diff options
Diffstat (limited to 'cmds')
-rw-r--r-- | cmds/atrace/atrace.cpp | 5 | ||||
-rw-r--r-- | cmds/dumpstate/utils.c | 2 | ||||
-rw-r--r-- | cmds/flatland/Composers.cpp | 4 | ||||
-rw-r--r-- | cmds/flatland/GLHelper.cpp | 2 | ||||
-rw-r--r-- | cmds/flatland/Main.cpp | 7 | ||||
-rw-r--r-- | cmds/installd/commands.c | 315 | ||||
-rw-r--r-- | cmds/installd/installd.c | 47 | ||||
-rw-r--r-- | cmds/installd/installd.h | 9 | ||||
-rw-r--r-- | cmds/installd/tests/Android.mk | 2 | ||||
-rw-r--r-- | cmds/installd/utils.c | 82 | ||||
-rw-r--r-- | cmds/servicemanager/Android.mk | 21 | ||||
-rw-r--r-- | cmds/servicemanager/bctest.c | 36 | ||||
-rw-r--r-- | cmds/servicemanager/binder.c | 250 | ||||
-rw-r--r-- | cmds/servicemanager/binder.h | 63 | ||||
-rw-r--r-- | cmds/servicemanager/service_manager.c | 123 |
15 files changed, 657 insertions, 311 deletions
diff --git a/cmds/atrace/atrace.cpp b/cmds/atrace/atrace.cpp index b500a6b..34dc9fe 100644 --- a/cmds/atrace/atrace.cpp +++ b/cmds/atrace/atrace.cpp @@ -17,6 +17,7 @@ #include <errno.h> #include <fcntl.h> #include <getopt.h> +#include <inttypes.h> #include <signal.h> #include <stdarg.h> #include <stdbool.h> @@ -368,7 +369,7 @@ static bool pokeBinderServices() static bool setTagsProperty(uint64_t tags) { char buf[64]; - snprintf(buf, 64, "%#llx", tags); + snprintf(buf, 64, "%#" PRIx64, tags); if (property_set(k_traceTagsProperty, buf) < 0) { fprintf(stderr, "error setting trace tags system property\n"); return false; @@ -665,7 +666,7 @@ static void dumpTrace() close(traceFD); } -static void handleSignal(int signo) +static void handleSignal(int /*signo*/) { if (!g_nohup) { g_traceAborted = true; diff --git a/cmds/dumpstate/utils.c b/cmds/dumpstate/utils.c index dbf0877..ef5072a 100644 --- a/cmds/dumpstate/utils.c +++ b/cmds/dumpstate/utils.c @@ -469,7 +469,7 @@ const char *dump_traces() { if (!mkdir(anr_traces_dir, 0775)) { chown(anr_traces_dir, AID_SYSTEM, AID_SYSTEM); chmod(anr_traces_dir, 0775); - if (selinux_android_restorecon(anr_traces_dir) == -1) { + if (selinux_android_restorecon(anr_traces_dir, 0) == -1) { fprintf(stderr, "restorecon failed for %s: %s\n", anr_traces_dir, strerror(errno)); } } else if (errno != EEXIST) { diff --git a/cmds/flatland/Composers.cpp b/cmds/flatland/Composers.cpp index 15cdb29..1173a81 100644 --- a/cmds/flatland/Composers.cpp +++ b/cmds/flatland/Composers.cpp @@ -122,12 +122,12 @@ public: virtual void tearDown() { } - virtual bool compose(GLuint texName, const sp<GLConsumer>& glc) { + virtual bool compose(GLuint /*texName*/, const sp<GLConsumer>& /*glc*/) { return true; } protected: - virtual bool setUp(GLHelper* helper) { + virtual bool setUp(GLHelper* /*helper*/) { return true; } diff --git a/cmds/flatland/GLHelper.cpp b/cmds/flatland/GLHelper.cpp index 42694b3..05d082b 100644 --- a/cmds/flatland/GLHelper.cpp +++ b/cmds/flatland/GLHelper.cpp @@ -332,7 +332,7 @@ static bool compileShader(GLenum shaderType, const char* src, static void printShaderSource(const char* const* src) { for (size_t i = 0; i < MAX_SHADER_LINES && src[i] != NULL; i++) { - fprintf(stderr, "%3d: %s\n", i+1, src[i]); + fprintf(stderr, "%3zu: %s\n", i+1, src[i]); } } diff --git a/cmds/flatland/Main.cpp b/cmds/flatland/Main.cpp index d6ac3d2..c0e5b3d 100644 --- a/cmds/flatland/Main.cpp +++ b/cmds/flatland/Main.cpp @@ -600,7 +600,7 @@ static bool runTest(const BenchmarkDesc b, size_t run) { uint32_t runHeight = b.runHeights[run]; uint32_t runWidth = b.width * runHeight / b.height; - printf(" %-*s | %4d x %4d | ", g_BenchmarkNameLen, b.name, + printf(" %-*s | %4d x %4d | ", static_cast<int>(g_BenchmarkNameLen), b.name, runWidth, runHeight); fflush(stdout); @@ -690,8 +690,9 @@ static void printResultsTableHeader() { size_t len = strlen(scenario); size_t leftPad = (g_BenchmarkNameLen - len) / 2; size_t rightPad = g_BenchmarkNameLen - len - leftPad; - printf(" %*s%s%*s | Resolution | Time (ms)\n", leftPad, "", - "Scenario", rightPad, ""); + printf(" %*s%s%*s | Resolution | Time (ms)\n", + static_cast<int>(leftPad), "", + "Scenario", static_cast<int>(rightPad), ""); } // Run ALL the benchmarks! diff --git a/cmds/installd/commands.c b/cmds/installd/commands.c index e9d6b15..a86abe1 100644 --- a/cmds/installd/commands.c +++ b/cmds/installd/commands.c @@ -1,19 +1,20 @@ /* ** Copyright 2008, The Android Open Source Project ** -** Licensed under the Apache License, Version 2.0 (the "License"); -** you may not use this file except in compliance with the License. -** You may obtain a copy of the License at +** Licensed under the Apache License, Version 2.0 (the "License"); +** you may not use this file except in compliance with the License. +** You may obtain a copy of the License at ** -** http://www.apache.org/licenses/LICENSE-2.0 +** http://www.apache.org/licenses/LICENSE-2.0 ** -** Unless required by applicable law or agreed to in writing, software -** distributed under the License is distributed on an "AS IS" BASIS, -** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -** See the License for the specific language governing permissions and +** Unless required by applicable law or agreed to in writing, software +** distributed under the License is distributed on an "AS IS" BASIS, +** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +** See the License for the specific language governing permissions and ** limitations under the License. */ +#include <inttypes.h> #include <sys/capability.h> #include "installd.h" #include <diskusage/dirsize.h> @@ -91,7 +92,7 @@ int install(const char *pkgname, uid_t uid, gid_t gid, const char *seinfo) return -1; } - if (selinux_android_setfilecon2(pkgdir, pkgname, seinfo, uid) < 0) { + if (selinux_android_setfilecon(pkgdir, pkgname, seinfo, uid) < 0) { ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno)); unlink(libsymlink); unlink(pkgdir); @@ -115,6 +116,8 @@ int uninstall(const char *pkgname, userid_t userid) if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, userid)) return -1; + remove_profile_file(pkgname); + /* delete contents AND directory, no exceptions */ return delete_dir_contents(pkgdir, 1, NULL); } @@ -155,7 +158,7 @@ int fix_uid(const char *pkgname, uid_t uid, gid_t gid) if (stat(pkgdir, &s) < 0) return -1; if (s.st_uid != 0 || s.st_gid != 0) { - ALOGE("fixing uid of non-root pkg: %s %lu %lu\n", pkgdir, s.st_uid, s.st_gid); + ALOGE("fixing uid of non-root pkg: %s %" PRIu32 " %" PRIu32 "\n", pkgdir, s.st_uid, s.st_gid); return -1; } @@ -245,7 +248,7 @@ int make_user_data(const char *pkgname, uid_t uid, userid_t userid, const char* return -1; } - if (selinux_android_setfilecon2(pkgdir, pkgname, seinfo, uid) < 0) { + if (selinux_android_setfilecon(pkgdir, pkgname, seinfo, uid) < 0) { ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno)); unlink(libsymlink); unlink(pkgdir); @@ -557,9 +560,9 @@ int create_cache_path(char path[PKG_PATH_MAX], const char *src) return -1; } - dstlen = srclen + strlen(DALVIK_CACHE_PREFIX) + + dstlen = srclen + strlen(DALVIK_CACHE_PREFIX) + strlen(DALVIK_CACHE_POSTFIX) + 1; - + if (dstlen > PKG_PATH_MAX) { return -1; } @@ -568,7 +571,7 @@ int create_cache_path(char path[PKG_PATH_MAX], const char *src) DALVIK_CACHE_PREFIX, src + 1, /* skip the leading / */ DALVIK_CACHE_POSTFIX); - + for(tmp = path + strlen(DALVIK_CACHE_PREFIX); *tmp; tmp++) { if (*tmp == '/') { *tmp = '@'; @@ -579,8 +582,13 @@ int create_cache_path(char path[PKG_PATH_MAX], const