Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / 8d387ee1ecbcde6d7435a909476e50afc9bed464 / . / libc / bionic / grp_pwd.cpp
blob: d75b94dacfc50b776b0648c8594b861b999236d3 [file] [log] [blame]
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]1/*
2 * Copyright (C) 2008 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include <ctype.h>
30#include <errno.h>
31#include <grp.h>
32#include <mntent.h>
33#include <pthread.h>
34#include <pwd.h>
35#include <stdio.h>
36#include <stdlib.h>
37#include <string.h>
38#include <unistd.h>
39
40#include "private/android_filesystem_config.h"
41#include "private/bionic_macros.h"
42#include "private/ErrnoRestorer.h"
43#include "private/libc_logging.h"
44#include "private/ThreadLocalBuffer.h"
45
46// POSIX seems to envisage an implementation where the <pwd.h> functions are
47// implemented by brute-force searching with getpwent(3), and the <grp.h>
48// functions are implemented similarly with getgrent(3). This means that it's
49// okay for all the <grp.h> functions to share state, and all the <passwd.h>
50// functions to share state, but <grp.h> functions can't clobber <passwd.h>
51// functions' state and vice versa.
52
53struct group_state_t {
54 group group_;
55 char* group_members_[2];
56 char group_name_buffer_[32];
57};
58
59struct passwd_state_t {
60 passwd passwd_;
61 char name_buffer_[32];
62 char dir_buffer_[32];
63 char sh_buffer_[32];
64};
65
66static ThreadLocalBuffer<group_state_t> g_group_tls_buffer;
67static ThreadLocalBuffer<passwd_state_t> g_passwd_tls_buffer;
68
69static void init_group_state(group_state_t* state) {
70 memset(state, 0, sizeof(group_state_t));
71 state->group_.gr_mem = state->group_members_;
72}
73
74static group_state_t* __group_state() {
75 group_state_t* result = g_group_tls_buffer.get();
76 if (result != nullptr) {
77 init_group_state(result);
78 }
79 return result;
80}
81
82static int do_getpw_r(int by_name, const char* name, uid_t uid,
83 passwd* dst, char* buf, size_t byte_count,
84 passwd** result) {
85 // getpwnam_r and getpwuid_r don't modify errno, but library calls we
86 // make might.
87 ErrnoRestorer errno_restorer;
88 *result = NULL;
89
90 // Our implementation of getpwnam(3) and getpwuid(3) use thread-local
91 // storage, so we can call them as long as we copy everything out
92 // before returning.
93 const passwd* src = by_name ? getpwnam(name) : getpwuid(uid); // NOLINT: see above.
94
95 // POSIX allows failure to find a match to be considered a non-error.
96 // Reporting success (0) but with *result NULL is glibc's behavior.
97 if (src == NULL) {
98 return (errno == ENOENT) ? 0 : errno;
99 }
100
101 // Work out where our strings will go in 'buf', and whether we've got
102 // enough space.
103 size_t required_byte_count = 0;
104 dst->pw_name = buf;
105 required_byte_count += strlen(src->pw_name) + 1;
106 dst->pw_dir = buf + required_byte_count;
107 required_byte_count += strlen(src->pw_dir) + 1;
108 dst->pw_shell = buf + required_byte_count;
109 required_byte_count += strlen(src->pw_shell) + 1;
110 if (byte_count < required_byte_count) {
111 return ERANGE;
112 }
113
114 // Copy the strings.
115 snprintf(buf, byte_count, "%s%c%s%c%s", src->pw_name, 0, src->pw_dir, 0, src->pw_shell);
116
117 // pw_passwd and pw_gecos are non-POSIX and unused (always NULL) in bionic.
118 // Note: On LP32, we define pw_gecos to pw_passwd since they're both NULL.
119 dst->pw_passwd = NULL;
120#if defined(__LP64__)
121 dst->pw_gecos = NULL;
122#endif
123
124 // Copy the integral fields.
