am 8a24d92c: Merge "kexec.h is a uapi header."
* commit '8a24d92c5cd4087f3efd309cc8b0b036d2d33be9':
kexec.h is a uapi header.
diff --git a/taskstats/Android.mk b/taskstats/Android.mk
new file mode 100644
index 0000000..0ddba23
--- /dev/null
+++ b/taskstats/Android.mk
@@ -0,0 +1,19 @@
+# Copyright 2013 The Android Open Source Project
+
+LOCAL_PATH:= $(call my-dir)
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := \
+ taskstats.c
+
+LOCAL_C_INCLUDES := \
+ external/libnl-headers
+
+LOCAL_STATIC_LIBRARIES := \
+ libnl_2
+
+LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
+LOCAL_MODULE_TAGS := debug
+LOCAL_MODULE:= taskstats
+
+include $(BUILD_EXECUTABLE)
diff --git a/taskstats/MODULE_LICENSE_APACHE2 b/taskstats/MODULE_LICENSE_APACHE2
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/taskstats/MODULE_LICENSE_APACHE2
diff --git a/taskstats/NOTICE b/taskstats/NOTICE
new file mode 100644
index 0000000..c5b1efa
--- /dev/null
+++ b/taskstats/NOTICE
@@ -0,0 +1,190 @@
+
+ Copyright (c) 2005-2008, The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
diff --git a/taskstats/taskstats.c b/taskstats/taskstats.c
new file mode 100644
index 0000000..66cc0c5
--- /dev/null
+++ b/taskstats/taskstats.c
@@ -0,0 +1,378 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * Linux task stats reporting tool. Queries and prints out the kernel's
+ * taskstats structure for a given process or thread group id. See
+ * https://www.kernel.org/doc/Documentation/accounting/ for more information
+ * about the reported fields.
+ */
+
+#include <errno.h>
+#include <getopt.h>
+#include <netlink-types.h>
+#include <netlink/attr.h>
+#include <netlink/genl/genl.h>
+#include <netlink/handlers.h>
+#include <netlink/msg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <unistd.h>
+
+#include <linux/taskstats.h>
+
+struct TaskStatistics {
+ int pid;
+ int tgid;
+ struct taskstats stats;
+};
+
+int send_command(struct nl_sock* netlink_socket, uint16_t nlmsg_type,
+ uint32_t nlmsg_pid, uint8_t genl_cmd, uint16_t nla_type,
+ void* nla_data, int nla_len) {
+ struct nl_msg* message = nlmsg_alloc();
+ int seq = 0;
+ int version = 1;
+ int header_length = 0;
+ int flags = NLM_F_REQUEST;
+ genlmsg_put(message, nlmsg_pid, seq, nlmsg_type, header_length, flags,
+ genl_cmd, version);
+ nla_put(message, nla_type, nla_len, nla_data);
+
+ /* Override the header flags since we don't want NLM_F_ACK. */
+ struct nlmsghdr* header = nlmsg_hdr(message);
+ header->nlmsg_flags = flags;
+
+ int result = nl_send(netlink_socket, message);
+ nlmsg_free(message);
+ return result;
+}
+
+int print_receive_error(struct sockaddr_nl* address, struct nlmsgerr* error,
+ void* arg) {
+ fprintf(stderr, "Netlink receive error: %s\n", strerror(-error->error));
+ return NL_STOP;
+}
+
+int parse_family_id(struct nl_msg* msg, void* arg) {
+ struct genlmsghdr* gnlh = (struct genlmsghdr*)nlmsg_data(nlmsg_hdr(msg));
+ struct nlattr* attr = genlmsg_attrdata(gnlh, 0);
+ int remaining = genlmsg_attrlen(gnlh, 0);
+
+ do {
+ if (attr->nla_type == CTRL_ATTR_FAMILY_ID) {
+ *((int*)arg) = nla_get_u16(attr);
+ return NL_STOP;
+ }
+ } while ((attr = nla_next(attr, &remaining)));
+ return NL_OK;
+}
+
