Move non-Java commands over from frameworks/base
Change-Id: I0571813c1cfcf66abd36eb9f178fc49b618e88a6
Signed-off-by: Mike Lockwood <lockwood@google.com>
diff --git a/cmds/installd/Android.mk b/cmds/installd/Android.mk
new file mode 100644
index 0000000..1dd4ee5
--- /dev/null
+++ b/cmds/installd/Android.mk
@@ -0,0 +1,42 @@
+LOCAL_PATH := $(call my-dir)
+
+common_src_files := \
+ commands.c utils.c
+
+#
+# Static library used in testing and executable
+#
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := \
+ $(common_src_files)
+
+LOCAL_MODULE := libinstalld
+
+LOCAL_MODULE_TAGS := eng tests
+
+include $(BUILD_STATIC_LIBRARY)
+
+#
+# Executable
+#
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := \
+ installd.c \
+ $(common_src_files)
+
+LOCAL_SHARED_LIBRARIES := \
+ libcutils \
+ libselinux
+
+LOCAL_STATIC_LIBRARIES := \
+ libdiskusage
+
+LOCAL_MODULE := installd
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_EXECUTABLE)
diff --git a/cmds/installd/commands.c b/cmds/installd/commands.c
new file mode 100644
index 0000000..59bcda1
--- /dev/null
+++ b/cmds/installd/commands.c
@@ -0,0 +1,1136 @@
+/*
+** Copyright 2008, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#include <linux/capability.h>
+#include "installd.h"
+#include <diskusage/dirsize.h>
+#include <selinux/android.h>
+
+/* Directory records that are used in execution of commands. */
+dir_rec_t android_data_dir;
+dir_rec_t android_asec_dir;
+dir_rec_t android_app_dir;
+dir_rec_t android_app_private_dir;
+dir_rec_t android_app_lib_dir;
+dir_rec_t android_media_dir;
+dir_rec_array_t android_system_dirs;
+
+int install(const char *pkgname, uid_t uid, gid_t gid)
+{
+ char pkgdir[PKG_PATH_MAX];
+ char libsymlink[PKG_PATH_MAX];
+ char applibdir[PKG_PATH_MAX];
+ struct stat libStat;
+
+ if ((uid < AID_SYSTEM) || (gid < AID_SYSTEM)) {
+ ALOGE("invalid uid/gid: %d %d\n", uid, gid);
+ return -1;
+ }
+
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, 0)) {
+ ALOGE("cannot create package path\n");
+ return -1;
+ }
+
+ if (create_pkg_path(libsymlink, pkgname, PKG_LIB_POSTFIX, 0)) {
+ ALOGE("cannot create package lib symlink origin path\n");
+ return -1;
+ }
+
+ if (create_pkg_path_in_dir(applibdir, &android_app_lib_dir, pkgname, PKG_DIR_POSTFIX)) {
+ ALOGE("cannot create package lib symlink dest path\n");
+ return -1;
+ }
+
+ if (mkdir(pkgdir, 0751) < 0) {
+ ALOGE("cannot create dir '%s': %s\n", pkgdir, strerror(errno));
+ return -1;
+ }
+ if (chmod(pkgdir, 0751) < 0) {
+ ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(pkgdir);
+ return -1;
+ }
+
+ if (lstat(libsymlink, &libStat) < 0) {
+ if (errno != ENOENT) {
+ ALOGE("couldn't stat lib dir: %s\n", strerror(errno));
+ return -1;
+ }
+ } else {
+ if (S_ISDIR(libStat.st_mode)) {
+ if (delete_dir_contents(libsymlink, 1, 0) < 0) {
+ ALOGE("couldn't delete lib directory during install for: %s", libsymlink);
+ return -1;
+ }
+ } else if (S_ISLNK(libStat.st_mode)) {
+ if (unlink(libsymlink) < 0) {
+ ALOGE("couldn't unlink lib directory during install for: %s", libsymlink);
+ return -1;
+ }
+ }
+ }
+
+ if (symlink(applibdir, libsymlink) < 0) {
+ ALOGE("couldn't symlink directory '%s' -> '%s': %s\n", libsymlink, applibdir,
+ strerror(errno));
+ unlink(pkgdir);
+ return -1;
+ }
+
+ if (selinux_android_setfilecon(libsymlink, pkgname, AID_SYSTEM) < 0) {
+ ALOGE("cannot setfilecon dir '%s': %s\n", libsymlink, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -1;
+ }
+
+ if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) {
+ ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ if (chown(pkgdir, uid, gid) < 0) {
+ ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -1;
+ }
+
+ return 0;
+}
+
+int uninstall(const char *pkgname, uid_t persona)
+{
+ char pkgdir[PKG_PATH_MAX];
+
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, persona))
+ return -1;
+
+ /* delete contents AND directory, no exceptions */
+ return delete_dir_contents(pkgdir, 1, NULL);
+}
+
+int renamepkg(const char *oldpkgname, const char *newpkgname)
+{
+ char oldpkgdir[PKG_PATH_MAX];
+ char newpkgdir[PKG_PATH_MAX];
+
+ if (create_pkg_path(oldpkgdir, oldpkgname, PKG_DIR_POSTFIX, 0))
+ return -1;
+ if (create_pkg_path(newpkgdir, newpkgname, PKG_DIR_POSTFIX, 0))
+ return -1;
+
+ if (rename(oldpkgdir, newpkgdir) < 0) {
+ ALOGE("cannot rename dir '%s' to '%s': %s\n", oldpkgdir, newpkgdir, strerror(errno));
+ return -errno;
+ }
+ return 0;
+}
+
+int fix_uid(const char *pkgname, uid_t uid, gid_t gid)
+{
+ char pkgdir[PKG_PATH_MAX];
+ struct stat s;
+ int rc = 0;
+
+ if ((uid < AID_SYSTEM) || (gid < AID_SYSTEM)) {
+ ALOGE("invalid uid/gid: %d %d\n", uid, gid);
+ return -1;
+ }
+
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, 0)) {
+ ALOGE("cannot create package path\n");
+ return -1;
+ }
+
+ if (stat(pkgdir, &s) < 0) return -1;
+
+ if (s.st_uid != 0 || s.st_gid != 0) {
+ ALOGE("fixing uid of non-root pkg: %s %lu %lu\n", pkgdir, s.st_uid, s.st_gid);
+ return -1;
+ }
+
+ if (chmod(pkgdir, 0751) < 0) {
+ ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(pkgdir);
+ return -errno;
+ }
+ if (chown(pkgdir, uid, gid) < 0) {
+ ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ return 0;
+}
+
+int delete_user_data(const char *pkgname, uid_t persona)
+{
+ char pkgdir[PKG_PATH_MAX];
+
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, persona))
+ return -1;
+
+ /* delete contents, excluding "lib", but not the directory itself */
+ return delete_dir_contents(pkgdir, 0, "lib");
+}
+
+int make_user_data(const char *pkgname, uid_t uid, uid_t persona)
+{
+ char pkgdir[PKG_PATH_MAX];
+ char applibdir[PKG_PATH_MAX];
+ char libsymlink[PKG_PATH_MAX];
+ struct stat libStat;
+
+ // Create the data dir for the package
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, persona)) {
+ return -1;
+ }
+ if (create_pkg_path(libsymlink, pkgname, PKG_LIB_POSTFIX, persona)) {
+ ALOGE("cannot create package lib symlink origin path\n");
+ return -1;
+ }
+ if (create_pkg_path_in_dir(applibdir, &android_app_lib_dir, pkgname, PKG_DIR_POSTFIX)) {
+ ALOGE("cannot create package lib symlink dest path\n");
+ return -1;
+ }
+
+ if (mkdir(pkgdir, 0751) < 0) {
+ ALOGE("cannot create dir '%s': %s\n", pkgdir, strerror(errno));
+ return -errno;
+ }
+ if (chmod(pkgdir, 0751) < 0) {
+ ALOGE("cannot chmod dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ if (lstat(libsymlink, &libStat) < 0) {
+ if (errno != ENOENT) {
+ ALOGE("couldn't stat lib dir for non-primary: %s\n", strerror(errno));
+ unlink(pkgdir);
+ return -1;
+ }
+ } else {
+ if (S_ISDIR(libStat.st_mode)) {
+ if (delete_dir_contents(libsymlink, 1, 0) < 0) {
+ ALOGE("couldn't delete lib directory during install for non-primary: %s",
+ libsymlink);
+ unlink(pkgdir);
+ return -1;
+ }
+ } else if (S_ISLNK(libStat.st_mode)) {
+ if (unlink(libsymlink) < 0) {
+ ALOGE("couldn't unlink lib directory during install for non-primary: %s",
+ libsymlink);
+ unlink(pkgdir);
+ return -1;
+ }
+ }
+ }
+
+ if (symlink(applibdir, libsymlink) < 0) {
+ ALOGE("couldn't symlink directory for non-primary '%s' -> '%s': %s\n", libsymlink,
+ applibdir, strerror(errno));
+ unlink(pkgdir);
+ return -1;
+ }
+
+ if (selinux_android_setfilecon(libsymlink, pkgname, AID_SYSTEM) < 0) {
+ ALOGE("cannot setfilecon dir '%s': %s\n", libsymlink, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ if (selinux_android_setfilecon(pkgdir, pkgname, uid) < 0) {
+ ALOGE("cannot setfilecon dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ if (chown(pkgdir, uid, uid) < 0) {
+ ALOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno));
+ unlink(libsymlink);
+ unlink(pkgdir);
+ return -errno;
+ }
+
+ return 0;
+}
+
+int delete_persona(uid_t persona)
+{
+ char data_path[PKG_PATH_MAX];
+ if (create_persona_path(data_path, persona)) {
+ return -1;
+ }
+ if (delete_dir_contents(data_path, 1, NULL)) {
+ return -1;
+ }
+
+ char media_path[PATH_MAX];
+ if (create_persona_media_path(media_path, (userid_t) persona) == -1) {
+ return -1;
+ }
+ if (delete_dir_contents(media_path, 1, NULL) == -1) {
+ return -1;
+ }
+
+ return 0;
+}
+
+int clone_persona_data(uid_t src_persona, uid_t target_persona, int copy)
+{
+ char src_data_dir[PKG_PATH_MAX];
+ char pkg_path[PKG_PATH_MAX];
+ DIR *d;
+ struct dirent *de;
+ struct stat s;
+ uid_t uid;
+
+ if (create_persona_path(src_data_dir, src_persona)) {
+ return -1;
+ }
+
+ d = opendir(src_data_dir);
+ if (d != NULL) {
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+
+ if (de->d_type == DT_DIR) {
+ int subfd;
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+ /* Create the full path to the package's data dir */
+ create_pkg_path(pkg_path, name, PKG_DIR_POSTFIX, src_persona);
+ /* Get the file stat */
+ if (stat(pkg_path, &s) < 0) continue;
+ /* Get the uid of the package */
+ ALOGI("Adding datadir for uid = %lu\n", s.st_uid);
+ uid = (uid_t) s.st_uid % PER_USER_RANGE;
+ /* Create the directory for the target */
+ make_user_data(name, uid + target_persona * PER_USER_RANGE,
+ target_persona);
+ }
+ }
+ closedir(d);
+ }
+
+ if (ensure_media_user_dirs((userid_t) target_persona) == -1) {
+ return -1;
+ }
+
+ return 0;
+}
+
+int delete_cache(const char *pkgname, uid_t persona)
+{
+ char cachedir[PKG_PATH_MAX];
+
+ if (create_pkg_path(cachedir, pkgname, CACHE_DIR_POSTFIX, persona))
+ return -1;
+
+ /* delete contents, not the directory, no exceptions */
+ return delete_dir_contents(cachedir, 0, 0);
+}
+
+/* Try to ensure free_size bytes of storage are available.
+ * Returns 0 on success.
+ * This is rather simple-minded because doing a full LRU would
+ * be potentially memory-intensive, and without atime it would
+ * also require that apps constantly modify file metadata even
+ * when just reading from the cache, which is pretty awful.
+ */
+int free_cache(int64_t free_size)
+{
+ cache_t* cache;
+ int64_t avail;
+ DIR *d;
+ struct dirent *de;
+ char tmpdir[PATH_MAX];
+ char *dirpos;
+
+ avail = data_disk_free();
+ if (avail < 0) return -1;
+
+ ALOGI("free_cache(%" PRId64 ") avail %" PRId64 "\n", free_size, avail);
+ if (avail >= free_size) return 0;
+
+ cache = start_cache_collection();
+
+ // Collect cache files for primary user.
+ if (create_persona_path(tmpdir, 0) == 0) {
+ //ALOGI("adding cache files from %s\n", tmpdir);
+ add_cache_files(cache, tmpdir, "cache");
+ }
+
+ // Search for other users and add any cache files from them.
+ snprintf(tmpdir, sizeof(tmpdir), "%s%s", android_data_dir.path,
+ SECONDARY_USER_PREFIX);
+ dirpos = tmpdir + strlen(tmpdir);
+ d = opendir(tmpdir);
+ if (d != NULL) {
+ while ((de = readdir(d))) {
+ if (de->d_type == DT_DIR) {
+ const char *name = de->d_name;
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+ if ((strlen(name)+(dirpos-tmpdir)) < (sizeof(tmpdir)-1)) {
+ strcpy(dirpos, name);
+ //ALOGI("adding cache files from %s\n", tmpdir);
+ add_cache_files(cache, tmpdir, "cache");
+ } else {
+ ALOGW("Path exceeds limit: %s%s", tmpdir, name);
+ }
+ }
+ }
+ closedir(d);
+ }
+
+ // Collect cache files on external storage for all users (if it is mounted as part
+ // of the internal storage).
