Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package android.os; |
| 18 | |
| 19 | import android.net.LocalSocket; |
| 20 | import android.net.LocalSocketAddress; |
| 21 | import android.util.Log; |
Gustav Sennton | f0c52b5 | 2017-04-27 17:00:50 +0100 | [diff] [blame] | 22 | import android.util.Slog; |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 23 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 24 | import com.android.internal.annotations.GuardedBy; |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 25 | import com.android.internal.os.Zygote; |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 26 | import com.android.internal.util.Preconditions; |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 27 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 28 | import java.io.BufferedWriter; |
| 29 | import java.io.DataInputStream; |
| 30 | import java.io.IOException; |
| 31 | import java.io.OutputStreamWriter; |
| 32 | import java.nio.charset.StandardCharsets; |
| 33 | import java.util.ArrayList; |
| 34 | import java.util.Arrays; |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 35 | import java.util.Collections; |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 36 | import java.util.List; |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 37 | import java.util.UUID; |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 38 | |
| 39 | /*package*/ class ZygoteStartFailedEx extends Exception { |
| 40 | ZygoteStartFailedEx(String s) { |
| 41 | super(s); |
| 42 | } |
| 43 | |
| 44 | ZygoteStartFailedEx(Throwable cause) { |
| 45 | super(cause); |
| 46 | } |
| 47 | |
| 48 | ZygoteStartFailedEx(String s, Throwable cause) { |
| 49 | super(s, cause); |
| 50 | } |
| 51 | } |
| 52 | |
| 53 | /** |
| 54 | * Maintains communication state with the zygote processes. This class is responsible |
| 55 | * for the sockets opened to the zygotes and for starting processes on behalf of the |
| 56 | * {@link android.os.Process} class. |
| 57 | * |
| 58 | * {@hide} |
| 59 | */ |
| 60 | public class ZygoteProcess { |
| 61 | private static final String LOG_TAG = "ZygoteProcess"; |
| 62 | |
| 63 | /** |
| 64 | * The name of the socket used to communicate with the primary zygote. |
| 65 | */ |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 66 | private final LocalSocketAddress mSocket; |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 67 | |
| 68 | /** |
| 69 | * The name of the secondary (alternate ABI) zygote socket. |
| 70 | */ |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 71 | private final LocalSocketAddress mSecondarySocket; |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 72 | |
| 73 | public ZygoteProcess(String primarySocket, String secondarySocket) { |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 74 | this(new LocalSocketAddress(primarySocket, LocalSocketAddress.Namespace.RESERVED), |
| 75 | new LocalSocketAddress(secondarySocket, LocalSocketAddress.Namespace.RESERVED)); |
| 76 | } |
| 77 | |
| 78 | public ZygoteProcess(LocalSocketAddress primarySocket, LocalSocketAddress secondarySocket) { |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 79 | mSocket = primarySocket; |
| 80 | mSecondarySocket = secondarySocket; |
| 81 | } |
| 82 | |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 83 | public LocalSocketAddress getPrimarySocketAddress() { |
| 84 | return mSocket; |
| 85 | } |
| 86 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 87 | /** |
| 88 | * State for communicating with the zygote process. |
| 89 | */ |
| 90 | public static class ZygoteState { |
| 91 | final LocalSocket socket; |
| 92 | final DataInputStream inputStream; |
| 93 | final BufferedWriter writer; |
| 94 | final List<String> abiList; |
| 95 | |
| 96 | boolean mClosed; |
| 97 | |
| 98 | private ZygoteState(LocalSocket socket, DataInputStream inputStream, |
| 99 | BufferedWriter writer, List<String> abiList) { |
| 100 | this.socket = socket; |
| 101 | this.inputStream = inputStream; |
| 102 | this.writer = writer; |
| 103 | this.abiList = abiList; |
| 104 | } |
| 105 | |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 106 | public static ZygoteState connect(LocalSocketAddress address) throws IOException { |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 107 | DataInputStream zygoteInputStream = null; |
