Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 17 | #include <cstdlib> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 18 | #include <fcntl.h> |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 19 | #include <stdlib.h> |
| 20 | #include <string.h> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 21 | #include <sys/types.h> |
| 22 | #include <sys/stat.h> |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 23 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 24 | #include <android-base/file.h> |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 25 | #include <android-base/logging.h> |
| 26 | #include <android-base/stringprintf.h> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 27 | #include <android-base/unique_fd.h> |
| 28 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 29 | #include <cutils/properties.h> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 30 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 31 | #include <gtest/gtest.h> |
| 32 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 33 | #include <selinux/android.h> |
| 34 | #include <selinux/avc.h> |
| 35 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 36 | #include "dexopt.h" |
| 37 | #include "InstalldNativeService.h" |
| 38 | #include "globals.h" |
| 39 | #include "tests/test_utils.h" |
| 40 | #include "utils.h" |
| 41 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 42 | using android::base::ReadFully; |
| 43 | using android::base::unique_fd; |
| 44 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 45 | namespace android { |
| 46 | namespace installd { |
| 47 | |
| 48 | // TODO(calin): try to dedup this code. |
| 49 | #if defined(__arm__) |
| 50 | static const std::string kRuntimeIsa = "arm"; |
| 51 | #elif defined(__aarch64__) |
| 52 | static const std::string kRuntimeIsa = "arm64"; |
| 53 | #elif defined(__mips__) && !defined(__LP64__) |
| 54 | static const std::string kRuntimeIsa = "mips"; |
| 55 | #elif defined(__mips__) && defined(__LP64__) |
| 56 | static const std::string kRuntimeIsa = "mips64"; |
| 57 | #elif defined(__i386__) |
| 58 | static const std::string kRuntimeIsa = "x86"; |
| 59 | #elif defined(__x86_64__) |
| 60 | static const std::string kRuntimeIsa = "x86_64"; |
| 61 | #else |
| 62 | static const std::string kRuntimeIsa = "none"; |
| 63 | #endif |
| 64 | |
| 65 | int get_property(const char *key, char *value, const char *default_value) { |
| 66 | return property_get(key, value, default_value); |
| 67 | } |
| 68 | |
| 69 | bool calculate_oat_file_path(char path[PKG_PATH_MAX], const char *oat_dir, const char *apk_path, |
| 70 | const char *instruction_set) { |
| 71 | return calculate_oat_file_path_default(path, oat_dir, apk_path, instruction_set); |
| 72 | } |
| 73 | |
| 74 | bool calculate_odex_file_path(char path[PKG_PATH_MAX], const char *apk_path, |
| 75 | const char *instruction_set) { |
| 76 | return calculate_odex_file_path_default(path, apk_path, instruction_set); |
| 77 | } |
| 78 | |
| 79 | bool create_cache_path(char path[PKG_PATH_MAX], const char *src, const char *instruction_set) { |
| 80 | return create_cache_path_default(path, src, instruction_set); |
| 81 | } |
| 82 | |
| 83 | static void run_cmd(const std::string& cmd) { |
| 84 | system(cmd.c_str()); |
| 85 | } |
| 86 | |
| 87 | static void mkdir(const std::string& path, uid_t owner, gid_t group, mode_t mode) { |
| 88 | ::mkdir(path.c_str(), mode); |
| 89 | ::chown(path.c_str(), owner, group); |
| 90 | ::chmod(path.c_str(), mode); |
| 91 | } |
| 92 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 93 | static int log_callback(int type, const char *fmt, ...) { // NOLINT |
| 94 | va_list ap; |
| 95 | int priority; |
| 96 | |
| 97 | switch (type) { |
| 98 | case SELINUX_WARNING: |
| 99 | priority = ANDROID_LOG_WARN; |
| 100 | break; |
| 101 | case SELINUX_INFO: |
| 102 | priority = ANDROID_LOG_INFO; |
| 103 | break; |
| 104 | default: |
| 105 | priority = ANDROID_LOG_ERROR; |
| 106 | break; |
| 107 | } |
| 108 | va_start(ap, fmt); |
| 109 | LOG_PRI_VA(priority, "SELinux", fmt, ap); |
| 110 | va_end(ap); |
| 111 | return 0; |
| 112 | } |
| 113 | |
| 114 | static bool init_selinux() { |
| 115 | int selinux_enabled = (is_selinux_enabled() > 0); |
| 116 | |
| 117 | union selinux_callback cb; |
| 118 | cb.func_log = log_callback; |
| 119 | selinux_set_callback(SELINUX_CB_LOG, cb); |
| 120 | |
| 121 | if (selinux_enabled && selinux_status_open(true) < 0) { |
| 122 | LOG(ERROR) << "Could not open selinux status; exiting"; |
| 123 | return false; |
| 124 | } |
| 125 | |
| 126 | return true; |
| 127 | } |
| 128 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 129 | // Base64 encoding of a simple dex files with 2 methods. |
| 130 | static const char kDexFile[] = |
| 131 | "UEsDBBQAAAAIAOiOYUs9y6BLCgEAABQCAAALABwAY2xhc3Nlcy5kZXhVVAkAA/Ns+lkOHv1ZdXgL" |
| 132 | "AAEEI+UCAASIEwAAS0mt4DIwNmX4qpn7j/2wA7v7N+ZvoQpCJRlVx5SWa4YaiDAxMBQwMDBUhJkI" |
| 133 | "MUBBDyMDAzsDRJwFxAdioBDDHAYEYAbiFUAM1M5wAIhFGCGKDIDYAogdgNgDiH2BOAiI0xghekDm" |
| 134 | "sQIxGxQzM6ACRijNhCbOhCZfyohdPYyuh8szgtVkMkLsLhAAqeCDi+ejibPZZOZlltgxsDnqZSWW" |
| 135 | "JTKwOUFoZh9HayDhZM0g5AMS0M9JzEvX90/KSk0usWZgDAMaws5nAyXBzmpoYGlgAjsAyJoBMp0b" |