+int get_family_id(struct nl_sock* netlink_socket, const char* name) {
+ if (send_command(netlink_socket, GENL_ID_CTRL, getpid(),
+ CTRL_CMD_GETFAMILY,
+ CTRL_ATTR_FAMILY_NAME,
+ (void*)name, strlen(name) + 1) < 0) {
+ return 0;
+ }
+
+ int family_id = 0;
+ struct nl_cb* callbacks = nl_cb_get(nl_cb_alloc(NL_CB_VALID));
+ nl_cb_set(callbacks, NL_CB_VALID, NL_CB_DEFAULT, &parse_family_id,
+ &family_id);
+ nl_cb_err(callbacks, NL_CB_DEFAULT, &print_receive_error, NULL);
+
+ if (nl_recvmsgs(netlink_socket, callbacks) < 0) {
+ return 0;
+ }
+ nl_cb_put(callbacks);
+ return family_id;
+}
+
+void parse_aggregate_task_stats(struct nlattr* attr, int attr_size,
+ struct TaskStatistics* stats) {
+ do {
+ switch (attr->nla_type) {
+ case TASKSTATS_TYPE_PID:
+ stats->pid = nla_get_u32(attr);
+ break;
+ case TASKSTATS_TYPE_TGID:
+ stats->tgid = nla_get_u32(attr);
+ break;
+ case TASKSTATS_TYPE_STATS:
+ nla_memcpy(&stats->stats, attr, sizeof(stats->stats));
+ break;
+ default:
+ break;
+ }
+ } while ((attr = nla_next(attr, &attr_size)));
+}
+
+int parse_task_stats(struct nl_msg* msg, void* arg) {
+ struct TaskStatistics* stats = (struct TaskStatistics*)arg;
+ struct genlmsghdr* gnlh = (struct genlmsghdr*)nlmsg_data(nlmsg_hdr(msg));
+ struct nlattr* attr = genlmsg_attrdata(gnlh, 0);
+ int remaining = genlmsg_attrlen(gnlh, 0);
+
+ do {
+ switch (attr->nla_type) {
+ case TASKSTATS_TYPE_AGGR_PID:
+ case TASKSTATS_TYPE_AGGR_TGID:
+ parse_aggregate_task_stats(nla_data(attr), nla_len(attr),
+ stats);
+ break;
+ default:
+ break;
+ }
+ } while ((attr = nla_next(attr, &remaining)));
+ return NL_STOP;
+}
+
+int query_task_stats(struct nl_sock* netlink_socket, int family_id,
+ int command_type, int parameter,
+ struct TaskStatistics* stats) {
+ memset(stats, 0, sizeof(*stats));
+ int result = send_command(netlink_socket, family_id, getpid(),
+ TASKSTATS_CMD_GET, command_type, ¶meter,
+ sizeof(parameter));
+ if (result < 0) {
+ return result;
+ }
+
+ struct nl_cb* callbacks = nl_cb_get(nl_cb_alloc(NL_CB_VALID));
+ nl_cb_set(callbacks, NL_CB_VALID, NL_CB_DEFAULT, &parse_task_stats, stats);
+ nl_cb_err(callbacks, NL_CB_DEFAULT, &print_receive_error, &family_id);
+
+ result = nl_recvmsgs(netlink_socket, callbacks);
+ if (result < 0) {
+ return result;
+ }
+ nl_cb_put(callbacks);
+ return stats->pid || stats->tgid;
+}
+
+double average_ms(uint64_t total, uint64_t count) {
+ if (!count) {
+ return 0;
+ }
+ return ((double)total) / count / 1e6;
+}
+
+uint64_t average_ns(uint64_t total, uint64_t count) {
+ if (!count) {
+ return 0;
+ }
+ return total / count;
+}
+
+void print_task_stats(const struct TaskStatistics* stats,
+ int human_readable) {
+ const struct taskstats* s = &stats->stats;
+ printf("Basic task statistics\n");
+ printf("---------------------\n");
+ printf("%-25s%d\n", "Stats version:", s->version);
+ printf("%-25s%d\n", "Exit code:", s->ac_exitcode);
+ printf("%-25s0x%x\n", "Flags:", s->ac_flag);
+ printf("%-25s%d\n", "Nice value:", s->ac_nice);
+ printf("%-25s%s\n", "Command name:", s->ac_comm);
+ printf("%-25s%d\n", "Scheduling discipline:", s->ac_sched);
+ printf("%-25s%d\n", "UID:", s->ac_uid);
+ printf("%-25s%d\n", "GID:", s->ac_gid);