| 108 | BufferedWriter zygoteWriter = null; |
| 109 | final LocalSocket zygoteSocket = new LocalSocket(); |
| 110 | |
| 111 | try { |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 112 | zygoteSocket.connect(address); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 113 | |
| 114 | zygoteInputStream = new DataInputStream(zygoteSocket.getInputStream()); |
| 115 | |
| 116 | zygoteWriter = new BufferedWriter(new OutputStreamWriter( |
| 117 | zygoteSocket.getOutputStream()), 256); |
| 118 | } catch (IOException ex) { |
| 119 | try { |
| 120 | zygoteSocket.close(); |
| 121 | } catch (IOException ignore) { |
| 122 | } |
| 123 | |
| 124 | throw ex; |
| 125 | } |
| 126 | |
| 127 | String abiListString = getAbiList(zygoteWriter, zygoteInputStream); |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 128 | Log.i("Zygote", "Process: zygote socket " + address.getNamespace() + "/" |
| 129 | + address.getName() + " opened, supported ABIS: " + abiListString); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 130 | |
| 131 | return new ZygoteState(zygoteSocket, zygoteInputStream, zygoteWriter, |
| 132 | Arrays.asList(abiListString.split(","))); |
| 133 | } |
| 134 | |
| 135 | boolean matches(String abi) { |
| 136 | return abiList.contains(abi); |
| 137 | } |
| 138 | |
| 139 | public void close() { |
| 140 | try { |
| 141 | socket.close(); |
| 142 | } catch (IOException ex) { |
| 143 | Log.e(LOG_TAG,"I/O exception on routine close", ex); |
| 144 | } |
| 145 | |
| 146 | mClosed = true; |
| 147 | } |
| 148 | |
| 149 | boolean isClosed() { |
| 150 | return mClosed; |
| 151 | } |
| 152 | } |
| 153 | |
| 154 | /** |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 155 | * Lock object to protect access to the two ZygoteStates below. This lock must be |
| 156 | * acquired while communicating over the ZygoteState's socket, to prevent |
| 157 | * interleaved access. |
| 158 | */ |
| 159 | private final Object mLock = new Object(); |
| 160 | |
| 161 | /** |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 162 | * List of exemptions to the API blacklist. These are prefix matches on the runtime format |
| 163 | * symbol signature. Any matching symbol is treated by the runtime as being on the light grey |
| 164 | * list. |
| 165 | */ |
| 166 | private List<String> mApiBlacklistExemptions = Collections.emptyList(); |
| 167 | |
| 168 | /** |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 169 | * The state of the connection to the primary zygote. |
| 170 | */ |
| 171 | private ZygoteState primaryZygoteState; |
| 172 | |
| 173 | /** |
| 174 | * The state of the connection to the secondary zygote. |
| 175 | */ |
| 176 | private ZygoteState secondaryZygoteState; |
| 177 | |
| 178 | /** |
| 179 | * Start a new process. |
| 180 | * |
| 181 | * <p>If processes are enabled, a new process is created and the |
| 182 | * static main() function of a <var>processClass</var> is executed there. |
| 183 | * The process will continue running after this function returns. |
| 184 | * |
| 185 | * <p>If processes are not enabled, a new thread in the caller's |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 186 | * process is created and main() of <var>processclass</var> called there. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 187 | * |
| 188 | * <p>The niceName parameter, if not an empty string, is a custom name to |
| 189 | * give to the process instead of using processClass. This allows you to |
| 190 | * make easily identifyable processes even if you are using the same base |
| 191 | * <var>processClass</var> to start them. |
| 192 | * |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 193 | * When invokeWith is not null, the process will be started as a fresh app |
Tamas Berghammer | 0ca16fa | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 194 | * and not a zygote fork. Note that this is only allowed for uid 0 or when |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 195 | * runtimeFlags contains DEBUG_ENABLE_DEBUGGER. |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 196 | * |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 197 | * @param processClass The class to use as the process's main entry |