+ strcpy(tmpdir, android_media_dir.path);
+ dirpos = tmpdir + strlen(tmpdir);
+ d = opendir(tmpdir);
+ if (d != NULL) {
+ while ((de = readdir(d))) {
+ if (de->d_type == DT_DIR) {
+ const char *name = de->d_name;
+ /* skip any dir that doesn't start with a number, so not a user */
+ if (name[0] < '0' || name[0] > '9') {
+ continue;
+ }
+ if ((strlen(name)+(dirpos-tmpdir)) < (sizeof(tmpdir)-1)) {
+ strcpy(dirpos, name);
+ if (lookup_media_dir(tmpdir, "Android") == 0
+ && lookup_media_dir(tmpdir, "data") == 0) {
+ //ALOGI("adding cache files from %s\n", tmpdir);
+ add_cache_files(cache, tmpdir, "cache");
+ }
+ } else {
+ ALOGW("Path exceeds limit: %s%s", tmpdir, name);
+ }
+ }
+ }
+ closedir(d);
+ }
+
+ clear_cache_files(cache, free_size);
+ finish_cache_collection(cache);
+
+ return data_disk_free() >= free_size ? 0 : -1;
+}
+
+int move_dex(const char *src, const char *dst)
+{
+ char src_dex[PKG_PATH_MAX];
+ char dst_dex[PKG_PATH_MAX];
+
+ if (validate_apk_path(src)) return -1;
+ if (validate_apk_path(dst)) return -1;
+
+ if (create_cache_path(src_dex, src)) return -1;
+ if (create_cache_path(dst_dex, dst)) return -1;
+
+ ALOGV("move %s -> %s\n", src_dex, dst_dex);
+ if (rename(src_dex, dst_dex) < 0) {
+ ALOGE("Couldn't move %s: %s\n", src_dex, strerror(errno));
+ return -1;
+ } else {
+ return 0;
+ }
+}
+
+int rm_dex(const char *path)
+{
+ char dex_path[PKG_PATH_MAX];
+
+ if (validate_apk_path(path)) return -1;
+ if (create_cache_path(dex_path, path)) return -1;
+
+ ALOGV("unlink %s\n", dex_path);
+ if (unlink(dex_path) < 0) {
+ ALOGE("Couldn't unlink %s: %s\n", dex_path, strerror(errno));
+ return -1;
+ } else {
+ return 0;
+ }
+}
+
+int get_size(const char *pkgname, int persona, const char *apkpath,
+ const char *fwdlock_apkpath, const char *asecpath,
+ int64_t *_codesize, int64_t *_datasize, int64_t *_cachesize,
+ int64_t* _asecsize)
+{
+ DIR *d;
+ int dfd;
+ struct dirent *de;
+ struct stat s;
+ char path[PKG_PATH_MAX];
+
+ int64_t codesize = 0;
+ int64_t datasize = 0;
+ int64_t cachesize = 0;
+ int64_t asecsize = 0;
+
+ /* count the source apk as code -- but only if it's not
+ * on the /system partition and its not on the sdcard.
+ */
+ if (validate_system_app_path(apkpath) &&
+ strncmp(apkpath, android_asec_dir.path, android_asec_dir.len) != 0) {
+ if (stat(apkpath, &s) == 0) {
+ codesize += stat_size(&s);
+ }
+ }
+ /* count the forward locked apk as code if it is given
+ */
+ if (fwdlock_apkpath != NULL && fwdlock_apkpath[0] != '!') {
+ if (stat(fwdlock_apkpath, &s) == 0) {
+ codesize += stat_size(&s);
+ }
+ }
+ /* count the cached dexfile as code */
+ if (!create_cache_path(path, apkpath)) {
+ if (stat(path, &s) == 0) {
+ codesize += stat_size(&s);
+ }
+ }
+
+ /* add in size of any libraries */
+ if (!create_pkg_path_in_dir(path, &android_app_lib_dir, pkgname, PKG_DIR_POSTFIX)) {
+ d = opendir(path);
+ if (d != NULL) {
+ dfd = dirfd(d);
+ codesize += calculate_dir_size(dfd);
+ closedir(d);
+ }
+ }
+
+ /* compute asec size if it is given
+ */
+ if (asecpath != NULL && asecpath[0] != '!') {
+ if (stat(asecpath, &s) == 0) {
+ asecsize += stat_size(&s);
+ }
+ }
+
+ if (create_pkg_path(path, pkgname, PKG_DIR_POSTFIX, persona)) {
+ goto done;
+ }
+
+ d = opendir(path);
+ if (d == NULL) {
+ goto done;
+ }
+ dfd = dirfd(d);
+
+ /* most stuff in the pkgdir is data, except for the "cache"
+ * directory and below, which is cache, and the "lib" directory
+ * and below, which is code...
+ */
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+
+ if (de->d_type == DT_DIR) {
+ int subfd;
+ int64_t statsize = 0;
+ int64_t dirsize = 0;
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+ if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
+ statsize = stat_size(&s);
+ }
+ subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
+ if (subfd >= 0) {
+ dirsize = calculate_dir_size(subfd);
+ }
+ if(!strcmp(name,"lib")) {
+ codesize += dirsize + statsize;
+ } else if(!strcmp(name,"cache")) {
+ cachesize += dirsize + statsize;
+ } else {
+ datasize += dirsize + statsize;
+ }
+ } else if (de->d_type == DT_LNK && !strcmp(name,"lib")) {
+ // This is the symbolic link to the application's library
+ // code. We'll count this as code instead of data, since
+ // it is not something that the app creates.
+ if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
+ codesize += stat_size(&s);
+ }
+ } else {
+ if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
+ datasize += stat_size(&s);
+ }
+ }
+ }
+ closedir(d);
+done:
+ *_codesize = codesize;
+ *_datasize = datasize;
+ *_cachesize = cachesize;
+ *_asecsize = asecsize;
+ return 0;
+}
+
+
+/* a simpler version of dexOptGenerateCacheFileName() */
+int create_cache_path(char path[PKG_PATH_MAX], const char *src)
+{
+ char *tmp;
+ int srclen;
+ int dstlen;
+
+ srclen = strlen(src);
+
+ /* demand that we are an absolute path */
+ if ((src == 0) || (src[0] != '/') || strstr(src,"..")) {
+ return -1;
+ }
+
+ if (srclen > PKG_PATH_MAX) { // XXX: PKG_NAME_MAX?
+ return -1;
+ }
+
+ dstlen = srclen + strlen(DALVIK_CACHE_PREFIX) +
+ strlen(DALVIK_CACHE_POSTFIX) + 1;
+
+ if (dstlen > PKG_PATH_MAX) {
+ return -1;
+ }
+
+ sprintf(path,"%s%s%s",
+ DALVIK_CACHE_PREFIX,
+ src + 1, /* skip the leading / */
+ DALVIK_CACHE_POSTFIX);
+
+ for(tmp = path + strlen(DALVIK_CACHE_PREFIX); *tmp; tmp++) {
+ if (*tmp == '/') {
+ *tmp = '@';
+ }
+ }
+
+ return 0;
+}
+
+static void run_dexopt(int zip_fd, int odex_fd, const char* input_file_name,
+ const char* dexopt_flags)
+{
+ static const char* DEX_OPT_BIN = "/system/bin/dexopt";
+ static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig
+ char zip_num[MAX_INT_LEN];
+ char odex_num[MAX_INT_LEN];
+
+ sprintf(zip_num, "%d", zip_fd);
+ sprintf(odex_num, "%d", odex_fd);
+
+ execl(DEX_OPT_BIN, DEX_OPT_BIN, "--zip", zip_num, odex_num, input_file_name,
+ dexopt_flags, (char*) NULL);
+ ALOGE("execl(%s) failed: %s\n", DEX_OPT_BIN, strerror(errno));
+}
+
+static int wait_dexopt(pid_t pid, const char* apk_path)
+{
+ int status;
+ pid_t got_pid;
+
+ /*
+ * Wait for the optimization process to finish.
+ */
+ while (1) {
+ got_pid = waitpid(pid, &status, 0);
+ if (got_pid == -1 && errno == EINTR) {
+ printf("waitpid interrupted, retrying\n");
+ } else {
+ break;
+ }
+ }
+ if (got_pid != pid) {
+ ALOGW("waitpid failed: wanted %d, got %d: %s\n",
+ (int) pid, (int) got_pid, strerror(errno));
+ return 1;
+ }
+
+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
+ ALOGV("DexInv: --- END '%s' (success) ---\n", apk_path);
+ return 0;
+ } else {
+ ALOGW("DexInv: --- END '%s' --- status=0x%04x, process failed\n",
+ apk_path, status);
+ return status; /* always nonzero */
+ }
+}
+
+int dexopt(const char *apk_path, uid_t uid, int is_public)
+{
+ struct utimbuf ut;
+ struct stat apk_stat, dex_stat;
+ char dex_path[PKG_PATH_MAX];
+ char dexopt_flags[PROPERTY_VALUE_MAX];
+ char *end;
+ int res, zip_fd=-1, odex_fd=-1;
+
+ /* Before anything else: is there a .odex file? If so, we have
+ * pre-optimized the apk and there is nothing to do here.
+ */
+ if (strlen(apk_path) >= (PKG_PATH_MAX - 8)) {
+ return -1;
+ }
+
+ /* platform-specific flags affecting optimization and verification */
+ property_get("dalvik.vm.dexopt-flags", dexopt_flags, "");
+
+ strcpy(dex_path, apk_path);
+ end = strrchr(dex_path, '.');
+ if (end != NULL) {
+ strcpy(end, ".odex");
+ if (stat(dex_path, &dex_stat) == 0) {
+ return 0;
+ }
+ }
+
+ if (create_cache_path(dex_path, apk_path)) {
+ return -1;
+ }
+
+ memset(&apk_stat, 0, sizeof(apk_stat));
+ stat(apk_path, &apk_stat);
+
+ zip_fd = open(apk_path, O_RDONLY, 0);
+ if (zip_fd < 0) {
+ ALOGE("dexopt cannot open '%s' for input\n", apk_path);
+ return -1;
+ }
+
+ unlink(dex_path);
+ odex_fd = open(dex_path, O_RDWR | O_CREAT | O_EXCL, 0644);
+ if (odex_fd < 0) {
+ ALOGE("dexopt cannot open '%s' for output\n", dex_path);
+ goto fail;
+ }
+ if (fchmod(odex_fd,
+ S_IRUSR|S_IWUSR|S_IRGRP |
+ (is_public ? S_IROTH : 0)) < 0) {
+ ALOGE("dexopt cannot chmod '%s'\n", dex_path);
+ goto fail;
+ }
+ if (fchown(odex_fd, AID_SYSTEM, uid) < 0) {
+ ALOGE("dexopt cannot chown '%s'\n", dex_path);
+ goto fail;
+ }
+
+ ALOGV("DexInv: --- BEGIN '%s' ---\n", apk_path);
+
+ pid_t pid;
+ pid = fork();
+ if (pid == 0) {
+ /* child -- drop privileges before continuing */
+ if (setgid(uid) != 0) {
+ ALOGE("setgid(%d) failed during dexopt\n", uid);
+ exit(64);
+ }
+ if (setuid(uid) != 0) {
+ ALOGE("setuid(%d) during dexopt\n", uid);
+ exit(65);
+ }
+ // drop capabilities
+ struct __user_cap_header_struct capheader;
+ struct __user_cap_data_struct capdata[2];
+ memset(&capheader, 0, sizeof(capheader));
+ memset(&capdata, 0, sizeof(capdata));
+ capheader.version = _LINUX_CAPABILITY_VERSION_3;
+ if (capset(&capheader, &capdata[0]) < 0) {
+ ALOGE("capset failed: %s\n", strerror(errno));
+ exit(66);
+ }
+ if (flock(odex_fd, LOCK_EX | LOCK_NB) != 0) {
+ ALOGE("flock(%s) failed: %s\n", dex_path, strerror(errno));
+ exit(67);
+ }
+
+ run_dexopt(zip_fd, odex_fd, apk_path, dexopt_flags);
+ exit(68); /* only get here on exec failure */
+ } else {
+ res = wait_dexopt(pid, apk_path);
+ if (res != 0) {
+ ALOGE("dexopt failed on '%s' res = %d\n", dex_path, res);
+ goto fail;
+ }
+ }
+
+ ut.actime = apk_stat.st_atime;
+ ut.modtime = apk_stat.st_mtime;
+ utime(dex_path, &ut);
+
+ close(odex_fd);
+ close(zip_fd);
+ return 0;
+
+fail:
+ if (odex_fd >= 0) {
+ close(odex_fd);
+ unlink(dex_path);
+ }
+ if (zip_fd >= 0) {
+ close(zip_fd);
+ }
+ return -1;
+}
+
+void mkinnerdirs(char* path, int basepos, mode_t mode, int uid, int gid,
+ struct stat* statbuf)
+{
+ while (path[basepos] != 0) {
+ if (path[basepos] == '/') {
+ path[basepos] = 0;
+ if (lstat(path, statbuf) < 0) {
+ ALOGV("Making directory: %s\n", path);
+ if (mkdir(path, mode) == 0) {
+ chown(path, uid, gid);
+ } else {
+ ALOGW("Unable to make directory %s: %s\n", path, strerror(errno));
+ }
+ }
+ path[basepos] = '/';
+ basepos++;
+ }
+ basepos++;
+ }
+}
+
+int movefileordir(char* srcpath, char* dstpath, int dstbasepos,
+ int dstuid, int dstgid, struct stat* statbuf)
+{
+ DIR *d;
+ struct dirent *de;
+ int res;
+
+ int srcend = strlen(srcpath);
+ int dstend = strlen(dstpath);
+
+ if (lstat(srcpath, statbuf) < 0) {
+ ALOGW("Unable to stat %s: %s\n", srcpath, strerror(errno));
+ return 1;
+ }
+
+ if ((statbuf->st_mode&S_IFDIR) == 0) {
+ mkinnerdirs(dstpath, dstbasepos, S_IRWXU|S_IRWXG|S_IXOTH,
+ dstuid, dstgid, statbuf);
+ ALOGV("Renaming %s to %s (uid %d)\n", srcpath, dstpath, dstuid);
+ if (rename(srcpath, dstpath) >= 0) {
+ if (chown(dstpath, dstuid, dstgid) < 0) {
+ ALOGE("cannot chown %s: %s\n", dstpath, strerror(errno));
+ unlink(dstpath);
+ return 1;
+ }
+ } else {
+ ALOGW("Unable to rename %s to %s: %s\n",
+ srcpath, dstpath, strerror(errno));
+ return 1;
+ }
+ return 0;
+ }
+
+ d = opendir(srcpath);
+ if (d == NULL) {
+ ALOGW("Unable to opendir %s: %s\n", srcpath, strerror(errno));
+ return 1;
+ }
+
+ res = 0;
+
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+
+ if ((srcend+strlen(name)) >= (PKG_PATH_MAX-2)) {
+ ALOGW("Source path too long; skipping: %s/%s\n", srcpath, name);
+ continue;
+ }
+
+ if ((dstend+strlen(name)) >= (PKG_PATH_MAX-2)) {
+ ALOGW("Destination path too long; skipping: %s/%s\n", dstpath, name);
+ continue;
+ }
+
+ srcpath[srcend] = dstpath[dstend] = '/';
+ strcpy(srcpath+srcend+1, name);
+ strcpy(dstpath+dstend+1, name);
+
+ if (movefileordir(srcpath, dstpath, dstbasepos, dstuid, dstgid, statbuf) != 0) {
+ res = 1;
+ }
+
+ // Note: we will be leaving empty directories behind in srcpath,
+ // but that is okay, the package manager will be erasing all of the
+ // data associated with .apks that disappear.
