Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 1 | /* util.h |
| 2 | * Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 3 | * Use of this source code is governed by a BSD-style license that can be |
| 4 | * found in the LICENSE file. |
| 5 | * |
| 6 | * Logging and other utility functions. |
| 7 | */ |
| 8 | |
| 9 | #ifndef _UTIL_H_ |
| 10 | #define _UTIL_H_ |
| 11 | |
Luis Hector Chavez | eb42bb7 | 2018-10-15 09:46:29 -0700 | [diff] [blame] | 12 | #include <stdbool.h> |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 13 | #include <stdio.h> |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 14 | #include <stdlib.h> |
Jorge Lucangeli Obes | f205fff | 2016-08-06 09:06:21 -0400 | [diff] [blame] | 15 | #include <sys/types.h> |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 16 | #include <syslog.h> |
Jorge Lucangeli Obes | f205fff | 2016-08-06 09:06:21 -0400 | [diff] [blame] | 17 | #include <unistd.h> |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 18 | |
Jorge Lucangeli Obes | a67bd6a | 2016-08-19 15:33:48 -0400 | [diff] [blame] | 19 | #ifdef __cplusplus |
| 20 | extern "C" { |
| 21 | #endif |
| 22 | |
Mike Frysinger | d9ef07c | 2018-05-30 16:51:36 -0400 | [diff] [blame] | 23 | /* |
| 24 | * Silence compiler warnings for unused variables/functions. |
| 25 | * |
| 26 | * If the definition is actually used, the attribute should be removed, but if |
| 27 | * it's forgotten or left in place, it doesn't cause a problem. |
| 28 | * |
| 29 | * If the definition is actually unused, the compiler is free to remove it from |
| 30 | * the output so as to save size. If you want to make sure the definition is |
| 31 | * kept (e.g. for ABI compatibility), look at the "used" attribute instead. |
| 32 | */ |
| 33 | #define attribute_unused __attribute__((__unused__)) |
| 34 | |
| 35 | /* |
| 36 | * Mark the symbol as "weak" in the ELF output. This provides a fallback symbol |
| 37 | * that may be overriden at link time. See this page for more details: |
| 38 | * https://en.wikipedia.org/wiki/Weak_symbol |
| 39 | */ |
| 40 | #define attribute_weak __attribute__((__weak__)) |
| 41 | |
| 42 | /* |
| 43 | * Mark the function as a printf-style function. |
| 44 | * @format_idx The index in the function argument list where the format string |
| 45 | * is passed (where the first argument is "1"). |
| 46 | * @check_idx The index in the function argument list where the first argument |
| 47 | * used in the format string is passed. |
| 48 | * Some examples: |
| 49 | * foo([1] const char *format, [2] ...): format=1 check=2 |
| 50 | * foo([1] int, [2] const char *format, [3] ...): format=2 check=3 |
| 51 | * foo([1] const char *format, [2] const char *, [3] ...): format=1 check=3 |
| 52 | */ |
| 53 | #define attribute_printf(format_idx, check_idx) \ |
| 54 | __attribute__((__format__(__printf__, format_idx, check_idx))) |
| 55 | |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 56 | /* clang-format off */ |
Luis Hector Chavez | cc559e8 | 2018-07-09 13:26:31 -0700 | [diff] [blame] | 57 | #define die(_msg, ...) \ |
| 58 | do_fatal_log(LOG_ERR, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__) |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 59 | |
| 60 | #define pdie(_msg, ...) \ |
Mike Frysinger | b5d7b9f | 2015-01-09 03:50:15 -0500 | [diff] [blame] | 61 | die(_msg ": %m", ## __VA_ARGS__) |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 62 | |
| 63 | #define warn(_msg, ...) \ |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 64 | do_log(LOG_WARNING, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__) |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 65 | |
Jorge Lucangeli Obes | a205390 | 2016-08-02 12:08:15 -0400 | [diff] [blame] | 66 | #define pwarn(_msg, ...) \ |
| 67 | warn(_msg ": %m", ## __VA_ARGS__) |
| 68 | |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 69 | #define info(_msg, ...) \ |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 70 | do_log(LOG_INFO, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__) |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 71 | |
Mike Frysinger | 404d2bb | 2017-01-17 19:29:00 -0500 | [diff] [blame] | 72 | #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 73 | /* clang-format on */ |
Mike Frysinger | 404d2bb | 2017-01-17 19:29:00 -0500 | [diff] [blame] | 74 | |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 75 | extern const char *log_syscalls[]; |