| 198 | * point. |
| 199 | * @param niceName A more readable name to use for the process. |
| 200 | * @param uid The user-id under which the process will run. |
| 201 | * @param gid The group-id under which the process will run. |
| 202 | * @param gids Additional group-ids associated with the process. |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 203 | * @param runtimeFlags Additional flags. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 204 | * @param targetSdkVersion The target SDK version for the app. |
| 205 | * @param seInfo null-ok SELinux information for the new process. |
| 206 | * @param abi non-null the ABI this app should be started with. |
| 207 | * @param instructionSet null-ok the instruction set to use. |
| 208 | * @param appDataDir null-ok the data directory of the app. |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 209 | * @param invokeWith null-ok the command to invoke with. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 210 | * @param zygoteArgs Additional arguments to supply to the zygote process. |
| 211 | * |
| 212 | * @return An object that describes the result of the attempt to start the process. |
| 213 | * @throws RuntimeException on fatal start failure |
| 214 | */ |
| 215 | public final Process.ProcessStartResult start(final String processClass, |
| 216 | final String niceName, |
| 217 | int uid, int gid, int[] gids, |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 218 | int runtimeFlags, int mountExternal, |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 219 | int targetSdkVersion, |
| 220 | String seInfo, |
| 221 | String abi, |
| 222 | String instructionSet, |
| 223 | String appDataDir, |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 224 | String invokeWith, |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 225 | String[] zygoteArgs) { |
| 226 | try { |
| 227 | return startViaZygote(processClass, niceName, uid, gid, gids, |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 228 | runtimeFlags, mountExternal, targetSdkVersion, seInfo, |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 229 | abi, instructionSet, appDataDir, invokeWith, false /* startChildZygote */, |
| 230 | zygoteArgs); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 231 | } catch (ZygoteStartFailedEx ex) { |
| 232 | Log.e(LOG_TAG, |
| 233 | "Starting VM process through Zygote failed"); |
| 234 | throw new RuntimeException( |
| 235 | "Starting VM process through Zygote failed", ex); |
| 236 | } |
| 237 | } |
| 238 | |
| 239 | /** retry interval for opening a zygote socket */ |
| 240 | static final int ZYGOTE_RETRY_MILLIS = 500; |
| 241 | |
| 242 | /** |
| 243 | * Queries the zygote for the list of ABIS it supports. |
| 244 | * |
| 245 | * @throws ZygoteStartFailedEx if the query failed. |
| 246 | */ |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 247 | @GuardedBy("mLock") |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 248 | private static String getAbiList(BufferedWriter writer, DataInputStream inputStream) |
| 249 | throws IOException { |
| 250 | // Each query starts with the argument count (1 in this case) |
| 251 | writer.write("1"); |
| 252 | // ... followed by a new-line. |
| 253 | writer.newLine(); |
| 254 | // ... followed by our only argument. |
| 255 | writer.write("--query-abi-list"); |
| 256 | writer.newLine(); |
| 257 | writer.flush(); |
| 258 | |
| 259 | // The response is a length prefixed stream of ASCII bytes. |
| 260 | int numBytes = inputStream.readInt(); |
| 261 | byte[] bytes = new byte[numBytes]; |
| 262 | inputStream.readFully(bytes); |
| 263 | |
| 264 | return new String(bytes, StandardCharsets.US_ASCII); |
| 265 | } |
| 266 | |
| 267 | /** |
| 268 | * Sends an argument list to the zygote process, which starts a new child |
| 269 | * and returns the child's pid. Please note: the present implementation |
| 270 | * replaces newlines in the argument list with spaces. |
| 271 | * |
| 272 | * @throws ZygoteStartFailedEx if process start failed for any reason |