+
+ srcpath[srcend] = dstpath[dstend] = 0;
+ }
+
+ closedir(d);
+ return res;
+}
+
+int movefiles()
+{
+ DIR *d;
+ int dfd, subfd;
+ struct dirent *de;
+ struct stat s;
+ char buf[PKG_PATH_MAX+1];
+ int bufp, bufe, bufi, readlen;
+
+ char srcpkg[PKG_NAME_MAX];
+ char dstpkg[PKG_NAME_MAX];
+ char srcpath[PKG_PATH_MAX];
+ char dstpath[PKG_PATH_MAX];
+ int dstuid=-1, dstgid=-1;
+ int hasspace;
+
+ d = opendir(UPDATE_COMMANDS_DIR_PREFIX);
+ if (d == NULL) {
+ goto done;
+ }
+ dfd = dirfd(d);
+
+ /* Iterate through all files in the directory, executing the
+ * file movements requested there-in.
+ */
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+
+ if (de->d_type == DT_DIR) {
+ continue;
+ } else {
+ subfd = openat(dfd, name, O_RDONLY);
+ if (subfd < 0) {
+ ALOGW("Unable to open update commands at %s%s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name);
+ continue;
+ }
+
+ bufp = 0;
+ bufe = 0;
+ buf[PKG_PATH_MAX] = 0;
+ srcpkg[0] = dstpkg[0] = 0;
+ while (1) {
+ bufi = bufp;
+ while (bufi < bufe && buf[bufi] != '\n') {
+ bufi++;
+ }
+ if (bufi < bufe) {
+ buf[bufi] = 0;
+ ALOGV("Processing line: %s\n", buf+bufp);
+ hasspace = 0;
+ while (bufp < bufi && isspace(buf[bufp])) {
+ hasspace = 1;
+ bufp++;
+ }
+ if (buf[bufp] == '#' || bufp == bufi) {
+ // skip comments and empty lines.
+ } else if (hasspace) {
+ if (dstpkg[0] == 0) {
+ ALOGW("Path before package line in %s%s: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, buf+bufp);
+ } else if (srcpkg[0] == 0) {
+ // Skip -- source package no longer exists.
+ } else {
+ ALOGV("Move file: %s (from %s to %s)\n", buf+bufp, srcpkg, dstpkg);
+ if (!create_move_path(srcpath, srcpkg, buf+bufp, 0) &&
+ !create_move_path(dstpath, dstpkg, buf+bufp, 0)) {
+ movefileordir(srcpath, dstpath,
+ strlen(dstpath)-strlen(buf+bufp),
+ dstuid, dstgid, &s);
+ }
+ }
+ } else {
+ char* div = strchr(buf+bufp, ':');
+ if (div == NULL) {
+ ALOGW("Bad package spec in %s%s; no ':' sep: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, buf+bufp);
+ } else {
+ *div = 0;
+ div++;
+ if (strlen(buf+bufp) < PKG_NAME_MAX) {
+ strcpy(dstpkg, buf+bufp);
+ } else {
+ srcpkg[0] = dstpkg[0] = 0;
+ ALOGW("Package name too long in %s%s: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, buf+bufp);
+ }
+ if (strlen(div) < PKG_NAME_MAX) {
+ strcpy(srcpkg, div);
+ } else {
+ srcpkg[0] = dstpkg[0] = 0;
+ ALOGW("Package name too long in %s%s: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, div);
+ }
+ if (srcpkg[0] != 0) {
+ if (!create_pkg_path(srcpath, srcpkg, PKG_DIR_POSTFIX, 0)) {
+ if (lstat(srcpath, &s) < 0) {
+ // Package no longer exists -- skip.
+ srcpkg[0] = 0;
+ }
+ } else {
+ srcpkg[0] = 0;
+ ALOGW("Can't create path %s in %s%s\n",
+ div, UPDATE_COMMANDS_DIR_PREFIX, name);
+ }
+ if (srcpkg[0] != 0) {
+ if (!create_pkg_path(dstpath, dstpkg, PKG_DIR_POSTFIX, 0)) {
+ if (lstat(dstpath, &s) == 0) {
+ dstuid = s.st_uid;
+ dstgid = s.st_gid;
+ } else {
+ // Destination package doesn't
+ // exist... due to original-package,
+ // this is normal, so don't be
+ // noisy about it.
+ srcpkg[0] = 0;
+ }
+ } else {
+ srcpkg[0] = 0;
+ ALOGW("Can't create path %s in %s%s\n",
+ div, UPDATE_COMMANDS_DIR_PREFIX, name);
+ }
+ }
+ ALOGV("Transfering from %s to %s: uid=%d\n",
+ srcpkg, dstpkg, dstuid);
+ }
+ }
+ }
+ bufp = bufi+1;
+ } else {
+ if (bufp == 0) {
+ if (bufp < bufe) {
+ ALOGW("Line too long in %s%s, skipping: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, buf);
+ }
+ } else if (bufp < bufe) {
+ memcpy(buf, buf+bufp, bufe-bufp);
+ bufe -= bufp;
+ bufp = 0;
+ }
+ readlen = read(subfd, buf+bufe, PKG_PATH_MAX-bufe);
+ if (readlen < 0) {
+ ALOGW("Failure reading update commands in %s%s: %s\n",
+ UPDATE_COMMANDS_DIR_PREFIX, name, strerror(errno));
+ break;
+ } else if (readlen == 0) {
+ break;
+ }
+ bufe += readlen;
+ buf[bufe] = 0;
+ ALOGV("Read buf: %s\n", buf);
+ }
+ }
+ close(subfd);
+ }
+ }
+ closedir(d);
+done:
+ return 0;
+}
+
+int linklib(const char* pkgname, const char* asecLibDir, int userId)
+{
+ char pkgdir[PKG_PATH_MAX];
+ char libsymlink[PKG_PATH_MAX];
+ struct stat s, libStat;
+ int rc = 0;
+
+ if (create_pkg_path(pkgdir, pkgname, PKG_DIR_POSTFIX, userId)) {
+ ALOGE("cannot create package path\n");
+ return -1;
+ }
+ if (create_pkg_path(libsymlink, pkgname, PKG_LIB_POSTFIX, userId)) {
+ ALOGE("cannot create package lib symlink origin path\n");
+ return -1;
+ }
+
+ if (stat(pkgdir, &s) < 0) return -1;
+
+ if (chown(pkgdir, AID_INSTALL, AID_INSTALL) < 0) {
+ ALOGE("failed to chown '%s': %s\n", pkgdir, strerror(errno));
+ return -1;
+ }
+
+ if (chmod(pkgdir, 0700) < 0) {
+ ALOGE("linklib() 1: failed to chmod '%s': %s\n", pkgdir, strerror(errno));
+ rc = -1;
+ goto out;
+ }
+
+ if (lstat(libsymlink, &libStat) < 0) {
+ if (errno != ENOENT) {
+ ALOGE("couldn't stat lib dir: %s\n", strerror(errno));
+ rc = -1;
+ goto out;
+ }
+ } else {
+ if (S_ISDIR(libStat.st_mode)) {
+ if (delete_dir_contents(libsymlink, 1, 0) < 0) {
+ rc = -1;
+ goto out;
+ }
+ } else if (S_ISLNK(libStat.st_mode)) {
+ if (unlink(libsymlink) < 0) {
+ ALOGE("couldn't unlink lib dir: %s\n", strerror(errno));
+ rc = -1;
+ goto out;
+ }
+ }
+ }
+
+ if (symlink(asecLibDir, libsymlink) < 0) {
+ ALOGE("couldn't symlink directory '%s' -> '%s': %s\n", libsymlink, asecLibDir,
+ strerror(errno));
+ rc = -errno;
+ goto out;
+ }
+
+out:
+ if (chmod(pkgdir, s.st_mode) < 0) {
+ ALOGE("linklib() 2: failed to chmod '%s': %s\n", pkgdir, strerror(errno));
+ rc = -errno;
+ }
+
+ if (chown(pkgdir, s.st_uid, s.st_gid) < 0) {
+ ALOGE("failed to chown '%s' : %s\n", pkgdir, strerror(errno));
+ return -errno;
+ }
+
+ return rc;
+}
diff --git a/cmds/installd/installd.c b/cmds/installd/installd.c
new file mode 100644
index 0000000..21d674a
--- /dev/null
+++ b/cmds/installd/installd.c
@@ -0,0 +1,592 @@
+/*
+** Copyright 2008, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#include <linux/capability.h>
+#include <linux/prctl.h>
+
+#include "installd.h"
+
+
+#define BUFFER_MAX 1024 /* input buffer for commands */
+#define TOKEN_MAX 8 /* max number of arguments in buffer */
+#define REPLY_MAX 256 /* largest reply allowed */
+
+static int do_ping(char **arg, char reply[REPLY_MAX])
+{
+ return 0;
+}
+
+static int do_install(char **arg, char reply[REPLY_MAX])
+{
+ return install(arg[0], atoi(arg[1]), atoi(arg[2])); /* pkgname, uid, gid */
+}
+
+static int do_dexopt(char **arg, char reply[REPLY_MAX])
+{
+ /* apk_path, uid, is_public */
+ return dexopt(arg[0], atoi(arg[1]), atoi(arg[2]));
+}
+
+static int do_move_dex(char **arg, char reply[REPLY_MAX])
+{
+ return move_dex(arg[0], arg[1]); /* src, dst */
+}
+
+static int do_rm_dex(char **arg, char reply[REPLY_MAX])
+{
+ return rm_dex(arg[0]); /* pkgname */
+}
+
+static int do_remove(char **arg, char reply[REPLY_MAX])
+{
+ return uninstall(arg[0], atoi(arg[1])); /* pkgname, userid */
+}
+
+static int do_rename(char **arg, char reply[REPLY_MAX])
+{
+ return renamepkg(arg[0], arg[1]); /* oldpkgname, newpkgname */
+}
+
+static int do_fixuid(char **arg, char reply[REPLY_MAX])
+{
+ return fix_uid(arg[0], atoi(arg[1]), atoi(arg[2])); /* pkgname, uid, gid */
+}
+
+static int do_free_cache(char **arg, char reply[REPLY_MAX]) /* TODO int:free_size */
+{
+ return free_cache((int64_t)atoll(arg[0])); /* free_size */
+}
+
+static int do_rm_cache(char **arg, char reply[REPLY_MAX])
+{
+ return delete_cache(arg[0], atoi(arg[1])); /* pkgname, userid */
+}
+
+static int do_get_size(char **arg, char reply[REPLY_MAX])
+{
+ int64_t codesize = 0;
+ int64_t datasize = 0;
+ int64_t cachesize = 0;
+ int64_t asecsize = 0;
+ int res = 0;
+
+ /* pkgdir, persona, apkpath */
+ res = get_size(arg[0], atoi(arg[1]), arg[2], arg[3], arg[4],
+ &codesize, &datasize, &cachesize, &asecsize);
+
+ /*
+ * Each int64_t can take up 22 characters printed out. Make sure it
+ * doesn't go over REPLY_MAX in the future.
+ */
+ snprintf(reply, REPLY_MAX, "%" PRId64 " %" PRId64 " %" PRId64 " %" PRId64,
+ codesize, datasize, cachesize, asecsize);
+ return res;
+}
+
+static int do_rm_user_data(char **arg, char reply[REPLY_MAX])
+{
+ return delete_user_data(arg[0], atoi(arg[1])); /* pkgname, userid */
+}
+
+static int do_mk_user_data(char **arg, char reply[REPLY_MAX])
+{
+ return make_user_data(arg[0], atoi(arg[1]), atoi(arg[2])); /* pkgname, uid, userid */
+}
+
+static int do_rm_user(char **arg, char reply[REPLY_MAX])
+{
+ return delete_persona(atoi(arg[0])); /* userid */
+}
+
+static int do_clone_user_data(char **arg, char reply[REPLY_MAX])
+{
+ return clone_persona_data(atoi(arg[0]), atoi(arg[1]), atoi(arg[2]));
+}
+
+static int do_movefiles(char **arg, char reply[REPLY_MAX])
+{
+ return movefiles();
+}
+
+static int do_linklib(char **arg, char reply[REPLY_MAX])
+{
+ return linklib(arg[0], arg[1], atoi(arg[2]));
+}
+
+struct cmdinfo {
+ const char *name;
+ unsigned numargs;
+ int (*func)(char **arg, char reply[REPLY_MAX]);
+};
+
+struct cmdinfo cmds[] = {
+ { "ping", 0, do_ping },
+ { "install", 3, do_install },
+ { "dexopt", 3, do_dexopt },
+ { "movedex", 2, do_move_dex },
+ { "rmdex", 1, do_rm_dex },
+ { "remove", 2, do_remove },
+ { "rename", 2, do_rename },
+ { "fixuid", 3, do_fixuid },
+ { "freecache", 1, do_free_cache },
+ { "rmcache", 2, do_rm_cache },
+ { "getsize", 5, do_get_size },
+ { "rmuserdata", 2, do_rm_user_data },
+ { "movefiles", 0, do_movefiles },
+ { "linklib", 3, do_linklib },
+ { "mkuserdata", 3, do_mk_user_data },
+ { "rmuser", 1, do_rm_user },
+ { "cloneuserdata", 3, do_clone_user_data },
+};
+
+static int readx(int s, void *_buf, int count)
+{
+ char *buf = _buf;
+ int n = 0, r;
+ if (count < 0) return -1;
+ while (n < count) {
+ r = read(s, buf + n, count - n);
+ if (r < 0) {
+ if (errno == EINTR) continue;
+ ALOGE("read error: %s\n", strerror(errno));
+ return -1;
+ }
+ if (r == 0) {
+ ALOGE("eof\n");
+ return -1; /* EOF */
+ }
+ n += r;
+ }
+ return 0;
+}
+
+static int writex(int s, const void *_buf, int count)
+{
+ const char *buf = _buf;
+ int n = 0, r;
+ if (count < 0) return -1;
+ while (n < count) {
+ r = write(s, buf + n, count - n);
+ if (r < 0) {
+ if (errno == EINTR) continue;
+ ALOGE("write error: %s\n", strerror(errno));
+ return -1;
+ }
+ n += r;
+ }
+ return 0;
+}
+
+
+/* Tokenize the command buffer, locate a matching command,
+ * ensure that the required number of arguments are provided,
+ * call the function(), return the result.
