devices.c revision 6405c6953fa02d41d9f6377f4cdb947604f481c4
1/* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <errno.h> 18#include <stdio.h> 19#include <stdlib.h> 20#include <sys/stat.h> 21#include <sys/types.h> 22 23#include <fcntl.h> 24#include <dirent.h> 25#include <unistd.h> 26#include <string.h> 27 28#include <sys/socket.h> 29#include <sys/un.h> 30#include <linux/netlink.h> 31#include <private/android_filesystem_config.h> 32#include <sys/time.h> 33#include <asm/page.h> 34 35#include "init.h" 36#include "devices.h" 37 38#define CMDLINE_PREFIX "/dev" 39#define SYSFS_PREFIX "/sys" 40#define FIRMWARE_DIR "/etc/firmware" 41#define MAX_QEMU_PERM 6 42 43struct uevent { 44 const char *action; 45 const char *path; 46 const char *subsystem; 47 const char *firmware; 48 int major; 49 int minor; 50}; 51 52static int open_uevent_socket(void) 53{ 54 struct sockaddr_nl addr; 55 int sz = 64*1024; // XXX larger? udev uses 16MB! 56 int s; 57 58 memset(&addr, 0, sizeof(addr)); 59 addr.nl_family = AF_NETLINK; 60 addr.nl_pid = getpid(); 61 addr.nl_groups = 0xffffffff; 62 63 s = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_KOBJECT_UEVENT); 64 if(s < 0) 65 return -1; 66 67 setsockopt(s, SOL_SOCKET, SO_RCVBUFFORCE, &sz, sizeof(sz)); 68 69 if(bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 70 close(s); 71 return -1; 72 } 73 74 return s; 75} 76 77struct perms_ { 78 char *name; 79 mode_t perm; 80 unsigned int uid; 81 unsigned int gid; 82 unsigned short prefix; 83}; 84static struct perms_ devperms[] = { 85 { "/dev/null", 0666, AID_ROOT, AID_ROOT, 0 }, 86 { "/dev/zero", 0666, AID_ROOT, AID_ROOT, 0 }, 87 { "/dev/full", 0666, AID_ROOT, AID_ROOT, 0 }, 88 { "/dev/ptmx", 0666, AID_ROOT, AID_ROOT, 0 }, 89 { "/dev/tty", 0666, AID_ROOT, AID_ROOT, 0 }, 90 { "/dev/random", 0666, AID_ROOT, AID_ROOT, 0 }, 91 { "/dev/urandom", 0666, AID_ROOT, AID_ROOT, 0 }, 92 { "/dev/ashmem", 0666, AID_ROOT, AID_ROOT, 0 }, 93 { "/dev/binder", 0666, AID_ROOT, AID_ROOT, 0 }, 94 95 /* logger should be world writable (for logging) but not readable */ 96 { "/dev/log/", 0662, AID_ROOT, AID_LOG, 1 }, 97 98 /* the msm hw3d client device node is world writable/readable. */ 99 { "/dev/msm_hw3dc", 0666, AID_ROOT, AID_ROOT, 0 }, 100 101 /* gpu driver for adreno200 is globally accessible */ 102 { "/dev/kgsl", 0666, AID_ROOT, AID_ROOT, 0 }, 103 104 /* these should not be world writable */ 105 { "/dev/diag", 0660, AID_RADIO, AID_RADIO, 0 }, 106 { "/dev/diag_arm9", 0660, AID_RADIO, AID_RADIO, 0 }, 107 { "/dev/android_adb", 0660, AID_ADB, AID_ADB, 0 }, 108 { "/dev/android_adb_enable", 0660, AID_ADB, AID_ADB, 0 }, 109 { "/dev/ttyMSM0", 0600, AID_BLUETOOTH, AID_BLUETOOTH, 0 }, 110 { "/dev/ttyHS0", 0600, AID_BLUETOOTH, AID_BLUETOOTH, 0 }, 111 { "/dev/uinput", 0660, AID_SYSTEM, AID_BLUETOOTH, 0 }, 112 { "/dev/alarm", 0664, AID_SYSTEM, AID_RADIO, 0 }, 113 { "/dev/tty0", 0660, AID_ROOT, AID_SYSTEM, 0 }, 114 { "/dev/graphics/", 0660, AID_ROOT, AID_GRAPHICS, 1 }, 115 { "/dev/msm_hw3dm", 0660, AID_SYSTEM, AID_GRAPHICS, 