1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "util.h" 18 19#include <ctype.h> 20#include <errno.h> 21#include <fcntl.h> 22#include <pwd.h> 23#include <stdarg.h> 24#include <stdio.h> 25#include <stdlib.h> 26#include <string.h> 27#include <sys/socket.h> 28#include <sys/un.h> 29#include <time.h> 30#include <unistd.h> 31 32#include <thread> 33 34#include <android-base/file.h> 35#include <android-base/logging.h> 36#include <android-base/stringprintf.h> 37#include <android-base/strings.h> 38#include <android-base/unique_fd.h> 39#include <cutils/android_reboot.h> 40#include <cutils/sockets.h> 41#include <selinux/android.h> 42 43#include "reboot.h" 44 45#if defined(__ANDROID__) 46#include <android-base/properties.h> 47 48#include "selinux.h" 49#else 50#include "host_init_stubs.h" 51#endif 52 53#ifdef _INIT_INIT_H 54#error "Do not include init.h in files used by ueventd or watchdogd; it will expose init's globals" 55#endif 56 57using android::base::boot_clock; 58using namespace std::literals::string_literals; 59 60namespace android { 61namespace init { 62 63const std::string kDefaultAndroidDtDir("/proc/device-tree/firmware/android/"); 64 65// DecodeUid() - decodes and returns the given string, which can be either the 66// numeric or name representation, into the integer uid or gid. 67Result<uid_t> DecodeUid(const std::string& name) { 68 if (isalpha(name[0])) { 69 passwd* pwd = getpwnam(name.c_str()); 70 if (!pwd) return ErrnoError() << "getpwnam failed"; 71 72 return pwd->pw_uid; 73 } 74 75 errno = 0; 76 uid_t result = static_cast<uid_t>(strtoul(name.c_str(), 0, 0)); 77 if (errno) return ErrnoError() << "strtoul failed"; 78 79 return result; 80} 81 82/* 83 * CreateSocket - creates a Unix domain socket in ANDROID_SOCKET_DIR 84 * ("/dev/socket") as dictated in init.rc. This socket is inherited by the 85 * daemon. We communicate the file descriptor's value via the environment 86 * variable ANDROID_SOCKET_ENV_PREFIX<name> ("ANDROID_SOCKET_foo"). 87 */ 88int CreateSocket(const char* name, int type, bool passcred, mode_t perm, uid_t uid, gid_t gid, 89 const char* socketcon) { 90 if (socketcon) { 91 if (setsockcreatecon(socketcon) == -1) { 92 PLOG(ERROR) << "setsockcreatecon(\"" << socketcon << "\") failed"; 93 return -1; 94 } 95 } 96 97 android::base::unique_fd fd(socket(PF_UNIX, type, 0)); 98 if (fd < 0) { 99 PLOG(ERROR) << "Failed to open socket '" << name << "'"; 100 return -1; 101 } 102 103 if (socketcon) setsockcreatecon(NULL); 104 105 struct sockaddr_un addr; 106 memset(&addr, 0 , sizeof(addr)); 107 addr.sun_family = AF_UNIX; 108 snprintf(addr.sun_path, sizeof(addr.sun_path), ANDROID_SOCKET_DIR"/%s", 109 name); 110 111 if ((unlink(addr.sun_path) != 0) && (errno != ENOENT)) { 112 PLOG(ERROR) << "Failed to unlink old socket '" << name << "'"; 113 return -1; 114 } 115 116 std::string secontext; 117 if (SelabelLookupFileContext(addr.sun_path, S_IFSOCK, &secontext) && !secontext.empty()) { 118 setfscreatecon(secontext.c_str()); 119 } 120 121 if (passcred) { 122 int on = 1; 123 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) { 124 PLOG(ERROR) << "Failed to set SO_PASSCRED '" << name << "'"; 125 return -1; 126 } 127 } 128 129 int ret = bind(fd, (struct sockaddr *) &addr, sizeof (addr)); 130 int savederrno = errno; 131 132 if (!secontext.empty()) { 133 setfscreatecon(nullptr); 134 } 135 136 if (ret) { 137 errno = savederrno; 138 PLOG(ERROR) << "Failed to bind socket '" << name << "'"; 139 goto out_unlink; 140 } 141 142 if (lchown(addr.sun_path, uid, gid)) { 143 PLOG(ERROR) << "Failed to lchown socket '" << addr.sun_path << "'"; 144 goto out_unlink; 145 } 146 if (fchmodat(AT_FDCWD, addr.sun_path, perm, AT_SYMLINK_NOFOLLOW)) { 147 PLOG(ERROR) << "Failed to fchmodat socket '" << addr.sun_path << "'"; 148 goto out_unlink; 149 } 150 151 LOG(INFO) << "Created socket '" << addr.sun_path << "'" 152 << ", mode " << std::oct << perm << std::dec 153 << ", user " << uid 154 << ", group " << gid; 155 156 return fd.release(); 157 158out_unlink: 159 unlink(addr.sun_path); 160 return -1; 161} 162 163Result<std::string> ReadFile(const std::string& path) { 164 android::base::unique_fd fd( 165 TEMP_FAILURE_RETRY(open(path.c_str(), O_RDONLY | O_NOFOLLOW | O_CLOEXEC))); 166 if (fd == -1) { 167 return ErrnoError() << "open() failed"; 168 } 169 170 // For security reasons, disallow world-writable 171 // or group-writable files. 