weston/libweston/launcher-weston-launch.c
Jonathan Marler f153c49430 launcher: fix socket message race condition
fixes issue #484 (race condition with message to/from weston launch)

The race condition occurs after weston sends the WESTON_LAUNCHER_OPEN
message to weston-launch.  The race is between when weston-launch replies
with the fd handle versus weston-launch sending an activation message.  If
weston-launch sends an activation message before sending the fd handle,
then weston will be in an invalid state.

To fix this, I modified the fd handle reply that weston-launch sends to
include a message id at the beginning, which I called
WESTON_LAUNCHER_OPEN_REPLY.  Along with this, weston now inspects the
first part of any reply to determine whether it is an activation message
or a reply to the OPEN message.  In the newly handled case that it's an
activation message, it tracks whether the latest result is a deactivate
message and stores it in a flag to be handled once the open function has
completed.

Signed-off-by: Jonathan Marler <johnnymarler@gmail.com>
2021-04-10 22:29:30 +00:00

396 lines
9.9 KiB
C

/*
* Copyright © 2012 Benjamin Franzke
* Copyright © 2013 Intel Corporation
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice (including the
* next paragraph) shall be included in all copies or substantial
* portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "config.h"
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/uio.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <unistd.h>
#include <linux/vt.h>
#include <linux/kd.h>
#include <linux/major.h>
#include <libweston/libweston.h>
#include "weston-launch.h"
#include "launcher-impl.h"
#include "shared/string-helpers.h"
#define DRM_MAJOR 226
#ifndef KDSKBMUTE
#define KDSKBMUTE 0x4B51
#endif
#ifdef BUILD_DRM_COMPOSITOR
#include <xf86drm.h>
#else
static inline int
drmDropMaster(int drm_fd)
{
return 0;
}
static inline int
drmSetMaster(int drm_fd)
{
return 0;
}
#endif
/* major()/minor() */
#ifdef MAJOR_IN_MKDEV
#include <sys/mkdev.h>
#endif
#ifdef MAJOR_IN_SYSMACROS
#include <sys/sysmacros.h>
#endif
union cmsg_data { unsigned char b[4]; int fd; };
struct launcher_weston_launch {
struct weston_launcher base;
struct weston_compositor *compositor;
struct wl_event_loop *loop;
int fd;
struct wl_event_source *source;
int kb_mode, tty, drm_fd;
int deferred_deactivate;
};
static ssize_t
launcher_weston_launch_send(int sockfd, void *buf, size_t buflen)
{
ssize_t len;
do {
len = send(sockfd, buf, buflen, 0);
} while (len < 0 && errno == EINTR);
return len;
}
static void
handle_deactivate(struct launcher_weston_launch *launcher)
{
int reply;
launcher->compositor->session_active = false;
wl_signal_emit(&launcher->compositor->session_signal,
launcher->compositor);
reply = WESTON_LAUNCHER_DEACTIVATE_DONE;
launcher_weston_launch_send(launcher->fd, &reply, sizeof reply);
}
static void
idle_deactivate(void *data)
{
struct launcher_weston_launch *launcher = data;
if (launcher->deferred_deactivate) {
launcher->deferred_deactivate = 0;
handle_deactivate((struct launcher_weston_launch*)data);
}
}
static int
launcher_weston_launch_open(struct weston_launcher *launcher_base,
const char *path, int flags)
{
struct launcher_weston_launch *launcher = wl_container_of(launcher_base, launcher, base);
int n;
struct msghdr msg;
struct cmsghdr *cmsg;
struct iovec iov;
union cmsg_data *data;
char control[CMSG_SPACE(sizeof data->fd)];
ssize_t len;
struct weston_launcher_open *message;
struct { int id; int ret; } event;
n = sizeof(*message) + strlen(path) + 1;
message = malloc(n);
if (!message)
return -1;
message->header.opcode = WESTON_LAUNCHER_OPEN;
message->flags = flags;
strcpy(message->path, path);
launcher_weston_launch_send(launcher->fd, message, n);
free(message);
memset(&msg, 0, sizeof msg);
iov.iov_base = &event;
iov.iov_len = sizeof event;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_control = control;
while (1) {
msg.msg_controllen = sizeof control;
do {
len = recvmsg(launcher->fd, &msg, MSG_CMSG_CLOEXEC);
} while (len < 0 && errno == EINTR);
// Only OPEN_REPLY and up to one DEACTIVATE message should be possible here
if ((len == sizeof event) && (event.id == WESTON_LAUNCHER_OPEN_REPLY))
break;
if ((len == sizeof event.id) && (event.id == WESTON_LAUNCHER_DEACTIVATE) && (launcher->deferred_deactivate == 0)) {
wl_event_loop_add_idle(wl_display_get_event_loop(launcher->compositor->wl_display), idle_deactivate, launcher);
launcher->deferred_deactivate = 1;
} else {
weston_log("unexpected event %d (len=%zd) from weston-launch\n", event.id, len);
return -1;
}
}
if (event.ret < 0)
return -1;
cmsg = CMSG_FIRSTHDR(&msg);
if (!cmsg ||
cmsg->cmsg_level != SOL_SOCKET ||
cmsg->cmsg_type != SCM_RIGHTS) {
fprintf(stderr, "invalid control message\n");
return -1;
}
data = (union cmsg_data *) CMSG_DATA(cmsg);
if (data->fd == -1) {