0 }, 116 { "/dev/input/", 0660, AID_ROOT, AID_INPUT, 1 }, 117 { "/dev/eac", 0660, AID_ROOT, AID_AUDIO, 0 }, 118 { "/dev/cam", 0660, AID_ROOT, AID_CAMERA, 0 }, 119 { "/dev/pmem", 0660, AID_SYSTEM, AID_GRAPHICS, 0 }, 120 { "/dev/pmem_adsp", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 121 { "/dev/pmem_camera", 0660, AID_SYSTEM, AID_CAMERA, 1 }, 122 { "/dev/oncrpc/", 0660, AID_ROOT, AID_SYSTEM, 1 }, 123 { "/dev/adsp/", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 124 { "/dev/snd/", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 125 { "/dev/mt9t013", 0660, AID_SYSTEM, AID_SYSTEM, 0 }, 126 { "/dev/msm_camera/", 0660, AID_SYSTEM, AID_SYSTEM, 1 }, 127 { "/dev/akm8976_daemon",0640, AID_COMPASS, AID_SYSTEM, 0 }, 128 { "/dev/akm8976_aot", 0640, AID_COMPASS, AID_SYSTEM, 0 }, 129 { "/dev/akm8973_daemon",0640, AID_COMPASS, AID_SYSTEM, 0 }, 130 { "/dev/akm8973_aot", 0640, AID_COMPASS, AID_SYSTEM, 0 }, 131 { "/dev/bma150", 0640, AID_COMPASS, AID_SYSTEM, 0 }, 132 { "/dev/cm3602", 0640, AID_COMPASS, AID_SYSTEM, 0 }, 133 { "/dev/akm8976_pffd", 0640, AID_COMPASS, AID_SYSTEM, 0 }, 134 { "/dev/lightsensor", 0640, AID_SYSTEM, AID_SYSTEM, 0 }, 135 { "/dev/msm_pcm_out", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 136 { "/dev/msm_pcm_in", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 137 { "/dev/msm_pcm_ctl", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 138 { "/dev/msm_snd", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 139 { "/dev/msm_mp3", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 140 { "/dev/audience_a1026", 0660, AID_SYSTEM, AID_AUDIO, 1 }, 141 { "/dev/msm_audpre", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 142 { "/dev/msm_audio_ctl", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 143 { "/dev/htc-acoustic", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 144 { "/dev/vdec", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 145 { "/dev/q6venc", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 146 { "/dev/snd/dsp", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 147 { "/dev/snd/dsp1", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 148 { "/dev/snd/mixer", 0660, AID_SYSTEM, AID_AUDIO, 0 }, 149 { "/dev/smd0", 0640, AID_RADIO, AID_RADIO, 0 }, 150 { "/dev/qemu_trace", 0666, AID_SYSTEM, AID_SYSTEM, 0 }, 151 { "/dev/qmi", 0640, AID_RADIO, AID_RADIO, 0 }, 152 { "/dev/qmi0", 0640, AID_RADIO, AID_RADIO, 0 }, 153 { "/dev/qmi1", 0640, AID_RADIO, AID_RADIO, 0 }, 154 { "/dev/qmi2", 0640, AID_RADIO, AID_RADIO, 0 }, 155 /* CDMA radio interface MUX */ 156 { "/dev/ts0710mux", 0640, AID_RADIO, AID_RADIO, 1 }, 157 { "/dev/ppp", 0660, AID_RADIO, AID_VPN, 0 }, 158 { "/dev/tun", 0640, AID_VPN, AID_VPN, 0 }, 159 { NULL, 0, 0, 0, 0 }, 160}; 161 162/* devperms_partners list and perm_node are for hardware specific /dev entries */ 163struct perm_node { 164 struct perms_ dp; 165 struct listnode plist; 166}; 167list_declare(devperms_partners); 168 169/* 170 * Permission override when in emulator mode, must be parsed before 171 * system properties is initalized. 