| /* |
| * Copyright (C) 2017 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include "subcontext.h" |
| |
| #include <fcntl.h> |
| #include <poll.h> |
| #include <sys/time.h> |
| #include <sys/resource.h> |
| #include <unistd.h> |
| |
| #include <android-base/file.h> |
| #include <android-base/logging.h> |
| #include <android-base/properties.h> |
| #include <android-base/strings.h> |
| #include <selinux/android.h> |
| |
| #include "action.h" |
| #include "builtins.h" |
| #include "mount_namespace.h" |
| #include "proto_utils.h" |
| #include "util.h" |
| |
| #ifdef INIT_FULL_SOURCES |
| #include <android/api-level.h> |
| #include "property_service.h" |
| #include "selabel.h" |
| #include "selinux.h" |
| #else |
| #include "host_init_stubs.h" |
| #endif |
| |
| using android::base::GetExecutablePath; |
| using android::base::GetProperty; |
| using android::base::Join; |
| using android::base::Socketpair; |
| using android::base::Split; |
| using android::base::StartsWith; |
| using android::base::unique_fd; |
| |
| namespace android { |
| namespace init { |
| namespace { |
| |
| std::string shutdown_command; |
| static bool subcontext_terminated_by_shutdown; |
| static std::unique_ptr<Subcontext> subcontext; |
| |
| class SubcontextProcess { |
| public: |
| SubcontextProcess(const BuiltinFunctionMap* function_map, std::string context, int init_fd) |
| : function_map_(function_map), context_(std::move(context)), init_fd_(init_fd){}; |
| void MainLoop(); |
| |
| private: |
| void RunCommand(const SubcontextCommand::ExecuteCommand& execute_command, |
| SubcontextReply* reply) const; |
| void ExpandArgs(const SubcontextCommand::ExpandArgsCommand& expand_args_command, |
| SubcontextReply* reply) const; |
| |
| const BuiltinFunctionMap* function_map_; |
| const std::string context_; |
| const int init_fd_; |
| }; |
| |
| void SubcontextProcess::RunCommand(const SubcontextCommand::ExecuteCommand& execute_command, |
| SubcontextReply* reply) const { |
| // Need to use ArraySplice instead of this code. |
| auto args = std::vector<std::string>(); |
| for (const auto& string : execute_command.args()) { |
| args.emplace_back(string); |
| } |
| |
| auto map_result = function_map_->Find(args); |
| Result<void> result; |
| if (!map_result.ok()) { |
| result = Error() << "Cannot find command: " << map_result.error(); |
| } else { |
| result = RunBuiltinFunction(map_result->function, args, context_); |
| } |
| |
| if (result.ok()) { |
| reply->set_success(true); |
| } else { |
| auto* failure = reply->mutable_failure(); |
| failure->set_error_string(result.error().message()); |
| failure->set_error_errno(result.error().code()); |
| } |
| } |
| |
| void SubcontextProcess::ExpandArgs(const SubcontextCommand::ExpandArgsCommand& expand_args_command, |
| SubcontextReply* reply) const { |
| for (const auto& arg : expand_args_command.args()) { |
| auto expanded_arg = ExpandProps(arg); |
| if (!expanded_arg.ok()) { |
| auto* failure = reply->mutable_failure(); |
| failure->set_error_string(expanded_arg.error().message()); |
| failure->set_error_errno(0); |
| return; |
| } else { |
| auto* expand_args_reply = reply->mutable_expand_args_reply(); |
| expand_args_reply->add_expanded_args(*expanded_arg); |
| } |
| } |
| } |
| |
| void SubcontextProcess::MainLoop() { |
| pollfd ufd[1]; |
| ufd[0].events = POLLIN; |
| ufd[0].fd = init_fd_; |
| |
| while (true) { |
| ufd[0].revents = 0; |
| int nr = TEMP_FAILURE_RETRY(poll(ufd, arraysize(ufd), -1)); |
| if (nr == 0) continue; |
| if (nr < 0) { |
| PLOG(FATAL) << "poll() of subcontext socket failed, continuing"; |
| } |
| |
| auto init_message = ReadMessage(init_fd_); |
| if (!init_message.ok()) { |
| if (init_message.error().code() == 0) { |
| // If the init file descriptor was closed, let's exit quietly. If |
| // this was accidental, init will restart us. If init died, this |
| // avoids calling abort(3) unnecessarily. |
| return; |
| } |
| LOG(FATAL) << "Could not read message from init: " << init_message.error(); |