| 76 | extern const size_t log_syscalls_len; |
| 77 | |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 78 | enum logging_system_t { |
| 79 | /* Log to syslog. This is the default. */ |
| 80 | LOG_TO_SYSLOG = 0, |
| 81 | |
| 82 | /* Log to a file descriptor. */ |
| 83 | LOG_TO_FD, |
| 84 | }; |
| 85 | |
Luis Hector Chavez | cc559e8 | 2018-07-09 13:26:31 -0700 | [diff] [blame] | 86 | /* |
| 87 | * Even though this function internally calls abort(2)/exit(2), it is |
| 88 | * intentionally not marked with the noreturn attribute. When marked as |
| 89 | * noreturn, clang coalesces several of the do_fatal_log() calls in methods that |
| 90 | * have a large number of such calls (like minijail_enter()), making it |
| 91 | * impossible for breakpad to correctly identify the line where it was called, |
| 92 | * making the backtrace somewhat useless. |
| 93 | */ |
| 94 | extern void do_fatal_log(int priority, const char *format, ...) |
| 95 | attribute_printf(2, 3); |
| 96 | |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 97 | extern void do_log(int priority, const char *format, ...) |
Mike Frysinger | d9ef07c | 2018-05-30 16:51:36 -0400 | [diff] [blame] | 98 | attribute_printf(2, 3); |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 99 | |
Mike Frysinger | 8c01327 | 2017-09-06 19:26:46 -0400 | [diff] [blame] | 100 | static inline int is_android(void) |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 101 | { |
Jorge Lucangeli Obes | 4b276a6 | 2016-01-07 14:31:33 -0800 | [diff] [blame] | 102 | #if defined(__ANDROID__) |
| 103 | return 1; |
| 104 | #else |
| 105 | return 0; |
| 106 | #endif |
| 107 | } |
| 108 | |
Luis Hector Chavez | fc81455 | 2019-04-22 09:44:18 -0700 | [diff] [blame] | 109 | static inline bool compiled_with_asan(void) |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 110 | { |
Luis Hector Chavez | eb42bb7 | 2018-10-15 09:46:29 -0700 | [diff] [blame] | 111 | #if defined(__SANITIZE_ADDRESS__) |
| 112 | /* For gcc. */ |
| 113 | return true; |
| 114 | #elif defined(__has_feature) |
| 115 | /* For clang. */ |
Luis Hector Chavez | fc81455 | 2019-04-22 09:44:18 -0700 | [diff] [blame] | 116 | return __has_feature(address_sanitizer) || |
| 117 | __has_feature(hwaddress_sanitizer); |
Luis Hector Chavez | eb42bb7 | 2018-10-15 09:46:29 -0700 | [diff] [blame] | 118 | #else |
| 119 | return false; |
| 120 | #endif |
Jorge Lucangeli Obes | 2413f37 | 2016-04-06 18:43:10 -0700 | [diff] [blame] | 121 | } |
| 122 | |
Luis Hector Chavez | fc81455 | 2019-04-22 09:44:18 -0700 | [diff] [blame] | 123 | void __asan_init(void) attribute_weak; |
| 124 | void __hwasan_init(void) attribute_weak; |
| 125 | |
| 126 | static inline bool running_with_asan(void) |
| 127 | { |
| 128 | /* |
| 129 | * There are some configurations under which ASan needs a dynamic (as |
| 130 | * opposed to compile-time) test. Some Android processes that start |
| 131 | * before /data is mounted run with non-instrumented libminijail.so, so |
| 132 | * the symbol-sniffing code must be present to make the right decision. |
| 133 | */ |
| 134 | return compiled_with_asan() || &__asan_init != 0 || &__hwasan_init != 0; |
| 135 | } |
| 136 | |
Jorge Lucangeli Obes | 32201f8 | 2019-06-12 14:45:06 -0400 | [diff] [blame] | 137 | static inline bool debug_logging_allowed(void) { |
| 138 | #if defined(ALLOW_DEBUG_LOGGING) |
| 139 | return true; |
| 140 | #else |
| 141 | return false; |
| 142 | #endif |
| 143 | } |
| 144 | |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 145 | int lookup_syscall(const char *name); |
| 146 | const char *lookup_syscall_name(int nr); |
Jorge Lucangeli Obes | 7b2e29c | 2016-08-04 12:21:03 -0400 | [diff] [blame] | 147 | |
Mike Frysinger | e34d7fe | 2018-05-23 04:18:30 -0400 | [diff] [blame] | 148 | long int parse_single_constant(char *constant_str, char **endptr); |
Luis Hector Chavez | 40b2574 | 2013-09-22 19:44:06 -0700 | [diff] [blame] | 149 | long int parse_constant(char *constant_str, char **endptr); |
Martin Pelikán | ab9eb44 | 2017-01-25 11:53:58 +1100 | [diff] [blame] | 150 | int parse_size(size_t *size, const char *sizespec); |
Jorge Lucangeli Obes | 7b2e29c | 2016-08-04 12:21:03 -0400 | [diff] [blame] | 151 | |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 152 | char *strip(char *s); |
Mike Frysinger | b4c7e77 | 2018-01-17 17:40:15 -0500 | [diff] [blame] | 153 | |
