1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "nativebridge/native_bridge.h"
18
19 #include <cstring>
20 #include <cutils/log.h>
21 #include <dlfcn.h>
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <stdio.h>
25 #include <sys/mount.h>
26 #include <sys/stat.h>
27
28
29 namespace android {
30
31 // Environment values required by the apps running with native bridge.
32 struct NativeBridgeRuntimeValues {
33 const char* os_arch;
34 const char* cpu_abi;
35 const char* cpu_abi2;
36 const char* *supported_abis;
37 int32_t abi_count;
38 };
39
40 // The symbol name exposed by native-bridge with the type of NativeBridgeCallbacks.
41 static constexpr const char* kNativeBridgeInterfaceSymbol = "NativeBridgeItf";
42
43 enum class NativeBridgeState {
44 kNotSetup, // Initial state.
45 kOpened, // After successful dlopen.
46 kInitialized, // After successful initialization.
47 kClosed // Closed or errors.
48 };
49
50 static const char* kNotSetupString = "kNotSetup";
51 static const char* kOpenedString = "kOpened";
52 static const char* kInitializedString = "kInitialized";
53 static const char* kClosedString = "kClosed";
54
GetNativeBridgeStateString(NativeBridgeState state)55 static const char* GetNativeBridgeStateString(NativeBridgeState state) {
56 switch (state) {
57 case NativeBridgeState::kNotSetup:
58 return kNotSetupString;
59
60 case NativeBridgeState::kOpened:
61 return kOpenedString;
62
63 case NativeBridgeState::kInitialized:
64 return kInitializedString;
65
66 case NativeBridgeState::kClosed:
67 return kClosedString;
68 }
69 }
70
71 // Current state of the native bridge.
72 static NativeBridgeState state = NativeBridgeState::kNotSetup;
73
74 // Whether we had an error at some point.
75 static bool had_error = false;
76
77 // Handle of the loaded library.
78 static void* native_bridge_handle = nullptr;
79 // Pointer to the callbacks. Available as soon as LoadNativeBridge succeeds, but only initialized
80 // later.
81 static NativeBridgeCallbacks* callbacks = nullptr;
82 // Callbacks provided by the environment to the bridge. Passed to LoadNativeBridge.
83 static const NativeBridgeRuntimeCallbacks* runtime_callbacks = nullptr;
84
85 // The app's data directory.
86 static char* app_data_dir = nullptr;
87
88 static constexpr uint32_t kNativeBridgeCallbackVersion = 1;
89
90 // Characters allowed in a native bridge filename. The first character must
91 // be in [a-zA-Z] (expected 'l' for "libx"). The rest must be in [a-zA-Z0-9._-].
CharacterAllowed(char c,bool first)92 static bool CharacterAllowed(char c, bool first) {
93 if (first) {
94 return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z');
95 } else {
96 return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z') || ('0' <= c && c <= '9') ||
97 (c == '.') || (c == '_') || (c == '-');
98 }
99 }
100
101 // We only allow simple names for the library. It is supposed to be a file in
102 // /system/lib or /vendor/lib. Only allow a small range of characters, that is
103 // names consisting of [a-zA-Z0-9._-] and starting with [a-zA-Z].
NativeBridgeNameAcceptable(const char * nb_library_filename)104 bool NativeBridgeNameAcceptable(const char* nb_library_filename) {
105 const char* ptr = nb_library_filename;
106 if (*ptr == 0) {
107 // Emptry string. Allowed, means no native bridge.
108 return true;
109 } else {
110 // First character must be [a-zA-Z].
111 if (!CharacterAllowed(*ptr, true)) {
112 // Found an invalid fist character, don't accept.
113 ALOGE("Native bridge library %s has been rejected for first character %c", nb_library_filename, *ptr);
114 return false;
115 } else {
116 // For the rest, be more liberal.
117 ptr++;
118 while (*ptr != 0) {
119 if (!CharacterAllowed(*ptr, false)) {
120 // Found an invalid character, don't accept.