| } |
| |
| auto subcontext_command = SubcontextCommand(); |
| if (!subcontext_command.ParseFromString(*init_message)) { |
| LOG(FATAL) << "Unable to parse message from init"; |
| } |
| |
| auto reply = SubcontextReply(); |
| switch (subcontext_command.command_case()) { |
| case SubcontextCommand::kExecuteCommand: { |
| RunCommand(subcontext_command.execute_command(), &reply); |
| break; |
| } |
| case SubcontextCommand::kExpandArgsCommand: { |
| ExpandArgs(subcontext_command.expand_args_command(), &reply); |
| break; |
| } |
| default: |
| LOG(FATAL) << "Unknown message type from init: " |
| << subcontext_command.command_case(); |
| } |
| |
| if (!shutdown_command.empty()) { |
| reply.set_trigger_shutdown(shutdown_command); |
| shutdown_command.clear(); |
| } |
| |
| if (auto result = SendMessage(init_fd_, reply); !result.ok()) { |
| LOG(FATAL) << "Failed to send message to init: " << result.error(); |
| } |
| } |
| } |
| |
| } // namespace |
| |
| int SubcontextMain(int argc, char** argv, const BuiltinFunctionMap* function_map) { |
| if (argc < 4) LOG(FATAL) << "Fewer than 4 args specified to subcontext (" << argc << ")"; |
| |
| auto context = std::string(argv[2]); |
| auto init_fd = std::atoi(argv[3]); |
| |
| SelabelInitialize(); |
| |
| trigger_shutdown = [](const std::string& command) { shutdown_command = command; }; |
| |
| auto subcontext_process = SubcontextProcess(function_map, context, init_fd); |
| // Restore prio before main loop |
| setpriority(PRIO_PROCESS, 0, 0); |
| subcontext_process.MainLoop(); |
| return 0; |
| } |
| |
| void Subcontext::Fork() { |
| unique_fd subcontext_socket; |
| if (!Socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, &socket_, &subcontext_socket)) { |
| LOG(FATAL) << "Could not create socket pair to communicate to subcontext"; |
| return; |
| } |
| |
| auto result = fork(); |
| |
| if (result == -1) { |
| LOG(FATAL) << "Could not fork subcontext"; |
| } else if (result == 0) { |
| socket_.reset(); |
| |
| // We explicitly do not use O_CLOEXEC here, such that we can reference this FD by number |
| // in the subcontext process after we exec. |
| int child_fd = dup(subcontext_socket.get()); // NOLINT(android-cloexec-dup) |
| if (child_fd < 0) { |
| PLOG(FATAL) << "Could not dup child_fd"; |
| } |
| |
| // We don't switch contexts if we're running the unit tests. We don't use std::optional, |
| // since we still need a real context string to pass to the builtin functions. |
| if (context_ != kTestContext) { |
| if (setexeccon(context_.c_str()) < 0) { |
| PLOG(FATAL) << "Could not set execcon for '" << context_ << "'"; |
| } |
| } |
| #if defined(__ANDROID__) |
| // subcontext init runs in "default" mount namespace |
| // so that it can access /apex/* |
| if (auto result = SwitchToMountNamespaceIfNeeded(NS_DEFAULT); !result.ok()) { |
| LOG(FATAL) << "Could not switch to \"default\" mount namespace: " << result.error(); |
| } |
| #endif |
| auto init_path = GetExecutablePath(); |
| auto child_fd_string = std::to_string(child_fd); |
| const char* args[] = {init_path.c_str(), "subcontext", context_.c_str(), |
| child_fd_string.c_str(), nullptr}; |
| execv(init_path.data(), const_cast<char**>(args)); |
| |
| PLOG(FATAL) << "Could not execv subcontext init"; |
| } else { |
| subcontext_socket.reset(); |
| pid_ = result; |
| LOG(INFO) << "Forked subcontext for '" << context_ << "' with pid " << pid_; |
| } |
| } |
| |
| void Subcontext::Restart() { |
| LOG(ERROR) << "Restarting subcontext '" << context_ << "'"; |
| if (pid_) { |
| kill(pid_, SIGKILL); |
| } |
| pid_ = 0; |
| socket_.reset(); |
| Fork(); |
| } |
| |
| bool Subcontext::PathMatchesSubcontext(const std::string& path) const { |
| auto apex_name = GetApexNameFromFileName(path); |
| if (!apex_name.empty()) { |
| return std::find(apex_list_.begin(), apex_list_.end(), apex_name) != apex_list_.end(); |
| } |
| for (const auto& prefix : path_prefixes_) { |
| if (StartsWith(path, prefix)) { |
| return true; |
