Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Kenny Root | f96836e | 2019-11-19 17:11:34 -0800 | [diff] [blame] | 17 | package com.android.server.recoverysystem; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 18 | |
| 19 | import android.content.Context; |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 20 | import android.content.IntentSender; |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 21 | import android.net.LocalSocket; |
| 22 | import android.net.LocalSocketAddress; |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 23 | import android.os.Binder; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 24 | import android.os.IRecoverySystem; |
| 25 | import android.os.IRecoverySystemProgressListener; |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 26 | import android.os.PowerManager; |
Kenny Root | 4ad77bf | 2019-12-16 17:23:43 -0800 | [diff] [blame] | 27 | import android.os.Process; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 28 | import android.os.RecoverySystem; |
| 29 | import android.os.RemoteException; |
Kenny Root | 4ad77bf | 2019-12-16 17:23:43 -0800 | [diff] [blame] | 30 | import android.os.ResultReceiver; |
| 31 | import android.os.ShellCallback; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 32 | import android.os.SystemProperties; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 33 | import android.util.Slog; |
| 34 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 35 | import com.android.internal.annotations.VisibleForTesting; |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 36 | import com.android.internal.widget.LockSettingsInternal; |
| 37 | import com.android.internal.widget.RebootEscrowListener; |
| 38 | import com.android.server.LocalServices; |
Kenny Root | f96836e | 2019-11-19 17:11:34 -0800 | [diff] [blame] | 39 | import com.android.server.SystemService; |
| 40 | |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 41 | import libcore.io.IoUtils; |
| 42 | |
| 43 | import java.io.DataInputStream; |
| 44 | import java.io.DataOutputStream; |
Kenny Root | 4ad77bf | 2019-12-16 17:23:43 -0800 | [diff] [blame] | 45 | import java.io.FileDescriptor; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 46 | import java.io.FileWriter; |
| 47 | import java.io.IOException; |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 48 | import java.nio.charset.StandardCharsets; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 49 | |
| 50 | /** |
| 51 | * The recovery system service is responsible for coordinating recovery related |
| 52 | * functions on the device. It sets up (or clears) the bootloader control block |
| 53 | * (BCB), which will be read by the bootloader and the recovery image. It also |
| 54 | * triggers /system/bin/uncrypt via init to de-encrypt an OTA package on the |
| 55 | * /data partition so that it can be accessed under the recovery image. |
| 56 | */ |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 57 | public class RecoverySystemService extends IRecoverySystem.Stub implements RebootEscrowListener { |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 58 | private static final String TAG = "RecoverySystemService"; |
| 59 | private static final boolean DEBUG = false; |
| 60 | |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 61 | // The socket at /dev/socket/uncrypt to communicate with uncrypt. |
| 62 | private static final String UNCRYPT_SOCKET = "uncrypt"; |
| 63 | |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 64 | // The init services that communicate with /system/bin/uncrypt. |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 65 | @VisibleForTesting |
| 66 | static final String INIT_SERVICE_UNCRYPT = "init.svc.uncrypt"; |
| 67 | @VisibleForTesting |
| 68 | static final String INIT_SERVICE_SETUP_BCB = "init.svc.setup-bcb"; |
| 69 | @VisibleForTesting |
| 70 | static final String INIT_SERVICE_CLEAR_BCB = "init.svc.clear-bcb"; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 71 | |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 72 | private static final Object sRequestLock = new Object(); |
| 73 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 74 | private static final int SOCKET_CONNECTION_MAX_RETRY = 30; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 75 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 76 | private final Injector mInjector; |
| 77 | private final Context mContext; |
