1 /* 2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef OHOS_ABILITY_RUNTIME_APP_SPAWN_CLIENT_H 17 #define OHOS_ABILITY_RUNTIME_APP_SPAWN_CLIENT_H 18 19 #include <array> 20 #include <map> 21 #include <memory> 22 #include <set> 23 #include <string> 24 #include <unistd.h> 25 #include <vector> 26 27 #include "appspawn.h" 28 #include "bundle_info.h" 29 #ifdef SUPPORT_CHILD_PROCESS 30 #include "child_process_info.h" 31 #endif // SUPPORT_CHILD_PROCESS 32 #include "data_group_info.h" 33 #include "nocopyable.h" 34 #include "shared/base_shared_bundle_info.h" 35 36 namespace OHOS { 37 namespace AppExecFwk { 38 enum class SpawnConnectionState { STATE_NOT_CONNECT, STATE_CONNECTED, STATE_CONNECT_FAILED }; 39 using HspList = std::vector<BaseSharedBundleInfo>; 40 using DataGroupInfoList = std::vector<DataGroupInfo>; 41 using JITPermissionsMap = std::map<std::string, std::string>; 42 const int32_t MAX_FLAG_INDEX = 32; 43 const int32_t MAX_PROC_NAME_LEN = 256; 44 const int32_t START_FLAG_BASE = 1; 45 const int32_t MAX_COST_TIME = 500; 46 struct AppSpawnStartMsg { 47 uint8_t setAllowInternet; 48 uint8_t allowInternet; // hap socket allowed 49 uint8_t reserved1; 50 uint8_t reserved2; 51 bool atomicServiceFlag = false; 52 bool isolatedExtension = false; // whether is isolatedExtension 53 bool strictMode = false; // whether is strict mode 54 bool isolationMode = false; 55 bool isolatedNetworkFlag = false; 56 bool isolatedSELinuxFlag = false; 57 bool isolatedSandboxFlagLegacy = false; // APP_FLAGS_EXTENSION_SANDBOX legacy 58 bool isScreenLockDataProtect = false; 59 bool isCustomSandboxFlag = false; 60 int32_t uid; 61 int32_t gid; 62 int32_t pid; 63 int32_t code = 0; // 0: default, MSG_APP_SPAWN; 1: MSG_SPAWN_NATIVE_PROCESS; 2: MSG_GET_RENDER_TERMINATION_STATUS 64 int32_t bundleIndex; // when dlp launch another app used, default is 0 65 int32_t maxChildProcess = 0; 66 #ifdef SUPPORT_CHILD_PROCESS 67 int32_t childProcessType = CHILD_PROCESS_TYPE_NOT_CHILD; 68 #endif // SUPPORT_CHILD_PROCESS 69 int32_t hostProcessUid = 0; // host process uid, only use for nwebspawn. 70 uint32_t accessTokenId; 71 uint32_t flags; 72 uint32_t hapFlags = 0; // whether is pre installed hap 73 uint32_t mountPermissionFlags; 74 uint32_t apiTargetVersion = 0; 75 uint64_t accessTokenIdEx; 76 std::vector<int32_t> gids; 77 std::string procName; 78 std::string soPath; 79 std::string apl; 80 std::string bundleName; 81 std::string renderParam; // only nweb spawn need this param. 82 std::string overlayInfo; // overlay hap resource path list 83 std::string ownerId; 84 std::string provisionType; 85 std::string atomicAccount = ""; 86 std::string extensionSandboxPath; 87 std::string processType = ""; 88 std::string extensionTypeName; 89 HspList hspList; // list of harmony shared package 90 std::set<std::string> permissions; 91 std::map<std::string, std::string> appEnv; // environment variable to be set to the process 92 std::map<std::string, int32_t> fds; 93 DataGroupInfoList dataGroupInfoList; // list of harmony shared package 94 JITPermissionsMap jitPermissionsMap; // map of JIT permissions 95 }; 96 97 constexpr auto LEN_PID = sizeof(pid_t); 98 struct StartFlags { 99 static const int COLD_START = 0; 100 static const int BACKUP_EXTENSION = 1; 101 static const int DLP_MANAGER = 2; 102 static const int DEBUGGABLE = 3; 103 static const int ASANENABLED = 4; 104 static const int ACCESS_BUNDLE_DIR = 5; 105 static const int NATIVEDEBUG = 6; 106 static const int NO_SANDBOX = 7; 107 static const int OVERLAY = 8; 108 static const int BUNDLE_RESOURCES = 9; 109 static const int GWP_ENABLED_FORCE = 10; 110 static const int GWP_ENABLED_NORMAL = 11; 111 static const int TSANENABLED = 12; 112 static const int EXTENSION_CONTROLLED = 13; 113 static const int HWASANENABLED = 21; 114 static const int UBSANENABLED = 22; 115 static const int TEMP_JIT_ALLOW = 28; 116 }; 117 118 struct CreateStartMsgParam { 119 bool strictMode = false; 120 bool networkEnableFlags = true; 121 bool saEnableFlags = true; 122 ExtensionAbilityType extensionAbilityType = ExtensionAbilityType::UNSPECIFIED; 123 uint32_t startFlags = 0; 124 int32_t uid = -1; 125 int32_t bundleIndex = 0; 126 std::shared_ptr<AAFwk::Want> want = nullptr; 127 std::string moduleName; 128 std::string abilityName; 129 std::string processName; 130 BundleInfo bundleInfo; 131 BundleType bundleType = BundleType::APP; 132 }; 133 134 union AppSpawnPidMsg { 135 pid_t pid = 0; 136 char pidBuf[LEN_PID]; 137 }; 138 139 class AppSpawnClient { 140 public: 141 /** 142 * Constructor. 