1 /*
2 * Copyright (C) 2021 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "tools/tools.h"
18
19 #include <errno.h>
20 #include <fnmatch.h>
21 #include <poll.h>
22 #include <signal.h>
23 #include <stdio.h>
24 #include <unistd.h>
25
26 #include <algorithm>
27 #include <cstdint>
28 #include <ctime>
29 #include <filesystem>
30 #include <functional>
31 #include <regex>
32 #include <string>
33 #include <string_view>
34 #include <system_error>
35 #include <unordered_map>
36 #include <utility>
37 #include <vector>
38
39 #include "android-base/errors.h"
40 #include "android-base/file.h"
41 #include "android-base/function_ref.h"
42 #include "android-base/logging.h"
43 #include "android-base/process.h"
44 #include "android-base/result.h"
45 #include "android-base/strings.h"
46 #include "android-base/unique_fd.h"
47 #include "base/macros.h"
48 #include "base/pidfd.h"
49 #include "fstab/fstab.h"
50
51 namespace art {
52 namespace tools {
53
54 namespace {
55
56 using ::android::base::AllPids;
57 using ::android::base::ConsumeSuffix;
58 using ::android::base::function_ref;
59 using ::android::base::ReadFileToString;
60 using ::android::base::Readlink;
61 using ::android::base::Result;
62 using ::android::base::unique_fd;
63 using ::android::fs_mgr::Fstab;
64 using ::android::fs_mgr::FstabEntry;
65 using ::android::fs_mgr::ReadFstabFromProcMounts;
66 using ::std::placeholders::_1;
67
MilliTime()68 uint64_t MilliTime() {
69 timespec now;
70 clock_gettime(CLOCK_MONOTONIC, &now);
71 return static_cast<uint64_t>(now.tv_sec) * UINT64_C(1000) + now.tv_nsec / UINT64_C(1000000);
72 }
73
74 // Returns true if `path_prefix` matches `pattern` or can be a prefix of a path that matches
75 // `pattern` (i.e., `path_prefix` represents a directory that may contain a file whose path matches
76 // `pattern`).
PartialMatch(const std::filesystem::path & pattern,const std::filesystem::path & path_prefix)77 bool PartialMatch(const std::filesystem::path& pattern, const std::filesystem::path& path_prefix) {
78 for (std::filesystem::path::const_iterator pattern_it = pattern.begin(),
79 path_prefix_it = path_prefix.begin();
80 ; // NOLINT
81 pattern_it++, path_prefix_it++) {
82 if (path_prefix_it == path_prefix.end()) {
83 return true;
84 }
85 if (pattern_it == pattern.end()) {
86 return false;
87 }
88 if (*pattern_it == "**") {
89 return true;
90 }
91 if (fnmatch(pattern_it->c_str(), path_prefix_it->c_str(), /*flags=*/0) != 0) {
92 return false;
93 }
94 }
95 }
96
FullMatchRecursive(const std::filesystem::path & pattern,std::filesystem::path::const_iterator pattern_it,const std::filesystem::path & path,std::filesystem::path::const_iterator path_it,bool double_asterisk_visited=false)97 bool FullMatchRecursive(const std::filesystem::path& pattern,
98 std::filesystem::path::const_iterator pattern_it,
99 const std::filesystem::path& path,
100 std::filesystem::path::const_iterator path_it,
101 bool double_asterisk_visited = false) {
102 if (pattern_it == pattern.end() && path_it == path.end()) {
103 return true;
104 }
105 if (pattern_it == pattern.end()) {
106 return false;
107 }
108 if (*pattern_it == "**") {
109 DCHECK(!double_asterisk_visited);
110 std::filesystem::path::const_iterator next_pattern_it = pattern_it;
111 return FullMatchRecursive(
112 pattern, ++next_pattern_it, path, path_it, /*double_asterisk_visited=*/true) ||
113 (path_it != path.end() && FullMatchRecursive(pattern, pattern_it, path, ++path_it));
114 }
115 if (path_it == path.end()) {
116 return false;
117 }
118 if (fnmatch(pattern_it->c_str(), path_it->c_str(), /*flags=*/0) != 0) {
119 return false;
120 }
121 return FullMatchRecursive(pattern, ++pattern_it, path, ++path_it);
122 }
123
124 // Returns true if `path` fully matches `pattern`.
