History log of /unit/src/nxt_process.c (Results 1 – 25 of 57)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 2174:a7fb5d8a9590 17-Feb-2022 Max Romanov

Fixing isolated process PID manipulation.

Registering an isolated PID in the global PID hash is wrong
because it can be duplicated. Isolated processes are stored only
in the children list until the

Fixing isolated process PID manipulation.

Registering an isolated PID in the global PID hash is wrong
because it can be duplicated. Isolated processes are stored only
in the children list until the response for the WHOAMI message is
processed and the global PID is discovered.

To remove isolated siblings, a pointer to the children list is
introduced in the nxt_process_init_t struct.

This closes #633 issue on GitHub.

show more ...


# 2151:fab207c6836c 19-Jun-2022 Alejandro Colomar

Removed code used when NXT_HAVE_POSIX_SPAWN is false.

posix_spawn(3POSIX) was introduced by POSIX.1d
(IEEE Std 1003.1d-1999), and was later consolidated in
POSIX.1-2001, requiring it in all POSIX-co

Removed code used when NXT_HAVE_POSIX_SPAWN is false.

posix_spawn(3POSIX) was introduced by POSIX.1d
(IEEE Std 1003.1d-1999), and was later consolidated in
POSIX.1-2001, requiring it in all POSIX-compliant systems.
It's safe to assume it's always available, more than 20 years
after its standardization.

Link: <https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/spawn.h.html>

show more ...


Revision tags: 1.27.0-1, 1.27.0, 1.26.1-1, 1.26.1
# 2015:4570130dd183 24-Nov-2021 Max Romanov

Fixing alerts on router restart.

Splitting the process type connectivity matrix to 'keep ports' and 'send
ports'; the 'keep ports' matrix is used to clean up unnecessary ports after
forking a new pr

Fixing alerts on router restart.

Splitting the process type connectivity matrix to 'keep ports' and 'send
ports'; the 'keep ports' matrix is used to clean up unnecessary ports after
forking a new process, and the 'send ports' matrix determines which process
types expect to get created process ports.

Unfortunately, the original single connectivity matrix no longer works because
of an application stop delay caused by prototypes. Existing applications
should not get the new router port at the moment.

show more ...


Revision tags: 1.26.0-1, 1.26.0
# 1998:c8790d2a89bb 09-Nov-2021 Tiago Natel de Moura

Introducing application prototype processes.


# 1997:a8a3f1d243ee 09-Nov-2021 Tiago Natel de Moura

Changed nxt_process_* for reuse.

This enables the reuse of process creation functions.


Revision tags: 1.25.0-1, 1.25.0, 1.24.0-1, 1.24.0, 1.23.0-1, 1.23.0, 1.22.0-1, 1.22.0, 1.21.0-1, 1.21.0
# 1668:03fa2be97871 27-Oct-2020 Max Romanov

Preserving the app port write socket.

The socket is required for intercontextual communication in multithreaded apps.


Revision tags: 1.20.0-1, 1.20.0
# 1579:c80e692dc644 20-Aug-2020 Tiago Natel de Moura

Moved isolation related code to "nxt_isolation.c".


Revision tags: 1.19.0-1, 1.19.0
# 1548:a745db447e56 11-Aug-2020 Max Romanov

Process structures refactoring in runtime and libunit.

Generic process-to-process shared memory exchange is no more required. Here,
it is transformed into a router-to-application pattern. The outg

Process structures refactoring in runtime and libunit.

Generic process-to-process shared memory exchange is no more required. Here,
it is transformed into a router-to-application pattern. The outgoing shared
memory segments collection is now the property of the application structure.
The applications connect to the router only, and the process only needs to group
the ports.

show more ...


# 1545:78836321a126 11-Aug-2020 Max Romanov

Changing router to application port exchange protocol.

The application process needs to request the port from the router instead of the
latter pushing the port before sending a request to the applic

Changing router to application port exchange protocol.

