| /* |
| * Copyright (C) 2008 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include "dalvik_system_ZygoteHooks.h" |
| |
| #include <stdlib.h> |
| |
| #include <android-base/logging.h> |
| #include <android-base/stringprintf.h> |
| |
| #include "arch/instruction_set.h" |
| #include "art_method-inl.h" |
| #include "base/macros.h" |
| #include "base/mutex.h" |
| #include "base/runtime_debug.h" |
| #include "debugger.h" |
| #include "hidden_api.h" |
| #include "jit/jit.h" |
| #include "jni/java_vm_ext.h" |
| #include "jni/jni_internal.h" |
| #include "native_util.h" |
| #include "nativehelper/jni_macros.h" |
| #include "nativehelper/scoped_utf_chars.h" |
| #include "non_debuggable_classes.h" |
| #include "oat_file.h" |
| #include "oat_file_manager.h" |
| #include "scoped_thread_state_change-inl.h" |
| #include "stack.h" |
| #include "thread-current-inl.h" |
| #include "thread_list.h" |
| #include "trace.h" |
| |
| #if defined(__linux__) |
| #include <sys/prctl.h> |
| #endif |
| |
| #include <sys/resource.h> |
| |
| namespace art { |
| |
| // Set to true to always determine the non-debuggable classes even if we would not allow a debugger |
| // to actually attach. |
| static bool kAlwaysCollectNonDebuggableClasses = |
| RegisterRuntimeDebugFlag(&kAlwaysCollectNonDebuggableClasses); |
| |
| using android::base::StringPrintf; |
| |
| static void EnableDebugger() { |
| #if defined(__linux__) |
| // To let a non-privileged gdbserver attach to this |
| // process, we must set our dumpable flag. |
| if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1) { |
| PLOG(ERROR) << "prctl(PR_SET_DUMPABLE) failed for pid " << getpid(); |
| } |
| |
| // Even if Yama is on a non-privileged native debugger should |
| // be able to attach to the debuggable app. |
| if (prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY, 0, 0, 0) == -1) { |
| // if Yama is off prctl(PR_SET_PTRACER) returns EINVAL - don't log in this |
| // case since it's expected behaviour. |
| if (errno != EINVAL) { |
| PLOG(ERROR) << "prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY) failed for pid " << getpid(); |
| } |
| } |
| #endif |
| // We don't want core dumps, though, so set the core dump size to 0. |
| rlimit rl; |
| rl.rlim_cur = 0; |
| rl.rlim_max = RLIM_INFINITY; |
| if (setrlimit(RLIMIT_CORE, &rl) == -1) { |
| PLOG(ERROR) << "setrlimit(RLIMIT_CORE) failed for pid " << getpid(); |
| } |
| } |
| |
| class ClassSet { |
| public: |
| // The number of classes we reasonably expect to have to look at. Realistically the number is more |
| // ~10 but there is little harm in having some extra. |
| static constexpr int kClassSetCapacity = 100; |
| |
| explicit ClassSet(Thread* const self) : self_(self) { |
| self_->GetJniEnv()->PushFrame(kClassSetCapacity); |
| } |
| |
| ~ClassSet() { |
| self_->GetJniEnv()->PopFrame(); |
| } |
| |
| void AddClass(ObjPtr<mirror::Class> klass) REQUIRES(Locks::mutator_lock_) { |
| class_set_.insert(self_->GetJniEnv()->AddLocalReference<jclass>(klass)); |
| } |
| |
| const std::unordered_set<jclass>& GetClasses() const { |
| return class_set_; |
| } |
| |
| private: |
| Thread* const self_; |
| std::unordered_set<jclass> class_set_; |
