1 /*
2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "app_spawn_client.h"
16
17 #include <unordered_set>
18
19 #include "hitrace_meter.h"
20 #include "hilog_tag_wrapper.h"
21 #include "nlohmann/json.hpp"
22 #include "securec.h"
23 #include "time_util.h"
24
25 namespace OHOS {
26 namespace AppExecFwk {
27 using namespace OHOS::AbilityRuntime;
28 namespace {
29 constexpr const char* HSPLIST_BUNDLES = "bundles";
30 constexpr const char* HSPLIST_MODULES = "modules";
31 constexpr const char* HSPLIST_VERSIONS = "versions";
32 constexpr const char* DATAGROUPINFOLIST_DATAGROUPID = "dataGroupId";
33 constexpr const char* DATAGROUPINFOLIST_GID = "gid";
34 constexpr const char* DATAGROUPINFOLIST_UUID = "uuid";
35 constexpr const char* DATAGROUPINFOLIST_DIR = "dir";
36 constexpr const char* JSON_DATA_APP_DIR_EL2 = "/data/app/el2/";
37 constexpr const char* JSON_DATA_APP_DIR_EL3 = "/data/app/el3/";
38 constexpr const char* JSON_DATA_APP_DIR_EL4 = "/data/app/el4/";
39 constexpr const char* JSON_DATA_APP_DIR_EL5 = "/data/app/el5/";
40 constexpr const char* JSON_GROUP = "/group/";
41 constexpr const char* VERSION_PREFIX = "v";
42 constexpr const char* APPSPAWN_CLIENT_USER_NAME = "APP_MANAGER_SERVICE";
43 constexpr int32_t RIGHT_SHIFT_STEP = 1;
44 constexpr int32_t START_FLAG_TEST_NUM = 1;
45 constexpr const char* JITPERMISSIONSLIST_NAME = "name";
46 constexpr const char* JITPERMISSIONSLIST_NAME_VALUE = "Permissions";
47 constexpr const char* JITPERMISSIONSLIST_COUNT = "ohos.encaps.count";
48 constexpr const char* JITPERMISSIONSLIST_PERMISSIONS_NAME = "permissions";
49 constexpr const char* UNINSTALL_BUNDLE_NAME = "uninstallDebugHapMsg";
50 }
AppSpawnClient(bool isNWebSpawn)51 AppSpawnClient::AppSpawnClient(bool isNWebSpawn)
52 {
53 TAG_LOGD(AAFwkTag::APPMGR, "call");
54 if (isNWebSpawn) {
55 serviceName_ = NWEBSPAWN_SERVER_NAME;
56 }
57 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
58 }
59
AppSpawnClient(const char * serviceName)60 AppSpawnClient::AppSpawnClient(const char* serviceName)
61 {
62 TAG_LOGD(AAFwkTag::APPMGR, "call");
63 std::string serviceName__ = serviceName;
64 if (serviceName__ == APPSPAWN_SERVER_NAME) {
65 serviceName_ = APPSPAWN_SERVER_NAME;
66 } else if (serviceName__ == CJAPPSPAWN_SERVER_NAME) {
67 serviceName_ = CJAPPSPAWN_SERVER_NAME;
68 } else if (serviceName__ == NWEBSPAWN_SERVER_NAME) {
69 serviceName_ = NWEBSPAWN_SERVER_NAME;
70 } else if (serviceName__ == NATIVESPAWN_SERVER_NAME) {
71 serviceName_ = NATIVESPAWN_SERVER_NAME;
72 } else {
73 TAG_LOGE(AAFwkTag::APPMGR, "unknown service name");
74 serviceName_ = NWEBSPAWN_SERVER_NAME;
75 }
76 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
77 }
78
~AppSpawnClient()79 AppSpawnClient::~AppSpawnClient()
80 {
81 CloseConnection();
82 }
83
OpenConnection()84 ErrCode AppSpawnClient::OpenConnection()
85 {
86 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
87 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
88 return 0;
89 }
90 TAG_LOGI(AAFwkTag::APPMGR, "call");
91 int64_t startTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond();
92 AppSpawnClientHandle handle = nullptr;
93 ErrCode ret = 0;
94 ret = AppSpawnClientInit(serviceName_.c_str(), &handle);
95 int64_t costTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond() - startTime;
96 if (costTime > MAX_COST_TIME) {
97 TAG_LOGE(AAFwkTag::APPMGR, "appspawnclientInit cost %{public}" PRId64 "ms!", costTime);
98 }
99
100 if (FAILED(ret)) {
101 TAG_LOGE(AAFwkTag::APPMGR, "appspawnclientInit failed");
102 state_ = SpawnConnectionState::STATE_CONNECT_FAILED;
103 return ret;
104 }
105 handle_ = handle;
106 state_ = SpawnConnectionState::STATE_CONNECTED;
107
