AuroraRuntime/Source/Process/Process.cpp
Reece cf70f0d45c [*/+/-] MEGA COMMIT. ~2 weeks compressed.
The intention is to quickly improve and add util apis, enhance functionality given current demands, go back to the build pipeline, finish that, publish runtime tests, and then use what we have to go back to to linux support with a more stable api.

[+] AuMakeSharedArray
[+] Technet ArgvQuote
[+] Grug subsystem (UNIX signal thread async safe ipc + telemetry flusher + log flusher.)
[+] auEndianness -> Endian swap utils
[+] AuGet<N>(...)
[*] AUE_DEFINE conversion for
        ECompresionType, EAnsiColor, EHashType, EStreamError, EHexDump
[+] ConsoleMessage ByteBuffer serialization
[+] CmdLine subsystem for parsing command line arguments and simple switch/flag checks
[*] Split logger from console subsystem
[+] StartupParameters -> A part of a clean up effort under Process
[*] Refactor SysErrors header + get caller hack
[+] Atomic APIs
[+] popcnt
[+] Ring Buffer sink
[+] Added more standard errors
        Catch,
        Submission,
        LockError,
        NoAccess,
        ResourceMissing,
        ResourceLocked,
        MalformedData,
        InSandboxContext,
        ParseError

[+] Added ErrorCategorySet, ErrorCategoryClear, GetStackTrace
[+] IExitSubscriber, ETriggerLevel
[*] Write bias the high performance RWLockImpl read-lock operation operation
[+] ExitHandlerAdd/ExitHandlerRemove (exit subsystem)
[*] Updated API style
        Digests
[+] CpuId::CpuBitCount
[+] GetUserProgramsFolder
[+] GetPackagePath
[*] Split IStreamReader with an inl file
[*] BlobWriter/BlobReader/BlobArbitraryReader can now take shared pointers to bytebuffers. default constructor allocates a new scalable bytebuffer
[+] ICharacterProvider
[+] ICharacterProviderEx
[+] IBufferedCharacterConsumer
[+] ProviderFromSharedString
[+] ProviderFromString
[+] BufferConsumerFromProvider
[*] Parse Subsystem uses character io bufferer
[*] Rewritten NT's high perf semaphore to use userland SRW/ConVars [like mutex, based on generic semaphore]
[+] ByteBuffer::ResetReadPointer
[*] Bug fix bytebuffer base not reset on free and some scaling issues
[+] ProcessMap -> Added kSectionNameStack, kSectionNameFile, kSectionNameHeap for Section
[*] ProcessMap -> Refactor Segment to Section. I was stupid for keeping a type conflict hack API facing
[+] Added 64 *byte* fast RNG seeds
[+] File Advisorys/File Lock Awareness
[+] Added extended IAuroraThread from OS identifier caches for debug purposes
[*] Tweaked how memory is reported on Windows. Better consistency of what values mean across functions.
[*] Broke AuroraUtils/Typedefs out into a separate library
[*] Update build script
[+] Put some more effort into adding detail to the readme before rewriting it, plus, added some media
[*] Improved public API documentation
[*] Bug fix `SetConsoleCtrlHandler`
[+] Locale TimeDateToFileNameISO8601
[+] Console config stdOutShortTime
[*] Begin using internal UTF8/16 decoders when platform support isnt available (instead of stl)
[*] Bug fixes in decoders
[*] Major bug fix, AuMax
[+] RateLimiter
[+] Binary file sink
[+] Log directory sink
[*] Data header usability (more operators)
[+] AuRemoveRange
[+] AuRemove
[+] AuTryRemove
[+] AuTryRemoveRange
[+] auCastUtils
[+] Finish NewLSWin32Source
[+] AuTryFindByTupleN, AuTryRemoveByTupleN
[+] Separated AuRead/Write types, now in auTypeUtils
[+] Added GetPosition/SetPosition to FileWriter
[*] Fix stupid AuMin in place of AuMax in SpawnThread.Unix.Cpp
[*] Refactored Arbitrary readers to SeekingReaders (as in, they could be atomic and/or parallelized, and accept an arbitrary position as a work parameter -> not Seekable, as in, you can simply set the position)
[*] Hack back in the sched deinit
[+] File AIO loop source interop
[+] Begin to prototype a LoopQueue object I had in mind for NT, untested btw
[+] Stub code for networking
[+] Compression BaseStream/IngestableStreamBase
[*] Major: read/write locks now support write-entrant read routines.
[*] Compression subsystem now uses the MemoryView concept
[*] Rewrite the base stream compressions, made them less broken
[*] Update hashing api
[*] WriterTryGoForward and ReaderTryGoForward now revert to the previous relative index instead of panicing
[+] Added new AuByteBuffer apis
    Trim, Pad, WriteFrom, WriteString, [TODO: ReadString]
[+] Added ByteBufferPushReadState
[+] Added ByteBufferPushWriteState
[*] Move from USC-16 to full UTF-16. Win32 can handle full UTF-16.
