1 /* $OpenBSD: atexit.c,v 1.20 2014/07/11 09:51:37 kettenis Exp $ */ 2 /* 3 * Copyright (c) 2002 Daniel Hartmeier 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * - Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * - Redistributions in binary form must reproduce the above 13 * copyright notice, this list of conditions and the following 14 * disclaimer in the documentation and/or other materials provided 15 * with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 20 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 21 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 27 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * 30 */ 31 32 #include "atexit.h" 33 34 #include <pthread.h> 35 #include <stdlib.h> 36 #include <string.h> 37 #include <unistd.h> 38 #include <sys/mman.h> 39 #include <sys/prctl.h> 40 #include <sys/types.h> 41 42 static pthread_mutex_t g_atexit_lock = PTHREAD_MUTEX_INITIALIZER; 43 #define _ATEXIT_LOCK() pthread_mutex_lock(&g_atexit_lock) 44 #define _ATEXIT_UNLOCK() pthread_mutex_unlock(&g_atexit_lock) 45 46 struct atexit { 47 struct atexit *next; /* next in list */ 48 int ind; /* next index in this table */ 49 int max; /* max entries >= ATEXIT_SIZE */ 50 struct atexit_fn { 51 void (*fn_ptr)(void *); 52 void *fn_arg; /* argument for CXA callback */ 53 void *fn_dso; /* shared module handle */ 54 } fns[1]; /* the table itself */ 55 }; 56 57 static struct atexit *__atexit; 58 static int restartloop; 59 60 /* BEGIN android-changed: __unregister_atfork is used by __cxa_finalize */ 61 extern void __unregister_atfork(void* dso); 62 /* END android-changed */ 63 64 /* 65 * Function pointers are stored in a linked list of pages. The list 66 * is initially empty, and pages are allocated on demand. The first 67 * function pointer in the first allocated page (the last one in 68 * the linked list) is reserved for the cleanup function. 69 * 70 * Outside the following functions, all pages are mprotect()'ed 71 * to prevent unintentional/malicious corruption. 72 */ 73 74 /* 75 * Register a function to be performed at exit or when a shared object 76 * with the given dso handle is unloaded dynamically. Also used as 77 * the backend for atexit(). For more info on this API, see: 78 * 79 * http://www.codesourcery.com/cxx-abi/abi.html#dso-dtor 80 */ 81 int 82 __cxa_atexit(void (*func)(void *), void *arg, void *dso) 83 { 84 struct atexit_fn *fnp; 85 size_t pgsize = getpagesize(); 86 int ret = -1; 87 88 if (pgsize < sizeof(struct atexit)) 89 return (-1); 90 _ATEXIT_LOCK(); 91 struct atexit *p = __atexit; 92 if (p != NULL) { 93 if (p->ind + 1 >= p->max) 94 p = NULL; 95 else if (mprotect(p, pgsize, PROT_READ | PROT_WRITE)) 96 goto unlock; 97 } 98 if (p == NULL) { 99 p = mmap(NULL, pgsize, PROT_READ | PROT_WRITE, 100 MAP_ANON | MAP_PRIVATE, -1, 0); 101 if (p == MAP_FAILED) 102 goto unlock; 103 /* BEGIN android-changed */ 104 prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, p, pgsize, 105 "atexit handlers"); 106 /* END android-changed */ 107 if (__atexit == NULL) { 108 memset(&p->fns[0], 0, sizeof(p->fns[0])); 109 p->ind = 1; 110 } else 111 p->ind = 0; 112 p->max = (pgsize - ((char *)&p->fns[0] - (char *)p)) / 113 sizeof(p->fns[0]); 114 p->next = __atexit; 115 __atexit = p; 116 } 117 fnp = &p->fns[p->ind++]; 118 fnp->fn_ptr = func; 119 fnp->fn_arg = arg; 120 fnp->fn_dso = dso; 121 if (mprotect(p, pgsize, PROT_READ)) 122 goto unlock; 123 restartloop = 1; 124 ret = 0; 125 unlock: 126 _ATEXIT_UNLOCK(); 127 return (ret); 128 } 129 130 /* 131 * Call all handlers registered with __cxa_atexit() for the shared 132 * object owning 'dso'. 133 * Note: if 'dso' is NULL, then all remaining handlers are called. 134 */ 135 void 136 __cxa_finalize(void *dso) 137 { 138 struct atexit *p, *q; 139 struct atexit_fn fn; 140 int n, pgsize = getpagesize(); 141 static int call_depth; 142 143 _ATEXIT_LOCK(); 144 call_depth++; 145 146 restart: 147 restartloop = 0; 148 for (p = __atexit; p != NULL; p = p->next) { 149 for (n = p->ind; --n >= 0;) { 150 if (p->fns[n].fn_ptr == NULL) 151 continue; /* already called */ 152 if (dso != NULL && dso != p->fns[n].fn_dso) 153 continue; /* wrong DSO */ 154 155 /* 156 * Mark handler as having been already called to avoid 157 * dupes and loops, then call the appropriate function. 158 */ 159 fn = p->fns[n]; 160 if (mprotect(p, pgsize, PROT_READ | PROT_WRITE) == 0) { 161 p->fns[n].fn_ptr = NULL; 162 mprotect(p, pgsize, PROT_READ); 163 } 164 _ATEXIT_UNLOCK(); 165 (*fn.fn_ptr)(fn.fn_arg); 166 _ATEXIT_LOCK(); 167 if (restartloop) 168 goto restart; 169 } 170 } 171 172 call_depth--; 173 174 /* 175 * If called via exit(), unmap the pages since we have now run 176 * all the handlers. We defer this until calldepth == 0 so that 177 * we don't unmap things prematurely if called recursively. 178 */ 179 if (dso == NULL && call_depth == 0) { 180 for (p = __atexit; p != NULL; ) { 181 q = p; 182 p = p->next; 183 munmap(q, pgsize); 184 } 185 __atexit = NULL; 186 } 187 _ATEXIT_UNLOCK(); 188 189 /* If called via exit(), flush output of all open files. */ 190 if (dso == NULL) { 191 extern void __libc_stdio_cleanup(void); 192 __libc_stdio_cleanup(); 193 } 194 195 /* BEGIN android-changed: call __unregister_atfork if dso is not null */ 196 if (dso != NULL) { 197 __unregister_atfork(dso); 198 } 199 /* END android-changed */ 200 } 201
