a
- pseudo-receive leaves them as they were. */
- if (MACH_MSGH_BITS_REMOTE (message.head.msgh_bits)
- == MACH_MSG_TYPE_MOVE_SEND)
- mach_port_deallocate (mach_task_self (),
- message.head.msgh_remote_port);
- if (message.refporttype.msgt_name == MACH_MSG_TYPE_MOVE_SEND)
- mach_port_deallocate (mach_task_self (), message.refport);
- break;
-
- /* These are the other codes that mean a pseudo-receive modified
- the message buffer and we might need to clean up the send rights.
- None of them should be possible in our usage. */
- case MACH_SEND_INTERRUPTED:
- case MACH_SEND_INVALID_NOTIFY:
- case MACH_SEND_NO_NOTIFY:
- case MACH_SEND_NOTIFY_IN_PROGRESS:
- assert_perror (err);
- break;
-
- default: /* Other errors are safe to ignore. */
- break;
- }
-
- return err;
-}
--
2.1.0
|