108 return ret;
109 }
110
CloseConnection()111 void AppSpawnClient::CloseConnection()
112 {
113 TAG_LOGD(AAFwkTag::APPMGR, "call");
114 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
115 AppSpawnClientDestroy(handle_);
116 }
117 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
118 }
119
QueryConnectionState() const120 SpawnConnectionState AppSpawnClient::QueryConnectionState() const
121 {
122 return state_;
123 }
124
GetAppSpawnClientHandle() const125 AppSpawnClientHandle AppSpawnClient::GetAppSpawnClientHandle() const
126 {
127 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
128 return handle_;
129 }
130 return nullptr;
131 }
132
DumpDataGroupInfoListToJson(const DataGroupInfoList & dataGroupInfoList,bool isScreenLockDataProtect)133 static std::string DumpDataGroupInfoListToJson(const DataGroupInfoList &dataGroupInfoList, bool isScreenLockDataProtect)
134 {
135 TAG_LOGD(AAFwkTag::APPMGR, "dataGroupInfoList size: %{public}zu", dataGroupInfoList.size());
136 nlohmann::json dataGroupInfoListJson;
137 for (auto& dataGroupInfo : dataGroupInfoList) {
138 nlohmann::json dataGroupInfoJson;
139 dataGroupInfoJson[DATAGROUPINFOLIST_DATAGROUPID] = dataGroupInfo.dataGroupId;
140 dataGroupInfoJson[DATAGROUPINFOLIST_GID] = std::to_string(dataGroupInfo.gid);
141 dataGroupInfoJson[DATAGROUPINFOLIST_UUID] = dataGroupInfo.uuid;
142 std::string dir = std::to_string(dataGroupInfo.userId) + JSON_GROUP + dataGroupInfo.uuid;
143 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL2 + dir;
144 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
145
146 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL3 + dir;
147 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
148
149 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL4 + dir;
150 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
151 if (isScreenLockDataProtect) {
152 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL5 + dir;
153 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
154 }
155 }
156 TAG_LOGD(AAFwkTag::APPMGR, "dataGroupInfoListJson %{public}s", dataGroupInfoListJson.dump().c_str());
157 return dataGroupInfoListJson.dump();
158 }
159
DumpHspListToJson(const HspList & hspList)160 static std::string DumpHspListToJson(const HspList &hspList)
161 {
162 nlohmann::json hspListJson;
163 for (auto& hsp : hspList) {
164 hspListJson[HSPLIST_BUNDLES].emplace_back(hsp.bundleName);
165 hspListJson[HSPLIST_MODULES].emplace_back(hsp.moduleName);
166 hspListJson[HSPLIST_VERSIONS].emplace_back(VERSION_PREFIX + std::to_string(hsp.versionCode));
167 }
168 return hspListJson.dump();
169 }
170
DumpAppEnvToJson(const std::map<std::string,std::string> & appEnv)171 static std::string DumpAppEnvToJson(const std::map<std::string, std::string> &appEnv)
172 {
173 nlohmann::json appEnvJson;
174 for (const auto &[envName, envValue] : appEnv) {
175 appEnvJson[envName] = envValue;
176 }
177 return appEnvJson.dump();
178 }
179
DumpJITPermissionListToJson(const JITPermissionsMap & jitPermissionsMap)180 static std::string DumpJITPermissionListToJson(const JITPermissionsMap &jitPermissionsMap)
181 {
182 nlohmann::json jitPermissionsListJson;
183 jitPermissionsListJson[JITPERMISSIONSLIST_NAME] = JITPERMISSIONSLIST_NAME_VALUE;
184 jitPermissionsListJson[JITPERMISSIONSLIST_COUNT] = jitPermissionsMap.size();
185 for (const auto &[permissionName, permissionValue] : jitPermissionsMap) {
186 nlohmann::json temp;
187 if (permissionValue.empty()) {
188 temp[permissionName] = true;
189 } else {
190 temp[permissionName] = permissionValue;
191 }
192 jitPermissionsListJson[JITPERMISSIONSLIST_PERMISSIONS_NAME].emplace_back(temp);
193 }
194 return jitPermissionsListJson.dump();
