commands.c revision af8e9f4805643f90a9dc0ecfa119e0a860c12f8a
1/* 2** Copyright 2008, The Android Open Source Project 3** 4** Licensed under the Apache License, Version 2.0 (the "License"); 5** you may not use this file except in compliance with the License. 6** You may obtain a copy of the License at 7** 8** http://www.apache.org/licenses/LICENSE-2.0 9** 10** Unless required by applicable law or agreed to in writing, software 11** distributed under the License is distributed on an "AS IS" BASIS, 12** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13** See the License for the specific language governing permissions and 14** limitations under the License. 15*/ 16 17#include "installd.h" 18 19int install(const char *pkgname, int encrypted_fs_flag, uid_t uid, gid_t gid) 20{ 21 char pkgdir[PKG_PATH_MAX]; 22 char libdir[PKG_PATH_MAX]; 23 24 if ((uid < AID_SYSTEM) || (gid < AID_SYSTEM)) { 25 LOGE("invalid uid/gid: %d %d\n", uid, gid); 26 return -1; 27 28 } 29 30 if (encrypted_fs_flag == USE_UNENCRYPTED_FS) { 31 if (create_pkg_path(pkgdir, PKG_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 32 return -1; 33 if (create_pkg_path(libdir, PKG_LIB_PREFIX, pkgname, PKG_LIB_POSTFIX)) 34 return -1; 35 } else { 36 if (create_pkg_path(pkgdir, PKG_SEC_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 37 return -1; 38 if (create_pkg_path(libdir, PKG_SEC_LIB_PREFIX, pkgname, PKG_LIB_POSTFIX)) 39 return -1; 40 } 41 42 if (mkdir(pkgdir, 0755) < 0) { 43 LOGE("cannot create dir '%s': %s\n", pkgdir, strerror(errno)); 44 return -errno; 45 } 46 if (chown(pkgdir, uid, gid) < 0) { 47 LOGE("cannot chown dir '%s': %s\n", pkgdir, strerror(errno)); 48 unlink(pkgdir); 49 return -errno; 50 } 51 if (mkdir(libdir, 0755) < 0) { 52 LOGE("cannot create dir '%s': %s\n", libdir, strerror(errno)); 53 unlink(pkgdir); 54 return -errno; 55 } 56 if (chown(libdir, AID_SYSTEM, AID_SYSTEM) < 0) { 57 LOGE("cannot chown dir '%s': %s\n", libdir, strerror(errno)); 58 unlink(libdir); 59 unlink(pkgdir); 60 return -errno; 61 } 62 return 0; 63} 64 65int uninstall(const char *pkgname, int encrypted_fs_flag) 66{ 67 char pkgdir[PKG_PATH_MAX]; 68 69 if (encrypted_fs_flag == USE_UNENCRYPTED_FS) { 70 if (create_pkg_path(pkgdir, PKG_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 71 return -1; 72 } else { 73 if (create_pkg_path(pkgdir, PKG_SEC_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 74 return -1; 75 } 76 77 /* delete contents AND directory, no exceptions */ 78 return delete_dir_contents(pkgdir, 1, 0); 79} 80 81int delete_user_data(const char *pkgname, int encrypted_fs_flag) 82{ 83 char pkgdir[PKG_PATH_MAX]; 84 85 if (encrypted_fs_flag == USE_UNENCRYPTED_FS) { 86 if (create_pkg_path(pkgdir, PKG_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 87 return -1; 88 } else { 89 if (create_pkg_path(pkgdir, PKG_SEC_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) 90 return -1; 91 } 92 93 /* delete contents, excluding "lib", but not the directory itself */ 94 return delete_dir_contents(pkgdir, 0, "lib"); 95} 96 97int delete_cache(const char *pkgname, int encrypted_fs_flag) 98{ 99 char cachedir[PKG_PATH_MAX]; 100 101 if (encrypted_fs_flag == USE_UNENCRYPTED_FS) { 102 if (create_pkg_path(cachedir, CACHE_DIR_PREFIX, pkgname, CACHE_DIR_POSTFIX)) 103 