| 136 | "zQ8gGhbOTEhhzYwU3qxIYc2GFN6MClC/AhUyKUDMAYU9M1Qc5F8GKBscVgIQM0FxCwBQSwECHgMU" |
| 137 | "AAAACADojmFLPcugSwoBAAAUAgAACwAYAAAAAAAAAAAAoIEAAAAAY2xhc3Nlcy5kZXhVVAUAA/Ns" |
| 138 | "+ll1eAsAAQQj5QIABIgTAABQSwUGAAAAAAEAAQBRAAAATwEAAAAA"; |
| 139 | |
| 140 | |
| 141 | class DexoptTest : public testing::Test { |
| 142 | protected: |
| 143 | static constexpr bool kDebug = false; |
| 144 | static constexpr uid_t kSystemUid = 1000; |
| 145 | static constexpr uid_t kSystemGid = 1000; |
| 146 | static constexpr int32_t kOSdkVersion = 25; |
| 147 | static constexpr int32_t kAppDataFlags = FLAG_STORAGE_CE | FLAG_STORAGE_DE; |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 148 | static constexpr int32_t kTestUserId = 0; |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 149 | static constexpr uid_t kTestAppId = 19999; |
| 150 | |
| 151 | const gid_t kTestAppUid = multiuser_get_uid(kTestUserId, kTestAppId); |
| 152 | const uid_t kTestAppGid = multiuser_get_shared_gid(kTestUserId, kTestAppId); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 153 | |
| 154 | InstalldNativeService* service_; |
| 155 | std::unique_ptr<std::string> volume_uuid_; |
| 156 | std::string package_name_; |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 157 | std::string apk_path_; |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 158 | std::string app_apk_dir_; |
| 159 | std::string app_private_dir_ce_; |
| 160 | std::string app_private_dir_de_; |
| 161 | std::string se_info_; |
| 162 | |
| 163 | int64_t ce_data_inode_; |
| 164 | |
| 165 | std::string secondary_dex_ce_; |
| 166 | std::string secondary_dex_ce_link_; |
| 167 | std::string secondary_dex_de_; |
| 168 | |
| 169 | virtual void SetUp() { |
| 170 | setenv("ANDROID_LOG_TAGS", "*:v", 1); |
| 171 | android::base::InitLogging(nullptr); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 172 | // Initialize the globals holding the file system main paths (/data/, /system/ etc..). |
| 173 | // This is needed in order to compute the application and profile paths. |
| 174 | ASSERT_TRUE(init_globals_from_data_and_root()); |
| 175 | // Initialize selinux log callbacks. |
| 176 | // This ensures that selinux is up and running and re-directs the selinux messages |
| 177 | // to logcat (in order to make it easier to investigate test results). |
| 178 | ASSERT_TRUE(init_selinux()); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 179 | service_ = new InstalldNativeService(); |
| 180 | |
| 181 | volume_uuid_ = nullptr; |
| 182 | package_name_ = "com.installd.test.dexopt"; |
| 183 | se_info_ = "default"; |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 184 | app_apk_dir_ = android_app_dir + package_name_; |
| 185 | |
| 186 | create_mock_app(); |
| 187 | } |
| 188 | |
| 189 | virtual void TearDown() { |
| 190 | if (!kDebug) { |
| 191 | service_->destroyAppData( |
| 192 | volume_uuid_, package_name_, kTestUserId, kAppDataFlags, ce_data_inode_); |
| 193 | run_cmd("rm -rf " + app_apk_dir_); |
| 194 | run_cmd("rm -rf " + app_private_dir_ce_); |
| 195 | run_cmd("rm -rf " + app_private_dir_de_); |
| 196 | } |
| 197 | delete service_; |
| 198 | } |
| 199 | |
| 200 | void create_mock_app() { |
| 201 | // Create the oat dir. |
| 202 | std::string app_oat_dir = app_apk_dir_ + "/oat"; |
| 203 | mkdir(app_apk_dir_, kSystemUid, kSystemGid, 0755); |
| 204 | service_->createOatDir(app_oat_dir, kRuntimeIsa); |
| 205 | |
| 206 | // Copy the primary apk. |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 207 | apk_path_ = app_apk_dir_ + "/base.jar"; |
| 208 | ASSERT_TRUE(WriteBase64ToFile(kDexFile, apk_path_, kSystemUid, kSystemGid, 0644)); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 209 | |
| 210 | // Create the app user data. |
| 211 | ASSERT_TRUE(service_->createAppData( |
| 212 | volume_uuid_, |
| 213 | package_name_, |
| 214 | kTestUserId, |
| 215 | kAppDataFlags, |
| 216 | kTestAppUid, |
| 217 | se_info_, |
| 218 | kOSdkVersion, |
| 219 | &ce_data_inode_).isOk()); |
| 220 | |
| 221 | // Create a secondary dex file on CE storage |
| 222 | const char* volume_uuid_cstr = volume_uuid_ == nullptr ? nullptr : volume_uuid_->c_str(); |
| 223 | app_private_dir_ce_ = create_data_user_ce_package_path( |
| 224 | volume_uuid_cstr, kTestUserId, package_name_.c_str()); |
| 225 | secondary_dex_ce_ = app_private_dir_ce_ + "/secondary_ce.jar"; |
| 226 | ASSERT_TRUE(WriteBase64ToFile(kDexFile, secondary_dex_ce_, kTestAppUid, kTestAppGid, 0600)); |
| 227 | std::string app_private_dir_ce_link = create_data_user_ce_package_path_as_user_link( |
| 228 | volume_uuid_cstr, kTestUserId, package_name_.c_str()); |
| 229 | secondary_dex_ce_link_ = app_private_dir_ce_link + "/secondary_ce.jar"; |
| 230 | |
| 231 | // Create a secondary dex file on DE storage. |
| 232 | app_private_dir_de_ = create_data_user_de_package_path( |
| 233 | volume_uuid_cstr, kTestUserId, package_name_.c_str()); |
| 234 | secondary_dex_de_ = app_private_dir_de_ + "/secondary_de.jar"; |
| 235 | ASSERT_TRUE(WriteBase64ToFile(kDexFile, secondary_dex_de_, kTestAppUid, kTestAppGid, 0600)); |
| 236 | |
| 237 | // Fix app data uid. |
