1 /*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ueventd.h"
18
19 #include <ctype.h>
20 #include <fcntl.h>
21 #include <signal.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <sys/wait.h>
26
27 #include <set>
28 #include <thread>
29
30 #include <android-base/chrono_utils.h>
31 #include <android-base/logging.h>
32 #include <android-base/properties.h>
33 #include <fstab/fstab.h>
34 #include <selinux/android.h>
35 #include <selinux/selinux.h>
36
37 #include "devices.h"
38 #include "firmware_handler.h"
39 #include "modalias_handler.h"
40 #include "selinux.h"
41 #include "uevent_handler.h"
42 #include "uevent_listener.h"
43 #include "ueventd_parser.h"
44 #include "util.h"
45
46 // At a high level, ueventd listens for uevent messages generated by the kernel through a netlink
47 // socket. When ueventd receives such a message it handles it by taking appropriate actions,
48 // which can typically be creating a device node in /dev, setting file permissions, setting selinux
49 // labels, etc.
50 // Ueventd also handles loading of firmware that the kernel requests, and creates symlinks for block
51 // and character devices.
52
53 // When ueventd starts, it regenerates uevents for all currently registered devices by traversing
54 // /sys and writing 'add' to each 'uevent' file that it finds. This causes the kernel to generate
55 // and resend uevent messages for all of the currently registered devices. This is done, because
56 // ueventd would not have been running when these devices were registered and therefore was unable
57 // to receive their uevent messages and handle them appropriately. This process is known as
58 // 'cold boot'.
59
60 // 'init' currently waits synchronously on the cold boot process of ueventd before it continues
61 // its boot process. For this reason, cold boot should be as quick as possible. One way to achieve
62 // a speed up here is to parallelize the handling of ueventd messages, which consume the bulk of the
63 // time during cold boot.
64
65 // Handling of uevent messages has two unique properties:
66 // 1) It can be done in isolation; it doesn't need to read or write any status once it is started.
67 // 2) It uses setegid() and setfscreatecon() so either care (aka locking) must be taken to ensure
68 // that no file system operations are done while the uevent process has an abnormal egid or
69 // fscreatecon or this handling must happen in a separate process.
70 // Given the above two properties, it is best to fork() subprocesses to handle the uevents. This
71 // reduces the overhead and complexity that would be required in a solution with threads and locks.
72 // In testing, a racy multithreaded solution has the same performance as the fork() solution, so
73 // there is no reason to deal with the complexity of the former.
74
75 // One other important caveat during the boot process is the handling of SELinux restorecon.
76 // Since many devices have child devices, calling selinux_android_restorecon() recursively for each
77 // device when its uevent is handled, results in multiple restorecon operations being done on a
78 // given file. It is more efficient to simply do restorecon recursively on /sys during cold boot,
79 // than to do restorecon on each device as its uevent is handled. This only applies to cold boot;
80 // once that has completed, restorecon is done for each device as its uevent is handled.
81
82 // With all of the above considered, the cold boot process has the below steps:
83 // 1) ueventd regenerates uevents by doing the /sys traversal and listens to the netlink socket for
84 // the generated uevents. It writes these uevents into a queue represented by a vector.
85 //
86 // 2) ueventd forks 'n' separate uevent handler subprocesses and has each of them to handle the
87 // uevents in the queue based on a starting offset (their process number) and a stride (the total
88 // number of processes). Note that no IPC happens at this point and only const functions from
89 // DeviceHandler should be called from this context.
90 //
91 // 3) In parallel to the subprocesses handling the uevents, the main thread of ueventd calls
92 // selinux_android_restorecon() recursively on /sys/class, /sys/block, and /sys/devices.
93 //
94 // 4) Once the restorecon operation finishes, the main thread calls waitpid() to wait for all
95 // subprocess handlers to complete and exit. Once this happens, it marks coldboot as having
96 // completed.