195 }
196
SetDacInfo(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)197 int32_t AppSpawnClient::SetDacInfo(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
198 {
199 int32_t ret = 0;
200 AppDacInfo appDacInfo = {0};
201 appDacInfo.uid = startMsg.uid;
202 appDacInfo.gid = startMsg.gid;
203 appDacInfo.gidCount = startMsg.gids.size() + startMsg.dataGroupInfoList.size();
204 for (uint32_t i = 0; i < startMsg.gids.size(); i++) {
205 appDacInfo.gidTable[i] = startMsg.gids[i];
206 }
207 for (uint32_t i = startMsg.gids.size(); i < appDacInfo.gidCount; i++) {
208 appDacInfo.gidTable[i] = startMsg.dataGroupInfoList[i - startMsg.gids.size()].gid;
209 }
210 ret = strcpy_s(appDacInfo.userName, sizeof(appDacInfo.userName), APPSPAWN_CLIENT_USER_NAME);
211 if (ret) {
212 TAG_LOGE(AAFwkTag::APPMGR, "set dac userName fail");
213 return ret;
214 }
215 return AppSpawnReqMsgSetAppDacInfo(reqHandle, &appDacInfo);
216 }
217
SetMountPermission(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)218 int32_t AppSpawnClient::SetMountPermission(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
219 {
220 int32_t ret = 0;
221 std::set<std::string> mountPermissionList = startMsg.permissions;
222 for (std::string permission : mountPermissionList) {
223 ret = AppSpawnClientAddPermission(handle_, reqHandle, permission.c_str());
224 if (ret != 0) {
225 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgAddPermission %{public}s failed", permission.c_str());
226 return ret;
227 }
228 }
229 return ret;
230 }
231
SetStartFlags(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)232 int32_t AppSpawnClient::SetStartFlags(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
233 {
234 int32_t ret = 0;
235 uint32_t startFlagTmp = startMsg.flags;
236 int flagIndex = 0;
237 while (startFlagTmp > 0) {
238 if (startFlagTmp & START_FLAG_TEST_NUM) {
239 ret = AppSpawnReqMsgSetAppFlag(reqHandle, static_cast<AppFlagsIndex>(flagIndex));
240 if (ret != 0) {
241 TAG_LOGE(AAFwkTag::APPMGR, "SetFlagIdx %{public}d failed, ret: %{public}d", flagIndex, ret);
242 return ret;
243 }
244 }
245 startFlagTmp = startFlagTmp >> RIGHT_SHIFT_STEP;
246 flagIndex++;
247 }
248 if (startMsg.atomicServiceFlag) {
249 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ATOMIC_SERVICE);
250 if (ret != 0) {
251 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
252 return ret;
253 }
254 }
255 if (startMsg.strictMode) {
256 ret = SetStrictMode(startMsg, reqHandle);
257 if (ret != ERR_OK) {
258 return ret;
259 }
260 }
261 if (startMsg.isolatedExtension) {
262 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_EXTENSION_SANDBOX);
263 if (ret != 0) {
264 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
265 return ret;
266 }
267 }
268 if (startMsg.flags & APP_FLAGS_CLONE_ENABLE) {
269 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CLONE_ENABLE);
270 if (ret != 0) {
271 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
272 return ret;
273 }
274 }
275 if (startMsg.isCustomSandboxFlag) {
276 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CUSTOM_SANDBOX);
277 if (ret != 0) {
278 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
279 return ret;
280 }
281 TAG_LOGD(AAFwkTag::APPMGR, "Set APP_FLAGS_CUSTOM_SANDBOX flag success.");
282 }
283 #ifdef SUPPORT_CHILD_PROCESS
284 ret = SetChildProcessTypeStartFlag(reqHandle, startMsg.childProcessType);
285 if (ret != ERR_OK) {
286 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
287 return ret;
288 }
289 #endif // SUPPORT_CHILD_PROCESS
290 ret = SetIsolationModeFlag(startMsg, reqHandle);
291 return ret;
292 }
293