| 238 | ASSERT_TRUE(service_->fixupAppData(volume_uuid_, kTestUserId).isOk()); |
| 239 | } |
| 240 | |
| 241 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 242 | std::string GetSecondaryDexArtifact(const std::string& path, const std::string& type) { |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 243 | std::string::size_type end = path.rfind('.'); |
| 244 | std::string::size_type start = path.rfind('/', end); |
| 245 | return path.substr(0, start) + "/oat/" + kRuntimeIsa + "/" + |
| 246 | path.substr(start + 1, end - start) + type; |
| 247 | } |
| 248 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 249 | void CompileSecondaryDex(const std::string& path, int32_t dex_storage_flag, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 250 | bool should_binder_call_succeed, bool should_dex_be_compiled = true, |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 251 | int32_t uid = -1) { |
| 252 | if (uid == -1) { |
| 253 | uid = kTestAppUid; |
| 254 | } |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 255 | std::unique_ptr<std::string> package_name_ptr(new std::string(package_name_)); |
| 256 | int32_t dexopt_needed = 0; // does not matter; |
| 257 | std::unique_ptr<std::string> out_path = nullptr; // does not matter |
| 258 | int32_t dex_flags = DEXOPT_SECONDARY_DEX | dex_storage_flag; |
| 259 | std::string compiler_filter = "speed-profile"; |
| 260 | std::unique_ptr<std::string> class_loader_context_ptr(new std::string("&")); |
| 261 | std::unique_ptr<std::string> se_info_ptr(new std::string(se_info_)); |
| 262 | bool downgrade = false; |
David Brazdil | 570d398 | 2018-01-16 20:15:43 +0000 | [diff] [blame] | 263 | int32_t target_sdk_version = 0; // default |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 264 | std::unique_ptr<std::string> profile_name_ptr(new std::string("primary.prof")); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 265 | |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 266 | bool prof_result; |
| 267 | binder::Status prof_binder_result = service_->prepareAppProfile( |
| 268 | package_name_, kTestUserId, kTestAppId, *profile_name_ptr, /*code path*/ "base.apk", |
| 269 | /*dex_metadata*/ nullptr, &prof_result); |
| 270 | ASSERT_TRUE(prof_binder_result.isOk()); |
| 271 | ASSERT_TRUE(prof_result); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 272 | binder::Status result = service_->dexopt(path, |
| 273 | uid, |
| 274 | package_name_ptr, |
| 275 | kRuntimeIsa, |
| 276 | dexopt_needed, |
| 277 | out_path, |
| 278 | dex_flags, |
| 279 | compiler_filter, |
| 280 | volume_uuid_, |
| 281 | class_loader_context_ptr, |
| 282 | se_info_ptr, |
David Brazdil | 570d398 | 2018-01-16 20:15:43 +0000 | [diff] [blame] | 283 | downgrade, |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 284 | target_sdk_version, |
| 285 | profile_name_ptr); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 286 | ASSERT_EQ(should_binder_call_succeed, result.isOk()); |
| 287 | int expected_access = should_dex_be_compiled ? 0 : -1; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 288 | std::string odex = GetSecondaryDexArtifact(path, "odex"); |
| 289 | std::string vdex = GetSecondaryDexArtifact(path, "vdex"); |
| 290 | std::string art = GetSecondaryDexArtifact(path, "art"); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 291 | ASSERT_EQ(expected_access, access(odex.c_str(), R_OK)); |
| 292 | ASSERT_EQ(expected_access, access(vdex.c_str(), R_OK)); |
| 293 | ASSERT_EQ(-1, access(art.c_str(), R_OK)); // empty profiles do not generate an image. |
| 294 | } |
| 295 | |
| 296 | void reconcile_secondary_dex(const std::string& path, int32_t storage_flag, |
| 297 | bool should_binder_call_succeed, bool should_dex_exist, bool should_dex_be_deleted, |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 298 | int32_t uid = -1, std::string* package_override = nullptr) { |
| 299 | if (uid == -1) { |
| 300 | uid = kTestAppUid; |
| 301 | } |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 302 | std::vector<std::string> isas; |
| 303 | isas.push_back(kRuntimeIsa); |
| 304 | bool out_secondary_dex_exists = false; |
| 305 | binder::Status result = service_->reconcileSecondaryDexFile( |
| 306 | path, |
| 307 | package_override == nullptr ? package_name_ : *package_override, |
| 308 | uid, |
| 309 | isas, |
| 310 | volume_uuid_, |
| 311 | storage_flag, |
| 312 | &out_secondary_dex_exists); |
| 313 | |
| 314 | ASSERT_EQ(should_binder_call_succeed, result.isOk()); |
| 315 | ASSERT_EQ(should_dex_exist, out_secondary_dex_exists); |
| 316 | |
| 317 | int expected_access = should_dex_be_deleted ? -1 : 0; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 318 | std::string odex = GetSecondaryDexArtifact(path, "odex"); |
| 319 | std::string vdex = GetSecondaryDexArtifact(path, "vdex"); |
| 320 | std::string art = GetSecondaryDexArtifact(path, "art"); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 321 | ASSERT_EQ(expected_access, access(odex.c_str(), F_OK)); |
| 322 | ASSERT_EQ(expected_access, access(vdex.c_str(), F_OK)); |
| 323 | ASSERT_EQ(-1, access(art.c_str(), R_OK)); // empty profiles do not generate an image. |
| 324 | } |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 325 | |