return -1; 104 } else { 105 if (create_pkg_path(cachedir, CACHE_SEC_DIR_PREFIX, pkgname, CACHE_DIR_POSTFIX)) 106 return -1; 107 } 108 109 /* delete contents, not the directory, no exceptions */ 110 return delete_dir_contents(cachedir, 0, 0); 111} 112 113/* TODO(oam): depending on use case (ecryptfs or dmcrypt) 114 * change implementation 115 */ 116static int disk_free() 117{ 118 struct statfs sfs; 119 if (statfs(PKG_DIR_PREFIX, &sfs) == 0) { 120 return sfs.f_bavail * sfs.f_bsize; 121 } else { 122 return -1; 123 } 124} 125 126/* Try to ensure free_size bytes of storage are available. 127 * Returns 0 on success. 128 * This is rather simple-minded because doing a full LRU would 129 * be potentially memory-intensive, and without atime it would 130 * also require that apps constantly modify file metadata even 131 * when just reading from the cache, which is pretty awful. 132 */ 133int free_cache(int free_size) 134{ 135 const char *name; 136 int dfd, subfd; 137 DIR *d; 138 struct dirent *de; 139 int avail; 140 141 avail = disk_free(); 142 if (avail < 0) return -1; 143 144 LOGI("free_cache(%d) avail %d\n", free_size, avail); 145 if (avail >= free_size) return 0; 146 147 /* First try encrypted dir */ 148 d = opendir(PKG_SEC_DIR_PREFIX); 149 if (d == NULL) { 150 LOGE("cannot open %s\n", PKG_SEC_DIR_PREFIX); 151 } else { 152 dfd = dirfd(d); 153 154 while ((de = readdir(d))) { 155 if (de->d_type != DT_DIR) continue; 156 name = de->d_name; 157 158 /* always skip "." and ".." */ 159 if (name[0] == '.') { 160 if (name[1] == 0) continue; 161 if ((name[1] == '.') && (name[2] == 0)) continue; 162 } 163 164 subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY); 165 if (subfd < 0) continue; 166 167 delete_dir_contents_fd(subfd, "cache"); 168 close(subfd); 169 170 avail = disk_free(); 171 if (avail >= free_size) { 172 closedir(d); 173 return 0; 174 } 175 } 176 closedir(d); 177 } 178 179 /* Next try unencrypted dir... */ 180 d = opendir(PKG_DIR_PREFIX); 181 if (d == NULL) { 182 LOGE("cannot open %s\n", PKG_DIR_PREFIX); 183 return -1; 184 } 185 dfd = dirfd(d); 186 187 while ((de = readdir(d))) { 188 if (de->d_type != DT_DIR) continue; 189 name = de->d_name; 190 191 /* always skip "." and ".." */ 192 if (name[0] == '.') { 193 if (name[1] == 0) continue; 194 if ((name[1] == '.') && (name[2] == 0)) continue; 195 } 196 197 subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY); 198 if (subfd < 0) continue; 199 200 delete_dir_contents_fd(subfd, "cache"); 201 close(subfd); 202 203 avail = disk_free(); 204 if (avail >= free_size) { 205 closedir(d); 206 return 0; 207 } 208 } 209 closedir(d); 210 211 /* Fail case - not possible to free space */ 212 return -1; 213} 214 215/* used by move_dex, rm_dex, etc to ensure that the provided paths 216 * don't point anywhere other than at the APK_DIR_PREFIX 217 */ 218static int is_valid_apk_path(const char *path) 219{ 220 int len = strlen(APK_DIR_PREFIX); 221int nosubdircheck = 0; 222 if (strncmp(path, APK_DIR_PREFIX, len)) { 223 len = strlen(PROTECTED_DIR_PREFIX); 224 if (strncmp(path, PROTECTED_DIR_PREFIX, len)) { 225 len = strlen(SDCARD_DIR_PREFIX); 226 if (strncmp(path, SDCARD_DIR_PREFIX, len)) { 227 LOGE("invalid apk path '%s' (bad prefix)\n", path); 228 return 0; 229 } else { 230 nosubdircheck = 1; 231 } 232 } 233 } 234 if ((nosubdircheck != 1) && strchr(path + len, '/')) { 235 LOGE("invalid apk path '%s' (subdir?)