121 ALOGE("Native bridge library %s has been rejected for %c", nb_library_filename, *ptr);
122 return false;
123 }
124 ptr++;
125 }
126 }
127 return true;
128 }
129 }
130
VersionCheck(NativeBridgeCallbacks * cb)131 static bool VersionCheck(NativeBridgeCallbacks* cb) {
132 return cb != nullptr && cb->version == kNativeBridgeCallbackVersion;
133 }
134
LoadNativeBridge(const char * nb_library_filename,const NativeBridgeRuntimeCallbacks * runtime_cbs)135 bool LoadNativeBridge(const char* nb_library_filename,
136 const NativeBridgeRuntimeCallbacks* runtime_cbs) {
137 // We expect only one place that calls LoadNativeBridge: Runtime::Init. At that point we are not
138 // multi-threaded, so we do not need locking here.
139
140 if (state != NativeBridgeState::kNotSetup) {
141 // Setup has been called before. Ignore this call.
142 if (nb_library_filename != nullptr) { // Avoids some log-spam for dalvikvm.
143 ALOGW("Called LoadNativeBridge for an already set up native bridge. State is %s.",
144 GetNativeBridgeStateString(state));
145 }
146 // Note: counts as an error, even though the bridge may be functional.
147 had_error = true;
148 return false;
149 }
150
151 if (nb_library_filename == nullptr || *nb_library_filename == 0) {
152 state = NativeBridgeState::kClosed;
153 return true;
154 } else {
155 if (!NativeBridgeNameAcceptable(nb_library_filename)) {
156 state = NativeBridgeState::kClosed;
157 had_error = true;
158 } else {
159 // Try to open the library.
160 void* handle = dlopen(nb_library_filename, RTLD_LAZY);
161 if (handle != nullptr) {
162 callbacks = reinterpret_cast<NativeBridgeCallbacks*>(dlsym(handle,
163 kNativeBridgeInterfaceSymbol));
164 if (callbacks != nullptr) {
165 if (VersionCheck(callbacks)) {
166 // Store the handle for later.
167 native_bridge_handle = handle;
168 } else {
169 callbacks = nullptr;
170 dlclose(handle);
171 ALOGW("Unsupported native bridge interface.");
172 }
173 } else {
174 dlclose(handle);
175 }
176 }
177
178 // Two failure conditions: could not find library (dlopen failed), or could not find native
179 // bridge interface (dlsym failed). Both are an error and close the native bridge.
180 if (callbacks == nullptr) {
181 had_error = true;
182 state = NativeBridgeState::kClosed;
183 } else {
184 runtime_callbacks = runtime_cbs;
185 state = NativeBridgeState::kOpened;
186 }
187 }
188 return state == NativeBridgeState::kOpened;
189 }
190 }
191
192 #if defined(__arm__)
193 static const char* kRuntimeISA = "arm";
194 #elif defined(__aarch64__)
195 static const char* kRuntimeISA = "arm64";
196 #elif defined(__mips__)
197 static const char* kRuntimeISA = "mips";
198 #elif defined(__i386__)
199 static const char* kRuntimeISA = "x86";
200 #elif defined(__x86_64__)
201 static const char* kRuntimeISA = "x86_64";
202 #else
203 static const char* kRuntimeISA = "unknown";
204 #endif
205
206
NeedsNativeBridge(const char * instruction_set)207 bool NeedsNativeBridge(const char* instruction_set) {
208 if (instruction_set == nullptr) {
209 ALOGE("Null instruction set in NeedsNativeBridge.");
210 return false;
211 }
212 return strncmp(instruction_set, kRuntimeISA, strlen(kRuntimeISA) + 1) != 0;
213 }
214
215 #ifdef __APPLE__
UNUSED(const T &)216 template<typename T> void UNUSED(const T&) {}
217 #endif
218
PreInitializeNativeBridge(const char * app_data_dir_in,const char * instruction_set)219 void PreInitializeNativeBridge(const char* app_data_dir_in, const char* instruction_set) {
220 if (app_data_dir_in == nullptr) {
221 return;
222 }
223
224 const size_t len = strlen(app_data_dir_in);
225 // Make a copy for us.
