libmemtrackproxy

Helper library that implements memtrack proxy service. The service
forwards requests to the appropriate AIDL or HIDL memtrack HAL if
the following access control requirements are
met:
  - Only AID_SYSTEM, AID_ROOT or AID_SHELL can request getMemory() for
    other processes, otherwise the requested PID must match the calling
    PID.
  - Only AID_SYSTEM, AID_ROOT or AID_SHELL can request
    getGpuDeviceInfo()

If the above conditions are not met, the request is not forwarded
to the memtrack HAL and a status with exception code EX_SECURITY
is returned.

Bug: 177664629
Test: memtrackproxy_test
Change-Id: Icf3e0fa0500b2961b0945e800899881c9a3c86cf

5 files changed, 407 insertions, 0 deletions

diff --git a/services/memtrackproxy/Android.bp b/services/memtrackproxy/Android.bp
new file mode 100644
index 0000000000..ee8b247194
--- /dev/null
+++ b/services/memtrackproxy/Android.bp
@@ -0,0 +1,41 @@
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_library_shared {
+    name: "libmemtrackproxy",
+    shared_libs: [
+        "libbase",
+        "libbinder_ndk",
+        "libbinder",
+        "libhidlbase",
+        "liblog",
+        "libcutils",
+        "libutils",
+        "android.hardware.memtrack@1.0",
+        "android.hardware.memtrack-V1-ndk_platform",
+    ],
+    srcs: [
+        "MemtrackProxy.cpp",
+    ],
+    export_include_dirs: [
+        "include",
+    ],
+    local_include_dirs: [
+        "include/memtrackproxy",
+    ],
+    export_shared_lib_headers: [
+        "android.hardware.memtrack@1.0",
+        "android.hardware.memtrack-V1-ndk_platform",
+    ],
+}
diff --git a/services/memtrackproxy/MemtrackProxy.cpp b/services/memtrackproxy/MemtrackProxy.cpp
new file mode 100644
index 0000000000..8da6e894eb
--- /dev/null
+++ b/services/memtrackproxy/MemtrackProxy.cpp
@@ -0,0 +1,196 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "MemtrackProxy.h"
+
+#include <android-base/logging.h>
+#include <android/binder_manager.h>
+#include <private/android_filesystem_config.h>
+
+using ::android::hardware::hidl_vec;
+using ::android::hardware::Return;
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace memtrack {
+
+// Check Memtrack Flags
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SMAPS_ACCOUNTED) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SMAPS_ACCOUNTED));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SMAPS_UNACCOUNTED) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SMAPS_UNACCOUNTED));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SHARED) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SHARED));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SHARED_PSS) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SHARED_PSS));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::PRIVATE) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_PRIVATE));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SYSTEM) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SYSTEM));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::DEDICATED) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_DEDICATED));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::NONSECURE) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_NONSECURE));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackFlag::SECURE) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackRecord::FLAG_SECURE));
+
+// Check Memtrack Types
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackType::OTHER) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackType::OTHER));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackType::GL) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackType::GL));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackType::GRAPHICS) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackType::GRAPHICS));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackType::MULTIMEDIA) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackType::MULTIMEDIA));
+static_assert(static_cast<uint32_t>(V1_0_hidl::MemtrackType::CAMERA) ==
+              static_cast<uint32_t>(V1_aidl::MemtrackType::CAMERA));
+
+__attribute__((warn_unused_result)) bool translate(const V1_0_hidl::MemtrackRecord& in,
+                                                   V1_aidl::MemtrackRecord* out) {
+    // Convert uint64_t to int64_t (long in AIDL). AIDL doesn't support unsigned types.
+    if (in.sizeInBytes > std::numeric_limits<int64_t>::max() || in.sizeInBytes < 0) {
+        return false;
+    }
+    out->sizeInBytes = static_cast<int64_t>(in.sizeInBytes);
+
+    // It's ok to just assign directly, since this is a bitmap.
