1 /*
2 ** Copyright 2008, The Android Open Source Project
3 **
4 ** Licensed under the Apache License, Version 2.0 (the "License");
5 ** you may not use this file except in compliance with the License.
6 ** You may obtain a copy of the License at
7 **
8 ** http://www.apache.org/licenses/LICENSE-2.0
9 **
10 ** Unless required by applicable law or agreed to in writing, software
11 ** distributed under the License is distributed on an "AS IS" BASIS,
12 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 ** See the License for the specific language governing permissions and
14 ** limitations under the License.
15 */
16
17 #include "commands.h"
18
19 #include <errno.h>
20 #include <inttypes.h>
21 #include <regex>
22 #include <stdlib.h>
23 #include <sys/capability.h>
24 #include <sys/file.h>
25 #include <sys/resource.h>
26 #include <sys/stat.h>
27 #include <sys/types.h>
28 #include <sys/wait.h>
29 #include <sys/xattr.h>
30 #include <unistd.h>
31
32 #include <android-base/logging.h>
33 #include <android-base/stringprintf.h>
34 #include <android-base/strings.h>
35 #include <android-base/unique_fd.h>
36 #include <cutils/fs.h>
37 #include <cutils/log.h> // TODO: Move everything to base/logging.
38 #include <cutils/sched_policy.h>
39 #include <diskusage/dirsize.h>
40 #include <logwrap/logwrap.h>
41 #include <private/android_filesystem_config.h>
42 #include <selinux/android.h>
43 #include <system/thread_defs.h>
44
45 #include <globals.h>
46 #include <installd_deps.h>
47 #include <otapreopt_utils.h>
48 #include <utils.h>
49
50 #ifndef LOG_TAG
51 #define LOG_TAG "installd"
52 #endif
53
54 using android::base::EndsWith;
55 using android::base::StringPrintf;
56
57 namespace android {
58 namespace installd {
59
60 static constexpr const char* kCpPath = "/system/bin/cp";
61 static constexpr const char* kXattrDefault = "user.default";
62
63 static constexpr const char* PKG_LIB_POSTFIX = "/lib";
64 static constexpr const char* CACHE_DIR_POSTFIX = "/cache";
65 static constexpr const char* CODE_CACHE_DIR_POSTFIX = "/code_cache";
66
67 static constexpr const char* IDMAP_PREFIX = "/data/resource-cache/";
68 static constexpr const char* IDMAP_SUFFIX = "@idmap";
69
70 // NOTE: keep in sync with StorageManager
71 static constexpr int FLAG_STORAGE_DE = 1 << 0;
72 static constexpr int FLAG_STORAGE_CE = 1 << 1;
73
74 // NOTE: keep in sync with Installer
75 static constexpr int FLAG_CLEAR_CACHE_ONLY = 1 << 8;
76 static constexpr int FLAG_CLEAR_CODE_CACHE_ONLY = 1 << 9;
77
78 /* dexopt needed flags matching those in dalvik.system.DexFile */
79 static constexpr int DEXOPT_DEX2OAT_NEEDED = 1;
80 static constexpr int DEXOPT_PATCHOAT_NEEDED = 2;
81 static constexpr int DEXOPT_SELF_PATCHOAT_NEEDED = 3;
82
83 #define MIN_RESTRICTED_HOME_SDK_VERSION 24 // > M
84
85 typedef int fd_t;
86
property_get_bool(const char * property_name,bool default_value=false)87 static bool property_get_bool(const char* property_name, bool default_value = false) {
88 char tmp_property_value[kPropertyValueMax];
89 bool have_property = get_property(property_name, tmp_property_value, nullptr) > 0;
90 if (!have_property) {
91 return default_value;
92 }
93 return strcmp(tmp_property_value, "true") == 0;
94 }
95
96 // Keep profile paths in sync with ActivityThread.
97 constexpr const char* PRIMARY_PROFILE_NAME = "primary.prof";
create_primary_profile(const std::string & profile_dir)98 static std::string create_primary_profile(const std::string& profile_dir) {
99 return StringPrintf("%s/%s", profile_dir.c_str(), PRIMARY_PROFILE_NAME);
100 }
101
102 /**
103 * Perform restorecon of the given path, but only perform recursive restorecon
104 * if the label of that top-level file actually changed. This can save us
105 * significant time by avoiding no-op traversals of large filesystem trees.
106 */
restorecon_app_data_lazy(const std::string & path,const char * seinfo,uid_t uid)107 static int restorecon_app_data_lazy(const std::string& path, const char* seinfo, uid_t uid) {
108 int res = 0;
109 char* before = nullptr;
110 char* after = nullptr;
111
112 // Note that SELINUX_ANDROID_RESTORECON_DATADATA flag is set by
113 // libselinux. Not needed here.
114
115 if (lgetfilecon(path.c_str(), &before) < 0) {
116 PLOG(ERROR) << "Failed before getfilecon for " << path;
117 goto fail;
118 }
119 if (selinux_android_restorecon_pkgdir(path.c_str(), seinfo, uid, 0) < 0) {
120 PLOG(ERROR) << "Failed top-level restorecon for " << path;
121 goto fail;
122 }
123 if (lgetfilecon(path.c_str(), &after) < 0) {
124 PLOG(ERROR) << "Failed after getfilecon for " << path;
125 goto fail;
126 }
127
128 // If the initial top-level restorecon above changed the label, then go
129 // back and restorecon everything recursively
130 if (strcmp(before, after)) {
131 LOG(DEBUG) << "Detected label change from " << before << " to " << after << " at " << path
132 << "; running recursive restorecon";
133 if (selinux_android_restorecon_pkgdir(path.c_str(), seinfo, uid,
134 SELINUX_ANDROID_RESTORECON_RECURSE) < 0) {
135 PLOG(ERROR) << "Failed recursive restorecon for " << path;
136 goto fail;
137 }
138 }
139
140 goto done;
141 fail:
142 res = -1;
143 done:
144 free(before);
145 free(after);
146 return res;
147 }
148
restorecon_app_data_lazy(const std::string & parent,const char * name,const char * seinfo,uid_t uid)149 static int restorecon_app_data_lazy(const std::string& parent, const char* name, const char* seinfo,
150 uid_t uid) {
151 return restorecon_app_data_lazy(StringPrintf("%s/%s", parent.c_str(), name), seinfo, uid);
152 }
153
prepare_app_dir(const std::string & path,mode_t target_mode,uid_t uid)154 static int prepare_app_dir(const std::string& path, mode_t target_mode, uid_t uid) {
155 if (fs_prepare_dir_strict(path.c_str(), target_mode, uid, uid) != 0) {
156 PLOG(ERROR) << "Failed to prepare " << path;
157 return -1;
158 }
159 return 0;
160 }
161
prepare_app_dir(const std::string & parent,const char * name,mode_t target_mode,uid_t uid)162 static int prepare_app_dir(const std::string& parent, const char* name, mode_t target_mode,
163 uid_t uid) {
164 return prepare_app_dir(StringPrintf("%s/%s", parent.c_str(), name), target_mode, uid);
165 }
166
create_app_data(const char * uuid,const char * pkgname,userid_t userid,int flags,appid_t appid,const char * seinfo,int target_sdk_version)167 int create_app_data(const char *uuid, const char *pkgname, userid_t userid, int flags,
168 appid_t appid, const char* seinfo, int target_sdk_version) {
169 uid_t uid = multiuser_get_uid(userid, appid);
170 mode_t target_mode = target_sdk_version >= MIN_RESTRICTED_HOME_SDK_VERSION ? 0700 : 0751;
171 if (flags & FLAG_STORAGE_CE) {
172 auto path = create_data_user_ce_package_path(uuid, userid, pkgname);
173 if (prepare_app_dir(path, target_mode, uid) ||
174 prepare_app_dir(path, "cache", 0771, uid) ||
175 prepare_app_dir(path, "code_cache", 0771, uid)) {
176 return -1;
177 }
178
179 // Consider restorecon over contents if label changed
180 if (restorecon_app_data_lazy(path, seinfo, uid) ||
181 restorecon_app_data_lazy(path, "cache", seinfo, uid) ||
182 restorecon_app_data_lazy(path, "code_cache", seinfo, uid)) {
183 return -1;
184 }
185
186 // Remember inode numbers of cache directories so that we can clear
187 // contents while CE storage is locked
188 if (write_path_inode(path, "cache", kXattrInodeCache) ||
189 write_path_inode(path, "code_cache", kXattrInodeCodeCache)) {
190 return -1;
191 }
192 }
193 if (flags & FLAG_STORAGE_DE) {
194 auto path = create_data_user_de_package_path(uuid, userid, pkgname);
195 if (prepare_app_dir(path, target_mode, uid)) {
196 // TODO: include result once 25796509 is fixed
197 return 0;
198 }
199
200 // Consider restorecon over contents if label changed
201 if (restorecon_app_data_lazy(path, seinfo, uid)) {
202 return -1;
203 }
204
205 if (property_get_bool("dalvik.vm.usejitprofiles")) {
206 const std::string profile_path = create_data_user_profile_package_path(userid, pkgname);
207 // read-write-execute only for the app user.
208 if (fs_prepare_dir_strict(profile_path.c_str(), 0700, uid, uid) != 0) {
209 PLOG(ERROR) << "Failed to prepare " << profile_path;
210 return -1;
211 }
212 std::string profile_file = create_primary_profile(profile_path);
213 // read-write only for the app user.
214 if (fs_prepare_file_strict(profile_file.c_str(), 0600, uid, uid) != 0) {
215 PLOG(ERROR) << "Failed to prepare " << profile_path;
216 return -1;
217 }
218 const std::string ref_profile_path = create_data_ref_profile_package_path(pkgname);
219 // dex2oat/profman runs under the shared app gid and it needs to read/write reference
220 // profiles.
