Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / da46b392f10d2809b5696632f67485f272ec5698 / . / init / service.cpp
blob: 22fb013427eec230bb5789ccfee8407c3e5ebd89 [file] [log] [blame]
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "service.h"
18
19#include <fcntl.h>
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]20#include <sched.h>
21#include <sys/mount.h>
22#include <sys/prctl.h>
Vitalii Tomkiv081705c2016-05-18 17:36:30 -0700[diff] [blame]23#include <sys/resource.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]24#include <sys/stat.h>
Vitalii Tomkiv081705c2016-05-18 17:36:30 -0700[diff] [blame]25#include <sys/time.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]26#include <sys/types.h>
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]27#include <sys/wait.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]28#include <termios.h>
Dan Albertaf9ba4d2015-08-11 16:37:04 -0700[diff] [blame]29#include <unistd.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]30
31#include <selinux/selinux.h>
32
Elliott Hughes4f713192015-12-04 22:00:26 -0800[diff] [blame]33#include <android-base/file.h>
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]34#include <android-base/parseint.h>
Elliott Hughes4f713192015-12-04 22:00:26 -0800[diff] [blame]35#include <android-base/stringprintf.h>
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]36#include <android-base/strings.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]37#include <cutils/android_reboot.h>
38#include <cutils/sockets.h>
Vitalii Tomkiv081705c2016-05-18 17:36:30 -0700[diff] [blame]39#include <system/thread_defs.h>
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]40
Collin Mullinerf7e79b92016-06-01 21:03:55 +0000[diff] [blame]41#include <processgroup/processgroup.h>
42
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]43#include "action.h"
44#include "init.h"
45#include "init_parser.h"
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]46#include "log.h"
47#include "property_service.h"
48#include "util.h"
49
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]50using android::base::ParseInt;
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]51using android::base::StringPrintf;
52using android::base::WriteStringToFile;
53
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]54#define CRITICAL_CRASH_THRESHOLD 4 // if we crash >4 times ...
55#define CRITICAL_CRASH_WINDOW (4*60) // ... in 4 minutes, goto recovery
56
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]57static std::string ComputeContextFromExecutable(std::string& service_name,
58 const std::string& service_path) {
59 std::string computed_context;
60
61 char* raw_con = nullptr;
62 char* raw_filecon = nullptr;
63
64 if (getcon(&raw_con) == -1) {
65 LOG(ERROR) << "could not get context while starting '" << service_name << "'";
66 return "";
67 }
68 std::unique_ptr<char> mycon(raw_con);
69
70 if (getfilecon(service_path.c_str(), &raw_filecon) == -1) {
71 LOG(ERROR) << "could not get file context while starting '" << service_name << "'";
72 return "";
73 }
74 std::unique_ptr<char> filecon(raw_filecon);
75
76 char* new_con = nullptr;
77 int rc = security_compute_create(mycon.get(), filecon.get(),
78 string_to_security_class("process"), &new_con);
79 if (rc == 0) {
80 computed_context = new_con;
81 free(new_con);
82 }
83 if (rc == 0 && computed_context == mycon.get()) {
84 LOG(ERROR) << "service " << service_name << " does not have a SELinux domain defined";
85 return "";
86 }
87 if (rc < 0) {
88 LOG(ERROR) << "could not get context while starting '" << service_name << "'";
89 return "";
90 }
91 return computed_context;
92}
93
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]94static void SetUpPidNamespace(const std::string& service_name) {
95 constexpr unsigned int kSafeFlags = MS_NODEV | MS_NOEXEC | MS_NOSUID;
96
97 // It's OK to LOG(FATAL) in this function since it's running in the first
98 // child process.
99 if (mount("", "/proc", "proc", kSafeFlags | MS_REMOUNT, "") == -1) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]100 PLOG(FATAL) << "couldn't remount(/proc) for " << service_name;
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]101 }
102
103 if (prctl(PR_SET_NAME, service_name.c_str()) == -1) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]104 PLOG(FATAL) << "couldn't set name for " << service_name;
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]105 }
106
107 pid_t child_pid = fork();
108 if (child_pid == -1) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]109 PLOG(FATAL) << "couldn't fork init inside the PID namespace for " << service_name;
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]110 }
111
112 if (child_pid > 0) {
113 // So that we exit with the right status.
114 static int init_exitstatus = 0;
115 signal(SIGTERM, [](int) { _exit(init_exitstatus); });
116
117 pid_t waited_pid;
118 int status;
119 while ((waited_pid = wait(&status)) > 0) {
120 // This loop will end when there are no processes left inside the
121 // PID namespace or when the init process inside the PID namespace
122 // gets a signal.
