Blame - init/subcontext.cpp - android_system_core

blob: 1306c7ded5876b342d9646183327ad738a43f9cb [file] [log] [blame]

Tom Cherry	cb0f9bb	2017-09-12 15:58:47 -0700	[diff] [blame^]	1	/*
				2	* Copyright (C) 2017 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	#include "subcontext.h"
				18
				19	#include <fcntl.h>
				20	#include <poll.h>
				21	#include <sys/socket.h>
				22	#include <unistd.h>
				23
				24	#include <android-base/file.h>
				25	#include <android-base/logging.h>
				26	#include <android-base/strings.h>
				27	#include <selinux/android.h>
				28
				29	#include "action.h"
				30	#include "system/core/init/subcontext.pb.h"
				31	#include "util.h"
				32
				33	using android::base::GetExecutablePath;
				34	using android::base::Join;
				35	using android::base::Socketpair;
				36	using android::base::Split;
				37	using android::base::StartsWith;
				38	using android::base::unique_fd;
				39
				40	namespace android {
				41	namespace init {
				42
				43	const std::string kInitContext = "u:object_r:init:s0";
				44	const std::string kVendorContext = "u:object_r:vendor_init:s0";
				45
				46	namespace {
				47
				48	constexpr size_t kBufferSize = 4096;
				49
				50	Result<std::string> ReadMessage(int socket) {
				51	char buffer[kBufferSize] = {};
				52	auto result = TEMP_FAILURE_RETRY(recv(socket, buffer, sizeof(buffer), 0));
				53	if (result <= 0) {
				54	return ErrnoError();
				55	}
				56	return std::string(buffer, result);
				57	}
				58
				59	template <typename T>
				60	Result<Success> SendMessage(int socket, const T& message) {
				61	std::string message_string;
				62	if (!message.SerializeToString(&message_string)) {
				63	return Error() << "Unable to serialize message";
				64	}
				65
				66	if (message_string.size() > kBufferSize) {
				67	return Error() << "Serialized message too long to send";
				68	}
				69
				70	if (auto result =
				71	TEMP_FAILURE_RETRY(send(socket, message_string.c_str(), message_string.size(), 0));
				72	result != static_cast<long>(message_string.size())) {
				73	return ErrnoError() << "send() failed to send message contents";
				74	}
				75	return Success();
				76	}
				77
				78	class SubcontextProcess {
				79	public:
				80	SubcontextProcess(const KeywordFunctionMap* function_map, std::string context, int init_fd)
				81	: function_map_(function_map), context_(std::move(context)), init_fd_(init_fd){};
				82	void MainLoop();
				83
				84	private:
				85	void RunCommand(const SubcontextCommand::ExecuteCommand& execute_command,
				86	SubcontextReply::ResultMessage* result_message) const;
				87
				88	const KeywordFunctionMap* function_map_;
				89	const std::string context_;
				90	const int init_fd_;
				91	};
				92
				93	void SubcontextProcess::RunCommand(const SubcontextCommand::ExecuteCommand& execute_command,
				94	SubcontextReply::ResultMessage* result_message) const {
				95	// Need to use ArraySplice instead of this code.
				96	auto args = std::vector<std::string>();
				97	for (const auto& string : execute_command.args()) {
				98	args.emplace_back(string);
				99	}
				100
				101	auto map_result = function_map_->FindFunction(args);
				102	Result<Success> result;
				103	if (!map_result) {
				104	result = Error() << "Cannot find command: " << map_result.error();
				105	} else {
				106	result = RunBuiltinFunction(map_result->second, args, context_);
				107	}
				108
				109	if (result) {
				110	result_message->set_success(true);
				111	} else {
				112	result_message->set_success(false);
				113	result_message->set_error_string(result.error_string());
				114	result_message->set_error_errno(result.error_errno());
				115	}
				116	}
				117
				118	void SubcontextProcess::MainLoop() {
				119	pollfd ufd[1];
				120	ufd[0].events = POLLIN;
				121	ufd[0].fd = init_fd_;
				122
				123	while (true) {
				124	ufd[0].revents = 0;
				125	int nr = TEMP_FAILURE_RETRY(poll(ufd, arraysize(ufd), -1));
				126	if (nr == 0) continue;
				127	if (nr < 0) {
				128	PLOG(FATAL) << "poll() of subcontext socket failed, continuing";
				129	}
				130
				131	auto init_message = ReadMessage(init_fd_);
				132	if (!init_message) {
				133	LOG(FATAL) << "Could not read message from init: " << init_message.error();
				134	}
				135
				136	auto subcontext_command = SubcontextCommand();
				137	if (!subcontext_command.ParseFromString(*init_message)) {
				138	LOG(FATAL) << "Unable to parse message from init";
				139	}
				140
				141	auto reply = SubcontextReply();
				142	switch (subcontext_command.command_case()) {
				143	case SubcontextCommand::kExecuteCommand: {
				144	RunCommand(subcontext_command.execute_command(), reply.mutable_result());
