1 /*
2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "app_spawn_client.h"
16
17 #include <unordered_set>
18
19 #include "ability_manager_errors.h"
20 #include "hitrace_meter.h"
21 #include "hilog_tag_wrapper.h"
22 #include "nlohmann/json.hpp"
23 #include "securec.h"
24 #include "time_util.h"
25
26 namespace OHOS {
27 namespace AppExecFwk {
28 using namespace OHOS::AbilityRuntime;
29 namespace {
30 constexpr const char* HSPLIST_BUNDLES = "bundles";
31 constexpr const char* HSPLIST_MODULES = "modules";
32 constexpr const char* HSPLIST_VERSIONS = "versions";
33 constexpr const char* DATAGROUPINFOLIST_DATAGROUPID = "dataGroupId";
34 constexpr const char* DATAGROUPINFOLIST_GID = "gid";
35 constexpr const char* DATAGROUPINFOLIST_UUID = "uuid";
36 constexpr const char* DATAGROUPINFOLIST_DIR = "dir";
37 constexpr const char* JSON_DATA_APP_DIR_EL2 = "/data/app/el2/";
38 constexpr const char* JSON_DATA_APP_DIR_EL3 = "/data/app/el3/";
39 constexpr const char* JSON_DATA_APP_DIR_EL4 = "/data/app/el4/";
40 constexpr const char* JSON_DATA_APP_DIR_EL5 = "/data/app/el5/";
41 constexpr const char* JSON_GROUP = "/group/";
42 constexpr const char* VERSION_PREFIX = "v";
43 constexpr const char* APPSPAWN_CLIENT_USER_NAME = "APP_MANAGER_SERVICE";
44 constexpr int32_t RIGHT_SHIFT_STEP = 1;
45 constexpr int32_t START_FLAG_TEST_NUM = 1;
46 constexpr const char* JITPERMISSIONSLIST_NAME = "name";
47 constexpr const char* JITPERMISSIONSLIST_NAME_VALUE = "Permissions";
48 constexpr const char* JITPERMISSIONSLIST_COUNT = "ohos.encaps.count";
49 constexpr const char* JITPERMISSIONSLIST_PERMISSIONS_NAME = "permissions";
50 constexpr const char* UNINSTALL_BUNDLE_NAME = "uninstallDebugHapMsg";
51 }
AppSpawnClient(bool isNWebSpawn)52 AppSpawnClient::AppSpawnClient(bool isNWebSpawn)
53 {
54 TAG_LOGD(AAFwkTag::APPMGR, "call");
55 if (isNWebSpawn) {
56 serviceName_ = NWEBSPAWN_SERVER_NAME;
57 }
58 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
59 }
60
AppSpawnClient(const char * serviceName)61 AppSpawnClient::AppSpawnClient(const char* serviceName)
62 {
63 TAG_LOGD(AAFwkTag::APPMGR, "call");
64 std::string serviceName__ = serviceName;
65 if (serviceName__ == APPSPAWN_SERVER_NAME) {
66 serviceName_ = APPSPAWN_SERVER_NAME;
67 } else if (serviceName__ == CJAPPSPAWN_SERVER_NAME) {
68 serviceName_ = CJAPPSPAWN_SERVER_NAME;
69 } else if (serviceName__ == NWEBSPAWN_SERVER_NAME) {
70 serviceName_ = NWEBSPAWN_SERVER_NAME;
71 } else if (serviceName__ == NATIVESPAWN_SERVER_NAME) {
72 serviceName_ = NATIVESPAWN_SERVER_NAME;
73 } else if (serviceName__ == HYBRIDSPAWN_SERVER_NAME) {
74 serviceName_ = HYBRIDSPAWN_SERVER_NAME;
75 } else {
76 TAG_LOGE(AAFwkTag::APPMGR, "unknown service name");
77 serviceName_ = NWEBSPAWN_SERVER_NAME;
78 }
79 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
80 }
81
~AppSpawnClient()82 AppSpawnClient::~AppSpawnClient()
83 {
84 CloseConnection();
85 }
86
OpenConnection()87 ErrCode AppSpawnClient::OpenConnection()
88 {
89 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
90 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
91 return 0;
92 }
93 TAG_LOGI(AAFwkTag::APPMGR, "call");
94 int64_t startTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond();
95 AppSpawnClientHandle handle = nullptr;
96 ErrCode ret = 0;
97 ret = AppSpawnClientInit(serviceName_.c_str(), &handle);