143 */ 144 explicit AppSpawnClient(bool isNWebSpawn = false); 145 146 /** 147 * Constructor by service name 148 */ 149 explicit AppSpawnClient(const char* serviceName); 150 151 /** 152 * Destructor 153 */ 154 virtual ~AppSpawnClient(); 155 156 /** 157 * Disable copy. 158 */ 159 DISALLOW_COPY_AND_MOVE(AppSpawnClient); 160 161 /** 162 * Try connect to appSpawn. 163 */ 164 ErrCode OpenConnection(); 165 166 /** 167 * Close the connect of appspawn. 168 */ 169 void CloseConnection(); 170 171 /** 172 * Return the connect state. 173 */ 174 SpawnConnectionState QueryConnectionState() const; 175 176 /** 177 * Return the clent handle. 178 */ 179 AppSpawnClientHandle GetAppSpawnClientHandle() const; 180 181 /** 182 * Set dac info. 183 * 184 * @param startMsg, request message. 185 * @param reqHandle, handle for request message 186 */ 187 int32_t SetDacInfo(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 188 189 /** 190 * Set mount permission. 191 * 192 * @param startMsg, request message. 193 * @param reqHandle, handle for request message 194 */ 195 int32_t SetMountPermission(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 196 197 /** 198 * Set start flags. 199 * 200 * @param startMsg, request message. 201 * @param reqHandle, handle for request message 202 */ 203 int32_t SetStartFlags(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 204 205 /** 206 * Set extra info: render-cmd, HspList, Overlay, DataGroup, AppEnv. 207 * 208 * @param startMsg, request message. 209 * @param reqHandle, handle for request message 210 */ 211 int32_t AppspawnSetExtMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 212 213 /** 214 * Set extra info: provision_type, max_child_process. 215 * 216 * @param startMsg, request message. 217 * @param reqHandle, handle for request message 218 */ 219 int32_t AppspawnSetExtMsgMore(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 220 221 /** 222 * Set extra info: parent uid. 223 * 224 * @param startMsg, request message, 225 * @param reqHandle, handle for request message 226 * 227 * Return the Message Set result. 228 */ 229 int32_t AppspawnSetExtMsgSec(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 230 231 /** 232 * Create default appspawn msg. 233 * 234 * @param startMsg, request message. 235 * @param reqHandle, handle for request message 236 */ 237 int32_t AppspawnCreateDefaultMsg(const AppSpawnStartMsg &startMsg, AppSpawnReqMsgHandle reqHandle); 238 239 /** 240 * Verify startMsg. 241 * 242 * @param startMsg, request message. 243 */ 244 bool VerifyMsg(const AppSpawnStartMsg &startMsg); 245 246 /** 247 * Send appSpawn uninstall debug hap message. 248 * 249 * @param userId, the user id. 250 */ 251 int32_t SendAppSpawnUninstallDebugHapMsg(int32_t userId); 252 253 /** 254 * Start request to nwebspawn process. 255 */ 256 virtual int32_t PreStartNWebSpawnProcess(); 257 258 /** 259 * AppSpawnClient core function, Start request to appSpawn. 260 * 261 * @param startMsg, request message. 262 * @param pid, pid of app process, get from appSpawn. 263 */ 264 virtual int32_t StartProcess(const AppSpawnStartMsg &startMsg, pid_t &pid); 265 266 /** 267 * Get render process termination status. 268 * 269 * @param startMsg, request message. 270 * @param status, termination status of render process, get from appSpawn. 271 */ 272 virtual int32_t GetRenderProcessTerminationStatus(const AppSpawnStartMsg &startMsg, int &status); 273 274 private: 275 std::string serviceName_ = APPSPAWN_SERVER_NAME; 276 AppSpawnClientHandle handle_ = nullptr; 277 SpawnConnectionState state_ = SpawnConnectionState::STATE_NOT_CONNECT; 278 279 #ifdef SUPPORT_CHILD_PROCESS 280 int32_t SetChildProcessTypeStartFlag(const AppSpawnReqMsgHandle &reqHandle, int32_t childProcessType); 281 #endif // SUPPORT_CHILD_PROCESS 282 283 int32_t SetExtMsgFds(const AppSpawnReqMsgHandle &reqHandle, const std::map<std::string, int32_t> &fds); 284 285 int32_t SetIsolationModeFlag(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle); 286 287 int32_t SetStrictMode(const AppSpawnStartMsg &startMsg, const AppSpawnReqMsgHandle &reqHandle); 288 }; 289 } // namespace AppExecFwk 290 } // namespace OHOS 291 #endif // OHOS_ABILITY_RUNTIME_APP_SPAWN_CLIENT_H 292