+ printf("%-25s%d\n", "PID:", s->ac_pid);
+ printf("%-25s%d\n", "PPID:", s->ac_ppid);
+
+ if (human_readable) {
+ time_t begin_time = s->ac_btime;
+ printf("%-25s%s", "Begin time:", ctime(&begin_time));
+ } else {
+ printf("%-25s%d sec\n", "Begin time:", s->ac_btime);
+ }
+ printf("%-25s%llu usec\n", "Elapsed time:", s->ac_etime);
+ printf("%-25s%llu usec\n", "User CPU time:", s->ac_utime);
+ printf("%-25s%llu\n", "Minor page faults:", s->ac_minflt);
+ printf("%-25s%llu\n", "Major page faults:", s->ac_majflt);
+ printf("%-25s%llu usec\n", "Scaled user time:", s->ac_utimescaled);
+ printf("%-25s%llu usec\n", "Scaled system time:", s->ac_stimescaled);
+
+ printf("\nDelay accounting\n");
+ printf("----------------\n");
+ printf(" %15s%15s%15s%15s%15s%15s\n",
+ "Count",
+ human_readable ? "Delay (ms)" : "Delay (ns)",
+ "Average delay",
+ "Real delay",
+ "Scaled real",
+ "Virtual delay");
+
+ if (!human_readable) {
+ printf("CPU %15llu%15llu%15llu%15llu%15llu%15llu\n",
+ s->cpu_count,
+ s->cpu_delay_total,
+ average_ns(s->cpu_delay_total, s->cpu_count),
+ s->cpu_run_real_total,
+ s->cpu_scaled_run_real_total,
+ s->cpu_run_virtual_total);
+ printf("IO %15llu%15llu%15llu\n",
+ s->blkio_count,
+ s->blkio_delay_total,
+ average_ns(s->blkio_delay_total, s->blkio_count));
+ printf("Swap %15llu%15llu%15llu\n",
+ s->swapin_count,
+ s->swapin_delay_total,
+ average_ns(s->swapin_delay_total, s->swapin_count));
+ printf("Reclaim%15llu%15llu%15llu\n",
+ s->freepages_count,
+ s->freepages_delay_total,
+ average_ns(s->freepages_delay_total, s->freepages_count));
+ } else {
+ const double ms_per_ns = 1e6;
+ printf("CPU %15llu%15.3f%15.3f%15.3f%15.3f%15.3f\n",
+ s->cpu_count,
+ s->cpu_delay_total / ms_per_ns,
+ average_ms(s->cpu_delay_total, s->cpu_count),
+ s->cpu_run_real_total / ms_per_ns,
+ s->cpu_scaled_run_real_total / ms_per_ns,
+ s->cpu_run_virtual_total / ms_per_ns);
+ printf("IO %15llu%15.3f%15.3f\n",
+ s->blkio_count,
+ s->blkio_delay_total / ms_per_ns,
+ average_ms(s->blkio_delay_total, s->blkio_count));
+ printf("Swap %15llu%15.3f%15.3f\n",
+ s->swapin_count,
+ s->swapin_delay_total / ms_per_ns,
+ average_ms(s->swapin_delay_total, s->swapin_count));
+ printf("Reclaim%15llu%15.3f%15.3f\n",
+ s->freepages_count,
+ s->freepages_delay_total / ms_per_ns,
+ average_ms(s->freepages_delay_total, s->freepages_count));
+ }
+
+ printf("\nExtended accounting fields\n");
+ printf("--------------------------\n");
+ if (human_readable && s->ac_stime) {
+ printf("%-25s%.3f MB\n", "Average RSS usage:",
+ (double)s->coremem / s->ac_stime);
+ printf("%-25s%.3f MB\n", "Average VM usage:",
+ (double)s->virtmem / s->ac_stime);
+ } else {
+ printf("%-25s%llu MB\n", "Accumulated RSS usage:", s->coremem);
+ printf("%-25s%llu MB\n", "Accumulated VM usage:", s->virtmem);
+ }
+ printf("%-25s%llu KB\n", "RSS high water mark:", s->hiwater_rss);
+ printf("%-25s%llu KB\n", "VM high water mark:", s->hiwater_vm);
+ printf("%-25s%llu\n", "IO bytes read:", s->read_char);
+ printf("%-25s%llu\n", "IO bytes written:", s->write_char);
+ printf("%-25s%llu\n", "IO read syscalls:", s->read_syscalls);
+ printf("%-25s%llu\n", "IO write syscalls:", s->write_syscalls);
+