[*] ELogLevel is now an Aurora enum
[+] Raised arbitrary limit in header to 255, the max filter buffer
[+] Explicit GZip support
[+] Explicit Zip support
[+] Added [some] compressors

et al
2022-02-17 00:11:40 +00:00

552 lines
15 KiB
C++

/***
Copyright (C) 2021 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: Process.cpp
Date: 2021-8-20
Author: Reece
***/
#include <Source/RuntimeInternal.hpp>
#include "Process.hpp"
#if defined(AURORA_IS_POSIX_DERIVED)
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#endif
#if defined(AURORA_PLATFORM_WIN32)
#include <Softpub.h>
#include <wincrypt.h>
#include <wintrust.h>
#endif
#include <Source/IO/FS/FS.hpp>
#include <Source/IO/FS/Resources.hpp>
#include "ProcessMap.hpp"
namespace Aurora::Process
{
static AuThreadPrimitives::SpinLock gSpinLock;
static AuHashMap<AuString, void *> gModuleHandles;
static const bool kIsMainSigned = false;
static constexpr const char *GetPlatformString(Build::EPlatform platform)
{
switch (platform)
{
case Build::EPlatform::ePlatformWin32:
return ".Win32";
case Build::EPlatform::ePlatformLinux:
return ".Linux";
case Build::EPlatform::ePlatformAndroid:
return ".Android";
case Build::EPlatform::ePlatformAppleMacOS:
return ".Mac";
case Build::EPlatform::ePlatformIos:
return ".iOS";
case Build::EPlatform::eKernelBsd:
return ".BSD";
default:
return nullptr;
}
}
static constexpr const char *GetPlatformExt(Build::EPlatform platform)
{
switch (platform)
{
case Build::EPlatform::ePlatformWin32:
return ".dll";
case Build::EPlatform::ePlatformLinux:
case Build::EPlatform::ePlatformAndroid:
case Build::EPlatform::eKernelBsd:
return ".so";
case Build::EPlatform::ePlatformAppleMacOS:
case Build::EPlatform::ePlatformIos:
return ".dylib";
default:
return nullptr;
}
}
static constexpr const char *GetArchString(Build::EArchitecture architecture)
{
switch (architecture)
{
case Build::EArchitecture::eX86_32:
return ".x86_32";
case Build::EArchitecture::eX86_64:
return ".x86_64";
case Build::EArchitecture::eAArch64:
return ".arm";
default:
return nullptr;
}
}
static constexpr AuString ConstructAuDllSuffix()
{
auto platform = GetPlatformString(Build::kCurrentPlatform);
auto architecture = GetArchString(Build::kCurrentArchitecture);
auto ext = GetPlatformExt(Build::kCurrentPlatform);
AuString ret;
#if defined(DEBUG)
ret += ".Debug";
#elif defined(STAGING)
ret += ".Stage";
#elif defined(SHIP)
ret += ".Ship";
#endif
if (platform)
{
ret += platform;
}
if (architecture)
{
ret += architecture;
}
if (ext)
{
ret += ext;
}
return ret;
}
#if defined(AURORA_PLATFORM_WIN32)
bool VerifyEmbeddedSignature(const wchar_t *path, HANDLE handle)
{
LONG lStatus;
DWORD dwLastError;
WINTRUST_FILE_INFO FileData;
memset(&FileData, 0, sizeof(FileData));
FileData.cbStruct = sizeof(WINTRUST_FILE_INFO);
FileData.pcwszFilePath = path;
FileData.hFile = handle;
FileData.pgKnownSubject = NULL;
GUID WVTPolicyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
WINTRUST_DATA WinTrustData;
// Initialize the WinVerifyTrust input data structure.
// Default all fields to 0.
memset(&WinTrustData, 0, sizeof(WinTrustData));
WinTrustData.cbStruct = sizeof(WinTrustData);
// Use default code signing EKU.
WinTrustData.pPolicyCallbackData = NULL;
// No data to pass to SIP.
WinTrustData.pSIPClientData = NULL;
// Disable WVT UI.
WinTrustData.dwUIChoice = WTD_UI_NONE;
// Revocation checking.
WinTrustData.fdwRevocationChecks = WTD_REVOKE_WHOLECHAIN;
// Verify an embedded signature on a file.
WinTrustData.dwUnionChoice = WTD_CHOICE_FILE;
// Verify action.
WinTrustData.dwStateAction = WTD_STATEACTION_VERIFY;
// Verification sets this value.
WinTrustData.hWVTStateData = NULL;
// Not used.