98 int64_t costTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond() - startTime;
99 if (costTime > MAX_COST_TIME) {
100 TAG_LOGE(AAFwkTag::APPMGR, "appspawnclientInit cost %{public}" PRId64 "ms!", costTime);
101 }
102
103 if (FAILED(ret)) {
104 TAG_LOGE(AAFwkTag::APPMGR, "appspawnclientInit failed");
105 state_ = SpawnConnectionState::STATE_CONNECT_FAILED;
106 return ret;
107 }
108 handle_ = handle;
109 state_ = SpawnConnectionState::STATE_CONNECTED;
110
111 return ret;
112 }
113
CloseConnection()114 void AppSpawnClient::CloseConnection()
115 {
116 TAG_LOGD(AAFwkTag::APPMGR, "call");
117 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
118 AppSpawnClientDestroy(handle_);
119 }
120 state_ = SpawnConnectionState::STATE_NOT_CONNECT;
121 }
122
QueryConnectionState() const123 SpawnConnectionState AppSpawnClient::QueryConnectionState() const
124 {
125 return state_;
126 }
127
GetAppSpawnClientHandle() const128 AppSpawnClientHandle AppSpawnClient::GetAppSpawnClientHandle() const
129 {
130 if (state_ == SpawnConnectionState::STATE_CONNECTED) {
131 return handle_;
132 }
133 return nullptr;
134 }
135
DumpDataGroupInfoListToJson(const DataGroupInfoList & dataGroupInfoList,bool isScreenLockDataProtect)136 static std::string DumpDataGroupInfoListToJson(const DataGroupInfoList &dataGroupInfoList, bool isScreenLockDataProtect)
137 {
138 TAG_LOGD(AAFwkTag::APPMGR, "dataGroupInfoList size: %{public}zu", dataGroupInfoList.size());
139 nlohmann::json dataGroupInfoListJson;
140 for (auto& dataGroupInfo : dataGroupInfoList) {
141 nlohmann::json dataGroupInfoJson;
142 dataGroupInfoJson[DATAGROUPINFOLIST_DATAGROUPID] = dataGroupInfo.dataGroupId;
143 dataGroupInfoJson[DATAGROUPINFOLIST_GID] = std::to_string(dataGroupInfo.gid);
144 dataGroupInfoJson[DATAGROUPINFOLIST_UUID] = dataGroupInfo.uuid;
145 std::string dir = std::to_string(dataGroupInfo.userId) + JSON_GROUP + dataGroupInfo.uuid;
146 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL2 + dir;
147 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
148
149 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL3 + dir;
150 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
151
152 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL4 + dir;
153 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
154 if (isScreenLockDataProtect) {
155 dataGroupInfoJson[DATAGROUPINFOLIST_DIR] = JSON_DATA_APP_DIR_EL5 + dir;
156 dataGroupInfoListJson.emplace_back(dataGroupInfoJson);
157 }
158 }
159 TAG_LOGD(AAFwkTag::APPMGR, "dataGroupInfoListJson %{public}s", dataGroupInfoListJson.dump().c_str());
160 return dataGroupInfoListJson.dump();
161 }
162
DumpHspListToJson(const HspList & hspList)163 static std::string DumpHspListToJson(const HspList &hspList)
164 {
165 nlohmann::json hspListJson;
166 for (auto& hsp : hspList) {
167 hspListJson[HSPLIST_BUNDLES].emplace_back(hsp.bundleName);
168 hspListJson[HSPLIST_MODULES].emplace_back(hsp.moduleName);
169 hspListJson[HSPLIST_VERSIONS].emplace_back(VERSION_PREFIX + std::to_string(hsp.versionCode));
170 }
171 return hspListJson.dump();
172 }
173
DumpAppEnvToJson(const std::map<std::string,std::string> & appEnv)174 static std::string DumpAppEnvToJson(const std::map<std::string, std::string> &appEnv)
175 {
176 nlohmann::json appEnvJson;
177 for (const auto &[envName, envValue] : appEnv) {
178 appEnvJson[envName] = envValue;
179 }
180 return appEnvJson.dump();
181 }
182