172 struct stat sb; 173 if (fstat(fd, &sb) == -1) { 174 return ErrnoError() << "fstat failed()"; 175 } 176 if ((sb.st_mode & (S_IWGRP | S_IWOTH)) != 0) { 177 return Error() << "Skipping insecure file"; 178 } 179 180 std::string content; 181 if (!android::base::ReadFdToString(fd, &content)) { 182 return ErrnoError() << "Unable to read file contents"; 183 } 184 return content; 185} 186 187static int OpenFile(const std::string& path, int flags, mode_t mode) { 188 std::string secontext; 189 if (SelabelLookupFileContext(path, mode, &secontext) && !secontext.empty()) { 190 setfscreatecon(secontext.c_str()); 191 } 192 193 int rc = open(path.c_str(), flags, mode); 194 195 if (!secontext.empty()) { 196 int save_errno = errno; 197 setfscreatecon(nullptr); 198 errno = save_errno; 199 } 200 201 return rc; 202} 203 204Result<Success> WriteFile(const std::string& path, const std::string& content) { 205 android::base::unique_fd fd(TEMP_FAILURE_RETRY( 206 OpenFile(path, O_WRONLY | O_CREAT | O_NOFOLLOW | O_TRUNC | O_CLOEXEC, 0600))); 207 if (fd == -1) { 208 return ErrnoError() << "open() failed"; 209 } 210 if (!android::base::WriteStringToFd(content, fd)) { 211 return ErrnoError() << "Unable to write file contents"; 212 } 213 return Success(); 214} 215 216bool mkdir_recursive(const std::string& path, mode_t mode) { 217 std::string::size_type slash = 0; 218 while ((slash = path.find('/', slash + 1)) != std::string::npos) { 219 auto directory = path.substr(0, slash); 220 struct stat info; 221 if (stat(directory.c_str(), &info) != 0) { 222 auto ret = make_dir(directory, mode); 223 if (!ret && errno != EEXIST) return false; 224 } 225 } 226 auto ret = make_dir(path, mode); 227 if (!ret && errno != EEXIST) return false; 228 return true; 229} 230 231int wait_for_file(const char* filename, std::chrono::nanoseconds timeout) { 232 android::base::Timer t; 233 while (t.duration() < timeout) { 234 struct stat sb; 235 if (stat(filename, &sb) != -1) { 236 LOG(INFO) << "wait for '" << filename << "' took " << t; 237 return 0; 238 } 239 std::this_thread::sleep_for(10ms); 240 } 241 LOG(WARNING) << "wait for '" << filename << "' timed out and took " << t; 242 return -1; 243} 244 245void import_kernel_cmdline(bool in_qemu, 246 const std::function<void(const std::string&, const std::string&, bool)>& fn) { 247 std::string cmdline; 248 android::base::ReadFileToString("/proc/cmdline", &cmdline); 249 250 for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) { 251 std::vector<std::string> pieces = android::base::Split(entry, "="); 252 if (pieces.size() == 2) { 253 fn(pieces[0], pieces[1], in_qemu); 254 } 255 } 256} 257 258bool make_dir(const std::string& path, mode_t mode) { 259 std::string secontext; 260 if (SelabelLookupFileContext(path, mode, &secontext) && !secontext.empty()) { 261 setfscreatecon(secontext.c_str()); 262 } 263 264 int rc = mkdir(path.c_str(), mode); 265 266 if (!secontext.empty()) { 267 int save_errno = errno; 268 setfscreatecon(nullptr); 269 errno = save_errno; 270 } 271 272 return rc == 0; 273} 274 275/* 276 * Writes hex_len hex characters (1/2 byte) to hex from bytes. 277 */ 278std::string bytes_to_hex(const uint8_t* bytes, size_t bytes_len) { 279 std::string hex("0x"); 280 for (size_t i = 0; i < bytes_len; i++) 281 android::base::StringAppendF(&hex, "%02x", bytes[i]); 282 return hex; 283} 284 285/* 286 * Returns true is pathname is a directory 287 */ 288bool is_dir(const char* pathname) { 289 struct stat info; 290 if (stat(pathname, &info) == -1) { 291 return false; 292 } 293 return S_ISDIR(info.st_mode); 294} 295 296bool expand_props(const std::string& src, std::string* dst) { 297 const char* src_ptr = src.c_str(); 298 299 if (!dst) { 300 return false; 301 } 302 303 /* - variables can either be $x.y or ${x.y}, in case they are only part 304 * of the string. 305 * - will accept $$ as a literal $. 