1#!/bin/bash
2#===- lib/asan/scripts/asan_device_setup -----------------------------------===#
3#
4#                     The LLVM Compiler Infrastructure
5#
6# This file is distributed under the University of Illinois Open Source
7# License. See LICENSE.TXT for details.
8#
9# Prepare Android device to run ASan applications.
10#
11#===------------------------------------------------------------------------===#
12
13set -e
14
15HERE="$(cd "$(dirname "$0")" && pwd)"
16
17revert=no
18extra_options=
19device=
20lib=
21use_su=0
22
23function usage {
24    echo "usage: $0 [--revert] [--device device-id] [--lib path] [--extra-options options]"
25    echo "  --revert: Uninstall ASan from the device."
26    echo "  --lib: Path to ASan runtime library."
27    echo "  --extra-options: Extra ASAN_OPTIONS."
28    echo "  --device: Install to the given device. Use 'adb devices' to find"
29    echo "            device-id."
30    echo "  --use-su: Use 'su -c' prefix for every adb command instead of using"
31    echo "            'adb root' once."
32    echo
33    exit 1
34}
35
36function adb_push {
37  if [ $use_su -eq 0 ]; then
38    $ADB push "$1" "$2"
39  else
40    local FILENAME=$(basename $1)
41    $ADB push "$1" "/data/local/tmp/$FILENAME"
42    $ADB shell su -c "rm \\\"$2/$FILENAME\\\"" >&/dev/null
43    $ADB shell su -c "cat \\\"/data/local/tmp/$FILENAME\\\" > \\\"$2/$FILENAME\\\""
44    $ADB shell su -c "rm \\\"/data/local/tmp/$FILENAME\\\""
45  fi
46}
47
48function adb_remount {
49  if [ $use_su -eq 0 ]; then
50    $ADB remount
51  else
52    local STORAGE=`$ADB shell mount | grep /system | cut -d ' ' -f1`
53    if [ "$STORAGE" != "" ]; then
54      echo Remounting $STORAGE at /system
55      $ADB shell su -c "mount -o remount,rw $STORAGE /system"
56    else
57      echo Failed to get storage device name for "/system" mount point
58    fi
59  fi
60}
61
62function adb_shell {
63  if [ $use_su -eq 0 ]; then
64    $ADB shell $@
65  else
66    $ADB shell su -c "$*"
67  fi
68}
69
70function adb_root {
71  if [ $use_su -eq 0 ]; then
72    $ADB root
73  fi
74}
75
76function adb_wait_for_device {
77  $ADB wait-for-device
78}
79
80function adb_pull {
81  if [ $use_su -eq 0 ]; then
82    $ADB pull "$1" "$2"
83  else
84    local FILENAME=$(basename $1)
85    $ADB shell rm "/data/local/tmp/$FILENAME" >&/dev/null
86    $ADB shell su -c "[ -f \\\"$1\\\" ] && cat \\\"$1\\\" > \\\"/data/local/tmp/$FILENAME\\\" && chown root.shell \\\"/data/local/tmp/$FILENAME\\\" && chmod 755 \\\"/data/local/tmp/$FILENAME\\\"" &&
87    $ADB pull "/data/local/tmp/$FILENAME" "$2" >&/dev/null && $ADB shell "rm \"/data/local/tmp/$FILENAME\""
88  fi
89}
90
91function get_device_arch { # OUT OUT64
92    local _outvar=$1
93    local _outvar64=$2
94    local _ABI=$(adb_shell getprop ro.product.cpu.abi)
95    local _ARCH=
96    local _ARCH64=
97    if [[ $_ABI == x86* ]]; then
98        _ARCH=i686
99    elif [[ $_ABI == armeabi* ]]; then
100        _ARCH=arm
101    elif [[ $_ABI == arm64-v8a* ]]; then
102        _ARCH=arm
103        _ARCH64=aarch64
104    else
105        echo "Unrecognized device ABI: $_ABI"
106        exit 1
107    fi
108    eval $_outvar=\$_ARCH
109    eval $_outvar64=\$_ARCH64
110}
111
112while [[ $# > 0 ]]; do
113  case $1 in
114    --revert)
115      revert=yes
116      ;;
117    --extra-options)
118      shift
119      if [[ $# == 0 ]]; then
120        echo "--extra-options requires an argument."
121        exit 1
122      fi
123      extra_options="$1"
124      ;;
125    --lib)
126      shift
127      if [[ $# == 0 ]]; then
128        echo "--lib requires an argument."
