blob: 267d530f078f66fc927882932a051d6a17ea62b0 [file] [log] [blame]
Tom Cherrycb0f9bb2017-09-12 15:58:47 -07001/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "subcontext.h"
18
19#include <fcntl.h>
20#include <poll.h>
21#include <sys/socket.h>
22#include <unistd.h>
23
24#include <android-base/file.h>
25#include <android-base/logging.h>
26#include <android-base/strings.h>
27#include <selinux/android.h>
28
29#include "action.h"
Tom Cherrycb0f9bb2017-09-12 15:58:47 -070030#include "util.h"
31
Tom Cherryde6bd502018-02-13 16:50:08 -080032#if defined(__ANDROID__)
33#include "property_service.h"
34#include "selinux.h"
35#else
36#include "host_init_stubs.h"
37#endif
Tom Cherry32228482018-01-18 16:14:25 -080038
Tom Cherrycb0f9bb2017-09-12 15:58:47 -070039using android::base::GetExecutablePath;
40using android::base::Join;
41using android::base::Socketpair;
42using android::base::Split;
43using android::base::StartsWith;
44using android::base::unique_fd;
45
46namespace android {
47namespace init {
48
Tom Cherryac7428b2017-10-02 16:59:02 -070049const std::string kInitContext = "u:r:init:s0";
50const std::string kVendorContext = "u:r:vendor_init:s0";
Tom Cherrycb0f9bb2017-09-12 15:58:47 -070051
Tom Cherrydc375862018-02-28 10:39:01 -080052const char* const paths_and_secontexts[2][2] = {
53 {"/vendor", kVendorContext.c_str()},
54 {"/odm", kVendorContext.c_str()},
55};
56
Tom Cherrycb0f9bb2017-09-12 15:58:47 -070057namespace {
58
59constexpr size_t kBufferSize = 4096;
60
61Result<std::string> ReadMessage(int socket) {
62 char buffer[kBufferSize] = {};
63 auto result = TEMP_FAILURE_RETRY(recv(socket, buffer, sizeof(buffer), 0));
64 if (result <= 0) {
65 return ErrnoError();
66 }
67 return std::string(buffer, result);
68}
69
70template <typename T>
71Result<Success> SendMessage(int socket, const T& message) {
72 std::string message_string;
73 if (!message.SerializeToString(&message_string)) {
74 return Error() << "Unable to serialize message";
75 }
76
77 if (message_string.size() > kBufferSize) {
78 return Error() << "Serialized message too long to send";
79 }
80
81 if (auto result =
82 TEMP_FAILURE_RETRY(send(socket, message_string.c_str(), message_string.size(), 0));
83 result != static_cast<long>(message_string.size())) {
84 return ErrnoError() << "send() failed to send message contents";
85 }
86 return Success();
87}
88
Tom Cherry32228482018-01-18 16:14:25 -080089std::vector<std::pair<std::string, std::string>> properties_to_set;
90
91uint32_t SubcontextPropertySet(const std::string& name, const std::string& value) {
92 properties_to_set.emplace_back(name, value);
Tom Cherryde6bd502018-02-13 16:50:08 -080093 return 0;
Tom Cherry32228482018-01-18 16:14:25 -080094}
95
Tom Cherrycb0f9bb2017-09-12 15:58:47 -070096class SubcontextProcess {
97 public:
98 SubcontextProcess(const KeywordFunctionMap* function_map, std::string context, int init_fd)
99 : function_map_(function_map), context_(std::move(context)), init_fd_(init_fd){};
100 void MainLoop();
101
102 private:
103 void RunCommand(const SubcontextCommand::ExecuteCommand& execute_command,
Tom Cherryc49719f2018-01-10 11:04:34 -0800104 SubcontextReply* reply) const;
105 void ExpandArgs(const SubcontextCommand::ExpandArgsCommand& expand_args_command,
106 SubcontextReply* reply) const;
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700107
108 const KeywordFunctionMap* function_map_;
109 const std::string context_;
110 const int init_fd_;
111};
112
113void SubcontextProcess::RunCommand(const SubcontextCommand::ExecuteCommand& execute_command,
Tom Cherryc49719f2018-01-10 11:04:34 -0800114 SubcontextReply* reply) const {
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700115 // Need to use ArraySplice instead of this code.