306 * - no nested property expansion, i.e. ${foo.${bar}} is not supported, 307 * bad things will happen 308 * - ${x.y:-default} will return default value if property empty. 309 */ 310 while (*src_ptr) { 311 const char* c; 312 313 c = strchr(src_ptr, '$'); 314 if (!c) { 315 dst->append(src_ptr); 316 return true; 317 } 318 319 dst->append(src_ptr, c); 320 c++; 321 322 if (*c == '$') { 323 dst->push_back(*(c++)); 324 src_ptr = c; 325 continue; 326 } else if (*c == '\0') { 327 return true; 328 } 329 330 std::string prop_name; 331 std::string def_val; 332 if (*c == '{') { 333 c++; 334 const char* end = strchr(c, '}'); 335 if (!end) { 336 // failed to find closing brace, abort. 337 LOG(ERROR) << "unexpected end of string in '" << src << "', looking for }"; 338 return false; 339 } 340 prop_name = std::string(c, end); 341 c = end + 1; 342 size_t def = prop_name.find(":-"); 343 if (def < prop_name.size()) { 344 def_val = prop_name.substr(def + 2); 345 prop_name = prop_name.substr(0, def); 346 } 347 } else { 348 prop_name = c; 349 LOG(ERROR) << "using deprecated syntax for specifying property '" << c << "', use ${name} instead"; 350 c += prop_name.size(); 351 } 352 353 if (prop_name.empty()) { 354 LOG(ERROR) << "invalid zero-length property name in '" << src << "'"; 355 return false; 356 } 357 358 std::string prop_val = android::base::GetProperty(prop_name, ""); 359 if (prop_val.empty()) { 360 if (def_val.empty()) { 361 LOG(ERROR) << "property '" << prop_name << "' doesn't exist while expanding '" << src << "'"; 362 return false; 363 } 364 prop_val = def_val; 365 } 366 367 dst->append(prop_val); 368 src_ptr = c; 369 } 370 371 return true; 372} 373 374static std::string init_android_dt_dir() { 375 // Use the standard procfs-based path by default 376 std::string android_dt_dir = kDefaultAndroidDtDir; 377 // The platform may specify a custom Android DT path in kernel cmdline 378 import_kernel_cmdline(false, 379 [&](const std::string& key, const std::string& value, bool in_qemu) { 380 if (key == "androidboot.android_dt_dir") { 381 android_dt_dir = value; 382 } 383 }); 384 LOG(INFO) << "Using Android DT directory " << android_dt_dir; 385 return android_dt_dir; 386} 387 388// FIXME: The same logic is duplicated in system/core/fs_mgr/ 389const std::string& get_android_dt_dir() { 390 // Set once and saves time for subsequent calls to this function 391 static const std::string kAndroidDtDir = init_android_dt_dir(); 392 return kAndroidDtDir; 393} 394 395// Reads the content of device tree file under the platform's Android DT directory. 396// Returns true if the read is success, false otherwise. 397bool read_android_dt_file(const std::string& sub_path, std::string* dt_content) { 398 const std::string file_name = get_android_dt_dir() + sub_path; 399 if (android::base::ReadFileToString(file_name, dt_content)) { 400 if (!dt_content->empty()) { 401 dt_content->pop_back(); // Trims the trailing '\0' out. 402 return true; 403 } 404 } 405 return false; 406} 407 408bool is_android_dt_value_expected(const std::string& sub_path, const std::string& expected_content) { 409 std::string dt_content; 410 if (read_android_dt_file(sub_path, &dt_content)) { 411 if (dt_content == expected_content) { 412 return true; 413 } 414 } 415 return false; 416} 417 418bool IsLegalPropertyName(const std::string& name) { 419 size_t namelen = name.size(); 420 421 if (namelen < 1) return false; 422 if (name[0] == '.') return false; 423 if (name[namelen - 1] == '.') return false; 424 425 /* Only allow alphanumeric, plus '.', '-', '@', ':', or '_' */ 426 /* Don't allow ".." to appear in a property name */ 427 for (size_t i = 0; i < namelen; i++) { 428 if (name[i] == '.') { 429 // i=0 is guaranteed to never have a dot. See above. 430 if (name[i - 1] == '.') return false; 431 continue; 432 } 433 if (name[i] == '_' || name[i] == '-' || name[i] == '@' || name[i] == ':') continue; 434 if (name[i] >= 'a' && name[i] <= 'z') continue; 435 if (name[i] >= 'A' && name[i] <= 'Z') continue; 436 if (name[i] >= '0' && name[i] <= '9') continue; 437 return false; 438 } 439 440 return true; 441} 442 443} // namespace init 444} // namespace android 445