172 */ 173static int qemu_perm_count; 174static struct perms_ qemu_perms[MAX_QEMU_PERM + 1]; 175 176int add_devperms_partners(const char *name, mode_t perm, unsigned int uid, 177 unsigned int gid, unsigned short prefix) { 178 int size; 179 struct perm_node *node = malloc(sizeof (struct perm_node)); 180 if (!node) 181 return -ENOMEM; 182 183 size = strlen(name) + 1; 184 if ((node->dp.name = malloc(size)) == NULL) 185 return -ENOMEM; 186 187 memcpy(node->dp.name, name, size); 188 node->dp.perm = perm; 189 node->dp.uid = uid; 190 node->dp.gid = gid; 191 node->dp.prefix = prefix; 192 193 list_add_tail(&devperms_partners, &node->plist); 194 return 0; 195} 196 197void qemu_init(void) { 198 qemu_perm_count = 0; 199 memset(&qemu_perms, 0, sizeof(qemu_perms)); 200} 201 202static int qemu_perm(const char* name, mode_t perm, unsigned int uid, 203 unsigned int gid, unsigned short prefix) 204{ 205 char *buf; 206 if (qemu_perm_count == MAX_QEMU_PERM) 207 return -ENOSPC; 208 209 buf = malloc(strlen(name) + 1); 210 if (!buf) 211 return -errno; 212 213 strlcpy(buf, name, strlen(name) + 1); 214 qemu_perms[qemu_perm_count].name = buf; 215 qemu_perms[qemu_perm_count].perm = perm; 216 qemu_perms[qemu_perm_count].uid = uid; 217 qemu_perms[qemu_perm_count].gid = gid; 218 qemu_perms[qemu_perm_count].prefix = prefix; 219 220 qemu_perm_count++; 221 return 0; 222} 223 224/* Permission overrides for emulator that are parsed from /proc/cmdline. */ 225void qemu_cmdline(const char* name, const char *value) 226{ 227 char *buf; 228 if (!strcmp(name, "android.ril")) { 229 /* cmd line params currently assume /dev/ prefix */ 230 if (asprintf(&buf, CMDLINE_PREFIX"/%s", value) == -1) { 231 return; 232 } 233 INFO("nani- buf:: %s\n", buf); 234 qemu_perm(buf, 0660, AID_RADIO, AID_ROOT, 0); 235 } 236} 237 238static int get_device_perm_inner(struct perms_ *perms, const char *path, 239 unsigned *uid, unsigned *gid, mode_t *perm) 240{ 241 int i; 242 for(i = 0; perms[i].name; i++) { 243 244 if(perms[i].prefix) { 245 if(strncmp(path, perms[i].name, strlen(perms[i].name))) 246 continue; 247 } else { 248 if(strcmp(path, perms[i].name)) 249 continue; 250 } 251 *uid = perms[i].uid; 252 *gid = perms[i].gid; 253 *perm = perms[i].perm; 254 return 0; 255 } 256 return -1; 257} 258 259/* First checks for emulator specific permissions specified in /proc/cmdline. */ 260static mode_t get_device_perm(const char *path, unsigned *uid, unsigned *gid) 261{ 262 mode_t perm; 263 264 if (get_device_perm_inner(qemu_perms, path, uid, gid, &perm) == 0) { 265 return perm; 266 } else if (get_device_perm_inner(devperms, path, uid, gid, &perm) == 0) { 267 return perm; 268 } else { 269 struct listnode *node; 270 struct perm_node *perm_node; 271 struct perms_ *dp; 272 273 /* Check partners list. */ 274 list_for_each(node, &devperms_partners) { 275 perm_node = node_to_item(node, struct perm_node, plist); 276 dp = &perm_node->dp; 277 278 if (dp->prefix) { 279 if (strncmp(path, dp->name, strlen(dp->name))) 280 continue; 281 } else { 282 if (strcmp(path, dp->name)) 283 continue; 284 } 285 /* Found perm in partner list. */ 286 *uid = dp->uid; 287 *gid = dp->gid; 288 return dp->perm; 289 } 290 /* Default if nothing found. */ 291 *uid = 0; 292 *gid = 0; 293 return 0600; 294 } 295} 296 297static void make_device(const char *path, int block, int major, int minor) 298{ 299 unsigned uid; 300 unsigned gid; 301 mode_t mode; 302 dev_t dev; 303 304 if(major > 255 || minor > 255) 305 return; 306 307 mode = get_device_perm(path, &uid, &gid) | (block ? S_IFBLK : S_IFCHR); 308 dev = (major << 8) | minor; 309 /* Temporarily change egid to avoid race condition setting the gid of the 310 * device node. Unforunately changing the euid would prevent creation of 311 * some device nodes, so the uid has to be set with chown() and is still 312 * racy. Fixing the gid race at least fixed the issue with system_server 313 * opening dynamic input devices under the AID_INPUT gid. */ 314 setegid(gid); 315 mknod(path, mode, dev); 316 chown(path, uid, -1); 317 setegid(AID_ROOT); 318} 319 320#if LOG_UEVENTS 321 322static inline suseconds_t get_usecs(void) 323{ 324 struct timeval tv; 325 gettimeofday(&tv, 0); 326 return tv.tv_sec * (suseconds_t) 1000000 + tv.tv_usec; 327} 328 329#define log_event_print(x...) INFO(x) 330 331#else 332 333#define log_event_print(fmt, args...) do { } while (0) 334#define get_usecs() 0 335 336#endif 337 338static void parse_event(const char *msg, struct uevent *uevent) 339{ 340 uevent->action = ""; 341 uevent->path = ""; 342 uevent->subsystem = ""; 343 uevent->firmware = ""; 344 uevent->major = -1; 345 uevent->minor = -1; 346 347 /* currently ignoring SEQNUM */ 348 while(*msg) { 349 if(!strncmp(msg, "ACTION=", 7)) { 350 msg += 7; 351 uevent->action = msg; 352 } else if(!strncmp(msg, "DEVPATH=", 8)) { 353 msg += 8; 354 uevent->path = msg; 355 } else if(!strncmp(msg, "SUBSYSTEM=", 10)) { 356 msg += 10; 357 uevent->subsystem = msg; 358 } else if(!strncmp(msg, "FIRMWARE=", 9)) { 359 msg += 9; 360 uevent->firmware = msg; 361 } else if(!strncmp(msg, "MAJOR=", 6)) { 362 msg += 6; 363 uevent->major = atoi(msg); 364 } else if(!strncmp(msg, "MINOR=", 6)) { 365 msg += 6; 366 uevent->minor = atoi(msg); 367 } 368 369 /* advance to after the next \0 */ 370 while(*msg++) 371 ; 372 } 373 374 log_event_print("event { '%s', '%s', '%s', '%s', %d, %d }\n", 375 uevent->action, uevent->path, uevent->subsystem, 376 uevent->firmware, uevent->major, uevent->minor); 377} 378 379static void handle_device_event(struct uevent *uevent) 380{ 381 char devpath[96]; 382 char *base, *name; 383 int block; 384 385 /* if it's not a /dev device, nothing to do */ 386 if((uevent->major < 0) || (uevent->minor < 0)) 387 return; 388 389 /* do we have a name? */ 390 name = strrchr(uevent->path, '/'); 391 if(!name) 392 return; 393 name++; 394 395 /* too-long names would overrun our buffer */ 396 if(strlen(name) > 64) 397 return; 398 399 /* are we block or char? where should