123 if (waited_pid == child_pid) {
124 init_exitstatus = status;
125 }
126 }
127 if (!WIFEXITED(init_exitstatus)) {
128 _exit(EXIT_FAILURE);
129 }
130 _exit(WEXITSTATUS(init_exitstatus));
131 }
132}
133
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]134static void ExpandArgs(const std::vector<std::string>& args, std::vector<char*>* strs) {
135 std::vector<std::string> expanded_args;
136 expanded_args.resize(args.size());
137 strs->push_back(const_cast<char*>(args[0].c_str()));
138 for (std::size_t i = 1; i < args.size(); ++i) {
139 if (!expand_props(args[i], &expanded_args[i])) {
140 LOG(FATAL) << args[0] << ": cannot expand '" << args[i] << "'";
141 }
142 strs->push_back(const_cast<char*>(expanded_args[i].c_str()));
143 }
144 strs->push_back(nullptr);
145}
146
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]147SocketInfo::SocketInfo() : uid(0), gid(0), perm(0) {
148}
149
150SocketInfo::SocketInfo(const std::string& name, const std::string& type, uid_t uid,
151 gid_t gid, int perm, const std::string& socketcon)
152 : name(name), type(type), uid(uid), gid(gid), perm(perm), socketcon(socketcon) {
153}
154
155ServiceEnvironmentInfo::ServiceEnvironmentInfo() {
156}
157
158ServiceEnvironmentInfo::ServiceEnvironmentInfo(const std::string& name,
159 const std::string& value)
160 : name(name), value(value) {
161}
162
163Service::Service(const std::string& name, const std::string& classname,
164 const std::vector<std::string>& args)
165 : name_(name), classname_(classname), flags_(0), pid_(0), time_started_(0),
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]166 time_crashed_(0), nr_crashed_(0), uid_(0), gid_(0), namespace_flags_(0),
167 seclabel_(""), ioprio_class_(IoSchedClass_NONE), ioprio_pri_(0),
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]168 priority_(0), oom_score_adjust_(-1000), args_(args) {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]169 onrestart_.InitSingleTrigger("onrestart");
170}
171
172Service::Service(const std::string& name, const std::string& classname,
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]173 unsigned flags, uid_t uid, gid_t gid,
174 const std::vector<gid_t>& supp_gids, unsigned namespace_flags,
175 const std::string& seclabel,
176 const std::vector<std::string>& args)
177 : name_(name), classname_(classname), flags_(flags), pid_(0),
178 time_started_(0), time_crashed_(0), nr_crashed_(0), uid_(uid), gid_(gid),
179 supp_gids_(supp_gids), namespace_flags_(namespace_flags),
180 seclabel_(seclabel), ioprio_class_(IoSchedClass_NONE), ioprio_pri_(0),
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]181 priority_(0), oom_score_adjust_(-1000), args_(args) {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]182 onrestart_.InitSingleTrigger("onrestart");
183}
184
185void Service::NotifyStateChange(const std::string& new_state) const {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]186 if ((flags_ & SVC_EXEC) != 0) {
187 // 'exec' commands don't have properties tracking their state.
188 return;
189 }
190
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]191 std::string prop_name = StringPrintf("init.svc.%s", name_.c_str());
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]192 if (prop_name.length() >= PROP_NAME_MAX) {
193 // If the property name would be too long, we can't set it.
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]194 LOG(ERROR) << "Property name \"init.svc." << name_ << "\" too long; not setting to " << new_state;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]195 return;
196 }
197
198 property_set(prop_name.c_str(), new_state.c_str());
199}
200
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]201void Service::KillProcessGroup(int signal) {
Elliott Hughes1e730242016-08-02 14:20:40 -0700[diff] [blame]202 LOG(INFO) << "Sending signal " << signal
203 << " to service '" << name_
204 << "' (pid " << pid_ << ") process group...";
205 if (killProcessGroup(uid_, pid_, signal) == -1) {
206 PLOG(ERROR) << "killProcessGroup(" << uid_ << ", " << pid_ << ", " << signal << ") failed";
207 }
208 if (kill(-pid_, signal) == -1) {
209 PLOG(ERROR) << "kill(" << pid_ << ", " << signal << ") failed";
210 }
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]211}
212
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]213void Service::CreateSockets(const std::string& context) {
214 for (const auto& si : sockets_) {
215 int socket_type = ((si.type == "stream" ? SOCK_STREAM :
216 (si.type == "dgram" ? SOCK_DGRAM :
217 SOCK_SEQPACKET)));
218 const char* socketcon = !si.socketcon.empty() ? si.socketcon.c_str() : context.c_str();
219
220 int s = create_socket(si.name.c_str(), socket_type, si.perm, si.uid, si.gid, socketcon);
221 if (s >= 0) {
222 PublishSocket(si.name, s);
223 }
224 }
225}
226
227void Service::SetProcessAttributes() {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]228 // TODO: work out why this fails for `console` then upgrade to FATAL.