221 appid_t shared_app_gid = multiuser_get_shared_app_gid(uid);
222 if (fs_prepare_dir_strict(
223 ref_profile_path.c_str(), 0700, shared_app_gid, shared_app_gid) != 0) {
224 PLOG(ERROR) << "Failed to prepare " << ref_profile_path;
225 return -1;
226 }
227 }
228 }
229 return 0;
230 }
231
migrate_app_data(const char * uuid,const char * pkgname,userid_t userid,int flags)232 int migrate_app_data(const char *uuid, const char *pkgname, userid_t userid, int flags) {
233 // This method only exists to upgrade system apps that have requested
234 // forceDeviceEncrypted, so their default storage always lives in a
235 // consistent location. This only works on non-FBE devices, since we
236 // never want to risk exposing data on a device with real CE/DE storage.
237
238 auto ce_path = create_data_user_ce_package_path(uuid, userid, pkgname);
239 auto de_path = create_data_user_de_package_path(uuid, userid, pkgname);
240
241 // If neither directory is marked as default, assume CE is default
242 if (getxattr(ce_path.c_str(), kXattrDefault, nullptr, 0) == -1
243 && getxattr(de_path.c_str(), kXattrDefault, nullptr, 0) == -1) {
244 if (setxattr(ce_path.c_str(), kXattrDefault, nullptr, 0, 0) != 0) {
245 PLOG(ERROR) << "Failed to mark default storage " << ce_path;
246 return -1;
247 }
248 }
249
250 // Migrate default data location if needed
251 auto target = (flags & FLAG_STORAGE_DE) ? de_path : ce_path;
252 auto source = (flags & FLAG_STORAGE_DE) ? ce_path : de_path;
253
254 if (getxattr(target.c_str(), kXattrDefault, nullptr, 0) == -1) {
255 LOG(WARNING) << "Requested default storage " << target
256 << " is not active; migrating from " << source;
257 if (delete_dir_contents_and_dir(target) != 0) {
258 PLOG(ERROR) << "Failed to delete";
259 return -1;
260 }
261 if (rename(source.c_str(), target.c_str()) != 0) {
262 PLOG(ERROR) << "Failed to rename";
263 return -1;
264 }
265 }
266
267 return 0;
268 }
269
clear_profile(const std::string & profile)270 static bool clear_profile(const std::string& profile) {
271 base::unique_fd ufd(open(profile.c_str(), O_WRONLY | O_NOFOLLOW | O_CLOEXEC));
272 if (ufd.get() < 0) {
273 if (errno != ENOENT) {
274 PLOG(WARNING) << "Could not open profile " << profile;
275 return false;
276 } else {
277 // Nothing to clear. That's ok.
278 return true;
279 }
280 }
281
282 if (flock(ufd.get(), LOCK_EX | LOCK_NB) != 0) {
283 if (errno != EWOULDBLOCK) {
284 PLOG(WARNING) << "Error locking profile " << profile;
285 }
286 // This implies that the app owning this profile is running
287 // (and has acquired the lock).
288 //
289 // If we can't acquire the lock bail out since clearing is useless anyway
290 // (the app will write again to the profile).
291 //
292 // Note:
293 // This does not impact the this is not an issue for the profiling correctness.
294 // In case this is needed because of an app upgrade, profiles will still be
295 // eventually cleared by the app itself due to checksum mismatch.
296 // If this is needed because profman advised, then keeping the data around
297 // until the next run is again not an issue.
298 //
299 // If the app attempts to acquire a lock while we've held one here,
300 // it will simply skip the current write cycle.
301 return false;
302 }
303
304 bool truncated = ftruncate(ufd.get(), 0) == 0;
305 if (!truncated) {
306 PLOG(WARNING) << "Could not truncate " << profile;
307 }
308 if (flock(ufd.get(), LOCK_UN) != 0) {
309 PLOG(WARNING) << "Error unlocking profile " << profile;
310 }
311 return truncated;
312 }
313
clear_reference_profile(const char * pkgname)314 static bool clear_reference_profile(const char* pkgname) {
315 std::string reference_profile_dir = create_data_ref_profile_package_path(pkgname);
316 std::string reference_profile = create_primary_profile(reference_profile_dir);
317 return clear_profile(reference_profile);
318 }
319
clear_current_profile(const char * pkgname,userid_t user)320 static bool clear_current_profile(const char* pkgname, userid_t user) {
321 std::string profile_dir = create_data_user_profile_package_path(user, pkgname);
322 std::string profile = create_primary_profile(profile_dir);
323 return clear_profile(profile);
324 }
325
clear_current_profiles(const char * pkgname)326 static bool clear_current_profiles(const char* pkgname) {
327 bool success = true;
328 std::vector<userid_t> users = get_known_users(/*volume_uuid*/ nullptr);
329 for (auto user : users) {
330 success &= clear_current_profile(pkgname, user);
331 }
332 return success;
333 }
334
clear_app_profiles(const char * pkgname)335 int clear_app_profiles(const char* pkgname) {
336 bool success = true;
337 success &= clear_reference_profile(pkgname);
338 success &= clear_current_profiles(pkgname);
339 return success ? 0 : -1;
340 }
341
clear_app_data(const char * uuid,const char * pkgname,userid_t userid,int flags,ino_t ce_data_inode)342 int clear_app_data(const char *uuid, const char *pkgname, userid_t userid, int flags,
343 ino_t ce_data_inode) {
344 int res = 0;
345 if (flags & FLAG_STORAGE_CE) {
346 auto path = create_data_user_ce_package_path(uuid, userid, pkgname, ce_data_inode);
347 if (flags & FLAG_CLEAR_CACHE_ONLY) {
348 path = read_path_inode(path, "cache", kXattrInodeCache);
349 } else if (flags & FLAG_CLEAR_CODE_CACHE_ONLY) {
350 path = read_path_inode(path, "code_cache", kXattrInodeCodeCache);
351 }
352 if (access(path.c_str(), F_OK) == 0) {
353 res |= delete_dir_contents(path);
354 }
355 }
356 if (flags & FLAG_STORAGE_DE) {
357 std::string suffix = "";
358 bool only_cache = false;
359 if (flags & FLAG_CLEAR_CACHE_ONLY) {
360 suffix = CACHE_DIR_POSTFIX;
361 only_cache = true;
362 } else if (flags & FLAG_CLEAR_CODE_CACHE_ONLY) {
363 suffix = CODE_CACHE_DIR_POSTFIX;
364 only_cache = true;
365 }
366
367 auto path = create_data_user_de_package_path(uuid, userid, pkgname) + suffix;
368 if (access(path.c_str(), F_OK) == 0) {
369 // TODO: include result once 25796509 is fixed
370 delete_dir_contents(path);
371 }
372 if (!only_cache) {
373 if (!clear_current_profile(pkgname, userid)) {
374 res |= -1;
375 }
376 }
377 }
378 return res;
379 }
380
destroy_app_reference_profile(const char * pkgname)381 static int destroy_app_reference_profile(const char *pkgname) {
382 return delete_dir_contents_and_dir(
383 create_data_ref_profile_package_path(pkgname),
384 /*ignore_if_missing*/ true);
385 }
386
destroy_app_current_profiles(const char * pkgname,userid_t userid)387 static int destroy_app_current_profiles(const char *pkgname, userid_t userid) {
388 return delete_dir_contents_and_dir(
389 create_data_user_profile_package_path(userid, pkgname),
390 /*ignore_if_missing*/ true);
391 }
392
destroy_app_profiles(const char * pkgname)393 int destroy_app_profiles(const char *pkgname) {
394 int result = 0;
395 std::vector<userid_t> users = get_known_users(/*volume_uuid*/ nullptr);
396 for (auto user : users) {
397 result |= destroy_app_current_profiles(pkgname, user);
398 }
399 result |= destroy_app_reference_profile(pkgname);
400 return result;
401 }
402
destroy_app_data(const char * uuid,const char * pkgname,userid_t userid,int flags,ino_t ce_data_inode)403 int destroy_app_data(const char *uuid, const char *pkgname, userid_t userid, int flags,
404 ino_t ce_data_inode) {
405 int res = 0;
406 if (flags & FLAG_STORAGE_CE) {
407 res |= delete_dir_contents_and_dir(
408 create_data_user_ce_package_path(uuid, userid, pkgname, ce_data_inode));
409 }
410 if (flags & FLAG_STORAGE_DE) {
411 res |= delete_dir_contents_and_dir(
412 create_data_user_de_package_path(uuid, userid, pkgname));
413 destroy_app_current_profiles(pkgname, userid);
414 // TODO(calin): If the package is still installed by other users it's probably
415 // beneficial to keep the reference profile around.
416 // Verify if it's ok to do that.