fprintf(stderr, "missing drm fd in socket request\n");
return -1;
}
return data->fd;
}
static void
launcher_weston_launch_close(struct weston_launcher *launcher_base, int fd)
{
close(fd);
}
static void
launcher_weston_launch_restore(struct weston_launcher *launcher_base)
{
struct launcher_weston_launch *launcher = wl_container_of(launcher_base, launcher, base);
struct vt_mode mode = { 0 };
if (ioctl(launcher->tty, KDSKBMUTE, 0) &&
ioctl(launcher->tty, KDSKBMODE, launcher->kb_mode))
weston_log("failed to restore kb mode: %s\n",
strerror(errno));
if (ioctl(launcher->tty, KDSETMODE, KD_TEXT))
weston_log("failed to set KD_TEXT mode on tty: %s\n",
strerror(errno));
/* We have to drop master before we switch the VT back in
* VT_AUTO, so we don't risk switching to a VT with another
* display server, that will then fail to set drm master. */
drmDropMaster(launcher->drm_fd);
mode.mode = VT_AUTO;
if (ioctl(launcher->tty, VT_SETMODE, &mode) < 0)
weston_log("could not reset vt handling\n");
}
static int
launcher_weston_launch_data(int fd, uint32_t mask, void *data)
{
struct launcher_weston_launch *launcher = data;
int len, ret;
if (mask & (WL_EVENT_HANGUP | WL_EVENT_ERROR)) {
weston_log("launcher socket closed, exiting\n");
/* Normally the weston-launch will reset the tty, but
* in this case it died or something, so do it here so
* we don't end up with a stuck vt. */
launcher_weston_launch_restore(&launcher->base);
exit(-1);
}
if (launcher->deferred_deactivate) {
launcher->deferred_deactivate = 0;
handle_deactivate(launcher);
return 1;
}
do {
len = recv(launcher->fd, &ret, sizeof ret, 0);
} while (len < 0 && errno == EINTR);
switch (ret) {
case WESTON_LAUNCHER_ACTIVATE:
launcher->compositor->session_active = true;
wl_signal_emit(&launcher->compositor->session_signal,
launcher->compositor);
break;
case WESTON_LAUNCHER_DEACTIVATE:
handle_deactivate(launcher);
break;
default:
weston_log("unexpected event from weston-launch\n");
break;
}
return 1;
}
static int
launcher_weston_launch_activate_vt(struct weston_launcher *launcher_base, int vt)
{
struct launcher_weston_launch *launcher = wl_container_of(launcher_base, launcher, base);
return ioctl(launcher->tty, VT_ACTIVATE, vt);
}
static int
launcher_weston_environment_get_fd(const char *env)
{
char *e;
int fd, flags;
e = getenv(env);
if (!e || !safe_strtoint(e, &fd)) {
weston_log("could not get launcher fd from env\n");
return -1;
}
flags = fcntl(fd, F_GETFD);
if (flags == -1) {
weston_log("could not get fd flags!, env: %s, error: %s\n",
env, strerror(errno));
return -1;
}
fcntl(fd, F_SETFD, flags | FD_CLOEXEC);
unsetenv(env);
return fd;
}
static int
launcher_weston_launch_connect(struct weston_launcher **out, struct weston_compositor *compositor,
int tty, const char *seat_id, bool sync_drm)
{
struct launcher_weston_launch *launcher;
struct wl_event_loop *loop;
launcher = malloc(sizeof *launcher);
if (launcher == NULL)
return -ENOMEM;
launcher->base.iface = &launcher_weston_launch_iface;
* (struct launcher_weston_launch **) out = launcher;
launcher->compositor = compositor;
launcher->drm_fd = -1;
launcher->deferred_deactivate = 0;
launcher->fd = launcher_weston_environment_get_fd("WESTON_LAUNCHER_SOCK");
if (launcher->fd != -1) {
launcher->tty = launcher_weston_environment_get_fd("WESTON_TTY_FD");
/* We don't get a chance to read out the original kb
* mode for the tty, so just hard code K_UNICODE here
* in case we have to clean if weston-launch dies. */
launcher->kb_mode = K_UNICODE;
loop = wl_display_get_event_loop(compositor->wl_display);
launcher->source = wl_event_loop_add_fd(loop, launcher->fd,
WL_EVENT_READABLE,
launcher_weston_launch_data,
launcher);
if (launcher->source == NULL) {
free(launcher);
weston_log("failed to get weston-launcher socket fd event source\n");
return -ENOMEM;
}
return 0;
} else {
return -1;
}
}
static void
launcher_weston_launch_destroy(struct weston_launcher *launcher_base)
{
struct launcher_weston_launch *launcher = wl_container_of(launcher_base, launcher, base);
if (launcher->fd != -1) {
close(launcher->fd);
wl_event_source_remove(launcher->source);
} else {
launcher_weston_launch_restore(&launcher->base);
}
if (launcher->tty >= 0)
close(launcher->tty);
free(launcher);
}
static int
launcher_weston_launch_get_vt(struct weston_launcher *base)
{
struct launcher_weston_launch *launcher = wl_container_of(base, launcher, base);
struct stat s;
if (fstat(launcher->tty, &s) < 0) {
weston_log("could not fstat launcher tty: %s\n", strerror(errno));
return -1;
}
return minor(s.st_rdev);
}
const struct launcher_interface launcher_weston_launch_iface = {
.name = "weston_launch",
.connect = launcher_weston_launch_connect,
.destroy = launcher_weston_launch_destroy,
.open = launcher_weston_launch_open,
.close = launcher_weston_launch_close,
.activate_vt = launcher_weston_launch_activate_vt,
.get_vt = launcher_weston_launch_get_vt,
};