229 if (setpgid(0, getpid()) == -1) PLOG(ERROR) << "setpgid failed for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]230
231 if (gid_) {
232 if (setgid(gid_) != 0) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]233 PLOG(FATAL) << "setgid failed for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]234 }
235 }
236 if (!supp_gids_.empty()) {
237 if (setgroups(supp_gids_.size(), &supp_gids_[0]) != 0) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]238 PLOG(FATAL) << "setgroups failed for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]239 }
240 }
241 if (uid_) {
242 if (setuid(uid_) != 0) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]243 PLOG(FATAL) << "setuid failed for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]244 }
245 }
246 if (!seclabel_.empty()) {
247 if (setexeccon(seclabel_.c_str()) < 0) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]248 PLOG(FATAL) << "cannot setexeccon('" << seclabel_ << "') for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]249 }
250 }
251 if (priority_ != 0) {
252 if (setpriority(PRIO_PROCESS, 0, priority_) != 0) {
Elliott Hughese18e7e52016-07-25 18:18:16 -0700[diff] [blame]253 PLOG(FATAL) << "setpriority failed for " << name_;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]254 }
255 }
256}
257
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]258bool Service::Reap() {
259 if (!(flags_ & SVC_ONESHOT) || (flags_ & SVC_RESTART)) {
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]260 KillProcessGroup(SIGKILL);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]261 }
262
263 // Remove any sockets we may have created.
264 for (const auto& si : sockets_) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]265 std::string tmp = StringPrintf(ANDROID_SOCKET_DIR "/%s", si.name.c_str());
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]266 unlink(tmp.c_str());
267 }
268
269 if (flags_ & SVC_EXEC) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]270 LOG(INFO) << "SVC_EXEC pid " << pid_ << " finished...";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]271 return true;
272 }
273
274 pid_ = 0;
275 flags_ &= (~SVC_RUNNING);
276
277 // Oneshot processes go into the disabled state on exit,
278 // except when manually restarted.
279 if ((flags_ & SVC_ONESHOT) && !(flags_ & SVC_RESTART)) {
280 flags_ |= SVC_DISABLED;
281 }
282
283 // Disabled and reset processes do not get restarted automatically.
284 if (flags_ & (SVC_DISABLED | SVC_RESET)) {
285 NotifyStateChange("stopped");
286 return false;
287 }
288
289 time_t now = gettime();
290 if ((flags_ & SVC_CRITICAL) && !(flags_ & SVC_RESTART)) {
291 if (time_crashed_ + CRITICAL_CRASH_WINDOW >= now) {
292 if (++nr_crashed_ > CRITICAL_CRASH_THRESHOLD) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]293 LOG(ERROR) << "critical process '" << name_ << "' exited "
294 << CRITICAL_CRASH_THRESHOLD << " times in "
295 << (CRITICAL_CRASH_WINDOW / 60) << " minutes; "
296 << "rebooting into recovery mode";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]297 android_reboot(ANDROID_RB_RESTART2, 0, "recovery");
298 return false;
299 }
300 } else {
301 time_crashed_ = now;
302 nr_crashed_ = 1;
303 }
304 }
305
306 flags_ &= (~SVC_RESTART);
307 flags_ |= SVC_RESTARTING;
308
309 // Execute all onrestart commands for this service.
310 onrestart_.ExecuteAllCommands();
311
312 NotifyStateChange("restarting");
313 return false;
314}
315
316void Service::DumpState() const {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]317 LOG(INFO) << "service " << name_;
318 LOG(INFO) << " class '" << classname_ << "'";
319 LOG(INFO) << " exec "<< android::base::Join(args_, " ");
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]320 for (const auto& si : sockets_) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]321 LOG(INFO) << " socket " << si.name << " " << si.type << " " << std::oct << si.perm;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]322 }
323}
324
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]325bool Service::ParseClass(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]326 classname_ = args[1];
327 return true;
328}
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]329
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]330bool Service::ParseConsole(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]331 flags_ |= SVC_CONSOLE;
Viorel Suman70daa672016-03-21 10:08:07 +0200[diff] [blame]332 console_ = args.size() > 1 ? "/dev/" + args[1] : "";
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]333 return true;
334}
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]335
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]336bool Service::ParseCritical(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]337 flags_ |= SVC_CRITICAL;
338 return true;
339}
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]340
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]341bool Service::ParseDisabled(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]342 flags_ |= SVC_DISABLED;
343 flags_ |= SVC_RC_DISABLED;
344 return true;
345}
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]346
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]347bool Service::ParseGroup(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]348 gid_ = decode_uid(args[1].c_str());
349 for (std::size_t n = 2; n < args.size(); n++) {
350 supp_gids_.emplace_back(decode_uid(args[n].c_str()));
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]351 }
352 return true;
353}
354
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]355bool Service::ParsePriority(const std::vector<std::string>& args, std::string* err) {
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]356 priority_ = 0;
357 if (!ParseInt(args[1], &priority_,
358 static_cast<int>(ANDROID_PRIORITY_LOWEST),
359 static_cast<int>(ANDROID_PRIORITY_HIGHEST))) {
Vitalii Tomkiv081705c2016-05-18 17:36:30 -0700[diff] [blame]360 *err = StringPrintf("process priority value must be range %d - %d",
361 ANDROID_PRIORITY_HIGHEST, ANDROID_PRIORITY_LOWEST);
362 return false;
363 }
Vitalii Tomkiv081705c2016-05-18 17:36:30 -0700[diff] [blame]364 return true;
365}
366
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]367bool Service::ParseIoprio(const std::vector<std::string>& args, std::string* err) {
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]368 if (!ParseInt(args[2], &ioprio_pri_, 0, 7)) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]369 *err = "priority value must be range 0 - 7";
370 return false;
371 }
372
373 if (args[1] == "rt") {
374 ioprio_class_ = IoSchedClass_RT;
375 } else if (args[1] == "be") {
376 ioprio_class_ = IoSchedClass_BE;
377 } else if (args[1] == "idle") {
378 ioprio_class_ = IoSchedClass_IDLE;
379 } else {
380 *err = "ioprio option usage: ioprio <rt|be|idle> <0-7>";