| 78 | |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 79 | private boolean mPreparedForReboot; |
| 80 | private String mUnattendedRebootToken; |
| 81 | private IntentSender mPreparedForRebootIntentSender; |
| 82 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 83 | static class Injector { |
| 84 | protected final Context mContext; |
| 85 | |
| 86 | Injector(Context context) { |
| 87 | mContext = context; |
| 88 | } |
| 89 | |
| 90 | public Context getContext() { |
| 91 | return mContext; |
| 92 | } |
| 93 | |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 94 | public LockSettingsInternal getLockSettingsService() { |
| 95 | return LocalServices.getService(LockSettingsInternal.class); |
| 96 | } |
| 97 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 98 | public PowerManager getPowerManager() { |
| 99 | return (PowerManager) mContext.getSystemService(Context.POWER_SERVICE); |
| 100 | } |
| 101 | |
| 102 | public String systemPropertiesGet(String key) { |
| 103 | return SystemProperties.get(key); |
| 104 | } |
| 105 | |
| 106 | public void systemPropertiesSet(String key, String value) { |
| 107 | SystemProperties.set(key, value); |
| 108 | } |
| 109 | |
| 110 | public boolean uncryptPackageFileDelete() { |
| 111 | return RecoverySystem.UNCRYPT_PACKAGE_FILE.delete(); |
| 112 | } |
| 113 | |
| 114 | public String getUncryptPackageFileName() { |
| 115 | return RecoverySystem.UNCRYPT_PACKAGE_FILE.getName(); |
| 116 | } |
| 117 | |
| 118 | public FileWriter getUncryptPackageFileWriter() throws IOException { |
| 119 | return new FileWriter(RecoverySystem.UNCRYPT_PACKAGE_FILE); |
| 120 | } |
| 121 | |
| 122 | public UncryptSocket connectService() { |
| 123 | UncryptSocket socket = new UncryptSocket(); |
| 124 | if (!socket.connectService()) { |
| 125 | socket.close(); |
| 126 | return null; |
| 127 | } |
| 128 | return socket; |
| 129 | } |
| 130 | |
| 131 | public void threadSleep(long millis) throws InterruptedException { |
| 132 | Thread.sleep(millis); |
| 133 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 134 | } |
| 135 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 136 | /** |
| 137 | * Handles the lifecycle events for the RecoverySystemService. |
| 138 | */ |
| 139 | public static final class Lifecycle extends SystemService { |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 140 | private RecoverySystemService mRecoverySystemService; |
| 141 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 142 | public Lifecycle(Context context) { |
| 143 | super(context); |
| 144 | } |
| 145 | |
| 146 | @Override |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 147 | public void onBootPhase(int phase) { |
| 148 | if (phase == SystemService.PHASE_SYSTEM_SERVICES_READY) { |
| 149 | mRecoverySystemService.onSystemServicesReady(); |
| 150 | } |
| 151 | } |
| 152 | |
| 153 | @Override |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 154 | public void onStart() { |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 155 | mRecoverySystemService = new RecoverySystemService(getContext()); |
| 156 | publishBinderService(Context.RECOVERY_SERVICE, mRecoverySystemService); |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 157 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 158 | } |
| 159 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 160 | private RecoverySystemService(Context context) { |
| 161 | this(new Injector(context)); |
| 162 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 163 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 164 | @VisibleForTesting |
| 165 | RecoverySystemService(Injector injector) { |
| 166 | mInjector = injector; |
| 167 | mContext = injector.getContext(); |
| 168 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 169 | |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 170 | @VisibleForTesting |
| 171 | void onSystemServicesReady() { |
| 172 | mInjector.getLockSettingsService().setRebootEscrowListener(this); |
| 173 | } |
| 174 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 175 | @Override // Binder call |
| 176 | public boolean uncrypt(String filename, IRecoverySystemProgressListener listener) { |
| 177 | if (DEBUG) Slog.d(TAG, "uncrypt: " + filename); |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 178 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 179 | synchronized (sRequestLock) { |