417 destroy_app_reference_profile(pkgname);
418 }
419 return res;
420 }
421
move_complete_app(const char * from_uuid,const char * to_uuid,const char * package_name,const char * data_app_name,appid_t appid,const char * seinfo,int target_sdk_version)422 int move_complete_app(const char *from_uuid, const char *to_uuid, const char *package_name,
423 const char *data_app_name, appid_t appid, const char* seinfo, int target_sdk_version) {
424 std::vector<userid_t> users = get_known_users(from_uuid);
425
426 // Copy app
427 {
428 auto from = create_data_app_package_path(from_uuid, data_app_name);
429 auto to = create_data_app_package_path(to_uuid, data_app_name);
430 auto to_parent = create_data_app_path(to_uuid);
431
432 char *argv[] = {
433 (char*) kCpPath,
434 (char*) "-F", /* delete any existing destination file first (--remove-destination) */
435 (char*) "-p", /* preserve timestamps, ownership, and permissions */
436 (char*) "-R", /* recurse into subdirectories (DEST must be a directory) */
437 (char*) "-P", /* Do not follow symlinks [default] */
438 (char*) "-d", /* don't dereference symlinks */
439 (char*) from.c_str(),
440 (char*) to_parent.c_str()
441 };
442
443 LOG(DEBUG) << "Copying " << from << " to " << to;
444 int rc = android_fork_execvp(ARRAY_SIZE(argv), argv, NULL, false, true);
445
446 if (rc != 0) {
447 LOG(ERROR) << "Failed copying " << from << " to " << to
448 << ": status " << rc;
449 goto fail;
450 }
451
452 if (selinux_android_restorecon(to.c_str(), SELINUX_ANDROID_RESTORECON_RECURSE) != 0) {
453 LOG(ERROR) << "Failed to restorecon " << to;
454 goto fail;
455 }
456 }
457
458 // Copy private data for all known users
459 for (auto user : users) {
460
461 // Data source may not exist for all users; that's okay
462 auto from_ce = create_data_user_ce_package_path(from_uuid, user, package_name);
463 if (access(from_ce.c_str(), F_OK) != 0) {
464 LOG(INFO) << "Missing source " << from_ce;
465 continue;
466 }
467
468 if (create_app_data(to_uuid, package_name, user, FLAG_STORAGE_CE | FLAG_STORAGE_DE,
469 appid, seinfo, target_sdk_version) != 0) {
470 LOG(ERROR) << "Failed to create package target on " << to_uuid;
471 goto fail;
472 }
473
474 char *argv[] = {
475 (char*) kCpPath,
476 (char*) "-F", /* delete any existing destination file first (--remove-destination) */
477 (char*) "-p", /* preserve timestamps, ownership, and permissions */
478 (char*) "-R", /* recurse into subdirectories (DEST must be a directory) */
479 (char*) "-P", /* Do not follow symlinks [default] */
480 (char*) "-d", /* don't dereference symlinks */
481 nullptr,
482 nullptr
483 };
484
485 {
486 auto from = create_data_user_de_package_path(from_uuid, user, package_name);
487 auto to = create_data_user_de_path(to_uuid, user);
488 argv[6] = (char*) from.c_str();
489 argv[7] = (char*) to.c_str();
490
491 LOG(DEBUG) << "Copying " << from << " to " << to;
492 int rc = android_fork_execvp(ARRAY_SIZE(argv), argv, NULL, false, true);
493 if (rc != 0) {
494 LOG(ERROR) << "Failed copying " << from << " to " << to << " with status " << rc;
495 goto fail;
496 }
497 }
498 {
499 auto from = create_data_user_ce_package_path(from_uuid, user, package_name);
500 auto to = create_data_user_ce_path(to_uuid, user);
501 argv[6] = (char*) from.c_str();
502 argv[7] = (char*) to.c_str();
503
504 LOG(DEBUG) << "Copying " << from << " to " << to;
505 int rc = android_fork_execvp(ARRAY_SIZE(argv), argv, NULL, false, true);
506 if (rc != 0) {
507 LOG(ERROR) << "Failed copying " << from << " to " << to << " with status " << rc;
508 goto fail;
509 }
510 }
511
512 if (restorecon_app_data(to_uuid, package_name, user, FLAG_STORAGE_CE | FLAG_STORAGE_DE,
513 appid, seinfo) != 0) {
514 LOG(ERROR) << "Failed to restorecon";
515 goto fail;
516 }
517 }
518
519 // We let the framework scan the new location and persist that before
520 // deleting the data in the old location; this ordering ensures that
521 // we can recover from things like battery pulls.
522 return 0;
523
524 fail:
525 // Nuke everything we might have already copied
526 {
527 auto to = create_data_app_package_path(to_uuid, data_app_name);
528 if (delete_dir_contents(to.c_str(), 1, NULL) != 0) {
529 LOG(WARNING) << "Failed to rollback " << to;
530 }
531 }
532 for (auto user : users) {
533 {
534 auto to = create_data_user_de_package_path(to_uuid, user, package_name);
535 if (delete_dir_contents(to.c_str(), 1, NULL) != 0) {
536 LOG(WARNING) << "Failed to rollback " << to;
537 }
538 }
539 {
540 auto to = create_data_user_ce_package_path(to_uuid, user, package_name);
541 if (delete_dir_contents(to.c_str(), 1, NULL) != 0) {
542 LOG(WARNING) << "Failed to rollback " << to;
543 }
544 }
545 }
546 return -1;
547 }
548
create_user_data(const char * uuid,userid_t userid,int user_serial ATTRIBUTE_UNUSED,int flags)549 int create_user_data(const char *uuid, userid_t userid, int user_serial ATTRIBUTE_UNUSED,
550 int flags) {
551 if (flags & FLAG_STORAGE_DE) {
552 if (uuid == nullptr) {
553 return ensure_config_user_dirs(userid);
554 }
555 }
556 return 0;
557 }
558
destroy_user_data(const char * uuid,userid_t userid,int flags)559 int destroy_user_data(const char *uuid, userid_t userid, int flags) {
560 int res = 0;
561 if (flags & FLAG_STORAGE_DE) {
562 res |= delete_dir_contents_and_dir(create_data_user_de_path(uuid, userid), true);
563 if (uuid == nullptr) {
564 res |= delete_dir_contents_and_dir(create_data_misc_legacy_path(userid), true);
565 res |= delete_dir_contents_and_dir(create_data_user_profiles_path(userid), true);
566 }
567 }
568 if (flags & FLAG_STORAGE_CE) {
569 res |= delete_dir_contents_and_dir(create_data_user_ce_path(uuid, userid), true);
570 res |= delete_dir_contents_and_dir(create_data_media_path(uuid, userid), true);
571 }
572 return res;
573 }
574
575 /* Try to ensure free_size bytes of storage are available.
576 * Returns 0 on success.
577 * This is rather simple-minded because doing a full LRU would
578 * be potentially memory-intensive, and without atime it would
579 * also require that apps constantly modify file metadata even
580 * when just reading from the cache, which is pretty awful.
581 */
free_cache(const char * uuid,int64_t free_size)582 int free_cache(const char *uuid, int64_t free_size) {
583 cache_t* cache;
584 int64_t avail;
585
586 auto data_path = create_data_path(uuid);
587
588 avail = data_disk_free(data_path);
589 if (avail < 0) return -1;
590
591 ALOGI("free_cache(%" PRId64 ") avail %" PRId64 "\n", free_size, avail);
592 if (avail >= free_size) return 0;
593
594 cache = start_cache_collection();
595
596 auto users = get_known_users(uuid);
597 for (auto user : users) {
598 add_cache_files(cache, create_data_user_ce_path(uuid, user));
599 add_cache_files(cache, create_data_user_de_path(uuid, user));
600 add_cache_files(cache,
601 StringPrintf("%s/Android/data", create_data_media_path(uuid, user).c_str()));
602 }
603
604 clear_cache_files(data_path, cache, free_size);
605 finish_cache_collection(cache);
606
607 return data_disk_free(data_path) >= free_size ? 0 : -1;
608 }
609
rm_dex(const char * path,const char * instruction_set)610 int rm_dex(const char *path, const char *instruction_set)
611 {
612 char dex_path[PKG_PATH_MAX];
613
614 if (validate_apk_path(path) && validate_system_app_path(path)) {
615 ALOGE("invalid apk path '%s' (bad prefix)\n", path);
616 return -1;
617 }
618
619 if (!create_cache_path(dex_path, path, instruction_set)) return -1;
620
621 ALOGV("unlink %s\n", dex_path);
622 if (unlink(dex_path) < 0) {
623 if (errno != ENOENT) {
624 ALOGE("Couldn't unlink %s: %s\n", dex_path, strerror(errno));
625 }
626 return -1;
627 } else {
628 return 0;
629 }
630 }
631
add_app_data_size(std::string & path,int64_t * codesize,int64_t * datasize,int64_t * cachesize)632 static void add_app_data_size(std::string& path, int64_t *codesize, int64_t *datasize,
633 int64_t *cachesize) {
634 DIR *d;
635 int dfd;
636 struct dirent *de;
637 struct stat s;
638
639 d = opendir(path.c_str());
640 if (d == nullptr) {
641 PLOG(WARNING) << "Failed to open " << path;
642 return;
643 }
644 dfd = dirfd(d);
645 while ((de = readdir(d))) {
646 const char *name = de->d_name;
647
648 int64_t statsize = 0;
649 if (fstatat(dfd, name, &s, AT_SYMLINK_NOFOLLOW) == 0) {
650 statsize = stat_size(&s);
651 }
652
653 if (de->d_type == DT_DIR) {
654 int subfd;
655 int64_t dirsize = 0;
656 /* always skip "." and ".." */
657 if (name[0] == '.') {
658 if (name[1] == 0) continue;
659 if ((name[1] == '.') && (name[2] == 0)) continue;
660 }
661 subfd = openat(dfd, name, O_RDONLY | O_DIRECTORY);
662 if (subfd >= 0) {
663 dirsize = calculate_dir_size(subfd);
664 close(subfd);
665 }
666 // TODO: check xattrs!