381 return false;
382 }
383
384 return true;
385}
386
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]387bool Service::ParseKeycodes(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]388 for (std::size_t i = 1; i < args.size(); i++) {
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]389 int code;
390 if (ParseInt(args[i], &code)) {
391 keycodes_.emplace_back(code);
392 } else {
393 LOG(WARNING) << "ignoring invalid keycode: " << args[i];
394 }
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]395 }
396 return true;
397}
398
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]399bool Service::ParseOneshot(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]400 flags_ |= SVC_ONESHOT;
401 return true;
402}
403
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]404bool Service::ParseOnrestart(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]405 std::vector<std::string> str_args(args.begin() + 1, args.end());
406 onrestart_.AddCommand(str_args, "", 0, err);
407 return true;
408}
409
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]410bool Service::ParseNamespace(const std::vector<std::string>& args, std::string* err) {
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]411 for (size_t i = 1; i < args.size(); i++) {
412 if (args[i] == "pid") {
413 namespace_flags_ |= CLONE_NEWPID;
414 // PID namespaces require mount namespaces.
415 namespace_flags_ |= CLONE_NEWNS;
416 } else if (args[i] == "mnt") {
417 namespace_flags_ |= CLONE_NEWNS;
418 } else {
419 *err = "namespace must be 'pid' or 'mnt'";
420 return false;
421 }
422 }
423 return true;
424}
425
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]426bool Service::ParseOomScoreAdjust(const std::vector<std::string>& args, std::string* err) {
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]427 if (!ParseInt(args[1], &oom_score_adjust_, -1000, 1000)) {
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]428 *err = "oom_score_adjust value must be in range -1000 - +1000";
429 return false;
430 }
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]431 return true;
432}
433
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]434bool Service::ParseSeclabel(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]435 seclabel_ = args[1];
436 return true;
437}
438
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]439bool Service::ParseSetenv(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]440 envvars_.emplace_back(args[1], args[2]);
441 return true;
442}
443
444/* name type perm [ uid gid context ] */
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]445bool Service::ParseSocket(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]446 if (args[2] != "dgram" && args[2] != "stream" && args[2] != "seqpacket") {
447 *err = "socket type must be 'dgram', 'stream' or 'seqpacket'";
448 return false;
449 }
450
Elliott Hughesda46b392016-10-11 17:09:00 -0700[diff] [blame^]451 int perm = std::strtoul(args[3].c_str(), 0, 8);
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]452 uid_t uid = args.size() > 4 ? decode_uid(args[4].c_str()) : 0;
453 gid_t gid = args.size() > 5 ? decode_uid(args[5].c_str()) : 0;
454 std::string socketcon = args.size() > 6 ? args[6] : "";
455
456 sockets_.emplace_back(args[1], args[2], uid, gid, perm, socketcon);
457 return true;
458}
459
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]460bool Service::ParseUser(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]461 uid_ = decode_uid(args[1].c_str());
462 return true;
463}
464
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]465bool Service::ParseWritepid(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]466 writepid_files_.assign(args.begin() + 1, args.end());
467 return true;
468}
469
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]470class Service::OptionParserMap : public KeywordMap<OptionParser> {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]471public:
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]472 OptionParserMap() {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]473 }
474private:
475 Map& map() const override;
476};
477
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]478Service::OptionParserMap::Map& Service::OptionParserMap::map() const {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]479 constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max();
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]480 static const Map option_parsers = {
481 {"class", {1, 1, &Service::ParseClass}},
482 {"console", {0, 1, &Service::ParseConsole}},
483 {"critical", {0, 0, &Service::ParseCritical}},
484 {"disabled", {0, 0, &Service::ParseDisabled}},
485 {"group", {1, NR_SVC_SUPP_GIDS + 1, &Service::ParseGroup}},
486 {"ioprio", {2, 2, &Service::ParseIoprio}},
487 {"priority", {1, 1, &Service::ParsePriority}},
488 {"keycodes", {1, kMax, &Service::ParseKeycodes}},
489 {"oneshot", {0, 0, &Service::ParseOneshot}},
490 {"onrestart", {1, kMax, &Service::ParseOnrestart}},
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]491 {"oom_score_adjust",
492 {1, 1, &Service::ParseOomScoreAdjust}},
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]493 {"namespace", {1, 2, &Service::ParseNamespace}},
494 {"seclabel", {1, 1, &Service::ParseSeclabel}},
495 {"setenv", {2, 2, &Service::ParseSetenv}},
496 {"socket", {3, 6, &Service::ParseSocket}},
497 {"user", {1, 1, &Service::ParseUser}},
498 {"writepid", {1, kMax, &Service::ParseWritepid}},
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]499 };
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]500 return option_parsers;
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]501}
502
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]503bool Service::ParseLine(const std::vector<std::string>& args, std::string* err) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]504 if (args.empty()) {
505 *err = "option needed, but not provided";
506 return false;
507 }
508
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]509 static const OptionParserMap parser_map;
510 auto parser = parser_map.FindFunction(args[0], args.size() - 1, err);
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]511
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]512 if (!parser) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]513 return false;
514 }
515
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]516 return (this->*parser)(args, err);
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]517}
518
Elliott Hughesbdeac392016-04-12 15:38:27 -0700[diff] [blame]519bool Service::Start() {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]520 // Starting a service removes it from the disabled or reset state and
521 // immediately takes it out of the restarting state if it was in there.