| 180 | mContext.enforceCallingOrSelfPermission(android.Manifest.permission.RECOVERY, null); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 181 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 182 | if (!checkAndWaitForUncryptService()) { |
| 183 | Slog.e(TAG, "uncrypt service is unavailable."); |
| 184 | return false; |
| 185 | } |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 186 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 187 | // Write the filename into uncrypt package file to be read by |
| 188 | // uncrypt. |
| 189 | mInjector.uncryptPackageFileDelete(); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 190 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 191 | try (FileWriter uncryptFile = mInjector.getUncryptPackageFileWriter()) { |
| 192 | uncryptFile.write(filename + "\n"); |
| 193 | } catch (IOException e) { |
| 194 | Slog.e(TAG, "IOException when writing \"" |
| 195 | + mInjector.getUncryptPackageFileName() + "\":", e); |
| 196 | return false; |
| 197 | } |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 198 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 199 | // Trigger uncrypt via init. |
| 200 | mInjector.systemPropertiesSet("ctl.start", "uncrypt"); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 201 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 202 | // Connect to the uncrypt service socket. |
| 203 | UncryptSocket socket = mInjector.connectService(); |
| 204 | if (socket == null) { |
| 205 | Slog.e(TAG, "Failed to connect to uncrypt socket"); |
| 206 | return false; |
| 207 | } |
| 208 | |
| 209 | // Read the status from the socket. |
| 210 | try { |
| 211 | int lastStatus = Integer.MIN_VALUE; |
| 212 | while (true) { |
| 213 | int status = socket.getPercentageUncrypted(); |
| 214 | // Avoid flooding the log with the same message. |
| 215 | if (status == lastStatus && lastStatus != Integer.MIN_VALUE) { |
| 216 | continue; |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 217 | } |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 218 | lastStatus = status; |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 219 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 220 | if (status >= 0 && status <= 100) { |
| 221 | // Update status |
| 222 | Slog.i(TAG, "uncrypt read status: " + status); |
| 223 | if (listener != null) { |
| 224 | try { |
| 225 | listener.onProgress(status); |
| 226 | } catch (RemoteException ignored) { |
| 227 | Slog.w(TAG, "RemoteException when posting progress"); |
| 228 | } |
| 229 | } |
| 230 | if (status == 100) { |
| 231 | Slog.i(TAG, "uncrypt successfully finished."); |
| 232 | // Ack receipt of the final status code. uncrypt |
| 233 | // waits for the ack so the socket won't be |
| 234 | // destroyed before we receive the code. |
| 235 | socket.sendAck(); |
| 236 | break; |
| 237 | } |
| 238 | } else { |
| 239 | // Error in /system/bin/uncrypt. |
| 240 | Slog.e(TAG, "uncrypt failed with status: " + status); |
| 241 | // Ack receipt of the final status code. uncrypt waits |
| 242 | // for the ack so the socket won't be destroyed before |
| 243 | // we receive the code. |
| 244 | socket.sendAck(); |
| 245 | return false; |
| 246 | } |
| 247 | } |
| 248 | } catch (IOException e) { |
| 249 | Slog.e(TAG, "IOException when reading status: ", e); |
| 250 | return false; |
| 251 | } finally { |
| 252 | socket.close(); |
| 253 | } |
| 254 | |
| 255 | return true; |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | @Override // Binder call |
| 260 | public boolean clearBcb() { |
| 261 | if (DEBUG) Slog.d(TAG, "clearBcb"); |
| 262 | synchronized (sRequestLock) { |
| 263 | return setupOrClearBcb(false, null); |
| 264 | } |
| 265 | } |
| 266 | |
| 267 | @Override // Binder call |
| 268 | public boolean setupBcb(String command) { |
| 269 | if (DEBUG) Slog.d(TAG, "setupBcb: [" + command + "]"); |
| 270 | synchronized (sRequestLock) { |
| 271 | return setupOrClearBcb(true, command); |
| 272 | } |
| 273 | } |
| 274 | |
| 275 | @Override // Binder call |
| 276 | public void rebootRecoveryWithCommand(String command) { |
| 277 | if (DEBUG) Slog.d(TAG, "rebootRecoveryWithCommand: [" + command + "]"); |
| 278 | synchronized (sRequestLock) { |
| 279 | if (!setupOrClearBcb(true, command)) { |
| 280 | return; |
| 281 | } |
| 282 | |
| 283 | // Having set up the BCB, go ahead and reboot. |
| 284 | PowerManager pm = mInjector.getPowerManager(); |