+ */
+static int execute(int s, char cmd[BUFFER_MAX])
+{
+ char reply[REPLY_MAX];
+ char *arg[TOKEN_MAX+1];
+ unsigned i;
+ unsigned n = 0;
+ unsigned short count;
+ int ret = -1;
+
+// ALOGI("execute('%s')\n", cmd);
+
+ /* default reply is "" */
+ reply[0] = 0;
+
+ /* n is number of args (not counting arg[0]) */
+ arg[0] = cmd;
+ while (*cmd) {
+ if (isspace(*cmd)) {
+ *cmd++ = 0;
+ n++;
+ arg[n] = cmd;
+ if (n == TOKEN_MAX) {
+ ALOGE("too many arguments\n");
+ goto done;
+ }
+ }
+ cmd++;
+ }
+
+ for (i = 0; i < sizeof(cmds) / sizeof(cmds[0]); i++) {
+ if (!strcmp(cmds[i].name,arg[0])) {
+ if (n != cmds[i].numargs) {
+ ALOGE("%s requires %d arguments (%d given)\n",
+ cmds[i].name, cmds[i].numargs, n);
+ } else {
+ ret = cmds[i].func(arg + 1, reply);
+ }
+ goto done;
+ }
+ }
+ ALOGE("unsupported command '%s'\n", arg[0]);
+
+done:
+ if (reply[0]) {
+ n = snprintf(cmd, BUFFER_MAX, "%d %s", ret, reply);
+ } else {
+ n = snprintf(cmd, BUFFER_MAX, "%d", ret);
+ }
+ if (n > BUFFER_MAX) n = BUFFER_MAX;
+ count = n;
+
+// ALOGI("reply: '%s'\n", cmd);
+ if (writex(s, &count, sizeof(count))) return -1;
+ if (writex(s, cmd, count)) return -1;
+ return 0;
+}
+
+/**
+ * Initialize all the global variables that are used elsewhere. Returns 0 upon
+ * success and -1 on error.
+ */
+void free_globals() {
+ size_t i;
+
+ for (i = 0; i < android_system_dirs.count; i++) {
+ if (android_system_dirs.dirs[i].path != NULL) {
+ free(android_system_dirs.dirs[i].path);
+ }
+ }
+
+ free(android_system_dirs.dirs);
+}
+
+int initialize_globals() {
+ // Get the android data directory.
+ if (get_path_from_env(&android_data_dir, "ANDROID_DATA") < 0) {
+ return -1;
+ }
+
+ // Get the android app directory.
+ if (copy_and_append(&android_app_dir, &android_data_dir, APP_SUBDIR) < 0) {
+ return -1;
+ }
+
+ // Get the android protected app directory.
+ if (copy_and_append(&android_app_private_dir, &android_data_dir, PRIVATE_APP_SUBDIR) < 0) {
+ return -1;
+ }
+
+ // Get the android app native library directory.
+ if (copy_and_append(&android_app_lib_dir, &android_data_dir, APP_LIB_SUBDIR) < 0) {
+ return -1;
+ }
+
+ // Get the sd-card ASEC mount point.
+ if (get_path_from_env(&android_asec_dir, "ASEC_MOUNTPOINT") < 0) {
+ return -1;
+ }
+
+ // Get the android media directory.
+ if (copy_and_append(&android_media_dir, &android_data_dir, MEDIA_SUBDIR) < 0) {
+ return -1;
+ }
+
+ // Take note of the system and vendor directories.
+ android_system_dirs.count = 2;
+
+ android_system_dirs.dirs = calloc(android_system_dirs.count, sizeof(dir_rec_t));
+ if (android_system_dirs.dirs == NULL) {
+ ALOGE("Couldn't allocate array for dirs; aborting\n");
+ return -1;
+ }
+
+ // system
+ if (get_path_from_env(&android_system_dirs.dirs[0], "ANDROID_ROOT") < 0) {
+ free_globals();
+ return -1;
+ }
+
+ // append "app/" to dirs[0]
+ char *system_app_path = build_string2(android_system_dirs.dirs[0].path, APP_SUBDIR);
+ android_system_dirs.dirs[0].path = system_app_path;
+ android_system_dirs.dirs[0].len = strlen(system_app_path);
+
+ // vendor
+ // TODO replace this with an environment variable (doesn't exist yet)
+ android_system_dirs.dirs[1].path = "/vendor/app/";
+ android_system_dirs.dirs[1].len = strlen(android_system_dirs.dirs[1].path);
+
+ return 0;
+}
+
+int initialize_directories() {
+ int res = -1;
+
+ // Read current filesystem layout version to handle upgrade paths
+ char version_path[PATH_MAX];
+ snprintf(version_path, PATH_MAX, "%s.layout_version", android_data_dir.path);
+
+ int oldVersion;
+ if (fs_read_atomic_int(version_path, &oldVersion) == -1) {
+ oldVersion = 0;
+ }
+ int version = oldVersion;
+
+ // /data/user
+ char *user_data_dir = build_string2(android_data_dir.path, SECONDARY_USER_PREFIX);
+ // /data/data
+ char *legacy_data_dir = build_string2(android_data_dir.path, PRIMARY_USER_PREFIX);
+ // /data/user/0
+ char *primary_data_dir = build_string3(android_data_dir.path, SECONDARY_USER_PREFIX, "0");
+ if (!user_data_dir || !legacy_data_dir || !primary_data_dir) {
+ goto fail;
+ }
+
+ // Make the /data/user directory if necessary
+ if (access(user_data_dir, R_OK) < 0) {
+ if (mkdir(user_data_dir, 0711) < 0) {
+ goto fail;
+ }
+ if (chown(user_data_dir, AID_SYSTEM, AID_SYSTEM) < 0) {
+ goto fail;
+ }
+ if (chmod(user_data_dir, 0711) < 0) {
+ goto fail;
+ }
+ }
+ // Make the /data/user/0 symlink to /data/data if necessary
+ if (access(primary_data_dir, R_OK) < 0) {
+ if (symlink(legacy_data_dir, primary_data_dir)) {
+ goto fail;
+ }
+ }
+
+ if (version == 0) {
+ // Introducing multi-user, so migrate /data/media contents into /data/media/0
+ ALOGD("Upgrading /data/media for multi-user");
+
+ // Ensure /data/media
+ if (fs_prepare_dir(android_media_dir.path, 0770, AID_MEDIA_RW, AID_MEDIA_RW) == -1) {
+ goto fail;
+ }
+
+ // /data/media.tmp
+ char media_tmp_dir[PATH_MAX];
+ snprintf(media_tmp_dir, PATH_MAX, "%smedia.tmp", android_data_dir.path);
+
+ // Only copy when upgrade not already in progress
+ if (access(media_tmp_dir, F_OK) == -1) {
+ if (rename(android_media_dir.path, media_tmp_dir) == -1) {
+ ALOGE("Failed to move legacy media path: %s", strerror(errno));
+ goto fail;
+ }
+ }
+
+ // Create /data/media again
+ if (fs_prepare_dir(android_media_dir.path, 0770, AID_MEDIA_RW, AID_MEDIA_RW) == -1) {
+ goto fail;
+ }
+
+ // /data/media/0
+ char owner_media_dir[PATH_MAX];
+ snprintf(owner_media_dir, PATH_MAX, "%s0", android_media_dir.path);
+
+ // Move any owner data into place
+ if (access(media_tmp_dir, F_OK) == 0) {
+ if (rename(media_tmp_dir, owner_media_dir) == -1) {
+ ALOGE("Failed to move owner media path: %s", strerror(errno));
+ goto fail;
+ }
+ }
+
+ // Ensure media directories for any existing users
+ DIR *dir;
+ struct dirent *dirent;
+ char user_media_dir[PATH_MAX];
+
+ dir = opendir(user_data_dir);
+ if (dir != NULL) {
+ while ((dirent = readdir(dir))) {
+ if (dirent->d_type == DT_DIR) {
+ const char *name = dirent->d_name;
+
+ // skip "." and ".."
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+
+ // /data/media/<user_id>
+ snprintf(user_media_dir, PATH_MAX, "%s%s", android_media_dir.path, name);
+ if (fs_prepare_dir(user_media_dir, 0770, AID_MEDIA_RW, AID_MEDIA_RW) == -1) {
+ goto fail;
+ }
+ }
+ }
+ closedir(dir);
+ }
+
+ version = 1;
+ }
+
+ // /data/media/obb
+ char media_obb_dir[PATH_MAX];
+ snprintf(media_obb_dir, PATH_MAX, "%sobb", android_media_dir.path);
+
+ if (version == 1) {
+ // Introducing /data/media/obb for sharing OBB across users; migrate
+ // any existing OBB files from owner.
+ ALOGD("Upgrading to shared /data/media/obb");
+
+ // /data/media/0/Android/obb
+ char owner_obb_path[PATH_MAX];
+ snprintf(owner_obb_path, PATH_MAX, "%s0/Android/obb", android_media_dir.path);
+
+ // Only move if target doesn't already exist
+ if (access(media_obb_dir, F_OK) != 0 && access(owner_obb_path, F_OK) == 0) {
+ if (rename(owner_obb_path, media_obb_dir) == -1) {
+ ALOGE("Failed to move OBB from owner: %s", strerror(errno));
+ goto fail;
+ }
+ }
+
+ version = 2;
+ }
+
+ if (ensure_media_user_dirs(0) == -1) {
+ ALOGE("Failed to setup media for user 0");
+ goto fail;
+ }
+ if (fs_prepare_dir(media_obb_dir, 0770, AID_MEDIA_RW, AID_MEDIA_RW) == -1) {
+ goto fail;
+ }
+
+ // Persist layout version if changed
+ if (version != oldVersion) {
+ if (fs_write_atomic_int(version_path, version) == -1) {
+ ALOGE("Failed to save version to %s: %s", version_path, strerror(errno));
+ goto fail;
+ }
+ }
+
+ // Success!