SetStrictMode(const AppSpawnStartMsg & startMsg,const AppSpawnReqMsgHandle & reqHandle)294 int32_t AppSpawnClient::SetStrictMode(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle)
295 {
296 int32_t ret = ERR_OK;
297 TAG_LOGD(AAFwkTag::APPMGR, "SetStrictMode");
298 if (startMsg.isolatedSandboxFlagLegacy) {
299 TAG_LOGD(AAFwkTag::APPMGR, "SetIsolatedSandBoxLegacy");
300 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SANDBOX);
301 if (ret != 0) {
302 TAG_LOGE(AAFwkTag::APPMGR, "SetIsolatedSandBoxLegacy fail, ret: %{public}d", ret);
303 return ret;
304 }
305 }
306 if (startMsg.isolatedNetworkFlag) {
307 TAG_LOGD(AAFwkTag::APPMGR, "Set isolatedNetwork");
308 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_NETWORK);
309 if (ret != 0) {
310 TAG_LOGE(AAFwkTag::APPMGR, "Set isolatedNetwork fail, ret: %{public}d", ret);
311 return ret;
312 }
313 }
314 if (startMsg.isolatedSELinuxFlag) {
315 TAG_LOGD(AAFwkTag::APPMGR, "Set isolatedSELinux,extType:%{public}s", startMsg.extensionTypeName.c_str());
316 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SELINUX_LABEL);
317 if (ret != 0) {
318 TAG_LOGE(AAFwkTag::APPMGR, "Set isolatedSELinuxFlag fail, ret: %{public}d", ret);
319 return ret;
320 }
321 }
322 if (startMsg.isolatedNetworkFlag || startMsg.isolatedSELinuxFlag) {
323 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_EXTENSION_TYPE, startMsg.extensionTypeName.c_str());
324 if (ret != 0) {
325 TAG_LOGE(AAFwkTag::APPMGR, "Set extensionTypeName fail, ret: %{public}d", ret);
326 return ret;
327 }
328 }
329 return ERR_OK;
330 }
331
AppspawnSetExtMsg(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)332 int32_t AppSpawnClient::AppspawnSetExtMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
333 {
334 int32_t ret = 0;
335 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_RENDER_CMD, startMsg.renderParam.c_str());
336 if (ret) {
337 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
338 return ret;
339 }
340
341 if (!startMsg.hspList.empty()) {
342 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_HSP_LIST,
343 DumpHspListToJson(startMsg.hspList).c_str());
344 if (ret) {
345 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
346 return ret;
347 }
348 }
349
350 if (!startMsg.dataGroupInfoList.empty()) {
351 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_DATA_GROUP,
352 DumpDataGroupInfoListToJson(startMsg.dataGroupInfoList, startMsg.isScreenLockDataProtect).c_str());
353 if (ret) {
354 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
355 return ret;
356 }
357 }
358
359 if (!startMsg.overlayInfo.empty()) {
360 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_OVERLAY, startMsg.overlayInfo.c_str());
361 if (ret) {
362 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
363 return ret;
364 }
365 }
366
367 if (!startMsg.appEnv.empty()) {
368 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_APP_ENV, DumpAppEnvToJson(startMsg.appEnv).c_str());
369 if (ret) {
370 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
371 return ret;
372 }
373 }
374
375 if (!startMsg.atomicAccount.empty()) {
376 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_ACCOUNT_ID, startMsg.atomicAccount.c_str());
377 if (ret) {
378 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
379 return ret;
380 }
381 }
382
383 return AppspawnSetExtMsgMore(startMsg, reqHandle);
384 }
385
AppspawnSetExtMsgMore(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)386 int32_t AppSpawnClient::AppspawnSetExtMsgMore(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
387 {
388 int32_t ret = 0;
389
390 if (!startMsg.provisionType.empty()) {
391 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_PROVISION_TYPE, startMsg.provisionType.c_str());