| } |
| } |
| return false; |
| } |
| |
| void Subcontext::SetApexList(std::vector<std::string>&& apex_list) { |
| apex_list_ = std::move(apex_list); |
| } |
| |
| Result<SubcontextReply> Subcontext::TransmitMessage(const SubcontextCommand& subcontext_command) { |
| if (auto result = SendMessage(socket_.get(), subcontext_command); !result.ok()) { |
| Restart(); |
| return ErrnoError() << "Failed to send message to subcontext"; |
| } |
| |
| auto subcontext_message = ReadMessage(socket_.get()); |
| if (!subcontext_message.ok()) { |
| Restart(); |
| return Error() << "Failed to receive result from subcontext: " << subcontext_message.error(); |
| } |
| |
| auto subcontext_reply = SubcontextReply{}; |
| if (!subcontext_reply.ParseFromString(*subcontext_message)) { |
| Restart(); |
| return Error() << "Unable to parse message from subcontext"; |
| } |
| |
| if (subcontext_reply.has_trigger_shutdown()) { |
| trigger_shutdown(subcontext_reply.trigger_shutdown()); |
| } |
| |
| return subcontext_reply; |
| } |
| |
| Result<void> Subcontext::Execute(const std::vector<std::string>& args) { |
| auto subcontext_command = SubcontextCommand(); |
| std::copy( |
| args.begin(), args.end(), |
| RepeatedPtrFieldBackInserter(subcontext_command.mutable_execute_command()->mutable_args())); |
| |
| auto subcontext_reply = TransmitMessage(subcontext_command); |
| if (!subcontext_reply.ok()) { |
| return subcontext_reply.error(); |
| } |
| |
| if (subcontext_reply->reply_case() == SubcontextReply::kFailure) { |
| auto& failure = subcontext_reply->failure(); |
| return ResultError<>(failure.error_string(), failure.error_errno()); |
| } |
| |
| if (subcontext_reply->reply_case() != SubcontextReply::kSuccess) { |
| return Error() << "Unexpected message type from subcontext: " |
| << subcontext_reply->reply_case(); |
| } |
| |
| return {}; |
| } |
| |
| Result<std::vector<std::string>> Subcontext::ExpandArgs(const std::vector<std::string>& args) { |
| auto subcontext_command = SubcontextCommand{}; |
| std::copy(args.begin(), args.end(), |
| RepeatedPtrFieldBackInserter( |
| subcontext_command.mutable_expand_args_command()->mutable_args())); |
| |
| auto subcontext_reply = TransmitMessage(subcontext_command); |
| if (!subcontext_reply.ok()) { |
| return subcontext_reply.error(); |
| } |
| |
| if (subcontext_reply->reply_case() == SubcontextReply::kFailure) { |
| auto& failure = subcontext_reply->failure(); |
| return ResultError<>(failure.error_string(), failure.error_errno()); |
| } |
| |
| if (subcontext_reply->reply_case() != SubcontextReply::kExpandArgsReply) { |
| return Error() << "Unexpected message type from subcontext: " |
| << subcontext_reply->reply_case(); |
| } |
| |
| auto& reply = subcontext_reply->expand_args_reply(); |
| auto expanded_args = std::vector<std::string>{}; |
| for (const auto& string : reply.expanded_args()) { |
| expanded_args.emplace_back(string); |
| } |
| return expanded_args; |
| } |
| |
| void InitializeSubcontext() { |
| if (IsMicrodroid()) { |
| LOG(INFO) << "Not using subcontext for microdroid"; |
| return; |
| } |
| |
| if (SelinuxGetVendorAndroidVersion() >= __ANDROID_API_P__) { |
| subcontext.reset( |
| new Subcontext(std::vector<std::string>{"/vendor", "/odm"}, kVendorContext)); |
| } |
| } |
| void InitializeHostSubcontext(std::vector<std::string> vendor_prefixes) { |
| subcontext.reset(new Subcontext(vendor_prefixes, kVendorContext, /*host=*/true)); |
| } |
| |
| Subcontext* GetSubcontext() { |
| return subcontext.get(); |
| } |
| |
| bool SubcontextChildReap(pid_t pid) { |
| if (!subcontext) { |
| return false; |
| } |
| if (subcontext->pid() == pid) { |
| if (!subcontext_terminated_by_shutdown) { |
| subcontext->Restart(); |
| } |
| return true; |
| } |
| return false; |
| } |
| |
| void SubcontextTerminate() { |
| if (!subcontext) { |
| return; |
| } |
| subcontext_terminated_by_shutdown = true; |
| kill(subcontext->pid(), SIGTERM); |
| } |
| |
| } // namespace init |
| } // namespace android |