Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / core / bf6018452eedf3f3e8f1a4f6bfab76294887fb8b / . / init / snapuserd_transition.h
blob: 557d10587aaa44a70ac8ae233f6d97120b1077ef [file] [log] [blame]
David Anderson491e4da2020-12-08 00:21:20 -0800[diff] [blame]1/*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#pragma once
18
19#include <sys/types.h>
20
21#include <optional>
22#include <string>
23#include <vector>
24
25#include <libsnapshot/snapshot.h>
26
27#include "block_dev_initializer.h"
28
29namespace android {
30namespace init {
31
Akilesh Kailash3b874452021-10-03 09:41:13 +0000[diff] [blame]32enum class SnapshotDriver {
33 DM_SNAPSHOT,
34 DM_USER,
35};
36
David Anderson491e4da2020-12-08 00:21:20 -0800[diff] [blame]37// Fork and exec a new copy of snapuserd.
Akilesh Kailash3b874452021-10-03 09:41:13 +0000[diff] [blame]38void LaunchFirstStageSnapuserd(SnapshotDriver driver);
David Anderson491e4da2020-12-08 00:21:20 -0800[diff] [blame]39
40class SnapuserdSelinuxHelper final {
41 using SnapshotManager = android::snapshot::SnapshotManager;
42
43 public:
44 SnapuserdSelinuxHelper(std::unique_ptr<SnapshotManager>&& sm, pid_t old_pid);
45
46 void StartTransition();
47 void FinishTransition();
48
49 // Return a helper for facilitating the selinux transition of snapuserd.
50 // If snapuserd is not in use, null is returned. StartTransition() should
51 // be called after reading policy. FinishTransition() should be called
52 // after loading policy. In between, no reads of /system or other dynamic
53 // partitions are possible.
54 static std::unique_ptr<SnapuserdSelinuxHelper> CreateIfNeeded();
55
56 private:
57 void RelaunchFirstStageSnapuserd();
58 void ExecSnapuserd();
Akilesh Kailashfd5562b2022-01-25 07:05:31 +0000[diff] [blame]59 bool TestSnapuserdIsReady();
David Anderson491e4da2020-12-08 00:21:20 -0800[diff] [blame]60
61 std::unique_ptr<SnapshotManager> sm_;
62 BlockDevInitializer block_dev_init_;
63 pid_t old_pid_;
64 std::vector<std::string> argv_;
65};
66
67// Remove /dev/socket/snapuserd. This ensures that (1) the existing snapuserd
68// will receive no new requests, and (2) the next copy we transition to can
69// own the socket.
70void CleanupSnapuserdSocket();
71
72// Kill an instance of snapuserd given a pid.
73void KillFirstStageSnapuserd(pid_t pid);
74
75// Save an open fd to /system/bin (in the ramdisk) into an environment. This is
76// used to later execveat() snapuserd.
77void SaveRamdiskPathToSnapuserd();
78
79// Returns true if first-stage snapuserd is running.
80bool IsFirstStageSnapuserdRunning();
81
82// Return the pid of the first-stage instances of snapuserd, if it was started.
83std::optional<pid_t> GetSnapuserdFirstStagePid();
84
David Anderson0e5ad5a2021-07-21 21:53:28 -0700[diff] [blame]85// Return snapuserd info strings that were set during first-stage init.
86std::vector<std::string> GetSnapuserdFirstStageInfo();
87
David Anderson491e4da2020-12-08 00:21:20 -0800[diff] [blame]88// Save an open fd to /system/bin (in the ramdisk) into an environment. This is
89// used to later execveat() snapuserd.
90void SaveRamdiskPathToSnapuserd();
91
92// Returns true if first-stage snapuserd is running.
93bool IsFirstStageSnapuserdRunning();
94
95} // namespace init
96} // namespace android