+ res = 0;
+
+fail:
+ free(user_data_dir);
+ free(legacy_data_dir);
+ free(primary_data_dir);
+ return res;
+}
+
+static void drop_privileges() {
+ if (prctl(PR_SET_KEEPCAPS, 1) < 0) {
+ ALOGE("prctl(PR_SET_KEEPCAPS) failed: %s\n", strerror(errno));
+ exit(1);
+ }
+
+ if (setgid(AID_INSTALL) < 0) {
+ ALOGE("setgid() can't drop privileges; exiting.\n");
+ exit(1);
+ }
+
+ if (setuid(AID_INSTALL) < 0) {
+ ALOGE("setuid() can't drop privileges; exiting.\n");
+ exit(1);
+ }
+
+ struct __user_cap_header_struct capheader;
+ struct __user_cap_data_struct capdata[2];
+ memset(&capheader, 0, sizeof(capheader));
+ memset(&capdata, 0, sizeof(capdata));
+ capheader.version = _LINUX_CAPABILITY_VERSION_3;
+ capheader.pid = 0;
+
+ capdata[CAP_TO_INDEX(CAP_DAC_OVERRIDE)].permitted |= CAP_TO_MASK(CAP_DAC_OVERRIDE);
+ capdata[CAP_TO_INDEX(CAP_CHOWN)].permitted |= CAP_TO_MASK(CAP_CHOWN);
+ capdata[CAP_TO_INDEX(CAP_SETUID)].permitted |= CAP_TO_MASK(CAP_SETUID);
+ capdata[CAP_TO_INDEX(CAP_SETGID)].permitted |= CAP_TO_MASK(CAP_SETGID);
+
+ capdata[0].effective = capdata[0].permitted;
+ capdata[1].effective = capdata[1].permitted;
+ capdata[0].inheritable = 0;
+ capdata[1].inheritable = 0;
+
+ if (capset(&capheader, &capdata[0]) < 0) {
+ ALOGE("capset failed: %s\n", strerror(errno));
+ exit(1);
+ }
+}
+
+int main(const int argc, const char *argv[]) {
+ char buf[BUFFER_MAX];
+ struct sockaddr addr;
+ socklen_t alen;
+ int lsocket, s, count;
+
+ ALOGI("installd firing up\n");
+
+ if (initialize_globals() < 0) {
+ ALOGE("Could not initialize globals; exiting.\n");
+ exit(1);
+ }
+
+ if (initialize_directories() < 0) {
+ ALOGE("Could not create directories; exiting.\n");
+ exit(1);
+ }
+
+ drop_privileges();
+
+ lsocket = android_get_control_socket(SOCKET_PATH);
+ if (lsocket < 0) {
+ ALOGE("Failed to get socket from environment: %s\n", strerror(errno));
+ exit(1);
+ }
+ if (listen(lsocket, 5)) {
+ ALOGE("Listen on socket failed: %s\n", strerror(errno));
+ exit(1);
+ }
+ fcntl(lsocket, F_SETFD, FD_CLOEXEC);
+
+ for (;;) {
+ alen = sizeof(addr);
+ s = accept(lsocket, &addr, &alen);
+ if (s < 0) {
+ ALOGE("Accept failed: %s\n", strerror(errno));
+ continue;
+ }
+ fcntl(s, F_SETFD, FD_CLOEXEC);
+
+ ALOGI("new connection\n");
+ for (;;) {
+ unsigned short count;
+ if (readx(s, &count, sizeof(count))) {
+ ALOGE("failed to read size\n");
+ break;
+ }
+ if ((count < 1) || (count >= BUFFER_MAX)) {
+ ALOGE("invalid size %d\n", count);
+ break;
+ }
+ if (readx(s, buf, count)) {
+ ALOGE("failed to read command\n");
+ break;
+ }
+ buf[count] = 0;
+ if (execute(s, buf)) break;
+ }
+ ALOGI("closing connection\n");
+ close(s);
+ }
+
+ return 0;
+}
diff --git a/cmds/installd/installd.h b/cmds/installd/installd.h
new file mode 100644
index 0000000..0500c23
--- /dev/null
+++ b/cmds/installd/installd.h
@@ -0,0 +1,213 @@
+/*
+**
+** Copyright 2008, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#define LOG_TAG "installd"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <inttypes.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#include <unistd.h>
+#include <ctype.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <utime.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+#include <cutils/fs.h>
+#include <cutils/sockets.h>
+#include <cutils/log.h>
+#include <cutils/properties.h>
+#include <cutils/multiuser.h>
+
+#include <private/android_filesystem_config.h>
+
+#if INCLUDE_SYS_MOUNT_FOR_STATFS
+#include <sys/mount.h>
+#else
+#include <sys/statfs.h>
+#endif
+
+#define SOCKET_PATH "installd"
+
+
+/* elements combined with a valid package name to form paths */
+
+#define PRIMARY_USER_PREFIX "data/"
+#define SECONDARY_USER_PREFIX "user/"
+
+#define PKG_DIR_POSTFIX ""
+
+#define PKG_LIB_POSTFIX "/lib"
+
+#define CACHE_DIR_POSTFIX "/cache"
+
+#define APP_SUBDIR "app/" // sub-directory under ANDROID_DATA
+
+#define APP_LIB_SUBDIR "app-lib/" // sub-directory under ANDROID_DATA
+
+#define MEDIA_SUBDIR "media/" // sub-directory under ANDROID_DATA
+
+/* other handy constants */
+
+#define PRIVATE_APP_SUBDIR "app-private/" // sub-directory under ANDROID_DATA
+
+#define DALVIK_CACHE_PREFIX "/data/dalvik-cache/"
+#define DALVIK_CACHE_POSTFIX "/classes.dex"
+
+#define UPDATE_COMMANDS_DIR_PREFIX "/system/etc/updatecmds/"
+
+#define PKG_NAME_MAX 128 /* largest allowed package name */
+#define PKG_PATH_MAX 256 /* max size of any path we use */
+
+#define PER_USER_RANGE ((uid_t)100000) /* range of uids per user
+ uid = persona * PER_USER_RANGE + appid */
+
+/* data structures */
+
+typedef struct {
+ char* path;
+ size_t len;
+} dir_rec_t;
+
+typedef struct {
+ size_t count;
+ dir_rec_t* dirs;
+} dir_rec_array_t;
+
+extern dir_rec_t android_app_dir;
+extern dir_rec_t android_app_private_dir;
+extern dir_rec_t android_app_lib_dir;
+extern dir_rec_t android_data_dir;
+extern dir_rec_t android_asec_dir;
+extern dir_rec_t android_media_dir;
+extern dir_rec_array_t android_system_dirs;
+
+typedef struct cache_dir_struct {
+ struct cache_dir_struct* parent;
+ int32_t childCount;
+ int32_t hiddenCount;
+ int32_t deleted;
+ char name[];
+} cache_dir_t;
+
+typedef struct {
+ cache_dir_t* dir;
+ time_t modTime;
+ char name[];
+} cache_file_t;
+
+typedef struct {
+ size_t numDirs;
+ size_t availDirs;
+ cache_dir_t** dirs;
+ size_t numFiles;
+ size_t availFiles;
+ cache_file_t** files;
+ size_t numCollected;
+ void* memBlocks;
+ int8_t* curMemBlockAvail;
+ int8_t* curMemBlockEnd;
+} cache_t;
+
+/* util.c */
+
+int create_pkg_path_in_dir(char path[PKG_PATH_MAX],
+ const dir_rec_t* dir,
+ const char* pkgname,
+ const char* postfix);
+
+int create_pkg_path(char path[PKG_PATH_MAX],
+ const char *pkgname,
+ const char *postfix,
+ uid_t persona);
+
+int create_persona_path(char path[PKG_PATH_MAX],
+ uid_t persona);
+
+int create_persona_media_path(char path[PKG_PATH_MAX], userid_t userid);
+
+int create_move_path(char path[PKG_PATH_MAX],
+ const char* pkgname,
+ const char* leaf,
+ uid_t persona);
+
+int is_valid_package_name(const char* pkgname);
+
+int create_cache_path(char path[PKG_PATH_MAX], const char *src);
+
+int delete_dir_contents(const char *pathname,
+ int also_delete_dir,
+ const char *ignore);
+
+int delete_dir_contents_fd(int dfd, const char *name);
+
+int lookup_media_dir(char basepath[PATH_MAX], const char *dir);
+
+int64_t data_disk_free();
+
+cache_t* start_cache_collection();
+
+void add_cache_files(cache_t* cache, const char *basepath, const char *cachedir);
+
+void clear_cache_files(cache_t* cache, int64_t free_size);
+
+void finish_cache_collection(cache_t* cache);
+
+int validate_system_app_path(const char* path);
+
+int get_path_from_env(dir_rec_t* rec, const char* var);
+
+int get_path_from_string(dir_rec_t* rec, const char* path);
+
+int copy_and_append(dir_rec_t* dst, const dir_rec_t* src, const char* suffix);
+
+int validate_apk_path(const char *path);
+
+int append_and_increment(char** dst, const char* src, size_t* dst_size);
+
+char *build_string2(char *s1, char *s2);
+char *build_string3(char *s1, char *s2, char *s3);
+
+int ensure_dir(const char* path, mode_t mode, uid_t uid, gid_t gid);
+int ensure_media_user_dirs(userid_t userid);
+
+/* commands.c */
+
+int install(const char *pkgname, uid_t uid, gid_t gid);
+int uninstall(const char *pkgname, uid_t persona);
+int renamepkg(const char *oldpkgname, const char *newpkgname);
+int fix_uid(const char *pkgname, uid_t uid, gid_t gid);
+int delete_user_data(const char *pkgname, uid_t persona);
+int make_user_data(const char *pkgname, uid_t uid, uid_t persona);
+int delete_persona(uid_t persona);
+int clone_persona_data(uid_t src_persona, uid_t target_persona, int copy);
+int delete_cache(const char *pkgname, uid_t persona);
+int move_dex(const char *src, const char *dst);
+int rm_dex(const char *path);
+int protect(char *pkgname, gid_t gid);
+int get_size(const char *pkgname, int persona, const char *apkpath, const char *fwdlock_apkpath,
+ const char *asecpath, int64_t *codesize, int64_t *datasize, int64_t *cachesize,
+ int64_t *asecsize);
+int free_cache(int64_t free_size);
+int dexopt(const char *apk_path, uid_t uid, int is_public);
+int movefiles();
+int linklib(const char* target, const char* source, int userId);
diff --git a/cmds/installd/tests/Android.mk b/cmds/installd/tests/Android.mk
new file mode 100644
index 0000000..c0192f4
--- /dev/null
+++ b/cmds/installd/tests/Android.mk
@@ -0,0 +1,31 @@
+# Build the unit tests for installd
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+# Build the unit tests.
+test_src_files := \
+ installd_utils_test.cpp
+
+shared_libraries := \
+ libutils \
+ libcutils \
+ libstlport
+
+static_libraries := \
+ libinstalld \
+ libdiskusage \
+ libgtest \
+ libgtest_main
+
+c_includes := \
+ frameworks/base/cmds/installd
+
+$(foreach file,$(test_src_files), \
+ $(eval include $(CLEAR_VARS)) \
+ $(eval LOCAL_SHARED_LIBRARIES := $(shared_libraries)) \
+ $(eval LOCAL_STATIC_LIBRARIES := $(static_libraries)) \
+ $(eval LOCAL_SRC_FILES := $(file)) \
+ $(eval LOCAL_C_INCLUDES := $(c_includes)) \
+ $(eval LOCAL_MODULE := $(notdir $(file:%.cpp=%))) \
+ $(eval include $(BUILD_NATIVE_TEST)) \
+)
diff --git a/cmds/installd/tests/installd_utils_test.cpp b/cmds/installd/tests/installd_utils_test.cpp
new file mode 100644
index 0000000..7cb9b37
--- /dev/null
+++ b/cmds/installd/tests/installd_utils_test.cpp
@@ -0,0 +1,437 @@
+/*
+ * Copyright (C) 2011 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#define LOG_TAG "utils_test"
+#include <utils/Log.h>
+
+#include <gtest/gtest.h>
+
+extern "C" {
+#include "installd.h"
+}
+
+#define TEST_DATA_DIR "/data/"
+#define TEST_APP_DIR "/data/app/"
+#define TEST_APP_PRIVATE_DIR "/data/app-private/"
+#define TEST_ASEC_DIR "/mnt/asec/"
+
+#define TEST_SYSTEM_DIR1 "/system/app/"
+#define TEST_SYSTEM_DIR2 "/vendor/app/"
+
+#define REALLY_LONG_APP_NAME "com.example." \
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." \
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." \
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
+#define REALLY_LONG_LEAF_NAME "shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_" \
+ "shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_" \
+ "shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_" \
+ "shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_shared_prefs_"
+
+namespace android {
+
+class UtilsTest : public testing::Test {
+protected:
+ virtual void SetUp() {
+ android_app_dir.path = TEST_APP_DIR;
+ android_app_dir.len = strlen(TEST_APP_DIR);
+
+ android_app_private_dir.path = TEST_APP_PRIVATE_DIR;
+ android_app_private_dir.len = strlen(TEST_APP_PRIVATE_DIR);
+
+ android_data_dir.path = TEST_DATA_DIR;
+ android_data_dir.len = strlen(TEST_DATA_DIR);
+
+ android_asec_dir.path = TEST_ASEC_DIR;
+ android_asec_dir.len = strlen(TEST_ASEC_DIR);
+
+ android_system_dirs.count = 2;
+
+ android_system_dirs.dirs = (dir_rec_t*) calloc(android_system_dirs.count, sizeof(dir_rec_t));
+ android_system_dirs.dirs[0].path = TEST_SYSTEM_DIR1;
+ android_system_dirs.dirs[0].len = strlen(TEST_SYSTEM_DIR1);
+
+ android_system_dirs.dirs[1].path = TEST_SYSTEM_DIR2;
+ android_system_dirs.dirs[1].len = strlen(TEST_SYSTEM_DIR2);
+ }
+
+ virtual void TearDown() {
+ free(android_system_dirs.dirs);
+ }
+};
+
+TEST_F(UtilsTest, IsValidApkPath_BadPrefix) {
+ // Bad prefixes directories
+ const char *badprefix1 = "/etc/passwd";
+ EXPECT_EQ(-1, validate_apk_path(badprefix1))
+ << badprefix1 << " should be allowed as a valid path";
+
+ const char *badprefix2 = "../.." TEST_APP_DIR "../../../blah";
+ EXPECT_EQ(-1, validate_apk_path(badprefix2))
+ << badprefix2 << " should be allowed as a valid path";
+
+ const char *badprefix3 = "init.rc";
+ EXPECT_EQ(-1, validate_apk_path(badprefix3))
+ << badprefix3 << " should be allowed as a valid path";
+
+ const char *badprefix4 = "/init.rc";
+ EXPECT_EQ(-1, validate_apk_path(badprefix4))
+ << badprefix4 << " should be allowed as a valid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_Internal) {
+ // Internal directories
+ const char *internal1 = TEST_APP_DIR "example.apk";
+ EXPECT_EQ(0, validate_apk_path(internal1))
+ << internal1 << " should be allowed as a valid path";
+
+ const char *badint1 = TEST_APP_DIR "../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badint1))
+ << badint1 << " should be rejected as a invalid path";
+
+ const char *badint2 = TEST_APP_DIR "/../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badint2))
+ << badint2 << " should be rejected as a invalid path";
+
+ const char *badint3 = TEST_APP_DIR "example.com/pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badint3))
+ << badint3 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_Private) {
+ // Internal directories
+ const char *private1 = TEST_APP_PRIVATE_DIR "example.apk";
+ EXPECT_EQ(0, validate_apk_path(private1))
+ << private1 << " should be allowed as a valid path";
+
+ const char *badpriv1 = TEST_APP_PRIVATE_DIR "../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badpriv1))
+ << badpriv1 << " should be rejected as a invalid path";
+
+ const char *badpriv2 = TEST_APP_PRIVATE_DIR "/../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badpriv2))
+ << badpriv2 << " should be rejected as a invalid path";
+
+ const char *badpriv3 = TEST_APP_PRIVATE_DIR "example.com/pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badpriv3))
+ << badpriv3 << " should be rejected as a invalid path";
+}
+
+
+TEST_F(UtilsTest, IsValidApkPath_AsecGood1) {
+ const char *asec1 = TEST_ASEC_DIR "example.apk";
+ EXPECT_EQ(0, validate_apk_path(asec1))
+ << asec1 << " should be allowed as a valid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_AsecGood2) {
+ const char *asec2 = TEST_ASEC_DIR "com.example.asec/pkg.apk";
+ EXPECT_EQ(0, validate_apk_path(asec2))
+ << asec2 << " should be allowed as a valid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_EscapeFail) {
+ const char *badasec1 = TEST_ASEC_DIR "../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec1))
+ << badasec1 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_DoubleSlashFail) {
+ const char *badasec2 = TEST_ASEC_DIR "com.example.asec//pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec2))
+ << badasec2 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_SubdirEscapeFail) {
+ const char *badasec3 = TEST_ASEC_DIR "com.example.asec/../../../pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec3))
+ << badasec3 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_SlashEscapeFail) {
+ const char *badasec4 = TEST_ASEC_DIR "/../example.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec4))
+ << badasec4 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_CrazyDirFail) {
+ const char *badasec5 = TEST_ASEC_DIR ".//../..";
+ EXPECT_EQ(-1, validate_apk_path(badasec5))
+ << badasec5 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_SubdirEscapeSingleFail) {
+ const char *badasec6 = TEST_ASEC_DIR "com.example.asec/../pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec6))
+ << badasec6 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, IsValidApkPath_TwoSubdirFail) {
+ const char *badasec7 = TEST_ASEC_DIR "com.example.asec/subdir1/pkg.apk";
+ EXPECT_EQ(-1, validate_apk_path(badasec7))
+ << badasec7 << " should be rejected as a invalid path";
+}
+
+TEST_F(UtilsTest, CheckSystemApp_Dir1) {
+ const char *sysapp1 = TEST_SYSTEM_DIR1 "Voice.apk";
+ EXPECT_EQ(0, validate_system_app_path(sysapp1))
+ << sysapp1 << " should be allowed as a system path";
+}
+
+TEST_F(UtilsTest, CheckSystemApp_Dir2) {
+ const char *sysapp2 = TEST_SYSTEM_DIR2 "com.example.myapp.apk";
+ EXPECT_EQ(0, validate_system_app_path(sysapp2))
+ << sysapp2 << " should be allowed as a system path";
+}
+
+TEST_F(UtilsTest, CheckSystemApp_EscapeFail) {
+ const char *badapp1 = TEST_SYSTEM_DIR1 "../com.example.apk";
+ EXPECT_EQ(-1, validate_system_app_path(badapp1))
+ << badapp1 << " should be rejected not a system path";
+}
+
+TEST_F(UtilsTest, CheckSystemApp_DoubleEscapeFail) {
+ const char *badapp2 = TEST_SYSTEM_DIR2 "/../../com.example.apk";
+ EXPECT_EQ(-1, validate_system_app_path(badapp2))
+ << badapp2 << " should be rejected not a system path";
+}
+
+TEST_F(UtilsTest, CheckSystemApp_BadPathEscapeFail) {
+ const char *badapp3 = TEST_APP_DIR "/../../com.example.apk";
+ EXPECT_EQ(-1, validate_system_app_path(badapp3))
+ << badapp3 << " should be rejected not a system path";
+}
+
+TEST_F(UtilsTest, GetPathFromString_NullPathFail) {
+ dir_rec_t test1;
+ EXPECT_EQ(-1, get_path_from_string(&test1, (const char *) NULL))
+ << "Should not allow NULL as a path.";
+}
+
+TEST_F(UtilsTest, GetPathFromString_EmptyPathFail) {
+ dir_rec_t test1;
+ EXPECT_EQ(-1, get_path_from_string(&test1, ""))
+ << "Should not allow empty paths.";
+}
+
+TEST_F(UtilsTest, GetPathFromString_RelativePathFail) {
+ dir_rec_t test1;
+ EXPECT_EQ(-1, get_path_from_string(&test1, "mnt/asec"))
+ << "Should not allow relative paths.";
+}
+
+TEST_F(UtilsTest, GetPathFromString_NonCanonical) {
+ dir_rec_t test1;
+
+ EXPECT_EQ(0, get_path_from_string(&test1, "/mnt/asec"))
+ << "Should be able to canonicalize directory /mnt/asec";
+ EXPECT_STREQ("/mnt/asec/", test1.path)
+ << "/mnt/asec should be canonicalized to /mnt/asec/";
+ EXPECT_EQ(10, (ssize_t) test1.len)
+ << "path len should be equal to the length of /mnt/asec/ (10)";
+ free(test1.path);
+}
+
+TEST_F(UtilsTest, GetPathFromString_CanonicalPath) {
+ dir_rec_t test3;
+ EXPECT_EQ(0, get_path_from_string(&test3, "/data/app/"))
+ << "Should be able to canonicalize directory /data/app/";
+ EXPECT_STREQ("/data/app/", test3.path)
+ << "/data/app/ should be canonicalized to /data/app/";
+ EXPECT_EQ(10, (ssize_t) test3.len)
+ << "path len should be equal to the length of /data/app/ (10)";
+ free(test3.path);
+}
+
+TEST_F(UtilsTest, CreatePkgPath_LongPkgNameSuccess) {
+ char path[PKG_PATH_MAX];
+
+ // Create long packagename of "aaaaa..."