226 app_data_dir = new char[len];
227 strncpy(app_data_dir, app_data_dir_in, len);
228
229 #ifndef __APPLE__
230 if (instruction_set == nullptr) {
231 return;
232 }
233 size_t isa_len = strlen(instruction_set);
234 if (isa_len > 10) {
235 // 10 is a loose upper bound on the currently known instruction sets (a tight bound is 7 for
236 // x86_64 [including the trailing \0]). This is so we don't have to change here if there will
237 // be another instruction set in the future.
238 ALOGW("Instruction set %s is malformed, must be less than or equal to 10 characters.",
239 instruction_set);
240 return;
241 }
242
243 // Bind-mount /system/lib{,64}/<isa>/cpuinfo to /proc/cpuinfo. If the file does not exist, the
244 // mount command will fail, so we safe the extra file existence check...
245 char cpuinfo_path[1024];
246
247 #ifdef HAVE_ANDROID_OS
248 snprintf(cpuinfo_path, sizeof(cpuinfo_path), "/system/lib"
249 #ifdef __LP64__
250 "64"
251 #endif // __LP64__
252 "/%s/cpuinfo", instruction_set);
253 #else // !HAVE_ANDROID_OS
254 // To be able to test on the host, we hardwire a relative path.
255 snprintf(cpuinfo_path, sizeof(cpuinfo_path), "./cpuinfo");
256 #endif
257
258 // Bind-mount.
259 if (TEMP_FAILURE_RETRY(mount(cpuinfo_path, // Source.
260 "/proc/cpuinfo", // Target.
261 nullptr, // FS type.
262 MS_BIND, // Mount flags: bind mount.
263 nullptr)) == -1) { // "Data."
264 ALOGW("Failed to bind-mount %s as /proc/cpuinfo: %s", cpuinfo_path, strerror(errno));
265 }
266 #else
267 UNUSED(instruction_set);
268 ALOGW("Mac OS does not support bind-mounting. Host simulation of native bridge impossible.");
269 #endif
270 }
271
SetCpuAbi(JNIEnv * env,jclass build_class,const char * field,const char * value)272 static void SetCpuAbi(JNIEnv* env, jclass build_class, const char* field, const char* value) {
273 if (value != nullptr) {
274 jfieldID field_id = env->GetStaticFieldID(build_class, field, "Ljava/lang/String;");
275 if (field_id == nullptr) {
276 env->ExceptionClear();
277 ALOGW("Could not find %s field.", field);
278 return;
279 }
280
281 jstring str = env->NewStringUTF(value);
282 if (str == nullptr) {
283 env->ExceptionClear();
284 ALOGW("Could not create string %s.", value);
285 return;
286 }
287
288 env->SetStaticObjectField(build_class, field_id, str);
289 }
290 }
291
292 // Set up the environment for the bridged app.
SetupEnvironment(NativeBridgeCallbacks * callbacks,JNIEnv * env,const char * isa)293 static void SetupEnvironment(NativeBridgeCallbacks* callbacks, JNIEnv* env, const char* isa) {
294 // Need a JNIEnv* to do anything.
295 if (env == nullptr) {
296 ALOGW("No JNIEnv* to set up app environment.");
297 return;
298 }
299
300 // Query the bridge for environment values.
301 const struct NativeBridgeRuntimeValues* env_values = callbacks->getAppEnv(isa);
302 if (env_values == nullptr) {
303 return;
304 }
305
306 // Keep the JNIEnv clean.
307 jint success = env->PushLocalFrame(16); // That should be small and large enough.
308 if (success < 0) {
309 // Out of memory, really borked.
310 ALOGW("Out of memory while setting up app environment.");
311 env->ExceptionClear();
312 return;
313 }
314
315 // Reset CPU_ABI & CPU_ABI2 to values required by the apps running with native bridge.
316 if (env_values->cpu_abi != nullptr || env_values->cpu_abi2 != nullptr ||
317 env_values->abi_count >= 0) {
318 jclass bclass_id = env->FindClass("android/os/Build");
319 if (bclass_id != nullptr) {
320 SetCpuAbi(env, bclass_id, "CPU_ABI", env_values->cpu_abi);
321 SetCpuAbi(env, bclass_id, "CPU_ABI2", env_values->cpu_abi2);
322 } else {
323 // For example in a host test environment.
