Andreas Gampe | 8f7140d | 2019-01-31 09:22:27 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #pragma once |
| 18 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 19 | #include <stdlib.h> |
| 20 | #include <string.h> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 21 | #include <sys/capability.h> |
| 22 | |
| 23 | #include <android-base/logging.h> |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 24 | #include <android-base/stringprintf.h> |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 25 | #include <selinux/android.h> |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 26 | |
| 27 | uint8_t kBase64Map[256] = { |
| 28 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 29 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 30 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 31 | 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63, |
| 32 | 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255, |
| 33 | 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6, |
| 34 | 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, |
| 35 | 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255, |
| 36 | 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, |
| 37 | 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, |
| 38 | 49, 50, 51, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 39 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 40 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 41 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 42 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 43 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 44 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 45 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 46 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 47 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 48 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, |
| 49 | 255, 255, 255, 255 |
| 50 | }; |
| 51 | |
| 52 | uint8_t* DecodeBase64(const char* src, size_t* dst_size) { |
| 53 | CHECK(dst_size != nullptr); |
| 54 | std::vector<uint8_t> tmp; |
| 55 | uint32_t t = 0, y = 0; |
| 56 | int g = 3; |
| 57 | for (size_t i = 0; src[i] != '\0'; ++i) { |
| 58 | uint8_t c = kBase64Map[src[i] & 0xFF]; |
| 59 | if (c == 255) continue; |
| 60 | // the final = symbols are read and used to trim the remaining bytes |
| 61 | if (c == 254) { |
| 62 | c = 0; |
| 63 | // prevent g < 0 which would potentially allow an overflow later |
| 64 | if (--g < 0) { |
| 65 | *dst_size = 0; |
| 66 | return nullptr; |
| 67 | } |
| 68 | } else if (g != 3) { |
| 69 | // we only allow = to be at the end |
| 70 | *dst_size = 0; |
| 71 | return nullptr; |
| 72 | } |
| 73 | t = (t << 6) | c; |
| 74 | if (++y == 4) { |
| 75 | tmp.push_back((t >> 16) & 255); |
| 76 | if (g > 1) { |
| 77 | tmp.push_back((t >> 8) & 255); |
| 78 | } |
| 79 | if (g > 2) { |
| 80 | tmp.push_back(t & 255); |
| 81 | } |
| 82 | y = t = 0; |
| 83 | } |
| 84 | } |
| 85 | if (y != 0) { |
| 86 | *dst_size = 0; |
| 87 | return nullptr; |
| 88 | } |
| 89 | std::unique_ptr<uint8_t[]> dst(new uint8_t[tmp.size()]); |
| 90 | *dst_size = tmp.size(); |
| 91 | std::copy(tmp.begin(), tmp.end(), dst.get()); |
| 92 | return dst.release(); |
| 93 | } |
| 94 | |
| 95 | bool WriteBase64ToFile(const char* base64, const std::string& file, |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 96 | uid_t uid, gid_t gid, int mode, std::string* error_msg) { |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 97 | CHECK(base64 != nullptr); |
| 98 | size_t length; |
| 99 | std::unique_ptr<uint8_t[]> bytes(DecodeBase64(base64, &length)); |
| 100 | CHECK(bytes != nullptr); |
| 101 | |
| 102 | |
| 103 | int fd = open(file.c_str(), O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR); |
| 104 | |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 105 | using android::base::StringPrintf; |
| 106 | |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 107 | if (fd < 0) { |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 108 | *error_msg = StringPrintf("Could not open file %s: %s", file.c_str(), strerror(errno)); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 109 | return false; |
| 110 | } |
| 111 | |
| 112 | size_t wrote = 0; |
| 113 | while (wrote < length) { |
| 114 | ssize_t cur = write(fd, bytes.get() + wrote, length - wrote); |
| 115 | if (cur == -1) { |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 116 | *error_msg = StringPrintf("Could not write file %s: %s", file.c_str(), strerror(errno)); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 117 | return false; |
| 118 | } |
| 119 | wrote += cur; |
| 120 | } |
| 121 | |
| 122 | if (::chown(file.c_str(), uid, gid) != 0) { |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 123 | *error_msg = StringPrintf("Could not chown file %s: %s", file.c_str(), strerror(errno)); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 124 | return false; |
| 125 | } |
| 126 | if (::chmod(file.c_str(), mode) != 0) { |
Andreas Gampe | 2ef09a7 | 2018-08-29 14:50:41 -0700 | [diff] [blame] | 127 | *error_msg = StringPrintf("Could not chmod file %s: %s", file.c_str(), strerror(errno)); |
Calin Juravle | 7d76546 | 2017-09-04 15:57:10 -0700 | [diff] [blame] | 128 | return false; |
| 129 | } |
| 130 | return true; |
| 131 | } |
Calin Juravle | 2959173 | 2017-11-20 17:46:19 -0800 | [diff] [blame] | 132 | |
| 133 | // TODO(calin): fix dexopt drop_capabilities and move to general utils (b/69678790). |
| 134 | bool DropCapabilities(uid_t uid, gid_t gid) { |
| 135 | if (setgid(gid) != 0) { |
| 136 | PLOG(ERROR) << "setgid failed: " << gid; |
| 137 | return false; |
| 138 | } |
| 139 | if (setuid(uid) != 0) { |
| 140 | PLOG(ERROR) << "setuid failed: " << uid; |
| 141 | return false; |
| 142 | } |
| 143 | // drop capabilities |
| 144 | struct __user_cap_header_struct capheader; |
| 145 | struct __user_cap_data_struct capdata[2]; |
| 146 | memset(&capheader, 0, sizeof(capheader)); |
| 147 | memset(&capdata, 0, sizeof(capdata)); |
| 148 | capheader.version = _LINUX_CAPABILITY_VERSION_3; |
| 149 | if (capset(&capheader, &capdata[0]) < 0) { |
| 150 | PLOG(ERROR) << "capset failed"; |
| 151 | return false; |
| 152 | } |
| 153 | |
| 154 | return true; |
| 155 | } |