DumpJITPermissionListToJson(const JITPermissionsMap & jitPermissionsMap)183 static std::string DumpJITPermissionListToJson(const JITPermissionsMap &jitPermissionsMap)
184 {
185 nlohmann::json jitPermissionsListJson;
186 jitPermissionsListJson[JITPERMISSIONSLIST_NAME] = JITPERMISSIONSLIST_NAME_VALUE;
187 jitPermissionsListJson[JITPERMISSIONSLIST_COUNT] = jitPermissionsMap.size();
188 for (const auto &[permissionName, permissionValue] : jitPermissionsMap) {
189 nlohmann::json temp;
190 if (permissionValue.empty()) {
191 temp[permissionName] = true;
192 } else {
193 temp[permissionName] = permissionValue;
194 }
195 jitPermissionsListJson[JITPERMISSIONSLIST_PERMISSIONS_NAME].emplace_back(temp);
196 }
197 return jitPermissionsListJson.dump();
198 }
199
SetDacInfo(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)200 int32_t AppSpawnClient::SetDacInfo(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
201 {
202 int32_t ret = 0;
203 AppDacInfo appDacInfo = {0};
204 appDacInfo.uid = startMsg.uid;
205 appDacInfo.gid = startMsg.gid;
206 appDacInfo.gidCount = startMsg.gids.size() + startMsg.dataGroupInfoList.size();
207 for (uint32_t i = 0; i < startMsg.gids.size(); i++) {
208 appDacInfo.gidTable[i] = startMsg.gids[i];
209 }
210 for (uint32_t i = startMsg.gids.size(); i < appDacInfo.gidCount; i++) {
211 appDacInfo.gidTable[i] = startMsg.dataGroupInfoList[i - startMsg.gids.size()].gid;
212 }
213 ret = strcpy_s(appDacInfo.userName, sizeof(appDacInfo.userName), APPSPAWN_CLIENT_USER_NAME);
214 if (ret) {
215 TAG_LOGE(AAFwkTag::APPMGR, "set dac userName fail");
216 return ret;
217 }
218 return AppSpawnReqMsgSetAppDacInfo(reqHandle, &appDacInfo);
219 }
220
SetMountPermission(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)221 int32_t AppSpawnClient::SetMountPermission(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
222 {
223 int32_t ret = 0;
224 std::set<std::string> mountPermissionList = startMsg.permissions;
225 for (std::string permission : mountPermissionList) {
226 ret = AppSpawnClientAddPermission(handle_, reqHandle, permission.c_str());
227 if (ret != 0) {
228 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgAddPermission %{public}s failed", permission.c_str());
229 return ret;
230 }
231 }
232 return ret;
233 }
234
SetStartFlags(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)235 int32_t AppSpawnClient::SetStartFlags(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
236 {
237 int32_t ret = 0;
238 uint32_t startFlagTmp = startMsg.flags;
239 int flagIndex = 0;
240 while (startFlagTmp > 0) {
241 if (startFlagTmp & START_FLAG_TEST_NUM) {
242 ret = AppSpawnReqMsgSetAppFlag(reqHandle, static_cast<AppFlagsIndex>(flagIndex));
243 if (ret != 0) {
244 TAG_LOGE(AAFwkTag::APPMGR, "SetFlagIdx %{public}d failed, ret: %{public}d", flagIndex, ret);
245 return ret;
246 }
247 }
248 startFlagTmp = startFlagTmp >> RIGHT_SHIFT_STEP;
249 flagIndex++;
250 }
251 if (startMsg.atomicServiceFlag) {
252 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ATOMIC_SERVICE);
253 if (ret != 0) {
254 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
255 return ret;
256 }
257 }
258 if (startMsg.strictMode) {
259 ret = SetStrictMode(startMsg, reqHandle);
260 if (ret != ERR_OK) {
261 return ret;
262 }
263 }
264 if (startMsg.isolatedExtension) {
265 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_EXTENSION_SANDBOX);
