/* ** Copyright 2016, The Android Open Source Project ** ** Licensed under the Apache License, Version 2.0 (the "License"); ** you may not use this file except in compliance with the License. ** You may obtain a copy of the License at ** ** http://www.apache.org/licenses/LICENSE-2.0 ** ** Unless required by applicable law or agreed to in writing, software ** distributed under the License is distributed on an "AS IS" BASIS, ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ** See the License for the specific language governing permissions and ** limitations under the License. */ #include <fcntl.h> #include <linux/unistd.h> #include <sys/mount.h> #include <sys/stat.h> #include <sys/wait.h> #include <sstream> #include <android-base/logging.h> #include <android-base/macros.h> #include <android-base/stringprintf.h> #include <libdm/dm.h> #include <selinux/android.h> #include <apexd.h> #include "installd_constants.h" #include "otapreopt_utils.h" #ifndef LOG_TAG #define LOG_TAG "otapreopt" #endif using android::base::StringPrintf; namespace android { namespace installd { static void CloseDescriptor(int fd) { if (fd >= 0) { int result = close(fd); UNUSED(result); // Ignore result. Printing to logcat will open a new descriptor // that we do *not* want. } } static void CloseDescriptor(const char* descriptor_string) { int fd = -1; std::istringstream stream(descriptor_string); stream >> fd; if (!stream.fail()) { CloseDescriptor(fd); } } static std::vector<apex::ApexFile> ActivateApexPackages() { // The logic here is (partially) copied and adapted from // system/apex/apexd/apexd_main.cpp. // // Only scan the APEX directory under /system (within the chroot dir). apex::scanPackagesDirAndActivate(apex::kApexPackageSystemDir); return apex::getActivePackages(); } static void DeactivateApexPackages(const std::vector<apex::ApexFile>& active_packages) { for (const apex::ApexFile& apex_file : active_packages) { const std::string& package_path = apex_file.GetPath(); apex::Status status = apex::deactivatePackage(package_path); if (!status.Ok()) { LOG(ERROR) << "Failed to deactivate " << package_path << ": " << status.ErrorMessage(); } } } static void TryExtraMount(const char* name, const char* slot, const char* target) { std::string partition_name = StringPrintf("%s%s", name, slot); // See whether update_engine mounted a logical partition. { auto& dm = dm::DeviceMapper::Instance(); if (dm.GetState(partition_name) != dm::DmDeviceState::INVALID) { std::string path; if (dm.GetDmDevicePathByName(partition_name, &path)) { int mount_result = mount(path.c_str(), target, "ext4", MS_RDONLY, /* data */ nullptr); if (mount_result == 0) { return; } } } } // Fall back and attempt a direct mount. std::string block_device = StringPrintf("/dev/block/by-name/%s", partition_name.c_str()); int mount_result = mount(block_device.c_str(), target, "ext4", MS_RDONLY, /* data */ nullptr); UNUSED(mount_result); } // Entry for otapreopt_chroot. Expected parameters are: // [cmd] [status-fd] [target-slot] "dexopt" [dexopt-params] // The file descriptor denoted by status-fd will be closed. The rest of the parameters will // be passed on to otapreopt in the chroot. static int otapreopt_chroot(const int argc, char **arg) { // Validate arguments // We need the command, status channel and target slot, at a minimum. if(argc < 3) { PLOG(ERROR) << "Not enough arguments."; exit(208); } // Close all file descriptors. They are coming from the caller, we do not want to pass them // on across our fork/exec into a different domain. // 1) Default descriptors. CloseDescriptor(STDIN_FILENO); CloseDescriptor(STDOUT_FILENO); CloseDescriptor(STDERR_FILENO); // 2) The status channel. CloseDescriptor(arg[1]); // We need to run the otapreopt tool from the postinstall partition. As such, set up a // mount namespace and change root. // Create our own mount namespace. if (unshare(CLONE_NEWNS) != 0) { PLOG(ERROR) << "Failed to unshare() for otapreopt."; exit(200); } // Make postinstall private, so that our changes don't propagate. if (mount("", "/postinstall", nullptr, MS_PRIVATE, nullptr) != 0) { PLOG(ERROR) << "Failed to mount private."; exit(201); } // Bind