116 auto args = std::vector<std::string>();
117 for (const auto& string : execute_command.args()) {
118 args.emplace_back(string);
119 }
120
121 auto map_result = function_map_->FindFunction(args);
122 Result<Success> result;
123 if (!map_result) {
124 result = Error() << "Cannot find command: " << map_result.error();
125 } else {
126 result = RunBuiltinFunction(map_result->second, args, context_);
127 }
128
Tom Cherry32228482018-01-18 16:14:25 -0800129 for (const auto& [name, value] : properties_to_set) {
130 auto property = reply->add_properties_to_set();
131 property->set_name(name);
132 property->set_value(value);
133 }
134
135 properties_to_set.clear();
136
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700137 if (result) {
Tom Cherryc49719f2018-01-10 11:04:34 -0800138 reply->set_success(true);
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700139 } else {
Tom Cherryc49719f2018-01-10 11:04:34 -0800140 auto* failure = reply->mutable_failure();
141 failure->set_error_string(result.error_string());
142 failure->set_error_errno(result.error_errno());
143 }
144}
145
146void SubcontextProcess::ExpandArgs(const SubcontextCommand::ExpandArgsCommand& expand_args_command,
147 SubcontextReply* reply) const {
148 for (const auto& arg : expand_args_command.args()) {
149 auto expanded_prop = std::string{};
150 if (!expand_props(arg, &expanded_prop)) {
151 auto* failure = reply->mutable_failure();
152 failure->set_error_string("Failed to expand '" + arg + "'");
153 failure->set_error_errno(0);
154 return;
155 } else {
156 auto* expand_args_reply = reply->mutable_expand_args_reply();
157 expand_args_reply->add_expanded_args(expanded_prop);
158 }
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700159 }
160}
161
162void SubcontextProcess::MainLoop() {
163 pollfd ufd[1];
164 ufd[0].events = POLLIN;
165 ufd[0].fd = init_fd_;
166
167 while (true) {
168 ufd[0].revents = 0;
169 int nr = TEMP_FAILURE_RETRY(poll(ufd, arraysize(ufd), -1));
170 if (nr == 0) continue;
171 if (nr < 0) {
172 PLOG(FATAL) << "poll() of subcontext socket failed, continuing";
173 }
174
175 auto init_message = ReadMessage(init_fd_);
176 if (!init_message) {
177 LOG(FATAL) << "Could not read message from init: " << init_message.error();
178 }
179
180 auto subcontext_command = SubcontextCommand();
181 if (!subcontext_command.ParseFromString(*init_message)) {
182 LOG(FATAL) << "Unable to parse message from init";
183 }
184
185 auto reply = SubcontextReply();
186 switch (subcontext_command.command_case()) {
187 case SubcontextCommand::kExecuteCommand: {
Tom Cherryc49719f2018-01-10 11:04:34 -0800188 RunCommand(subcontext_command.execute_command(), &reply);
189 break;
190 }
191 case SubcontextCommand::kExpandArgsCommand: {
192 ExpandArgs(subcontext_command.expand_args_command(), &reply);
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700193 break;
194 }
195 default:
196 LOG(FATAL) << "Unknown message type from init: "
197 << subcontext_command.command_case();
198 }
199
200 if (auto result = SendMessage(init_fd_, reply); !result) {
201 LOG(FATAL) << "Failed to send message to init: " << result.error();
202 }
203 }
204}
205
206} // namespace
207
208int SubcontextMain(int argc, char** argv, const KeywordFunctionMap* function_map) {
209 if (argc < 4) LOG(FATAL) << "Fewer than 4 args specified to subcontext (" << argc << ")";
210
211 auto context = std::string(argv[2]);
212 auto init_fd = std::atoi(argv[3]);
213
Tom Cherry0d1452e2017-10-19 14:39:35 -0700214 SelabelInitialize();
Tom Cherry32228482018-01-18 16:14:25 -0800215
216 property_set = SubcontextPropertySet;
217
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700218 auto subcontext_process = SubcontextProcess(function_map, context, init_fd);
219 subcontext_process.MainLoop();
220 return 0;
221}
222
223void Subcontext::Fork() {
224 unique_fd subcontext_socket;
225 if (!Socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, &socket_, &subcontext_socket)) {
226 LOG(FATAL) << "Could not create socket pair to communicate to subcontext";
227 return;
228 }
229
230 auto result = fork();
231
232 if (result == -1) {
233 LOG(FATAL) << "Could not fork subcontext";
234 } else if (result == 0) {
235 socket_.reset();
236
237 // We explicitly do not use O_CLOEXEC here, such that we can reference this FD by number
238 // in the subcontext process after we exec.