| 285 | pm.reboot(PowerManager.REBOOT_RECOVERY); |
| 286 | } |
| 287 | } |
| 288 | |
Kenny Root | f76cfc3 | 2019-11-08 14:36:03 -0800 | [diff] [blame] | 289 | @Override // Binder call |
| 290 | public boolean requestLskf(String updateToken, IntentSender intentSender) { |
| 291 | mContext.enforceCallingOrSelfPermission(android.Manifest.permission.RECOVERY, null); |
| 292 | |
| 293 | if (updateToken == null) { |
| 294 | return false; |
| 295 | } |
| 296 | |
| 297 | // No need to prepare again for the same token. |
| 298 | if (mPreparedForReboot && updateToken.equals(mUnattendedRebootToken)) { |
| 299 | return true; |
| 300 | } |
| 301 | |
| 302 | mPreparedForReboot = false; |
| 303 | mUnattendedRebootToken = updateToken; |
| 304 | mPreparedForRebootIntentSender = intentSender; |
| 305 | |
| 306 | final long origId = Binder.clearCallingIdentity(); |
| 307 | try { |
| 308 | mInjector.getLockSettingsService().prepareRebootEscrow(); |
| 309 | } finally { |
| 310 | Binder.restoreCallingIdentity(origId); |
| 311 | } |
| 312 | |
| 313 | return true; |
| 314 | } |
| 315 | |
| 316 | @Override |
| 317 | public void onPreparedForReboot(boolean ready) { |
| 318 | if (mUnattendedRebootToken == null) { |
| 319 | Slog.w(TAG, "onPreparedForReboot called when mUnattendedRebootToken is null"); |
| 320 | } |
| 321 | |
| 322 | mPreparedForReboot = ready; |
| 323 | if (ready) { |
| 324 | sendPreparedForRebootIntentIfNeeded(); |
| 325 | } |
| 326 | } |
| 327 | |
| 328 | private void sendPreparedForRebootIntentIfNeeded() { |
| 329 | final IntentSender intentSender = mPreparedForRebootIntentSender; |
| 330 | if (intentSender != null) { |
| 331 | try { |
| 332 | intentSender.sendIntent(null, 0, null, null, null); |
| 333 | } catch (IntentSender.SendIntentException e) { |
| 334 | Slog.w(TAG, "Could not send intent for prepared reboot: " + e.getMessage()); |
| 335 | } |
| 336 | } |
| 337 | } |
| 338 | |
| 339 | @Override // Binder call |
| 340 | public boolean clearLskf() { |
| 341 | mContext.enforceCallingOrSelfPermission(android.Manifest.permission.RECOVERY, null); |
| 342 | |
| 343 | mPreparedForReboot = false; |
| 344 | mUnattendedRebootToken = null; |
| 345 | mPreparedForRebootIntentSender = null; |
| 346 | |
| 347 | final long origId = Binder.clearCallingIdentity(); |
| 348 | try { |
| 349 | mInjector.getLockSettingsService().clearRebootEscrow(); |
| 350 | } finally { |
| 351 | Binder.restoreCallingIdentity(origId); |
| 352 | } |
| 353 | |
| 354 | return true; |
| 355 | } |
| 356 | |
| 357 | @Override // Binder call |
| 358 | public boolean rebootWithLskf(String updateToken, String reason) { |
| 359 | mContext.enforceCallingOrSelfPermission(android.Manifest.permission.RECOVERY, null); |
| 360 | |
| 361 | if (!mPreparedForReboot) { |
| 362 | return false; |
| 363 | } |
| 364 | |
| 365 | if (updateToken != null && updateToken.equals(mUnattendedRebootToken)) { |
| 366 | if (!mInjector.getLockSettingsService().armRebootEscrow()) { |
| 367 | return false; |
| 368 | } |
| 369 | |
| 370 | PowerManager pm = mInjector.getPowerManager(); |
| 371 | pm.reboot(reason); |
| 372 | return true; |
| 373 | } |
| 374 | |
| 375 | return false; |
| 376 | } |
| 377 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 378 | /** |
| 379 | * Check if any of the init services is still running. If so, we cannot |
| 380 | * start a new uncrypt/setup-bcb/clear-bcb service right away; otherwise |
| 381 | * it may break the socket communication since init creates / deletes |
| 382 | * the socket (/dev/socket/uncrypt) on service start / exit. |
| 383 | */ |
| 384 | private boolean checkAndWaitForUncryptService() { |
| 385 | for (int retry = 0; retry < SOCKET_CONNECTION_MAX_RETRY; retry++) { |
| 386 | final String uncryptService = mInjector.systemPropertiesGet(INIT_SERVICE_UNCRYPT); |
| 387 | final String setupBcbService = mInjector.systemPropertiesGet(INIT_SERVICE_SETUP_BCB); |
| 388 | final String clearBcbService = mInjector.systemPropertiesGet(INIT_SERVICE_CLEAR_BCB); |
| 389 | final boolean busy = "running".equals(uncryptService) |
| 390 | || "running".equals(setupBcbService) || "running".equals(clearBcbService); |
| 391 | if (DEBUG) { |
| 392 | Slog.i(TAG, "retry: " + retry + " busy: " + busy |
| 393 | + " uncrypt: [" + uncryptService + "]" |
| 394 | + " setupBcb: [" + setupBcbService + "]" |
| 395 | + " clearBcb: [" + clearBcbService + "]"); |
| 396 | } |
| 397 | |