392 if (ret) {
393 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
394 return ret;
395 }
396 }
397
398 if (!startMsg.processType.empty()) {
399 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_PROCESS_TYPE, startMsg.processType.c_str());
400 if (ret) {
401 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
402 return ret;
403 }
404 }
405
406 #ifdef SUPPORT_CHILD_PROCESS
407 std::string maxChildProcessStr = std::to_string(startMsg.maxChildProcess);
408 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_MAX_CHILD_PROCCESS_MAX, maxChildProcessStr.c_str());
409 if (ret) {
410 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
411 return ret;
412 }
413 TAG_LOGD(AAFwkTag::APPMGR, "Send maxChildProcess %{public}s success", maxChildProcessStr.c_str());
414 #endif // SUPPORT_CHILD_PROCESS
415
416 if (!startMsg.extensionSandboxPath.empty()) {
417 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_APP_EXTENSION,
418 startMsg.extensionSandboxPath.c_str());
419 if (ret) {
420 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
421 return ret;
422 }
423 }
424
425 if (!startMsg.fds.empty()) {
426 ret = SetExtMsgFds(reqHandle, startMsg.fds);
427 if (ret != ERR_OK) {
428 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
429 return ret;
430 }
431 }
432
433 if (!startMsg.jitPermissionsMap.empty()) {
434 std::string jitPermissionsStr = DumpJITPermissionListToJson(startMsg.jitPermissionsMap);
435 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_JIT_PERMISSIONS, jitPermissionsStr.c_str());
436 if (ret) {
437 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
438 return ret;
439 }
440 TAG_LOGD(AAFwkTag::APPMGR, "Send JIT Permission: %{public}s", jitPermissionsStr.c_str());
441 }
442
443 return ret;
444 }
445
AppspawnCreateDefaultMsg(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)446 int32_t AppSpawnClient::AppspawnCreateDefaultMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
447 {
448 TAG_LOGD(AAFwkTag::APPMGR, "call");
449 int32_t ret = 0;
450 do {
451 ret = SetDacInfo(startMsg, reqHandle);
452 if (ret) {
453 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
454 break;
455 }
456 ret = AppSpawnReqMsgSetBundleInfo(reqHandle, startMsg.bundleIndex, startMsg.bundleName.c_str());
457 if (ret) {
458 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
459 break;
460 }
461 ret = AppSpawnReqMsgSetAppInternetPermissionInfo(reqHandle, startMsg.allowInternet,
462 startMsg.setAllowInternet);
463 if (ret) {
464 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
465 break;
466 }
467 if (startMsg.ownerId.size()) {
468 ret = AppSpawnReqMsgSetAppOwnerId(reqHandle, startMsg.ownerId.c_str());
469 if (ret) {
470 TAG_LOGE(AAFwkTag::APPMGR, "SetOwnerId %{public}s failed, ret: %{public}d",
471 startMsg.ownerId.c_str(), ret);
472 break;
473 }
474 }
475 ret = AppSpawnReqMsgSetAppAccessToken(reqHandle, startMsg.accessTokenIdEx);
476 if (ret) {
477 TAG_LOGE(AAFwkTag::APPMGR, "ret: %{public}d", ret);
478 break;
479 }
480 ret = AppSpawnReqMsgSetAppDomainInfo(reqHandle, startMsg.hapFlags, startMsg.apl.c_str());
481 if (ret) {
482 TAG_LOGE(AAFwkTag::APPMGR,
483 "fail, hapFlags is %{public}d, apl is %{public}s, ret: %{public}d",
484 startMsg.hapFlags, startMsg.apl.c_str(), ret);
485 break;
486 }
487 ret = SetStartFlags(startMsg, reqHandle);
488 if (ret) {
489 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
490 break;
491 }
492 ret = SetMountPermission(startMsg, reqHandle);
493 if (ret) {
494 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
495 break;
496 }
497 if (AppspawnSetExtMsg(startMsg, reqHandle)) {
498 break;
499 }
500 return ret;
501 } while (0);
502