266 if (ret != 0) {
267 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
268 return ret;
269 }
270 }
271 if (startMsg.flags & APP_FLAGS_CLONE_ENABLE) {
272 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CLONE_ENABLE);
273 if (ret != 0) {
274 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
275 return ret;
276 }
277 }
278 if (startMsg.isCustomSandboxFlag) {
279 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CUSTOM_SANDBOX);
280 if (ret != 0) {
281 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
282 return ret;
283 }
284 TAG_LOGD(AAFwkTag::APPMGR, "Set APP_FLAGS_CUSTOM_SANDBOX flag success.");
285 }
286 #ifdef SUPPORT_CHILD_PROCESS
287 ret = SetChildProcessTypeStartFlag(reqHandle, startMsg.childProcessType);
288 if (ret != ERR_OK) {
289 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
290 return ret;
291 }
292 #endif // SUPPORT_CHILD_PROCESS
293 ret = SetIsolationModeFlag(startMsg, reqHandle);
294 return ret;
295 }
296
SetStrictMode(const AppSpawnStartMsg & startMsg,const AppSpawnReqMsgHandle & reqHandle)297 int32_t AppSpawnClient::SetStrictMode(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle)
298 {
299 int32_t ret = ERR_OK;
300 TAG_LOGD(AAFwkTag::APPMGR, "SetStrictMode");
301 if (startMsg.isolatedSandboxFlagLegacy) {
302 TAG_LOGD(AAFwkTag::APPMGR, "SetIsolatedSandBoxLegacy");
303 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SANDBOX);
304 if (ret != 0) {
305 TAG_LOGE(AAFwkTag::APPMGR, "SetIsolatedSandBoxLegacy fail, ret: %{public}d", ret);
306 return ret;
307 }
308 }
309 if (startMsg.isolatedNetworkFlag) {
310 TAG_LOGD(AAFwkTag::APPMGR, "Set isolatedNetwork");
311 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_NETWORK);
312 if (ret != 0) {
313 TAG_LOGE(AAFwkTag::APPMGR, "Set isolatedNetwork fail, ret: %{public}d", ret);
314 return ret;
315 }
316 }
317 if (startMsg.isolatedSELinuxFlag) {
318 TAG_LOGD(AAFwkTag::APPMGR, "Set isolatedSELinux,extType:%{public}s", startMsg.extensionTypeName.c_str());
319 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SELINUX_LABEL);
320 if (ret != 0) {
321 TAG_LOGE(AAFwkTag::APPMGR, "Set isolatedSELinuxFlag fail, ret: %{public}d", ret);
322 return ret;
323 }
324 }
325 if (startMsg.isolatedNetworkFlag || startMsg.isolatedSELinuxFlag) {
326 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_EXTENSION_TYPE, startMsg.extensionTypeName.c_str());
327 if (ret != 0) {
328 TAG_LOGE(AAFwkTag::APPMGR, "Set extensionTypeName fail, ret: %{public}d", ret);
329 return ret;
330 }
331 }
332 return ERR_OK;
333 }
334
AppspawnSetExtMsg(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)335 int32_t AppSpawnClient::AppspawnSetExtMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
336 {
337 int32_t ret = 0;
338 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_RENDER_CMD, startMsg.renderParam.c_str());
339 if (ret) {
340 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
341 return ret;
342 }
343
344 if (!startMsg.hspList.empty()) {
345 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_HSP_LIST,
346 DumpHspListToJson(startMsg.hspList).c_str());
347 if (ret) {
348 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
349 return ret;
350 }
351 }
352
353 if (!startMsg.dataGroupInfoList.empty()) {
354 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_DATA_GROUP,
355 DumpDataGroupInfoListToJson(startMsg.dataGroupInfoList, startMsg.isScreenLockDataProtect).c_str());