324 env->ExceptionClear();
325 ALOGW("Could not find Build class.");
326 }
327 }
328
329 if (env_values->os_arch != nullptr) {
330 jclass sclass_id = env->FindClass("java/lang/System");
331 if (sclass_id != nullptr) {
332 jmethodID set_prop_id = env->GetStaticMethodID(sclass_id, "initUnchangeableSystemProperty",
333 "(Ljava/lang/String;Ljava/lang/String;)V");
334 if (set_prop_id != nullptr) {
335 // Init os.arch to the value reqired by the apps running with native bridge.
336 env->CallStaticVoidMethod(sclass_id, set_prop_id, env->NewStringUTF("os.arch"),
337 env->NewStringUTF(env_values->os_arch));
338 } else {
339 env->ExceptionClear();
340 ALOGW("Could not find initUnchangeableSystemProperty method.");
341 }
342 } else {
343 env->ExceptionClear();
344 ALOGW("Could not find System class.");
345 }
346 }
347
348 // Make it pristine again.
349 env->PopLocalFrame(nullptr);
350 }
351
InitializeNativeBridge(JNIEnv * env,const char * instruction_set)352 bool InitializeNativeBridge(JNIEnv* env, const char* instruction_set) {
353 // We expect only one place that calls InitializeNativeBridge: Runtime::DidForkFromZygote. At that
354 // point we are not multi-threaded, so we do not need locking here.
355
356 if (state == NativeBridgeState::kOpened) {
357 // Try to initialize.
358 if (callbacks->initialize(runtime_callbacks, app_data_dir, instruction_set)) {
359 SetupEnvironment(callbacks, env, instruction_set);
360 state = NativeBridgeState::kInitialized;
361 } else {
362 // Unload the library.
363 dlclose(native_bridge_handle);
364 had_error = true;
365 state = NativeBridgeState::kClosed;
366 }
367 } else {
368 had_error = true;
369 state = NativeBridgeState::kClosed;
370 }
371
372 return state == NativeBridgeState::kInitialized;
373 }
374
UnloadNativeBridge()375 void UnloadNativeBridge() {
376 // We expect only one place that calls UnloadNativeBridge: Runtime::DidForkFromZygote. At that
377 // point we are not multi-threaded, so we do not need locking here.
378
379 switch(state) {
380 case NativeBridgeState::kOpened:
381 case NativeBridgeState::kInitialized:
382 // Unload.
383 dlclose(native_bridge_handle);
384 break;
385
386 case NativeBridgeState::kNotSetup:
387 // Not even set up. Error.
388 had_error = true;
389 break;
390
391 case NativeBridgeState::kClosed:
392 // Ignore.
393 break;
394 }
395
396 state = NativeBridgeState::kClosed;
397 }
398
NativeBridgeError()399 bool NativeBridgeError() {
400 return had_error;
401 }
402
NativeBridgeAvailable()403 bool NativeBridgeAvailable() {
404 return state == NativeBridgeState::kOpened || state == NativeBridgeState::kInitialized;
405 }
406
NativeBridgeInitialized()407 bool NativeBridgeInitialized() {
408 // Calls of this are supposed to happen in a state where the native bridge is stable, i.e., after
409 // Runtime::DidForkFromZygote. In that case we do not need a lock.
410 return state == NativeBridgeState::kInitialized;
411 }
412
NativeBridgeLoadLibrary(const char * libpath,int flag)413 void* NativeBridgeLoadLibrary(const char* libpath, int flag) {
414 if (NativeBridgeInitialized()) {
415 return callbacks->loadLibrary(libpath, flag);
416 }
417 return nullptr;
418 }
419
NativeBridgeGetTrampoline(void * handle,const char * name,const char * shorty,uint32_t len)420 void* NativeBridgeGetTrampoline(void* handle, const char* name, const char* shorty,
421 uint32_t len) {
422 if (NativeBridgeInitialized()) {
423 return callbacks->getTrampoline(handle, name, shorty, len);
424 }
425 return nullptr;
426 }
427
NativeBridgeIsSupported(const char * libpath)428 bool NativeBridgeIsSupported(const char* libpath) {
429 if (NativeBridgeInitialized()) {
430 return callbacks->isSupported(libpath);
431 }
432 return false;
433 }
434
435 }; // namespace android
436