char *src) } static void run_dexopt(int zip_fd, int odex_fd, const char* input_file_name, - const char* output_file_name, const char* dexopt_flags) + const char* output_file_name) { + /* platform-specific flags affecting optimization and verification */ + char dexopt_flags[PROPERTY_VALUE_MAX]; + property_get("dalvik.vm.dexopt-flags", dexopt_flags, ""); + ALOGV("dalvik.vm.dexopt-flags=%s\n", dexopt_flags); + static const char* DEX_OPT_BIN = "/system/bin/dexopt"; static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig char zip_num[MAX_INT_LEN]; @@ -596,36 +604,46 @@ static void run_dexopt(int zip_fd, int odex_fd, const char* input_file_name, } static void run_dex2oat(int zip_fd, int oat_fd, const char* input_file_name, - const char* output_file_name, const char* dexopt_flags) + const char* output_file_name, const char *pkgname) { + char dex2oat_flags[PROPERTY_VALUE_MAX]; + property_get("dalvik.vm.dex2oat-flags", dex2oat_flags, ""); + ALOGV("dalvik.vm.dex2oat-flags=%s\n", dex2oat_flags); + static const char* DEX2OAT_BIN = "/system/bin/dex2oat"; static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig char zip_fd_arg[strlen("--zip-fd=") + MAX_INT_LEN]; char zip_location_arg[strlen("--zip-location=") + PKG_PATH_MAX]; char oat_fd_arg[strlen("--oat-fd=") + MAX_INT_LEN]; char oat_location_arg[strlen("--oat-name=") + PKG_PATH_MAX]; + char profile_file[strlen("--profile-file=") + PKG_PATH_MAX]; sprintf(zip_fd_arg, "--zip-fd=%d", zip_fd); sprintf(zip_location_arg, "--zip-location=%s", input_file_name); sprintf(oat_fd_arg, "--oat-fd=%d", oat_fd); sprintf(oat_location_arg, "--oat-location=%s", output_file_name); + if (strcmp(pkgname, "*") != 0) { + snprintf(profile_file, sizeof(profile_file), "--profile-file=%s/%s", + DALVIK_CACHE_PREFIX "profiles", pkgname); + } else { + strcpy(profile_file, "--no-profile-file"); + } ALOGV("Running %s in=%s out=%s\n", DEX2OAT_BIN, input_file_name, output_file_name); execl(DEX2OAT_BIN, DEX2OAT_BIN, zip_fd_arg, zip_location_arg, oat_fd_arg, oat_location_arg, + profile_file, + strlen(dex2oat_flags) > 0 ? dex2oat_flags : NULL, (char*) NULL); ALOGE("execl(%s) failed: %s\n", DEX2OAT_BIN, strerror(errno)); } -static int wait_dexopt(pid_t pid, const char* apk_path) +static int wait_child(pid_t pid) { int status; pid_t got_pid; - /* - * Wait for the optimization process to finish. - */ while (1) { got_pid = waitpid(pid, &status, 0); if (got_pid == -1 && errno == EINTR) { @@ -641,21 +659,18 @@ static int wait_dexopt(pid_t pid, const char* apk_path) } if (WIFEXITED(status) && WEXITSTATUS(status) == 0) { - ALOGV("DexInv: --- END '%s' (success) ---\n", apk_path); return 0; } else { - ALOGW("DexInv: --- END '%s' --- status=0x%04x, process failed\n", - apk_path, status); return status; /* always nonzero */ } } -int dexopt(const char *apk_path, uid_t uid, int is_public) +int dexopt(const char *apk_path, uid_t uid, int is_public, + const char *pkgname) { struct utimbuf ut; struct stat apk_stat, dex_stat; char out_path[PKG_PATH_MAX]; - char dexopt_flags[PROPERTY_VALUE_MAX]; char persist_sys_dalvik_vm_lib[PROPERTY_VALUE_MAX]; char *end; int res, zip_fd=-1, out_fd=-1; @@ -664,19 +679,19 @@ int dexopt(const char *apk_path, uid_t uid, int is_public) return -1; } - /* platform-specific flags affecting optimization and verification */ - property_get("dalvik.vm.dexopt-flags", dexopt_flags, ""); - ALOGV("dalvik.vm.dexopt_flags=%s\n", dexopt_flags); - - /* The command to run depend ones the value of persist.sys.dalvik.vm.lib */ - property_get("persist.sys.dalvik.vm.lib", persist_sys_dalvik_vm_lib, "libdvm.so"); + /* The command to run depend on the value of persist.sys.dalvik.vm.lib */ + property_get("persist.sys.dalvik.vm.lib.1", persist_sys_dalvik_vm_lib, "libdvm.so"); /* Before anything else: is there a .odex file? If so, we have * precompiled the apk and there is nothing to do here. */ - sprintf(out_path, "%s%s", apk_path, ".odex"); - if (stat(out_path, &dex_stat) == 0) { - return 0; + strcpy(out_path, apk_path); + end = strrchr(out_path, '.'); + if (end != NULL) { + strcpy(end, ".odex"); + if (stat(out_path, &dex_stat) == 0) { + return 0; + } } if (create_cache_path(out_path, apk_path)) { @@ -709,6 +724,12 @@ int dexopt(const char *apk_path, uid_t uid, int is_public) goto fail; } + // Create profile file if there is a package name present. + if (strcmp(pkgname, "*") != 0) { + create_profile_file(pkgname, uid); + } + + ALOGV("DexInv: --- BEGIN '%s' ---\n", apk_path); pid_t pid; @@ -739,17 +760,19 @@ int dexopt(const char *apk_path, uid_t uid, int is_public) } if (strncmp(persist_sys_dalvik_vm_lib, "libdvm", 6) == 0) { - run_dexopt(zip_fd, out_fd, apk_path, out_path, dexopt_flags); + run_dexopt(zip_fd, out_fd, apk_path, out_path); } else if (strncmp(persist_sys_dalvik_vm_lib, "libart", 6) == 0) { - run_dex2oat(zip_fd, out_fd, apk_path, out_path, dexopt_flags); + run_dex2oat(zip_fd, out_fd, apk_path, out_path, pkgname); } else { exit(69); /* Unexpected persist.sys.dalvik.vm.lib value */ } exit(68); /* only get here on exec failure */ } else { - res = wait_dexopt(pid, apk_path); - if (res != 0) { - ALOGE("dexopt in='%s' out='%s' res=%d\n", apk_path, out_path, res); + res = wait_child(pid); + if (res == 0) { + ALOGV("DexInv: --- END '%s' (success) ---\n", apk_path); + } else { + ALOGE("DexInv: --- END '%s' --- status=0x%04x, process failed\n", apk_path, res); goto fail; } } @@ -803,12 +826,12 @@ int movefileordir(char* srcpath, char* dstpath, int dstbasepos, int srcend = strlen(srcpath); int dstend = strlen(dstpath); - + if (lstat(srcpath, statbuf) < 0) { ALOGW("Unable to stat %s: %s\n", srcpath, strerror(errno)); return 1; } - + if ((statbuf->st_mode&S_IFDIR) == 0) { mkinnerdirs(dstpath, dstbasepos, S_IRWXU|S_IRWXG|S_IXOTH, dstuid, dstgid, statbuf); @@ -834,7 +857,7 @@ int movefileordir(char* srcpath, char* dstpath, int dstbasepos, } res = 0; - + while ((de = readdir(d))) { const char *name = de->d_name; /* always skip "." and ".." */ @@ -842,32 +865,32 @@ int movefileordir(char* srcpath, char* dstpath, int dstbasepos, if (name[1] == 0) continue; if ((name[1] == '.') && (name[2] == 0)) continue; } - + if ((srcend+strlen(name)) >= (PKG_PATH_MAX-2)) { ALOGW("Source path too long; skipping: %s/%s\n", srcpath, name); continue; } - + if ((dstend+strlen(name)) >= (PKG_PATH_MAX-2)) { ALOGW("Destination path too long; skipping: %s/%s\n", dstpath, name); continue; } - + srcpath[srcend] = dstpath[dstend] = '/'; strcpy(srcpath+srcend+1, name); strcpy(dstpath+dstend+1, name); - + if (movefileordir(srcpath, dstpath, dstbasepos, dstuid, dstgid, statbuf) != 0) { res = 1; } - + // Note: we will be leaving empty directories behind in srcpath, // but that is okay, the package manager will be erasing all of the // data associated with .apks that disappear. - + srcpath[srcend] = dstpath[dstend] = 0; } - + closedir(d); return res; } @@ -909,7 +932,7 @@ int movefiles() UPDATE_COMMANDS_DIR_PREFIX, name); continue; } - + bufp = 0; bufe = 0; buf[PKG_PATH_MAX] = 0; @@ -1103,3 +1126,195 @@ out: return rc; } + +static void run_idmap(const char *target_apk, const char *overlay_apk, int idmap_fd) +{ + static const char *IDMAP_BIN = "/system/bin/idmap"; + static const size_t MAX_INT_LEN = 32; + char idmap_str[MAX_INT_LEN]; + + snprintf(idmap_str, sizeof(idmap_str), "%d", idmap_fd); + + execl(IDMAP_BIN, IDMAP_BIN, "--fd", target_apk, overlay_apk, idmap_str, (char*)NULL); + ALOGE("execl(%s) failed: %s\n", IDMAP_BIN, strerror(errno)); +} + +// Transform string /a/b/c.apk to (prefix)/a@b@c.apk@(suffix) +// eg /a/b/c.apk to /data/resource-cache/a@b@c.apk@idmap +static int flatten_path(const char *prefix, const char *suffix, + const char *overlay_path, char *idmap_path, size_t N) +{ + if (overlay_path == NULL || idmap_path == NULL) { + return -1; + } + const size_t len_overlay_path = strlen(overlay_path); + // will access overlay_path + 1 further below; requires absolute path + if (len_overlay_path < 2 || *overlay_path != '/') { + return -1; + } + const size_t len_idmap_root = strlen(prefix); + const size_t len_suffix = strlen(suffix); + if (SIZE_MAX - len_idmap_root < len_overlay_path || + SIZE_MAX - (len_idmap_root + len_overlay_path) < len_suffix) { + // additions below would cause overflow + return -1; + } + if (N < len_idmap_root + len_overlay_path + len_suffix) { + return -1; + } + memset(idmap_path, 0, N); + snprintf(idmap_path, N, "%s%s%s", prefix, overlay_path + 1, suffix); + char *ch = idmap_path + len_idmap_root; + while (*ch != '\0') { + if (*ch == '/') { + *ch = '@'; + } + ++ch; + } + return 0; +} + +int idmap(const char *target_apk, const char *overlay_apk, uid_t uid) +{ + ALOGV("idmap target_apk=%s overlay_apk=%s uid=%d\n", target_apk, overlay_apk, uid); + + int idmap_fd = -1; + char idmap_path[PATH_MAX]; + + if (flatten_path(IDMAP_PREFIX, IDMAP_SUFFIX, overlay_apk, + idmap_path, sizeof(idmap_path)) == -1) { + ALOGE("idmap cannot generate idmap path for overlay %s\n", overlay_apk); + goto fail; + } + + unlink(idmap_path); + idmap_fd = open(idmap_path, O_RDWR | O_CREAT | O_EXCL, 0644); + if (idmap_fd < 0) { + ALOGE("idmap cannot open '%s' for output: %s\n", idmap_path, strerror(errno)); + goto fail; + } + if (fchown(idmap_fd, AID_SYSTEM, uid) < 0) { + ALOGE("idmap cannot chown '%s'\n", idmap_path); + goto fail; + } + if (fchmod(idmap_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) < 0) { + ALOGE("idmap cannot chmod '%s'\n", idmap_path); + goto fail; + } + + pid_t pid; + pid = fork(); + if (pid == 0) { + /* child -- drop privileges before continuing */ + if (setgid(uid) != 0) { + ALOGE("setgid(%d) failed during idmap\n", uid); + exit(1); + } + if (setuid(uid) != 0) { + ALOGE("setuid(%d) failed during idmap\n", uid); + exit(1); + } + if (flock(idmap_fd, LOCK_EX | LOCK_NB) != 0) { + ALOGE("flock(%s) failed during idmap: %s\n", idmap_path, strerror(errno)); + exit(1); + } + + run_idmap(target_apk, overlay_apk, idmap_fd); + exit(1); /* only if exec call to idmap failed */ + } else { + int status = wait_child(pid); + if (status != 0) { + ALOGE("idmap failed, status=0x%04x\n", status); + goto fail; + } + } + + close(idmap_fd); + return 0; +fail: + if (idmap_fd >= 0) { + close(idmap_fd); + unlink(idmap_path); + } + return -1; +} + +int restorecon_data(const char* pkgName, const char* seinfo, uid_t uid) +{ + struct dirent *entry; + DIR *d; + struct stat s; + char *userdir; + char *primarydir; + char *pkgdir; + int ret = 0; + + // SELINUX_ANDROID_RESTORECON_DATADATA flag is set by libselinux. Not needed here. + unsigned int flags = SELINUX_ANDROID_RESTORECON_RECURSE; + + if (!pkgName || !seinfo) { + ALOGE("Package name or seinfo tag is null when trying to restorecon."); + return -1; + } + + if (asprintf(&primarydir, "%s%s%s", android_data_dir.path, PRIMARY_USER_PREFIX, pkgName) < 0) { + return -1; + } + + // Relabel for primary user. + if (selinux_android_restorecon_pkgdir(primarydir, seinfo, uid, flags) < 0) { + ALOGE("restorecon failed for %s: %s\n", primarydir, strerror(errno)); + ret |= -1; + } + + if (asprintf(&userdir, "%s%s", android_data_dir.path, SECONDARY_USER_PREFIX) < 0) { + free(primarydir); + return -1; + } + + // Relabel package directory for all secondary users. + d = opendir(userdir); + if (d == NULL) { + free(primarydir); + free(userdir); + return -1; + } + + while ((entry = readdir(d))) { + if (entry->d_type != DT_DIR) { + continue; + } + + const char *user = entry->d_name; + // Ignore "." and ".." + if (!strcmp(user, ".") || !strcmp(user, "..")) { + continue; + } + + // user directories start with a number + if (user[0] < '0' || user[0] > '9') { + ALOGE("Expecting numbered directory during restorecon. Instead got '%s'.", user); + continue; + } + + if (asprintf(&pkgdir, "%s%s/%s", userdir, user, pkgName) < 0) { + continue; + } + + if (stat(pkgdir, &s) < 0) { + free(pkgdir); + continue; + } + + if (selinux_android_restorecon_pkgdir(pkgdir, seinfo, uid, flags) < 0) { + ALOGE("restorecon failed for %s: %s\n", pkgdir, strerror(errno)); + ret |= -1; + } + free(pkgdir); + } + + closedir(d); + free(primarydir); + free(userdir); + return ret; +} diff --git a/cmds/installd/installd.c b/cmds/installd/installd.c index 0c80dac..a078e1c 100644 --- a/cmds/installd/installd.c +++ b/cmds/installd/installd.c @@ -38,8 +38,8 @@ static int do_install(char **arg, char reply[REPLY_MAX]) static int do_dexopt(char **arg, char reply[REPLY_MAX]) { - /* apk_path, uid, is_public */ - return dexopt(arg[0], atoi(arg[1]), atoi(arg[2])); + /* apk_path, uid, is_public, pkgname */ + return dexopt(arg[0], atoi(arg[1]), atoi(arg[2]), arg[3]); } static int do_move_dex(char **arg, char reply[REPLY_MAX]) @@ -124,6 +124,17 @@ static int do_linklib(char **arg, char reply[REPLY_MAX]) return linklib(arg[0], arg[1], atoi(arg[2])); } +static int do_idmap(char **arg, char reply[REPLY_MAX]) +{ + return idmap(arg[0], arg[1], atoi(arg[2])); +} + +static int do_restorecon_data(char **arg, char reply[REPLY_MAX] __attribute__((unused))) +{ + return restorecon_data(arg[0], arg[1], atoi(arg[2])); + /* pkgName, seinfo, uid*/ +} + struct cmdinfo { const char *name; unsigned numargs; @@ -133,7 +144,7 @@ struct cmdinfo { struct cmdinfo cmds[] = { { "ping", 0, do_ping }, { "install", 4, do_install }, - { "dexopt", 3, do_dexopt }, + { "dexopt", 4, do_dexopt }, { "movedex", 2, do_move_dex }, { "rmdex", 1, do_rm_dex }, { "remove", 2, do_remove }, @@ -147,6 +158,8 @@ struct cmdinfo cmds[] = { { "linklib", 3, do_linklib }, { "mkuserdata", 4, do_mk_user_data }, { "rmuser", 1, do_rm_user }, + { "idmap", 3, do_idmap }, + { "restorecondata", 3, do_restorecon_data }, }; static int readx(int s, void *_buf, int count) @@ -392,7 +405,7 @@ int initialize_directories() { goto fail; } - if (selinux_android_restorecon(android_media_dir.path)) { + if (selinux_android_restorecon(android_media_dir.path, 0)) { goto fail; } @@ -515,6 +528,7 @@ static void drop_privileges() { capdata[CAP_TO_INDEX(CAP_CHOWN)].permitted |= CAP_TO_MASK(CAP_CHOWN); capdata[CAP_TO_INDEX(CAP_SETUID)].permitted |= CAP_TO_MASK(CAP_SETUID); capdata[CAP_TO_INDEX(CAP_SETGID)].permitted |= CAP_TO_MASK(CAP_SETGID); + capdata[CAP_TO_INDEX(CAP_FOWNER)].permitted |= CAP_TO_MASK(CAP_FOWNER); capdata[0].effective = capdata[0].permitted; capdata[1].effective = capdata[1].permitted; @@ -527,6 +541,27 @@ static void drop_privileges() { } } +static int log_callback(int type, const char *fmt, ...) { + va_list ap; + int priority; + + switch (type) { + case SELINUX_WARNING: + priority = ANDROID_LOG_WARN; + break; + case SELINUX_INFO: + priority = ANDROID_LOG_INFO; + break; + default: + priority = ANDROID_LOG_ERROR; + break; + } + va_start(ap, fmt); + LOG_PRI_VA(priority, "SELinux", fmt, ap); + va_end(ap); + return 0; +} + int main(const int argc, const char *argv[]) { char buf[BUFFER_MAX]; struct sockaddr addr; @@ -536,6 +571,10 @@ int main(const int argc, const char *argv[]) { ALOGI("installd firing up\n"); + union selinux_callback cb; + cb.func_log = log_callback; + selinux_set_callback(SELINUX_CB_LOG, cb); + if (initialize_globals() < 0) { ALOGE("Could not initialize globals; exiting.