mount necessary directories. constexpr const char* kBindMounts[] = { "/data", "/dev", "/proc", "/sys" }; for (size_t i = 0; i < arraysize(kBindMounts); ++i) { std::string trg = StringPrintf("/postinstall%s", kBindMounts[i]); if (mount(kBindMounts[i], trg.c_str(), nullptr, MS_BIND, nullptr) != 0) { PLOG(ERROR) << "Failed to bind-mount " << kBindMounts[i]; exit(202); } } // Try to mount the vendor partition. update_engine doesn't do this for us, but we // want it for vendor APKs. // Notes: // 1) We pretty much guess a name here and hope to find the partition by name. // It is just as complicated and brittle to scan /proc/mounts. But this requires // validating the target-slot so as not to try to mount some totally random path. // 2) We're in a mount namespace here, so when we die, this will be cleaned up. // 3) Ignore errors. Printing anything at this stage will open a file descriptor // for logging. if (!ValidateTargetSlotSuffix(arg[2])) { LOG(ERROR) << "Target slot suffix not legal: " << arg[2]; exit(207); } TryExtraMount("vendor", arg[2], "/postinstall/vendor"); // Try to mount the product partition. update_engine doesn't do this for us, but we // want it for product APKs. Same notes as vendor above. TryExtraMount("product", arg[2], "/postinstall/product"); // Setup APEX mount point and its security context. static constexpr const char* kPostinstallApexDir = "/postinstall/apex"; // The following logic is similar to the one in system/core/rootdir/init.rc: // // mount tmpfs tmpfs /apex nodev noexec nosuid // chmod 0755 /apex // chown root root /apex // restorecon /apex // // except we perform the `restorecon` step just after mounting the tmpfs // filesystem in /postinstall/apex, so that this directory is correctly // labeled (with type `postinstall_apex_mnt_dir`) and may be manipulated in // following operations (`chmod`, `chown`, etc.) following policies // restricted to `postinstall_apex_mnt_dir`: // // mount tmpfs tmpfs /postinstall/apex nodev noexec nosuid // restorecon /postinstall/apex // chmod 0755 /postinstall/apex // chown root root /postinstall/apex // if (mount("tmpfs", kPostinstallApexDir, "tmpfs", MS_NODEV | MS_NOEXEC | MS_NOSUID, nullptr) != 0) { PLOG(ERROR) << "Failed to mount tmpfs in " << kPostinstallApexDir; exit(209); } if (selinux_android_restorecon(kPostinstallApexDir, 0) < 0) { PLOG(ERROR) << "Failed to restorecon " << kPostinstallApexDir; exit(214); } if (chmod(kPostinstallApexDir, 0755) != 0) { PLOG(ERROR) << "Failed to chmod " << kPostinstallApexDir << " to 0755"; exit(210); } if (chown(kPostinstallApexDir, 0, 0) != 0) { PLOG(ERROR) << "Failed to chown " << kPostinstallApexDir << " to root:root"; exit(211); } // Chdir into /postinstall. if (chdir("/postinstall") != 0) { PLOG(ERROR) << "Unable to chdir into /postinstall."; exit(203); } // Make /postinstall the root in our mount namespace. if (chroot(".") != 0) { PLOG(ERROR) << "Failed to chroot"; exit(204); } if (chdir("/") != 0) { PLOG(ERROR) << "Unable to chdir into /."; exit(205); } // Try to mount APEX packages in "/apex" in the chroot dir. We need at least // the Android Runtime APEX, as it is required by otapreopt to run dex2oat. std::vector<apex::ApexFile> active_packages = ActivateApexPackages(); // Now go on and run otapreopt. // Incoming: cmd + status-fd + target-slot + cmd... | Incoming | = argc // Outgoing: cmd + target-slot + cmd... | Outgoing | = argc - 1 std::vector<std::string> cmd; cmd.reserve(argc); cmd.push_back("/system/bin/otapreopt"); // The first parameter is the status file descriptor, skip. for (size_t i = 2; i < static_cast<size_t>(argc); ++i) { cmd.push_back(arg[i]); } // Fork and execute otapreopt in its own process. std::string error_msg; bool exec_result = Exec(cmd, &error_msg); if (!exec_result) { LOG(ERROR) << "Running otapreopt failed: " << error_msg; } // Tear down the work down by the apexd logic. (i.e. deactivate packages). DeactivateApexPackages(active_packages); if (!exec_result) { exit(213); } return 0; } } // namespace installd } // namespace android int main(const int argc, char *argv[]) { return android::installd::otapreopt_chroot(argc, argv); }