Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 4701f467ea47478ee26b7a7caf997a36bab54143 / . / cmds / installd / tests / test_utils.h
blob: a7ef674225e787bdd1cde7104280c2b2ee457bfd [file] [log] [blame]
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]1#include <stdlib.h>
2#include <string.h>
Calin Juravle29591732017-11-20 17:46:19 -0800[diff] [blame]3#include <sys/capability.h>
4
5#include <android-base/logging.h>
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]6#include <android-base/stringprintf.h>
Calin Juravle29591732017-11-20 17:46:19 -0800[diff] [blame]7#include <selinux/android.h>
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]8
9uint8_t kBase64Map[256] = {
10 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
11 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
12 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
13 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63,
14 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255,
15 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6,
16 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
17 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255,
18 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36,
19 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
20 49, 50, 51, 255, 255, 255, 255, 255, 255, 255, 255, 255,
21 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
22 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
23 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
24 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
25 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
26 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
27 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
28 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
29 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
30 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
31 255, 255, 255, 255
32};
33
34uint8_t* DecodeBase64(const char* src, size_t* dst_size) {
35 CHECK(dst_size != nullptr);
36 std::vector<uint8_t> tmp;
37 uint32_t t = 0, y = 0;
38 int g = 3;
39 for (size_t i = 0; src[i] != '\0'; ++i) {
40 uint8_t c = kBase64Map[src[i] & 0xFF];
41 if (c == 255) continue;
42 // the final = symbols are read and used to trim the remaining bytes
43 if (c == 254) {
44 c = 0;
45 // prevent g < 0 which would potentially allow an overflow later
46 if (--g < 0) {
47 *dst_size = 0;
48 return nullptr;
49 }
50 } else if (g != 3) {
51 // we only allow = to be at the end
52 *dst_size = 0;
53 return nullptr;
54 }
55 t = (t << 6) | c;
56 if (++y == 4) {
57 tmp.push_back((t >> 16) & 255);
58 if (g > 1) {
59 tmp.push_back((t >> 8) & 255);
60 }
61 if (g > 2) {
62 tmp.push_back(t & 255);
63 }
64 y = t = 0;
65 }
66 }
67 if (y != 0) {
68 *dst_size = 0;
69 return nullptr;
70 }
71 std::unique_ptr<uint8_t[]> dst(new uint8_t[tmp.size()]);
72 *dst_size = tmp.size();
73 std::copy(tmp.begin(), tmp.end(), dst.get());
74 return dst.release();
75}
76
77bool WriteBase64ToFile(const char* base64, const std::string& file,
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]78 uid_t uid, gid_t gid, int mode, std::string* error_msg) {
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]79 CHECK(base64 != nullptr);
80 size_t length;
81 std::unique_ptr<uint8_t[]> bytes(DecodeBase64(base64, &length));
82 CHECK(bytes != nullptr);
83
84
85 int fd = open(file.c_str(), O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
86
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]87 using android::base::StringPrintf;
88
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]89 if (fd < 0) {
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]90 *error_msg = StringPrintf("Could not open file %s: %s", file.c_str(), strerror(errno));
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]91 return false;
92 }
93
94 size_t wrote = 0;
95 while (wrote < length) {
96 ssize_t cur = write(fd, bytes.get() + wrote, length - wrote);
97 if (cur == -1) {
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]98 *error_msg = StringPrintf("Could not write file %s: %s", file.c_str(), strerror(errno));
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]99 return false;
100 }
101 wrote += cur;
102 }
103
104 if (::chown(file.c_str(), uid, gid) != 0) {
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]105 *error_msg = StringPrintf("Could not chown file %s: %s", file.c_str(), strerror(errno));
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]106 return false;
107 }
108 if (::chmod(file.c_str(), mode) != 0) {
Andreas Gampe2ef09a72018-08-29 14:50:41 -0700[diff] [blame]109 *error_msg = StringPrintf("Could not chmod file %s: %s", file.c_str(), strerror(errno));
Calin Juravle7d765462017-09-04 15:57:10 -0700[diff] [blame]110 return false;
111 }
112 return true;
113}
Calin Juravle29591732017-11-20 17:46:19 -0800[diff] [blame]114
115// TODO(calin): fix dexopt drop_capabilities and move to general utils (b/69678790).
116bool DropCapabilities(uid_t uid, gid_t gid) {
117 if (setgid(gid) != 0) {
118 PLOG(ERROR) << "setgid failed: " << gid;
119 return false;
120 }
121 if (setuid(uid) != 0) {
122 PLOG(ERROR) << "setuid failed: " << uid;
123 return false;
124 }
125 // drop capabilities
126 struct __user_cap_header_struct capheader;
127 struct __user_cap_data_struct capdata[2];
128 memset(&capheader, 0, sizeof(capheader));
129 memset(&capdata, 0, sizeof(capdata));
130 capheader.version = _LINUX_CAPABILITY_VERSION_3;
131 if (capset(&capheader, &capdata[0]) < 0) {
132 PLOG(ERROR) << "capset failed";
133 return false;
134 }
135
136 return true;
137}