| 273 | */ |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 274 | @GuardedBy("mLock") |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 275 | private static Process.ProcessStartResult zygoteSendArgsAndGetResult( |
| 276 | ZygoteState zygoteState, ArrayList<String> args) |
| 277 | throws ZygoteStartFailedEx { |
| 278 | try { |
Robert Sesek | 0b58f19 | 2016-10-10 18:34:42 -0400 | [diff] [blame] | 279 | // Throw early if any of the arguments are malformed. This means we can |
| 280 | // avoid writing a partial response to the zygote. |
| 281 | int sz = args.size(); |
| 282 | for (int i = 0; i < sz; i++) { |
| 283 | if (args.get(i).indexOf('\n') >= 0) { |
| 284 | throw new ZygoteStartFailedEx("embedded newlines not allowed"); |
| 285 | } |
| 286 | } |
| 287 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 288 | /** |
| 289 | * See com.android.internal.os.SystemZygoteInit.readArgumentList() |
| 290 | * Presently the wire format to the zygote process is: |
| 291 | * a) a count of arguments (argc, in essence) |
| 292 | * b) a number of newline-separated argument strings equal to count |
| 293 | * |
| 294 | * After the zygote process reads these it will write the pid of |
| 295 | * the child or -1 on failure, followed by boolean to |
| 296 | * indicate whether a wrapper process was used. |
| 297 | */ |
| 298 | final BufferedWriter writer = zygoteState.writer; |
| 299 | final DataInputStream inputStream = zygoteState.inputStream; |
| 300 | |
| 301 | writer.write(Integer.toString(args.size())); |
| 302 | writer.newLine(); |
| 303 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 304 | for (int i = 0; i < sz; i++) { |
| 305 | String arg = args.get(i); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 306 | writer.write(arg); |
| 307 | writer.newLine(); |
| 308 | } |
| 309 | |
| 310 | writer.flush(); |
| 311 | |
| 312 | // Should there be a timeout on this? |
| 313 | Process.ProcessStartResult result = new Process.ProcessStartResult(); |
Robert Sesek | 0b58f19 | 2016-10-10 18:34:42 -0400 | [diff] [blame] | 314 | |
| 315 | // Always read the entire result from the input stream to avoid leaving |
| 316 | // bytes in the stream for future process starts to accidentally stumble |
| 317 | // upon. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 318 | result.pid = inputStream.readInt(); |
Robert Sesek | 0b58f19 | 2016-10-10 18:34:42 -0400 | [diff] [blame] | 319 | result.usingWrapper = inputStream.readBoolean(); |
| 320 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 321 | if (result.pid < 0) { |
| 322 | throw new ZygoteStartFailedEx("fork() failed"); |
| 323 | } |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 324 | return result; |
| 325 | } catch (IOException ex) { |
| 326 | zygoteState.close(); |
| 327 | throw new ZygoteStartFailedEx(ex); |
| 328 | } |
| 329 | } |
| 330 | |
| 331 | /** |
| 332 | * Starts a new process via the zygote mechanism. |
| 333 | * |
| 334 | * @param processClass Class name whose static main() to run |
| 335 | * @param niceName 'nice' process name to appear in ps |
| 336 | * @param uid a POSIX uid that the new process should setuid() to |
| 337 | * @param gid a POSIX gid that the new process shuold setgid() to |
| 338 | * @param gids null-ok; a list of supplementary group IDs that the |
| 339 | * new process should setgroup() to. |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 340 | * @param runtimeFlags Additional flags for the runtime. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 341 | * @param targetSdkVersion The target SDK version for the app. |
| 342 | * @param seInfo null-ok SELinux information for the new process. |
| 343 | * @param abi the ABI the process should use. |
| 344 | * @param instructionSet null-ok the instruction set to use. |
| 345 | * @param appDataDir null-ok the data directory of the app. |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 346 | * @param startChildZygote Start a sub-zygote. This creates a new zygote process |
| 347 | * that has its state cloned from this zygote process. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 348 | * @param extraArgs Additional arguments to supply to the zygote process. |
| 349 | * @return An object that describes the result of the attempt to start the process. |