WinTrustData.pwszURLReference = NULL;
// This is not applicable if there is no UI because it changes
// the UI to accommodate running applications instead of
// installing applications.
WinTrustData.dwUIContext = 0;
// Set pFile.
WinTrustData.pFile = &FileData;
// WinVerifyTrust verifies signatures as specified by the GUID
// and Wintrust_Data.
lStatus = WinVerifyTrust(
NULL,
&WVTPolicyGUID,
&WinTrustData);
bool status {};
switch (lStatus)
{
case ERROR_SUCCESS:
status = true;
break;
case TRUST_E_NOSIGNATURE:
// The file was not signed or had a signature
// that was not valid.
// Get the reason for no signature.
dwLastError = GetLastError();
if (TRUST_E_NOSIGNATURE == dwLastError ||
TRUST_E_SUBJECT_FORM_UNKNOWN == dwLastError ||
TRUST_E_PROVIDER_UNKNOWN == dwLastError)
{
SysPushErrorCrypt("The file is not signed.");
}
else
{
SysPushErrorCrypt("An unknown error occurred trying to verify the signature of the file.");
}
break;
case TRUST_E_EXPLICIT_DISTRUST:
SysPushErrorCrypt("The signature is present, but specifically disallowed.");
break;
case TRUST_E_SUBJECT_NOT_TRUSTED:
SysPushErrorCrypt("The signature is present, but not trusted.");
break;
case CRYPT_E_SECURITY_SETTINGS:
SysPushErrorCrypt("CRYPT_E_SECURITY_SETTINGS - The hash "
"representing the subject or the publisher wasn't "
"explicitly trusted by the admin and admin policy "
"has disabled user trust. No signature, publisher "
"or timestamp errors.");
break;
default:
SysPushErrorCrypt("Dependency Injection Error");
break;
}
WinTrustData.dwStateAction = WTD_STATEACTION_CLOSE;
lStatus = WinVerifyTrust(
NULL,
&WVTPolicyGUID,
&WinTrustData);
return status;
}
#endif
static bool LoadModule(const AuString &name, const AuString &path)
{
#if defined(AURORA_IS_MODERNNT_DERIVED)
auto handle = LoadLibraryW(Locale::ConvertFromUTF8(path).c_str());
if (handle == INVALID_HANDLE_VALUE)
{
SysPushErrorNested("Could't link dynamic library {}", path);
return {};
}
#else
auto handle = dlopen(path.c_str(), RTLD_DEEPBIND);
if (handle == nullptr)
{
SysPushErrorNested("Could't link dynamic library {}", path);
return {};
}
#endif
gModuleHandles.insert(AuMakePair(name, (void *)handle));
return true;
}
static bool TryLoadModule(const AuString &path,
#if defined(AURORA_IS_MODERNNT_DERIVED)
const AuString &abs,
#endif
const ModuleLoadRequest &request,
bool &fail
)
{
fail = false;
auto pathNrml = AuIOFS::NormalizePathRet(path);
#if defined(AURORA_IS_MODERNNT_DERIVED)
auto widePath = Locale::ConvertFromUTF8(pathNrml);
auto mitigateTimeOfUse = CreateFileW(widePath.c_str(), GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (mitigateTimeOfUse == INVALID_HANDLE_VALUE)
{
SysPushErrorNested("Couldn't open existing file. Race exploit?");
fail = true;
return false;
}
auto absPath = AuIOFS::NormalizePathRet(abs);
#endif
if (request.verify || (kIsMainSigned || request.enableMitigations))
{
#if defined(AURORA_PLATFORM_WIN32)
if (!VerifyEmbeddedSignature(widePath.c_str(), mitigateTimeOfUse))
{
SysPushErrorNested("Couldn't verify file {}", path);
fail = true;
AuWin32CloseHandle(mitigateTimeOfUse);
return false;
}
#else
AuLogWarn("Can't verify {} on this platform", path);
#endif
}
#if defined(AURORA_IS_POSIX_DERIVED)
if (request.enableMitigations && request.unixCheckPlusX)
{
struct stat sb;
if (stat(pathNrml.data(), &sb) != 0)
{
SysPushErrorNested("Couldn't open existing file. Race exploit?");
fail = true;
return false;
}
if ((sb.st_mode & S_IXUSR) == 0)
{
fail = true;
return false;
}
}
#endif
#if defined(AURORA_IS_MODERNNT_DERIVED)
auto returnValue = LoadModule(absPath);
#else
auto returnValue = LoadModule(pathNrml);
#endif
#if defined(AURORA_IS_MODERNNT_DERIVED)
// Still doesnt stop hotswaps, and idc
// Glitching would require software to time the attack
// ...requiring a certain degree of access (code execution) + effort