| 326 | void CheckFileAccess(const std::string& file, uid_t uid, gid_t gid, mode_t mode) { |
| 327 | struct stat st; |
| 328 | ASSERT_EQ(0, stat(file.c_str(), &st)); |
| 329 | ASSERT_EQ(uid, st.st_uid); |
| 330 | ASSERT_EQ(gid, st.st_gid); |
| 331 | ASSERT_EQ(mode, st.st_mode); |
| 332 | } |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 333 | }; |
| 334 | |
| 335 | |
| 336 | TEST_F(DexoptTest, DexoptSecondaryCe) { |
| 337 | LOG(INFO) << "DexoptSecondaryCe"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 338 | CompileSecondaryDex(secondary_dex_ce_, DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 339 | /*binder_ok*/ true, /*compile_ok*/ true); |
| 340 | } |
| 341 | |
| 342 | TEST_F(DexoptTest, DexoptSecondaryCeLink) { |
| 343 | LOG(INFO) << "DexoptSecondaryCeLink"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 344 | CompileSecondaryDex(secondary_dex_ce_link_, DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 345 | /*binder_ok*/ true, /*compile_ok*/ true); |
| 346 | } |
| 347 | |
| 348 | TEST_F(DexoptTest, DexoptSecondaryDe) { |
| 349 | LOG(INFO) << "DexoptSecondaryDe"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 350 | CompileSecondaryDex(secondary_dex_de_, DEXOPT_STORAGE_DE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 351 | /*binder_ok*/ true, /*compile_ok*/ true); |
| 352 | } |
| 353 | |
| 354 | TEST_F(DexoptTest, DexoptSecondaryDoesNotExist) { |
| 355 | LOG(INFO) << "DexoptSecondaryDoesNotExist"; |
| 356 | // If the file validates but does not exist we do not treat it as an error. |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 357 | CompileSecondaryDex(secondary_dex_ce_ + "not.there", DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 358 | /*binder_ok*/ true, /*compile_ok*/ false); |
| 359 | } |
| 360 | |
| 361 | TEST_F(DexoptTest, DexoptSecondaryStorageValidationError) { |
| 362 | LOG(INFO) << "DexoptSecondaryStorageValidationError"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 363 | CompileSecondaryDex(secondary_dex_ce_, DEXOPT_STORAGE_DE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 364 | /*binder_ok*/ false, /*compile_ok*/ false); |
| 365 | } |
| 366 | |
| 367 | TEST_F(DexoptTest, DexoptSecondaryAppOwnershipValidationError) { |
| 368 | LOG(INFO) << "DexoptSecondaryAppOwnershipValidationError"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 369 | CompileSecondaryDex("/data/data/random.app/secondary.jar", DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 370 | /*binder_ok*/ false, /*compile_ok*/ false); |
| 371 | } |
| 372 | |
| 373 | TEST_F(DexoptTest, DexoptSecondaryAcessViaDifferentUidError) { |
| 374 | LOG(INFO) << "DexoptSecondaryAcessViaDifferentUidError"; |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 375 | CompileSecondaryDex(secondary_dex_ce_, DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 376 | /*binder_ok*/ false, /*compile_ok*/ false, kSystemUid); |
| 377 | } |
| 378 | |
| 379 | |
| 380 | class ReconcileTest : public DexoptTest { |
| 381 | virtual void SetUp() { |
| 382 | DexoptTest::SetUp(); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 383 | CompileSecondaryDex(secondary_dex_ce_, DEXOPT_STORAGE_CE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 384 | /*binder_ok*/ true, /*compile_ok*/ true); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 385 | CompileSecondaryDex(secondary_dex_de_, DEXOPT_STORAGE_DE, |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 386 | /*binder_ok*/ true, /*compile_ok*/ true); |
| 387 | } |
| 388 | }; |
| 389 | |
| 390 | TEST_F(ReconcileTest, ReconcileSecondaryCeExists) { |
| 391 | LOG(INFO) << "ReconcileSecondaryCeExists"; |
| 392 | reconcile_secondary_dex(secondary_dex_ce_, FLAG_STORAGE_CE, |
| 393 | /*binder_ok*/ true, /*dex_ok */ true, /*odex_deleted*/ false); |
| 394 | } |
| 395 | |
| 396 | TEST_F(ReconcileTest, ReconcileSecondaryCeLinkExists) { |
| 397 | LOG(INFO) << "ReconcileSecondaryCeLinkExists"; |
| 398 | reconcile_secondary_dex(secondary_dex_ce_link_, FLAG_STORAGE_CE, |
| 399 | /*binder_ok*/ true, /*dex_ok */ true, /*odex_deleted*/ false); |
| 400 | } |
| 401 | |
| 402 | TEST_F(ReconcileTest, ReconcileSecondaryDeExists) { |
| 403 | LOG(INFO) << "ReconcileSecondaryDeExists"; |
| 404 | reconcile_secondary_dex(secondary_dex_de_, FLAG_STORAGE_DE, |
| 405 | /*binder_ok*/ true, /*dex_ok */ true, /*odex_deleted*/ false); |
| 406 | } |
| 407 | |
| 408 | TEST_F(ReconcileTest, ReconcileSecondaryDeDoesNotExist) { |
| 409 | LOG(INFO) << "ReconcileSecondaryDeDoesNotExist"; |
| 410 | run_cmd("rm -rf " + secondary_dex_de_); |
| 411 | reconcile_secondary_dex(secondary_dex_de_, FLAG_STORAGE_DE, |
| 412 | /*binder_ok*/ true, /*dex_ok */ false, /*odex_deleted*/ true); |
| 413 | } |
| 414 | |
| 415 | TEST_F(ReconcileTest, ReconcileSecondaryStorageValidationError) { |
| 416 | // Validation errors will not clean the odex/vdex/art files but will mark |
| 417 | // the file as non existent so that the PM knows it should purge it from its |
| 418 | // records. |
| 419 | LOG(INFO) << "ReconcileSecondaryStorageValidationError"; |
| 420 | reconcile_secondary_dex(secondary_dex_ce_, FLAG_STORAGE_DE, |