we live? */ 400 if(!strncmp(uevent->subsystem, "block", 5)) { 401 block = 1; 402 base = "/dev/block/"; 403 mkdir(base, 0755); 404 } else { 405 block = 0; 406 /* this should probably be configurable somehow */ 407 if(!strncmp(uevent->subsystem, "graphics", 8)) { 408 base = "/dev/graphics/"; 409 mkdir(base, 0755); 410 } else if (!strncmp(uevent->subsystem, "oncrpc", 6)) { 411 base = "/dev/oncrpc/"; 412 mkdir(base, 0755); 413 } else if (!strncmp(uevent->subsystem, "adsp", 4)) { 414 base = "/dev/adsp/"; 415 mkdir(base, 0755); 416 } else if (!strncmp(uevent->subsystem, "msm_camera", 10)) { 417 base = "/dev/msm_camera/"; 418 mkdir(base, 0755); 419 } else if(!strncmp(uevent->subsystem, "input", 5)) { 420 base = "/dev/input/"; 421 mkdir(base, 0755); 422 } else if(!strncmp(uevent->subsystem, "mtd", 3)) { 423 base = "/dev/mtd/"; 424 mkdir(base, 0755); 425 } else if(!strncmp(uevent->subsystem, "sound", 5)) { 426 base = "/dev/snd/"; 427 mkdir(base, 0755); 428 } else if(!strncmp(uevent->subsystem, "misc", 4) && 429 !strncmp(name, "log_", 4)) { 430 base = "/dev/log/"; 431 mkdir(base, 0755); 432 name += 4; 433 } else 434 base = "/dev/"; 435 } 436 437 snprintf(devpath, sizeof(devpath), "%s%s", base, name); 438 439 if(!strcmp(uevent->action, "add")) { 440 make_device(devpath, block, uevent->major, uevent->minor); 441 return; 442 } 443 444 if(!strcmp(uevent->action, "remove")) { 445 unlink(devpath); 446 return; 447 } 448} 449 450static int load_firmware(int fw_fd, int loading_fd, int data_fd) 451{ 452 struct stat st; 453 long len_to_copy; 454 int ret = 0; 455 456 if(fstat(fw_fd, &st) < 0) 457 return -1; 458 len_to_copy = st.st_size; 459 460 write(loading_fd, "1", 1); /* start transfer */ 461 462 while (len_to_copy > 0) { 463 char buf[PAGE_SIZE]; 464 ssize_t nr; 465 466 nr = read(fw_fd, buf, sizeof(buf)); 467 if(!nr) 468 break; 469 if(nr < 0) { 470 ret = -1; 471 break; 472 } 473 474 len_to_copy -= nr; 475 while (nr > 0) { 476 ssize_t nw = 0; 477 478 nw = write(data_fd, buf + nw, nr); 479 if(nw <= 0) { 480 ret = -1; 481 goto out; 482 } 483 nr -= nw; 484 } 485 } 486 487out: 488 if(!ret) 489 write(loading_fd, "0", 1); /* successful end of transfer */ 490 else 491 write(loading_fd, "-1", 2); /* abort transfer */ 492 493 return ret; 494} 495 496static void process_firmware_event(struct uevent *uevent) 497{ 498 char *root, *loading, *data, *file; 499 int l, loading_fd, data_fd, fw_fd; 500 501 log_event_print("firmware event { '%s', '%s' }\n", 502 uevent->path, uevent->firmware); 503 504 l = asprintf(&root, SYSFS_PREFIX"%s/", uevent->path); 505 if (l == -1) 506 return; 507 508 l = asprintf(&loading, "%sloading", root); 509 if (l == -1) 510 goto root_free_out; 511 512 l = asprintf(&data, "%sdata", root); 513 if (l == -1) 514 goto loading_free_out; 515 516 l = asprintf(&file, FIRMWARE_DIR"/%s", uevent->firmware); 517 if (l == -1) 518 goto data_free_out; 519 520 loading_fd = open(loading, O_WRONLY); 521 if(loading_fd < 0) 522 goto file_free_out; 523 524 data_fd = open(data, O_WRONLY); 