| }; |
| |
| static void DoCollectNonDebuggableCallback(Thread* thread, void* data) |
| REQUIRES(Locks::mutator_lock_) { |
| class NonDebuggableStacksVisitor : public StackVisitor { |
| public: |
| NonDebuggableStacksVisitor(Thread* t, ClassSet* class_set) |
| : StackVisitor(t, nullptr, StackVisitor::StackWalkKind::kIncludeInlinedFrames), |
| class_set_(class_set) {} |
| |
| ~NonDebuggableStacksVisitor() override {} |
| |
| bool VisitFrame() override REQUIRES(Locks::mutator_lock_) { |
| if (GetMethod()->IsRuntimeMethod()) { |
| return true; |
| } |
| class_set_->AddClass(GetMethod()->GetDeclaringClass()); |
| if (kIsDebugBuild) { |
| LOG(INFO) << GetMethod()->GetDeclaringClass()->PrettyClass() |
| << " might not be fully debuggable/deoptimizable due to " |
| << GetMethod()->PrettyMethod() << " appearing on the stack during zygote fork."; |
| } |
| return true; |
| } |
| |
| private: |
| ClassSet* class_set_; |
| }; |
| NonDebuggableStacksVisitor visitor(thread, reinterpret_cast<ClassSet*>(data)); |
| visitor.WalkStack(); |
| } |
| |
| static void CollectNonDebuggableClasses() REQUIRES(!Locks::mutator_lock_) { |
| Runtime* const runtime = Runtime::Current(); |
| Thread* const self = Thread::Current(); |
| // Get the mutator lock. |
| ScopedObjectAccess soa(self); |
| ClassSet classes(self); |
| { |
| // Drop the shared mutator lock. |
| ScopedThreadSuspension sts(self, art::ThreadState::kNative); |
| // Get exclusive mutator lock with suspend all. |
| ScopedSuspendAll suspend("Checking stacks for non-obsoletable methods!", |
| /*long_suspend=*/false); |
| MutexLock mu(Thread::Current(), *Locks::thread_list_lock_); |
| runtime->GetThreadList()->ForEach(DoCollectNonDebuggableCallback, &classes); |
| } |
| for (jclass klass : classes.GetClasses()) { |
| NonDebuggableClasses::AddNonDebuggableClass(klass); |
| } |
| } |
| |
| // Must match values in com.android.internal.os.Zygote. |
| enum { |
| DEBUG_ENABLE_JDWP = 1, |
| DEBUG_ENABLE_CHECKJNI = 1 << 1, |
| DEBUG_ENABLE_ASSERT = 1 << 2, |
| DEBUG_ENABLE_SAFEMODE = 1 << 3, |
| DEBUG_ENABLE_JNI_LOGGING = 1 << 4, |
| DEBUG_GENERATE_DEBUG_INFO = 1 << 5, |
| DEBUG_ALWAYS_JIT = 1 << 6, |
| DEBUG_NATIVE_DEBUGGABLE = 1 << 7, |
| DEBUG_JAVA_DEBUGGABLE = 1 << 8, |
| DISABLE_VERIFIER = 1 << 9, |
| ONLY_USE_SYSTEM_OAT_FILES = 1 << 10, |
| DEBUG_GENERATE_MINI_DEBUG_INFO = 1 << 11, |
| HIDDEN_API_ENFORCEMENT_POLICY_MASK = (1 << 12) |
| | (1 << 13), |
| PROFILE_SYSTEM_SERVER = 1 << 14, |
| |
| // bits to shift (flags & HIDDEN_API_ENFORCEMENT_POLICY_MASK) by to get a value |
| // corresponding to hiddenapi::EnforcementPolicy |
| API_ENFORCEMENT_POLICY_SHIFT = CTZ(HIDDEN_API_ENFORCEMENT_POLICY_MASK), |
| }; |
| |
| static uint32_t EnableDebugFeatures(uint32_t runtime_flags) { |
| Runtime* const runtime = Runtime::Current(); |
| if ((runtime_flags & DEBUG_ENABLE_CHECKJNI) != 0) { |
| JavaVMExt* vm = runtime->GetJavaVM(); |
| if (!vm->IsCheckJniEnabled()) { |
| LOG(INFO) << "Late-enabling -Xcheck:jni"; |
| vm->SetCheckJniEnabled(true); |
| // There's only one thread running at this point, so only one JNIEnv to fix up. |
| Thread::Current()->GetJniEnv()->SetCheckJniEnabled(true); |
| } else { |