| 350 | * @throws ZygoteStartFailedEx if process start failed for any reason |
| 351 | */ |
| 352 | private Process.ProcessStartResult startViaZygote(final String processClass, |
| 353 | final String niceName, |
| 354 | final int uid, final int gid, |
| 355 | final int[] gids, |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 356 | int runtimeFlags, int mountExternal, |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 357 | int targetSdkVersion, |
| 358 | String seInfo, |
| 359 | String abi, |
| 360 | String instructionSet, |
| 361 | String appDataDir, |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 362 | String invokeWith, |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 363 | boolean startChildZygote, |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 364 | String[] extraArgs) |
| 365 | throws ZygoteStartFailedEx { |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 366 | ArrayList<String> argsForZygote = new ArrayList<String>(); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 367 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 368 | // --runtime-args, --setuid=, --setgid=, |
| 369 | // and --setgroups= must go first |
| 370 | argsForZygote.add("--runtime-args"); |
| 371 | argsForZygote.add("--setuid=" + uid); |
| 372 | argsForZygote.add("--setgid=" + gid); |
Nicolas Geoffray | 81edac4 | 2017-09-07 14:13:29 +0100 | [diff] [blame] | 373 | argsForZygote.add("--runtime-flags=" + runtimeFlags); |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 374 | if (mountExternal == Zygote.MOUNT_EXTERNAL_DEFAULT) { |
| 375 | argsForZygote.add("--mount-external-default"); |
| 376 | } else if (mountExternal == Zygote.MOUNT_EXTERNAL_READ) { |
| 377 | argsForZygote.add("--mount-external-read"); |
| 378 | } else if (mountExternal == Zygote.MOUNT_EXTERNAL_WRITE) { |
| 379 | argsForZygote.add("--mount-external-write"); |
| 380 | } |
| 381 | argsForZygote.add("--target-sdk-version=" + targetSdkVersion); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 382 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 383 | // --setgroups is a comma-separated list |
| 384 | if (gids != null && gids.length > 0) { |
| 385 | StringBuilder sb = new StringBuilder(); |
| 386 | sb.append("--setgroups="); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 387 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 388 | int sz = gids.length; |
| 389 | for (int i = 0; i < sz; i++) { |
| 390 | if (i != 0) { |
| 391 | sb.append(','); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 392 | } |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 393 | sb.append(gids[i]); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 394 | } |
| 395 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 396 | argsForZygote.add(sb.toString()); |
| 397 | } |
| 398 | |
| 399 | if (niceName != null) { |
| 400 | argsForZygote.add("--nice-name=" + niceName); |
| 401 | } |
| 402 | |
| 403 | if (seInfo != null) { |
| 404 | argsForZygote.add("--seinfo=" + seInfo); |
| 405 | } |
| 406 | |
| 407 | if (instructionSet != null) { |
| 408 | argsForZygote.add("--instruction-set=" + instructionSet); |
| 409 | } |
| 410 | |
| 411 | if (appDataDir != null) { |
| 412 | argsForZygote.add("--app-data-dir=" + appDataDir); |
| 413 | } |
| 414 | |
Tamas Berghammer | b8f7c35 | 2016-11-11 16:08:26 +0000 | [diff] [blame] | 415 | if (invokeWith != null) { |
| 416 | argsForZygote.add("--invoke-with"); |
| 417 | argsForZygote.add(invokeWith); |
| 418 | } |
| 419 | |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 420 | if (startChildZygote) { |
| 421 | argsForZygote.add("--start-child-zygote"); |
| 422 | } |
| 423 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 424 | argsForZygote.add(processClass); |
| 425 | |
| 426 | if (extraArgs != null) { |
| 427 | for (String arg : extraArgs) { |
| 428 | argsForZygote.add(arg); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 429 | } |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 430 | } |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 431 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 432 | synchronized(mLock) { |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 433 | return zygoteSendArgsAndGetResult(openZygoteSocketIfNeeded(abi), argsForZygote); |