525 if(data_fd < 0) 526 goto loading_close_out; 527 528 fw_fd = open(file, O_RDONLY); 529 if(fw_fd < 0) 530 goto data_close_out; 531 532 if(!load_firmware(fw_fd, loading_fd, data_fd)) 533 log_event_print("firmware copy success { '%s', '%s' }\n", root, file); 534 else 535 log_event_print("firmware copy failure { '%s', '%s' }\n", root, file); 536 537 close(fw_fd); 538data_close_out: 539 close(data_fd); 540loading_close_out: 541 close(loading_fd); 542file_free_out: 543 free(file); 544data_free_out: 545 free(data); 546loading_free_out: 547 free(loading); 548root_free_out: 549 free(root); 550} 551 552static void handle_firmware_event(struct uevent *uevent) 553{ 554 pid_t pid; 555 556 if(strcmp(uevent->subsystem, "firmware")) 557 return; 558 559 if(strcmp(uevent->action, "add")) 560 return; 561 562 /* we fork, to avoid making large memory allocations in init proper */ 563 pid = fork(); 564 if (!pid) { 565 process_firmware_event(uevent); 566 exit(EXIT_SUCCESS); 567 } 568} 569 570#define UEVENT_MSG_LEN 1024 571void handle_device_fd(int fd) 572{ 573 char msg[UEVENT_MSG_LEN+2]; 574 int n; 575 576 while((n = recv(fd, msg, UEVENT_MSG_LEN, 0)) > 0) { 577 struct uevent uevent; 578 579 if(n == UEVENT_MSG_LEN) /* overflow -- discard */ 580 continue; 581 582 msg[n] = '\0'; 583 msg[n+1] = '\0'; 584 585 parse_event(msg, &uevent); 586 587 handle_device_event(&uevent); 588 handle_firmware_event(&uevent); 589 } 590} 591 592/* Coldboot walks parts of the /sys tree and pokes the uevent files 593** to cause the kernel to regenerate device add events that happened 594** before init's device manager was started 595** 596** We drain any pending events from the netlink socket every time 597** we poke another uevent file to make sure we don't overrun the 598** socket's buffer. 599*/ 600 601static void do_coldboot(int event_fd, DIR *d) 602{ 603 struct dirent *de; 604 int dfd, fd; 605 606 dfd = dirfd(d); 607 608 fd = openat(dfd, "uevent", O_WRONLY); 609 if(fd >= 0) { 610 write(fd, "add\n", 4); 611 close(fd); 612 handle_device_fd(event_fd); 613 } 614 615 while((de = readdir(d))) { 616 DIR *d2; 617 618 if(de->d_type != DT_DIR || de->d_name[0] == '.') 619 continue; 620 621 fd = openat(dfd, de->d_name, O_RDONLY | O_DIRECTORY); 622 if(fd < 0) 623 continue; 624 625 d2 = fdopendir(fd); 626 if(d2 == 0) 627 close(fd); 628 else { 629 do_coldboot(event_fd, d2); 630 closedir(d2); 631 } 632 } 633} 634 635static void coldboot(int event_fd, const char *path) 636{ 637 DIR *d = opendir(path); 638 if(d) { 639 do_coldboot(event_fd, d); 640 closedir(d); 641 } 642} 643 644int device_init(void) 645{ 646 suseconds_t t0, t1; 647 int fd; 648 649 fd = open_uevent_socket(); 650 if(fd < 0) 651 return -1; 652 653 fcntl(fd, F_SETFD, FD_CLOEXEC); 654 fcntl(fd, F_SETFL, O_NONBLOCK); 655 656 t0 = get_usecs(); 657 coldboot(fd, "/sys/class"); 658 coldboot(fd, "/sys/block"); 659 coldboot(fd, "/sys/devices"); 660 t1 = get_usecs(); 661 662 log_event_print("coldboot %ld uS\n", ((long) (t1 - t0))); 663 664 return fd; 665} 666