503 TAG_LOGI(AAFwkTag::APPMGR, "AppSpawnReqMsgFree");
504 AppSpawnReqMsgFree(reqHandle);
505
506 return ret;
507 }
508
VerifyMsg(const AppSpawnStartMsg & startMsg)509 bool AppSpawnClient::VerifyMsg(const AppSpawnStartMsg &startMsg)
510 {
511 TAG_LOGD(AAFwkTag::APPMGR, "VerifyMsg");
512 if (startMsg.code == MSG_APP_SPAWN ||
513 startMsg.code == MSG_SPAWN_NATIVE_PROCESS) {
514 if (startMsg.uid < 0) {
515 TAG_LOGE(AAFwkTag::APPMGR, "invalid uid! [%{public}d]", startMsg.uid);
516 return false;
517 }
518
519 if (startMsg.gid < 0) {
520 TAG_LOGE(AAFwkTag::APPMGR, "invalid gid! [%{public}d]", startMsg.gid);
521 return false;
522 }
523
524 if (startMsg.gids.size() > APP_MAX_GIDS) {
525 TAG_LOGE(AAFwkTag::APPMGR, "many app gids");
526 return false;
527 }
528
529 for (uint32_t i = 0; i < startMsg.gids.size(); ++i) {
530 if (startMsg.gids[i] < 0) {
531 TAG_LOGE(AAFwkTag::APPMGR, "invalid gids array! [%{public}d]", startMsg.gids[i]);
532 return false;
533 }
534 }
535 if (startMsg.procName.empty() || startMsg.procName.size() >= MAX_PROC_NAME_LEN) {
536 TAG_LOGE(AAFwkTag::APPMGR, "invalid procName");
537 return false;
538 }
539 } else if (startMsg.code == MSG_GET_RENDER_TERMINATION_STATUS) {
540 if (startMsg.pid < 0) {
541 TAG_LOGE(AAFwkTag::APPMGR, "invalid pid");
542 return false;
543 }
544 } else {
545 TAG_LOGE(AAFwkTag::APPMGR, "invalid code");
546 return false;
547 }
548
549 return true;
550 }
551
PreStartNWebSpawnProcess()552 int32_t AppSpawnClient::PreStartNWebSpawnProcess()
553 {
554 TAG_LOGI(AAFwkTag::APPMGR, "call");
555 return OpenConnection();
556 }
557
StartProcess(const AppSpawnStartMsg & startMsg,pid_t & pid)558 int32_t AppSpawnClient::StartProcess(const AppSpawnStartMsg &startMsg, pid_t &pid)
559 {
560 TAG_LOGD(AAFwkTag::APPMGR, "StartProcess");
561 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
562 if (!VerifyMsg(startMsg)) {
563 return ERR_INVALID_VALUE;
564 }
565
566 int32_t ret = 0;
567 AppSpawnReqMsgHandle reqHandle = nullptr;
568 int64_t startTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond();
569
570 ret = OpenConnection();
571 if (ret != 0) {
572 return ret;
573 }
574
575 ret = AppSpawnReqMsgCreate(static_cast<AppSpawnMsgType>(startMsg.code), startMsg.procName.c_str(), &reqHandle);
576 if (ret != 0) {
577 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgCreate fail");
578 return ret;
579 }
580
581 ret = AppspawnCreateDefaultMsg(startMsg, reqHandle);
582 if (ret != 0) {
583 return ret; // create msg failed
584 }
585
586 TAG_LOGD(AAFwkTag::APPMGR, "AppspawnSendMsg");
587 AppSpawnResult result = {0};
588 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
589
590 int64_t costTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond() - startTime;
591 if (costTime > MAX_COST_TIME) {
592 TAG_LOGE(AAFwkTag::APPMGR, "StartProcess cost %{public}" PRId64 "ms!", costTime);
593 }
594 if (ret != 0) {
595 TAG_LOGE(AAFwkTag::APPMGR, "appspawn send msg fail");
596 return ret;
597 }
598 if (result.pid <= 0) {
599 TAG_LOGE(AAFwkTag::APPMGR, "pid invalid");
600 return ERR_APPEXECFWK_INVALID_PID;
601 } else {
602 pid = result.pid;
603 }
604 TAG_LOGI(AAFwkTag::APPMGR, "pid = [%{public}d]", pid);
605 return result.result;
606 }
607
SendAppSpawnUninstallDebugHapMsg(int32_t userId)608 int32_t AppSpawnClient::SendAppSpawnUninstallDebugHapMsg(int32_t userId)
609 {
610 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
611 AppSpawnReqMsgHandle reqHandle = nullptr;
612 int32_t ret = OpenConnection();
613 if (ret != ERR_OK) {
614 TAG_LOGE(AAFwkTag::APPMGR, "OpenConnection failed");
615 return ret;
616 }
617 ret = AppSpawnReqMsgCreate(MSG_UNINSTALL_DEBUG_HAP, UNINSTALL_BUNDLE_NAME, &reqHandle);
618 if (ret != ERR_OK) {