| 434 | } |
| 435 | } |
| 436 | |
| 437 | /** |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 438 | * Closes the connections to the zygote, if they exist. |
| 439 | */ |
| 440 | public void close() { |
| 441 | if (primaryZygoteState != null) { |
| 442 | primaryZygoteState.close(); |
| 443 | } |
| 444 | if (secondaryZygoteState != null) { |
| 445 | secondaryZygoteState.close(); |
| 446 | } |
| 447 | } |
| 448 | |
| 449 | /** |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 450 | * Tries to establish a connection to the zygote that handles a given {@code abi}. Might block |
| 451 | * and retry if the zygote is unresponsive. This method is a no-op if a connection is |
| 452 | * already open. |
| 453 | */ |
| 454 | public void establishZygoteConnectionForAbi(String abi) { |
| 455 | try { |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 456 | synchronized(mLock) { |
| 457 | openZygoteSocketIfNeeded(abi); |
| 458 | } |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 459 | } catch (ZygoteStartFailedEx ex) { |
| 460 | throw new RuntimeException("Unable to connect to zygote for abi: " + abi, ex); |
| 461 | } |
| 462 | } |
| 463 | |
| 464 | /** |
Andreas Gampe | 8444dca | 2018-05-01 13:31:28 -0700 | [diff] [blame^] | 465 | * Attempt to retrieve the PID of the zygote serving the given abi. |
| 466 | */ |
| 467 | public int getZygotePid(String abi) { |
| 468 | try { |
| 469 | synchronized (mLock) { |
| 470 | ZygoteState state = openZygoteSocketIfNeeded(abi); |
| 471 | |
| 472 | // Each query starts with the argument count (1 in this case) |
| 473 | state.writer.write("1"); |
| 474 | // ... followed by a new-line. |
| 475 | state.writer.newLine(); |
| 476 | // ... followed by our only argument. |
| 477 | state.writer.write("--get-pid"); |
| 478 | state.writer.newLine(); |
| 479 | state.writer.flush(); |
| 480 | |
| 481 | // The response is a length prefixed stream of ASCII bytes. |
| 482 | int numBytes = state.inputStream.readInt(); |
| 483 | byte[] bytes = new byte[numBytes]; |
| 484 | state.inputStream.readFully(bytes); |
| 485 | |
| 486 | return Integer.parseInt(new String(bytes, StandardCharsets.US_ASCII)); |
| 487 | } |
| 488 | } catch (Exception ex) { |
| 489 | throw new RuntimeException("Failure retrieving pid", ex); |
| 490 | } |
| 491 | } |
| 492 | |
| 493 | /** |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 494 | * Push hidden API blacklisting exemptions into the zygote process(es). |
| 495 | * |
| 496 | * <p>The list of exemptions will take affect for all new processes forked from the zygote after |
| 497 | * this call. |
| 498 | * |
Mathew Inwood | 5449fc7 | 2018-04-05 13:56:39 +0100 | [diff] [blame] | 499 | * @param exemptions List of hidden API exemption prefixes. Any matching members are treated as |
| 500 | * whitelisted/public APIs (i.e. allowed, no logging of usage). |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 501 | */ |
| 502 | public void setApiBlacklistExemptions(List<String> exemptions) { |
| 503 | synchronized (mLock) { |
| 504 | mApiBlacklistExemptions = exemptions; |
| 505 | maybeSetApiBlacklistExemptions(primaryZygoteState, true); |
| 506 | maybeSetApiBlacklistExemptions(secondaryZygoteState, true); |
| 507 | } |
| 508 | } |
| 509 | |
| 510 | @GuardedBy("mLock") |
| 511 | private void maybeSetApiBlacklistExemptions(ZygoteState state, boolean sendIfEmpty) { |
| 512 | if (state == null || state.isClosed()) { |
| 513 | return; |
| 514 | } |
| 515 | if (!sendIfEmpty && mApiBlacklistExemptions.isEmpty()) { |
| 516 | return; |
| 517 | } |
| 518 | try { |
| 519 | state.writer.write(Integer.toString(mApiBlacklistExemptions.size() + 1)); |
| 520 | state.writer.newLine(); |
| 521 | state.writer.write("--set-api-blacklist-exemptions"); |
| 522 | state.writer.newLine(); |
| 523 | for (int i = 0; i < mApiBlacklistExemptions.size(); ++i) { |
| 524 | state.writer.write(mApiBlacklistExemptions.get(i)); |
| 525 | state.writer.newLine(); |
| 526 | } |
| 527 | state.writer.flush(); |
| 528 | int status = state.inputStream.readInt(); |
| 529 | if (status != 0) { |
| 530 | Slog.e(LOG_TAG, "Failed to set API blacklist exemptions; status " + status); |