522 flags_ &= (~(SVC_DISABLED|SVC_RESTARTING|SVC_RESET|SVC_RESTART|SVC_DISABLED_START));
523 time_started_ = 0;
524
525 // Running processes require no additional work --- if they're in the
526 // process of exiting, we've ensured that they will immediately restart
527 // on exit, unless they are ONESHOT.
528 if (flags_ & SVC_RUNNING) {
529 return false;
530 }
531
532 bool needs_console = (flags_ & SVC_CONSOLE);
Viorel Suman70daa672016-03-21 10:08:07 +0200[diff] [blame]533 if (needs_console) {
534 if (console_.empty()) {
535 console_ = default_console;
536 }
537
538 bool have_console = (open(console_.c_str(), O_RDWR | O_CLOEXEC) != -1);
539 if (!have_console) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]540 PLOG(ERROR) << "service '" << name_ << "' couldn't open console '" << console_ << "'";
Viorel Suman70daa672016-03-21 10:08:07 +0200[diff] [blame]541 flags_ |= SVC_DISABLED;
542 return false;
543 }
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]544 }
545
546 struct stat sb;
547 if (stat(args_[0].c_str(), &sb) == -1) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]548 PLOG(ERROR) << "cannot find '" << args_[0] << "', disabling '" << name_ << "'";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]549 flags_ |= SVC_DISABLED;
550 return false;
551 }
552
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]553 std::string scon;
554 if (!seclabel_.empty()) {
555 scon = seclabel_;
556 } else {
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]557 LOG(INFO) << "computing context for service '" << name_ << "'";
558 scon = ComputeContextFromExecutable(name_, args_[0]);
559 if (scon == "") {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]560 return false;
561 }
562 }
563
Wei Wanga285dac2016-10-04 14:05:39 -0700[diff] [blame]564 LOG(INFO) << "starting service '" << name_ << "'...";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]565
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]566 pid_t pid = -1;
567 if (namespace_flags_) {
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]568 pid = clone(nullptr, nullptr, namespace_flags_ | SIGCHLD, nullptr);
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]569 } else {
570 pid = fork();
571 }
572
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]573 if (pid == 0) {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]574 umask(077);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]575
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]576 if (namespace_flags_ & CLONE_NEWPID) {
577 // This will fork again to run an init process inside the PID
578 // namespace.
579 SetUpPidNamespace(name_);
580 }
581
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]582 for (const auto& ei : envvars_) {
583 add_environment(ei.name.c_str(), ei.value.c_str());
584 }
585
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]586 CreateSockets(scon);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]587
Anestis Bechtsoudisb702b462016-02-05 16:38:48 +0200[diff] [blame]588 std::string pid_str = StringPrintf("%d", getpid());
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]589 for (const auto& file : writepid_files_) {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]590 if (!WriteStringToFile(pid_str, file)) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]591 PLOG(ERROR) << "couldn't write " << pid_str << " to " << file;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]592 }
593 }
594
595 if (ioprio_class_ != IoSchedClass_NONE) {
596 if (android_set_ioprio(getpid(), ioprio_class_, ioprio_pri_)) {
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]597 PLOG(ERROR) << "failed to set pid " << getpid()
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]598 << " ioprio=" << ioprio_class_ << "," << ioprio_pri_;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]599 }
600 }
601
602 if (needs_console) {
603 setsid();
604 OpenConsole();
605 } else {
606 ZapStdio();
607 }
608
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]609 // As requested, set our gid, supplemental gids, uid, context, and
610 // priority. Aborts on failure.