619 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgCreate failed");
620 return ret;
621 }
622 auto msg = std::to_string(userId);
623 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_USERID, msg.c_str());
624 if (ret != ERR_OK) {
625 AppSpawnReqMsgFree(reqHandle);
626 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgAddStringInfo failed");
627 return ret;
628 }
629 AppSpawnResult result = { 0 };
630 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
631 if (ret != ERR_OK) {
632 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnClientSendMsg failed");
633 return ret;
634 }
635 return ret;
636 }
637
GetRenderProcessTerminationStatus(const AppSpawnStartMsg & startMsg,int & status)638 int32_t AppSpawnClient::GetRenderProcessTerminationStatus(const AppSpawnStartMsg &startMsg, int &status)
639 {
640 TAG_LOGI(AAFwkTag::APPMGR, "call");
641 int32_t ret = 0;
642 AppSpawnReqMsgHandle reqHandle = nullptr;
643
644 // check parameters
645 if (!VerifyMsg(startMsg)) {
646 return ERR_INVALID_VALUE;
647 }
648
649 ret = OpenConnection();
650 if (ret != 0) {
651 return ret;
652 }
653
654 ret = AppSpawnTerminateMsgCreate(startMsg.pid, &reqHandle);
655 if (ret != 0) {
656 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnTerminateMsgCreate failed");
657 return ret;
658 }
659
660 TAG_LOGI(AAFwkTag::APPMGR, "AppspawnSendMsg");
661 AppSpawnResult result = {0};
662 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
663 status = result.result;
664 if (ret != 0) {
665 TAG_LOGE(AAFwkTag::APPMGR, "appspawn send msg fail");
666 return ret;
667 }
668 TAG_LOGI(AAFwkTag::APPMGR, "status = [%{public}d]", status);
669
670 return ret;
671 }
672
673 #ifdef SUPPORT_CHILD_PROCESS
SetChildProcessTypeStartFlag(const AppSpawnReqMsgHandle & reqHandle,int32_t childProcessType)674 int32_t AppSpawnClient::SetChildProcessTypeStartFlag(const AppSpawnReqMsgHandle &reqHandle,
675 int32_t childProcessType)
676 {
677 TAG_LOGD(AAFwkTag::APPMGR, "SetChildProcessTypeStartFlag, type:%{public}d", childProcessType);
678 if (childProcessType != CHILD_PROCESS_TYPE_NOT_CHILD) {
679 return AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CHILDPROCESS);
680 }
681 return ERR_OK;
682 }
683 #endif // SUPPORT_CHILD_PROCESS
684
SetExtMsgFds(const AppSpawnReqMsgHandle & reqHandle,const std::map<std::string,int32_t> & fds)685 int32_t AppSpawnClient::SetExtMsgFds(const AppSpawnReqMsgHandle &reqHandle,
686 const std::map<std::string, int32_t> &fds)
687 {
688 TAG_LOGI(AAFwkTag::APPMGR, "size:%{public}zu", fds.size());
689 int32_t ret = ERR_OK;
690 for (const auto &item : fds) {
691 ret = AppSpawnReqMsgAddFd(reqHandle, item.first.c_str(), item.second);
692 if (ret != ERR_OK) {
693 TAG_LOGE(AAFwkTag::APPMGR, "fail, key:%{public}s, fd:%{public}d, ret:%{public}d",
694 item.first.c_str(), item.second, ret);
695 return ret;
696 }
697 }
698 return ERR_OK;
699 }
700
SetIsolationModeFlag(const AppSpawnStartMsg & startMsg,const AppSpawnReqMsgHandle & reqHandle)701 int32_t AppSpawnClient::SetIsolationModeFlag(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle)
702 {
703 TAG_LOGD(AAFwkTag::APPMGR, "isolationMode:%{public}d", startMsg.isolationMode);
704 if (!startMsg.isolationMode) {
705 return ERR_OK;
706 }
707 auto ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SANDBOX_TYPE);
708 if (ret != 0) {
709 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
710 return ret;
711 }
712 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_NETWORK);
713 if (ret != 0) {
714 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
715 return ret;
716 }
717 return ERR_OK;
718 }
719 } // namespace AppExecFwk
720 } // namespace OHOS
721