| LOG(INFO) << "Not late-enabling -Xcheck:jni (already on)"; |
| } |
| runtime_flags &= ~DEBUG_ENABLE_CHECKJNI; |
| } |
| |
| if ((runtime_flags & DEBUG_ENABLE_JNI_LOGGING) != 0) { |
| gLogVerbosity.third_party_jni = true; |
| runtime_flags &= ~DEBUG_ENABLE_JNI_LOGGING; |
| } |
| |
| Dbg::SetJdwpAllowed((runtime_flags & DEBUG_ENABLE_JDWP) != 0); |
| if ((runtime_flags & DEBUG_ENABLE_JDWP) != 0) { |
| EnableDebugger(); |
| } |
| runtime_flags &= ~DEBUG_ENABLE_JDWP; |
| |
| const bool safe_mode = (runtime_flags & DEBUG_ENABLE_SAFEMODE) != 0; |
| if (safe_mode) { |
| // Only quicken oat files. |
| runtime->AddCompilerOption("--compiler-filter=quicken"); |
| runtime->SetSafeMode(true); |
| runtime_flags &= ~DEBUG_ENABLE_SAFEMODE; |
| } |
| |
| // This is for backwards compatibility with Dalvik. |
| runtime_flags &= ~DEBUG_ENABLE_ASSERT; |
| |
| if ((runtime_flags & DEBUG_ALWAYS_JIT) != 0) { |
| jit::JitOptions* jit_options = runtime->GetJITOptions(); |
| CHECK(jit_options != nullptr); |
| Runtime::Current()->DoAndMaybeSwitchInterpreter([=]() { |
| jit_options->SetJitAtFirstUse(); |
| }); |
| runtime_flags &= ~DEBUG_ALWAYS_JIT; |
| } |
| |
| bool needs_non_debuggable_classes = false; |
| if ((runtime_flags & DEBUG_JAVA_DEBUGGABLE) != 0) { |
| runtime->AddCompilerOption("--debuggable"); |
| runtime_flags |= DEBUG_GENERATE_MINI_DEBUG_INFO; |
| runtime->SetJavaDebuggable(true); |
| // Deoptimize the boot image as it may be non-debuggable. |
| runtime->DeoptimizeBootImage(); |
| runtime_flags &= ~DEBUG_JAVA_DEBUGGABLE; |
| needs_non_debuggable_classes = true; |
| } |
| if (needs_non_debuggable_classes || kAlwaysCollectNonDebuggableClasses) { |
| CollectNonDebuggableClasses(); |
| } |
| |
| if ((runtime_flags & DEBUG_NATIVE_DEBUGGABLE) != 0) { |
| runtime->AddCompilerOption("--debuggable"); |
| runtime_flags |= DEBUG_GENERATE_DEBUG_INFO; |
| runtime->SetNativeDebuggable(true); |
| runtime_flags &= ~DEBUG_NATIVE_DEBUGGABLE; |
| } |
| |
| if ((runtime_flags & DEBUG_GENERATE_MINI_DEBUG_INFO) != 0) { |
| // Generate native minimal debug information to allow backtracing. |
| runtime->AddCompilerOption("--generate-mini-debug-info"); |
| runtime_flags &= ~DEBUG_GENERATE_MINI_DEBUG_INFO; |
| } |
| |
| if ((runtime_flags & DEBUG_GENERATE_DEBUG_INFO) != 0) { |
| // Generate all native debug information we can (e.g. line-numbers). |
| runtime->AddCompilerOption("--generate-debug-info"); |
| runtime_flags &= ~DEBUG_GENERATE_DEBUG_INFO; |
| } |
| |
| return runtime_flags; |
| } |
| |
| static jlong ZygoteHooks_nativePreFork(JNIEnv* env, jclass) { |
| Runtime* runtime = Runtime::Current(); |
| CHECK(runtime->IsZygote()) << "runtime instance not started with -Xzygote"; |
| |
| runtime->PreZygoteFork(); |
| |
| if (Trace::GetMethodTracingMode() != TracingMode::kTracingInactive) { |
| // Tracing active, pause it. |
| Trace::Pause(); |
| } |
| |
| // Grab thread before fork potentially makes Thread::pthread_key_self_ unusable. |
| return reinterpret_cast<jlong>(ThreadForEnv(env)); |
| } |
| |
| static void ZygoteHooks_nativePostForkSystemServer(JNIEnv* env ATTRIBUTE_UNUSED, |
| jclass klass ATTRIBUTE_UNUSED) { |
| // This JIT code cache for system server is created whilst the runtime is still single threaded. |