+ size_t pkgnameSize = PKG_NAME_MAX;
+ char pkgname[pkgnameSize + 1];
+ memset(pkgname, 'a', pkgnameSize);
+ pkgname[pkgnameSize] = '\0';
+
+ EXPECT_EQ(0, create_pkg_path(path, pkgname, "", 0))
+ << "Should successfully be able to create package name.";
+
+ const char *prefix = TEST_DATA_DIR PRIMARY_USER_PREFIX;
+ size_t offset = strlen(prefix);
+ EXPECT_STREQ(pkgname, path + offset)
+ << "Package path should be a really long string of a's";
+}
+
+TEST_F(UtilsTest, CreatePkgPath_LongPkgNameFail) {
+ char path[PKG_PATH_MAX];
+
+ // Create long packagename of "aaaaa..."
+ size_t pkgnameSize = PKG_NAME_MAX + 1;
+ char pkgname[pkgnameSize + 1];
+ memset(pkgname, 'a', pkgnameSize);
+ pkgname[pkgnameSize] = '\0';
+
+ EXPECT_EQ(-1, create_pkg_path(path, pkgname, "", 0))
+ << "Should return error because package name is too long.";
+}
+
+TEST_F(UtilsTest, CreatePkgPath_LongPostfixFail) {
+ char path[PKG_PATH_MAX];
+
+ // Create long packagename of "aaaaa..."
+ size_t postfixSize = PKG_PATH_MAX;
+ char postfix[postfixSize + 1];
+ memset(postfix, 'a', postfixSize);
+ postfix[postfixSize] = '\0';
+
+ EXPECT_EQ(-1, create_pkg_path(path, "com.example.package", postfix, 0))
+ << "Should return error because postfix is too long.";
+}
+
+TEST_F(UtilsTest, CreatePkgPath_PrimaryUser) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(0, create_pkg_path(path, "com.example.package", "", 0))
+ << "Should return error because postfix is too long.";
+
+ EXPECT_STREQ(TEST_DATA_DIR PRIMARY_USER_PREFIX "com.example.package", path)
+ << "Package path should be in /data/data/";
+}
+
+TEST_F(UtilsTest, CreatePkgPath_SecondaryUser) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(0, create_pkg_path(path, "com.example.package", "", 1))
+ << "Should successfully create package path.";
+
+ EXPECT_STREQ(TEST_DATA_DIR SECONDARY_USER_PREFIX "1/com.example.package", path)
+ << "Package path should be in /data/user/";
+}
+
+TEST_F(UtilsTest, CreatePkgPathInDir_ProtectedDir) {
+ char path[PKG_PATH_MAX];
+
+ dir_rec_t dir;
+ dir.path = "/data/app-private/";
+ dir.len = strlen(dir.path);
+
+ EXPECT_EQ(0, create_pkg_path_in_dir(path, &dir, "com.example.package", ".apk"))
+ << "Should successfully create package path.";
+
+ EXPECT_STREQ("/data/app-private/com.example.package.apk", path)
+ << "Package path should be in /data/app-private/";
+}
+
+TEST_F(UtilsTest, CreatePersonaPath_Primary) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(0, create_persona_path(path, 0))
+ << "Should successfully build primary user path.";
+
+ EXPECT_STREQ("/data/data/", path)
+ << "Primary user should have correct path";
+}
+
+TEST_F(UtilsTest, CreatePersonaPath_Secondary) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(0, create_persona_path(path, 1))
+ << "Should successfully build primary user path.";
+
+ EXPECT_STREQ("/data/user/1/", path)
+ << "Primary user should have correct path";
+}
+
+TEST_F(UtilsTest, CreateMovePath_Primary) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(0, create_move_path(path, "com.android.test", "shared_prefs", 0))
+ << "Should be able to create move path for primary user";
+
+ EXPECT_STREQ("/data/data/com.android.test/shared_prefs", path)
+ << "Primary user package directory should be created correctly";
+}
+
+TEST_F(UtilsTest, CreateMovePath_Fail_AppTooLong) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(-1, create_move_path(path, REALLY_LONG_APP_NAME, "shared_prefs", 0))
+ << "Should fail to create move path for primary user";
+}
+
+TEST_F(UtilsTest, CreateMovePath_Fail_LeafTooLong) {
+ char path[PKG_PATH_MAX];
+
+ EXPECT_EQ(-1, create_move_path(path, "com.android.test", REALLY_LONG_LEAF_NAME, 0))
+ << "Should fail to create move path for primary user";
+}
+
+TEST_F(UtilsTest, CopyAndAppend_Normal) {
+ //int copy_and_append(dir_rec_t* dst, dir_rec_t* src, char* suffix)
+ dir_rec_t dst;
+ dir_rec_t src;
+
+ src.path = "/data/";
+ src.len = strlen(src.path);
+
+ EXPECT_EQ(0, copy_and_append(&dst, &src, "app/"))
+ << "Should return error because postfix is too long.";
+
+ EXPECT_STREQ("/data/app/", dst.path)
+ << "Appended path should be correct";
+
+ EXPECT_EQ(10, (ssize_t) dst.len)
+ << "Appended path should be length of '/data/app/' (10)";
+}
+
+TEST_F(UtilsTest, AppendAndIncrement_Normal) {
+ size_t dst_size = 10;
+ char dst[dst_size];
+ char *dstp = dst;
+ const char* src = "FOO";
+
+ EXPECT_EQ(0, append_and_increment(&dstp, src, &dst_size))
+ << "String should append successfully";
+
+ EXPECT_STREQ("FOO", dst)
+ << "String should append correctly";
+
+ EXPECT_EQ(0, append_and_increment(&dstp, src, &dst_size))
+ << "String should append successfully again";
+
+ EXPECT_STREQ("FOOFOO", dst)
+ << "String should append correctly again";
+}
+
+TEST_F(UtilsTest, AppendAndIncrement_TooBig) {
+ size_t dst_size = 5;
+ char dst[dst_size];
+ char *dstp = dst;
+ const char* src = "FOO";
+
+ EXPECT_EQ(0, append_and_increment(&dstp, src, &dst_size))
+ << "String should append successfully";
+
+ EXPECT_STREQ("FOO", dst)
+ << "String should append correctly";
+
+ EXPECT_EQ(-1, append_and_increment(&dstp, src, &dst_size))
+ << "String should fail because it's too large to fit";
+}
+
+}
diff --git a/cmds/installd/utils.c b/cmds/installd/utils.c
new file mode 100644
index 0000000..625a35e
--- /dev/null
+++ b/cmds/installd/utils.c
@@ -0,0 +1,1006 @@
+/*
+** Copyright 2008, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#include "installd.h"
+
+#define CACHE_NOISY(x) //x
+
+int create_pkg_path_in_dir(char path[PKG_PATH_MAX],
+ const dir_rec_t* dir,
+ const char* pkgname,
+ const char* postfix)
+{
+ const size_t postfix_len = strlen(postfix);
+
+ const size_t pkgname_len = strlen(pkgname);
+ if (pkgname_len > PKG_NAME_MAX) {
+ return -1;
+ }
+
+ if (is_valid_package_name(pkgname) < 0) {
+ return -1;
+ }
+
+ if ((pkgname_len + dir->len + postfix_len) >= PKG_PATH_MAX) {
+ return -1;
+ }
+
+ char *dst = path;
+ size_t dst_size = PKG_PATH_MAX;
+
+ if (append_and_increment(&dst, dir->path, &dst_size) < 0
+ || append_and_increment(&dst, pkgname, &dst_size) < 0
+ || append_and_increment(&dst, postfix, &dst_size) < 0) {
+ ALOGE("Error building APK path");
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * Create the package path name for a given package name with a postfix for
+ * a certain persona. Returns 0 on success, and -1 on failure.
+ */
+int create_pkg_path(char path[PKG_PATH_MAX],
+ const char *pkgname,
+ const char *postfix,
+ uid_t persona)
+{
+ size_t uid_len;
+ char* persona_prefix;
+ if (persona == 0) {
+ persona_prefix = PRIMARY_USER_PREFIX;
+ uid_len = 0;
+ } else {
+ persona_prefix = SECONDARY_USER_PREFIX;
+ uid_len = snprintf(NULL, 0, "%d", persona);
+ }
+
+ const size_t prefix_len = android_data_dir.len + strlen(persona_prefix) + uid_len + 1 /*slash*/;
+ char prefix[prefix_len + 1];
+
+ char *dst = prefix;
+ size_t dst_size = sizeof(prefix);
+
+ if (append_and_increment(&dst, android_data_dir.path, &dst_size) < 0
+ || append_and_increment(&dst, persona_prefix, &dst_size) < 0) {
+ ALOGE("Error building prefix for APK path");
+ return -1;
+ }
+
+ if (persona != 0) {
+ int ret = snprintf(dst, dst_size, "%d/", persona);
+ if (ret < 0 || (size_t) ret != uid_len + 1) {
+ ALOGW("Error appending UID to APK path");
+ return -1;
+ }
+ }
+
+ dir_rec_t dir;
+ dir.path = prefix;
+ dir.len = prefix_len;
+
+ return create_pkg_path_in_dir(path, &dir, pkgname, postfix);
+}
+
+/**
+ * Create the path name for user data for a certain persona.
+ * Returns 0 on success, and -1 on failure.
+ */
+int create_persona_path(char path[PKG_PATH_MAX],
+ uid_t persona)
+{
+ size_t uid_len;
+ char* persona_prefix;
+ if (persona == 0) {
+ persona_prefix = PRIMARY_USER_PREFIX;
+ uid_len = 0;
+ } else {
+ persona_prefix = SECONDARY_USER_PREFIX;
+ uid_len = snprintf(NULL, 0, "%d/", persona);
+ }
+
+ char *dst = path;
+ size_t dst_size = PKG_PATH_MAX;
+
+ if (append_and_increment(&dst, android_data_dir.path, &dst_size) < 0
+ || append_and_increment(&dst, persona_prefix, &dst_size) < 0) {
+ ALOGE("Error building prefix for user path");
+ return -1;
+ }
+
+ if (persona != 0) {
+ if (dst_size < uid_len + 1) {
+ ALOGE("Error building user path");
+ return -1;
+ }
+ int ret = snprintf(dst, dst_size, "%d/", persona);
+ if (ret < 0 || (size_t) ret != uid_len) {
+ ALOGE("Error appending persona id to path");
+ return -1;
+ }
+ }
+ return 0;
+}
+
+/**
+ * Create the path name for media for a certain persona.
+ * Returns 0 on success, and -1 on failure.
+ */
+int create_persona_media_path(char path[PATH_MAX], userid_t userid) {
+ if (snprintf(path, PATH_MAX, "%s%d", android_media_dir.path, userid) > PATH_MAX) {
+ return -1;
+ }
+ return 0;
+}
+
+int create_move_path(char path[PKG_PATH_MAX],
+ const char* pkgname,
+ const char* leaf,
+ uid_t persona)
+{
+ if ((android_data_dir.len + strlen(PRIMARY_USER_PREFIX) + strlen(pkgname) + strlen(leaf) + 1)
+ >= PKG_PATH_MAX) {
+ return -1;
+ }
+
+ sprintf(path, "%s%s%s/%s", android_data_dir.path, PRIMARY_USER_PREFIX, pkgname, leaf);
+ return 0;
+}
+
+/**
+ * Checks whether the package name is valid. Returns -1 on error and
+ * 0 on success.