97 //
98 // At this point, ueventd is single threaded, poll()'s and then handles any future uevents.
99
100 // Lastly, it should be noted that uevents that occur during the coldboot process are handled
101 // without issue after the coldboot process completes. This is because the uevent listener is
102 // paused while the uevent handler and restorecon actions take place. Once coldboot completes,
103 // the uevent listener resumes in polling mode and will handle the uevents that occurred during
104 // coldboot.
105
106 namespace android {
107 namespace init {
108
109 class ColdBoot {
110 public:
ColdBoot(UeventListener & uevent_listener,std::vector<std::unique_ptr<UeventHandler>> & uevent_handlers)111 ColdBoot(UeventListener& uevent_listener,
112 std::vector<std::unique_ptr<UeventHandler>>& uevent_handlers)
113 : uevent_listener_(uevent_listener),
114 uevent_handlers_(uevent_handlers),
115 num_handler_subprocesses_(std::thread::hardware_concurrency() ?: 4) {}
116
117 void Run();
118
119 private:
120 void UeventHandlerMain(unsigned int process_num, unsigned int total_processes);
121 void RegenerateUevents();
122 void ForkSubProcesses();
123 void DoRestoreCon();
124 void WaitForSubProcesses();
125
126 UeventListener& uevent_listener_;
127 std::vector<std::unique_ptr<UeventHandler>>& uevent_handlers_;
128
129 unsigned int num_handler_subprocesses_;
130 std::vector<Uevent> uevent_queue_;
131
132 std::set<pid_t> subprocess_pids_;
133 };
134
UeventHandlerMain(unsigned int process_num,unsigned int total_processes)135 void ColdBoot::UeventHandlerMain(unsigned int process_num, unsigned int total_processes) {
136 for (unsigned int i = process_num; i < uevent_queue_.size(); i += total_processes) {
137 auto& uevent = uevent_queue_[i];
138
139 for (auto& uevent_handler : uevent_handlers_) {
140 uevent_handler->HandleUevent(uevent);
141 }
142 }
143 _exit(EXIT_SUCCESS);
144 }
145
RegenerateUevents()146 void ColdBoot::RegenerateUevents() {
147 uevent_listener_.RegenerateUevents([this](const Uevent& uevent) {
148 uevent_queue_.emplace_back(std::move(uevent));
149 return ListenerAction::kContinue;
150 });
151 }
152
ForkSubProcesses()153 void ColdBoot::ForkSubProcesses() {
154 for (unsigned int i = 0; i < num_handler_subprocesses_; ++i) {
155 auto pid = fork();
156 if (pid < 0) {
157 PLOG(FATAL) << "fork() failed!";
158 }
159
160 if (pid == 0) {
161 UeventHandlerMain(i, num_handler_subprocesses_);
162 }
163
164 subprocess_pids_.emplace(pid);
165 }
166 }
167
DoRestoreCon()168 void ColdBoot::DoRestoreCon() {
169 selinux_android_restorecon("/sys", SELINUX_ANDROID_RESTORECON_RECURSE);
170 }
171
WaitForSubProcesses()172 void ColdBoot::WaitForSubProcesses() {
173 // Treat subprocesses that crash or get stuck the same as if ueventd itself has crashed or gets
174 // stuck.
175 //
176 // When a subprocess crashes, we fatally abort from ueventd. init will restart ueventd when
177 // init reaps it, and the cold boot process will start again. If this continues to fail, then
178 // since ueventd is marked as a critical service, init will reboot to bootloader.
179 //
180 // When a subprocess gets stuck, keep ueventd spinning waiting for it. init has a timeout for
181 // cold boot and will reboot to the bootloader if ueventd does not complete in time.