667 if (!strcmp(name, "cache") || !strcmp(name, "code_cache")) {
668 *datasize += statsize;
669 *cachesize += dirsize;
670 } else {
671 *datasize += dirsize + statsize;
672 }
673 } else if (de->d_type == DT_LNK && !strcmp(name, "lib")) {
674 *codesize += statsize;
675 } else {
676 *datasize += statsize;
677 }
678 }
679 closedir(d);
680 }
681
get_app_size(const char * uuid,const char * pkgname,int userid,int flags,ino_t ce_data_inode,const char * code_path,int64_t * codesize,int64_t * datasize,int64_t * cachesize,int64_t * asecsize)682 int get_app_size(const char *uuid, const char *pkgname, int userid, int flags, ino_t ce_data_inode,
683 const char *code_path, int64_t *codesize, int64_t *datasize, int64_t *cachesize,
684 int64_t* asecsize) {
685 DIR *d;
686 int dfd;
687
688 d = opendir(code_path);
689 if (d != nullptr) {
690 dfd = dirfd(d);
691 *codesize += calculate_dir_size(dfd);
692 closedir(d);
693 }
694
695 if (flags & FLAG_STORAGE_CE) {
696 auto path = create_data_user_ce_package_path(uuid, userid, pkgname, ce_data_inode);
697 add_app_data_size(path, codesize, datasize, cachesize);
698 }
699 if (flags & FLAG_STORAGE_DE) {
700 auto path = create_data_user_de_package_path(uuid, userid, pkgname);
701 add_app_data_size(path, codesize, datasize, cachesize);
702 }
703
704 *asecsize = 0;
705
706 return 0;
707 }
708
get_app_data_inode(const char * uuid,const char * pkgname,int userid,int flags,ino_t * inode)709 int get_app_data_inode(const char *uuid, const char *pkgname, int userid, int flags, ino_t *inode) {
710 if (flags & FLAG_STORAGE_CE) {
711 auto path = create_data_user_ce_package_path(uuid, userid, pkgname);
712 return get_path_inode(path, inode);
713 }
714 return -1;
715 }
716
split_count(const char * str)717 static int split_count(const char *str)
718 {
719 char *ctx;
720 int count = 0;
721 char buf[kPropertyValueMax];
722
723 strncpy(buf, str, sizeof(buf));
724 char *pBuf = buf;
725
726 while(strtok_r(pBuf, " ", &ctx) != NULL) {
727 count++;
728 pBuf = NULL;
729 }
730
731 return count;
732 }
733
split(char * buf,const char ** argv)734 static int split(char *buf, const char **argv)
735 {
736 char *ctx;
737 int count = 0;
738 char *tok;
739 char *pBuf = buf;
740
741 while((tok = strtok_r(pBuf, " ", &ctx)) != NULL) {
742 argv[count++] = tok;
743 pBuf = NULL;
744 }
745
746 return count;
747 }
748
run_patchoat(int input_fd,int oat_fd,const char * input_file_name,const char * output_file_name,const char * pkgname ATTRIBUTE_UNUSED,const char * instruction_set)749 static void run_patchoat(int input_fd, int oat_fd, const char* input_file_name,
750 const char* output_file_name, const char *pkgname ATTRIBUTE_UNUSED, const char *instruction_set)
751 {
752 static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig
753 static const unsigned int MAX_INSTRUCTION_SET_LEN = 7;
754
755 static const char* PATCHOAT_BIN = "/system/bin/patchoat";
756 if (strlen(instruction_set) >= MAX_INSTRUCTION_SET_LEN) {
757 ALOGE("Instruction set %s longer than max length of %d",
758 instruction_set, MAX_INSTRUCTION_SET_LEN);
759 return;
760 }
761
762 /* input_file_name/input_fd should be the .odex/.oat file that is precompiled. I think*/
763 char instruction_set_arg[strlen("--instruction-set=") + MAX_INSTRUCTION_SET_LEN];
764 char output_oat_fd_arg[strlen("--output-oat-fd=") + MAX_INT_LEN];
765 char input_oat_fd_arg[strlen("--input-oat-fd=") + MAX_INT_LEN];
766 const char* patched_image_location_arg = "--patched-image-location=/system/framework/boot.art";
767 // The caller has already gotten all the locks we need.
768 const char* no_lock_arg = "--no-lock-output";
769 sprintf(instruction_set_arg, "--instruction-set=%s", instruction_set);
770 sprintf(output_oat_fd_arg, "--output-oat-fd=%d", oat_fd);
771 sprintf(input_oat_fd_arg, "--input-oat-fd=%d", input_fd);
772 ALOGV("Running %s isa=%s in-fd=%d (%s) out-fd=%d (%s)\n",
773 PATCHOAT_BIN, instruction_set, input_fd, input_file_name, oat_fd, output_file_name);
774
775 /* patchoat, patched-image-location, no-lock, isa, input-fd, output-fd */
776 char* argv[7];
777 argv[0] = (char*) PATCHOAT_BIN;
778 argv[1] = (char*) patched_image_location_arg;
779 argv[2] = (char*) no_lock_arg;
780 argv[3] = instruction_set_arg;
781 argv[4] = output_oat_fd_arg;
782 argv[5] = input_oat_fd_arg;
783 argv[6] = NULL;
784
785 execv(PATCHOAT_BIN, (char* const *)argv);
786 ALOGE("execv(%s) failed: %s\n", PATCHOAT_BIN, strerror(errno));
787 }
788
run_dex2oat(int zip_fd,int oat_fd,int image_fd,const char * input_file_name,const char * output_file_name,int swap_fd,const char * instruction_set,const char * compiler_filter,bool vm_safe_mode,bool debuggable,bool post_bootcomplete,int profile_fd,const char * shared_libraries)789 static void run_dex2oat(int zip_fd, int oat_fd, int image_fd, const char* input_file_name,
790 const char* output_file_name, int swap_fd, const char *instruction_set,
791 const char* compiler_filter, bool vm_safe_mode, bool debuggable, bool post_bootcomplete,
792 int profile_fd, const char* shared_libraries) {
793 static const unsigned int MAX_INSTRUCTION_SET_LEN = 7;
794
795 if (strlen(instruction_set) >= MAX_INSTRUCTION_SET_LEN) {
796 ALOGE("Instruction set %s longer than max length of %d",
797 instruction_set, MAX_INSTRUCTION_SET_LEN);
798 return;
799 }
800
801 char dex2oat_Xms_flag[kPropertyValueMax];
802 bool have_dex2oat_Xms_flag = get_property("dalvik.vm.dex2oat-Xms", dex2oat_Xms_flag, NULL) > 0;
803
804 char dex2oat_Xmx_flag[kPropertyValueMax];
805 bool have_dex2oat_Xmx_flag = get_property("dalvik.vm.dex2oat-Xmx", dex2oat_Xmx_flag, NULL) > 0;
806
807 char dex2oat_threads_buf[kPropertyValueMax];
808 bool have_dex2oat_threads_flag = get_property(post_bootcomplete
809 ? "dalvik.vm.dex2oat-threads"
810 : "dalvik.vm.boot-dex2oat-threads",
811 dex2oat_threads_buf,
812 NULL) > 0;
813 char dex2oat_threads_arg[kPropertyValueMax + 2];
814 if (have_dex2oat_threads_flag) {
815 sprintf(dex2oat_threads_arg, "-j%s", dex2oat_threads_buf);
816 }
817
818 char dex2oat_isa_features_key[kPropertyKeyMax];
819 sprintf(dex2oat_isa_features_key, "dalvik.vm.isa.%s.features", instruction_set);
820 char dex2oat_isa_features[kPropertyValueMax];
821 bool have_dex2oat_isa_features = get_property(dex2oat_isa_features_key,
822 dex2oat_isa_features, NULL) > 0;
823
824 char dex2oat_isa_variant_key[kPropertyKeyMax];
825 sprintf(dex2oat_isa_variant_key, "dalvik.vm.isa.%s.variant", instruction_set);
826 char dex2oat_isa_variant[kPropertyValueMax];
827 bool have_dex2oat_isa_variant = get_property(dex2oat_isa_variant_key,
828 dex2oat_isa_variant, NULL) > 0;
829
830 const char *dex2oat_norelocation = "-Xnorelocate";
831 bool have_dex2oat_relocation_skip_flag = false;
832
833 char dex2oat_flags[kPropertyValueMax];
834 int dex2oat_flags_count = get_property("dalvik.vm.dex2oat-flags",
835 dex2oat_flags, NULL) <= 0 ? 0 : split_count(dex2oat_flags);
836 ALOGV("dalvik.vm.dex2oat-flags=%s\n", dex2oat_flags);
837
838 // If we booting without the real /data, don't spend time compiling.
839 char vold_decrypt[kPropertyValueMax];
840 bool have_vold_decrypt = get_property("vold.decrypt", vold_decrypt, "") > 0;
841 bool skip_compilation = (have_vold_decrypt &&
842 (strcmp(vold_decrypt, "trigger_restart_min_framework") == 0 ||
843 (strcmp(vold_decrypt, "1") == 0)));
844
845 bool generate_debug_info = property_get_bool("debug.generate-debug-info");
846
847 char app_image_format[kPropertyValueMax];
848 char image_format_arg[strlen("--image-format=") + kPropertyValueMax];
849 bool have_app_image_format =
850 image_fd >= 0 && get_property("dalvik.vm.appimageformat", app_image_format, NULL) > 0;
851 if (have_app_image_format) {
852 sprintf(image_format_arg, "--image-format=%s", app_image_format);
853 }
854
855 char dex2oat_large_app_threshold[kPropertyValueMax];
856 bool have_dex2oat_large_app_threshold =
857 get_property("dalvik.vm.dex2oat-very-large", dex2oat_large_app_threshold, NULL) > 0;
858 char dex2oat_large_app_threshold_arg[strlen("--very-large-app-threshold=") + kPropertyValueMax];
859 if (have_dex2oat_large_app_threshold) {
860 sprintf(dex2oat_large_app_threshold_arg,
861 "--very-large-app-threshold=%s",
862 dex2oat_large_app_threshold);
863 }
864
865 static const char* DEX2OAT_BIN = "/system/bin/dex2oat";
866
867 static const char* RUNTIME_ARG = "--runtime-arg";
868
869 static const int MAX_INT_LEN = 12; // '-'+10dig+'\0' -OR- 0x+8dig
870
871 char zip_fd_arg[strlen("--zip-fd=") + MAX_INT_LEN];
872 char zip_location_arg[strlen("--zip-location=") + PKG_PATH_MAX];
873 char oat_fd_arg[strlen("--oat-fd=") + MAX_INT_LEN];
874 char oat_location_arg[strlen("--oat-location=") + PKG_PATH_MAX];
875 char instruction_set_arg[strlen("--instruction-set=") + MAX_INSTRUCTION_SET_LEN];
876 char instruction_set_variant_arg[strlen("--instruction-set-variant=") + kPropertyValueMax];
877 char instruction_set_features_arg[strlen("--instruction-set-features=") + kPropertyValueMax];
878 char dex2oat_Xms_arg[strlen("-Xms") + kPropertyValueMax];
879 char dex2oat_Xmx_arg[strlen("-Xmx") + kPropertyValueMax];
880 char dex2oat_compiler_filter_arg[strlen("--compiler-filter=") + kPropertyValueMax];
881 bool have_dex2oat_swap_fd = false;
882 char dex2oat_swap_fd[strlen("--swap-fd=") + MAX_INT_LEN];
883 bool have_dex2oat_image_fd = false;
884 char dex2oat_image_fd[strlen("--app-image-fd=") + MAX_INT_LEN];
885
886 sprintf(zip_fd_arg, "--zip-fd=%d", zip_fd);
887 sprintf(zip_location_arg, "--zip-location=%s", input_file_name);
888 sprintf(oat_fd_arg, "--oat-fd=%d", oat_fd);
889 sprintf(oat_location_arg, "--oat-location=%s", output_file_name);
890 sprintf(instruction_set_arg, "--instruction-set=%s", instruction_set);
891 sprintf(instruction_set_variant_arg, "--instruction-set-variant=%s", dex2oat_isa_variant);
892 sprintf(instruction_set_features_arg, "--instruction-set-features=%s", dex2oat_isa_features);
893 if (swap_fd >= 0) {
894 have_dex2oat_swap_fd = true;
895 sprintf(dex2oat_swap_fd, "--swap-fd=%d", swap_fd);
896 }
897 if (image_fd >= 0) {
898 have_dex2oat_image_fd = true;
899 sprintf(dex2oat_image_fd, "--app-image-fd=%d", image_fd);
900 }
901
902 if (have_dex2oat_Xms_flag) {
903 sprintf(dex2oat_Xms_arg, "-Xms%s", dex2oat_Xms_flag);
904 }
905 if (have_dex2oat_Xmx_flag) {
906 sprintf(dex2oat_Xmx_arg, "-Xmx%s", dex2oat_Xmx_flag);
907 }
908
909 // Compute compiler filter.