+ */
+int is_valid_package_name(const char* pkgname) {
+ const char *x = pkgname;
+ int alpha = -1;
+
+ while (*x) {
+ if (isalnum(*x) || (*x == '_')) {
+ /* alphanumeric or underscore are fine */
+ } else if (*x == '.') {
+ if ((x == pkgname) || (x[1] == '.') || (x[1] == 0)) {
+ /* periods must not be first, last, or doubled */
+ ALOGE("invalid package name '%s'\n", pkgname);
+ return -1;
+ }
+ } else if (*x == '-') {
+ /* Suffix -X is fine to let versioning of packages.
+ But whatever follows should be alphanumeric.*/
+ alpha = 1;
+ } else {
+ /* anything not A-Z, a-z, 0-9, _, or . is invalid */
+ ALOGE("invalid package name '%s'\n", pkgname);
+ return -1;
+ }
+
+ x++;
+ }
+
+ if (alpha == 1) {
+ // Skip current character
+ x++;
+ while (*x) {
+ if (!isalnum(*x)) {
+ ALOGE("invalid package name '%s' should include only numbers after -\n", pkgname);
+ return -1;
+ }
+ x++;
+ }
+ }
+
+ return 0;
+}
+
+static int _delete_dir_contents(DIR *d, const char *ignore)
+{
+ int result = 0;
+ struct dirent *de;
+ int dfd;
+
+ dfd = dirfd(d);
+
+ if (dfd < 0) return -1;
+
+ while ((de = readdir(d))) {
+ const char *name = de->d_name;
+
+ /* skip the ignore name if provided */
+ if (ignore && !strcmp(name, ignore)) continue;
+
+ if (de->d_type == DT_DIR) {
+ int r, subfd;
+ DIR *subdir;
+
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+
+ subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
+ if (subfd < 0) {
+ ALOGE("Couldn't openat %s: %s\n", name, strerror(errno));
+ result = -1;
+ continue;
+ }
+ subdir = fdopendir(subfd);
+ if (subdir == NULL) {
+ ALOGE("Couldn't fdopendir %s: %s\n", name, strerror(errno));
+ close(subfd);
+ result = -1;
+ continue;
+ }
+ if (_delete_dir_contents(subdir, 0)) {
+ result = -1;
+ }
+ closedir(subdir);
+ if (unlinkat(dfd, name, AT_REMOVEDIR) < 0) {
+ ALOGE("Couldn't unlinkat %s: %s\n", name, strerror(errno));
+ result = -1;
+ }
+ } else {
+ if (unlinkat(dfd, name, 0) < 0) {
+ ALOGE("Couldn't unlinkat %s: %s\n", name, strerror(errno));
+ result = -1;
+ }
+ }
+ }
+
+ return result;
+}
+
+int delete_dir_contents(const char *pathname,
+ int also_delete_dir,
+ const char *ignore)
+{
+ int res = 0;
+ DIR *d;
+
+ d = opendir(pathname);
+ if (d == NULL) {
+ ALOGE("Couldn't opendir %s: %s\n", pathname, strerror(errno));
+ return -errno;
+ }
+ res = _delete_dir_contents(d, ignore);
+ closedir(d);
+ if (also_delete_dir) {
+ if (rmdir(pathname)) {
+ ALOGE("Couldn't rmdir %s: %s\n", pathname, strerror(errno));
+ res = -1;
+ }
+ }
+ return res;
+}
+
+int delete_dir_contents_fd(int dfd, const char *name)
+{
+ int fd, res;
+ DIR *d;
+
+ fd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
+ if (fd < 0) {
+ ALOGE("Couldn't openat %s: %s\n", name, strerror(errno));
+ return -1;
+ }
+ d = fdopendir(fd);
+ if (d == NULL) {
+ ALOGE("Couldn't fdopendir %s: %s\n", name, strerror(errno));
+ close(fd);
+ return -1;
+ }
+ res = _delete_dir_contents(d, 0);
+ closedir(d);
+ return res;
+}
+
+int lookup_media_dir(char basepath[PATH_MAX], const char *dir)
+{
+ DIR *d;
+ struct dirent *de;
+ struct stat s;
+ char* dirpos = basepath + strlen(basepath);
+
+ if ((*(dirpos-1)) != '/') {
+ *dirpos = '/';
+ dirpos++;
+ }
+
+ CACHE_NOISY(ALOGI("Looking up %s in %s\n", dir, basepath));
+ // Verify the path won't extend beyond our buffer, to avoid
+ // repeated checking later.
+ if ((dirpos-basepath+strlen(dir)) >= (PATH_MAX-1)) {
+ ALOGW("Path exceeds limit: %s%s", basepath, dir);
+ return -1;
+ }
+
+ // First, can we find this directory with the case that is given?
+ strcpy(dirpos, dir);
+ if (stat(basepath, &s) >= 0) {
+ CACHE_NOISY(ALOGI("Found direct: %s\n", basepath));
+ return 0;
+ }
+
+ // Not found with that case... search through all entries to find
+ // one that matches regardless of case.
+ *dirpos = 0;
+
+ d = opendir(basepath);
+ if (d == NULL) {
+ return -1;
+ }
+
+ while ((de = readdir(d))) {
+ if (strcasecmp(de->d_name, dir) == 0) {
+ strcpy(dirpos, de->d_name);
+ closedir(d);
+ CACHE_NOISY(ALOGI("Found search: %s\n", basepath));
+ return 0;
+ }
+ }
+
+ ALOGW("Couldn't find %s in %s", dir, basepath);
+ closedir(d);
+ return -1;
+}
+
+int64_t data_disk_free()
+{
+ struct statfs sfs;
+ if (statfs(android_data_dir.path, &sfs) == 0) {
+ return sfs.f_bavail * sfs.f_bsize;
+ } else {
+ ALOGE("Couldn't statfs %s: %s\n", android_data_dir.path, strerror(errno));
+ return -1;
+ }
+}
+
+cache_t* start_cache_collection()
+{
+ cache_t* cache = (cache_t*)calloc(1, sizeof(cache_t));
+ return cache;
+}
+
+#define CACHE_BLOCK_SIZE (512*1024)
+
+static void* _cache_malloc(cache_t* cache, size_t len)
+{
+ len = (len+3)&~3;
+ if (len > (CACHE_BLOCK_SIZE/2)) {
+ // It doesn't make sense to try to put this allocation into one
+ // of our blocks, because it is so big. Instead, make a new dedicated
+ // block for it.
+ int8_t* res = (int8_t*)malloc(len+sizeof(void*));
+ if (res == NULL) {
+ return NULL;
+ }
+ CACHE_NOISY(ALOGI("Allocated large cache mem block: %p size %d", res, len));
+ // Link it into our list of blocks, not disrupting the current one.
+ if (cache->memBlocks == NULL) {
+ *(void**)res = NULL;
+ cache->memBlocks = res;
+ } else {
+ *(void**)res = *(void**)cache->memBlocks;
+ *(void**)cache->memBlocks = res;
+ }
+ return res + sizeof(void*);
+ }
+ int8_t* res = cache->curMemBlockAvail;
+ int8_t* nextPos = res + len;
+ if (cache->memBlocks == NULL || nextPos > cache->curMemBlockEnd) {
+ int8_t* newBlock = malloc(CACHE_BLOCK_SIZE);
+ if (newBlock == NULL) {
+ return NULL;
+ }
+ CACHE_NOISY(ALOGI("Allocated new cache mem block: %p", newBlock));
+ *(void**)newBlock = cache->memBlocks;
+ cache->memBlocks = newBlock;
+ res = cache->curMemBlockAvail = newBlock + sizeof(void*);
+ cache->curMemBlockEnd = newBlock + CACHE_BLOCK_SIZE;
+ nextPos = res + len;
+ }
+ CACHE_NOISY(ALOGI("cache_malloc: ret %p size %d, block=%p, nextPos=%p",
+ res, len, cache->memBlocks, nextPos));
+ cache->curMemBlockAvail = nextPos;
+ return res;
+}
+
+static void* _cache_realloc(cache_t* cache, void* cur, size_t origLen, size_t len)
+{
+ // This isn't really a realloc, but it is good enough for our purposes here.
+ void* alloc = _cache_malloc(cache, len);
+ if (alloc != NULL && cur != NULL) {
+ memcpy(alloc, cur, origLen < len ? origLen : len);
+ }
+ return alloc;
+}
+
+static void _inc_num_cache_collected(cache_t* cache)
+{
+ cache->numCollected++;
+ if ((cache->numCollected%20000) == 0) {
+ ALOGI("Collected cache so far: %d directories, %d files",
+ cache->numDirs, cache->numFiles);
+ }
+}
+
+static cache_dir_t* _add_cache_dir_t(cache_t* cache, cache_dir_t* parent, const char *name)
+{
+ size_t nameLen = strlen(name);
+ cache_dir_t* dir = (cache_dir_t*)_cache_malloc(cache, sizeof(cache_dir_t)+nameLen+1);
+ if (dir != NULL) {
+ dir->parent = parent;
+ dir->childCount = 0;
+ dir->hiddenCount = 0;
+ dir->deleted = 0;
+ strcpy(dir->name, name);
+ if (cache->numDirs >= cache->availDirs) {
+ size_t newAvail = cache->availDirs < 1000 ? 1000 : cache->availDirs*2;
+ cache_dir_t** newDirs = (cache_dir_t**)_cache_realloc(cache, cache->dirs,
+ cache->availDirs*sizeof(cache_dir_t*), newAvail*sizeof(cache_dir_t*));
+ if (newDirs == NULL) {
+ ALOGE("Failure growing cache dirs array for %s\n", name);
+ return NULL;
+ }
+ cache->availDirs = newAvail;
+ cache->dirs = newDirs;
+ }
+ cache->dirs[cache->numDirs] = dir;
+ cache->numDirs++;
+ if (parent != NULL) {
+ parent->childCount++;
+ }
+ _inc_num_cache_collected(cache);
+ } else {
+ ALOGE("Failure allocating cache_dir_t for %s\n", name);
+ }
+ return dir;
+}
+
+static cache_file_t* _add_cache_file_t(cache_t* cache, cache_dir_t* dir, time_t modTime,
+ const char *name)
+{
+ size_t nameLen = strlen(name);
+ cache_file_t* file = (cache_file_t*)_cache_malloc(cache, sizeof(cache_file_t)+nameLen+1);
+ if (file != NULL) {
+ file->dir = dir;
+ file->modTime = modTime;
+ strcpy(file->name, name);
+ if (cache->numFiles >= cache->availFiles) {
+ size_t newAvail = cache->availFiles < 1000 ? 1000 : cache->availFiles*2;
+ cache_file_t** newFiles = (cache_file_t**)_cache_realloc(cache, cache->files,
+ cache->availFiles*sizeof(cache_file_t*), newAvail*sizeof(cache_file_t*));
+ if (newFiles == NULL) {
+ ALOGE("Failure growing cache file array for %s\n", name);
+ return NULL;
+ }
+ cache->availFiles = newAvail;
+ cache->files = newFiles;
+ }
+ CACHE_NOISY(ALOGI("Setting file %p at position %d in array %p", file,
+ cache->numFiles, cache->files));
+ cache->files[cache->numFiles] = file;
+ cache->numFiles++;
+ dir->childCount++;
+ _inc_num_cache_collected(cache);
+ } else {
+ ALOGE("Failure allocating cache_file_t for %s\n", name);
+ }
+ return file;
+}
+
+static int _add_cache_files(cache_t *cache, cache_dir_t *parentDir, const char *dirName,
+ DIR* dir, char *pathBase, char *pathPos, size_t pathAvailLen)
+{
+ struct dirent *de;
+ cache_dir_t* cacheDir = NULL;
+ int dfd;
+
+ CACHE_NOISY(ALOGI("_add_cache_files: parent=%p dirName=%s dir=%p pathBase=%s",
+ parentDir, dirName, dir, pathBase));
+
+ dfd = dirfd(dir);
+
+ if (dfd < 0) return 0;
+
+ // Sub-directories always get added to the data structure, so if they
+ // are empty we will know about them to delete them later.
+ cacheDir = _add_cache_dir_t(cache, parentDir, dirName);
+
+ while ((de = readdir(dir))) {
+ const char *name = de->d_name;
+
+ if (de->d_type == DT_DIR) {
+ int subfd;
+ DIR *subdir;
+
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+
+ subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
+ if (subfd < 0) {
+ ALOGE("Couldn't openat %s: %s\n", name, strerror(errno));
+ continue;
+ }
+ subdir = fdopendir(subfd);
+ if (subdir == NULL) {
+ ALOGE("Couldn't fdopendir %s: %s\n", name, strerror(errno));
+ close(subfd);
+ continue;
+ }
+ if (cacheDir == NULL) {
+ cacheDir = _add_cache_dir_t(cache, parentDir, dirName);
+ }
+ if (cacheDir != NULL) {
+ // Update pathBase for the new path... this may change dirName
+ // if that is also pointing to the path, but we are done with it
+ // now.
+ size_t finallen = snprintf(pathPos, pathAvailLen, "/%s", name);
+ CACHE_NOISY(ALOGI("Collecting dir %s\n", pathBase));
+ if (finallen < pathAvailLen) {
+ _add_cache_files(cache, cacheDir, name, subdir, pathBase,
+ pathPos+finallen, pathAvailLen-finallen);
+ } else {
+ // Whoops, the final path is too long! We'll just delete
+ // this directory.
+ ALOGW("Cache dir %s truncated in path %s; deleting dir\n",
+ name, pathBase);
+ _delete_dir_contents(subdir, NULL);
+ if (unlinkat(dfd, name, AT_REMOVEDIR) < 0) {
+ ALOGE("Couldn't unlinkat %s: %s\n", name, strerror(errno));
+ }
+ }
+ }
+ closedir(subdir);
+ } else if (de->d_type == DT_REG) {
+ // Skip files that start with '.'; they will be deleted if
+ // their entire directory is deleted. This allows for metadata
+ // like ".nomedia" to remain in the directory until the entire
+ // directory is deleted.