| // System server has a window where it can create executable pages for this purpose, but this is |
| // turned off after this hook. Consequently, the only JIT mode supported is the dual-view JIT |
| // where one mapping is R->RW and the other is RX. Single view requires RX->RWX->RX. |
| Runtime::Current()->CreateJitCodeCache(/*rwx_memory_allowed=*/false); |
| } |
| |
| static void ZygoteHooks_nativePostForkChild(JNIEnv* env, |
| jclass, |
| jlong token, |
| jint runtime_flags, |
| jboolean is_system_server, |
| jboolean is_zygote, |
| jstring instruction_set) { |
| DCHECK(!(is_system_server && is_zygote)); |
| |
| Thread* thread = reinterpret_cast<Thread*>(token); |
| // Our system thread ID, etc, has changed so reset Thread state. |
| thread->InitAfterFork(); |
| runtime_flags = EnableDebugFeatures(runtime_flags); |
| hiddenapi::EnforcementPolicy api_enforcement_policy = hiddenapi::EnforcementPolicy::kNoChecks; |
| bool dedupe_hidden_api_warnings = true; |
| |
| if ((runtime_flags & DISABLE_VERIFIER) != 0) { |
| Runtime::Current()->DisableVerifier(); |
| runtime_flags &= ~DISABLE_VERIFIER; |
| } |
| |
| if ((runtime_flags & ONLY_USE_SYSTEM_OAT_FILES) != 0) { |
| Runtime::Current()->GetOatFileManager().SetOnlyUseSystemOatFiles(); |
| runtime_flags &= ~ONLY_USE_SYSTEM_OAT_FILES; |
| } |
| |
| api_enforcement_policy = hiddenapi::EnforcementPolicyFromInt( |
| (runtime_flags & HIDDEN_API_ENFORCEMENT_POLICY_MASK) >> API_ENFORCEMENT_POLICY_SHIFT); |
| runtime_flags &= ~HIDDEN_API_ENFORCEMENT_POLICY_MASK; |
| |
| bool profile_system_server = (runtime_flags & PROFILE_SYSTEM_SERVER) == PROFILE_SYSTEM_SERVER; |
| runtime_flags &= ~PROFILE_SYSTEM_SERVER; |
| |
| if (runtime_flags != 0) { |
| LOG(ERROR) << StringPrintf("Unknown bits set in runtime_flags: %#x", runtime_flags); |
| } |
| |
| Runtime::Current()->GetHeap()->PostForkChildAction(thread); |
| |
| // Update tracing. |
| if (Trace::GetMethodTracingMode() != TracingMode::kTracingInactive) { |
| Trace::TraceOutputMode output_mode = Trace::GetOutputMode(); |
| Trace::TraceMode trace_mode = Trace::GetMode(); |
| size_t buffer_size = Trace::GetBufferSize(); |
| |
| // Just drop it. |
| Trace::Abort(); |
| |
| // Only restart if it was streaming mode. |
| // TODO: Expose buffer size, so we can also do file mode. |
| if (output_mode == Trace::TraceOutputMode::kStreaming) { |
| static constexpr size_t kMaxProcessNameLength = 100; |
| char name_buf[kMaxProcessNameLength] = {}; |
| int rc = pthread_getname_np(pthread_self(), name_buf, kMaxProcessNameLength); |
| std::string proc_name; |
| |
| if (rc == 0) { |
| // On success use the pthread name. |
| proc_name = name_buf; |
| } |
| |
| if (proc_name.empty() || proc_name == "zygote" || proc_name == "zygote64") { |
| // Either no process name, or the name hasn't been changed, yet. Just use pid. |
| pid_t pid = getpid(); |
| proc_name = StringPrintf("%u", static_cast<uint32_t>(pid)); |
| } |
| |
| std::string trace_file = StringPrintf("/data/misc/trace/%s.trace.bin", proc_name.c_str()); |
| Trace::Start(trace_file.c_str(), |
| buffer_size, |
| 0, // TODO: Expose flags. |
| output_mode, |
| trace_mode, |