910
911 bool have_dex2oat_compiler_filter_flag;
912 if (skip_compilation) {
913 strcpy(dex2oat_compiler_filter_arg, "--compiler-filter=verify-none");
914 have_dex2oat_compiler_filter_flag = true;
915 have_dex2oat_relocation_skip_flag = true;
916 } else if (vm_safe_mode) {
917 strcpy(dex2oat_compiler_filter_arg, "--compiler-filter=interpret-only");
918 have_dex2oat_compiler_filter_flag = true;
919 } else if (compiler_filter != nullptr &&
920 strlen(compiler_filter) + strlen("--compiler-filter=") <
921 arraysize(dex2oat_compiler_filter_arg)) {
922 sprintf(dex2oat_compiler_filter_arg, "--compiler-filter=%s", compiler_filter);
923 have_dex2oat_compiler_filter_flag = true;
924 } else {
925 char dex2oat_compiler_filter_flag[kPropertyValueMax];
926 have_dex2oat_compiler_filter_flag = get_property("dalvik.vm.dex2oat-filter",
927 dex2oat_compiler_filter_flag, NULL) > 0;
928 if (have_dex2oat_compiler_filter_flag) {
929 sprintf(dex2oat_compiler_filter_arg,
930 "--compiler-filter=%s",
931 dex2oat_compiler_filter_flag);
932 }
933 }
934
935 // Check whether all apps should be compiled debuggable.
936 if (!debuggable) {
937 char prop_buf[kPropertyValueMax];
938 debuggable =
939 (get_property("dalvik.vm.always_debuggable", prop_buf, "0") > 0) &&
940 (prop_buf[0] == '1');
941 }
942 char profile_arg[strlen("--profile-file-fd=") + MAX_INT_LEN];
943 if (profile_fd != -1) {
944 sprintf(profile_arg, "--profile-file-fd=%d", profile_fd);
945 }
946
947
948 ALOGV("Running %s in=%s out=%s\n", DEX2OAT_BIN, input_file_name, output_file_name);
949
950 const char* argv[7 // program name, mandatory arguments and the final NULL
951 + (have_dex2oat_isa_variant ? 1 : 0)
952 + (have_dex2oat_isa_features ? 1 : 0)
953 + (have_dex2oat_Xms_flag ? 2 : 0)
954 + (have_dex2oat_Xmx_flag ? 2 : 0)
955 + (have_dex2oat_compiler_filter_flag ? 1 : 0)
956 + (have_dex2oat_threads_flag ? 1 : 0)
957 + (have_dex2oat_swap_fd ? 1 : 0)
958 + (have_dex2oat_image_fd ? 1 : 0)
959 + (have_dex2oat_relocation_skip_flag ? 2 : 0)
960 + (generate_debug_info ? 1 : 0)
961 + (debuggable ? 1 : 0)
962 + (have_app_image_format ? 1 : 0)
963 + dex2oat_flags_count
964 + (profile_fd == -1 ? 0 : 1)
965 + (shared_libraries != nullptr ? 4 : 0)
966 + (have_dex2oat_large_app_threshold ? 1 : 0)];
967 int i = 0;
968 argv[i++] = DEX2OAT_BIN;
969 argv[i++] = zip_fd_arg;
970 argv[i++] = zip_location_arg;
971 argv[i++] = oat_fd_arg;
972 argv[i++] = oat_location_arg;
973 argv[i++] = instruction_set_arg;
974 if (have_dex2oat_isa_variant) {
975 argv[i++] = instruction_set_variant_arg;
976 }
977 if (have_dex2oat_isa_features) {
978 argv[i++] = instruction_set_features_arg;
979 }
980 if (have_dex2oat_Xms_flag) {
981 argv[i++] = RUNTIME_ARG;
982 argv[i++] = dex2oat_Xms_arg;
983 }
984 if (have_dex2oat_Xmx_flag) {
985 argv[i++] = RUNTIME_ARG;
986 argv[i++] = dex2oat_Xmx_arg;
987 }
988 if (have_dex2oat_compiler_filter_flag) {
989 argv[i++] = dex2oat_compiler_filter_arg;
990 }
991 if (have_dex2oat_threads_flag) {
992 argv[i++] = dex2oat_threads_arg;
993 }
994 if (have_dex2oat_swap_fd) {
995 argv[i++] = dex2oat_swap_fd;
996 }
997 if (have_dex2oat_image_fd) {
998 argv[i++] = dex2oat_image_fd;
999 }
1000 if (generate_debug_info) {
1001 argv[i++] = "--generate-debug-info";
1002 }
1003 if (debuggable) {
1004 argv[i++] = "--debuggable";
1005 }
1006 if (have_app_image_format) {
1007 argv[i++] = image_format_arg;
1008 }
1009 if (have_dex2oat_large_app_threshold) {
1010 argv[i++] = dex2oat_large_app_threshold_arg;
1011 }
1012 if (dex2oat_flags_count) {
1013 i += split(dex2oat_flags, argv + i);
1014 }
1015 if (have_dex2oat_relocation_skip_flag) {
1016 argv[i++] = RUNTIME_ARG;
1017 argv[i++] = dex2oat_norelocation;
1018 }
1019 if (profile_fd != -1) {
1020 argv[i++] = profile_arg;
1021 }
1022 if (shared_libraries != nullptr) {
1023 argv[i++] = RUNTIME_ARG;
1024 argv[i++] = "-classpath";
1025 argv[i++] = RUNTIME_ARG;
1026 argv[i++] = shared_libraries;
1027 }
1028 // Do not add after dex2oat_flags, they should override others for debugging.
1029 argv[i] = NULL;
1030
1031 execv(DEX2OAT_BIN, (char * const *)argv);
1032 ALOGE("execv(%s) failed: %s\n", DEX2OAT_BIN, strerror(errno));
1033 }
1034
1035 /*
1036 * Whether dexopt should use a swap file when compiling an APK.
1037 *
1038 * If kAlwaysProvideSwapFile, do this on all devices (dex2oat will make a more informed decision
1039 * itself, anyways).
1040 *
1041 * Otherwise, read "dalvik.vm.dex2oat-swap". If the property exists, return whether it is "true".
1042 *
1043 * Otherwise, return true if this is a low-mem device.
1044 *
1045 * Otherwise, return default value.
1046 */
1047 static bool kAlwaysProvideSwapFile = false;
1048 static bool kDefaultProvideSwapFile = true;
1049
ShouldUseSwapFileForDexopt()1050 static bool ShouldUseSwapFileForDexopt() {
1051 if (kAlwaysProvideSwapFile) {
1052 return true;
1053 }
1054
1055 // Check the "override" property. If it exists, return value == "true".
1056 char dex2oat_prop_buf[kPropertyValueMax];
1057 if (get_property("dalvik.vm.dex2oat-swap", dex2oat_prop_buf, "") > 0) {
1058 if (strcmp(dex2oat_prop_buf, "true") == 0) {
1059 return true;
1060 } else {
1061 return false;
1062 }
1063 }
1064
1065 // Shortcut for default value. This is an implementation optimization for the process sketched
1066 // above. If the default value is true, we can avoid to check whether this is a low-mem device,
1067 // as low-mem is never returning false. The compiler will optimize this away if it can.
1068 if (kDefaultProvideSwapFile) {
1069 return true;
1070 }
1071
1072 bool is_low_mem = property_get_bool("ro.config.low_ram");
1073 if (is_low_mem) {
1074 return true;
1075 }
1076
1077 // Default value must be false here.