+    out->flags = in.flags;
+    return true;
+}
+
+sp<V1_0_hidl::IMemtrack> MemtrackProxy::MemtrackHidlInstance() {
+    return V1_0_hidl::IMemtrack::getService();
+}
+
+std::shared_ptr<V1_aidl::IMemtrack> MemtrackProxy::MemtrackAidlInstance() {
+    const auto instance = std::string() + V1_aidl::IMemtrack::descriptor + "/default";
+    bool declared = AServiceManager_isDeclared(instance.c_str());
+    if (!declared) {
+        return nullptr;
+    }
+    ndk::SpAIBinder memtrack_binder =
+            ndk::SpAIBinder(AServiceManager_waitForService(instance.c_str()));
+    return V1_aidl::IMemtrack::fromBinder(memtrack_binder);
+}
+
+bool MemtrackProxy::CheckUid(uid_t calling_uid) {
+    // Allow AID_SHELL for adb shell dumpsys meminfo
+    return calling_uid == AID_SYSTEM || calling_uid == AID_ROOT || calling_uid == AID_SHELL;
+}
+
+bool MemtrackProxy::CheckPid(pid_t calling_pid, pid_t request_pid) {
+    return calling_pid == request_pid;
+}
+
+MemtrackProxy::MemtrackProxy()
+      : memtrack_hidl_instance_(MemtrackProxy::MemtrackHidlInstance()),
+        memtrack_aidl_instance_(MemtrackProxy::MemtrackAidlInstance()) {}
+
+ndk::ScopedAStatus MemtrackProxy::getMemory(int pid, MemtrackType type,
+                                            std::vector<MemtrackRecord>* _aidl_return) {
+    if (pid < 0) {
+        return ndk::ScopedAStatus::fromExceptionCode(EX_ILLEGAL_ARGUMENT);
+    }
+
+    if (!MemtrackProxy::CheckPid(AIBinder_getCallingPid(), pid) &&
+        !MemtrackProxy::CheckUid(AIBinder_getCallingUid())) {
+        return ndk::ScopedAStatus::fromExceptionCodeWithMessage(
+                EX_SECURITY,
+                "Only AID_ROOT, AID_SYSTEM and AID_SHELL can request getMemory() for PIDs other "
+                "than the calling PID");
+    }
+
+    if (type != MemtrackType::OTHER && type != MemtrackType::GL && type != MemtrackType::GRAPHICS &&
+        type != MemtrackType::MULTIMEDIA && type != MemtrackType::CAMERA) {
+        return ndk::ScopedAStatus::fromExceptionCode(EX_UNSUPPORTED_OPERATION);
+    }
+
+    _aidl_return->clear();
+
+    if (memtrack_aidl_instance_ ||
+        (memtrack_aidl_instance_ = MemtrackProxy::MemtrackAidlInstance())) {
+        return memtrack_aidl_instance_->getMemory(pid, type, _aidl_return);
+    } else if (memtrack_hidl_instance_ ||
+               (memtrack_hidl_instance_ = MemtrackProxy::MemtrackHidlInstance())) {
+        ndk::ScopedAStatus aidl_status;
+
+        Return<void> ret = memtrack_hidl_instance_->getMemory(
+                pid, static_cast<V1_0_hidl::MemtrackType>(type),
+                [&_aidl_return, &aidl_status](V1_0_hidl::MemtrackStatus status,
+                                              hidl_vec<V1_0_hidl::MemtrackRecord> records) {
+                    switch (status) {
+                        case V1_0_hidl::MemtrackStatus::SUCCESS:
+                            aidl_status = ndk::ScopedAStatus::ok();
+                            break;
+                        case V1_0_hidl::MemtrackStatus::MEMORY_TRACKING_NOT_SUPPORTED:
+                            [[fallthrough]];
+                        case V1_0_hidl::MemtrackStatus::TYPE_NOT_SUPPORTED:
+                            [[fallthrough]];
+                        default:
+                            aidl_status =
+                                    ndk::ScopedAStatus::fromExceptionCode(EX_UNSUPPORTED_OPERATION);