| 0); // TODO: Expose interval. |
| if (thread->IsExceptionPending()) { |
| ScopedObjectAccess soa(env); |
| thread->ClearException(); |
| } |
| } |
| } |
| |
| bool do_hidden_api_checks = api_enforcement_policy != hiddenapi::EnforcementPolicy::kNoChecks; |
| DCHECK(!(is_system_server && do_hidden_api_checks)) |
| << "SystemServer should be forked with EnforcementPolicy::kDisable"; |
| DCHECK(!(is_zygote && do_hidden_api_checks)) |
| << "Child zygote processes should be forked with EnforcementPolicy::kDisable"; |
| Runtime::Current()->SetHiddenApiEnforcementPolicy(api_enforcement_policy); |
| Runtime::Current()->SetDedupeHiddenApiWarnings(dedupe_hidden_api_warnings); |
| if (api_enforcement_policy != hiddenapi::EnforcementPolicy::kNoChecks && |
| Runtime::Current()->GetHiddenApiEventLogSampleRate() != 0) { |
| // Hidden API checks are enabled, and we are sampling access for the event log. Initialize the |
| // random seed, to ensure the sampling is actually random. We do this post-fork, as doing it |
| // pre-fork would result in the same sequence for every forked process. |
| std::srand(static_cast<uint32_t>(NanoTime())); |
| } |
| |
| // Clear the hidden API warning flag, in case it was set. |
| Runtime::Current()->SetPendingHiddenApiWarning(false); |
| |
| if (is_zygote) { |
| // If creating a child-zygote, do not call into the runtime's post-fork logic. |
| // Doing so would spin up threads for Binder and JDWP. Instead, the Java side |
| // of the child process will call a static main in a class specified by the parent. |
| return; |
| } |
| |
| if (instruction_set != nullptr && !is_system_server) { |
| ScopedUtfChars isa_string(env, instruction_set); |
| InstructionSet isa = GetInstructionSetFromString(isa_string.c_str()); |
| Runtime::NativeBridgeAction action = Runtime::NativeBridgeAction::kUnload; |
| if (isa != InstructionSet::kNone && isa != kRuntimeISA) { |
| action = Runtime::NativeBridgeAction::kInitialize; |
| } |
| Runtime::Current()->InitNonZygoteOrPostFork( |
| env, is_system_server, action, isa_string.c_str()); |
| } else { |
| Runtime::Current()->InitNonZygoteOrPostFork( |
| env, |
| is_system_server, |
| Runtime::NativeBridgeAction::kUnload, |
| /*isa=*/ nullptr, |
| profile_system_server); |
| } |
| } |
| |
| static void ZygoteHooks_startZygoteNoThreadCreation(JNIEnv* env ATTRIBUTE_UNUSED, |
| jclass klass ATTRIBUTE_UNUSED) { |
| Runtime::Current()->SetZygoteNoThreadSection(true); |
| } |
| |
| static void ZygoteHooks_stopZygoteNoThreadCreation(JNIEnv* env ATTRIBUTE_UNUSED, |
| jclass klass ATTRIBUTE_UNUSED) { |
| Runtime::Current()->SetZygoteNoThreadSection(false); |
| } |
| |
| static JNINativeMethod gMethods[] = { |
| NATIVE_METHOD(ZygoteHooks, nativePreFork, "()J"), |
| NATIVE_METHOD(ZygoteHooks, nativePostForkSystemServer, "()V"), |
| NATIVE_METHOD(ZygoteHooks, nativePostForkChild, "(JIZZLjava/lang/String;)V"), |
| NATIVE_METHOD(ZygoteHooks, startZygoteNoThreadCreation, "()V"), |
| NATIVE_METHOD(ZygoteHooks, stopZygoteNoThreadCreation, "()V"), |
| }; |
| |
| void register_dalvik_system_ZygoteHooks(JNIEnv* env) { |
| REGISTER_NATIVE_METHODS("dalvik/system/ZygoteHooks"); |
| } |
| |
| } // namespace art |