| 421 | /*binder_ok*/ true, /*dex_ok */ false, /*odex_deleted*/ false); |
| 422 | } |
| 423 | |
| 424 | TEST_F(ReconcileTest, ReconcileSecondaryAppOwnershipValidationError) { |
| 425 | LOG(INFO) << "ReconcileSecondaryAppOwnershipValidationError"; |
| 426 | // Attempt to reconcile the dex files of the test app from a different app. |
| 427 | std::string another_app = "another.app"; |
| 428 | reconcile_secondary_dex(secondary_dex_ce_, FLAG_STORAGE_CE, |
| 429 | /*binder_ok*/ true, /*dex_ok */ false, /*odex_deleted*/ false, kSystemUid, &another_app); |
| 430 | } |
| 431 | |
| 432 | TEST_F(ReconcileTest, ReconcileSecondaryAcessViaDifferentUidError) { |
| 433 | LOG(INFO) << "ReconcileSecondaryAcessViaDifferentUidError"; |
| 434 | reconcile_secondary_dex(secondary_dex_ce_, FLAG_STORAGE_CE, |
| 435 | /*binder_ok*/ true, /*dex_ok */ false, /*odex_deleted*/ false, kSystemUid); |
| 436 | } |
| 437 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 438 | class ProfileTest : public DexoptTest { |
| 439 | protected: |
| 440 | std::string cur_profile_; |
| 441 | std::string ref_profile_; |
| 442 | std::string snap_profile_; |
| 443 | |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 444 | static constexpr const char* kPrimaryProfile = "primary.prof"; |
| 445 | |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 446 | virtual void SetUp() { |
| 447 | DexoptTest::SetUp(); |
| 448 | cur_profile_ = create_current_profile_path( |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 449 | kTestUserId, package_name_, kPrimaryProfile, /*is_secondary_dex*/ false); |
| 450 | ref_profile_ = create_reference_profile_path(package_name_, kPrimaryProfile, |
| 451 | /*is_secondary_dex*/ false); |
| 452 | snap_profile_ = create_snapshot_profile_path(package_name_, kPrimaryProfile); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 453 | } |
| 454 | |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 455 | void SetupProfile(const std::string& path, uid_t uid, gid_t gid, mode_t mode, |
| 456 | int32_t num_dex) { |
| 457 | run_cmd("profman --generate-test-profile-seed=" + std::to_string(num_dex) + |
| 458 | " --generate-test-profile-num-dex=" + std::to_string(num_dex) + |
| 459 | " --generate-test-profile=" + path); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 460 | ::chmod(path.c_str(), mode); |
| 461 | ::chown(path.c_str(), uid, gid); |
| 462 | } |
| 463 | |
| 464 | void SetupProfiles(bool setup_ref) { |
| 465 | SetupProfile(cur_profile_, kTestAppUid, kTestAppGid, 0600, 1); |
| 466 | if (setup_ref) { |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 467 | SetupProfile(ref_profile_, kTestAppUid, kTestAppGid, 0600, 2); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 468 | } |
| 469 | } |
| 470 | |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 471 | void createProfileSnapshot(int32_t appid, const std::string& package_name, |
| 472 | bool expected_result) { |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 473 | bool result; |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 474 | binder::Status binder_result = service_->createProfileSnapshot( |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 475 | appid, package_name, kPrimaryProfile, apk_path_, &result); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 476 | ASSERT_TRUE(binder_result.isOk()); |
| 477 | ASSERT_EQ(expected_result, result); |
| 478 | |
| 479 | if (!expected_result) { |
| 480 | // Do not check the files if we expect to fail. |
| 481 | return; |
| 482 | } |
| 483 | |
| 484 | // Check that the snapshot was created witht he expected acess flags. |
| 485 | CheckFileAccess(snap_profile_, kSystemUid, kSystemGid, 0600 | S_IFREG); |
| 486 | |
| 487 | // The snapshot should be equivalent to the merge of profiles. |
| 488 | std::string expected_profile_content = snap_profile_ + ".expected"; |
| 489 | run_cmd("rm -f " + expected_profile_content); |
| 490 | run_cmd("touch " + expected_profile_content); |
| 491 | run_cmd("profman --profile-file=" + cur_profile_ + |
| 492 | " --profile-file=" + ref_profile_ + |
| 493 | " --reference-profile-file=" + expected_profile_content); |
| 494 | |
| 495 | ASSERT_TRUE(AreFilesEqual(expected_profile_content, snap_profile_)); |
| 496 | |
| 497 | pid_t pid = fork(); |
| 498 | if (pid == 0) { |
| 499 | /* child */ |
| 500 | TransitionToSystemServer(); |
| 501 | |
| 502 | // System server should be able to open the the spanshot. |
| 503 | unique_fd fd(open(snap_profile_.c_str(), O_RDONLY)); |
| 504 | ASSERT_TRUE(fd > -1) << "Failed to open profile as kSystemUid: " << strerror(errno); |
| 505 | _exit(0); |
| 506 | } |
| 507 | /* parent */ |
| 508 | ASSERT_TRUE(WIFEXITED(wait_child(pid))); |
| 509 | } |
| 510 | |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 511 | void mergePackageProfiles(const std::string& package_name, |
| 512 | const std::string& code_path, |
| 513 | bool expected_result) { |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 514 | bool result; |
| 515 | binder::Status binder_result = service_->mergeProfiles( |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 516 | kTestAppUid, package_name, code_path, &result); |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 517 | ASSERT_TRUE(binder_result.isOk()); |