611 SetProcessAttributes();
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]612
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]613 std::vector<char*> strs;
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]614 ExpandArgs(args_, &strs);
Tom Cherrybac35362016-06-07 11:22:00 -0700[diff] [blame]615 if (execve(strs[0], (char**) &strs[0], (char**) ENV) < 0) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]616 PLOG(ERROR) << "cannot execve('" << strs[0] << "')";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]617 }
618
619 _exit(127);
620 }
621
622 if (pid < 0) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]623 PLOG(ERROR) << "failed to fork for '" << name_ << "'";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]624 pid_ = 0;
625 return false;
626 }
627
Marco Nelissen310f6702016-07-22 12:07:06 -0700[diff] [blame]628 if (oom_score_adjust_ != -1000) {
629 std::string oom_str = StringPrintf("%d", oom_score_adjust_);
630 std::string oom_file = StringPrintf("/proc/%d/oom_score_adj", pid);
631 if (!WriteStringToFile(oom_str, oom_file)) {
632 PLOG(ERROR) << "couldn't write oom_score_adj: " << strerror(errno);
633 }
634 }
635
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]636 time_started_ = gettime();
637 pid_ = pid;
638 flags_ |= SVC_RUNNING;
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]639
640 errno = -createProcessGroup(uid_, pid_);
641 if (errno != 0) {
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]642 PLOG(ERROR) << "createProcessGroup(" << uid_ << ", " << pid_ << ") failed for service '"
643 << name_ << "'";
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]644 }
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]645
646 if ((flags_ & SVC_EXEC) != 0) {
Jorge Lucangeli Obes344d01f2016-07-08 13:32:26 -0400[diff] [blame]647 LOG(INFO) << android::base::StringPrintf(
648 "SVC_EXEC pid %d (uid %d gid %d+%zu context %s) started; waiting...", pid_, uid_, gid_,
649 supp_gids_.size(), !seclabel_.empty() ? seclabel_.c_str() : "default");
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]650 }
651
652 NotifyStateChange("running");
653 return true;
654}
655
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]656bool Service::StartIfNotDisabled() {
657 if (!(flags_ & SVC_DISABLED)) {
658 return Start();
659 } else {
660 flags_ |= SVC_DISABLED_START;
661 }
662 return true;
663}
664
665bool Service::Enable() {
666 flags_ &= ~(SVC_DISABLED | SVC_RC_DISABLED);
667 if (flags_ & SVC_DISABLED_START) {
668 return Start();
669 }
670 return true;
671}
672
673void Service::Reset() {
674 StopOrReset(SVC_RESET);
675}
676
677void Service::Stop() {
678 StopOrReset(SVC_DISABLED);
679}
680
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]681void Service::Terminate() {
682 flags_ &= ~(SVC_RESTARTING | SVC_DISABLED_START);
683 flags_ |= SVC_DISABLED;
684 if (pid_) {
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]685 KillProcessGroup(SIGTERM);
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]686 NotifyStateChange("stopping");
687 }
688}
689
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]690void Service::Restart() {
691 if (flags_ & SVC_RUNNING) {
692 /* Stop, wait, then start the service. */
693 StopOrReset(SVC_RESTART);
694 } else if (!(flags_ & SVC_RESTARTING)) {
695 /* Just start the service since it's not running. */
696 Start();
697 } /* else: Service is restarting anyways. */
698}
699
700void Service::RestartIfNeeded(time_t& process_needs_restart) {
701 time_t next_start_time = time_started_ + 5;
702
703 if (next_start_time <= gettime()) {
704 flags_ &= (~SVC_RESTARTING);
705 Start();
706 return;
707 }
708
709 if ((next_start_time < process_needs_restart) ||
710 (process_needs_restart == 0)) {
711 process_needs_restart = next_start_time;
712 }
713}
714
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]715// The how field should be either SVC_DISABLED, SVC_RESET, or SVC_RESTART.
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]716void Service::StopOrReset(int how) {
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]717 // The service is still SVC_RUNNING until its process exits, but if it has
718 // already exited it shoudn't attempt a restart yet.
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]719 flags_ &= ~(SVC_RESTARTING | SVC_DISABLED_START);
720
721 if ((how != SVC_DISABLED) && (how != SVC_RESET) && (how != SVC_RESTART)) {
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]722 // An illegal flag: default to SVC_DISABLED.
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]723 how = SVC_DISABLED;
724 }
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]725
726 // If the service has not yet started, prevent it from auto-starting with its class.
