diff options
author | Michael Pratt <mpratt@google.com> | 2018-06-21 14:53:05 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-06-21 14:53:55 -0700 |
commit | 2dedbc7211fb6b7f8b86148e6627054e781eaa87 (patch) | |
tree | 75ecc27e664f6dcf82c0833cd66b639aa1797b42 /pkg/sentry | |
parent | f6be5fe6193163ad46722bc36209572da4a15ad0 (diff) |
Drop return from SendExternalSignal
SendExternalSignal is no longer called before CreateProcess, so it can
enforce this simplified precondition.
StartForwarding, and after Kernel.Start.
PiperOrigin-RevId: 201591170
Change-Id: Ib7022ef7895612d7d82a00942ab59fa433c4d6e9
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/kernel/kernel.go | 7 | ||||
-rw-r--r-- | pkg/sentry/kernel/signal.go | 13 | ||||
-rw-r--r-- | pkg/sentry/sighandling/sighandling.go | 14 |
3 files changed, 19 insertions, 15 deletions
diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go index a17148af1..5662b8f08 100644 --- a/pkg/sentry/kernel/kernel.go +++ b/pkg/sentry/kernel/kernel.go @@ -760,12 +760,11 @@ func (k *Kernel) Unpause() { // // context is used only for debugging to describe how the signal was received. // -// Returns false if signal could not be sent because the Kernel is not fully -// initialized yet. -func (k *Kernel) SendExternalSignal(info *arch.SignalInfo, context string) bool { +// Preconditions: Kernel must have an init process. +func (k *Kernel) SendExternalSignal(info *arch.SignalInfo, context string) { k.extMu.Lock() defer k.extMu.Unlock() - return k.sendExternalSignal(info, context) + k.sendExternalSignal(info, context) } // FeatureSet returns the FeatureSet. diff --git a/pkg/sentry/kernel/signal.go b/pkg/sentry/kernel/signal.go index 8edd05cdf..e3a2a777a 100644 --- a/pkg/sentry/kernel/signal.go +++ b/pkg/sentry/kernel/signal.go @@ -15,6 +15,8 @@ package kernel import ( + "fmt" + "gvisor.googlesource.com/gvisor/pkg/abi/linux" "gvisor.googlesource.com/gvisor/pkg/log" "gvisor.googlesource.com/gvisor/pkg/sentry/arch" @@ -33,13 +35,11 @@ const SignalPanic = linux.SIGUSR2 // // context is used only for debugging to differentiate these cases. // -// Returns false if signal could not be sent because the Kernel is not fully -// initialized yet. -func (k *Kernel) sendExternalSignal(info *arch.SignalInfo, context string) bool { +// Preconditions: Kernel must have an init process. +func (k *Kernel) sendExternalSignal(info *arch.SignalInfo, context string) { switch linux.Signal(info.Signo) { case platform.SignalInterrupt: // Assume that a call to platform.Context.Interrupt() misfired. - return true case SignalPanic: // SignalPanic is also specially handled in sentry setup to ensure that @@ -50,13 +50,10 @@ func (k *Kernel) sendExternalSignal(info *arch.SignalInfo, context string) bool default: log.Infof("Received external signal %d in %s context", info.Signo, context) if k.globalInit == nil { - log.Warningf("Received external signal %d before init created", info.Signo) - return false + panic(fmt.Sprintf("Received external signal %d before init created", info.Signo)) } k.globalInit.SendSignal(info) } - - return true } // sigPriv returns a SignalInfo representing a signal sent by the sentry. (The diff --git a/pkg/sentry/sighandling/sighandling.go b/pkg/sentry/sighandling/sighandling.go index ef6f7f617..25295440c 100644 --- a/pkg/sentry/sighandling/sighandling.go +++ b/pkg/sentry/sighandling/sighandling.go @@ -16,6 +16,7 @@ package sighandling import ( + "fmt" "os" "os/signal" "reflect" @@ -65,7 +66,9 @@ func forwardSignals(k *kernel.Kernel, sigchans []chan os.Signal, start, stop cha // Otherwise, it was a signal on channel N. Index 0 represents the stop // channel, so index N represents the channel for signal N. - if !started || !k.SendExternalSignal(&arch.SignalInfo{Signo: int32(index)}, "sentry") { + signal := linux.Signal(index) + + if !started { // Kernel is not ready to receive signals. // // Kill ourselves if this signal would have killed the @@ -78,11 +81,16 @@ func forwardSignals(k *kernel.Kernel, sigchans []chan os.Signal, start, stop cha // TODO: Convert Go's runtime.raise from // tkill to tgkill so PrepareForwarding doesn't need to // be called until after filter installation. - switch linux.Signal(index) { + switch signal { case linux.SIGHUP, linux.SIGINT, linux.SIGTERM: - dieFromSignal(linux.Signal(index)) + dieFromSignal(signal) + panic(fmt.Sprintf("Failed to die from signal %d", signal)) + default: + continue } } + + k.SendExternalSignal(&arch.SignalInfo{Signo: int32(signal)}, "sentry") } // Close all individual channels. |