+ printf("\nPer-task/thread statistics\n");
+ printf("--------------------------\n");
+ printf("%-25s%llu\n", "Voluntary switches:", s->nvcsw);
+ printf("%-25s%llu\n", "Involuntary switches:", s->nivcsw);
+}
+
+void print_usage() {
+ printf("Linux task stats reporting tool\n"
+ "\n"
+ "Usage: taskstats [options]\n"
+ "\n"
+ "Options:\n"
+ " --help This text\n"
+ " --pid PID Print stats for the process id PID\n"
+ " --tgid TGID Print stats for the thread group id TGID\n"
+ " --raw Print raw numbers instead of human readable units\n"
+ "\n"
+ "Either PID or TGID must be specified. For more documentation about "
+ "the reported fields, see\n"
+ "https://www.kernel.org/doc/Documentation/accounting/"
+ "taskstats-struct.txt\n");
+}
+
+int main(int argc, char** argv) {
+ int command_type = 0;
+ int pid = 0;
+ int human_readable = 1;
+
+ const struct option long_options[] = {
+ {"help", no_argument, 0, 0},
+ {"pid", required_argument, 0, 0},
+ {"tgid", required_argument, 0, 0},
+ {"raw", no_argument, 0, 0},
+ {0, 0, 0, 0}
+ };
+
+ while (1) {
+ int option_index;
+ int option_char = getopt_long_only(argc, argv, "", long_options,
+ &option_index);
+ if (option_char == -1) {
+ break;
+ }
+ switch (option_index) {
+ case 0:
+ print_usage();
+ return EXIT_SUCCESS;
+ case 1:
+ command_type = TASKSTATS_CMD_ATTR_PID;
+ pid = atoi(optarg);
+ break;
+ case 2:
+ command_type = TASKSTATS_CMD_ATTR_TGID;
+ pid = atoi(optarg);
+ break;
+ case 3:
+ human_readable = 0;
+ break;
+ default:
+ break;
+ };
+ }
+
+ if (!pid) {
+ printf("Either PID or TGID must be specified\n");
+ return EXIT_FAILURE;
+ }
+
+ struct nl_sock* netlink_socket = nl_socket_alloc();
+ if (!netlink_socket || genl_connect(netlink_socket) < 0) {
+ perror("Unable to open netlink socket (are you root?)");
+ goto error;
+ }
+
+ int family_id = get_family_id(netlink_socket, TASKSTATS_GENL_NAME);
+ if (!family_id) {
+ perror("Unable to determine taskstats family id "
+ "(does your kernel support taskstats?)");
+ goto error;
+ }
+ struct TaskStatistics stats;
+ if (query_task_stats(netlink_socket, family_id, command_type, pid,
+ &stats) < 0) {
+ perror("Failed to query taskstats");
+ goto error;
+ }
+ print_task_stats(&stats, human_readable);
+
+ nl_socket_free(netlink_socket);
+ return EXIT_SUCCESS;
+
+error:
+ if (netlink_socket) {
+ nl_socket_free(netlink_socket);
+ }
+ return EXIT_FAILURE;
+}
diff --git a/verity/Android.mk b/verity/Android.mk
new file mode 100644
index 0000000..68fe0ef
--- /dev/null
+++ b/verity/Android.mk
@@ -0,0 +1,50 @@
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := generate_verity_key
+LOCAL_SRC_FILES := generate_verity_key.c
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_MODULE_TAGS := optional
+LOCAL_SHARED_LIBRARIES := libcrypto-host
+LOCAL_C_INCLUDES += external/openssl/include
+include $(BUILD_HOST_EXECUTABLE)
+
+#include $(CLEAR_VARS)
+#LOCAL_MODULE := generate_block_patch
+#LOCAL_SRC_FILES := generate_block_patch.c
+#LOCAL_MODULE_CLASS := EXECUTABLES
+#LOCAL_MODULE_TAGS := optional
+#LOCAL_SHARED_LIBRARIES := libminibsdiff
+#include $(BUILD_HOST_EXECUTABLE)
+
+include $(CLEAR_VARS)
+LOCAL_SRC_FILES := VeritySigner.java
+LOCAL_MODULE := VeritySigner