| 398 | if (!busy) { |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 399 | return true; |
| 400 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 401 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 402 | try { |
| 403 | mInjector.threadSleep(1000); |
| 404 | } catch (InterruptedException e) { |
| 405 | Slog.w(TAG, "Interrupted:", e); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 406 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 407 | } |
| 408 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 409 | return false; |
| 410 | } |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 411 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 412 | private boolean setupOrClearBcb(boolean isSetup, String command) { |
| 413 | mContext.enforceCallingOrSelfPermission(android.Manifest.permission.RECOVERY, null); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 414 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 415 | final boolean available = checkAndWaitForUncryptService(); |
| 416 | if (!available) { |
| 417 | Slog.e(TAG, "uncrypt service is unavailable."); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 418 | return false; |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 419 | } |
| 420 | |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 421 | if (isSetup) { |
| 422 | mInjector.systemPropertiesSet("ctl.start", "setup-bcb"); |
| 423 | } else { |
| 424 | mInjector.systemPropertiesSet("ctl.start", "clear-bcb"); |
| 425 | } |
| 426 | |
| 427 | // Connect to the uncrypt service socket. |
| 428 | UncryptSocket socket = mInjector.connectService(); |
| 429 | if (socket == null) { |
| 430 | Slog.e(TAG, "Failed to connect to uncrypt socket"); |
| 431 | return false; |
| 432 | } |
| 433 | |
| 434 | try { |
| 435 | // Send the BCB commands if it's to setup BCB. |
| 436 | if (isSetup) { |
| 437 | socket.sendCommand(command); |
| 438 | } |
| 439 | |
| 440 | // Read the status from the socket. |
| 441 | int status = socket.getPercentageUncrypted(); |
| 442 | |
| 443 | // Ack receipt of the status code. uncrypt waits for the ack so |
| 444 | // the socket won't be destroyed before we receive the code. |
| 445 | socket.sendAck(); |
| 446 | |
| 447 | if (status == 100) { |
| 448 | Slog.i(TAG, "uncrypt " + (isSetup ? "setup" : "clear") |
| 449 | + " bcb successfully finished."); |
| 450 | } else { |
| 451 | // Error in /system/bin/uncrypt. |
| 452 | Slog.e(TAG, "uncrypt failed with status: " + status); |
| 453 | return false; |
| 454 | } |
| 455 | } catch (IOException e) { |
| 456 | Slog.e(TAG, "IOException when communicating with uncrypt:", e); |
| 457 | return false; |
| 458 | } finally { |
| 459 | socket.close(); |
| 460 | } |
| 461 | |
| 462 | return true; |
| 463 | } |
| 464 | |
| 465 | /** |
| 466 | * Provides a wrapper for the low-level details of framing packets sent to the uncrypt |
| 467 | * socket. |
| 468 | */ |
| 469 | public static class UncryptSocket { |
| 470 | private LocalSocket mLocalSocket; |
| 471 | private DataInputStream mInputStream; |
| 472 | private DataOutputStream mOutputStream; |
| 473 | |
| 474 | /** |
| 475 | * Attempt to connect to the uncrypt service. Connection will be retried for up to |
| 476 | * {@link #SOCKET_CONNECTION_MAX_RETRY} times. If the connection is unsuccessful, the |
| 477 | * socket will be closed. If the connection is successful, the connection must be closed |
| 478 | * by the caller. |
| 479 | * |
| 480 | * @return true if connection was successful, false if unsuccessful |
| 481 | */ |
| 482 | public boolean connectService() { |
| 483 | mLocalSocket = new LocalSocket(); |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 484 | boolean done = false; |
| 485 | // The uncrypt socket will be created by init upon receiving the |
| 486 | // service request. It may not be ready by this point. So we will |
| 487 | // keep retrying until success or reaching timeout. |
| 488 | for (int retry = 0; retry < SOCKET_CONNECTION_MAX_RETRY; retry++) { |
| 489 | try { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 490 | mLocalSocket.connect(new LocalSocketAddress(UNCRYPT_SOCKET, |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 491 | LocalSocketAddress.Namespace.RESERVED)); |
| 492 | done = true; |
| 493 | break; |
Tao Bao | 1284482 | 2016-03-22 10:42:32 -0700 | [diff] [blame] | 494 | } catch (IOException ignored) { |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 495 | try { |