The application process needs to request the port from the router instead of the
latter pushing the port before sending a request to the application. This is
required to simplify the communication between the router and the application
and to prepare the router to use the application shared port and then the queue.

show more ...


# 1543:42f27153db91 11-Aug-2020 Max Romanov

Libunit refactoring: port management.

- Changed the port management callbacks to notifications, which e. g. avoids
the need to call the libunit function
- Added context and library instance referenc

Libunit refactoring: port management.

- Changed the port management callbacks to notifications, which e. g. avoids
the need to call the libunit function
- Added context and library instance reference counts for a safer resource
release
- Added the router main port initialization

show more ...


# 1503:c21230ef5a0e 22-Jun-2020 Tiago Natel de Moura

Isolation: fixed build when features aren't detected.


Revision tags: 1.18.0-1, 1.18.0
# 1489:4a3ec07f4b19 28-May-2020 Tiago Natel de Moura

Added "rootfs" feature.


# 1488:6976d36be926 09-Mar-2020 Tiago Natel de Moura

Refactor of process management.

The process abstraction has changed to:

setup(task, process)
start(task, process_data)
prefork(task, process, mp)

The prefork() occurs in the main process rig

Refactor of process management.

The process abstraction has changed to:

setup(task, process)
start(task, process_data)
prefork(task, process, mp)

The prefork() occurs in the main process right before fork.

The file src/nxt_main_process.c is completely free of process
specific logic.

The creation of a process now supports a PROCESS_CREATED state. The
The setup() function of each process can set its state to either
created or ready. If created, a MSG_PROCESS_CREATED is sent to main
process, where external setup can be done (required for rootfs under
container).

The core processes (discovery, controller and router) doesn't need
external setup, then they all proceeds to their start() function
straight away.

In the case of applications, the load of the module happens at the
process setup() time and The module's init() function has changed
to be the start() of the process.

The module API has changed to:

setup(task, process, conf)
start(task, data)

As a direct benefit of the PROCESS_CREATED message, the clone(2) of
processes using pid namespaces now doesn't need to create a pipe
to make the child block until parent setup uid/gid mappings nor it
needs to receive the child pid.

show more ...


Revision tags: 1.17.0-1, 1.17.0
# 1452:e95c10330013 10-Apr-2020 Max Romanov

Resolving a racing condition while adding ports on the app's side.

An earlier attempt (ad6265786871) to resolve this condition on the
router's side added a new issue: the app could get a request bef

Resolving a racing condition while adding ports on the app's side.

An earlier attempt (ad6265786871) to resolve this condition on the
router's side added a new issue: the app could get a request before
acquiring a port.

show more ...


# 1446:ad6265786871 06-Apr-2020 Max Romanov

Fixing 'find & add' racing condition in connected ports hash.

Missing error log messages added.


Revision tags: 1.16.0-1, 1.16.0, 1.15.0-1, 1.15.0, 1.14.0-1, 1.14.0
# 1306:3604d05e48be 06-Dec-2019 Tiago Natel

Isolation: allowed the use of credentials with unpriv userns.

The setuid/setgid syscalls requires root capabilities but if the kernel
supports unprivileged user namespace then the child process has

Isolation: allowed the use of credentials with unpriv userns.

The setuid/setgid syscalls requires root capabilities but if the kernel
supports unprivileged user namespace then the child process has the full
set of capabilities in the new namespace, then we can allow setting "user"
and "group" in such cases (this is a common security use case).

Tests were added to ensure user gets meaningful error messages for
uid/gid mapping misconfigurations.

show more ...


# 1305:966d691dab2c 06-Dec-2019 Tiago Natel

Moved credential-related code to nxt_credential.c.

This is required to avoid include cycles, as some nxt_clone_* functions
depend on the credential structures, but nxt_process depends on clone
struc

Moved credential-related code to nxt_credential.c.

This is required to avoid include cycles, as some nxt_clone_* functions
depend on the credential structures, but nxt_process depends on clone
structures.

show more ...