125 dst->pw_gid = src->pw_gid;
126 dst->pw_uid = src->pw_uid;
127
128 *result = dst;
129 return 0;
130}
131
132int getpwnam_r(const char* name, passwd* pwd,
133 char* buf, size_t byte_count, passwd** result) {
134 return do_getpw_r(1, name, -1, pwd, buf, byte_count, result);
135}
136
137int getpwuid_r(uid_t uid, passwd* pwd,
138 char* buf, size_t byte_count, passwd** result) {
139 return do_getpw_r(0, NULL, uid, pwd, buf, byte_count, result);
140}
141
142static passwd* android_iinfo_to_passwd(passwd_state_t* state,
143 const android_id_info* iinfo) {
144 snprintf(state->name_buffer_, sizeof(state->name_buffer_), "%s", iinfo->name);
145 snprintf(state->dir_buffer_, sizeof(state->dir_buffer_), "/");
146 snprintf(state->sh_buffer_, sizeof(state->sh_buffer_), "/system/bin/sh");
147
148 passwd* pw = &state->passwd_;
149 pw->pw_name = state->name_buffer_;
150 pw->pw_uid = iinfo->aid;
151 pw->pw_gid = iinfo->aid;
152 pw->pw_dir = state->dir_buffer_;
153 pw->pw_shell = state->sh_buffer_;
154 return pw;
155}
156
157static group* android_iinfo_to_group(group_state_t* state,
158 const android_id_info* iinfo) {
159 snprintf(state->group_name_buffer_, sizeof(state->group_name_buffer_), "%s", iinfo->name);
160
161 group* gr = &state->group_;
162 gr->gr_name = state->group_name_buffer_;
163 gr->gr_gid = iinfo->aid;
164 gr->gr_mem[0] = gr->gr_name;
165 return gr;
166}
167
168static passwd* android_id_to_passwd(passwd_state_t* state, unsigned id) {
169 for (size_t n = 0; n < android_id_count; ++n) {
170 if (android_ids[n].aid == id) {
171 return android_iinfo_to_passwd(state, android_ids + n);
172 }
173 }
174 return NULL;
175}
176
177static passwd* android_name_to_passwd(passwd_state_t* state, const char* name) {
178 for (size_t n = 0; n < android_id_count; ++n) {
179 if (!strcmp(android_ids[n].name, name)) {
180 return android_iinfo_to_passwd(state, android_ids + n);
181 }
182 }
183 return NULL;
184}
185
186static group* android_id_to_group(group_state_t* state, unsigned id) {
187 for (size_t n = 0; n < android_id_count; ++n) {
188 if (android_ids[n].aid == id) {
189 return android_iinfo_to_group(state, android_ids + n);
190 }
191 }
192 return NULL;
193}
194
195static group* android_name_to_group(group_state_t* state, const char* name) {
196 for (size_t n = 0; n < android_id_count; ++n) {
197 if (!strcmp(android_ids[n].name, name)) {
198 return android_iinfo_to_group(state, android_ids + n);
199 }
200 }
201 return NULL;
202}
203
204// Translate a user/group name to the corresponding user/group id.
205// all_a1234 -> 0 * AID_USER + AID_SHARED_GID_START + 1234 (group name only)
206// u0_a1234 -> 0 * AID_USER + AID_APP + 1234
207// u2_i1000 -> 2 * AID_USER + AID_ISOLATED_START + 1000
208// u1_system -> 1 * AID_USER + android_ids['system']
209// returns 0 and sets errno to ENOENT in case of error.
210static id_t app_id_from_name(const char* name, bool is_group) {
211 char* end;
212 unsigned long userid;
213 bool is_shared_gid = false;
214
215 if (is_group && name[0] == 'a' && name[1] == 'l' && name[2] == 'l') {
216 end = const_cast<char*>(name+3);
217 userid = 0;
218 is_shared_gid = true;
219 } else if (name[0] == 'u' && isdigit(name[1])) {
220 userid = strtoul(name+1, &end, 10);
221 } else {
222 errno = ENOENT;
223 return 0;
224 }
225
226 if (end[0] != '_' || end[1] == 0) {
227 errno = ENOENT;
228 return 0;
229 }
230
231 unsigned long appid = 0;
232 if (end[1] == 'a' && isdigit(end[2])) {
233 if (is_shared_gid) {
234 // end will point to \0 if the strtoul below succeeds.