129        exit 1
130      fi
131      lib="$1"
132      ;;
133    --device)
134      shift
135      if [[ $# == 0 ]]; then
136        echo "--device requires an argument."
137        exit 1
138      fi
139      device="$1"
140      ;;
141    --use-su)
142      use_su=1
143      ;;
144    *)
145      usage
146      ;;
147  esac
148  shift
149done
150
151ADB=${ADB:-adb}
152if [[ x$device != x ]]; then
153    ADB="$ADB -s $device"
154fi
155
156if [ $use_su -eq 1 ]; then
157  # Test if 'su' is present on the device
158  SU_TEST_OUT=`$ADB shell su -c "echo foo" 2>&1 | sed 's/\r$//'`
159  if [ $? != 0 -o "$SU_TEST_OUT" != "foo" ]; then
160    echo "ERROR: Cannot use 'su -c':"
161    echo "$ adb shell su -c \"echo foo\""
162    echo $SU_TEST_OUT
163    echo "Check that 'su' binary is correctly installed on the device or omit"
164    echo "            --use-su flag"
165    exit 1
166  fi
167fi
168
169echo '>> Remounting /system rw'
170adb_wait_for_device
171adb_root
172adb_wait_for_device
173adb_remount
174adb_wait_for_device
175
176get_device_arch ARCH ARCH64
177echo "Target architecture: $ARCH"
178ASAN_RT="libclang_rt.asan-$ARCH-android.so"
179if [[ -n $ARCH64 ]]; then
180  echo "Target architecture: $ARCH64"
181  ASAN_RT64="libclang_rt.asan-$ARCH64-android.so"
182fi
183
184if [[ x$revert == xyes ]]; then
185    echo '>> Uninstalling ASan'
186
187    if ! adb_shell ls -l /system/bin/app_process | grep -o '\->.*app_process' >&/dev/null; then
188      echo '>> Pre-L device detected.'
189      adb_shell mv /system/bin/app_process.real /system/bin/app_process
190      adb_shell rm /system/bin/asanwrapper
191    elif ! adb_shell ls -l /system/bin/app_process64.real | grep -o 'No such file or directory' >&/dev/null; then
192      # 64-bit installation.
193      adb_shell mv /system/bin/app_process32.real /system/bin/app_process32
194      adb_shell mv /system/bin/app_process64.real /system/bin/app_process64
195      adb_shell rm /system/bin/asanwrapper
196      adb_shell rm /system/bin/asanwrapper64
197    else
198      # 32-bit installation.
199      adb_shell rm /system/bin/app_process.wrap
200      adb_shell rm /system/bin/asanwrapper
201      adb_shell rm /system/bin/app_process
202      adb_shell ln -s /system/bin/app_process32 /system/bin/app_process
203    fi
204
205    echo '>> Restarting shell'
206    adb_shell stop
207    adb_shell start
208
209    # Remove the library on the last step to give a chance to the 'su' binary to
210    # be executed without problem.
211    adb_shell rm /system/lib/$ASAN_RT
212
213    echo '>> Done'
214    exit 0
215fi
216
217if [[ -d "$lib" ]]; then
218    ASAN_RT_PATH="$lib"
219elif [[ -f "$lib" && "$lib" == *"$ASAN_RT" ]]; then
220    ASAN_RT_PATH=$(dirname "$lib")
221elif [[ -f "$HERE/$ASAN_RT" ]]; then
222    ASAN_RT_PATH="$HERE"
223elif [[ $(basename "$HERE") == "bin" ]]; then
224    # We could be in the toolchain's base directory.
225    # Consider ../lib, ../lib/asan, ../lib/linux,
226    # ../lib/clang/$VERSION/lib/linux, and ../lib64/clang/$VERSION/lib/linux.