# 1302:d4c6a91f7091 26-Nov-2019 Tiago Natel

Refactor of process init.

Introduces the functions nxt_process_init_create() and
nxt_process_init_creds_set().


# 1297:f04b5f7d6137 26-Nov-2019 Tiago Natel

Changed the group listing to run unprivileged when possible.

Now the nxt_user_groups_get() function uses getgrouplist(3) when available
(except MacOS, see below). For some platforms, getgrouplist()

Changed the group listing to run unprivileged when possible.

Now the nxt_user_groups_get() function uses getgrouplist(3) when available
(except MacOS, see below). For some platforms, getgrouplist() supports
a method of probing how much groups the user has but the behavior is not
consistent. The method used here consists of optimistically trying to get up
to min(256, NGROUPS_MAX) groups; only if ngroups returned exceeds the original
value, we do a second call. This method can block main's process if LDAP/NDIS+
is in use.

MacOS has getgrouplist(3) but it's buggy. It doesn't update ngroups if the
value passed is smaller than the number of groups the user has. Some
projects (like Go stdlib) call getgrouplist() in a loop, increasing ngroups
until it exceeds the number of groups user belongs to or fail when a limit
is reached. For performance reasons, this is to be avoided and MacOS is
handled in the fallback implementation.

The fallback implementation is the old Unit approach. It saves main's
user groups (getgroups(2)) and then calls initgroups(3) to load application's
groups in main, then does a second getgroups(2) to store the gids and restore
main's groups in the end. Because of initgroups(3)' call to setgroups(2),
this method requires root capabilities. In the case of OSX, which has
small NGROUPS_MAX by default (16), it's not possible to restore main's groups
if it's large; if so, this method fallbacks again: user_cred gids aren't
stored, and the worker process calls initgroups() itself and may block for
some time if LDAP/NDIS+ is in use.

show more ...


Revision tags: 1.13.0-1, 1.13.0
# 1254:aae6699f4eee 29-Oct-2019 Hong Zhi Dao

Process port refactoring.

- Introduced nxt_runtime_process_port_create().
- Moved nxt_process_use() into nxt_process.c from nxt_runtime.c.
- Renamed nxt_runtime_process_remove_pid() as nxt_runtime_p

Process port refactoring.

- Introduced nxt_runtime_process_port_create().
- Moved nxt_process_use() into nxt_process.c from nxt_runtime.c.
- Renamed nxt_runtime_process_remove_pid() as nxt_runtime_process_remove().
- Some public functions transformed to static.

This closes #327 issue on GitHub.

show more ...


# 1252:a2d7ea9069ea 28-Oct-2019 Tiago Natel

Added clone syscall check for uid/gid mapping.

Now it's possible to pass -DNXT_HAVE_CLONE=0 for debugging.


# 1240:656d544a94e5 22-Oct-2019 Tiago Natel

Improved error logging when uid/gid map is not properly set.

When using "credential: true", the new namespace starts with a completely
empty uid and gid ranges. Then, any setuid/setgid/setgroups ca

Improved error logging when uid/gid map is not properly set.

When using "credential: true", the new namespace starts with a completely
empty uid and gid ranges. Then, any setuid/setgid/setgroups calls using ids
not properly mapped with uidmap and gidmap fields return EINVAL, meaning
the id is not valid inside the new namespace.

show more ...


Revision tags: 1.12.0-1, 1.12.0
# 1210:973269f705ba 26-Sep-2019 Valentin Bartenev

Refactored nxt_process_create() for more explicit pipe closing.


# 1209:a3dfe6c407b6 26-Sep-2019 Valentin Bartenev

Fixed descriptors leak on process creation.

The leak has been introduced in 325b315e48c4.
This closes #322 issue in GitHub.


Revision tags: 1.11.0-2, 1.11.0-1, 1.11.0
# 1182:325b315e48c4 19-Sep-2019 Tiago de Bem Natel de Moura

Initial applications isolation support using Linux namespaces.


123