1 /*
2 * Copyright (C) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <memory>
17 #include <string>
18 #include <vector>
19 #include <thread>
20
21 #include "app_domain_verify_agent_service.h"
22 #include "system_ability_definition.h"
23 #include "domain_url_util.h"
24 #include "bms/bundle_info_query.h"
25 #include "app_domain_verify_mgr_client.h"
26 #include "verify_task.h"
27 #include "iservice_registry.h"
28 #include "app_domain_verify_error.h"
29 #include "permission_manager.h"
30 #include "critial_utils.h"
31
32 namespace OHOS {
33 namespace AppDomainVerify {
34 namespace {
35 #ifndef _TEST
36 constexpr int32_t DELAY_TIME = 180000; // 3min = 3*60*1000
37 constexpr int MAX_DELAY_RETRY_CNT = 10;
38 #elif
39 constexpr int32_t DELAY_TIME = 60000; // 1min = 60*1000 for test
40 constexpr int MAX_DELAY_RETRY_CNT = 3; // 3 for test
41 #endif
42 std::atomic<int> retryCnt = 0;
43 std::atomic<bool> isDoSyncDone = false;
44 constexpr int32_t DUMP_SYSTEM_START_YEAR = 1900;
45 constexpr int32_t FORMAT_BLANK_SIZE = 32;
46 constexpr const char* LOOP_EVENT = "loopevent";
47 }
48 static const std::string TASK_ID = "unload";
49 static const std::string UPDATE_DETAILS_TASK_ID = "udpateDetails";
50 using namespace NetManagerStandard;
51 const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(new AppDomainVerifyAgentService());
52
AppDomainVerifyAgentService()53 AppDomainVerifyAgentService::AppDomainVerifyAgentService() : SystemAbility(APP_DOMAIN_VERIFY_AGENT_SA_ID, true)
54 {
55 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "new instance create.");
56 now = std::chrono::system_clock::now();
57 appDomainVerifyExtMgr_ = std::make_shared<AppDomainVerifyExtensionMgr>();
58 appDomainVerifyTaskMgr_ = AppDomainVerifyTaskMgr::GetInstance();
59 runner_ = AppExecFwk::EventRunner::Create("unload", AppExecFwk::ThreadMode::FFRT);
60 if (runner_ == nullptr) {
61 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "create runner failed.");
62 return;
63 }
64 unloadHandler_ = std::make_shared<AppExecFwk::EventHandler>(runner_);
65 }
~AppDomainVerifyAgentService()66 AppDomainVerifyAgentService::~AppDomainVerifyAgentService()
67 {
68 AppDomainVerifyTaskMgr::DestroyInstance();
69 if (appDomainVerifyTaskMgr_ != nullptr) {
70 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "appDomainVerifyTaskMgr_ reset.");
71 appDomainVerifyTaskMgr_ = nullptr;
72 }
73 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "instance dead.");
74 }
CompleteVerifyRefresh(const BundleVerifyStatusInfo & bundleVerifyStatusInfo,TaskType type)75 void AppDomainVerifyAgentService::CompleteVerifyRefresh(
76 const BundleVerifyStatusInfo& bundleVerifyStatusInfo, TaskType type)
77 {
78 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
79 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND !=
80 appDomainVerifyExtMgr_->CompleteVerifyRefresh(bundleVerifyStatusInfo, type)) {
81 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
82 return;
83 }
84 for (auto it = bundleVerifyStatusInfo.bundleVerifyStatusInfoMap_.begin();
85 it != bundleVerifyStatusInfo.bundleVerifyStatusInfoMap_.end(); it++) {
86 AppVerifyBaseInfo appVerifyBaseInfo;
87 appVerifyBaseInfo.bundleName = it->first;
88 if (appVerifyBaseInfo.appIdentifier.empty() &&
89 !BundleInfoQuery::GetBundleInfo(
90 appVerifyBaseInfo.bundleName, appVerifyBaseInfo.appIdentifier, appVerifyBaseInfo.fingerprint)) {
91 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "GetBundleInfo failed.");
92 // todo delete this bundleName or not
93 continue;
94 }
95 ExecuteVerifyTask(appVerifyBaseInfo, it->second, type);
96 }
97 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "call end");
98 }
ConvertToExplicitWant(OHOS::AAFwk::Want & implicitWant,sptr<IConvertCallback> & callback)99 void AppDomainVerifyAgentService::ConvertToExplicitWant(
100 OHOS::AAFwk::Want& implicitWant, sptr<IConvertCallback>& callback)
101 {
102 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
103 if (!PermissionManager::IsSACall()) {
104 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "no sa call");
105 return;
106 }
107 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND !=
108 appDomainVerifyExtMgr_->ConvertToExplicitWant(implicitWant, callback)) {
109 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
110 return;
111 }
112
113 if (callback) {
114 TargetInfo targetInfo;
115 callback->OnConvert(0, targetInfo);