+LOCAL_JAR_MANIFEST := VeritySigner.mf
+LOCAL_MODULE_TAGS := optional
+include $(BUILD_HOST_JAVA_LIBRARY)
+
+include $(CLEAR_VARS)
+LOCAL_SRC_FILES := verity_signer
+LOCAL_MODULE := verity_signer
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_IS_HOST_MODULE := true
+LOCAL_MODULE_TAGS := optional
+include $(BUILD_PREBUILT)
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := build_verity_tree.py
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_SRC_FILES := build_verity_tree.py
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_IS_HOST_MODULE := true
+LOCAL_MODULE_TAGS := optional
+include $(BUILD_PREBUILT)
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := build_verity_metadata.py
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_SRC_FILES := build_verity_metadata.py
+LOCAL_IS_HOST_MODULE := true
+LOCAL_MODULE_TAGS := optional
+include $(BUILD_PREBUILT)
diff --git a/verity/VeritySigner.java b/verity/VeritySigner.java
new file mode 100644
index 0000000..f1d95c8
--- /dev/null
+++ b/verity/VeritySigner.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.verity;
+
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+import java.io.DataInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.Signature;
+import java.security.spec.PKCS8EncodedKeySpec;
+
+class VeritySigner {
+
+ private static byte[] sign(PrivateKey privateKey, byte[] input) throws Exception {
+ Signature signer = Signature.getInstance("SHA1withRSA");
+ signer.initSign(privateKey);
+ signer.update(input);
+ return signer.sign();
+ }
+
+ private static PKCS8EncodedKeySpec pemToDer(String pem) throws Exception {
+ pem = pem.replaceAll("^-.*", "");
+ String base64_der = pem.replaceAll("-.*$", "");
+ BASE64Decoder decoder = new BASE64Decoder();
+ byte[] der = decoder.decodeBuffer(base64_der);
+ return new PKCS8EncodedKeySpec(der);
+ }
+
+ private static PrivateKey loadPrivateKey(String pem) throws Exception {
+ PKCS8EncodedKeySpec keySpec = pemToDer(pem);
+ KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+ return (PrivateKey) keyFactory.generatePrivate(keySpec);
+ }
+
+ private static byte[] read(String path) throws Exception {
+ File contentFile = new File(path);
+ byte[] content = new byte[(int)contentFile.length()];
+ FileInputStream fis = new FileInputStream(contentFile);
+ fis.read(content);
+ fis.close();
+ return content;
+ }
+
+ private static void writeOutput(String path, byte[] output) throws Exception {
+ FileOutputStream fos = new FileOutputStream(path);
+ fos.write(output);
+ fos.close();
+ }
+
+ // USAGE:
+ // VeritySigner <contentfile> <key.pem> <sigfile>
+ // To verify that this has correct output:
+ // openssl rsautl -raw -inkey <key.pem> -encrypt -in <sigfile> > /tmp/dump
+ public static void main(String[] args) throws Exception {
+ byte[] content = read(args[0]);
+ PrivateKey privateKey = loadPrivateKey(new String(read(args[1])));
+ byte[] signature = sign(privateKey, content);
+ writeOutput(args[2], signature);
+ }
+}
diff --git a/verity/VeritySigner.mf b/verity/VeritySigner.mf
new file mode 100644
index 0000000..b36c198
--- /dev/null
+++ b/verity/VeritySigner.mf
@@ -0,0 +1 @@
+Main-Class: com.android.verity.VeritySigner