356 if (ret) {
357 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
358 return ret;
359 }
360 }
361
362 if (!startMsg.overlayInfo.empty()) {
363 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_OVERLAY, startMsg.overlayInfo.c_str());
364 if (ret) {
365 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
366 return ret;
367 }
368 }
369
370 if (!startMsg.appEnv.empty()) {
371 std::string appEnv = DumpAppEnvToJson(startMsg.appEnv);
372 TAG_LOGD(AAFwkTag::APPMGR, "bundleName: %{public}s, appEnv: %{public}s",
373 startMsg.bundleName.c_str(), appEnv.c_str());
374 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_APP_ENV, appEnv.c_str());
375 if (ret) {
376 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
377 return ret;
378 }
379 }
380
381 if (!startMsg.atomicAccount.empty()) {
382 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_ACCOUNT_ID, startMsg.atomicAccount.c_str());
383 if (ret) {
384 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
385 return ret;
386 }
387 }
388
389 std::string apiTargetVersionStr = std::to_string(startMsg.apiTargetVersion);
390 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_API_TARGET_VERSION, apiTargetVersionStr.c_str());
391 if (ret) {
392 TAG_LOGE(AAFwkTag::APPMGR, "Send apiTargetVersion fail, ret: %{public}d", ret);
393 return ret;
394 }
395
396 return AppspawnSetExtMsgMore(startMsg, reqHandle);
397 }
398
AppspawnSetExtMsgMore(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)399 int32_t AppSpawnClient::AppspawnSetExtMsgMore(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
400 {
401 int32_t ret = 0;
402
403 if (!startMsg.provisionType.empty()) {
404 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_PROVISION_TYPE, startMsg.provisionType.c_str());
405 if (ret) {
406 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
407 return ret;
408 }
409 }
410
411 if (!startMsg.processType.empty()) {
412 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_PROCESS_TYPE, startMsg.processType.c_str());
413 if (ret) {
414 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
415 return ret;
416 }
417 }
418
419 #ifdef SUPPORT_CHILD_PROCESS
420 std::string maxChildProcessStr = std::to_string(startMsg.maxChildProcess);
421 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_MAX_CHILD_PROCCESS_MAX, maxChildProcessStr.c_str());
422 if (ret) {
423 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
424 return ret;
425 }
426 TAG_LOGD(AAFwkTag::APPMGR, "Send maxChildProcess %{public}s success", maxChildProcessStr.c_str());
427 #endif // SUPPORT_CHILD_PROCESS
428
429 if (!startMsg.extensionSandboxPath.empty()) {
430 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_APP_EXTENSION,
431 startMsg.extensionSandboxPath.c_str());
432 if (ret) {
433 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
434 return ret;
435 }
436 }
437
438 if (!startMsg.fds.empty()) {
439 ret = SetExtMsgFds(reqHandle, startMsg.fds);
440 if (ret != ERR_OK) {
441 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
442 return ret;
443 }
444 }
445
446 if (!startMsg.jitPermissionsMap.empty()) {
447 std::string jitPermissionsStr = DumpJITPermissionListToJson(startMsg.jitPermissionsMap);
448 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_JIT_PERMISSIONS, jitPermissionsStr.c_str());
449 if (ret) {
450 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