\n", path); 236 return 0; 237 } 238 if (path[len] == '.') { 239 LOGE("invalid apk path '%s' (trickery)\n", path); 240 return 0; 241 } 242 return 1; 243} 244 245int move_dex(const char *src, const char *dst) 246{ 247 char src_dex[PKG_PATH_MAX]; 248 char dst_dex[PKG_PATH_MAX]; 249 250 if (!is_valid_apk_path(src)) return -1; 251 if (!is_valid_apk_path(dst)) return -1; 252 253 if (create_cache_path(src_dex, src)) return -1; 254 if (create_cache_path(dst_dex, dst)) return -1; 255 256 LOGI("move %s -> %s\n", src_dex, dst_dex); 257 if (rename(src_dex, dst_dex) < 0) { 258 return -1; 259 } else { 260 return 0; 261 } 262} 263 264int rm_dex(const char *path) 265{ 266 char dex_path[PKG_PATH_MAX]; 267 268 if (!is_valid_apk_path(path)) return -1; 269 if (create_cache_path(dex_path, path)) return -1; 270 271 LOGI("unlink %s\n", dex_path); 272 if (unlink(dex_path) < 0) { 273 return -1; 274 } else { 275 return 0; 276 } 277} 278 279int protect(char *pkgname, gid_t gid) 280{ 281 struct stat s; 282 char pkgpath[PKG_PATH_MAX]; 283 284 if (gid < AID_SYSTEM) return -1; 285 286 if (create_pkg_path(pkgpath, PROTECTED_DIR_PREFIX, pkgname, ".apk")) 287 return -1; 288 289 if (stat(pkgpath, &s) < 0) return -1; 290 291 if (chown(pkgpath, s.st_uid, gid) < 0) { 292 LOGE("failed to chgrp '%s': %s\n", pkgpath, strerror(errno)); 293 return -1; 294 } 295 296 if (chmod(pkgpath, S_IRUSR|S_IWUSR|S_IRGRP) < 0) { 297 LOGE("failed to chmod '%s': %s\n", pkgpath, strerror(errno)); 298 return -1; 299 } 300 301 return 0; 302} 303 304static int stat_size(struct stat *s) 305{ 306 int blksize = s->st_blksize; 307 int size = s->st_size; 308 309 if (blksize) { 310 /* round up to filesystem block size */ 311 size = (size + blksize - 1) & (~(blksize - 1)); 312 } 313 314 return size; 315} 316 317static int calculate_dir_size(int dfd) 318{ 319 int size = 0; 320 struct stat s; 321 DIR *d; 322 struct dirent *de; 323 324 d = fdopendir(dfd); 325 if (d == NULL) { 326 close(dfd); 327 return 0; 328 } 329 330 while ((de = readdir(d))) { 331 const char *name = de->d_name; 332 if (de->d_type == DT_DIR) { 333 int subfd; 334 /* always skip "." and ".." */ 335 if (name[0] == '.') { 336 if (name[1] == 0) continue; 337 if ((name[1] == '.') && (name[2] == 0)) continue; 338 } 339 subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY); 340 if (subfd >= 0) { 341 size += calculate_dir_size(subfd); 342 } 343 } else { 344 if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) { 345 size += stat_size(&s); 346 } 347 } 348 } 349 closedir(d); 350 return size; 351} 352 353int get_size(const char *pkgname, const char *apkpath, 354 const char *fwdlock_apkpath, 355 int *_codesize, int *_datasize, int *_cachesize, int encrypted_fs_flag) 356{ 357 DIR *d; 358 int dfd; 359 struct dirent *de; 360 struct stat s; 361 char path[PKG_PATH_MAX]; 362 363 int codesize = 0; 364 int datasize = 0; 365 int cachesize = 0; 366 367 /* count the source apk as code -- but only if it's not 368 * on the /system partition 369 */ 370 if (strncmp(apkpath, "/system", 7) != 0) { 371 if (stat(apkpath, &s) == 0) { 372 codesize += stat_size(&s); 373 } 374 } 375 /* count the forward locked apk as code