1078 return kDefaultProvideSwapFile;
1079 }
1080
SetDex2OatAndPatchOatScheduling(bool set_to_bg)1081 static void SetDex2OatAndPatchOatScheduling(bool set_to_bg) {
1082 if (set_to_bg) {
1083 if (set_sched_policy(0, SP_BACKGROUND) < 0) {
1084 ALOGE("set_sched_policy failed: %s\n", strerror(errno));
1085 exit(70);
1086 }
1087 if (setpriority(PRIO_PROCESS, 0, ANDROID_PRIORITY_BACKGROUND) < 0) {
1088 ALOGE("setpriority failed: %s\n", strerror(errno));
1089 exit(71);
1090 }
1091 }
1092 }
1093
close_all_fds(const std::vector<fd_t> & fds,const char * description)1094 static void close_all_fds(const std::vector<fd_t>& fds, const char* description) {
1095 for (size_t i = 0; i < fds.size(); i++) {
1096 if (close(fds[i]) != 0) {
1097 PLOG(WARNING) << "Failed to close fd for " << description << " at index " << i;
1098 }
1099 }
1100 }
1101
open_profile_dir(const std::string & profile_dir)1102 static fd_t open_profile_dir(const std::string& profile_dir) {
1103 fd_t profile_dir_fd = TEMP_FAILURE_RETRY(open(profile_dir.c_str(),
1104 O_PATH | O_CLOEXEC | O_DIRECTORY | O_NOFOLLOW));
1105 if (profile_dir_fd < 0) {
1106 // In a multi-user environment, these directories can be created at
1107 // different points and it's possible we'll attempt to open a profile
1108 // dir before it exists.
1109 if (errno != ENOENT) {
1110 PLOG(ERROR) << "Failed to open profile_dir: " << profile_dir;
1111 }
1112 }
1113 return profile_dir_fd;
1114 }
1115
open_primary_profile_file_from_dir(const std::string & profile_dir,mode_t open_mode)1116 static fd_t open_primary_profile_file_from_dir(const std::string& profile_dir, mode_t open_mode) {
1117 fd_t profile_dir_fd = open_profile_dir(profile_dir);
1118 if (profile_dir_fd < 0) {
1119 return -1;
1120 }
1121
1122 fd_t profile_fd = -1;
1123 std::string profile_file = create_primary_profile(profile_dir);
1124
1125 profile_fd = TEMP_FAILURE_RETRY(open(profile_file.c_str(), open_mode | O_NOFOLLOW));
1126 if (profile_fd == -1) {
1127 // It's not an error if the profile file does not exist.
1128 if (errno != ENOENT) {
1129 PLOG(ERROR) << "Failed to lstat profile_dir: " << profile_dir;
1130 }
1131 }
1132 // TODO(calin): use AutoCloseFD instead of closing the fd manually.
1133 if (close(profile_dir_fd) != 0) {
1134 PLOG(WARNING) << "Could not close profile dir " << profile_dir;
1135 }
1136 return profile_fd;
1137 }
1138
open_primary_profile_file(userid_t user,const char * pkgname)1139 static fd_t open_primary_profile_file(userid_t user, const char* pkgname) {
1140 std::string profile_dir = create_data_user_profile_package_path(user, pkgname);
1141 return open_primary_profile_file_from_dir(profile_dir, O_RDONLY);
1142 }
1143
open_reference_profile(uid_t uid,const char * pkgname,bool read_write)1144 static fd_t open_reference_profile(uid_t uid, const char* pkgname, bool read_write) {
1145 std::string reference_profile_dir = create_data_ref_profile_package_path(pkgname);
1146 int flags = read_write ? O_RDWR | O_CREAT : O_RDONLY;
1147 fd_t fd = open_primary_profile_file_from_dir(reference_profile_dir, flags);
1148 if (fd < 0) {
1149 return -1;
1150 }
1151 if (read_write) {
1152 // Fix the owner.
1153 if (fchown(fd, uid, uid) < 0) {
1154 close(fd);
1155 return -1;
1156 }
1157 }
1158 return fd;
1159 }
1160
open_profile_files(uid_t uid,const char * pkgname,std::vector<fd_t> * profiles_fd,fd_t * reference_profile_fd)1161 static void open_profile_files(uid_t uid, const char* pkgname,
1162 /*out*/ std::vector<fd_t>* profiles_fd, /*out*/ fd_t* reference_profile_fd) {
1163 // Open the reference profile in read-write mode as profman might need to save the merge.
1164 *reference_profile_fd = open_reference_profile(uid, pkgname, /*read_write*/ true);
1165 if (*reference_profile_fd < 0) {
1166 // We can't access the reference profile file.
1167 return;
1168 }
1169
1170 std::vector<userid_t> users = get_known_users(/*volume_uuid*/ nullptr);
1171 for (auto user : users) {
1172 fd_t profile_fd = open_primary_profile_file(user, pkgname);
1173 // Add to the lists only if both fds are valid.
1174 if (profile_fd >= 0) {
1175 profiles_fd->push_back(profile_fd);
1176 }
1177 }
1178 }
1179
drop_capabilities(uid_t uid)1180 static void drop_capabilities(uid_t uid) {
1181 if (setgid(uid) != 0) {
1182 ALOGE("setgid(%d) failed in installd during dexopt\n", uid);
1183 exit(64);
1184 }
1185 if (setuid(uid) != 0) {
1186 ALOGE("setuid(%d) failed in installd during dexopt\n", uid);
1187 exit(65);
1188 }
1189 // drop capabilities
1190 struct __user_cap_header_struct capheader;
1191 struct __user_cap_data_struct capdata[2];
1192 memset(&capheader, 0, sizeof(capheader));
1193 memset(&capdata, 0, sizeof(capdata));
1194 capheader.version = _LINUX_CAPABILITY_VERSION_3;
1195 if (capset(&capheader, &capdata[0]) < 0) {
1196 ALOGE("capset failed: %s\n", strerror(errno));
1197 exit(66);
1198 }
1199 }
1200
1201 static constexpr int PROFMAN_BIN_RETURN_CODE_COMPILE = 0;
1202 static constexpr int PROFMAN_BIN_RETURN_CODE_SKIP_COMPILATION = 1;
1203 static constexpr int PROFMAN_BIN_RETURN_CODE_BAD_PROFILES = 2;
1204 static constexpr int PROFMAN_BIN_RETURN_CODE_ERROR_IO = 3;
1205 static constexpr int PROFMAN_BIN_RETURN_CODE_ERROR_LOCKING = 4;
1206
run_profman_merge(const std::vector<fd_t> & profiles_fd,fd_t reference_profile_fd)1207 static void run_profman_merge(const std::vector<fd_t>& profiles_fd, fd_t reference_profile_fd) {
1208 static const size_t MAX_INT_LEN = 32;
1209 static const char* PROFMAN_BIN = "/system/bin/profman";
1210
1211 std::vector<std::string> profile_args(profiles_fd.size());
1212 char profile_buf[strlen("--profile-file-fd=") + MAX_INT_LEN];
1213 for (size_t k = 0; k < profiles_fd.size(); k++) {
1214 sprintf(profile_buf, "--profile-file-fd=%d", profiles_fd[k]);
1215 profile_args[k].assign(profile_buf);
1216 }
1217 char reference_profile_arg[strlen("--reference-profile-file-fd=") + MAX_INT_LEN];
1218 sprintf(reference_profile_arg, "--reference-profile-file-fd=%d", reference_profile_fd);
1219
1220 // program name, reference profile fd, the final NULL and the profile fds
1221 const char* argv[3 + profiles_fd.size()];
1222 int i = 0;
1223 argv[i++] = PROFMAN_BIN;
1224 argv[i++] = reference_profile_arg;
1225 for (size_t k = 0; k < profile_args.size(); k++) {
1226 argv[i++] = profile_args[k].c_str();
1227 }
1228 // Do not add after dex2oat_flags, they should override others for debugging.
1229 argv[i] = NULL;
1230
1231 execv(PROFMAN_BIN, (char * const *)argv);
1232 ALOGE("execv(%s) failed: %s\n", PROFMAN_BIN, strerror(errno));
1233 exit(68); /* only get here on exec failure */
1234 }
1235
1236 // Decides if profile guided compilation is needed or not based on existing profiles.
1237 // Returns true if there is enough information in the current profiles that worth
1238 // a re-compilation of the package.
1239 // If the return value is true all the current profiles would have been merged into
1240 // the reference profiles accessible with open_reference_profile().
analyse_profiles(uid_t uid,const char * pkgname)1241 static bool analyse_profiles(uid_t uid, const char* pkgname) {
1242 std::vector<fd_t> profiles_fd;
1243 fd_t reference_profile_fd = -1;
1244 open_profile_files(uid, pkgname, &profiles_fd, &reference_profile_fd);
1245 if (profiles_fd.empty() || (reference_profile_fd == -1)) {
1246 // Skip profile guided compilation because no profiles were found.
1247 // Or if the reference profile info couldn't be opened.
1248 close_all_fds(profiles_fd, "profiles_fd");
1249 if ((reference_profile_fd != - 1) && (close(reference_profile_fd) != 0)) {
1250 PLOG(WARNING) << "Failed to close fd for reference profile";
1251 }
1252 return false;
1253 }
1254
1255 ALOGV("PROFMAN (MERGE): --- BEGIN '%s' ---\n", pkgname);
1256
1257 pid_t pid = fork();
1258 if (pid == 0) {
1259 /* child -- drop privileges before continuing */
1260 drop_capabilities(uid);
1261 run_profman_merge(profiles_fd, reference_profile_fd);
1262 exit(68); /* only get here on exec failure */
1263 }
1264 /* parent */
1265 int return_code = wait_child(pid);
1266 bool need_to_compile = false;
1267 bool should_clear_current_profiles = false;
1268 bool should_clear_reference_profile = false;
1269 if (!WIFEXITED(return_code)) {
1270 LOG(WARNING) << "profman failed for package " << pkgname << ": " << return_code;
1271 } else {
1272 return_code = WEXITSTATUS(return_code);
1273 switch (return_code) {
1274 case PROFMAN_BIN_RETURN_CODE_COMPILE:
1275 need_to_compile = true;
1276 should_clear_current_profiles = true;
1277 should_clear_reference_profile = false;
1278 break;
1279 case PROFMAN_BIN_RETURN_CODE_SKIP_COMPILATION:
1280 need_to_compile = false;
1281 should_clear_current_profiles = false;
1282 should_clear_reference_profile = false;
1283 break;
1284 case PROFMAN_BIN_RETURN_CODE_BAD_PROFILES:
1285 LOG(WARNING) << "Bad profiles for package " << pkgname;
1286 need_to_compile = false;
1287 should_clear_current_profiles = true;
1288 should_clear_reference_profile = true;
1289 break;
1290 case PROFMAN_BIN_RETURN_CODE_ERROR_IO: // fall-through
1291 case PROFMAN_BIN_RETURN_CODE_ERROR_LOCKING:
1292 // Temporary IO problem (e.g. locking). Ignore but log a warning.