diff --git a/verity/build_verity_metadata.py b/verity/build_verity_metadata.py
new file mode 100755
index 0000000..547e606
--- /dev/null
+++ b/verity/build_verity_metadata.py
@@ -0,0 +1,78 @@
+#! /usr/bin/env python
+
+import os
+import sys
+import struct
+import tempfile
+import commands
+
+VERSION = 0
+MAGIC_NUMBER = 0xb001b001
+BLOCK_SIZE = 4096
+METADATA_SIZE = BLOCK_SIZE * 8
+
+def run(cmd):
+ status, output = commands.getstatusoutput(cmd)
+ print output
+ if status:
+ exit(-1)
+
+def get_verity_metadata_size(data_size):
+ return METADATA_SIZE
+
+def build_metadata_block(verity_table, signature):
+ table_len = len(verity_table)
+ block = struct.pack("II256sI", MAGIC_NUMBER, VERSION, signature, table_len)
+ block += verity_table
+ block = block.ljust(METADATA_SIZE, '\x00')
+ return block
+
+def sign_verity_table(table, signer_path, key_path):
+ with tempfile.NamedTemporaryFile(suffix='.table') as table_file:
+ with tempfile.NamedTemporaryFile(suffix='.sig') as signature_file:
+ table_file.write(table)
+ table_file.flush()
+ cmd = " ".join((signer_path, table_file.name, key_path, signature_file.name))
+ print cmd
+ run(cmd)
+ return signature_file.read()
+
+def build_verity_table(block_device, data_blocks, root_hash, salt):
+ table = "1 %s %s %s %s %s %s sha256 %s %s"
+ table %= ( block_device,
+ block_device,
+ BLOCK_SIZE,
+ BLOCK_SIZE,
+ data_blocks,
+ data_blocks + (METADATA_SIZE / BLOCK_SIZE),
+ root_hash,
+ salt)
+ return table
+
+def build_verity_metadata(data_blocks, metadata_image, root_hash,
+ salt, block_device, signer_path, signing_key):
+ # build the verity table
+ verity_table = build_verity_table(block_device, data_blocks, root_hash, salt)
+ # build the verity table signature
+ signature = sign_verity_table(verity_table, signer_path, signing_key)
+ # build the metadata block
+ metadata_block = build_metadata_block(verity_table, signature)
+ # write it to the outfile
+ with open(metadata_image, "wb") as f:
+ f.write(metadata_block)
+
+if __name__ == "__main__":
+ if len(sys.argv) == 3 and sys.argv[1] == "-s":
+ print get_verity_metadata_size(int(sys.argv[2]))
+ elif len(sys.argv) == 8:
+ data_image_blocks = int(sys.argv[1]) / 4096
+ metadata_image = sys.argv[2]
+ root_hash = sys.argv[3]
+ salt = sys.argv[4]
+ block_device = sys.argv[5]
+ signer_path = sys.argv[6]
+ signing_key = sys.argv[7]
+ build_verity_metadata(data_image_blocks, metadata_image, root_hash,
+ salt, block_device, signer_path, signing_key)
+ else:
+ exit(-1)
diff --git a/verity/build_verity_tree.py b/verity/build_verity_tree.py
new file mode 100755
index 0000000..970d8c0
--- /dev/null
+++ b/verity/build_verity_tree.py
@@ -0,0 +1,87 @@
+#! /usr/bin/env python
+
+import os
+import sys
+import math
+import hashlib
+import binascii
+
+HASH_FUNCTION = "SHA256"
+HASH_FUNCTION_SIZE = 32
+BLOCK_SIZE = 4096
+HASHES_PER_BLOCK = BLOCK_SIZE / HASH_FUNCTION_SIZE
+
+def generate_salt():
+ return os.urandom(HASH_FUNCTION_SIZE)
+
+def get_hash_image_blocks(data_image_size):
+ data_image_blocks = data_image_size / BLOCK_SIZE
+ return data_image_blocks / (HASH_FUNCTION_SIZE * 2)
+
+def get_hash_image_size(data_image_size):
+ return get_hash_image_blocks(data_image_size) * BLOCK_SIZE