\n"); exit(1); diff --git a/cmds/installd/installd.h b/cmds/installd/installd.h index 9ca2f86..3e9caf3 100644 --- a/cmds/installd/installd.h +++ b/cmds/installd/installd.h @@ -75,6 +75,9 @@ #define UPDATE_COMMANDS_DIR_PREFIX "/system/etc/updatecmds/" +#define IDMAP_PREFIX "/data/resource-cache/" +#define IDMAP_SUFFIX "@idmap" + #define PKG_NAME_MAX 128 /* largest allowed package name */ #define PKG_PATH_MAX 256 /* max size of any path we use */ @@ -186,6 +189,8 @@ char *build_string3(char *s1, char *s2, char *s3); int ensure_dir(const char* path, mode_t mode, uid_t uid, gid_t gid); int ensure_media_user_dirs(userid_t userid); +int create_profile_file(const char *pkgname, gid_t gid); +void remove_profile_file(const char *pkgname); /* commands.c */ @@ -204,6 +209,8 @@ int get_size(const char *pkgname, userid_t userid, const char *apkpath, const ch const char *fwdlock_apkpath, const char *asecpath, int64_t *codesize, int64_t *datasize, int64_t *cachesize, int64_t *asecsize); int free_cache(int64_t free_size); -int dexopt(const char *apk_path, uid_t uid, int is_public); +int dexopt(const char *apk_path, uid_t uid, int is_public, const char *pkgName); int movefiles(); int linklib(const char* target, const char* source, int userId); +int idmap(const char *target_path, const char *overlay_path, uid_t uid); +int restorecon_data(); diff --git a/cmds/installd/tests/Android.mk b/cmds/installd/tests/Android.mk index c0192f4..4faf3c0 100644 --- a/cmds/installd/tests/Android.mk +++ b/cmds/installd/tests/Android.mk @@ -18,7 +18,7 @@ static_libraries := \ libgtest_main c_includes := \ - frameworks/base/cmds/installd + frameworks/native/cmds/installd $(foreach file,$(test_src_files), \ $(eval include $(CLEAR_VARS)) \ diff --git a/cmds/installd/utils.c b/cmds/installd/utils.c index ef634c6..671d031 100644 --- a/cmds/installd/utils.c +++ b/cmds/installd/utils.c @@ -1,16 +1,16 @@ /* ** Copyright 2008, The Android Open Source Project ** -** Licensed under the Apache License, Version 2.0 (the "License"); -** you may not use this file except in compliance with the License. -** You may obtain a copy of the License at +** Licensed under the Apache License, Version 2.0 (the "License"); +** you may not use this file except in compliance with the License. +** You may obtain a copy of the License at ** -** http://www.apache.org/licenses/LICENSE-2.0 +** http://www.apache.org/licenses/LICENSE-2.0 ** -** Unless required by applicable law or agreed to in writing, software -** distributed under the License is distributed on an "AS IS" BASIS, -** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -** See the License for the specific language governing permissions and +** Unless required by applicable law or agreed to in writing, software +** distributed under the License is distributed on an "AS IS" BASIS, +** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +** See the License for the specific language governing permissions and ** limitations under the License. */ @@ -435,7 +435,7 @@ static void _inc_num_cache_collected(cache_t* cache) { cache->numCollected++; if ((cache->numCollected%20000) == 0) { - ALOGI("Collected cache so far: %d directories, %d files", + ALOGI("Collected cache so far: %zd directories, %zd files", cache->numDirs, cache->numFiles); } } @@ -730,7 +730,7 @@ void clear_cache_files(cache_t* cache, int64_t free_size) int skip = 0; char path[PATH_MAX]; - ALOGI("Collected cache files: %d directories, %d files", + ALOGI("Collected cache files: %zd directories, %zd files", cache->numDirs, cache->numFiles); CACHE_NOISY(ALOGI("Sorting files...")); @@ -1005,3 +1005,65 @@ int ensure_media_user_dirs(userid_t userid) { return 0; } + +int create_profile_file(const char *pkgname, gid_t gid) { + const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; + struct stat profileStat; + char profile_file[PKG_PATH_MAX]; + + // If we don't have a profile directory under dalvik-cache we need to create one. + if (stat(profile_dir, &profileStat) < 0) { + // Create the profile directory under dalvik-cache. + if (mkdir(profile_dir, 0711) < 0) { + ALOGE("cannot make profile dir '%s': %s\n", profile_dir, strerror(errno)); + return -1; + } + + // Make the profile directory write-only for group and other. Owner can rwx it. + if (chmod(profile_dir, 0711) < 0) { + ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno)); + rmdir(profile_dir); + return -1; + } + + if (selinux_android_restorecon(profile_dir, 0) < 0) { + ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno)); + rmdir(profile_dir); + return -1; + } + } + + snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); + + // The 'system' user needs to be able to read the profile to determine if dex2oat + // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So + // we make it world readable. Not a problem since the dalvik cache is world + // readable anyway. + + int fd = open(profile_file, O_WRONLY | O_CREAT | O_EXCL | O_NOFOLLOW, 0664); + + // Open will fail if the file already exists. We want to ignore that. + if (fd >= 0) { + if (fchown(fd, -1, gid) < 0) { + ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); + close(fd); + unlink(profile_file); + return -1; + } + + if (fchmod(fd, 0664) < 0) { + ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); + close(fd); + unlink(profile_file); + return -1; + } + close(fd); + } + return 0; +} + +void remove_profile_file(const char *pkgname) { + char profile_file[PKG_PATH_MAX]; + snprintf(profile_file, sizeof(profile_file), "%s/%s", DALVIK_CACHE_PREFIX "profiles", pkgname); + unlink(profile_file); +} diff --git a/cmds/servicemanager/Android.mk b/cmds/servicemanager/Android.mk index 8840867..4ab8df6 100644 --- a/cmds/servicemanager/Android.mk +++ b/cmds/servicemanager/Android.mk @@ -1,12 +1,25 @@ LOCAL_PATH:= $(call my-dir) -#include $(CLEAR_VARS) -#LOCAL_SRC_FILES := bctest.c binder.c -#LOCAL_MODULE := bctest -#include $(BUILD_EXECUTABLE) +svc_c_flags = \ + -Wall -Wextra \ + +ifneq ($(TARGET_USES_64_BIT_BINDER),true) +ifneq ($(TARGET_IS_64_BIT),true) +svc_c_flags += -DBINDER_IPC_32BIT=1 +endif +endif + +include $(CLEAR_VARS) +LOCAL_SHARED_LIBRARIES := liblog +LOCAL_SRC_FILES := bctest.c binder.c +LOCAL_CFLAGS += $(svc_c_flags) +LOCAL_MODULE := bctest +LOCAL_MODULE_TAGS := optional +include $(BUILD_EXECUTABLE) include $(CLEAR_VARS) LOCAL_SHARED_LIBRARIES := liblog LOCAL_SRC_FILES := service_manager.c binder.c +LOCAL_CFLAGS += $(svc_c_flags) LOCAL_MODULE := servicemanager include $(BUILD_EXECUTABLE) diff --git a/cmds/servicemanager/bctest.c b/cmds/servicemanager/bctest.c index ff5aced..e02b45d 100644 --- a/cmds/servicemanager/bctest.c +++ b/cmds/servicemanager/bctest.c @@ -7,9 +7,9 @@ #include "binder.h" -void *svcmgr_lookup(struct binder_state *bs, void *target, const char *name) +uint32_t svcmgr_lookup(struct binder_state *bs, uint32_t target, const char *name) { - void *ptr; + uint32_t handle; unsigned iodata[512/4]; struct binder_io msg, reply; @@ -21,19 +21,19 @@ void *svcmgr_lookup(struct binder_state *bs, void *target, const char *name) if (binder_call(bs, &msg, &reply, target, SVC_MGR_CHECK_SERVICE)) return 0; - ptr = bio_get_ref(&reply); + handle = bio_get_ref(&reply); - if (ptr) - binder_acquire(bs, ptr); + if (handle) + binder_acquire(bs, handle); binder_done(bs, &msg, &reply); - return ptr; + return handle; } -int svcmgr_publish(struct binder_state *bs, void *target, const char *name, void *ptr) +int svcmgr_publish(struct binder_state *bs, uint32_t target, const char *name, void *ptr) { - unsigned status; + int status; unsigned iodata[512/4]; struct binder_io msg, reply; @@ -59,29 +59,33 @@ int main(int argc, char **argv) { int fd; struct binder_state *bs; - void *svcmgr = BINDER_SERVICE_MANAGER; + uint32_t svcmgr = BINDER_SERVICE_MANAGER; + uint32_t handle; bs = binder_open(128*1024); + if (!bs) { + fprintf(stderr, "failed to open binder driver\n"); + return -1; + } argc--; argv++; while (argc > 0) { if (!strcmp(argv[0],"alt")) { - void *ptr = svcmgr_lookup(bs, svcmgr, "alt_svc_mgr"); - if (!ptr) { + handle = svcmgr_lookup(bs, svcmgr, "alt_svc_mgr"); + if (!handle) { fprintf(stderr,"cannot find alt_svc_mgr\n"); return -1; } - svcmgr = ptr; - fprintf(stderr,"svcmgr is via %p\n", ptr); + svcmgr = handle; + fprintf(stderr,"svcmgr is via %x\n", handle); } else if (!strcmp(argv[0],"lookup")) { - void *ptr; if (argc < 2) { fprintf(stderr,"argument required\n"); return -1; } - ptr = svcmgr_lookup(bs, svcmgr, argv[1]); - fprintf(stderr,"lookup(%s) = %p\n", argv[1], ptr); + handle = svcmgr_lookup(bs, svcmgr, argv[1]); + fprintf(stderr,"lookup(%s) = %x\n", argv[1], handle); argc--; argv++; } else if (!strcmp(argv[0],"publish")) { diff --git a/cmds/servicemanager/binder.c b/cmds/servicemanager/binder.c index 1985756..db7632d 100644 --- a/cmds/servicemanager/binder.c +++ b/cmds/servicemanager/binder.c @@ -1,6 +1,7 @@ /* Copyright 2008 The Android Open Source Project */ +#include <inttypes.h> #include <stdio.h> #include <stdlib.h> #include <errno.h> @@ -17,17 +18,17 @@ #define LOG_TAG "Binder" #include <cutils/log.h> -void bio_init_from_txn(struct binder_io *io, struct binder_txn *txn); +void bio_init_from_txn(struct binder_io *io, struct binder_transaction_data *txn); #if TRACE -void hexdump(void *_data, unsigned len) +void hexdump(void *_data, size_t len) { unsigned char *data = _data; - unsigned count; + size_t count; for (count = 0; count < len; count++) { if ((count & 15) == 0) - fprintf(stderr,"%04x:", count); + fprintf(stderr,"%04zu:", count); fprintf(stderr," %02x %c", *data, (*data < 32) || (*data > 126) ? '.' : *data); data++; @@ -38,21 +39,21 @@ void hexdump(void *_data, unsigned len) fprintf(stderr,"\n"); } -void binder_dump_txn(struct binder_txn *txn) +void binder_dump_txn(struct binder_transaction_data *txn) { - struct binder_object *obj; - unsigned *offs = txn->offs; - unsigned count = txn->offs_size / 4; - - fprintf(stderr," target %p cookie %p code %08x flags %08x\n", - txn->target, txn->cookie, txn->code, txn->flags); - fprintf(stderr," pid %8d uid %8d data %8d offs %8d\n", - txn->sender_pid, txn->sender_euid, txn->data_size, txn->offs_size); - hexdump(txn->data, txn->data_size); + struct flat_binder_object *obj; + binder_size_t *offs = (binder_size_t *)(uintptr_t)txn->data.ptr.offsets; + size_t count = txn->offsets_size / sizeof(binder_size_t); + + fprintf(stderr," target %016"PRIx64" cookie %016"PRIx64" code %08x flags %08x\n", + (uint64_t)txn->target.ptr, (uint64_t)txn->cookie, txn->code, txn->flags); + fprintf(stderr," pid %8d uid %8d data %"PRIu64" offs %"PRIu64"\n", + txn->sender_pid, txn->sender_euid, (uint64_t)txn->data_size, (uint64_t)txn->offsets_size); + hexdump((void *)(uintptr_t)txn->data.ptr.buffer, txn->data_size); while (count--) { - obj = (void*) (((char*) txn->data) + *offs++); - fprintf(stderr," - type %08x flags %08x ptr %p cookie %p\n", - obj->type, obj->flags, obj->pointer, obj->cookie); + obj = (struct flat_binder_object *) (((char*)(uintptr_t)txn->data.ptr.buffer) + *offs++); + fprintf(stderr," - type %08x flags %08x ptr %016"PRIx64" cookie %016"PRIx64"\n", + obj->type, obj->flags, (uint64_t)obj->binder, (uint64_t)obj->cookie); } } @@ -88,17 +89,18 @@ struct binder_state { int fd; void *mapped; - unsigned mapsize; + size_t mapsize; }; -struct binder_state *binder_open(unsigned mapsize) +struct binder_state *binder_open(size_t mapsize) { struct binder_state *bs; + struct binder_version vers; bs = malloc(sizeof(*bs)); if (!bs) { errno = ENOMEM; - return 0; + return NULL; } bs->fd = open("/dev/binder", O_RDWR); @@ -108,6 +110,12 @@ struct binder_state *binder_open(unsigned mapsize) goto fail_open; } + if ((ioctl(bs->fd, BINDER_VERSION, &vers) == -1) || + (vers.protocol_version != BINDER_CURRENT_PROTOCOL_VERSION)) { + fprintf(stderr, "binder: driver version differs from user space\n"); + goto fail_open; + } + bs->mapsize = mapsize; bs->mapped = mmap(NULL, mapsize, PROT_READ, MAP_PRIVATE, bs->fd, 0); if (bs->mapped == MAP_FAILED) { @@ -116,15 +124,13 @@ struct binder_state *binder_open(unsigned mapsize) goto fail_map; } - /* TODO: check version */ - return bs; fail_map: close(bs->fd); fail_open: free(bs); - return 0; + return NULL; } void binder_close(struct binder_state *bs) @@ -139,13 +145,14 @@ int binder_become_context_manager(struct binder_state *bs) return ioctl(bs->fd, BINDER_SET_CONTEXT_MGR, 0); } -int binder_write(struct binder_state *bs, void *data, unsigned len) +int binder_write(struct binder_state *bs, void *data, size_t len) { struct binder_write_read bwr; int res; + bwr.write_size = len; bwr.write_consumed = 0; - bwr.write_buffer = (unsigned) data; + bwr.write_buffer = (uintptr_t) data; bwr.read_size = 0; bwr.read_consumed = 0; bwr.read_buffer = 0; @@ -159,46 +166,47 @@ int binder_write(struct binder_state *bs, void *data, unsigned len) void binder_send_reply(struct binder_state *bs, struct binder_io *reply, - void *buffer_to_free, + binder_uintptr_t buffer_to_free, int status) { struct { uint32_t cmd_free; - void *buffer; + binder_uintptr_t buffer; uint32_t cmd_reply; - struct binder_txn txn; + struct binder_transaction_data txn; } __attribute__((packed)) data; data.cmd_free = BC_FREE_BUFFER; data.buffer = buffer_to_free; data.cmd_reply = BC_REPLY; - data.txn.target = 0; + data.txn.target.ptr = 0; data.txn.cookie = 0; data.txn.code = 0; if (status) { data.txn.flags = TF_STATUS_CODE; data.txn.data_size = sizeof(int); - data.txn.offs_size = 0; - data.txn.data = &status; - data.txn.offs = 0; + data.txn.offsets_size = 0; + data.txn.data.ptr.buffer = (uintptr_t)&status; + data.txn.data.ptr.offsets = 0; } else { data.txn.flags = 0; data.txn.data_size = reply->data - reply->data0; - data.txn.offs_size = ((char*) reply->offs) - ((char*) reply->offs0); - data.txn.data = reply->data0; - data.txn.offs = reply->offs0; + data.txn.offsets_size = ((char*) reply->offs) - ((char*) reply->offs0); + data.txn.data.ptr.buffer = (uintptr_t)reply->data0; + data.txn.data.ptr.offsets = (uintptr_t)reply->offs0; } binder_write(bs, &data, sizeof(data)); } int binder_parse(struct binder_state *bs, struct binder_io *bio, - uint32_t *ptr, uint32_t size, binder_handler func) + uintptr_t ptr, size_t size, binder_handler func) { int r = 1; - uint32_t *end = ptr + (size / 4); + uintptr_t end = ptr + (uintptr_t) size; while (ptr < end) { - uint32_t cmd = *ptr++; + uint32_t cmd = *(uint32_t *) ptr; + ptr += sizeof(uint32_t); #if TRACE fprintf(stderr,"%s:\n", cmd_name(cmd)); #endif @@ -212,13 +220,13 @@ int binder_parse(struct binder_state *bs, struct binder_io *bio, case BR_RELEASE: case BR_DECREFS: #if TRACE - fprintf(stderr," %08x %08x\n", ptr[0], ptr[1]); + fprintf(stderr," %p, %p\n", (void *)ptr, (void *)(ptr + sizeof(void *))); #endif - ptr += 2; + ptr += sizeof(struct binder_ptr_cookie); break; case BR_TRANSACTION: { - struct binder_txn *txn = (void *) ptr; - if ((end - ptr) * sizeof(uint32_t) < sizeof(struct binder_txn)) { + struct binder_transaction_data *txn = (struct binder_transaction_data *) ptr; + if ((end - ptr) < sizeof(*txn)) { ALOGE("parse: txn too small!