1293 LOG(WARNING) << "IO error while reading profiles for package " << pkgname;
1294 need_to_compile = false;
1295 should_clear_current_profiles = false;
1296 should_clear_reference_profile = false;
1297 break;
1298 default:
1299 // Unknown return code or error. Unlink profiles.
1300 LOG(WARNING) << "Unknown error code while processing profiles for package " << pkgname
1301 << ": " << return_code;
1302 need_to_compile = false;
1303 should_clear_current_profiles = true;
1304 should_clear_reference_profile = true;
1305 break;
1306 }
1307 }
1308 close_all_fds(profiles_fd, "profiles_fd");
1309 if (close(reference_profile_fd) != 0) {
1310 PLOG(WARNING) << "Failed to close fd for reference profile";
1311 }
1312 if (should_clear_current_profiles) {
1313 clear_current_profiles(pkgname);
1314 }
1315 if (should_clear_reference_profile) {
1316 clear_reference_profile(pkgname);
1317 }
1318 return need_to_compile;
1319 }
1320
run_profman_dump(const std::vector<fd_t> & profile_fds,fd_t reference_profile_fd,const std::vector<std::string> & dex_locations,const std::vector<fd_t> & apk_fds,fd_t output_fd)1321 static void run_profman_dump(const std::vector<fd_t>& profile_fds,
1322 fd_t reference_profile_fd,
1323 const std::vector<std::string>& dex_locations,
1324 const std::vector<fd_t>& apk_fds,
1325 fd_t output_fd) {
1326 std::vector<std::string> profman_args;
1327 static const char* PROFMAN_BIN = "/system/bin/profman";
1328 profman_args.push_back(PROFMAN_BIN);
1329 profman_args.push_back("--dump-only");
1330 profman_args.push_back(StringPrintf("--dump-output-to-fd=%d", output_fd));
1331 if (reference_profile_fd != -1) {
1332 profman_args.push_back(StringPrintf("--reference-profile-file-fd=%d",
1333 reference_profile_fd));
1334 }
1335 for (fd_t profile_fd : profile_fds) {
1336 profman_args.push_back(StringPrintf("--profile-file-fd=%d", profile_fd));
1337 }
1338 for (const std::string& dex_location : dex_locations) {
1339 profman_args.push_back(StringPrintf("--dex-location=%s", dex_location.c_str()));
1340 }
1341 for (fd_t apk_fd : apk_fds) {
1342 profman_args.push_back(StringPrintf("--apk-fd=%d", apk_fd));
1343 }
1344 const char **argv = new const char*[profman_args.size() + 1];
1345 size_t i = 0;
1346 for (const std::string& profman_arg : profman_args) {
1347 argv[i++] = profman_arg.c_str();
1348 }
1349 argv[i] = NULL;
1350
1351 execv(PROFMAN_BIN, (char * const *)argv);
1352 ALOGE("execv(%s) failed: %s\n", PROFMAN_BIN, strerror(errno));
1353 exit(68); /* only get here on exec failure */
1354 }
1355
get_location_from_path(const char * path)1356 static const char* get_location_from_path(const char* path) {
1357 static constexpr char kLocationSeparator = '/';
1358 const char *location = strrchr(path, kLocationSeparator);
1359 if (location == NULL) {
1360 return path;
1361 } else {
1362 // Skip the separator character.
1363 return location + 1;
1364 }
1365 }
1366
1367 // Dumps the contents of a profile file, using pkgname's dex files for pretty
1368 // printing the result.
dump_profile(uid_t uid,const char * pkgname,const char * code_path_string)1369 bool dump_profile(uid_t uid, const char* pkgname, const char* code_path_string) {
1370 std::vector<fd_t> profile_fds;
1371 fd_t reference_profile_fd = -1;
1372 std::string out_file_name = StringPrintf("/data/misc/profman/%s.txt", pkgname);
1373
1374 ALOGV("PROFMAN (DUMP): --- BEGIN '%s' ---\n", pkgname);
1375
1376 open_profile_files(uid, pkgname, &profile_fds, &reference_profile_fd);
1377
1378 const bool has_reference_profile = (reference_profile_fd != -1);
1379 const bool has_profiles = !profile_fds.empty();
1380
1381 if (!has_reference_profile && !has_profiles) {
1382 ALOGE("profman dump: no profiles to dump for '%s'", pkgname);
1383 return false;
1384 }
1385
1386 fd_t output_fd = open(out_file_name.c_str(), O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW);
1387 if (fchmod(output_fd, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) < 0) {
1388 ALOGE("installd cannot chmod '%s' dump_profile\n", out_file_name.c_str());
1389 return false;
1390 }
1391 std::vector<std::string> code_full_paths = base::Split(code_path_string, ";");
1392 std::vector<std::string> dex_locations;
1393 std::vector<fd_t> apk_fds;
1394 for (const std::string& code_full_path : code_full_paths) {
1395 const char* full_path = code_full_path.c_str();
1396 fd_t apk_fd = open(full_path, O_RDONLY | O_NOFOLLOW);
1397 if (apk_fd == -1) {
1398 ALOGE("installd cannot open '%s'\n", full_path);
1399 return false;
1400 }
1401 dex_locations.push_back(get_location_from_path(full_path));
1402 apk_fds.push_back(apk_fd);
1403 }
1404
1405 pid_t pid = fork();
1406 if (pid == 0) {
1407 /* child -- drop privileges before continuing */
1408 drop_capabilities(uid);
1409 run_profman_dump(profile_fds, reference_profile_fd, dex_locations,
1410 apk_fds, output_fd);
1411 exit(68); /* only get here on exec failure */
1412 }
1413 /* parent */
1414 close_all_fds(apk_fds, "apk_fds");
1415 close_all_fds(profile_fds, "profile_fds");
1416 if (close(reference_profile_fd) != 0) {
1417 PLOG(WARNING) << "Failed to close fd for reference profile";
1418 }
1419 int return_code = wait_child(pid);
1420 if (!WIFEXITED(return_code)) {
1421 LOG(WARNING) << "profman failed for package " << pkgname << ": "
1422 << return_code;
1423 return false;
1424 }
1425 return true;
1426 }
1427
1428 // Translate the given oat path to an art (app image) path. An empty string
1429 // denotes an error.
create_image_filename(const std::string & oat_path)1430 static std::string create_image_filename(const std::string& oat_path) {
1431 // A standard dalvik-cache entry. Replace ".dex" with ".art."
1432 if (EndsWith(oat_path, ".dex")) {
1433 std::string art_path = oat_path;
1434 art_path.replace(art_path.length() - strlen("dex"), strlen("dex"), "art");
1435 CHECK(EndsWith(art_path, ".art"));
1436 return art_path;
1437 }
1438
1439 // An odex entry. Not that this may not be an extension, e.g., in the OTA
1440 // case (where the base name will have an extension for the B artifact).
1441 size_t odex_pos = oat_path.rfind(".odex");
1442 if (odex_pos != std::string::npos) {
1443 std::string art_path = oat_path;
1444 art_path.replace(odex_pos, strlen(".odex"), ".art");
1445 CHECK_NE(art_path.find(".art"), std::string::npos);
1446 return art_path;
1447 }
1448
1449 // Don't know how to handle this.
1450 return "";
1451 }
1452
add_extension_to_file_name(char * file_name,const char * extension)1453 static bool add_extension_to_file_name(char* file_name, const char* extension) {
1454 if (strlen(file_name) + strlen(extension) + 1 > PKG_PATH_MAX) {
1455 return false;
1456 }
1457 strcat(file_name, extension);
1458 return true;
1459 }
1460
open_output_file(const char * file_name,bool recreate,int permissions)1461 static int open_output_file(const char* file_name, bool recreate, int permissions) {
1462 int flags = O_RDWR | O_CREAT;
1463 if (recreate) {
1464 if (unlink(file_name) < 0) {
1465 if (errno != ENOENT) {
1466 PLOG(ERROR) << "open_output_file: Couldn't unlink " << file_name;
1467 }
1468 }
1469 flags |= O_EXCL;
1470 }
1471 return open(file_name, flags, permissions);
1472 }
1473
set_permissions_and_ownership(int fd,bool is_public,int uid,const char * path)1474 static bool set_permissions_and_ownership(int fd, bool is_public, int uid, const char* path) {
1475 if (fchmod(fd,
1476 S_IRUSR|S_IWUSR|S_IRGRP |
1477 (is_public ? S_IROTH : 0)) < 0) {
1478 ALOGE("installd cannot chmod '%s' during dexopt\n", path);
1479 return false;
1480 } else if (fchown(fd, AID_SYSTEM, uid) < 0) {
1481 ALOGE("installd cannot chown '%s' during dexopt\n", path);
1482 return false;
1483 }
1484 return true;
1485 }
1486
create_oat_out_path(const char * apk_path,const char * instruction_set,const char * oat_dir,char * out_path)1487 static bool create_oat_out_path(const char* apk_path, const char* instruction_set,
1488 const char* oat_dir, /*out*/ char* out_path) {
1489 // Early best-effort check whether we can fit the the path into our buffers.