451 return ret;
452 }
453 TAG_LOGD(AAFwkTag::APPMGR, "Send JIT Permission: %{public}s", jitPermissionsStr.c_str());
454 }
455
456 return AppspawnSetExtMsgSec(startMsg, reqHandle);
457 }
458
AppspawnSetExtMsgSec(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)459 int32_t AppSpawnClient::AppspawnSetExtMsgSec(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
460 {
461 int32_t ret = 0;
462 if (startMsg.hostProcessUid != 0) {
463 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_PARENT_UID,
464 std::to_string(startMsg.hostProcessUid).c_str());
465 if (ret) {
466 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
467 return ret;
468 }
469 }
470 return ret;
471 }
472
AppspawnCreateDefaultMsg(const AppSpawnStartMsg & startMsg,AppSpawnReqMsgHandle reqHandle)473 int32_t AppSpawnClient::AppspawnCreateDefaultMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle)
474 {
475 TAG_LOGD(AAFwkTag::APPMGR, "call");
476 int32_t ret = 0;
477 do {
478 ret = SetDacInfo(startMsg, reqHandle);
479 if (ret) {
480 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
481 break;
482 }
483 ret = AppSpawnReqMsgSetBundleInfo(reqHandle, startMsg.bundleIndex, startMsg.bundleName.c_str());
484 if (ret) {
485 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
486 break;
487 }
488 ret = AppSpawnReqMsgSetAppInternetPermissionInfo(reqHandle, startMsg.allowInternet,
489 startMsg.setAllowInternet);
490 if (ret) {
491 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
492 break;
493 }
494 if (startMsg.ownerId.size()) {
495 ret = AppSpawnReqMsgSetAppOwnerId(reqHandle, startMsg.ownerId.c_str());
496 if (ret) {
497 TAG_LOGE(AAFwkTag::APPMGR, "SetOwnerId %{public}s failed, ret: %{public}d",
498 startMsg.ownerId.c_str(), ret);
499 break;
500 }
501 }
502 ret = AppSpawnReqMsgSetAppAccessToken(reqHandle, startMsg.accessTokenIdEx);
503 if (ret) {
504 TAG_LOGE(AAFwkTag::APPMGR, "ret: %{public}d", ret);
505 break;
506 }
507 ret = AppSpawnReqMsgSetAppDomainInfo(reqHandle, startMsg.hapFlags, startMsg.apl.c_str());
508 if (ret) {
509 TAG_LOGE(AAFwkTag::APPMGR,
510 "fail, hapFlags is %{public}d, apl is %{public}s, ret: %{public}d",
511 startMsg.hapFlags, startMsg.apl.c_str(), ret);
512 break;
513 }
514 ret = SetStartFlags(startMsg, reqHandle);
515 if (ret) {
516 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
517 break;
518 }
519 ret = SetMountPermission(startMsg, reqHandle);
520 if (ret) {
521 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
522 break;
523 }
524 if (AppspawnSetExtMsg(startMsg, reqHandle)) {
525 break;
526 }
527 return ret;
528 } while (0);
529
530 TAG_LOGI(AAFwkTag::APPMGR, "AppSpawnReqMsgFree");
531 AppSpawnReqMsgFree(reqHandle);
532
533 return ret;
534 }
535
VerifyMsg(const AppSpawnStartMsg & startMsg)536 bool AppSpawnClient::VerifyMsg(const AppSpawnStartMsg &startMsg)
537 {
538 TAG_LOGD(AAFwkTag::APPMGR, "VerifyMsg");
539 if (startMsg.code == MSG_APP_SPAWN ||
540 startMsg.code == MSG_SPAWN_NATIVE_PROCESS) {
541 if (startMsg.uid < 0) {
542 TAG_LOGE(AAFwkTag::APPMGR, "invalid uid! [%{public}d]", startMsg.uid);
543 return false;
544 }
545
546 if (startMsg.gid < 0) {
547 TAG_LOGE(AAFwkTag::APPMGR, "invalid gid! [%{public}d]", startMsg.gid);
548 return false;
549 }
550
551 if (startMsg.gids.size() > APP_MAX_GIDS) {
552 TAG_LOGE(AAFwkTag::APPMGR, "many app gids");
553 return false;
554 }
555