+
+def blockify(data):
+ blocks = []
+ for i in range(0, len(data), BLOCK_SIZE):
+ chunk = data[i:i+BLOCK_SIZE]
+ blocks.append(chunk)
+ return blocks
+
+def read_blocks(image_path):
+ image = open(image_path, "rb").read()
+ return blockify(image)
+
+def hash_block(data, salt):
+ hasher = hashlib.new(HASH_FUNCTION)
+ hasher.update(salt)
+ hasher.update(data)
+ return hasher.digest()
+
+def block_align(level):
+ pad_size = (BLOCK_SIZE - (len(level) % BLOCK_SIZE)) % BLOCK_SIZE
+ pad = '\x00' * pad_size
+ return level + pad
+
+def generate_hashes(data_blocks, salt):
+ levels = []
+ root_hash = ''
+ while True:
+ hashes = [hash_block(b, salt) for b in data_blocks]
+ if len(hashes) == 1:
+ root_hash = hashes[0]
+ break
+ else:
+ level = ''.join(hashes)
+ level = block_align(level)
+ levels.insert(0, level)
+ data_blocks = blockify(level)
+ return root_hash, ''.join(levels)
+
+def write_hashes(hashes, hash_image, hash_image_size):
+ hashes = hashes.ljust(hash_image_size, '\x00')
+ with open(hash_image, 'wb+') as hash_file:
+ hash_file.write(hashes)
+
+def generate_hash_image(data_image, hash_image, hash_image_size, salt):
+ blocks = read_blocks(data_image)
+ root_hash, hashes = generate_hashes(blocks, salt)
+ write_hashes(hashes, hash_image, hash_image_size)
+ return root_hash
+
+def build_verity_tree(data_image, hash_image, data_image_size):
+ salt = generate_salt()
+ hash_image_size = get_hash_image_size(data_image_size)
+ root_hash = generate_hash_image(data_image, hash_image, hash_image_size, salt)
+ print binascii.hexlify(root_hash), binascii.hexlify(salt)
+
+if __name__ == "__main__":
+ if len(sys.argv) == 3 and sys.argv[1] == "-s":
+ print get_hash_image_size(int(sys.argv[2]))
+ elif len(sys.argv) == 4:
+ data_image = sys.argv[1]
+ hash_image = sys.argv[2]
+ data_image_size = int(sys.argv[3])
+ build_verity_tree(data_image, hash_image, data_image_size)
+ else:
+ exit(-1)
diff --git a/verity/generate_verity_key.c b/verity/generate_verity_key.c
new file mode 100644
index 0000000..7414af5
--- /dev/null
+++ b/verity/generate_verity_key.c
@@ -0,0 +1,165 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+/* HACK: we need the RSAPublicKey struct
+ * but RSA_verify conflits with openssl */
+#define RSA_verify RSA_verify_mincrypt
+#include "mincrypt/rsa.h"
+#undef RSA_verify
+
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/pem.h>
+#include <openssl/rsa.h>
+#include <openssl/sha.h>
+
+// Convert OpenSSL RSA private key to android pre-computed RSAPublicKey format.
+// Lifted from secure adb's mincrypt key generation.
+static int convert_to_mincrypt_format(RSA *rsa, RSAPublicKey *pkey)
+{
+ int ret = -1;
+ unsigned int i;
+
+ if (RSA_size(rsa) != RSANUMBYTES)
+ goto out;
+
+ BN_CTX* ctx = BN_CTX_new();
+ BIGNUM* r32 = BN_new();
+ BIGNUM* rr = BN_new();
+ BIGNUM* r = BN_new();
+ BIGNUM* rem = BN_new();
+ BIGNUM* n = BN_new();
+ BIGNUM* n0inv = BN_new();
+
+ BN_set_bit(r32, 32);
+ BN_copy(n, rsa->n);
+ BN_set_bit(r, RSANUMWORDS * 32);
+ BN_mod_sqr(rr, r, n, ctx);
+ BN_div(NULL, rem, n, r32, ctx);
+ BN_mod_inverse(n0inv, rem, r32, ctx);
+
+ pkey->len = RSANUMWORDS;
+ pkey->n0inv = 0 - BN_get_word(n0inv);