+ if (cacheDir == NULL) {
+ cacheDir = _add_cache_dir_t(cache, parentDir, dirName);
+ }
+ if (name[0] == '.') {
+ cacheDir->hiddenCount++;
+ continue;
+ }
+ if (cacheDir != NULL) {
+ // Build final full path for file... this may change dirName
+ // if that is also pointing to the path, but we are done with it
+ // now.
+ size_t finallen = snprintf(pathPos, pathAvailLen, "/%s", name);
+ CACHE_NOISY(ALOGI("Collecting file %s\n", pathBase));
+ if (finallen < pathAvailLen) {
+ struct stat s;
+ if (stat(pathBase, &s) >= 0) {
+ _add_cache_file_t(cache, cacheDir, s.st_mtime, name);
+ } else {
+ ALOGW("Unable to stat cache file %s; deleting\n", pathBase);
+ if (unlink(pathBase) < 0) {
+ ALOGE("Couldn't unlink %s: %s\n", pathBase, strerror(errno));
+ }
+ }
+ } else {
+ // Whoops, the final path is too long! We'll just delete
+ // this file.
+ ALOGW("Cache file %s truncated in path %s; deleting\n",
+ name, pathBase);
+ if (unlinkat(dfd, name, 0) < 0) {
+ *pathPos = 0;
+ ALOGE("Couldn't unlinkat %s in %s: %s\n", name, pathBase,
+ strerror(errno));
+ }
+ }
+ }
+ } else {
+ cacheDir->hiddenCount++;
+ }
+ }
+ return 0;
+}
+
+void add_cache_files(cache_t* cache, const char *basepath, const char *cachedir)
+{
+ DIR *d;
+ struct dirent *de;
+ char dirname[PATH_MAX];
+
+ CACHE_NOISY(ALOGI("add_cache_files: base=%s cachedir=%s\n", basepath, cachedir));
+
+ d = opendir(basepath);
+ if (d == NULL) {
+ return;
+ }
+
+ while ((de = readdir(d))) {
+ if (de->d_type == DT_DIR) {
+ DIR* subdir;
+ const char *name = de->d_name;
+ char* pathpos;
+
+ /* always skip "." and ".." */
+ if (name[0] == '.') {
+ if (name[1] == 0) continue;
+ if ((name[1] == '.') && (name[2] == 0)) continue;
+ }
+
+ strcpy(dirname, basepath);
+ pathpos = dirname + strlen(dirname);
+ if ((*(pathpos-1)) != '/') {
+ *pathpos = '/';
+ pathpos++;
+ *pathpos = 0;
+ }
+ if (cachedir != NULL) {
+ snprintf(pathpos, sizeof(dirname)-(pathpos-dirname), "%s/%s", name, cachedir);
+ } else {
+ snprintf(pathpos, sizeof(dirname)-(pathpos-dirname), "%s", name);
+ }
+ CACHE_NOISY(ALOGI("Adding cache files from dir: %s\n", dirname));
+ subdir = opendir(dirname);
+ if (subdir != NULL) {
+ size_t dirnameLen = strlen(dirname);
+ _add_cache_files(cache, NULL, dirname, subdir, dirname, dirname+dirnameLen,
+ PATH_MAX - dirnameLen);
+ closedir(subdir);
+ }
+ }
+ }
+
+ closedir(d);
+}
+
+static char *create_dir_path(char path[PATH_MAX], cache_dir_t* dir)
+{
+ char *pos = path;
+ if (dir->parent != NULL) {
+ pos = create_dir_path(path, dir->parent);
+ }
+ // Note that we don't need to worry about going beyond the buffer,
+ // since when we were constructing the cache entries our maximum
+ // buffer size for full paths was PATH_MAX.
+ strcpy(pos, dir->name);
+ pos += strlen(pos);
+ *pos = '/';
+ pos++;
+ *pos = 0;
+ return pos;
+}
+
+static void delete_cache_dir(char path[PATH_MAX], cache_dir_t* dir)
+{
+ if (dir->parent != NULL) {
+ create_dir_path(path, dir);
+ ALOGI("DEL DIR %s\n", path);
+ if (dir->hiddenCount <= 0) {
+ if (rmdir(path)) {
+ ALOGE("Couldn't rmdir %s: %s\n", path, strerror(errno));
+ return;
+ }
+ } else {
+ // The directory contains hidden files so we need to delete
+ // them along with the directory itself.
+ if (delete_dir_contents(path, 1, NULL)) {
+ return;
+ }
+ }
+ dir->parent->childCount--;
+ dir->deleted = 1;
+ if (dir->parent->childCount <= 0) {
+ delete_cache_dir(path, dir->parent);
+ }
+ } else if (dir->hiddenCount > 0) {
+ // This is a root directory, but it has hidden files. Get rid of
+ // all of those files, but not the directory itself.
+ create_dir_path(path, dir);
+ ALOGI("DEL CONTENTS %s\n", path);
+ delete_dir_contents(path, 0, NULL);
+ }
+}
+
+static int cache_modtime_sort(const void *lhsP, const void *rhsP)
+{
+ const cache_file_t *lhs = *(const cache_file_t**)lhsP;
+ const cache_file_t *rhs = *(const cache_file_t**)rhsP;
+ return lhs->modTime < rhs->modTime ? -1 : (lhs->modTime > rhs->modTime ? 1 : 0);
+}
+
+void clear_cache_files(cache_t* cache, int64_t free_size)
+{
+ size_t i;
+ int skip = 0;
+ char path[PATH_MAX];
+
+ ALOGI("Collected cache files: %d directories, %d files",
+ cache->numDirs, cache->numFiles);
+
+ CACHE_NOISY(ALOGI("Sorting files..."));
+ qsort(cache->files, cache->numFiles, sizeof(cache_file_t*),
+ cache_modtime_sort);
+
+ CACHE_NOISY(ALOGI("Cleaning empty directories..."));
+ for (i=cache->numDirs; i>0; i--) {
+ cache_dir_t* dir = cache->dirs[i-1];
+ if (dir->childCount <= 0 && !dir->deleted) {
+ delete_cache_dir(path, dir);
+ }
+ }
+
+ CACHE_NOISY(ALOGI("Trimming files..."));
+ for (i=0; i<cache->numFiles; i++) {
+ skip++;
+ if (skip > 10) {
+ if (data_disk_free() > free_size) {
+ return;
+ }
+ skip = 0;
+ }
+ cache_file_t* file = cache->files[i];
+ strcpy(create_dir_path(path, file->dir), file->name);
+ ALOGI("DEL (mod %d) %s\n", (int)file->modTime, path);
+ if (unlink(path) < 0) {
+ ALOGE("Couldn't unlink %s: %s\n", path, strerror(errno));
+ }
+ file->dir->childCount--;
+ if (file->dir->childCount <= 0) {
+ delete_cache_dir(path, file->dir);
+ }
+ }
+}
+
+void finish_cache_collection(cache_t* cache)
+{
+ size_t i;
+
+ CACHE_NOISY(ALOGI("clear_cache_files: %d dirs, %d files\n", cache->numDirs, cache->numFiles));
+ CACHE_NOISY(
+ for (i=0; i<cache->numDirs; i++) {
+ cache_dir_t* dir = cache->dirs[i];
+ ALOGI("dir #%d: %p %s parent=%p\n", i, dir, dir->name, dir->parent);
+ })
+ CACHE_NOISY(
+ for (i=0; i<cache->numFiles; i++) {
+ cache_file_t* file = cache->files[i];
+ ALOGI("file #%d: %p %s time=%d dir=%p\n", i, file, file->name,
+ (int)file->modTime, file->dir);
+ })
+ void* block = cache->memBlocks;
+ while (block != NULL) {
+ void* nextBlock = *(void**)block;
+ CACHE_NOISY(ALOGI("Freeing cache mem block: %p", block));
+ free(block);
+ block = nextBlock;
+ }
+ free(cache);
+}
+
+/**
+ * Checks whether a path points to a system app (.apk file). Returns 0
+ * if it is a system app or -1 if it is not.
+ */
+int validate_system_app_path(const char* path) {
+ size_t i;
+
+ for (i = 0; i < android_system_dirs.count; i++) {
+ const size_t dir_len = android_system_dirs.dirs[i].len;
+ if (!strncmp(path, android_system_dirs.dirs[i].path, dir_len)) {
+ if (path[dir_len] == '.' || strchr(path + dir_len, '/') != NULL) {
+ ALOGE("invalid system apk path '%s' (trickery)\n", path);
+ return -1;
+ }
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+/**
+ * Get the contents of a environment variable that contains a path. Caller
+ * owns the string that is inserted into the directory record. Returns
+ * 0 on success and -1 on error.
+ */
+int get_path_from_env(dir_rec_t* rec, const char* var) {
+ const char* path = getenv(var);
+ int ret = get_path_from_string(rec, path);
+ if (ret < 0) {
+ ALOGW("Problem finding value for environment variable %s\n", var);
+ }
+ return ret;
+}
+
+/**
+ * Puts the string into the record as a directory. Appends '/' to the end
+ * of all paths. Caller owns the string that is inserted into the directory
+ * record. A null value will result in an error.
+ *
+ * Returns 0 on success and -1 on error.
+ */
+int get_path_from_string(dir_rec_t* rec, const char* path) {
+ if (path == NULL) {
+ return -1;
+ } else {
+ const size_t path_len = strlen(path);
+ if (path_len <= 0) {
+ return -1;
+ }
+
+ // Make sure path is absolute.
+ if (path[0] != '/') {
+ return -1;
+ }
+
+ if (path[path_len - 1] == '/') {
+ // Path ends with a forward slash. Make our own copy.
+
+ rec->path = strdup(path);
+ if (rec->path == NULL) {
+ return -1;
+ }
+
+ rec->len = path_len;
+ } else {
+ // Path does not end with a slash. Generate a new string.
+ char *dst;
+
+ // Add space for slash and terminating null.
+ size_t dst_size = path_len + 2;
+
+ rec->path = malloc(dst_size);
+ if (rec->path == NULL) {
+ return -1;
+ }
+
+ dst = rec->path;
+
+ if (append_and_increment(&dst, path, &dst_size) < 0
+ || append_and_increment(&dst, "/", &dst_size)) {
+ ALOGE("Error canonicalizing path");
+ return -1;
+ }
+
+ rec->len = dst - rec->path;
+ }
+ }
+ return 0;
+}
+
+int copy_and_append(dir_rec_t* dst, const dir_rec_t* src, const char* suffix) {
+ dst->len = src->len + strlen(suffix);
+ const size_t dstSize = dst->len + 1;
+ dst->path = (char*) malloc(dstSize);
+
+ if (dst->path == NULL
+ || snprintf(dst->path, dstSize, "%s%s", src->path, suffix)
+ != (ssize_t) dst->len) {
+ ALOGE("Could not allocate memory to hold appended path; aborting\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * Check whether path points to a valid path for an APK file. An ASEC
+ * directory is allowed to have one level of subdirectory names. Returns -1
+ * when an invalid path is encountered and 0 when a valid path is encountered.
+ */
+int validate_apk_path(const char *path)
+{
+ int allowsubdir = 0;
+ char *subdir = NULL;
+ size_t dir_len;
+ size_t path_len;
+
+ if (!strncmp(path, android_app_dir.path, android_app_dir.len)) {
+ dir_len = android_app_dir.len;
+ } else if (!strncmp(path, android_app_private_dir.path, android_app_private_dir.len)) {
+ dir_len = android_app_private_dir.len;
+ } else if (!strncmp(path, android_asec_dir.path, android_asec_dir.len)) {
+ dir_len = android_asec_dir.len;
+ allowsubdir = 1;
+ } else {
+ ALOGE("invalid apk path '%s' (bad prefix)\n", path);
+ return -1;
+ }
+
+ path_len = strlen(path);
+
+ /*
+ * Only allow the path to have a subdirectory if it's been marked as being allowed.
+ */
+ if ((subdir = strchr(path + dir_len, '/')) != NULL) {
+ ++subdir;
+ if (!allowsubdir
+ || (path_len > (size_t) (subdir - path) && (strchr(subdir, '/') != NULL))) {
+ ALOGE("invalid apk path '%s' (subdir?)\n", path);
+ return -1;
+ }
+ }
+
+ /*
+ * Directories can't have a period directly after the directory markers
+ * to prevent ".."
+ */
+ if (path[dir_len] == '.'
+ || (subdir != NULL && ((*subdir == '.') || (strchr(subdir, '/') != NULL)))) {
+ ALOGE("invalid apk path '%s' (trickery)\n", path);
+ return -1;
+ }
+
+ return 0;
+}
+
+int append_and_increment(char** dst, const char* src, size_t* dst_size) {
+ ssize_t ret = strlcpy(*dst, src, *dst_size);
+ if (ret < 0 || (size_t) ret >= *dst_size) {
+ return -1;
+ }
+ *dst += ret;
+ *dst_size -= ret;
+ return 0;
+}
+
+char *build_string2(char *s1, char *s2) {
+ if (s1 == NULL || s2 == NULL) return NULL;
+
+ int len_s1 = strlen(s1);
+ int len_s2 = strlen(s2);
+ int len = len_s1 + len_s2 + 1;
+ char *result = malloc(len);
+ if (result == NULL) return NULL;
+
+ strcpy(result, s1);
+ strcpy(result + len_s1, s2);
+
+ return result;
+}
+
+char *build_string3(char *s1, char *s2, char *s3) {
+ if (s1 == NULL || s2 == NULL || s3 == NULL) return NULL;
+
+ int len_s1 = strlen(s1);
+ int len_s2 = strlen(s2);
+ int len_s3 = strlen(s3);
+ int len = len_s1 + len_s2 + len_s3 + 1;
+ char *result = malloc(len);
+ if (result == NULL) return NULL;
+
+ strcpy(result, s1);
+ strcpy(result + len_s1, s2);
+ strcpy(result + len_s1 + len_s2, s3);
+
+ return result;
+}
+
+/* Ensure that /data/media directories are prepared for given user. */
+int ensure_media_user_dirs(userid_t userid) {
+ char media_user_path[PATH_MAX];
+ char path[PATH_MAX];
+
+ // Ensure /data/media/<userid> exists
+ create_persona_media_path(media_user_path, userid);
+ if (fs_prepare_dir(media_user_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW) == -1) {
+ return -1;
+ }
+
+ return 0;
+}