116 }
117 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
118 }
SingleVerify(const AppVerifyBaseInfo & appVerifyBaseInfo,const VerifyResultInfo & verifyResultInfo)119 void AppDomainVerifyAgentService::SingleVerify(
120 const AppVerifyBaseInfo& appVerifyBaseInfo, const VerifyResultInfo& verifyResultInfo)
121 {
122 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
123 if (!PermissionManager::IsSACall()) {
124 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "no sa call");
125 return;
126 }
127 ExecuteVerifyTask(appVerifyBaseInfo, verifyResultInfo, TaskType::IMMEDIATE_TASK);
128 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "call end");
129 }
130
ExecuteVerifyTask(const AppVerifyBaseInfo & appVerifyBaseInfo,const VerifyResultInfo & verifyResultInfo,TaskType type)131 void AppDomainVerifyAgentService::ExecuteVerifyTask(
132 const AppVerifyBaseInfo& appVerifyBaseInfo, const VerifyResultInfo& verifyResultInfo, TaskType type)
133 {
134 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND !=
135 appDomainVerifyExtMgr_->SingleVerify(appVerifyBaseInfo, verifyResultInfo)) {
136 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
137 return;
138 }
139
140 auto task = std::make_shared<VerifyTask>(type, appVerifyBaseInfo, verifyResultInfo);
141 if (task->GetUriVerifyMap().empty()) {
142 APP_DOMAIN_VERIFY_HILOGW(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "no valid skillUris");
143 return;
144 }
145 task->Execute();
146 }
147
QueryAndCompleteRefresh(TaskType type)148 void AppDomainVerifyAgentService::QueryAndCompleteRefresh(TaskType type)
149 {
150 BundleVerifyStatusInfo bundleVerifyStatusInfo;
151 if (AppDomainVerifyMgrClient::GetInstance()->QueryAllDomainVerifyStatus(bundleVerifyStatusInfo)) {
152 CompleteVerifyRefresh(bundleVerifyStatusInfo, type);
153 return;
154 }
155 UNIVERSAL_ERROR_EVENT(GET_DATE_IN_BOOT_FAULT);
156 }
157
UpdateWhiteList()158 void AppDomainVerifyAgentService::UpdateWhiteList()
159 {
160 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
161 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND != appDomainVerifyExtMgr_->UpdateWhiteList()) {
162 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
163 return;
164 }
165 }
166
UpdateAppDetails()167 void AppDomainVerifyAgentService::UpdateAppDetails()
168 {
169 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
170 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND != appDomainVerifyExtMgr_->UpdateAppDetails()) {
171 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
172 return;
173 }
174 }
CommonTransact(uint32_t opcode,const std::string & request,std::string & response)175 int AppDomainVerifyAgentService::CommonTransact(uint32_t opcode, const std::string& request, std::string& response)
176 {
177 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
178 if (ErrorCode::E_EXTENSIONS_LIB_NOT_FOUND != appDomainVerifyExtMgr_->CommonTransact(opcode, request, response)) {
179 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "extension call end");
180 return ErrorCode::E_INTERNAL_ERR;
181 }
182 return ErrorCode::E_OK;
183 }
184 // sa_main进程统一调用
OnStart(const SystemAbilityOnDemandReason & startReason)185 void AppDomainVerifyAgentService::OnStart(const SystemAbilityOnDemandReason& startReason)
186 {
187 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "OnStart reason %{public}s, reasonId_:%{public}d",
188 startReason.GetName().c_str(), startReason.GetId());
189 PostDelayUnloadTask();
190
191 CriticalUtils::GetInstance().NotifyProcessStatus(1);
192
193 bool res = Publish(this);
194 if (!res) {
195 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "Publish failed");
196 }
197 if (startReason.GetName() == LOOP_EVENT) {
198 DoLoopStart();
199 }
200 }
201
OnStop()202 void AppDomainVerifyAgentService::OnStop()
203 {
204 CriticalUtils::GetInstance().NotifyProcessStatus(0);
205 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
206 }
UnloadSa()207 void AppDomainVerifyAgentService::UnloadSa()
208 {
209 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "do unload sa");
210 auto samgrProxy = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
211 if (samgrProxy == nullptr) {
212 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "get samgr failed");
213 return;
214 }
215 int32_t ret = samgrProxy->UnloadSystemAbility(APP_DOMAIN_VERIFY_AGENT_SA_ID);
216 if (ret != 0) {