| 518 | ASSERT_EQ(expected_result, result); |
| 519 | |
| 520 | if (!expected_result) { |
| 521 | // Do not check the files if we expect to fail. |
| 522 | return; |
| 523 | } |
| 524 | |
| 525 | // Check that the snapshot was created witht he expected acess flags. |
| 526 | CheckFileAccess(ref_profile_, kTestAppUid, kTestAppUid, 0600 | S_IFREG); |
| 527 | |
| 528 | // The snapshot should be equivalent to the merge of profiles. |
| 529 | std::string ref_profile_content = ref_profile_ + ".expected"; |
| 530 | run_cmd("rm -f " + ref_profile_content); |
| 531 | run_cmd("touch " + ref_profile_content); |
| 532 | run_cmd("profman --profile-file=" + cur_profile_ + |
| 533 | " --profile-file=" + ref_profile_ + |
| 534 | " --reference-profile-file=" + ref_profile_content); |
| 535 | |
| 536 | ASSERT_TRUE(AreFilesEqual(ref_profile_content, ref_profile_)); |
| 537 | } |
| 538 | |
Calin Juravle | c3b049e | 2018-01-18 22:32:58 -0800 | [diff] [blame] | 539 | // TODO(calin): add dex metadata tests once the ART change is merged. |
| 540 | void preparePackageProfile(const std::string& package_name, const std::string& profile_name, |
| 541 | bool expected_result) { |
| 542 | bool result; |
| 543 | binder::Status binder_result = service_->prepareAppProfile( |
| 544 | package_name, kTestUserId, kTestAppId, profile_name, /*code path*/ "base.apk", |
| 545 | /*dex_metadata*/ nullptr, &result); |
| 546 | ASSERT_TRUE(binder_result.isOk()); |
| 547 | ASSERT_EQ(expected_result, result); |
| 548 | |
| 549 | if (!expected_result) { |
| 550 | // Do not check the files if we expect to fail. |
| 551 | return; |
| 552 | } |
| 553 | |
| 554 | std::string code_path_cur_prof = create_current_profile_path( |
| 555 | kTestUserId, package_name, profile_name, /*is_secondary_dex*/ false); |
| 556 | std::string code_path_ref_profile = create_reference_profile_path(package_name, |
| 557 | profile_name, /*is_secondary_dex*/ false); |
| 558 | |
| 559 | // Check that we created the current profile. |
| 560 | CheckFileAccess(code_path_cur_prof, kTestAppUid, kTestAppUid, 0600 | S_IFREG); |
| 561 | |
| 562 | // Without dex metadata we don't generate a reference profile. |
| 563 | ASSERT_EQ(-1, access(code_path_ref_profile.c_str(), R_OK)); |
| 564 | } |
| 565 | |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 566 | protected: |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 567 | void TransitionToSystemServer() { |
| 568 | ASSERT_TRUE(DropCapabilities(kSystemUid, kSystemGid)); |
| 569 | int32_t res = selinux_android_setcontext( |
| 570 | kSystemUid, true, se_info_.c_str(), "system_server"); |
| 571 | ASSERT_EQ(0, res) << "Failed to setcon " << strerror(errno); |
| 572 | } |
| 573 | |
| 574 | bool AreFilesEqual(const std::string& file1, const std::string& file2) { |
| 575 | std::vector<uint8_t> content1; |
| 576 | std::vector<uint8_t> content2; |
| 577 | |
| 578 | if (!ReadAll(file1, &content1)) return false; |
| 579 | if (!ReadAll(file2, &content2)) return false; |
| 580 | return content1 == content2; |
| 581 | } |
| 582 | |
| 583 | bool ReadAll(const std::string& file, std::vector<uint8_t>* content) { |
| 584 | unique_fd fd(open(file.c_str(), O_RDONLY)); |
| 585 | if (fd < 0) { |
| 586 | PLOG(ERROR) << "Failed to open " << file; |
| 587 | return false; |
| 588 | } |
| 589 | struct stat st; |
| 590 | if (fstat(fd, &st) != 0) { |
| 591 | PLOG(ERROR) << "Failed to stat " << file; |
| 592 | return false; |
| 593 | } |
| 594 | content->resize(st.st_size); |
| 595 | bool result = ReadFully(fd, content->data(), content->size()); |
| 596 | if (!result) { |
| 597 | PLOG(ERROR) << "Failed to read " << file; |
| 598 | } |
| 599 | return result; |
| 600 | } |
| 601 | }; |
| 602 | |
| 603 | TEST_F(ProfileTest, ProfileSnapshotOk) { |
| 604 | LOG(INFO) << "ProfileSnapshotOk"; |
| 605 | |
| 606 | SetupProfiles(/*setup_ref*/ true); |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 607 | createProfileSnapshot(kTestAppId, package_name_, /*expected_result*/ true); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 608 | } |
| 609 | |
| 610 | // The reference profile is created on the fly. We need to be able to |
| 611 | // snapshot without one. |
| 612 | TEST_F(ProfileTest, ProfileSnapshotOkNoReference) { |
| 613 | LOG(INFO) << "ProfileSnapshotOkNoReference"; |
| 614 | |
| 615 | SetupProfiles(/*setup_ref*/ false); |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 616 | createProfileSnapshot(kTestAppId, package_name_, /*expected_result*/ true); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 617 | } |
| 618 | |
| 619 | TEST_F(ProfileTest, ProfileSnapshotFailWrongPackage) { |
| 620 | LOG(INFO) << "ProfileSnapshotFailWrongPackage"; |
| 621 | |
| 622 | SetupProfiles(/*setup_ref*/ true); |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 623 | createProfileSnapshot(kTestAppId, "not.there", /*expected_result*/ false); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 624 | } |
| 625 | |
| 626 | TEST_F(ProfileTest, ProfileSnapshotDestroySnapshot) { |
| 627 | LOG(INFO) << "ProfileSnapshotDestroySnapshot"; |
| 628 | |
| 629 | SetupProfiles(/*setup_ref*/ true); |