\n"); return -1; } @@ -232,14 +240,14 @@ int binder_parse(struct binder_state *bs, struct binder_io *bio, bio_init(&reply, rdata, sizeof(rdata), 4); bio_init_from_txn(&msg, txn); res = func(bs, txn, &msg, &reply); - binder_send_reply(bs, &reply, txn->data, res); + binder_send_reply(bs, &reply, txn->data.ptr.buffer, res); } - ptr += sizeof(*txn) / sizeof(uint32_t); + ptr += sizeof(*txn); break; } case BR_REPLY: { - struct binder_txn *txn = (void*) ptr; - if ((end - ptr) * sizeof(uint32_t) < sizeof(struct binder_txn)) { + struct binder_transaction_data *txn = (struct binder_transaction_data *) ptr; + if ((end - ptr) < sizeof(*txn)) { ALOGE("parse: reply too small!\n"); return -1; } @@ -248,14 +256,15 @@ int binder_parse(struct binder_state *bs, struct binder_io *bio, bio_init_from_txn(bio, txn); bio = 0; } else { - /* todo FREE BUFFER */ + /* todo FREE BUFFER */ } - ptr += (sizeof(*txn) / sizeof(uint32_t)); + ptr += sizeof(*txn); r = 0; break; } case BR_DEAD_BINDER: { - struct binder_death *death = (void*) *ptr++; + struct binder_death *death = (struct binder_death *)(uintptr_t) *(binder_uintptr_t *)ptr; + ptr += sizeof(binder_uintptr_t); death->func(bs, death->ptr); break; } @@ -274,42 +283,45 @@ int binder_parse(struct binder_state *bs, struct binder_io *bio, return r; } -void binder_acquire(struct binder_state *bs, void *ptr) +void binder_acquire(struct binder_state *bs, uint32_t target) { uint32_t cmd[2]; cmd[0] = BC_ACQUIRE; - cmd[1] = (uint32_t) ptr; + cmd[1] = target; binder_write(bs, cmd, sizeof(cmd)); } -void binder_release(struct binder_state *bs, void *ptr) +void binder_release(struct binder_state *bs, uint32_t target) { uint32_t cmd[2]; cmd[0] = BC_RELEASE; - cmd[1] = (uint32_t) ptr; + cmd[1] = target; binder_write(bs, cmd, sizeof(cmd)); } -void binder_link_to_death(struct binder_state *bs, void *ptr, struct binder_death *death) +void binder_link_to_death(struct binder_state *bs, uint32_t target, struct binder_death *death) { - uint32_t cmd[3]; - cmd[0] = BC_REQUEST_DEATH_NOTIFICATION; - cmd[1] = (uint32_t) ptr; - cmd[2] = (uint32_t) death; - binder_write(bs, cmd, sizeof(cmd)); -} + struct { + uint32_t cmd; + struct binder_handle_cookie payload; + } __attribute__((packed)) data; + data.cmd = BC_REQUEST_DEATH_NOTIFICATION; + data.payload.handle = target; + data.payload.cookie = (uintptr_t) death; + binder_write(bs, &data, sizeof(data)); +} int binder_call(struct binder_state *bs, struct binder_io *msg, struct binder_io *reply, - void *target, uint32_t code) + uint32_t target, uint32_t code) { int res; struct binder_write_read bwr; struct { uint32_t cmd; - struct binder_txn txn; - } writebuf; + struct binder_transaction_data txn; + } __attribute__((packed)) writebuf; unsigned readbuf[32]; if (msg->flags & BIO_F_OVERFLOW) { @@ -318,23 +330,23 @@ int binder_call(struct binder_state *bs, } writebuf.cmd = BC_TRANSACTION; - writebuf.txn.target = target; + writebuf.txn.target.handle = target; writebuf.txn.code = code; writebuf.txn.flags = 0; writebuf.txn.data_size = msg->data - msg->data0; - writebuf.txn.offs_size = ((char*) msg->offs) - ((char*) msg->offs0); - writebuf.txn.data = msg->data0; - writebuf.txn.offs = msg->offs0; + writebuf.txn.offsets_size = ((char*) msg->offs) - ((char*) msg->offs0); + writebuf.txn.data.ptr.buffer = (uintptr_t)msg->data0; + writebuf.txn.data.ptr.offsets = (uintptr_t)msg->offs0; bwr.write_size = sizeof(writebuf); bwr.write_consumed = 0; - bwr.write_buffer = (unsigned) &writebuf; - + bwr.write_buffer = (uintptr_t) &writebuf; + hexdump(msg->data0, msg->data - msg->data0); for (;;) { bwr.read_size = sizeof(readbuf); bwr.read_consumed = 0; - bwr.read_buffer = (unsigned) readbuf; + bwr.read_buffer = (uintptr_t) readbuf; res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr); @@ -343,7 +355,7 @@ int binder_call(struct binder_state *bs, goto fail; } - res = binder_parse(bs, reply, readbuf, bwr.read_consumed, 0); + res = binder_parse(bs, reply, (uintptr_t) readbuf, bwr.read_consumed, 0); if (res == 0) return 0; if (res < 0) goto fail; } @@ -358,19 +370,19 @@ void binder_loop(struct binder_state *bs, binder_handler func) { int res; struct binder_write_read bwr; - unsigned readbuf[32]; + uint32_t readbuf[32]; bwr.write_size = 0; bwr.write_consumed = 0; bwr.write_buffer = 0; - + readbuf[0] = BC_ENTER_LOOPER; - binder_write(bs, readbuf, sizeof(unsigned)); + binder_write(bs, readbuf, sizeof(uint32_t)); for (;;) { bwr.read_size = sizeof(readbuf); bwr.read_consumed = 0; - bwr.read_buffer = (unsigned) readbuf; + bwr.read_buffer = (uintptr_t) readbuf; res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr); @@ -379,7 +391,7 @@ void binder_loop(struct binder_state *bs, binder_handler func) break; } - res = binder_parse(bs, 0, readbuf, bwr.read_consumed, func); + res = binder_parse(bs, 0, (uintptr_t) readbuf, bwr.read_consumed, func); if (res == 0) { ALOGE("binder_loop: unexpected reply?!\n"); break; @@ -391,19 +403,19 @@ void binder_loop(struct binder_state *bs, binder_handler func) } } -void bio_init_from_txn(struct binder_io *bio, struct binder_txn *txn) +void bio_init_from_txn(struct binder_io *bio, struct binder_transaction_data *txn) { - bio->data = bio->data0 = txn->data; - bio->offs = bio->offs0 = txn->offs; + bio->data = bio->data0 = (char *)(intptr_t)txn->data.ptr.buffer; + bio->offs = bio->offs0 = (binder_size_t *)(intptr_t)txn->data.ptr.offsets; bio->data_avail = txn->data_size; - bio->offs_avail = txn->offs_size / 4; + bio->offs_avail = txn->offsets_size / sizeof(size_t); bio->flags = BIO_F_SHARED; } void bio_init(struct binder_io *bio, void *data, - uint32_t maxdata, uint32_t maxoffs) + size_t maxdata, size_t maxoffs) { - uint32_t n = maxoffs * sizeof(uint32_t); + size_t n = maxoffs * sizeof(size_t); if (n > maxdata) { bio->flags = BIO_F_OVERFLOW; @@ -419,12 +431,12 @@ void bio_init(struct binder_io *bio, void *data, bio->flags = 0; } -static void *bio_alloc(struct binder_io *bio, uint32_t size) +static void *bio_alloc(struct binder_io *bio, size_t size) { size = (size + 3) & (~3); if (size > bio->data_avail) { bio->flags |= BIO_F_OVERFLOW; - return 0; + return NULL; } else { void *ptr = bio->data; bio->data += size; @@ -437,21 +449,25 @@ void binder_done(struct binder_state *bs, struct binder_io *msg, struct binder_io *reply) { + struct { + uint32_t cmd; + uintptr_t buffer; + } __attribute__((packed)) data; + if (reply->flags & BIO_F_SHARED) { - uint32_t cmd[2]; - cmd[0] = BC_FREE_BUFFER; - cmd[1] = (uint32_t) reply->data0; - binder_write(bs, cmd, sizeof(cmd)); + data.cmd = BC_FREE_BUFFER; + data.buffer = (uintptr_t) reply->data0; + binder_write(bs, &data, sizeof(data)); reply->flags = 0; } } -static struct binder_object *bio_alloc_obj(struct binder_io *bio) +static struct flat_binder_object *bio_alloc_obj(struct binder_io *bio) { - struct binder_object *obj; + struct flat_binder_object *obj; obj = bio_alloc(bio, sizeof(*obj)); - + if (obj && bio->offs_avail) { bio->offs_avail--; *bio->offs++ = ((char*) obj) - ((char*) bio->data0); @@ -459,7 +475,7 @@ static struct binder_object *bio_alloc_obj(struct binder_io *bio) } bio->flags |= BIO_F_OVERFLOW; - return 0; + return NULL; } void bio_put_uint32(struct binder_io *bio, uint32_t n) @@ -471,7 +487,7 @@ void bio_put_uint32(struct binder_io *bio, uint32_t n) void bio_put_obj(struct binder_io *bio, void *ptr) { - struct binder_object *obj; + struct flat_binder_object *obj; obj = bio_alloc_obj(bio); if (!obj) @@ -479,15 +495,15 @@ void bio_put_obj(struct binder_io *bio, void *ptr) obj->flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS; obj->type = BINDER_TYPE_BINDER; - obj->pointer = ptr; + obj->binder = (uintptr_t)ptr; obj->cookie = 0; } -void bio_put_ref(struct binder_io *bio, void *ptr) +void bio_put_ref(struct binder_io *bio, uint32_t handle) { - struct binder_object *obj; + struct flat_binder_object *obj; - if (ptr) + if (handle) obj = bio_alloc_obj(bio); else obj = bio_alloc(bio, sizeof(*obj)); @@ -497,13 +513,13 @@ void bio_put_ref(struct binder_io *bio, void *ptr) obj->flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS; obj->type = BINDER_TYPE_HANDLE; - obj->pointer = ptr; + obj->handle = handle; obj->cookie = 0; } void bio_put_string16(struct binder_io *bio, const uint16_t *str) { - uint32_t len; + size_t len; uint16_t *ptr; if (!str) { @@ -519,7 +535,8 @@ void bio_put_string16(struct binder_io *bio, const uint16_t *str) return; } - bio_put_uint32(bio, len); + /* Note: The payload will carry 32bit size instead of size_t */ + bio_put_uint32(bio, (uint32_t) len); len = (len + 1) * sizeof(uint16_t); ptr = bio_alloc(bio, len); if (ptr) @@ -529,7 +546,7 @@ void bio_put_string16(struct binder_io *bio, const uint16_t *str) void bio_put_string16_x(struct binder_io *bio, const char *_str) { unsigned char *str = (unsigned char*) _str; - uint32_t len; + size_t len; uint16_t *ptr; if (!str) { @@ -544,6 +561,7 @@ void bio_put_string16_x(struct binder_io *bio, const char *_str) return; } + /* Note: The payload will carry 32bit size instead of size_t */ bio_put_uint32(bio, len); ptr = bio_alloc(bio, (len + 1) * sizeof(uint16_t)); if (!ptr) @@ -554,14 +572,14 @@ void bio_put_string16_x(struct binder_io *bio, const char *_str) *ptr++ = 0; } -static void *bio_get(struct binder_io *bio, uint32_t size) +static void *bio_get(struct binder_io *bio, size_t size) { size = (size + 3) & (~3); if (bio->data_avail < size){ bio->data_avail = 0; bio->flags |= BIO_F_OVERFLOW; - return 0; + return NULL; } else { void *ptr = bio->data; bio->data += size; @@ -576,41 +594,43 @@ uint32_t bio_get_uint32(struct binder_io *bio) return ptr ? *ptr : 0; } -uint16_t *bio_get_string16(struct binder_io *bio, unsigned *sz) +uint16_t *bio_get_string16(struct binder_io *bio, size_t *sz) { - unsigned len; - len = bio_get_uint32(bio); + size_t len; + + /* Note: The payload will carry 32bit size instead of size_t */ + len = (size_t) bio_get_uint32(bio); if (sz) *sz = len; return bio_get(bio, (len + 1) * sizeof(uint16_t)); } -static struct binder_object *_bio_get_obj(struct binder_io *bio) +static struct flat_binder_object *_bio_get_obj(struct binder_io *bio) { - unsigned n; - unsigned off = bio->data - bio->data0; + size_t n; + size_t off = bio->data - bio->data0; - /* TODO: be smarter about this? */ + /* TODO: be smarter about this? */ for (n = 0; n < bio->offs_avail; n++) { if (bio->offs[n] == off) - return bio_get(bio, sizeof(struct binder_object)); + return bio_get(bio, sizeof(struct flat_binder_object)); } bio->data_avail = 0; bio->flags |= BIO_F_OVERFLOW; - return 0; + return NULL; } -void *bio_get_ref(struct binder_io *bio) +uint32_t bio_get_ref(struct binder_io *bio) { - struct binder_object *obj; + struct flat_binder_object *obj; obj = _bio_get_obj(bio); if (!obj) return 0; if (obj->type == BINDER_TYPE_HANDLE) - return obj->pointer; + return obj->handle; return 0; } diff --git a/cmds/servicemanager/binder.h b/cmds/servicemanager/binder.h index d8c51ef..7915fc2 100644 --- a/cmds/servicemanager/binder.h +++ b/cmds/servicemanager/binder.h @@ -9,39 +9,15 @@ struct binder_state; -struct binder_object -{ - uint32_t type; - uint32_t flags; - void *pointer; - void *cookie; -}; - -struct binder_txn -{ - void *target; - void *cookie; - uint32_t code; - uint32_t flags; - - uint32_t sender_pid; - uint32_t sender_euid; - - uint32_t data_size; - uint32_t offs_size; - void *data; - void *offs; -}; - struct binder_io { char *data; /* pointer to read/write from */ - uint32_t *offs; /* array of offsets */ - uint32_t data_avail; /* bytes available in data buffer */ - uint32_t offs_avail; /* entries available in offsets array */ + binder_size_t *offs; /* array of offsets */ + size_t data_avail; /* bytes available in data buffer */ + size_t offs_avail; /* entries available in offsets array */ char *data0; /* start of data buffer */ - uint32_t *offs0; /* start of offsets buffer */ + binder_size_t *offs0; /* start of offsets buffer */ uint32_t flags; uint32_t unused; }; @@ -49,14 +25,16 @@ struct binder_io struct binder_death { void (*func)(struct binder_state *bs, void *ptr); void *ptr; -}; +}; -/* the one magic object */ -#define BINDER_SERVICE_MANAGER ((void*) 0) +/* the one magic handle */ +#define BINDER_SERVICE_MANAGER 0U #define SVC_MGR_NAME "android.os.IServiceManager" enum { + /* Must match definitions in IBinder.h and IServiceManager.h */ + PING_TRANSACTION = B_PACK_CHARS('_','P','N','G'), SVC_MGR_GET_SERVICE = 1, SVC_MGR_CHECK_SERVICE, SVC_MGR_ADD_SERVICE, @@ -64,11 +42,11 @@ enum { }; typedef int (*binder_handler)(struct binder_state *bs, - struct binder_txn *txn, + struct binder_transaction_data *txn, struct binder_io *msg, struct binder_io *reply); -struct binder_state *binder_open(unsigned mapsize); +struct binder_state *binder_open(size_t mapsize); void binder_close(struct binder_state *bs); /* initiate a blocking binder call @@ -76,7 +54,7 @@ void binder_close(struct binder_state *bs); */ int binder_call(struct binder_state *bs, struct binder_io *msg, struct binder_io *reply, - void *target, uint32_t code); + uint32_t target, uint32_t code); /* release any state associate with the binder_io * - call once any necessary data has been extracted from the @@ -87,10 +65,10 @@ void binder_done(struct binder_state *bs, struct binder_io *msg, struct binder_io *reply); /* manipulate strong references */ -void binder_acquire(struct binder_state *bs, void *ptr); -void binder_release(struct binder_state *bs, void *ptr); +void binder_acquire(struct binder_state *bs, uint32_t target); +void binder_release(struct binder_state *bs, uint32_t target); -void binder_link_to_death(struct binder_state *bs, void *ptr, struct binder_death *death); +void binder_link_to_death(struct binder_state *bs, uint32_t target, struct binder_death *death); void binder_loop(struct binder_state *bs, binder_handler func); @@ -101,19 +79,16 @@ int binder_become_context_manager(struct binder_state *bs); * offset entries to reserve from the buffer */ void bio_init(struct binder_io *bio, void *data, - uint32_t maxdata, uint32_t maxobjects); - -void bio_destroy(struct binder_io *bio); + size_t maxdata, size_t maxobjects); void bio_put_obj(struct binder_io *bio, void *ptr); -void bio_put_ref(struct binder_io *bio, void *ptr); +void bio_put_ref(struct binder_io *bio, uint32_t handle); void bio_put_uint32(struct binder_io *bio, uint32_t n); void bio_put_string16(struct binder_io *bio, const uint16_t *str); void bio_put_string16_x(struct binder_io *bio, const char *_str); uint32_t bio_get_uint32(struct binder_io *bio); -uint16_t *bio_get_string16(struct binder_io *bio, uint32_t *sz); -void *bio_get_obj(struct binder_io *bio); -void *bio_get_ref(struct binder_io *bio); +uint16_t *bio_get_string16(struct binder_io *bio, size_t *sz); +uint32_t bio_get_ref(struct binder_io *bio); #endif diff --git a/cmds/servicemanager/service_manager.c b/cmds/servicemanager/service_manager.c index 3eaf1eb..79ce6ed 100644 --- a/cmds/servicemanager/service_manager.c +++ b/cmds/servicemanager/service_manager.c @@ -24,7 +24,7 @@ * uid can register media.