235 appid = strtoul(end+2, &end, 10) + AID_SHARED_GID_START;
236 if (appid > AID_SHARED_GID_END) {
237 errno = ENOENT;
238 return 0;
239 }
240 } else {
241 // end will point to \0 if the strtoul below succeeds.
242 appid = strtoul(end+2, &end, 10) + AID_APP;
243 }
244 } else if (end[1] == 'i' && isdigit(end[2])) {
245 // end will point to \0 if the strtoul below succeeds.
246 appid = strtoul(end+2, &end, 10) + AID_ISOLATED_START;
247 } else {
248 for (size_t n = 0; n < android_id_count; n++) {
249 if (!strcmp(android_ids[n].name, end + 1)) {
250 appid = android_ids[n].aid;
251 // Move the end pointer to the null terminator.
252 end += strlen(android_ids[n].name) + 1;
253 break;
254 }
255 }
256 }
257
258 // Check that the entire string was consumed by one of the 3 cases above.
259 if (end[0] != 0) {
260 errno = ENOENT;
261 return 0;
262 }
263
264 // Check that user id won't overflow.
265 if (userid > 1000) {
266 errno = ENOENT;
267 return 0;
268 }
269
270 // Check that app id is within range.
271 if (appid >= AID_USER) {
272 errno = ENOENT;
273 return 0;
274 }
275
276 return (appid + userid*AID_USER);
277}
278
279static void print_app_name_from_uid(const uid_t uid, char* buffer, const int bufferlen) {
280 const uid_t appid = uid % AID_USER;
281 const uid_t userid = uid / AID_USER;
282 if (appid >= AID_ISOLATED_START) {
283 snprintf(buffer, bufferlen, "u%u_i%u", userid, appid - AID_ISOLATED_START);
284 } else if (appid < AID_APP) {
285 for (size_t n = 0; n < android_id_count; n++) {
286 if (android_ids[n].aid == appid) {
287 snprintf(buffer, bufferlen, "u%u_%s", userid, android_ids[n].name);
288 return;
289 }
290 }
291 } else {
292 snprintf(buffer, bufferlen, "u%u_a%u", userid, appid - AID_APP);
293 }
294}
295
296static void print_app_name_from_gid(const gid_t gid, char* buffer, const int bufferlen) {
297 const uid_t appid = gid % AID_USER;
298 const uid_t userid = gid / AID_USER;
299 if (appid >= AID_ISOLATED_START) {
300 snprintf(buffer, bufferlen, "u%u_i%u", userid, appid - AID_ISOLATED_START);
301 } else if (userid == 0 && appid >= AID_SHARED_GID_START && appid <= AID_SHARED_GID_END) {
302 snprintf(buffer, bufferlen, "all_a%u", appid - AID_SHARED_GID_START);
303 } else if (appid < AID_APP) {
304 for (size_t n = 0; n < android_id_count; n++) {
305 if (android_ids[n].aid == appid) {
306 snprintf(buffer, bufferlen, "u%u_%s", userid, android_ids[n].name);
307 return;
308 }
309 }
310 } else {
311 snprintf(buffer, bufferlen, "u%u_a%u", userid, appid - AID_APP);
312 }
313}
314
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]315// oem_XXXX -> uid
316// Supported ranges:
317// AID_OEM_RESERVED_START to AID_OEM_RESERVED_END (2900-2999)
318// AID_OEM_RESERVED_2_START to AID_OEM_RESERVED_2_END (5000-5999)
319// Check OEM id is within range.
320static bool is_oem_id(id_t id) {
321 return (((id >= AID_OEM_RESERVED_START) && (id <= AID_OEM_RESERVED_END)) ||
322 ((id >= AID_OEM_RESERVED_2_START) && (id <= AID_OEM_RESERVED_2_END)));
323}
324
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]325// Translate an OEM name to the corresponding user/group id.