if it is given 376 */ 377 if (fwdlock_apkpath != NULL && fwdlock_apkpath[0] != '!') { 378 if (stat(fwdlock_apkpath, &s) == 0) { 379 codesize += stat_size(&s); 380 } 381 } 382 383 384 /* count the cached dexfile as code */ 385 if (!create_cache_path(path, apkpath)) { 386 if (stat(path, &s) == 0) { 387 codesize += stat_size(&s); 388 } 389 } 390 391 if (encrypted_fs_flag == 0) { 392 if (create_pkg_path(path, PKG_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) { 393 goto done; 394 } 395 } else { 396 if (create_pkg_path(path, PKG_SEC_DIR_PREFIX, pkgname, PKG_DIR_POSTFIX)) { 397 goto done; 398 } 399 } 400 401 d = opendir(path); 402 if (d == NULL) { 403 goto done; 404 } 405 dfd = dirfd(d); 406 407 /* most stuff in the pkgdir is data, except for the "cache" 408 * directory and below, which is cache, and the "lib" directory 409 * and below, which is code... 410 */ 411 while ((de = readdir(d))) { 412 const char *name = de->d_name; 413 414 if (de->d_type == DT_DIR) { 415 int subfd; 416 /* always skip "." and ".." */ 417 if (name[0] == '.') { 418 if (name[1] == 0) continue; 419 if ((name[1] == '.') && (name[2] == 0)) continue; 420 } 421 subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY); 422 if (subfd >= 0) { 423 int size = calculate_dir_size(subfd); 424 if (!strcmp(name,"lib")) { 425 codesize += size; 426 } else if(!strcmp(name,"cache")) { 427 cachesize += size; 428 } else { 429 datasize += size; 430 } 431 } 432 } else { 433 if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) { 434 datasize += stat_size(&s); 435 } 436 } 437 } 438 closedir(d); 439done: 440 *_codesize = codesize; 441 *_datasize = datasize; 442 *_cachesize = cachesize; 443 return 0; 444} 445 446 447/* a simpler version of dexOptGenerateCacheFileName() */ 448int create_cache_path(char path[PKG_PATH_MAX], const char *src) 449{ 450 char *tmp; 451 int srclen; 452 int dstlen; 453 454 srclen = strlen(src); 455 456 /* demand that we are an absolute path */ 457 if ((src == 0) || (src[0] != '/') || strstr(src,"..")) { 458 return -1; 459 } 460 461 if (srclen > PKG_PATH_MAX) { // XXX: PKG_NAME_MAX? 462 return -1; 463 } 464 465 dstlen = srclen + strlen(DALVIK_CACHE_PREFIX) + 466 strlen(DALVIK_CACHE_POSTFIX) + 1; 467 468 if (dstlen > PKG_PATH_MAX) { 469 return -1; 470 } 471 472 sprintf(path,"%s%s%s", 473 DALVIK_CACHE_PREFIX, 474 src + 1, /* skip the leading / */ 475 DALVIK_CACHE_POSTFIX); 476 477 for(tmp = path + strlen(DALVIK_CACHE_PREFIX); *tmp; tmp++) { 478 if (*tmp == '/') { 479 *tmp = '@'; 480 } 481 } 482 483 return 0; 484} 485 486static void run_dexopt(int zip_fd, int odex_fd, const char* input_file_name, 487 const char* dexopt_flags) 488{ 489 static const char* DEX_OPT_BIN = "/system/bin/dexopt"; 490 static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig 491 char zip_num[MAX_INT_LEN]; 492 char odex_num[MAX_INT_LEN]; 493 494 sprintf(zip_num, "%d", zip_fd); 495 sprintf(odex_num, "%d", odex_fd); 496 497 execl(DEX_OPT_BIN, DEX_OPT_BIN, "--zip", zip_num, odex_num, input_file_name, 498 dexopt_flags, (char*) NULL); 499 LOGE("execl(%s) failed: %s\n", DEX_OPT_BIN, strerror(errno)); 500} 501 502static int wait_dexopt(pid_t pid, const char* apk_path) 503{ 504 int status; 505 pid_t got_pid; 506 507 /* 508 * Wait for the optimization process to finish. 