Calin Juravle | c3596c3 | 2017-12-05 12:29:15 -0800 | [diff] [blame] | 630 | createProfileSnapshot(kTestAppId, package_name_, /*expected_result*/ true); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 631 | |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 632 | binder::Status binder_result = service_->destroyProfileSnapshot(package_name_, kPrimaryProfile); |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 633 | ASSERT_TRUE(binder_result.isOk()); |
| 634 | struct stat st; |
| 635 | ASSERT_EQ(-1, stat(snap_profile_.c_str(), &st)); |
| 636 | ASSERT_EQ(ENOENT, errno); |
| 637 | } |
| 638 | |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 639 | TEST_F(ProfileTest, ProfileMergeOk) { |
| 640 | LOG(INFO) << "ProfileMergeOk"; |
| 641 | |
| 642 | SetupProfiles(/*setup_ref*/ true); |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 643 | mergePackageProfiles(package_name_, "primary.prof", /*expected_result*/ true); |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 644 | } |
| 645 | |
| 646 | // The reference profile is created on the fly. We need to be able to |
| 647 | // merge without one. |
| 648 | TEST_F(ProfileTest, ProfileMergeOkNoReference) { |
| 649 | LOG(INFO) << "ProfileMergeOkNoReference"; |
| 650 | |
| 651 | SetupProfiles(/*setup_ref*/ false); |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 652 | mergePackageProfiles(package_name_, "primary.prof", /*expected_result*/ true); |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 653 | } |
| 654 | |
| 655 | TEST_F(ProfileTest, ProfileMergeFailWrongPackage) { |
| 656 | LOG(INFO) << "ProfileMergeFailWrongPackage"; |
| 657 | |
| 658 | SetupProfiles(/*setup_ref*/ true); |
Calin Juravle | 408cd4a | 2018-01-20 23:34:18 -0800 | [diff] [blame] | 659 | mergePackageProfiles("not.there", "primary.prof", /*expected_result*/ false); |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 660 | } |
| 661 | |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 662 | TEST_F(ProfileTest, ProfileDirOk) { |
| 663 | LOG(INFO) << "ProfileDirOk"; |
| 664 | |
| 665 | std::string cur_profile_dir = create_primary_current_profile_package_dir_path( |
| 666 | kTestUserId, package_name_); |
| 667 | std::string cur_profile_file = create_current_profile_path(kTestUserId, package_name_, |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 668 | kPrimaryProfile, /*is_secondary_dex*/false); |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 669 | std::string ref_profile_dir = create_primary_reference_profile_package_dir_path(package_name_); |
| 670 | |
| 671 | CheckFileAccess(cur_profile_dir, kTestAppUid, kTestAppUid, 0700 | S_IFDIR); |
Calin Juravle | 6f06eb6 | 2017-11-28 18:44:53 -0800 | [diff] [blame] | 672 | CheckFileAccess(ref_profile_dir, kSystemUid, kTestAppGid, 0770 | S_IFDIR); |
| 673 | } |
| 674 | |
| 675 | // Verify that the profile directories are fixed up during an upgrade. |
| 676 | // (The reference profile directory is prepared lazily). |
| 677 | TEST_F(ProfileTest, ProfileDirOkAfterFixup) { |
| 678 | LOG(INFO) << "ProfileDirOkAfterFixup"; |
| 679 | |
| 680 | std::string cur_profile_dir = create_primary_current_profile_package_dir_path( |
| 681 | kTestUserId, package_name_); |
| 682 | std::string cur_profile_file = create_current_profile_path(kTestUserId, package_name_, |
Calin Juravle | 824a64d | 2018-01-18 20:23:17 -0800 | [diff] [blame] | 683 | kPrimaryProfile, /*is_secondary_dex*/false); |
Calin Juravle | 6f06eb6 | 2017-11-28 18:44:53 -0800 | [diff] [blame] | 684 | std::string ref_profile_dir = create_primary_reference_profile_package_dir_path(package_name_); |
| 685 | |
| 686 | // Simulate a pre-P setup by changing the owner to kTestAppGid and permissions to 0700. |
| 687 | ASSERT_EQ(0, chown(ref_profile_dir.c_str(), kTestAppGid, kTestAppGid)); |
| 688 | ASSERT_EQ(0, chmod(ref_profile_dir.c_str(), 0700)); |
| 689 | |
| 690 | // Run createAppData again which will offer to fix-up the profile directories. |
| 691 | ASSERT_TRUE(service_->createAppData( |
| 692 | volume_uuid_, |
| 693 | package_name_, |
| 694 | kTestUserId, |
| 695 | kAppDataFlags, |
| 696 | kTestAppUid, |
| 697 | se_info_, |
| 698 | kOSdkVersion, |
| 699 | &ce_data_inode_).isOk()); |
| 700 | |
| 701 | // Check the file access. |
| 702 | CheckFileAccess(cur_profile_dir, kTestAppUid, kTestAppUid, 0700 | S_IFDIR); |
Calin Juravle | 6f06eb6 | 2017-11-28 18:44:53 -0800 | [diff] [blame] | 703 | CheckFileAccess(ref_profile_dir, kSystemUid, kTestAppGid, 0770 | S_IFDIR); |
Calin Juravle | d2affb8 | 2017-11-28 17:41:43 -0800 | [diff] [blame] | 704 | } |
| 705 | |
Calin Juravle | c3b049e | 2018-01-18 22:32:58 -0800 | [diff] [blame] | 706 | TEST_F(ProfileTest, ProfilePrepareOk) { |
| 707 | LOG(INFO) << "ProfilePrepareOk"; |
| 708 | preparePackageProfile(package_name_, "split.prof", /*expected_result*/ true); |
| 709 | } |
| 710 | |
| 711 | TEST_F(ProfileTest, ProfilePrepareFailInvalidPackage) { |
| 712 | LOG(INFO) << "ProfilePrepareFailInvalidPackage"; |
| 713 | preparePackageProfile("not.there.package", "split.prof", /*expected_result*/ false); |
| 714 | } |
| 715 | |
| 716 | TEST_F(ProfileTest, ProfilePrepareFailProfileChangedUid) { |