| 496 | Thread.sleep(1000); |
| 497 | } catch (InterruptedException e) { |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 498 | Slog.w(TAG, "Interrupted:", e); |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 499 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 500 | } |
| 501 | } |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 502 | if (!done) { |
| 503 | Slog.e(TAG, "Timed out connecting to uncrypt socket"); |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 504 | close(); |
Tao Bao | 794c8b0 | 2016-09-27 11:15:42 -0700 | [diff] [blame] | 505 | return false; |
| 506 | } |
| 507 | |
Tao Bao | 1284482 | 2016-03-22 10:42:32 -0700 | [diff] [blame] | 508 | try { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 509 | mInputStream = new DataInputStream(mLocalSocket.getInputStream()); |
| 510 | mOutputStream = new DataOutputStream(mLocalSocket.getOutputStream()); |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 511 | } catch (IOException e) { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 512 | close(); |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 513 | return false; |
Tao Bao | dd3baae | 2016-02-26 10:28:58 -0800 | [diff] [blame] | 514 | } |
| 515 | |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 516 | return true; |
| 517 | } |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 518 | |
| 519 | /** |
| 520 | * Sends a command to the uncrypt service. |
| 521 | * |
| 522 | * @param command command to send to the uncrypt service |
Kenny Root | c6c2619 | 2019-11-25 10:26:53 -0800 | [diff] [blame] | 523 | * @throws IOException if there was an error writing to the socket |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 524 | */ |
| 525 | public void sendCommand(String command) throws IOException { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 526 | byte[] cmdUtf8 = command.getBytes(StandardCharsets.UTF_8); |
| 527 | mOutputStream.writeInt(cmdUtf8.length); |
| 528 | mOutputStream.write(cmdUtf8, 0, cmdUtf8.length); |
| 529 | } |
| 530 | |
| 531 | /** |
| 532 | * Reads the status from the uncrypt service which is usually represented as a percentage. |
| 533 | * @return an integer representing the percentage completed |
Kenny Root | c6c2619 | 2019-11-25 10:26:53 -0800 | [diff] [blame] | 534 | * @throws IOException if there was an error reading the socket |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 535 | */ |
| 536 | public int getPercentageUncrypted() throws IOException { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 537 | return mInputStream.readInt(); |
| 538 | } |
| 539 | |
| 540 | /** |
| 541 | * Sends a confirmation to the uncrypt service. |
Kenny Root | c6c2619 | 2019-11-25 10:26:53 -0800 | [diff] [blame] | 542 | * @throws IOException if there was an error writing to the socket |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 543 | */ |
| 544 | public void sendAck() throws IOException { |
Kenny Root | d508e1e | 2019-11-15 10:20:59 -0800 | [diff] [blame] | 545 | mOutputStream.writeInt(0); |
| 546 | } |
| 547 | |
| 548 | /** |
| 549 | * Closes the socket and all underlying data streams. |
| 550 | */ |
| 551 | public void close() { |
| 552 | IoUtils.closeQuietly(mInputStream); |
| 553 | IoUtils.closeQuietly(mOutputStream); |
| 554 | IoUtils.closeQuietly(mLocalSocket); |
| 555 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 556 | } |
Kenny Root | 4ad77bf | 2019-12-16 17:23:43 -0800 | [diff] [blame] | 557 | |
| 558 | private boolean isCallerShell() { |
| 559 | final int callingUid = Binder.getCallingUid(); |
| 560 | return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID; |
| 561 | } |
| 562 | |
| 563 | private void enforceShell() { |
| 564 | if (!isCallerShell()) { |
| 565 | throw new SecurityException("Caller must be shell"); |
| 566 | } |
| 567 | } |
| 568 | |
| 569 | @Override |
| 570 | public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err, |
| 571 | String[] args, ShellCallback callback, ResultReceiver resultReceiver) { |
| 572 | enforceShell(); |
| 573 | final long origId = Binder.clearCallingIdentity(); |
| 574 | try { |
| 575 | new RecoverySystemShellCommand(this).exec( |
| 576 | this, in, out, err, args, callback, resultReceiver); |
| 577 | } finally { |
| 578 | Binder.restoreCallingIdentity(origId); |
| 579 | } |
| 580 | } |
Tao Bao | e8a403d | 2015-12-31 07:44:55 -0800 | [diff] [blame] | 581 | } |