227    P=$(ls "$HERE"/../lib/"$ASAN_RT" \
228           "$HERE"/../lib/asan/"$ASAN_RT" \
229           "$HERE"/../lib/linux/"$ASAN_RT" \
230           "$HERE"/../lib/clang/*/lib/linux/"$ASAN_RT" \
231           "$HERE"/../lib64/clang/*/lib/linux/"$ASAN_RT" 2>/dev/null | sort | tail -1)
232    if [[ -n "$P" ]]; then
233        ASAN_RT_PATH="$(dirname "$P")"
234    fi
235fi
236
237if [[ -z "$ASAN_RT_PATH" || ! -f "$ASAN_RT_PATH/$ASAN_RT" ]]; then
238    echo ">> ASan runtime library not found"
239    exit 1
240fi
241
242if [[ -n "$ASAN_RT64" ]]; then
243  if [[ -z "$ASAN_RT_PATH" || ! -f "$ASAN_RT_PATH/$ASAN_RT64" ]]; then
244    echo ">> ASan runtime library not found"
245    exit 1
246  fi
247fi
248
249TMPDIRBASE=$(mktemp -d)
250TMPDIROLD="$TMPDIRBASE/old"
251TMPDIR="$TMPDIRBASE/new"
252mkdir "$TMPDIROLD"
253
254RELEASE=$(adb_shell getprop ro.build.version.release)
255PRE_L=0
256if echo "$RELEASE" | grep '^4\.' >&/dev/null; then
257    PRE_L=1
258fi
259
260if ! adb_shell ls -l /system/bin/app_process | grep -o '\->.*app_process' >&/dev/null; then
261
262    if adb_pull /system/bin/app_process.real /dev/null >&/dev/null; then
263        echo '>> Old-style ASan installation detected. Reverting.'
264        adb_shell mv /system/bin/app_process.real /system/bin/app_process
265    fi
266
267    echo '>> Pre-L device detected. Setting up app_process symlink.'
268    adb_shell mv /system/bin/app_process /system/bin/app_process32
269    adb_shell ln -s /system/bin/app_process32 /system/bin/app_process
270fi
271
272echo '>> Copying files from the device'
273if [[ -n "$ASAN_RT64" ]]; then
274  adb_pull /system/lib/"$ASAN_RT" "$TMPDIROLD" || true
275  adb_pull /system/lib64/"$ASAN_RT64" "$TMPDIROLD" || true
276  adb_pull /system/bin/app_process32 "$TMPDIROLD" || true
277  adb_pull /system/bin/app_process32.real "$TMPDIROLD" || true
278  adb_pull /system/bin/app_process64 "$TMPDIROLD" || true
279  adb_pull /system/bin/app_process64.real "$TMPDIROLD" || true
280  adb_pull /system/bin/asanwrapper "$TMPDIROLD" || true
281  adb_pull /system/bin/asanwrapper64 "$TMPDIROLD" || true
282else
283  adb_pull /system/lib/"$ASAN_RT" "$TMPDIROLD" || true
284  adb_pull /system/bin/app_process32 "$TMPDIROLD" || true
285  adb_pull /system/bin/app_process.wrap "$TMPDIROLD" || true
286  adb_pull /system/bin/asanwrapper "$TMPDIROLD" || true
287fi
288cp -r "$TMPDIROLD" "$TMPDIR"
289
290if [[ -f "$TMPDIR/app_process.wrap" || -f "$TMPDIR/app_process64.real" ]]; then
291    echo ">> Previous installation detected"
292else
293    echo ">> New installation"
294fi
295
296echo '>> Generating wrappers'
297
298cp "$ASAN_RT_PATH/$ASAN_RT" "$TMPDIR/"
299if [[ -n "$ASAN_RT64" ]]; then
300  cp "$ASAN_RT_PATH/$ASAN_RT64" "$TMPDIR/"
301fi
302
303# FIXME: alloc_dealloc_mismatch=0 prevents a failure in libdvm startup,
304# which may or may not be a real bug (probably not).
305ASAN_OPTIONS=start_deactivated=1,alloc_dealloc_mismatch=0,malloc_context_size=0
306
307function generate_zygote_wrapper { # from, to, asan_rt
308  local _from=$1
309  local _to=$2
310  local _asan_rt=$3
311  if [[ PRE_L -eq 0 ]]; then
312    # LD_PRELOAD parsing is broken in N if it starts with ":". Luckily, it is
313    # unset in the system environment since L.
314    local _ld_preload=$_asan_rt
315  else
316    local _ld_preload=\$LD_PRELOAD:$_asan_rt
317  fi
318  cat <<EOF >"$TMPDIR/$_from"
319#!/system/bin/sh-from-zygote
320ASAN_OPTIONS=$ASAN_OPTIONS \\
321ASAN_ACTIVATION_OPTIONS=include_if_exists=/data/local/tmp/asan.options.%b \\
322LD_PRELOAD=$_ld_preload \\
323exec $_to \$@
324
325EOF
326}
327
328# On Android-L not allowing user segv handler breaks some applications.
329if [[ PRE_L -eq 0 ]]; then
330    ASAN_OPTIONS="$ASAN_OPTIONS,allow_user_segv_handler=1"
331fi
332
333if [[ x$extra_options != x ]] ; then
334    ASAN_OPTIONS="$ASAN_OPTIONS,$extra_options"
335fi
336
337# Zygote wrapper.