| 717 | LOG(INFO) << "ProfilePrepareFailProfileChangedUid"; |
| 718 | SetupProfiles(/*setup_ref*/ false); |
| 719 | // Change the uid on the profile to trigger a failure. |
| 720 | ::chown(cur_profile_.c_str(), kTestAppUid + 1, kTestAppGid + 1); |
| 721 | preparePackageProfile(package_name_, "primary.prof", /*expected_result*/ false); |
| 722 | } |
| 723 | |
Calin Juravle | 0d0a492 | 2018-01-23 19:54:11 -0800 | [diff] [blame^] | 724 | |
| 725 | class BootProfileTest : public ProfileTest { |
| 726 | public: |
| 727 | virtual void setup() { |
| 728 | ProfileTest::SetUp(); |
| 729 | intial_android_profiles_dir = android_profiles_dir; |
| 730 | } |
| 731 | |
| 732 | virtual void TearDown() { |
| 733 | android_profiles_dir = intial_android_profiles_dir; |
| 734 | ProfileTest::TearDown(); |
| 735 | } |
| 736 | |
| 737 | void UpdateAndroidProfilesDir(const std::string& profile_dir) { |
| 738 | android_profiles_dir = profile_dir; |
| 739 | // We need to create the reference profile directory in the new profile dir. |
| 740 | run_cmd("mkdir -p " + profile_dir + "/ref"); |
| 741 | } |
| 742 | |
| 743 | void createBootImageProfileSnapshot(const std::string& classpath, bool expected_result) { |
| 744 | bool result; |
| 745 | binder::Status binder_result = service_->createProfileSnapshot( |
| 746 | -1, "android", "android.prof", classpath, &result); |
| 747 | ASSERT_TRUE(binder_result.isOk()); |
| 748 | ASSERT_EQ(expected_result, result); |
| 749 | |
| 750 | if (!expected_result) { |
| 751 | // Do not check the files if we expect to fail. |
| 752 | return; |
| 753 | } |
| 754 | |
| 755 | // Check that the snapshot was created with he expected access flags. |
| 756 | const std::string boot_profile = create_snapshot_profile_path("android", "android.prof"); |
| 757 | CheckFileAccess(boot_profile, kSystemUid, kSystemGid, 0600 | S_IFREG); |
| 758 | |
| 759 | pid_t pid = fork(); |
| 760 | if (pid == 0) { |
| 761 | /* child */ |
| 762 | TransitionToSystemServer(); |
| 763 | |
| 764 | // System server should be able to open the snapshot. |
| 765 | unique_fd fd(open(boot_profile.c_str(), O_RDONLY)); |
| 766 | ASSERT_TRUE(fd > -1) << "Failed to open profile as kSystemUid: " << strerror(errno); |
| 767 | _exit(0); |
| 768 | } |
| 769 | /* parent */ |
| 770 | ASSERT_TRUE(WIFEXITED(wait_child(pid))); |
| 771 | } |
| 772 | protected: |
| 773 | std::string intial_android_profiles_dir; |
| 774 | }; |
| 775 | |
| 776 | TEST_F(BootProfileTest, BootProfileSnapshotOk) { |
| 777 | LOG(INFO) << "BootProfileSnapshotOk"; |
| 778 | char* boot_classpath = getenv("BOOTCLASSPATH"); |
| 779 | ASSERT_TRUE(boot_classpath != nullptr); |
| 780 | createBootImageProfileSnapshot(boot_classpath, /*expected_result*/ true); |
| 781 | } |
| 782 | |
| 783 | TEST_F(BootProfileTest, BootProfileSnapshotFailEmptyClasspath) { |
| 784 | LOG(INFO) << "BootProfileSnapshotFailEmptyClasspath"; |
| 785 | |
| 786 | createBootImageProfileSnapshot(/*boot_classpath*/ "", /*expected_result*/ false); |
| 787 | } |
| 788 | |
| 789 | TEST_F(BootProfileTest, BootProfileSnapshotOkNoProfiles) { |
| 790 | LOG(INFO) << "BootProfileSnapshotOkNoProfiles"; |
| 791 | char* boot_classpath = getenv("BOOTCLASSPATH"); |
| 792 | ASSERT_TRUE(boot_classpath != nullptr); |
| 793 | |
| 794 | // The app_apk_dir has no profiles. So we shouldn't be able to merge anything. |
| 795 | // Still, this is not a failure case. |
| 796 | UpdateAndroidProfilesDir(app_apk_dir_); |
| 797 | createBootImageProfileSnapshot(boot_classpath, /*expected_result*/ true); |
| 798 | } |
| 799 | |
| 800 | // Verify that profile collection. |
| 801 | TEST_F(BootProfileTest, CollectProfiles) { |
| 802 | LOG(INFO) << "CollectProfiles"; |
| 803 | |
| 804 | // Create some profile directories mimicking the real profile structure. |
| 805 | run_cmd("mkdir -p " + app_private_dir_de_ + "/profiles/ref"); |
| 806 | run_cmd("mkdir -p " + app_private_dir_de_ + "/profiles/cur/0/"); |
| 807 | run_cmd("mkdir -p " + app_private_dir_de_ + "/profiles/cur/1/"); |
| 808 | // Create an empty profile. |
| 809 | run_cmd("touch " + app_private_dir_de_ + "/profiles/cur/1/primary.prof"); |
| 810 | // Create a random file. |
| 811 | run_cmd("touch " + app_private_dir_de_ + "/profiles/cur/0/non.profile.file"); |
| 812 | |
| 813 | // Create some non-empty profiles. |
| 814 | std::string current_prof = app_private_dir_de_ + "/profiles/cur/0/primary.prof"; |
| 815 | run_cmd("echo 1 > " + current_prof); |
| 816 | std::string ref_prof = app_private_dir_de_ + "/profiles/ref/primary.prof"; |
| 817 | run_cmd("echo 1 > " + ref_prof); |
| 818 | |
| 819 | UpdateAndroidProfilesDir(app_private_dir_de_ + "/profiles"); |
| 820 | |
| 821 | std::vector<std::string> profiles; |
| 822 | collect_profiles(&profiles); |
| 823 | |
| 824 | // Only two profiles should be in the output. |
| 825 | ASSERT_EQ(2u, profiles.size()); |
| 826 | ASSERT_TRUE(std::find(profiles.begin(), profiles.end(), current_prof) != profiles.end()); |
| 827 | ASSERT_TRUE(std::find(profiles.begin(), profiles.end(), ref_prof) != profiles.end()); |
| 828 | } |
| 829 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 830 | } // namespace installd |
| 831 | } // namespace android |