AuWin32CloseHandle(mitigateTimeOfUse);
#endif
return returnValue;
}
static bool TryLoadModule(const AuString &path, const AuString &auDll, const AuString &genericDll, const ModuleLoadRequest &request, bool &fail)
{
AuString a = path + "/" + auDll;
AuString b = path + "/" + genericDll;
#if defined(AURORA_IS_MODERNNT_DERIVED)
AuString aAbs = path + "/" + auDll + ".";
AuString bAbs = path + "/" + genericDll + ".";
#endif
if (AuIOFS::FileExists(a))
{
return TryLoadModule(a,
#if defined(AURORA_IS_MODERNNT_DERIVED)
aAbs,
#endif
request,
fail
);
}
if (AuIOFS::FileExists(b))
{
return TryLoadModule(b,
#if defined(AURORA_IS_MODERNNT_DERIVED)
bAbs,
#endif
request,
fail
);
}
return {};
}
static bool TryLoadModule(EModulePath path, const AuString &auDll, const AuString &genericDll, const ModuleLoadRequest &request)
{
AuString pathA, pathB;
switch (path)
{
case EModulePath::eModulePathCWD:
if (!Process::GetWorkingDirectory(pathA)) return false;
break;
case EModulePath::eProcessDirectory:
if (!Process::GetProcDirectory(pathA)) return false;
break;
case EModulePath::eModulePathSystemDir:
pathA = AuIOFS::GetSystemLibPath().value_or(AuString {});
pathB = AuIOFS::GetSystemLibPath2().value_or(AuString {});
if (pathA.empty()) return false;
break;
case EModulePath::eModulePathUserDir:
pathA = AuIOFS::GetUserLibPath().value_or(AuString {});
pathB = AuIOFS::GetUserLibPath2().value_or(AuString {});
if (pathA.empty()) return false;
break;
//case EModulePath::eOSSpecified:
//
// break;
case EModulePath::eSpecified:
break;
}
bool fail {};
if (pathA.size())
{
if (TryLoadModule(pathA, auDll, genericDll, request, fail))
{
return true;
}
if (fail)
{
return false;
}
}
if (pathB.size())
{
if (TryLoadModule(pathB, auDll, genericDll, request, fail))
{
return true;
}
if (fail)
{
return false;
}
}
if (path == EModulePath::eSpecified && request.specifiedSearchPaths)
{
for (const auto &val : *request.specifiedSearchPaths)
{
if (TryLoadModule(val, auDll, genericDll, request, fail))
{
return true;
}
if (fail)
{
return false;
}
}
}
return {};
}
AUKN_SYM bool LoadModule(const ModuleLoadRequest &request)
{
AU_LOCK_GUARD(gSpinLock);
auto h = gModuleHandles.find(request.mod);
if (h != gModuleHandles.end())
{
return true;
}
auto au = request.mod + ConstructAuDllSuffix();
auto base = request.mod;
auto ext = GetPlatformExt(Build::kCurrentPlatform);
if (ext && !Build::kIsNtDerived)
{
base += ext;
}
if (request.version.size())
{
au += "." + request.version;
base += "." + request.version;
}
if (ext && Build::kIsNtDerived)
{
base += ext;
}
auto searchPath = request.searchPath ? request.searchPath : &kUserOverloadableSearchPath;
for (EModulePath path : *searchPath)
{
if (TryLoadModule(path, au, base, request))
{
return true;
}
}
return false;
}
AUKN_SYM AuMach GetProcAddress(AuString mod, AuString symbol)
{
AU_LOCK_GUARD(gSpinLock);
auto h = gModuleHandles.find(mod);
if (h == gModuleHandles.end())
{
SysPushErrorGen("Module {} is not loaded", mod);
return {};
}
auto handle = h->second;
#if defined(AURORA_IS_MODERNNT_DERIVED)
auto ret = reinterpret_cast<AuMach>(::GetProcAddress(reinterpret_cast<HMODULE>(handle), symbol.c_str()));
#else
auto ret = reinterpret_cast<AuMach>(dlsym(handle, symbol.c_str()));
#endif
if (!ret)
{
SysPushErrorGen("Couldn't resolve symbol in module {} of mangled name '{}'", mod, symbol);
}
return ret;
}
AUKN_SYM void Exit(AuUInt32 exitcode)
{
#if defined(AURORA_IS_MODERNNT_DERIVED)
ExitProcess(exitcode);
#elif defined(AURORA_IS_POSIX_DERIVED)
exit(exitcode);
#else
// ???
*(AuUInt32 *)0 = exitcode;
*(AuUInt32 *)0xFFFF = exitcode;
*(AuUInt32 *)0xFFFFFFFF = exitcode;
#endif
}
void InitProcess()
{
// TODO (reece): test if self is signed -> xref kIsMainSigned
InitProcessMap();
}
void DeinitProcess()
{
DeinitProcessMap();
}
}