				145	break;
				146	}
				147	default:
				148	LOG(FATAL) << "Unknown message type from init: "
				149	<< subcontext_command.command_case();
				150	}
				151
				152	if (auto result = SendMessage(init_fd_, reply); !result) {
				153	LOG(FATAL) << "Failed to send message to init: " << result.error();
				154	}
				155	}
				156	}
				157
				158	} // namespace
				159
				160	int SubcontextMain(int argc, char** argv, const KeywordFunctionMap* function_map) {
				161	if (argc < 4) LOG(FATAL) << "Fewer than 4 args specified to subcontext (" << argc << ")";
				162
				163	auto context = std::string(argv[2]);
				164	auto init_fd = std::atoi(argv[3]);
				165
				166	auto subcontext_process = SubcontextProcess(function_map, context, init_fd);
				167	subcontext_process.MainLoop();
				168	return 0;
				169	}
				170
				171	void Subcontext::Fork() {
				172	unique_fd subcontext_socket;
				173	if (!Socketpair(AF_UNIX, SOCK_SEQPACKET \| SOCK_CLOEXEC, 0, &socket_, &subcontext_socket)) {
				174	LOG(FATAL) << "Could not create socket pair to communicate to subcontext";
				175	return;
				176	}
				177
				178	auto result = fork();
				179
				180	if (result == -1) {
				181	LOG(FATAL) << "Could not fork subcontext";
				182	} else if (result == 0) {
				183	socket_.reset();
				184
				185	// We explicitly do not use O_CLOEXEC here, such that we can reference this FD by number
				186	// in the subcontext process after we exec.
				187	int child_fd = dup(subcontext_socket);
				188	if (child_fd < 0) {
				189	PLOG(FATAL) << "Could not dup child_fd";
				190	}
				191
				192	if (setexeccon(context_.c_str()) < 0) {
				193	PLOG(FATAL) << "Could not set execcon for '" << context_ << "'";
				194	}
				195
				196	auto init_path = GetExecutablePath();
				197	auto child_fd_string = std::to_string(child_fd);
				198	const char* args[] = {init_path.c_str(), "subcontext", context_.c_str(),
				199	child_fd_string.c_str(), nullptr};
				200	execv(init_path.data(), const_cast<char**>(args));
				201
				202	PLOG(FATAL) << "Could not execv subcontext init";
				203	} else {
				204	subcontext_socket.reset();
				205	pid_ = result;
				206	LOG(INFO) << "Forked subcontext for '" << context_ << "' with pid " << pid_;
				207	}
				208	}
				209
				210	void Subcontext::Restart() {
				211	LOG(ERROR) << "Restarting subcontext '" << context_ << "'";
				212	if (pid_) {
				213	kill(pid_, SIGKILL);
				214	}
				215	pid_ = 0;
				216	socket_.reset();
				217	Fork();
				218	}
				219
				220	Result<Success> Subcontext::Execute(const std::vector<std::string>& args) {
				221	auto subcontext_command = SubcontextCommand();
				222	std::copy(
				223	args.begin(), args.end(),
				224	RepeatedPtrFieldBackInserter(subcontext_command.mutable_execute_command()->mutable_args()));
				225
				226	if (auto result = SendMessage(socket_, subcontext_command); !result) {
				227	Restart();
				228	return ErrnoError() << "Failed to send message to subcontext";
				229	}
				230
				231	auto subcontext_message = ReadMessage(socket_);
				232	if (!subcontext_message) {
				233	Restart();
				234	return Error() << "Failed to receive result from subcontext: " << subcontext_message.error();
				235	}
				236
				237	auto subcontext_reply = SubcontextReply();
				238	if (!subcontext_reply.ParseFromString(*subcontext_message)) {
				239	Restart();
				240	return Error() << "Unable to parse message from subcontext";
				241	}
				242
				243	switch (subcontext_reply.reply_case()) {
				244	case SubcontextReply::kResult: {
				245	auto result = subcontext_reply.result();
				246	if (result.success()) {
				247	return Success();
				248	} else {
				249	return ResultError(result.error_string(), result.error_errno());
				250	}
				251	}
				252	default:
				253	return Error() << "Unknown message type from subcontext: "
				254	<< subcontext_reply.reply_case();
				255	}
				256	}
				257
				258	static std::vector<Subcontext> subcontexts;
				259
				260	std::vector<Subcontext>* InitializeSubcontexts() {
				261	static const char* const paths_and_secontexts[][2] = {
				262	// TODO: Enable this once the SEPolicy is in place.
				263	// {"/vendor", kVendorContext.c_str()},
				264	};
				265	for (const auto& [path_prefix, secontext] : paths_and_secontexts) {
				266	subcontexts.emplace_back(path_prefix, secontext);
				267	}
				268	return &subcontexts;
				269	}
				270
				271	bool SubcontextChildReap(pid_t pid) {
				272	for (auto& subcontext : subcontexts) {
				273	if (subcontext.pid() == pid) {
				274	subcontext.Restart();
				275	return true;
				276	}
				277	}
				278	return false;
				279	}
				280
				281	} // namespace init
				282	} // namespace android