*, etc) */ static struct { - unsigned uid; + uid_t uid; const char *name; } allowed[] = { { AID_MEDIA, "media.audio_flinger" }, @@ -50,9 +50,9 @@ static struct { { AID_KEYSTORE, "android.security.keystore" }, }; -void *svcmgr_handle; +uint32_t svcmgr_handle; -const char *str8(uint16_t *x) +const char *str8(const uint16_t *x) { static char buf[128]; unsigned max = 127; @@ -67,7 +67,7 @@ const char *str8(uint16_t *x) return buf; } -int str16eq(uint16_t *a, const char *b) +int str16eq(const uint16_t *a, const char *b) { while (*a && *b) if (*a++ != *b++) return 0; @@ -76,10 +76,10 @@ int str16eq(uint16_t *a, const char *b) return 1; } -int svc_can_register(unsigned uid, uint16_t *name) +int svc_can_register(uid_t uid, const uint16_t *name) { - unsigned n; - + size_t n; + if ((uid == 0) || (uid == AID_SYSTEM)) return 1; @@ -90,19 +90,19 @@ int svc_can_register(unsigned uid, uint16_t *name) return 0; } -struct svcinfo +struct svcinfo { struct svcinfo *next; - void *ptr; + uint32_t handle; struct binder_death death; int allow_isolated; - unsigned len; + size_t len; uint16_t name[0]; }; -struct svcinfo *svclist = 0; +struct svcinfo *svclist = NULL; -struct svcinfo *find_svc(uint16_t *s16, unsigned len) +struct svcinfo *find_svc(const uint16_t *s16, size_t len) { struct svcinfo *si; @@ -112,112 +112,117 @@ struct svcinfo *find_svc(uint16_t *s16, unsigned len) return si; } } - return 0; + return NULL; } void svcinfo_death(struct binder_state *bs, void *ptr) { - struct svcinfo *si = ptr; + struct svcinfo *si = (struct svcinfo* ) ptr; + ALOGI("service '%s' died\n", str8(si->name)); - if (si->ptr) { - binder_release(bs, si->ptr); - si->ptr = 0; - } + if (si->handle) { + binder_release(bs, si->handle); + si->handle = 0; + } } -uint16_t svcmgr_id[] = { +uint16_t svcmgr_id[] = { 'a','n','d','r','o','i','d','.','o','s','.', - 'I','S','e','r','v','i','c','e','M','a','n','a','g','e','r' + 'I','S','e','r','v','i','c','e','M','a','n','a','g','e','r' }; - -void *do_find_service(struct binder_state *bs, uint16_t *s, unsigned len, unsigned uid) + +uint32_t do_find_service(struct binder_state *bs, const uint16_t *s, size_t len, uid_t uid) { struct svcinfo *si; - si = find_svc(s, len); -// ALOGI("check_service('%s') ptr = %p\n", str8(s), si ? si->ptr : 0); - if (si && si->ptr) { + si = find_svc(s, len); + //ALOGI("check_service('%s') handle = %x\n", str8(s), si ? si->handle : 0); + if (si && si->handle) { if (!si->allow_isolated) { // If this service doesn't allow access from isolated processes, // then check the uid to see if it is isolated. - unsigned appid = uid % AID_USER; + uid_t appid = uid % AID_USER; if (appid >= AID_ISOLATED_START && appid <= AID_ISOLATED_END) { return 0; } } - return si->ptr; + return si->handle; } else { return 0; } } int do_add_service(struct binder_state *bs, - uint16_t *s, unsigned len, - void *ptr, unsigned uid, int allow_isolated) + const uint16_t *s, size_t len, + uint32_t handle, uid_t uid, int allow_isolated) { struct svcinfo *si; - //ALOGI("add_service('%s',%p,%s) uid=%d\n", str8(s), ptr, + + //ALOGI("add_service('%s',%x,%s) uid=%d\n", str8(s), handle, // allow_isolated ? "allow_isolated" : "!allow_isolated", uid); - if (!ptr || (len == 0) || (len > 127)) + if (!handle || (len == 0) || (len > 127)) return -1; if (!svc_can_register(uid, s)) { - ALOGE("add_service('%s',%p) uid=%d - PERMISSION DENIED\n", - str8(s), ptr, uid); + ALOGE("add_service('%s',%x) uid=%d - PERMISSION DENIED\n", + str8(s), handle, uid); return -1; } si = find_svc(s, len); if (si) { - if (si->ptr) { - ALOGE("add_service('%s',%p) uid=%d - ALREADY REGISTERED, OVERRIDE\n", - str8(s), ptr, uid); + if (si->handle) { + ALOGE("add_service('%s',%x) uid=%d - ALREADY REGISTERED, OVERRIDE\n", + str8(s), handle, uid); svcinfo_death(bs, si); } - si->ptr = ptr; + si->handle = handle; } else { si = malloc(sizeof(*si) + (len + 1) * sizeof(uint16_t)); if (!si) { - ALOGE("add_service('%s',%p) uid=%d - OUT OF MEMORY\n", - str8(s), ptr, uid); + ALOGE("add_service('%s',%x) uid=%d - OUT OF MEMORY\n", + str8(s), handle, uid); return -1; } - si->ptr = ptr; + si->handle = handle; si->len = len; memcpy(si->name, s, (len + 1) * sizeof(uint16_t)); si->name[len] = '\0'; - si->death.func = svcinfo_death; + si->death.func = (void*) svcinfo_death; si->death.ptr = si; si->allow_isolated = allow_isolated; si->next = svclist; svclist = si; } - binder_acquire(bs, ptr); - binder_link_to_death(bs, ptr, &si->death); + binder_acquire(bs, handle); + binder_link_to_death(bs, handle, &si->death); return 0; } int svcmgr_handler(struct binder_state *bs, - struct binder_txn *txn, + struct binder_transaction_data *txn, struct binder_io *msg, struct binder_io *reply) { struct svcinfo *si; uint16_t *s; - unsigned len; - void *ptr; + size_t len; + uint32_t handle; uint32_t strict_policy; int allow_isolated; -// ALOGI("target=%p code=%d pid=%d uid=%d\n", -// txn->target, txn->code, txn->sender_pid, txn->sender_euid); + //ALOGI("target=%x code=%d pid=%d uid=%d\n", + // txn->target.handle, txn->code, txn->sender_pid, txn->sender_euid); - if (txn->target != svcmgr_handle) + if (txn->target.handle != svcmgr_handle) return -1; + if (txn->code == PING_TRANSACTION) + return 0; + // Equivalent to Parcel::enforceInterface(), reading the RPC // header with the strict mode policy mask and the interface name. // Note that we ignore the strict_policy and don't propagate it @@ -234,22 +239,22 @@ int svcmgr_handler(struct binder_state *bs, case SVC_MGR_GET_SERVICE: case SVC_MGR_CHECK_SERVICE: s = bio_get_string16(msg, &len); - ptr = do_find_service(bs, s, len, txn->sender_euid); - if (!ptr) + handle = do_find_service(bs, s, len, txn->sender_euid); + if (!handle) break; - bio_put_ref(reply, ptr); + bio_put_ref(reply, handle); return 0; case SVC_MGR_ADD_SERVICE: s = bio_get_string16(msg, &len); - ptr = bio_get_ref(msg); + handle = bio_get_ref(msg); allow_isolated = bio_get_uint32(msg) ? 1 : 0; - if (do_add_service(bs, s, len, ptr, txn->sender_euid, allow_isolated)) + if (do_add_service(bs, s, len, handle, txn->sender_euid, allow_isolated)) return -1; break; case SVC_MGR_LIST_SERVICES: { - unsigned n = bio_get_uint32(msg); + uint32_t n = bio_get_uint32(msg); si = svclist; while ((n-- > 0) && si) @@ -272,16 +277,20 @@ int svcmgr_handler(struct binder_state *bs, int main(int argc, char **argv) { struct binder_state *bs; - void *svcmgr = BINDER_SERVICE_MANAGER; bs = binder_open(128*1024); + if (!bs) { + ALOGE("failed to open binder driver\n"); + return -1; + } if (binder_become_context_manager(bs)) { ALOGE("cannot become context manager (%s)\n", strerror(errno)); return -1; } - svcmgr_handle = svcmgr; + svcmgr_handle = BINDER_SERVICE_MANAGER; binder_loop(bs, svcmgr_handler); + return 0; } |