182 while (!subprocess_pids_.empty()) {
183 int status;
184 pid_t pid = TEMP_FAILURE_RETRY(waitpid(-1, &status, 0));
185 if (pid == -1) {
186 PLOG(ERROR) << "waitpid() failed";
187 continue;
188 }
189
190 auto it = std::find(subprocess_pids_.begin(), subprocess_pids_.end(), pid);
191 if (it == subprocess_pids_.end()) continue;
192
193 if (WIFEXITED(status)) {
194 if (WEXITSTATUS(status) == EXIT_SUCCESS) {
195 subprocess_pids_.erase(it);
196 } else {
197 LOG(FATAL) << "subprocess exited with status " << WEXITSTATUS(status);
198 }
199 } else if (WIFSIGNALED(status)) {
200 LOG(FATAL) << "subprocess killed by signal " << WTERMSIG(status);
201 }
202 }
203 }
204
Run()205 void ColdBoot::Run() {
206 android::base::Timer cold_boot_timer;
207
208 RegenerateUevents();
209
210 ForkSubProcesses();
211
212 DoRestoreCon();
213
214 WaitForSubProcesses();
215
216 close(open(COLDBOOT_DONE, O_WRONLY | O_CREAT | O_CLOEXEC, 0000));
217 LOG(INFO) << "Coldboot took " << cold_boot_timer.duration().count() / 1000.0f << " seconds";
218 }
219
ueventd_main(int argc,char ** argv)220 int ueventd_main(int argc, char** argv) {
221 /*
222 * init sets the umask to 077 for forked processes. We need to
223 * create files with exact permissions, without modification by
224 * the umask.
225 */
226 umask(000);
227
228 android::base::InitLogging(argv, &android::base::KernelLogger);
229
230 LOG(INFO) << "ueventd started!";
231
232 SelinuxSetupKernelLogging();
233 SelabelInitialize();
234
235 std::vector<std::unique_ptr<UeventHandler>> uevent_handlers;
236
237 // Keep the current product name base configuration so we remain backwards compatible and
238 // allow it to override everything.
239 // TODO: cleanup platform ueventd.rc to remove vendor specific device node entries (b/34968103)
240 auto hardware = android::base::GetProperty("ro.hardware", "");
241
242 auto ueventd_configuration = ParseConfig({"/ueventd.rc", "/vendor/ueventd.rc",
243 "/odm/ueventd.rc", "/ueventd." + hardware + ".rc"});
244
245 uevent_handlers.emplace_back(std::make_unique<DeviceHandler>(
246 std::move(ueventd_configuration.dev_permissions),
247 std::move(ueventd_configuration.sysfs_permissions),
248 std::move(ueventd_configuration.subsystems), android::fs_mgr::GetBootDevices(), true));
249 uevent_handlers.emplace_back(std::make_unique<FirmwareHandler>(
250 std::move(ueventd_configuration.firmware_directories)));
251
252 if (ueventd_configuration.enable_modalias_handling) {
253 uevent_handlers.emplace_back(std::make_unique<ModaliasHandler>());
254 }
255 UeventListener uevent_listener(ueventd_configuration.uevent_socket_rcvbuf_size);
256
257 if (access(COLDBOOT_DONE, F_OK) != 0) {
258 ColdBoot cold_boot(uevent_listener, uevent_handlers);
259 cold_boot.Run();
260 }
261
262 for (auto& uevent_handler : uevent_handlers) {
263 uevent_handler->ColdbootDone();
264 }
265
266 // We use waitpid() in ColdBoot, so we can't ignore SIGCHLD until now.
267 signal(SIGCHLD, SIG_IGN);
268 // Reap and pending children that exited between the last call to waitpid() and setting SIG_IGN
269 // for SIGCHLD above.
270 while (waitpid(-1, nullptr, WNOHANG) > 0) {
271 }
272
273 uevent_listener.Poll([&uevent_handlers](const Uevent& uevent) {
274 for (auto& uevent_handler : uevent_handlers) {
275 uevent_handler->HandleUevent(uevent);
276 }
277 return ListenerAction::kContinue;
278 });
279
280 return 0;
281 }
282
283 } // namespace init
284 } // namespace android
285