338if [[ -f "$TMPDIR/app_process64" ]]; then
339  # A 64-bit device.
340  if [[ ! -f "$TMPDIR/app_process64.real" ]]; then
341    # New installation.
342    mv "$TMPDIR/app_process32" "$TMPDIR/app_process32.real"
343    mv "$TMPDIR/app_process64" "$TMPDIR/app_process64.real"
344  fi
345  generate_zygote_wrapper "app_process32" "/system/bin/app_process32.real" "$ASAN_RT"
346  generate_zygote_wrapper "app_process64" "/system/bin/app_process64.real" "$ASAN_RT64"
347else
348  # A 32-bit device.
349  generate_zygote_wrapper "app_process.wrap" "/system/bin/app_process32" "$ASAN_RT"
350fi
351
352# General command-line tool wrapper (use for anything that's not started as
353# zygote).
354cat <<EOF >"$TMPDIR/asanwrapper"
355#!/system/bin/sh
356LD_PRELOAD=$ASAN_RT \\
357exec \$@
358
359EOF
360
361if [[ -n "$ASAN_RT64" ]]; then
362  cat <<EOF >"$TMPDIR/asanwrapper64"
363#!/system/bin/sh
364LD_PRELOAD=$ASAN_RT64 \\
365exec \$@
366
367EOF
368fi
369
370function install { # from, to, chmod, chcon
371  local _from=$1
372  local _to=$2
373  local _mode=$3
374  local _context=$4
375  local _basename="$(basename "$_from")"
376  echo "Installing $_to/$_basename $_mode $_context"
377  adb_push "$_from" "$_to/$_basename"
378  adb_shell chown root.shell "$_to/$_basename"
379  if [[ -n "$_mode" ]]; then
380    adb_shell chmod "$_mode" "$_to/$_basename"
381  fi
382  if [[ -n "$_context" ]]; then
383    adb_shell chcon "$_context" "$_to/$_basename"
384  fi
385}
386
387if ! ( cd "$TMPDIRBASE" && diff -qr old/ new/ ) ; then
388    # Make SELinux happy by keeping app_process wrapper and the shell
389    # it runs on in zygote domain.
390    ENFORCING=0
391    if adb_shell getenforce | grep Enforcing >/dev/null; then
392        # Sometimes shell is not allowed to change file contexts.
393        # Temporarily switch to permissive.
394        ENFORCING=1
395        adb_shell setenforce 0
396    fi
397
398    if [[ PRE_L -eq 1 ]]; then
399        CTX=u:object_r:system_file:s0
400    else
401        CTX=u:object_r:zygote_exec:s0
402    fi
403
404    echo '>> Pushing files to the device'
405
406    if [[ -n "$ASAN_RT64" ]]; then
407      install "$TMPDIR/$ASAN_RT" /system/lib 644
408      install "$TMPDIR/$ASAN_RT64" /system/lib64 644
409      install "$TMPDIR/app_process32" /system/bin 755 $CTX
410      install "$TMPDIR/app_process32.real" /system/bin 755 $CTX
411      install "$TMPDIR/app_process64" /system/bin 755 $CTX
412      install "$TMPDIR/app_process64.real" /system/bin 755 $CTX
413      install "$TMPDIR/asanwrapper" /system/bin 755
414      install "$TMPDIR/asanwrapper64" /system/bin 755
415    else
416      install "$TMPDIR/$ASAN_RT" /system/lib 644
417      install "$TMPDIR/app_process32" /system/bin 755 $CTX
418      install "$TMPDIR/app_process.wrap" /system/bin 755 $CTX
419      install "$TMPDIR/asanwrapper" /system/bin 755 $CTX
420
421      adb_shell rm /system/bin/app_process
422      adb_shell ln -s /system/bin/app_process.wrap /system/bin/app_process
423    fi
424
425    adb_shell cp /system/bin/sh /system/bin/sh-from-zygote
426    adb_shell chcon $CTX /system/bin/sh-from-zygote
427
428    if [ $ENFORCING == 1 ]; then
429        adb_shell setenforce 1
430    fi
431
432    echo '>> Restarting shell (asynchronous)'
433    adb_shell stop
434    adb_shell start
435
436    echo '>> Please wait until the device restarts'
437else
438    echo '>> Device is up to date'
439fi
440
441rm -r "$TMPDIRBASE"
442