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]727 if (how == SVC_RESET) {
728 flags_ |= (flags_ & SVC_RC_DISABLED) ? SVC_DISABLED : SVC_RESET;
729 } else {
730 flags_ |= how;
731 }
732
733 if (pid_) {
Elliott Hughesad8e94e2016-06-15 14:49:57 -0700[diff] [blame]734 KillProcessGroup(SIGKILL);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]735 NotifyStateChange("stopping");
736 } else {
737 NotifyStateChange("stopped");
738 }
739}
740
741void Service::ZapStdio() const {
742 int fd;
743 fd = open("/dev/null", O_RDWR);
744 dup2(fd, 0);
745 dup2(fd, 1);
746 dup2(fd, 2);
747 close(fd);
748}
749
750void Service::OpenConsole() const {
Viorel Suman70daa672016-03-21 10:08:07 +0200[diff] [blame]751 int fd = open(console_.c_str(), O_RDWR);
752 if (fd == -1) fd = open("/dev/null", O_RDWR);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]753 ioctl(fd, TIOCSCTTY, 0);
754 dup2(fd, 0);
755 dup2(fd, 1);
756 dup2(fd, 2);
757 close(fd);
758}
759
760void Service::PublishSocket(const std::string& name, int fd) const {
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]761 std::string key = StringPrintf(ANDROID_SOCKET_ENV_PREFIX "%s", name.c_str());
762 std::string val = StringPrintf("%d", fd);
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]763 add_environment(key.c_str(), val.c_str());
764
765 /* make sure we don't close-on-exec */
766 fcntl(fd, F_SETFD, 0);
767}
768
769int ServiceManager::exec_count_ = 0;
770
771ServiceManager::ServiceManager() {
772}
773
774ServiceManager& ServiceManager::GetInstance() {
775 static ServiceManager instance;
776 return instance;
777}
778
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]779void ServiceManager::AddService(std::unique_ptr<Service> service) {
780 Service* old_service = FindServiceByName(service->name());
781 if (old_service) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]782 LOG(ERROR) << "ignored duplicate definition of service '" << service->name() << "'";
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]783 return;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]784 }
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]785 services_.emplace_back(std::move(service));
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]786}
787
788Service* ServiceManager::MakeExecOneshotService(const std::vector<std::string>& args) {
789 // Parse the arguments: exec [SECLABEL [UID [GID]*] --] COMMAND ARGS...
790 // SECLABEL can be a - to denote default
791 std::size_t command_arg = 1;
792 for (std::size_t i = 1; i < args.size(); ++i) {
793 if (args[i] == "--") {
794 command_arg = i + 1;
795 break;
796 }
797 }
798 if (command_arg > 4 + NR_SVC_SUPP_GIDS) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]799 LOG(ERROR) << "exec called with too many supplementary group ids";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]800 return nullptr;
801 }
802
803 if (command_arg >= args.size()) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]804 LOG(ERROR) << "exec called without command";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]805 return nullptr;
806 }
807 std::vector<std::string> str_args(args.begin() + command_arg, args.end());
808
809 exec_count_++;
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]810 std::string name = StringPrintf("exec %d (%s)", exec_count_, str_args[0].c_str());
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]811 unsigned flags = SVC_EXEC | SVC_ONESHOT;
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]812 unsigned namespace_flags = 0;
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]813
814 std::string seclabel = "";
815 if (command_arg > 2 && args[1] != "-") {
816 seclabel = args[1];
817 }
818 uid_t uid = 0;
819 if (command_arg > 3) {
820 uid = decode_uid(args[2].c_str());
821 }
822 gid_t gid = 0;
823 std::vector<gid_t> supp_gids;
824 if (command_arg > 4) {
825 gid = decode_uid(args[3].c_str());
826 std::size_t nr_supp_gids = command_arg - 1 /* -- */ - 4 /* exec SECLABEL UID GID */;
827 for (size_t i = 0; i < nr_supp_gids; ++i) {
828 supp_gids.push_back(decode_uid(args[4 + i].c_str()));
829 }
830 }
831
832 std::unique_ptr<Service> svc_p(new Service(name, "default", flags, uid, gid,
Jorge Lucangeli Obes1b3fa3d2016-04-21 15:35:09 -0700[diff] [blame]833 supp_gids, namespace_flags,
834 seclabel, str_args));
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]835 if (!svc_p) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]836 LOG(ERROR) << "Couldn't allocate service for exec of '" << str_args[0] << "'";
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]837 return nullptr;
838 }
839 Service* svc = svc_p.get();
840 services_.push_back(std::move(svc_p));
841
842 return svc;
843}
844
845Service* ServiceManager::FindServiceByName(const std::string& name) const {
846 auto svc = std::find_if(services_.begin(), services_.end(),
847 [&name] (const std::unique_ptr<Service>& s) {
848 return name == s->name();
849 });
850 if (svc != services_.end()) {
851 return svc->get();
852 }
853 return nullptr;
854}
855
856Service* ServiceManager::FindServiceByPid(pid_t pid) const {
857 auto svc = std::find_if(services_.begin(), services_.end(),