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]326static id_t oem_id_from_name(const char* name) {
327 unsigned int id;
328 if (sscanf(name, "oem_%u", &id) != 1) {
329 return 0;
330 }
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]331 if (!is_oem_id(id)) {
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]332 return 0;
333 }
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]334 return static_cast<id_t>(id);
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]335}
336
337static passwd* oem_id_to_passwd(uid_t uid, passwd_state_t* state) {
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]338 if (!is_oem_id(uid)) {
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]339 return NULL;
340 }
341
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]342 snprintf(state->name_buffer_, sizeof(state->name_buffer_), "oem_%u", uid);
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]343 snprintf(state->dir_buffer_, sizeof(state->dir_buffer_), "/");
344 snprintf(state->sh_buffer_, sizeof(state->sh_buffer_), "/system/bin/sh");
345
346 passwd* pw = &state->passwd_;
347 pw->pw_name = state->name_buffer_;
348 pw->pw_dir = state->dir_buffer_;
349 pw->pw_shell = state->sh_buffer_;
350 pw->pw_uid = uid;
351 pw->pw_gid = uid;
352 return pw;
353}
354
355static group* oem_id_to_group(gid_t gid, group_state_t* state) {
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]356 if (!is_oem_id(gid)) {
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]357 return NULL;
358 }
359
360 snprintf(state->group_name_buffer_, sizeof(state->group_name_buffer_),
Mark Salyzyn8d387ee2016-04-05 09:24:59 -0700[diff] [blame^]361 "oem_%u", gid);
Mark Salyzynb38347a2016-04-05 09:09:46 -0700[diff] [blame]362
363 group* gr = &state->group_;
364 gr->gr_name = state->group_name_buffer_;
365 gr->gr_gid = gid;
366 gr->gr_mem[0] = gr->gr_name;
367 return gr;
368}
369
370// Translate a uid into the corresponding name.
371// 0 to AID_APP-1 -> "system", "radio", etc.
372// AID_APP to AID_ISOLATED_START-1 -> u0_a1234
373// AID_ISOLATED_START to AID_USER-1 -> u0_i1234
374// AID_USER+ -> u1_radio, u1_a1234, u2_i1234, etc.
375// returns a passwd structure (sets errno to ENOENT on failure).
376static passwd* app_id_to_passwd(uid_t uid, passwd_state_t* state) {
377 if (uid < AID_APP) {
378 errno = ENOENT;
379 return NULL;
380 }
381
382 print_app_name_from_uid(uid, state->name_buffer_, sizeof(state->name_buffer_));
383
384 const uid_t appid = uid % AID_USER;
385 if (appid < AID_APP) {
386 snprintf(state->dir_buffer_, sizeof(state->dir_buffer_), "/");
387 } else {
388 snprintf(state->dir_buffer_, sizeof(state->dir_buffer_), "/data");
389 }
390
391 snprintf(state->sh_buffer_, sizeof(state->sh_buffer_), "/system/bin/sh");
392
393 passwd* pw = &state->passwd_;
394 pw->pw_name = state->name_buffer_;
395 pw->pw_dir = state->dir_buffer_;
396 pw->pw_shell = state->sh_buffer_;
397 pw->pw_uid = uid;
398 pw->pw_gid = uid;
399 return pw;
400}
401
402// Translate a gid into the corresponding app_<gid>
403// group structure (sets errno to ENOENT on failure).
404static group* app_id_to_group(gid_t gid, group_state_t* state) {
405 if (gid < AID_APP) {
406 errno = ENOENT;
407 return NULL;
408 }
409
410 print_app_name_from_gid(gid, state->group_name_buffer_, sizeof(state->group_name_buffer_));
411
412 group* gr = &state->group_;
413 gr->gr_name = state->group_name_buffer_;
414 gr->gr_gid = gid;
415 gr->gr_mem[0] = gr->gr_name;
416 return gr;
417}
418
419passwd* getpwuid(uid_t uid) { // NOLINT: implementing bad function.