| 531 | } |
| 532 | } catch (IOException ioe) { |
| 533 | Slog.e(LOG_TAG, "Failed to set API blacklist exemptions", ioe); |
| 534 | } |
| 535 | } |
| 536 | |
| 537 | /** |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 538 | * Tries to open socket to Zygote process if not already open. If |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 539 | * already open, does nothing. May block and retry. Requires that mLock be held. |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 540 | */ |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 541 | @GuardedBy("mLock") |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 542 | private ZygoteState openZygoteSocketIfNeeded(String abi) throws ZygoteStartFailedEx { |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 543 | Preconditions.checkState(Thread.holdsLock(mLock), "ZygoteProcess lock not held"); |
| 544 | |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 545 | if (primaryZygoteState == null || primaryZygoteState.isClosed()) { |
| 546 | try { |
| 547 | primaryZygoteState = ZygoteState.connect(mSocket); |
| 548 | } catch (IOException ioe) { |
| 549 | throw new ZygoteStartFailedEx("Error connecting to primary zygote", ioe); |
| 550 | } |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 551 | maybeSetApiBlacklistExemptions(primaryZygoteState, false); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 552 | } |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 553 | if (primaryZygoteState.matches(abi)) { |
| 554 | return primaryZygoteState; |
| 555 | } |
| 556 | |
| 557 | // The primary zygote didn't match. Try the secondary. |
| 558 | if (secondaryZygoteState == null || secondaryZygoteState.isClosed()) { |
| 559 | try { |
| 560 | secondaryZygoteState = ZygoteState.connect(mSecondarySocket); |
| 561 | } catch (IOException ioe) { |
| 562 | throw new ZygoteStartFailedEx("Error connecting to secondary zygote", ioe); |
| 563 | } |
Mathew Inwood | 2c6f97d | 2018-03-16 14:26:08 +0000 | [diff] [blame] | 564 | maybeSetApiBlacklistExemptions(secondaryZygoteState, false); |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 565 | } |
| 566 | |
| 567 | if (secondaryZygoteState.matches(abi)) { |
| 568 | return secondaryZygoteState; |
| 569 | } |
| 570 | |
| 571 | throw new ZygoteStartFailedEx("Unsupported zygote ABI: " + abi); |
| 572 | } |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 573 | |
| 574 | /** |
| 575 | * Instructs the zygote to pre-load the classes and native libraries at the given paths |
| 576 | * for the specified abi. Not all zygotes support this function. |
| 577 | */ |
Narayan Kamath | bae484a | 2017-07-03 14:12:26 +0100 | [diff] [blame] | 578 | public boolean preloadPackageForAbi(String packagePath, String libsPath, String cacheKey, |
| 579 | String abi) throws ZygoteStartFailedEx, IOException { |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 580 | synchronized(mLock) { |
| 581 | ZygoteState state = openZygoteSocketIfNeeded(abi); |
Torne (Richard Coles) | 0452670 | 2017-01-13 14:19:39 +0000 | [diff] [blame] | 582 | state.writer.write("4"); |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 583 | state.writer.newLine(); |
| 584 | |
| 585 | state.writer.write("--preload-package"); |
| 586 | state.writer.newLine(); |
| 587 | |
| 588 | state.writer.write(packagePath); |
| 589 | state.writer.newLine(); |
| 590 | |
| 591 | state.writer.write(libsPath); |
| 592 | state.writer.newLine(); |
| 593 | |
Torne (Richard Coles) | 0452670 | 2017-01-13 14:19:39 +0000 | [diff] [blame] | 594 | state.writer.write(cacheKey); |
| 595 | state.writer.newLine(); |
| 596 | |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 597 | state.writer.flush(); |
Narayan Kamath | bae484a | 2017-07-03 14:12:26 +0100 | [diff] [blame] | 598 | |
| 599 | return (state.inputStream.readInt() == 0); |
Robert Sesek | ded2098 | 2016-08-15 13:59:13 -0400 | [diff] [blame] | 600 | } |
| 601 | } |
Narayan Kamath | 669afcc | 2017-02-06 20:24:08 +0000 | [diff] [blame] | 602 | |
| 603 | /** |
| 604 | * Instructs the zygote to preload the default set of classes and resources. Returns |
| 605 | * {@code true} if a preload was performed as a result of this call, and {@code false} |