+                            return;
+                    }
+
+                    _aidl_return->resize(records.size());
+                    for (size_t i = 0; i < records.size(); i++) {
+                        if (!translate(records[i], &(*_aidl_return)[i])) {
+                            aidl_status = ndk::ScopedAStatus::fromExceptionCodeWithMessage(
+                                    EX_SERVICE_SPECIFIC,
+                                    "Failed to convert HIDL MemtrackRecord to AIDL");
+                            return;
+                        }
+                    }
+                });
+
+        // Check HIDL return
+        if (!ret.isOk()) {
+            const char* err_msg = "HIDL Memtrack::getMemory() failed";
+            aidl_status =
+                    ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_SERVICE_SPECIFIC, err_msg);
+            LOG(ERROR) << err_msg << ": " << ret.description();
+        }
+
+        return aidl_status;
+    }
+
+    return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_NULL_POINTER,
+                                                            "Memtrack HAL service not available");
+}
+
+ndk::ScopedAStatus MemtrackProxy::getGpuDeviceInfo(std::vector<DeviceInfo>* _aidl_return) {
+    if (!MemtrackProxy::CheckUid(AIBinder_getCallingUid())) {
+        return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_SECURITY,
+                "Only AID_ROOT, AID_SYSTEM and AID_SHELL can request getGpuDeviceInfo()");
+    }
+
+    _aidl_return->clear();
+
+    if (memtrack_aidl_instance_ ||
+        (memtrack_aidl_instance_ = MemtrackProxy::MemtrackAidlInstance())) {
+        return memtrack_aidl_instance_->getGpuDeviceInfo(_aidl_return);
+    }
+
+    return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_NULL_POINTER,
+                                                            "Memtrack HAL service not available");
+}
+
+} // namespace memtrack
+} // namespace hardware
+} // namespace android
+} // namespace aidl
diff --git a/services/memtrackproxy/include/memtrackproxy/MemtrackProxy.h b/services/memtrackproxy/include/memtrackproxy/MemtrackProxy.h
new file mode 100644
index 0000000000..5ac1fbf417
--- /dev/null
+++ b/services/memtrackproxy/include/memtrackproxy/MemtrackProxy.h
@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/memtrack/BnMemtrack.h>
+#include <aidl/android/hardware/memtrack/DeviceInfo.h>
+#include <aidl/android/hardware/memtrack/IMemtrack.h>
+#include <aidl/android/hardware/memtrack/MemtrackRecord.h>
+#include <aidl/android/hardware/memtrack/MemtrackType.h>
+#include <android/hardware/memtrack/1.0/IMemtrack.h>
+
+using ::android::sp;
+
+namespace V1_0_hidl = ::android::hardware::memtrack::V1_0;
+namespace V1_aidl = ::aidl::android::hardware::memtrack;
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace memtrack {
+
+__attribute__((warn_unused_result)) bool translate(const V1_0_hidl::MemtrackRecord& in,
+                                                   V1_aidl::MemtrackRecord* out);
+
+class MemtrackProxy : public BnMemtrack {
+public:
+    MemtrackProxy();
+    ndk::ScopedAStatus getMemory(int pid, MemtrackType type,
+                                 std::vector<MemtrackRecord>* _aidl_return) override;
+    ndk::ScopedAStatus getGpuDeviceInfo(std::vector<DeviceInfo>* _aidl_return) override;
+
+private:
+    static sp<V1_0_hidl::IMemtrack> MemtrackHidlInstance();