509 */ 510 while (1) { 511 got_pid = waitpid(pid, &status, 0); 512 if (got_pid == -1 && errno == EINTR) { 513 printf("waitpid interrupted, retrying\n"); 514 } else { 515 break; 516 } 517 } 518 if (got_pid != pid) { 519 LOGW("waitpid failed: wanted %d, got %d: %s\n", 520 (int) pid, (int) got_pid, strerror(errno)); 521 return 1; 522 } 523 524 if (WIFEXITED(status) && WEXITSTATUS(status) == 0) { 525 LOGD("DexInv: --- END '%s' (success) ---\n", apk_path); 526 return 0; 527 } else { 528 LOGW("DexInv: --- END '%s' --- status=0x%04x, process failed\n", 529 apk_path, status); 530 return status; /* always nonzero */ 531 } 532} 533 534int dexopt(const char *apk_path, uid_t uid, int is_public) 535{ 536 struct utimbuf ut; 537 struct stat apk_stat, dex_stat; 538 char dex_path[PKG_PATH_MAX]; 539 char dexopt_flags[PROPERTY_VALUE_MAX]; 540 char *end; 541 int res, zip_fd=-1, odex_fd=-1; 542 543 /* Before anything else: is there a .odex file? If so, we have 544 * pre-optimized the apk and there is nothing to do here. 545 */ 546 if (strlen(apk_path) >= (PKG_PATH_MAX - 8)) { 547 return -1; 548 } 549 550 /* platform-specific flags affecting optimization and verification */ 551 property_get("dalvik.vm.dexopt-flags", dexopt_flags, ""); 552 553 strcpy(dex_path, apk_path); 554 end = strrchr(dex_path, '.'); 555 if (end != NULL) { 556 strcpy(end, ".odex"); 557 if (stat(dex_path, &dex_stat) == 0) { 558 return 0; 559 } 560 } 561 562 if (create_cache_path(dex_path, apk_path)) { 563 return -1; 564 } 565 566 memset(&apk_stat, 0, sizeof(apk_stat)); 567 stat(apk_path, &apk_stat); 568 569 zip_fd = open(apk_path, O_RDONLY, 0); 570 if (zip_fd < 0) { 571 LOGE("dexopt cannot open '%s' for input\n", apk_path); 572 return -1; 573 } 574 575 unlink(dex_path); 576 odex_fd = open(dex_path, O_RDWR | O_CREAT | O_EXCL, 0644); 577 if (odex_fd < 0) { 578 LOGE("dexopt cannot open '%s' for output\n", dex_path); 579 goto fail; 580 } 581 if (fchown(odex_fd, AID_SYSTEM, uid) < 0) { 582 LOGE("dexopt cannot chown '%s'\n", dex_path); 583 goto fail; 584 } 585 if (fchmod(odex_fd, 586 S_IRUSR|S_IWUSR|S_IRGRP | 587 (is_public ? S_IROTH : 0)) < 0) { 588 LOGE("dexopt cannot chmod '%s'\n", dex_path); 589 goto fail; 590 } 591 592 LOGD("DexInv: --- BEGIN '%s' ---\n", apk_path); 593 594 pid_t pid; 595 pid = fork(); 596 if (pid == 0) { 597 /* child -- drop privileges before continuing */ 598 if (setgid(uid) != 0) { 599 LOGE("setgid(%d) failed during dexopt\n", uid); 600 exit(64); 601 } 602 if (setuid(uid) != 0) { 603 LOGE("setuid(%d) during dexopt\n", uid); 604 exit(65); 605 } 606 if (flock(odex_fd, LOCK_EX | LOCK_NB) != 0) { 607 LOGE("flock(%s) failed: %s\n", dex_path, strerror(errno)); 608 exit(66); 609 } 610 611 run_dexopt(zip_fd, odex_fd, apk_path, dexopt_flags); 612 exit(67); /* only get here on exec failure */ 613 } else { 614 res = wait_dexopt(pid, apk_path); 615 if (res != 0) { 616 LOGE("dexopt failed on '%s' res = %d\n", dex_path, res); 617 goto fail; 618 } 619 } 620 621 ut.actime = apk_stat.st_atime; 622 ut.modtime = apk_stat.st_mtime; 623 utime(dex_path, &ut); 624 625 close(odex_fd); 626 close(zip_fd); 627 return 0; 628 629fail: 630 if (odex_fd >= 0) { 631 close(odex_fd); 632 unlink(dex_path); 633 } 634 if (zip_fd >= 0) { 635 close(zip_fd); 636 } 637 return -1; 638} 639