556 for (uint32_t i = 0; i < startMsg.gids.size(); ++i) {
557 if (startMsg.gids[i] < 0) {
558 TAG_LOGE(AAFwkTag::APPMGR, "invalid gids array! [%{public}d]", startMsg.gids[i]);
559 return false;
560 }
561 }
562 if (startMsg.procName.empty() || startMsg.procName.size() >= MAX_PROC_NAME_LEN) {
563 TAG_LOGE(AAFwkTag::APPMGR, "invalid procName");
564 return false;
565 }
566 } else if (startMsg.code == MSG_GET_RENDER_TERMINATION_STATUS) {
567 if (startMsg.pid < 0) {
568 TAG_LOGE(AAFwkTag::APPMGR, "invalid pid");
569 return false;
570 }
571 } else {
572 TAG_LOGE(AAFwkTag::APPMGR, "invalid code");
573 return false;
574 }
575
576 return true;
577 }
578
PreStartNWebSpawnProcess()579 int32_t AppSpawnClient::PreStartNWebSpawnProcess()
580 {
581 TAG_LOGI(AAFwkTag::APPMGR, "call");
582 return OpenConnection();
583 }
584
StartProcess(const AppSpawnStartMsg & startMsg,pid_t & pid)585 int32_t AppSpawnClient::StartProcess(const AppSpawnStartMsg &startMsg, pid_t &pid)
586 {
587 TAG_LOGD(AAFwkTag::APPMGR, "StartProcess");
588 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
589 if (!VerifyMsg(startMsg)) {
590 return ERR_INVALID_VALUE;
591 }
592
593 int32_t ret = 0;
594 AppSpawnReqMsgHandle reqHandle = nullptr;
595 int64_t startTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond();
596
597 ret = OpenConnection();
598 if (ret != 0) {
599 TAG_LOGE(AAFwkTag::APPMGR, "OpenConnection fail");
600 return ret;
601 }
602
603 ret = AppSpawnReqMsgCreate(static_cast<AppSpawnMsgType>(startMsg.code), startMsg.procName.c_str(), &reqHandle);
604 if (ret != 0) {
605 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgCreate fail");
606 return ret;
607 }
608
609 ret = AppspawnCreateDefaultMsg(startMsg, reqHandle);
610 if (ret != 0) {
611 TAG_LOGE(AAFwkTag::APPMGR, "AppspawnCreateDefaultMsg fail");
612 return ret; // create msg failed
613 }
614
615 TAG_LOGD(AAFwkTag::APPMGR, "AppspawnSendMsg");
616 AppSpawnResult result = {0};
617 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
618
619 int64_t costTime = AbilityRuntime::TimeUtil::SystemTimeMillisecond() - startTime;
620 if (costTime > MAX_COST_TIME) {
621 TAG_LOGE(AAFwkTag::APPMGR, "StartProcess cost %{public}" PRId64 "ms!", costTime);
622 }
623 if (ret != 0) {
624 TAG_LOGE(AAFwkTag::APPMGR, "appspawn send msg fail");
625 return ret;
626 }
627 if (result.pid <= 0) {
628 TAG_LOGE(AAFwkTag::APPMGR, "pid invalid, result is %{public}d", result.result);
629 return AAFwk::ERR_PROCESS_START_INVALID_PID;
630 } else {
631 pid = result.pid;
632 }
633 TAG_LOGI(AAFwkTag::APPMGR, "pid = [%{public}d]", pid);
634 return result.result;
635 }
636
SendAppSpawnUninstallDebugHapMsg(int32_t userId)637 int32_t AppSpawnClient::SendAppSpawnUninstallDebugHapMsg(int32_t userId)
638 {
639 HITRACE_METER_NAME(HITRACE_TAG_APP, __PRETTY_FUNCTION__);
640 AppSpawnReqMsgHandle reqHandle = nullptr;
641 int32_t ret = OpenConnection();
642 if (ret != ERR_OK) {
643 TAG_LOGE(AAFwkTag::APPMGR, "OpenConnection failed");
644 return ret;
645 }
646 ret = AppSpawnReqMsgCreate(MSG_UNINSTALL_DEBUG_HAP, UNINSTALL_BUNDLE_NAME, &reqHandle);
647 if (ret != ERR_OK) {
648 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgCreate failed");
649 return ret;
650 }
651 auto msg = std::to_string(userId);
652 ret = AppSpawnReqMsgAddStringInfo(reqHandle, MSG_EXT_NAME_USERID, msg.c_str());
653 if (ret != ERR_OK) {
654 AppSpawnReqMsgFree(reqHandle);