239 int child_fd = dup(subcontext_socket);
240 if (child_fd < 0) {
241 PLOG(FATAL) << "Could not dup child_fd";
242 }
243
244 if (setexeccon(context_.c_str()) < 0) {
245 PLOG(FATAL) << "Could not set execcon for '" << context_ << "'";
246 }
247
248 auto init_path = GetExecutablePath();
249 auto child_fd_string = std::to_string(child_fd);
250 const char* args[] = {init_path.c_str(), "subcontext", context_.c_str(),
251 child_fd_string.c_str(), nullptr};
252 execv(init_path.data(), const_cast<char**>(args));
253
254 PLOG(FATAL) << "Could not execv subcontext init";
255 } else {
256 subcontext_socket.reset();
257 pid_ = result;
258 LOG(INFO) << "Forked subcontext for '" << context_ << "' with pid " << pid_;
259 }
260}
261
262void Subcontext::Restart() {
263 LOG(ERROR) << "Restarting subcontext '" << context_ << "'";
264 if (pid_) {
265 kill(pid_, SIGKILL);
266 }
267 pid_ = 0;
268 socket_.reset();
269 Fork();
270}
271
Tom Cherryc49719f2018-01-10 11:04:34 -0800272Result<SubcontextReply> Subcontext::TransmitMessage(const SubcontextCommand& subcontext_command) {
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700273 if (auto result = SendMessage(socket_, subcontext_command); !result) {
274 Restart();
275 return ErrnoError() << "Failed to send message to subcontext";
276 }
277
278 auto subcontext_message = ReadMessage(socket_);
279 if (!subcontext_message) {
280 Restart();
281 return Error() << "Failed to receive result from subcontext: " << subcontext_message.error();
282 }
283
Tom Cherryc49719f2018-01-10 11:04:34 -0800284 auto subcontext_reply = SubcontextReply{};
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700285 if (!subcontext_reply.ParseFromString(*subcontext_message)) {
286 Restart();
287 return Error() << "Unable to parse message from subcontext";
288 }
Tom Cherryc49719f2018-01-10 11:04:34 -0800289 return subcontext_reply;
290}
291
292Result<Success> Subcontext::Execute(const std::vector<std::string>& args) {
293 auto subcontext_command = SubcontextCommand();
294 std::copy(
295 args.begin(), args.end(),
296 RepeatedPtrFieldBackInserter(subcontext_command.mutable_execute_command()->mutable_args()));
297
298 auto subcontext_reply = TransmitMessage(subcontext_command);
299 if (!subcontext_reply) {
300 return subcontext_reply.error();
301 }
302
Tom Cherry32228482018-01-18 16:14:25 -0800303 for (const auto& property : subcontext_reply->properties_to_set()) {
304 ucred cr = {.pid = pid_, .uid = 0, .gid = 0};
Tom Cherry69d47aa2018-03-01 11:00:57 -0800305 std::string error;
306 if (HandlePropertySet(property.name(), property.value(), context_, cr, &error) != 0) {
307 LOG(ERROR) << "Subcontext init could not set '" << property.name() << "' to '"
308 << property.value() << "': " << error;
309 }
Tom Cherry32228482018-01-18 16:14:25 -0800310 }
311
312 if (subcontext_reply->reply_case() == SubcontextReply::kFailure) {
313 auto& failure = subcontext_reply->failure();
314 return ResultError(failure.error_string(), failure.error_errno());
315 }
316
Tom Cherryc49719f2018-01-10 11:04:34 -0800317 if (subcontext_reply->reply_case() != SubcontextReply::kSuccess) {
318 return Error() << "Unexpected message type from subcontext: "
319 << subcontext_reply->reply_case();
320 }
321
322 return Success();
323}
324
325Result<std::vector<std::string>> Subcontext::ExpandArgs(const std::vector<std::string>& args) {
326 auto subcontext_command = SubcontextCommand{};
327 std::copy(args.begin(), args.end(),
328 RepeatedPtrFieldBackInserter(
329 subcontext_command.mutable_expand_args_command()->mutable_args()));
330
331 auto subcontext_reply = TransmitMessage(subcontext_command);
332 if (!subcontext_reply) {
333 return subcontext_reply.error();
334 }
335
Tom Cherry32228482018-01-18 16:14:25 -0800336 if (subcontext_reply->reply_case() == SubcontextReply::kFailure) {
337 auto& failure = subcontext_reply->failure();
338 return ResultError(failure.error_string(), failure.error_errno());
339 }
340
Tom Cherryc49719f2018-01-10 11:04:34 -0800341 if (subcontext_reply->reply_case() != SubcontextReply::kExpandArgsReply) {
342 return Error() << "Unexpected message type from subcontext: "
343 << subcontext_reply->reply_case();
344 }
345
346 auto& reply = subcontext_reply->expand_args_reply();
347 auto expanded_args = std::vector<std::string>{};
348 for (const auto& string : reply.expanded_args()) {
349 expanded_args.emplace_back(string);
350 }
351 return expanded_args;
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700352}
353
354static std::vector<Subcontext> subcontexts;
355
356std::vector<Subcontext>* InitializeSubcontexts() {
Logan Chien837b2a42018-05-03 14:33:52 +0800357 if (SelinuxHasVendorInit()) {
Tom Cherrya1dbeb82018-04-11 15:50:00 -0700358 for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
359 subcontexts.emplace_back(path_prefix, secontext);
360 }
Tom Cherrycb0f9bb2017-09-12 15:58:47 -0700361 }
362 return &subcontexts;
363}
364
365bool SubcontextChildReap(pid_t pid) {
366 for (auto& subcontext : subcontexts) {
367 if (subcontext.pid() == pid) {
368 subcontext.Restart();
369 return true;
370 }
371 }
372 return false;
373}
374
375} // namespace init
376} // namespace android