217 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "remove system ability failed");
218 return;
219 }
220 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "do unload sa done");
221 }
222
IsIdle()223 bool AppDomainVerifyAgentService::IsIdle()
224 {
225 if (appDomainVerifyTaskMgr_ == nullptr) {
226 return true;
227 } else {
228 return appDomainVerifyTaskMgr_->IsIdle();
229 }
230 }
231
DoSync(const TaskType & type)232 void AppDomainVerifyAgentService::DoSync(const TaskType& type)
233 {
234 QueryAndCompleteRefresh(type);
235 }
DoLoopStart()236 void AppDomainVerifyAgentService::DoLoopStart()
237 {
238 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
239 UpdateWhiteList();
240 UpdateAppDetails();
241 }
242
IsNetAvailable()243 bool AppDomainVerifyAgentService::IsNetAvailable()
244 {
245 bool isNetAvailable = false;
246 NetManagerStandard::NetConnClient::GetInstance().HasDefaultNet(isNetAvailable);
247 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "IsNetAvailable:%{public}d", isNetAvailable);
248 return isNetAvailable;
249 }
250
DoSync()251 void AppDomainVerifyAgentService::DoSync()
252 {
253 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "do sync");
254 if (!isDoSyncDone && IsNetAvailable()) {
255 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "net connected, do sync once");
256 DoSync(BOOT_REFRESH_TASK);
257 isDoSyncDone = true;
258 }
259 }
260
CanUnloadSa()261 bool AppDomainVerifyAgentService::CanUnloadSa()
262 {
263 auto reachedMaxCnt = (retryCnt >= MAX_DELAY_RETRY_CNT - 1);
264 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE,
265 "can unload? isDoSyncDone:%{public}d, retryCnt:%{public}d, IsIdle:%{public}d, reachedMaxCnt:%{public}d, "
266 "maxCnt:%{public}d",
267 isDoSyncDone.load(), retryCnt.load(), IsIdle(), reachedMaxCnt, MAX_DELAY_RETRY_CNT);
268 return (isDoSyncDone.load() || reachedMaxCnt) && IsIdle();
269 }
270
OnDelayUnloadSA()271 void AppDomainVerifyAgentService::OnDelayUnloadSA()
272 {
273 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "on unload task");
274 if (CanUnloadSa()) {
275 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "can unload sa");
276 UnloadSa();
277 return;
278 }
279
280 DoSync();
281 PostDelayUnloadTask();
282 retryCnt++;
283 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "on unload task, delay unload");
284 }
PostDelayUnloadTask()285 void AppDomainVerifyAgentService::PostDelayUnloadTask()
286 {
287 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "called");
288 unloadHandler_->RemoveTask(TASK_ID);
289 unloadHandler_->PostTask([this] { OnDelayUnloadSA(); }, TASK_ID, DELAY_TIME);
290 }
291
OnDump()292 void AppDomainVerifyAgentService::OnDump()
293 {
294 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "OnDump");
295 }
GetStatTime()296 std::string AppDomainVerifyAgentService::GetStatTime()
297 {
298 std::string startTime;
299 time_t tt = std::chrono::system_clock::to_time_t(now);
300 struct tm ptm {};
301 localtime_r(&tt, &ptm);
302 char date[FORMAT_BLANK_SIZE] = { 0 };
303 auto flag = sprintf_s(date, sizeof(date), "%04d-%02d-%02d %02d:%02d:%02d",
304 (int)ptm.tm_year + DUMP_SYSTEM_START_YEAR, (int)ptm.tm_mon + 1, (int)ptm.tm_mday, (int)ptm.tm_hour,
305 (int)ptm.tm_min, (int)ptm.tm_sec);
306 if (flag < 0) {
307 return startTime;
308 }
309 startTime = date;
310 return startTime;
311 }
Dump(int fd,const std::vector<std::u16string> & args)312 int AppDomainVerifyAgentService::Dump(int fd, const std::vector<std::u16string>& args)
313 {
314 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "Dump");
315 std::string dumpString{};
316 dumpString.append("Agent start time: ");
317 dumpString.append(GetStatTime());
318 dumpString.append("\n");
319 dumpString.append("TaskMgr state: ");
320 IsIdle() ? dumpString.append("idle.") : dumpString.append("running.");
321 dumpString.append("\n");
322 dumpString.append("isDoSyncDone:");
323 isDoSyncDone ? dumpString.append("true.") : dumpString.append("false.");
324 dumpString.append("\n");
325 dumpString.append("retryCnt:");
326 dumpString.append(std::to_string(retryCnt));
327 dumpString.append("\n");
328 dumpString.append("maxCnt:");
329 dumpString.append(std::to_string(MAX_DELAY_RETRY_CNT));
330 dumpString.append("\n");
331 (void)write(fd, dumpString.c_str(), dumpString.size());
332 return 0;
333 }
334
335 } // namespace AppDomainVerify
336 } // namespace OHOS
337