655 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnReqMsgAddStringInfo failed");
656 return ret;
657 }
658 AppSpawnResult result = { 0 };
659 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
660 if (ret != ERR_OK) {
661 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnClientSendMsg failed");
662 return ret;
663 }
664 return ret;
665 }
666
GetRenderProcessTerminationStatus(const AppSpawnStartMsg & startMsg,int & status)667 int32_t AppSpawnClient::GetRenderProcessTerminationStatus(const AppSpawnStartMsg &startMsg, int &status)
668 {
669 TAG_LOGI(AAFwkTag::APPMGR, "call");
670 int32_t ret = 0;
671 AppSpawnReqMsgHandle reqHandle = nullptr;
672
673 // check parameters
674 if (!VerifyMsg(startMsg)) {
675 return ERR_INVALID_VALUE;
676 }
677
678 ret = OpenConnection();
679 if (ret != 0) {
680 return ret;
681 }
682
683 ret = AppSpawnTerminateMsgCreate(startMsg.pid, &reqHandle);
684 if (ret != 0) {
685 TAG_LOGE(AAFwkTag::APPMGR, "AppSpawnTerminateMsgCreate failed");
686 return ret;
687 }
688
689 TAG_LOGI(AAFwkTag::APPMGR, "AppspawnSendMsg");
690 AppSpawnResult result = {0};
691 ret = AppSpawnClientSendMsg(handle_, reqHandle, &result);
692 status = result.result;
693 if (ret != 0) {
694 TAG_LOGE(AAFwkTag::APPMGR, "appspawn send msg fail");
695 return ret;
696 }
697 TAG_LOGI(AAFwkTag::APPMGR, "status = [%{public}d]", status);
698
699 return ret;
700 }
701
702 #ifdef SUPPORT_CHILD_PROCESS
SetChildProcessTypeStartFlag(const AppSpawnReqMsgHandle & reqHandle,int32_t childProcessType)703 int32_t AppSpawnClient::SetChildProcessTypeStartFlag(const AppSpawnReqMsgHandle &reqHandle,
704 int32_t childProcessType)
705 {
706 TAG_LOGD(AAFwkTag::APPMGR, "SetChildProcessTypeStartFlag, type:%{public}d", childProcessType);
707 if (childProcessType != CHILD_PROCESS_TYPE_NOT_CHILD) {
708 return AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_CHILDPROCESS);
709 }
710 return ERR_OK;
711 }
712 #endif // SUPPORT_CHILD_PROCESS
713
SetExtMsgFds(const AppSpawnReqMsgHandle & reqHandle,const std::map<std::string,int32_t> & fds)714 int32_t AppSpawnClient::SetExtMsgFds(const AppSpawnReqMsgHandle &reqHandle,
715 const std::map<std::string, int32_t> &fds)
716 {
717 TAG_LOGI(AAFwkTag::APPMGR, "size:%{public}zu", fds.size());
718 int32_t ret = ERR_OK;
719 for (const auto &item : fds) {
720 ret = AppSpawnReqMsgAddFd(reqHandle, item.first.c_str(), item.second);
721 if (ret != ERR_OK) {
722 TAG_LOGE(AAFwkTag::APPMGR, "fail, key:%{public}s, fd:%{public}d, ret:%{public}d",
723 item.first.c_str(), item.second, ret);
724 return ret;
725 }
726 }
727 return ERR_OK;
728 }
729
SetIsolationModeFlag(const AppSpawnStartMsg & startMsg,const AppSpawnReqMsgHandle & reqHandle)730 int32_t AppSpawnClient::SetIsolationModeFlag(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle)
731 {
732 TAG_LOGD(AAFwkTag::APPMGR, "isolationMode:%{public}d", startMsg.isolationMode);
733 if (!startMsg.isolationMode) {
734 return ERR_OK;
735 }
736 auto ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_SANDBOX_TYPE);
737 if (ret != 0) {
738 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
739 return ret;
740 }
741 ret = AppSpawnReqMsgSetAppFlag(reqHandle, APP_FLAGS_ISOLATED_NETWORK);
742 if (ret != 0) {
743 TAG_LOGE(AAFwkTag::APPMGR, "fail, ret: %{public}d", ret);
744 return ret;
745 }
746 return ERR_OK;
747 }
748 } // namespace AppExecFwk
749 } // namespace OHOS
750