+    static std::shared_ptr<V1_aidl::IMemtrack> MemtrackAidlInstance();
+    static bool CheckUid(uid_t calling_uid);
+    static bool CheckPid(pid_t calling_pid, pid_t request_pid);
+
+    sp<V1_0_hidl::IMemtrack> memtrack_hidl_instance_;
+    std::shared_ptr<V1_aidl::IMemtrack> memtrack_aidl_instance_;
+};
+
+} // namespace memtrack
+} // namespace hardware
+} // namespace android
+} // namespace aidl
diff --git a/services/memtrackproxy/test/Android.bp b/services/memtrackproxy/test/Android.bp
new file mode 100644
index 0000000000..e5ad8dccb2
--- /dev/null
+++ b/services/memtrackproxy/test/Android.bp
@@ -0,0 +1,27 @@
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_test {
+    name: "memtrackproxy_test",
+    srcs: [
+        "MemtrackProxyTest.cpp",
+    ],
+    shared_libs: [
+        "libbinder_ndk",
+        "libmemtrackproxy",
+        "android.hardware.memtrack-V1-ndk_platform",
+    ],
+    test_suites: ["general-tests"],
+    require_root: true,
+}
diff --git a/services/memtrackproxy/test/MemtrackProxyTest.cpp b/services/memtrackproxy/test/MemtrackProxyTest.cpp
new file mode 100644
index 0000000000..16dfba025d
--- /dev/null
+++ b/services/memtrackproxy/test/MemtrackProxyTest.cpp
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <aidl/android/hardware/memtrack/DeviceInfo.h>
+#include <aidl/android/hardware/memtrack/IMemtrack.h>
+#include <aidl/android/hardware/memtrack/MemtrackRecord.h>
+#include <aidl/android/hardware/memtrack/MemtrackType.h>
+#include <android/binder_manager.h>
+#include <android/binder_process.h>
+#include <gtest/gtest.h>
+#include <unistd.h>
+
+using aidl::android::hardware::memtrack::DeviceInfo;
+using aidl::android::hardware::memtrack::IMemtrack;
+using aidl::android::hardware::memtrack::MemtrackRecord;
+using aidl::android::hardware::memtrack::MemtrackType;
+
+class MemtrackProxyTest : public ::testing::Test {
+public:
+    virtual void SetUp() override {
+        const char* kMemtrackProxyService = "memtrack.proxy";
+        auto memtrackProxyBinder =
+                ndk::SpAIBinder(AServiceManager_waitForService(kMemtrackProxyService));
+        memtrack_proxy_ = IMemtrack::fromBinder(memtrackProxyBinder);
+        ASSERT_NE(memtrack_proxy_, nullptr);
+    }
+
+    std::shared_ptr<IMemtrack> memtrack_proxy_;
+};
+
+TEST_F(MemtrackProxyTest, GetMemoryForInvalidPid) {
+    int pid = -1;
+
+    for (MemtrackType type : ndk::enum_range<MemtrackType>()) {
+        std::vector<MemtrackRecord> records;
+
+        auto status = memtrack_proxy_->getMemory(pid, type, &records);
+
+        EXPECT_EQ(status.getExceptionCode(), EX_ILLEGAL_ARGUMENT);
+    }
+}
+
+TEST_F(MemtrackProxyTest, GetMemoryForCallingPid) {
+    int pid = getpid();
+
+    for (MemtrackType type : ndk::enum_range<MemtrackType>()) {
+        std::vector<MemtrackRecord> records;
+
+        auto status = memtrack_proxy_->getMemory(pid, type, &records);
+
+        EXPECT_TRUE(status.isOk());
+    }
+}
+
+TEST_F(MemtrackProxyTest, GetMemoryForOtherPid) {
+    int pid = 1;
+
+    for (MemtrackType type : ndk::enum_range<MemtrackType>()) {
+        std::vector<MemtrackRecord> records;
+
+        auto status = memtrack_proxy_->getMemory(pid, type, &records);
+
+        // Test is run as root
+        EXPECT_TRUE(status.isOk());
+    }
+}
+
+int main(int argc, char** argv) {
+    ::testing::InitGoogleTest(&argc, argv);
+    return RUN_ALL_TESTS();
+}