858 [&pid] (const std::unique_ptr<Service>& s) {
859 return s->pid() == pid;
860 });
861 if (svc != services_.end()) {
862 return svc->get();
863 }
864 return nullptr;
865}
866
867Service* ServiceManager::FindServiceByKeychord(int keychord_id) const {
868 auto svc = std::find_if(services_.begin(), services_.end(),
869 [&keychord_id] (const std::unique_ptr<Service>& s) {
870 return s->keychord_id() == keychord_id;
871 });
872
873 if (svc != services_.end()) {
874 return svc->get();
875 }
876 return nullptr;
877}
878
Chih-Hung Hsieh8f7b9e32016-07-27 16:25:51 -0700[diff] [blame]879void ServiceManager::ForEachService(const std::function<void(Service*)>& callback) const {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]880 for (const auto& s : services_) {
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]881 callback(s.get());
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]882 }
883}
884
885void ServiceManager::ForEachServiceInClass(const std::string& classname,
886 void (*func)(Service* svc)) const {
887 for (const auto& s : services_) {
888 if (classname == s->classname()) {
889 func(s.get());
890 }
891 }
892}
893
894void ServiceManager::ForEachServiceWithFlags(unsigned matchflags,
895 void (*func)(Service* svc)) const {
896 for (const auto& s : services_) {
897 if (s->flags() & matchflags) {
898 func(s.get());
899 }
900 }
901}
902
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]903void ServiceManager::RemoveService(const Service& svc) {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]904 auto svc_it = std::find_if(services_.begin(), services_.end(),
905 [&svc] (const std::unique_ptr<Service>& s) {
906 return svc.name() == s->name();
907 });
908 if (svc_it == services_.end()) {
909 return;
910 }
911
912 services_.erase(svc_it);
913}
914
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]915void ServiceManager::DumpState() const {
916 for (const auto& s : services_) {
917 s->DumpState();
918 }
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]919}
920
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]921bool ServiceManager::ReapOneProcess() {
922 int status;
923 pid_t pid = TEMP_FAILURE_RETRY(waitpid(-1, &status, WNOHANG));
924 if (pid == 0) {
925 return false;
926 } else if (pid == -1) {
Elliott Hughesf86b5a62016-06-24 15:12:21 -0700[diff] [blame]927 PLOG(ERROR) << "waitpid failed";
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]928 return false;
929 }
930
931 Service* svc = FindServiceByPid(pid);
932
933 std::string name;
934 if (svc) {
935 name = android::base::StringPrintf("Service '%s' (pid %d)",
936 svc->name().c_str(), pid);
937 } else {
938 name = android::base::StringPrintf("Untracked pid %d", pid);
939 }
940
941 if (WIFEXITED(status)) {
Wei Wanga285dac2016-10-04 14:05:39 -0700[diff] [blame]942 LOG(INFO) << name << " exited with status " << WEXITSTATUS(status);
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]943 } else if (WIFSIGNALED(status)) {
Wei Wanga285dac2016-10-04 14:05:39 -0700[diff] [blame]944 LOG(INFO) << name << " killed by signal " << WTERMSIG(status);
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]945 } else if (WIFSTOPPED(status)) {
Wei Wanga285dac2016-10-04 14:05:39 -0700[diff] [blame]946 LOG(INFO) << name << " stopped by signal " << WSTOPSIG(status);
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]947 } else {
Wei Wanga285dac2016-10-04 14:05:39 -0700[diff] [blame]948 LOG(INFO) << name << " state changed";
Bertrand SIMONNETb7e03e82015-12-18 11:39:59 -0800[diff] [blame]949 }
950
951 if (!svc) {
952 return true;
953 }
954
955 if (svc->Reap()) {
956 waiting_for_exec = false;
957 RemoveService(*svc);
958 }
959
960 return true;
961}
962
963void ServiceManager::ReapAnyOutstandingChildren() {
964 while (ReapOneProcess()) {
965 }
966}
967
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]968bool ServiceParser::ParseSection(const std::vector<std::string>& args,
969 std::string* err) {
970 if (args.size() < 3) {
971 *err = "services must have a name and a program";
972 return false;
973 }
974
975 const std::string& name = args[1];
976 if (!IsValidName(name)) {
977 *err = StringPrintf("invalid service name '%s'", name.c_str());
978 return false;
979 }
980
981 std::vector<std::string> str_args(args.begin() + 2, args.end());
982 service_ = std::make_unique<Service>(name, "default", str_args);
983 return true;
984}
985
986bool ServiceParser::ParseLineSection(const std::vector<std::string>& args,
987 const std::string& filename, int line,
988 std::string* err) const {
Jorge Lucangeli Obes177b27d2016-06-29 14:32:49 -0400[diff] [blame]989 return service_ ? service_->ParseLine(args, err) : false;
Tom Cherryb7349902015-08-26 11:43:36 -0700[diff] [blame]990}
991
992void ServiceParser::EndSection() {
993 if (service_) {
994 ServiceManager::GetInstance().AddService(std::move(service_));
995 }
996}
997
998bool ServiceParser::IsValidName(const std::string& name) const {
Tom Cherrybac32992015-07-31 12:45:25 -0700[diff] [blame]999 if (name.size() > 16) {
1000 return false;
1001 }
1002 for (const auto& c : name) {
1003 if (!isalnum(c) && (c != '_') && (c != '-')) {
1004 return false;
1005 }
1006 }
1007 return true;
1008}