+ for (i = 0; i < RSANUMWORDS; i++) {
+ BN_div(rr, rem, rr, r32, ctx);
+ pkey->rr[i] = BN_get_word(rem);
+ BN_div(n, rem, n, r32, ctx);
+ pkey->n[i] = BN_get_word(rem);
+ }
+ pkey->exponent = BN_get_word(rsa->e);
+
+ ret = 0;
+
+ BN_free(n0inv);
+ BN_free(n);
+ BN_free(rem);
+ BN_free(r);
+ BN_free(rr);
+ BN_free(r32);
+ BN_CTX_free(ctx);
+
+out:
+ return ret;
+}
+
+static int write_public_keyfile(RSA *private_key, const char *private_key_path)
+{
+ RSAPublicKey pkey;
+ BIO *bfile = NULL;
+ char *path = NULL;
+ int ret = -1;
+
+ if (asprintf(&path, "%s.pub", private_key_path) < 0)
+ goto out;
+
+ if (convert_to_mincrypt_format(private_key, &pkey) < 0)
+ goto out;
+
+ bfile = BIO_new_file(path, "w");
+ if (!bfile)
+ goto out;
+
+ BIO_write(bfile, &pkey, sizeof(pkey));
+ BIO_flush(bfile);
+
+ ret = 0;
+out:
+ BIO_free_all(bfile);
+ free(path);
+ return ret;
+}
+
+static int generate_key(const char *file)
+{
+ int ret = -1;
+ FILE *f = NULL;
+ RSA* rsa = RSA_new();
+ BIGNUM* exponent = BN_new();
+ EVP_PKEY* pkey = EVP_PKEY_new();
+
+ if (!pkey || !exponent || !rsa) {
+ printf("Failed to allocate key\n");
+ goto out;
+ }
+
+ BN_set_word(exponent, RSA_F4);
+ RSA_generate_key_ex(rsa, 2048, exponent, NULL);
+ EVP_PKEY_set1_RSA(pkey, rsa);
+
+ f = fopen(file, "w");
+ if (!f) {
+ printf("Failed to open '%s'\n", file);
+ goto out;
+ }
+
+ if (!PEM_write_PrivateKey(f, pkey, NULL, NULL, 0, NULL, NULL)) {
+ printf("Failed to write key\n");
+ goto out;
+ }
+
+ if (write_public_keyfile(rsa, file) < 0) {
+ printf("Failed to write public key\n");
+ goto out;
+ }
+
+ ret = 0;
+
+out:
+ if (f)
+ fclose(f);
+ EVP_PKEY_free(pkey);
+ RSA_free(rsa);
+ BN_free(exponent);
+ return ret;
+}
+
+static void usage(){
+ printf("Usage: generate_verity_key <path-to-key>");
+}
+
+int main(int argc, char *argv[]) {
+ if (argc != 2) {
+ usage();
+ exit(-1);
+ }
+ return generate_key(argv[1]);
+}
\ No newline at end of file
diff --git a/verity/syspatch.c b/verity/syspatch.c
new file mode 100644
index 0000000..7e3909d
--- /dev/null
+++ b/verity/syspatch.c
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include "LzmaDec.h"
+
+void usage()
+{
+ fprintf(stderr, "Usage: syspatch <patch> <target>\n");
+}
+
+int main(int argc, char *argv[])
+{
+ char *patch_path;
+ char *target_path;
+
+ int patch_fd;
+ int target_fd;
+
+ if (argc == 3) {
+ patch_path = argv[1];
+ target_path = argv[2];
+ } else {
+ usage();
+ exit(-1);
+ }
+
+ patch_fd = open(patch_path, O_RDONLY);
+ if (patch_fd < 0) {
+ fprintf(stderr, "Couldn't open patch file (%s)\n", strerror(errno));
+ exit(-1);
+ }
+
+ target_fd = open(target_path, O_RDWR);
+ if (target_fd < 0) {
+ fprintf(stderr, "Couldn't open target file (%s)\n", strerror(errno));
+ exit(-1);
+ }
+
+ close(patch_fd);
+ close(target_fd);
+ exit(0);
+}
diff --git a/verity/verity_signer b/verity/verity_signer
new file mode 100755
index 0000000..a4f337a
--- /dev/null
+++ b/verity/verity_signer
@@ -0,0 +1,8 @@
+#! /bin/sh
+
+# Start-up script for VeritySigner
+
+VERITYSIGNER_HOME=`dirname "$0"`
+VERITYSIGNER_HOME=`dirname "$VERITYSIGNER_HOME"`
+
+java -Xmx512M -jar "$VERITYSIGNER_HOME"/framework/VeritySigner.jar "$@"
\ No newline at end of file