420 passwd_state_t* state = g_passwd_tls_buffer.get();
421 if (state == NULL) {
422 return NULL;
423 }
424
425 passwd* pw = android_id_to_passwd(state, uid);
426 if (pw != NULL) {
427 return pw;
428 }
429 // Handle OEM range.
430 pw = oem_id_to_passwd(uid, state);
431 if (pw != NULL) {
432 return pw;
433 }
434 return app_id_to_passwd(uid, state);
435}
436
437passwd* getpwnam(const char* login) { // NOLINT: implementing bad function.
438 passwd_state_t* state = g_passwd_tls_buffer.get();
439 if (state == NULL) {
440 return NULL;
441 }
442
443 passwd* pw = android_name_to_passwd(state, login);
444 if (pw != NULL) {
445 return pw;
446 }
447 // Handle OEM range.
448 pw = oem_id_to_passwd(oem_id_from_name(login), state);
449 if (pw != NULL) {
450 return pw;
451 }
452 return app_id_to_passwd(app_id_from_name(login, false), state);
453}
454
455// All users are in just one group, the one passed in.
456int getgrouplist(const char* /*user*/, gid_t group, gid_t* groups, int* ngroups) {
457 if (*ngroups < 1) {
458 *ngroups = 1;
459 return -1;
460 }
461 groups[0] = group;
462 return (*ngroups = 1);
463}
464
465char* getlogin() { // NOLINT: implementing bad function.
466 passwd *pw = getpwuid(getuid()); // NOLINT: implementing bad function in terms of bad function.
467 return (pw != NULL) ? pw->pw_name : NULL;
468}
469
470static group* getgrgid_internal(gid_t gid, group_state_t* state) {
471 group* grp = android_id_to_group(state, gid);
472 if (grp != NULL) {
473 return grp;
474 }
475 // Handle OEM range.
476 grp = oem_id_to_group(gid, state);
477 if (grp != NULL) {
478 return grp;
479 }
480 return app_id_to_group(gid, state);
481}
482
483group* getgrgid(gid_t gid) { // NOLINT: implementing bad function.
484 group_state_t* state = __group_state();
485 if (state == NULL) {
486 return NULL;
487 }
488 return getgrgid_internal(gid, state);
489}
490
491static group* getgrnam_internal(const char* name, group_state_t* state) {
492 group* grp = android_name_to_group(state, name);
493 if (grp != NULL) {
494 return grp;
495 }
496 // Handle OEM range.
497 grp = oem_id_to_group(oem_id_from_name(name), state);
498 if (grp != NULL) {
499 return grp;
500 }
501 return app_id_to_group(app_id_from_name(name, true), state);
502}
503
504group* getgrnam(const char* name) { // NOLINT: implementing bad function.
505 group_state_t* state = __group_state();
506 if (state == NULL) {
507 return NULL;
508 }
509 return getgrnam_internal(name, state);
510}
511
512static int getgroup_r(bool by_name, const char* name, gid_t gid, struct group* grp, char* buf,
513 size_t buflen, struct group** result) {
514 ErrnoRestorer errno_restorer;
515 *result = NULL;
516 char* p = reinterpret_cast<char*>(
517 BIONIC_ALIGN(reinterpret_cast<uintptr_t>(buf), sizeof(uintptr_t)));
518 if (p + sizeof(group_state_t) > buf + buflen) {
519 return ERANGE;
520 }
521 group_state_t* state = reinterpret_cast<group_state_t*>(p);
522 init_group_state(state);
523 group* retval = (by_name ? getgrnam_internal(name, state) : getgrgid_internal(gid, state));
524 if (retval != NULL) {
525 *grp = *retval;
526 *result = grp;
527 return 0;
528 }
529 return errno;
530}
531
532int getgrgid_r(gid_t gid, struct group* grp, char* buf, size_t buflen, struct group** result) {
533 return getgroup_r(false, NULL, gid, grp, buf, buflen, result);
534}
535
536int getgrnam_r(const char* name, struct group* grp, char* buf, size_t buflen,
537 struct group **result) {
538 return getgroup_r(true, name, 0, grp, buf, buflen, result);
539}