fortify/helper/helper.go
Ophestra Umiker d530a9e9f9
helper: stub helper for tests
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-29 14:40:01 +09:00

198 lines
3.9 KiB
Go

/*
Package helper runs external helpers and manages their status and args FDs.
*/
package helper
import (
"errors"
"io"
"os"
"os/exec"
"sync"
)
var (
ErrStatusFault = errors.New("generic status pipe fault")
ErrStatusRead = errors.New("unexpected status response")
)
const (
FortifyHelper = "FORTIFY_HELPER"
FortifyStatus = "FORTIFY_STATUS"
)
// Helper wraps *exec.Cmd and manages status and args fd.
// Args is always 3 and status if set is always 4.
type Helper struct {
args io.WriterTo
statP [2]*os.File
argsP [2]*os.File
ready chan error
// ExtraFiles specifies additional open files to be inherited by the
// new process. It does not include standard input, standard output, or
// standard error. If non-nil, entry i becomes file descriptor 5+i.
ExtraFiles []*os.File
lock sync.RWMutex
*exec.Cmd
}
func (h *Helper) StartNotify(ready chan error) error {
h.lock.Lock()
defer h.lock.Unlock()
// Check for doubled Start calls before we defer failure cleanup. If the prior
// call to Start succeeded, we don't want to spuriously close its pipes.
if h.Cmd.Process != nil {
return errors.New("exec: already started")
}
// create pipes
if pr, pw, err := os.Pipe(); err != nil {
return err
} else {
h.argsP[0], h.argsP[1] = pr, pw
}
// create status pipes if ready signal is requested
var sv string
if ready != nil {
if pr, pw, err := os.Pipe(); err != nil {
return err
} else {
h.statP[0], h.statP[1] = pr, pw
}
sv = FortifyStatus + "=1"
} else {
sv = FortifyStatus + "=0"
}
// prepare extra files from caller
el := len(h.ExtraFiles)
if ready != nil {
el += 2
} else {
el++
}
ef := make([]*os.File, 0, el)
ef = append(ef, h.argsP[0])
if ready != nil {
ef = append(ef, h.statP[1])
}
ef = append(ef, h.ExtraFiles...)
// prepare and start process
h.Cmd.ExtraFiles = ef
h.Cmd.Env = append(h.Cmd.Env, FortifyHelper+"=1", sv)
if err := h.Cmd.Start(); err != nil {
return err
}
statsP, argsP := h.statP[0], h.argsP[1]
// write arguments and close args pipe
if _, err := h.args.WriteTo(argsP); err != nil {
if err1 := h.Cmd.Process.Kill(); err1 != nil {
panic(err1)
}
return err
} else {
if err = argsP.Close(); err != nil {
if err1 := h.Cmd.Process.Kill(); err1 != nil {
panic(err1)
}
return err
}
}
if ready != nil {
h.ready = ready
// monitor stat pipe
go func() {
n, err := statsP.Read(make([]byte, 1))
switch n {
case -1:
if err1 := h.Cmd.Process.Kill(); err1 != nil {
panic(err1)
}
// ensure error is not nil
if err == nil {
err = ErrStatusFault
}
ready <- err
case 0:
// ensure error is not nil
if err == nil {
err = ErrStatusRead
}
ready <- err
case 1:
ready <- nil
default:
panic("unreachable") // unexpected read count
}
}()
}
return nil
}
func (h *Helper) Wait() error {
h.lock.RLock()
defer h.lock.RUnlock()
if h.Cmd.Process == nil {
return errors.New("exec: not started")
}
if h.Cmd.ProcessState != nil {
return errors.New("exec: Wait was already called")
}
// ensure pipe close
defer func() {
if err := h.argsP[0].Close(); err != nil && !errors.Is(err, os.ErrClosed) {
panic(err)
}
if err := h.argsP[1].Close(); err != nil && !errors.Is(err, os.ErrClosed) {
panic(err)
}
if h.ready != nil {
if err := h.statP[0].Close(); err != nil && !errors.Is(err, os.ErrClosed) {
panic(err)
}
if err := h.statP[1].Close(); err != nil && !errors.Is(err, os.ErrClosed) {
panic(err)
}
}
}()
return h.Cmd.Wait()
}
func (h *Helper) Close() error {
if h.ready == nil {
panic("attempted to close helper with no status pipe")
}
return h.statP[0].Close()
}
func (h *Helper) Start() error {
return h.StartNotify(nil)
}
var execCommand = exec.Command
func New(wt io.WriterTo, name string, arg ...string) *Helper {
if wt == nil {
panic("attempted to create helper with invalid argument writer")
}
return &Helper{args: wt, Cmd: execCommand(name, arg...)}
}