| 606 | * otherwise. The latter usually means that the zygote eagerly preloaded at startup |
| 607 | * or due to a previous call to {@code preloadDefault}. Note that this call is synchronous. |
| 608 | */ |
| 609 | public boolean preloadDefault(String abi) throws ZygoteStartFailedEx, IOException { |
| 610 | synchronized (mLock) { |
| 611 | ZygoteState state = openZygoteSocketIfNeeded(abi); |
| 612 | // Each query starts with the argument count (1 in this case) |
| 613 | state.writer.write("1"); |
| 614 | state.writer.newLine(); |
| 615 | state.writer.write("--preload-default"); |
| 616 | state.writer.newLine(); |
| 617 | state.writer.flush(); |
| 618 | |
| 619 | return (state.inputStream.readInt() == 0); |
| 620 | } |
| 621 | } |
Gustav Sennton | f0c52b5 | 2017-04-27 17:00:50 +0100 | [diff] [blame] | 622 | |
| 623 | /** |
| 624 | * Try connecting to the Zygote over and over again until we hit a time-out. |
| 625 | * @param socketName The name of the socket to connect to. |
| 626 | */ |
| 627 | public static void waitForConnectionToZygote(String socketName) { |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 628 | final LocalSocketAddress address = |
| 629 | new LocalSocketAddress(socketName, LocalSocketAddress.Namespace.RESERVED); |
| 630 | waitForConnectionToZygote(address); |
| 631 | } |
| 632 | |
| 633 | /** |
| 634 | * Try connecting to the Zygote over and over again until we hit a time-out. |
| 635 | * @param address The name of the socket to connect to. |
| 636 | */ |
| 637 | public static void waitForConnectionToZygote(LocalSocketAddress address) { |
Gustav Sennton | f0c52b5 | 2017-04-27 17:00:50 +0100 | [diff] [blame] | 638 | for (int n = 20; n >= 0; n--) { |
| 639 | try { |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 640 | final ZygoteState zs = ZygoteState.connect(address); |
Gustav Sennton | f0c52b5 | 2017-04-27 17:00:50 +0100 | [diff] [blame] | 641 | zs.close(); |
| 642 | return; |
| 643 | } catch (IOException ioe) { |
| 644 | Log.w(LOG_TAG, |
| 645 | "Got error connecting to zygote, retrying. msg= " + ioe.getMessage()); |
| 646 | } |
| 647 | |
| 648 | try { |
| 649 | Thread.sleep(1000); |
| 650 | } catch (InterruptedException ie) { |
| 651 | } |
| 652 | } |
Robert Sesek | 5ac8abf | 2018-01-26 14:26:53 -0500 | [diff] [blame] | 653 | Slog.wtf(LOG_TAG, "Failed to connect to Zygote through socket " + address.getName()); |
Gustav Sennton | f0c52b5 | 2017-04-27 17:00:50 +0100 | [diff] [blame] | 654 | } |
Robert Sesek | d0a190df | 2018-02-12 18:46:01 -0500 | [diff] [blame] | 655 | |
| 656 | /** |
| 657 | * Starts a new zygote process as a child of this zygote. This is used to create |
| 658 | * secondary zygotes that inherit data from the zygote that this object |
| 659 | * communicates with. This returns a new ZygoteProcess representing a connection |
| 660 | * to the newly created zygote. Throws an exception if the zygote cannot be started. |
| 661 | */ |
| 662 | public ChildZygoteProcess startChildZygote(final String processClass, |
| 663 | final String niceName, |
| 664 | int uid, int gid, int[] gids, |
| 665 | int runtimeFlags, |
| 666 | String seInfo, |
| 667 | String abi, |
| 668 | String instructionSet) { |
| 669 | // Create an unguessable address in the global abstract namespace. |
| 670 | final LocalSocketAddress serverAddress = new LocalSocketAddress( |
| 671 | processClass + "/" + UUID.randomUUID().toString()); |
| 672 | |
| 673 | final String[] extraArgs = {Zygote.CHILD_ZYGOTE_SOCKET_NAME_ARG + serverAddress.getName()}; |
| 674 | |
| 675 | Process.ProcessStartResult result; |
| 676 | try { |
| 677 | result = startViaZygote(processClass, niceName, uid, gid, |
| 678 | gids, runtimeFlags, 0 /* mountExternal */, 0 /* targetSdkVersion */, seInfo, |
| 679 | abi, instructionSet, null /* appDataDir */, null /* invokeWith */, |
| 680 | true /* startChildZygote */, extraArgs); |
| 681 | } catch (ZygoteStartFailedEx ex) { |
| 682 | throw new RuntimeException("Starting child-zygote through Zygote failed", ex); |
| 683 | } |
| 684 | |
| 685 | return new ChildZygoteProcess(serverAddress, result.pid); |
| 686 | } |
Robert Sesek | 8f8d187 | 2016-03-18 16:52:57 -0400 | [diff] [blame] | 687 | } |