FullMatch(const std::filesystem::path & pattern,const std::filesystem::path & path)125 bool FullMatch(const std::filesystem::path& pattern, const std::filesystem::path& path) {
126 return FullMatchRecursive(pattern, pattern.begin(), path, path.begin());
127 }
128
MatchGlobRecursive(const std::vector<std::filesystem::path> & patterns,const std::filesystem::path & root_dir,std::vector<std::string> * results)129 void MatchGlobRecursive(const std::vector<std::filesystem::path>& patterns,
130 const std::filesystem::path& root_dir,
131 /*out*/ std::vector<std::string>* results) {
132 std::error_code ec;
133 for (auto it = std::filesystem::recursive_directory_iterator(
134 root_dir, std::filesystem::directory_options::skip_permission_denied, ec);
135 !ec && it != std::filesystem::end(it);
136 it.increment(ec)) {
137 const std::filesystem::directory_entry& entry = *it;
138 if (std::none_of(patterns.begin(), patterns.end(), std::bind(PartialMatch, _1, entry.path()))) {
139 // Avoid unnecessary I/O and SELinux denials.
140 it.disable_recursion_pending();
141 continue;
142 }
143 std::error_code ec2;
144 if (entry.is_regular_file(ec2) &&
145 std::any_of(patterns.begin(), patterns.end(), std::bind(FullMatch, _1, entry.path()))) {
146 results->push_back(entry.path());
147 }
148 if (ec2) {
149 // It's expected that we don't have permission to stat some dirs/files, and we don't care
150 // about them.
151 if (ec2.value() != EACCES) {
152 LOG(ERROR) << ART_FORMAT("Unable to lstat '{}': {}", entry.path().string(), ec2.message());
153 }
154 continue;
155 }
156 }
157 if (ec) {
158 LOG(ERROR) << ART_FORMAT("Unable to walk through '{}': {}", root_dir.string(), ec.message());
159 }
160 }
161
162 } // namespace
163
Glob(const std::vector<std::string> & patterns,std::string_view root_dir)164 std::vector<std::string> Glob(const std::vector<std::string>& patterns, std::string_view root_dir) {
165 std::vector<std::filesystem::path> parsed_patterns;
166 parsed_patterns.reserve(patterns.size());
167 for (std::string_view pattern : patterns) {
168 parsed_patterns.emplace_back(pattern);
169 }
170 std::vector<std::string> results;
171 MatchGlobRecursive(parsed_patterns, root_dir, &results);
172 return results;
173 }
174
EscapeGlob(const std::string & str)175 std::string EscapeGlob(const std::string& str) {
176 return std::regex_replace(str, std::regex(R"re(\*|\?|\[)re"), "[$&]");
177 }
178
PathStartsWith(std::string_view path,std::string_view prefix)179 bool PathStartsWith(std::string_view path, std::string_view prefix) {
180 CHECK(!prefix.empty() && !path.empty() && prefix[0] == '/' && path[0] == '/')
181 << ART_FORMAT("path={}, prefix={}", path, prefix);
182 ConsumeSuffix(&prefix, "/");
183 return path.starts_with(prefix) &&
184 (path.length() == prefix.length() || path[prefix.length()] == '/');
185 }
186
GetProcMountsMatches(function_ref<bool (std::string_view)> predicate)187 static Result<std::vector<FstabEntry>> GetProcMountsMatches(
188 function_ref<bool(std::string_view)> predicate) {
189 Fstab fstab;
190 if (!ReadFstabFromProcMounts(&fstab)) {
191 return Errorf("Failed to read fstab from /proc/mounts");
192 }
193 std::vector<FstabEntry> entries;
194 for (FstabEntry& entry : fstab) {
195 // Ignore swap areas as a swap area doesn't have a meaningful `mount_point` (a.k.a., `fs_file`)
196 // field, according to fstab(5). In addition, ignore any other entries whose mount points are
197 // not absolute paths, just in case there are other fs types that also have an meaningless mount
198 // point.
199 if (entry.fs_type == "swap" || !entry.mount_point.starts_with('/')) {
200 continue;
201 }
202 if (predicate(entry.mount_point)) {
203 entries.push_back(std::move(entry));
204 }
205 }
206 return entries;
207 }
208
GetProcMountsAncestorsOfPath(std::string_view path)209 Result<std::vector<FstabEntry>> GetProcMountsAncestorsOfPath(std::string_view path) {
210 return GetProcMountsMatches(
211 [&](std::string_view mount_point) { return PathStartsWith(path, mount_point); });
212 }
213
GetProcMountsDescendantsOfPath(std::string_view path)214 Result<std::vector<FstabEntry>> GetProcMountsDescendantsOfPath(std::string_view path) {
215 return GetProcMountsMatches(
216 [&](std::string_view mount_point) { return PathStartsWith(mount_point, path); });
217 }
218
EnsureNoProcessInDir(const std::string & dir,uint32_t timeout_ms,bool try_kill)219 Result<void> EnsureNoProcessInDir(const std::string& dir, uint32_t timeout_ms, bool try_kill) {
220 // Pairs of pid and process name, indexed by pidfd.