| 154 | /* |
| 155 | * tokenize: locate the next token in @stringp using the @delim |
| 156 | * @stringp A pointer to the string to scan for tokens |
| 157 | * @delim The delimiter to split by |
| 158 | * |
| 159 | * Note that, unlike strtok, @delim is not a set of characters, but the full |
| 160 | * delimiter. e.g. "a,;b,;c" with a delim of ",;" will yield ["a","b","c"]. |
| 161 | * |
| 162 | * Note that, unlike strtok, this may return an empty token. e.g. "a,,b" with |
| 163 | * strtok will yield ["a","b"], but this will yield ["a","","b"]. |
| 164 | */ |
Jorge Lucangeli Obes | 66cfc14 | 2012-11-30 15:42:52 -0800 | [diff] [blame] | 165 | char *tokenize(char **stringp, const char *delim); |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 166 | |
Jorge Lucangeli Obes | 7b2e29c | 2016-08-04 12:21:03 -0400 | [diff] [blame] | 167 | char *path_join(const char *external_path, const char *internal_path); |
| 168 | |
| 169 | /* |
| 170 | * consumebytes: consumes @length bytes from a buffer @buf of length @buflength |
| 171 | * @length Number of bytes to consume |
| 172 | * @buf Buffer to consume from |
| 173 | * @buflength Size of @buf |
| 174 | * |
| 175 | * Returns a pointer to the base of the bytes, or NULL for errors. |
| 176 | */ |
| 177 | void *consumebytes(size_t length, char **buf, size_t *buflength); |
| 178 | |
| 179 | /* |
| 180 | * consumestr: consumes a C string from a buffer @buf of length @length |
| 181 | * @buf Buffer to consume |
| 182 | * @length Length of buffer |
| 183 | * |
| 184 | * Returns a pointer to the base of the string, or NULL for errors. |
| 185 | */ |
| 186 | char *consumestr(char **buf, size_t *buflength); |
| 187 | |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame] | 188 | /* |
| 189 | * init_logging: initializes the module-wide logging. |
| 190 | * @logger The logging system to use. |
| 191 | * @fd The file descriptor to log into. Ignored unless |
| 192 | * @logger = LOG_TO_FD. |
| 193 | * @min_priority The minimum priority to display. Corresponds to syslog's |
| 194 | priority parameter. Ignored unless @logger = LOG_TO_FD. |
| 195 | */ |
| 196 | void init_logging(enum logging_system_t logger, int fd, int min_priority); |
| 197 | |
Mattias Nissler | b35f2c1 | 2020-02-07 13:37:36 +0100 | [diff] [blame] | 198 | /* |
| 199 | * minjail_free_env: Frees an environment array plus the environment strings it |
| 200 | * points to. The environment and its constituent strings must have been |
| 201 | * allocated (as opposed to pointing to static data), e.g. by using |
| 202 | * minijail_copy_env() and minijail_setenv(). |
| 203 | * |
| 204 | * @env The environment to free. |
| 205 | */ |
| 206 | void minijail_free_env(char **env); |
| 207 | |
| 208 | /* |
| 209 | * minjail_copy_env: Copy an environment array (such as passed to execve), |
| 210 | * duplicating the environment strings and the array pointing at them. |
| 211 | * |
| 212 | * @env The environment to copy. |
| 213 | * |
| 214 | * Returns a pointer to the copied environment or NULL on memory allocation |
| 215 | * failure. |
| 216 | */ |
| 217 | char **minijail_copy_env(char *const *env); |
| 218 | |
| 219 | /* |
| 220 | * minjail_setenv: Set an environment variable in @env. Semantics match the |
| 221 | * standard setenv() function, but this operates on @env, not the global |
| 222 | * environment. @env must be dynamically allocated (as opposed to pointing to |
| 223 | * static data), e.g. via minijail_copy_env(). @name and @value get copied into |
| 224 | * newly-allocated memory. |
| 225 | * |
| 226 | * @env Address of the environment to modify. Might be re-allocated to |
| 227 | * make room for the new entry. |
| 228 | * @name Name of the key to set. |
| 229 | * @value The value to set. |
| 230 | * @overwrite Whether to replace the existing value for @name. If non-zero and |
| 231 | * the entry is already present, no changes will be made. |
| 232 | * |
| 233 | * Returns 0 and modifies *@env on success, returns an error code otherwise. |
| 234 | */ |
| 235 | int minijail_setenv(char ***env, const char *name, const char *value, |
| 236 | int overwrite); |
| 237 | |
Jorge Lucangeli Obes | a67bd6a | 2016-08-19 15:33:48 -0400 | [diff] [blame] | 238 | #ifdef __cplusplus |
| 239 | }; /* extern "C" */ |
| 240 | #endif |
| 241 | |
Jorge Lucangeli Obes | a6b034d | 2012-08-07 15:29:20 -0700 | [diff] [blame] | 242 | #endif /* _UTIL_H_ */ |