221 std::unordered_map<int, std::pair<pid_t, std::string>> running_processes;
222 std::vector<struct pollfd> pollfds;
223 std::vector<unique_fd> pidfds;
224
225 for (pid_t pid : AllPids()) {
226 std::string exe;
227 if (!Readlink(ART_FORMAT("/proc/{}/exe", pid), &exe)) {
228 // The caller may not have access to all processes. That's okay. When using this method, we
229 // must grant the caller access to the processes that we are interested in.
230 continue;
231 }
232
233 if (PathStartsWith(exe, dir)) {
234 unique_fd pidfd = PidfdOpen(pid, /*flags=*/0);
235 if (pidfd < 0) {
236 if (errno == ESRCH) {
237 // The process has gone now.
238 continue;
239 }
240 return ErrnoErrorf("Failed to pidfd_open {}", pid);
241 }
242
243 std::string name;
244 if (!ReadFileToString(ART_FORMAT("/proc/{}/comm", pid), &name)) {
245 PLOG(WARNING) << "Failed to get process name for pid " << pid;
246 }
247 size_t pos = name.find_first_of("\n\0");
248 if (pos != std::string::npos) {
249 name.resize(pos);
250 }
251 LOG(INFO) << ART_FORMAT(
252 "Process '{}' (pid: {}) is still running. Waiting for it to exit", name, pid);
253
254 struct pollfd& pollfd = pollfds.emplace_back();
255 pollfd.fd = pidfd.get();
256 pollfd.events = POLLIN;
257
258 running_processes[pidfd.get()] = std::make_pair(pid, std::move(name));
259 pidfds.push_back(std::move(pidfd));
260 }
261 }
262
263 auto wait_for_processes = [&]() -> Result<void> {
264 uint64_t start_time_ms = MilliTime();
265 uint64_t remaining_timeout_ms = timeout_ms;
266 while (!running_processes.empty() && remaining_timeout_ms > 0) {
267 int poll_ret = TEMP_FAILURE_RETRY(poll(pollfds.data(), pollfds.size(), remaining_timeout_ms));
268 if (poll_ret < 0) {
269 return ErrnoErrorf("Failed to poll pidfd's");
270 }
271 if (poll_ret == 0) {
272 // Timeout.
273 break;
274 }
275 uint64_t elapsed_time_ms = MilliTime() - start_time_ms;
276 for (struct pollfd& pollfd : pollfds) {
277 if (pollfd.fd < 0) {
278 continue;
279 }
280 if ((pollfd.revents & POLLIN) != 0) {
281 const auto& [pid, name] = running_processes[pollfd.fd];
282 LOG(INFO) << ART_FORMAT(
283 "Process '{}' (pid: {}) exited in {}ms", name, pid, elapsed_time_ms);
284 running_processes.erase(pollfd.fd);
285 pollfd.fd = -1;
286 }
287 }
288 remaining_timeout_ms = timeout_ms - elapsed_time_ms;
289 }
290 return {};
291 };
292
293 OR_RETURN(wait_for_processes());
294
295 bool process_killed = false;
296 for (const auto& [pidfd, pair] : running_processes) {
297 const auto& [pid, name] = pair;
298 LOG(ERROR) << ART_FORMAT(
299 "Process '{}' (pid: {}) is still running after {}ms", name, pid, timeout_ms);
300 if (try_kill) {
301 LOG(INFO) << ART_FORMAT("Killing '{}' (pid: {})", name, pid);
302 if (kill(pid, SIGKILL) != 0) {
303 PLOG(ERROR) << ART_FORMAT("Failed to kill '{}' (pid: {})", name, pid);
304 }
305 process_killed = true;
306 }
307 }
308
309 if (process_killed) {
310 // Wait another round for processes to exit after being killed.
311 OR_RETURN(wait_for_processes());
312 }
313 if (!running_processes.empty()) {
314 return Errorf("Some process(es) are still running after {}ms", timeout_ms);
315 }
316 return {};
317 }
318
319 } // namespace tools
320 } // namespace art
321