1490 // Note: the cache path will require an additional 5 bytes for ".swap", but we'll try to run
1491 // without a swap file, if necessary. Reference profiles file also add an extra ".prof"
1492 // extension to the cache path (5 bytes).
1493 if (strlen(apk_path) >= (PKG_PATH_MAX - 8)) {
1494 ALOGE("apk_path too long '%s'\n", apk_path);
1495 return false;
1496 }
1497
1498 if (oat_dir != NULL && oat_dir[0] != '!') {
1499 if (validate_apk_path(oat_dir)) {
1500 ALOGE("invalid oat_dir '%s'\n", oat_dir);
1501 return false;
1502 }
1503 if (!calculate_oat_file_path(out_path, oat_dir, apk_path, instruction_set)) {
1504 return false;
1505 }
1506 } else {
1507 if (!create_cache_path(out_path, apk_path, instruction_set)) {
1508 return false;
1509 }
1510 }
1511 return true;
1512 }
1513
1514 // TODO: Consider returning error codes.
merge_profiles(uid_t uid,const char * pkgname)1515 bool merge_profiles(uid_t uid, const char *pkgname) {
1516 return analyse_profiles(uid, pkgname);
1517 }
1518
parse_null(const char * arg)1519 static const char* parse_null(const char* arg) {
1520 if (strcmp(arg, "!") == 0) {
1521 return nullptr;
1522 } else {
1523 return arg;
1524 }
1525 }
1526
dexopt(const char * const params[DEXOPT_PARAM_COUNT])1527 int dexopt(const char* const params[DEXOPT_PARAM_COUNT]) {
1528 return dexopt(params[0], // apk_path
1529 atoi(params[1]), // uid
1530 params[2], // pkgname
1531 params[3], // instruction_set
1532 atoi(params[4]), // dexopt_needed
1533 params[5], // oat_dir
1534 atoi(params[6]), // dexopt_flags
1535 params[7], // compiler_filter
1536 parse_null(params[8]), // volume_uuid
1537 parse_null(params[9])); // shared_libraries
1538 static_assert(DEXOPT_PARAM_COUNT == 10U, "Unexpected dexopt param count");
1539 }
1540
1541 // Helper for fd management. This is similar to a unique_fd in that it closes the file descriptor
1542 // on destruction. It will also run the given cleanup (unless told not to) after closing.
1543 //
1544 // Usage example:
1545 //
1546 // Dex2oatFileWrapper<std::function<void ()>> file(open(...),
1547 // [name]() {
1548 // unlink(name.c_str());
1549 // });
1550 // // Note: care needs to be taken about name, as it needs to have a lifetime longer than the
1551 // wrapper if captured as a reference.
1552 //
1553 // if (file.get() == -1) {
1554 // // Error opening...
1555 // }
1556 //
1557 // ...
1558 // if (error) {
1559 // // At this point, when the Dex2oatFileWrapper is destructed, the cleanup function will run
1560 // // and delete the file (after the fd is closed).
1561 // return -1;
1562 // }
1563 //
1564 // (Success case)
1565 // file.SetCleanup(false);
1566 // // At this point, when the Dex2oatFileWrapper is destructed, the cleanup function will not run
1567 // // (leaving the file around; after the fd is closed).
1568 //
1569 template <typename Cleanup>
1570 class Dex2oatFileWrapper {
1571 public:
Dex2oatFileWrapper()1572 Dex2oatFileWrapper() : value_(-1), cleanup_(), do_cleanup_(true) {
1573 }
1574
Dex2oatFileWrapper(int value,Cleanup cleanup)1575 Dex2oatFileWrapper(int value, Cleanup cleanup)
1576 : value_(value), cleanup_(cleanup), do_cleanup_(true) {}
1577
~Dex2oatFileWrapper()1578 ~Dex2oatFileWrapper() {
1579 reset(-1);
1580 }
1581
get()1582 int get() {
1583 return value_;
1584 }
1585
SetCleanup(bool cleanup)1586 void SetCleanup(bool cleanup) {
1587 do_cleanup_ = cleanup;
1588 }
1589
reset(int new_value)1590 void reset(int new_value) {
1591 if (value_ >= 0) {
1592 close(value_);
1593 }
1594 if (do_cleanup_ && cleanup_ != nullptr) {
1595 cleanup_();
1596 }
1597
1598 value_ = new_value;
1599 }
1600
reset(int new_value,Cleanup new_cleanup)1601 void reset(int new_value, Cleanup new_cleanup) {
1602 if (value_ >= 0) {
1603 close(value_);
1604 }
1605 if (do_cleanup_ && cleanup_ != nullptr) {
1606 cleanup_();
1607 }
1608
1609 value_ = new_value;
1610 cleanup_ = new_cleanup;
1611 }
1612
1613 private:
1614 int value_;
1615 Cleanup cleanup_;
1616 bool do_cleanup_;
1617 };
1618
dexopt(const char * apk_path,uid_t uid,const char * pkgname,const char * instruction_set,int dexopt_needed,const char * oat_dir,int dexopt_flags,const char * compiler_filter,const char * volume_uuid ATTRIBUTE_UNUSED,const char * shared_libraries)1619 int dexopt(const char* apk_path, uid_t uid, const char* pkgname, const char* instruction_set,
1620 int dexopt_needed, const char* oat_dir, int dexopt_flags, const char* compiler_filter,
1621 const char* volume_uuid ATTRIBUTE_UNUSED, const char* shared_libraries)
1622 {
1623 bool is_public = ((dexopt_flags & DEXOPT_PUBLIC) != 0);
1624 bool vm_safe_mode = (dexopt_flags & DEXOPT_SAFEMODE) != 0;
1625 bool debuggable = (dexopt_flags & DEXOPT_DEBUGGABLE) != 0;
1626 bool boot_complete = (dexopt_flags & DEXOPT_BOOTCOMPLETE) != 0;
1627 bool profile_guided = (dexopt_flags & DEXOPT_PROFILE_GUIDED) != 0;
1628
1629 // Don't use profile for vm_safe_mode. b/30688277
1630 profile_guided = profile_guided && !vm_safe_mode;
1631
1632 CHECK(pkgname != nullptr);
1633 CHECK(pkgname[0] != 0);
1634
1635 // Public apps should not be compiled with profile information ever. Same goes for the special
1636 // package '*' used for the system server.
1637 Dex2oatFileWrapper<std::function<void ()>> reference_profile_fd;
1638 if (!is_public && pkgname[0] != '*') {
1639 // Open reference profile in read only mode as dex2oat does not get write permissions.
1640 const std::string pkgname_str(pkgname);
1641 reference_profile_fd.reset(open_reference_profile(uid, pkgname, /*read_write*/ false),
1642 [pkgname_str]() {
1643 clear_reference_profile(pkgname_str.c_str());
1644 });
1645 // Note: it's OK to not find a profile here.
1646 }
1647
1648 if ((dexopt_flags & ~DEXOPT_MASK) != 0) {
1649 LOG_FATAL("dexopt flags contains unknown fields\n");
1650 }
1651
1652 char out_path[PKG_PATH_MAX];
1653 if (!create_oat_out_path(apk_path, instruction_set, oat_dir, out_path)) {
1654 return false;
1655 }
1656
1657 const char *input_file;
1658 char in_odex_path[PKG_PATH_MAX];
1659 switch (dexopt_needed) {
1660 case DEXOPT_DEX2OAT_NEEDED:
1661 input_file = apk_path;
1662 break;
1663
1664 case DEXOPT_PATCHOAT_NEEDED:
1665 if (!calculate_odex_file_path(in_odex_path, apk_path, instruction_set)) {
1666 return -1;
1667 }
1668 input_file = in_odex_path;
1669 break;
1670
1671 case DEXOPT_SELF_PATCHOAT_NEEDED:
1672 input_file = out_path;
1673 break;
1674
1675 default:
1676 ALOGE("Invalid dexopt needed: %d\n", dexopt_needed);
1677 return 72;
1678 }
1679
1680 struct stat input_stat;
1681 memset(&input_stat, 0, sizeof(input_stat));
1682 stat(input_file, &input_stat);
1683
1684 base::unique_fd input_fd(open(input_file, O_RDONLY, 0));
1685 if (input_fd.get() < 0) {
1686 ALOGE("installd cannot open '%s' for input during dexopt\n", input_file);
1687 return -1;
1688 }
1689
1690 const std::string out_path_str(out_path);
1691 Dex2oatFileWrapper<std::function<void ()>> out_fd(
1692 open_output_file(out_path, /*recreate*/true, /*permissions*/0644),
1693 [out_path_str]() { unlink(out_path_str.c_str()); });
1694 if (out_fd.get() < 0) {
1695 ALOGE("installd cannot open '%s' for output during dexopt\n", out_path);
1696 return -1;
1697 }
1698 if (!set_permissions_and_ownership(out_fd.get(), is_public, uid, out_path)) {
1699 return -1;
1700 }
1701
1702 // Create a swap file if necessary.
1703 base::unique_fd swap_fd;
1704 if (ShouldUseSwapFileForDexopt()) {
1705 // Make sure there really is enough space.
1706 char swap_file_name[PKG_PATH_MAX];
1707 strcpy(swap_file_name, out_path);
1708 if (add_extension_to_file_name(swap_file_name, ".swap")) {
1709 swap_fd.reset(open_output_file(swap_file_name, /*recreate*/true, /*permissions*/0600));
1710 }
1711 if (swap_fd.get() < 0) {
1712 // Could not create swap file. Optimistically go on and hope that we can compile
1713 // without it.
1714 ALOGE("installd could not create '%s' for swap during dexopt\n", swap_file_name);
1715 } else {
1716 // Immediately unlink. We don't really want to hit flash.
1717 if (unlink(swap_file_name) < 0) {
1718 PLOG(ERROR) << "Couldn't unlink swap file " << swap_file_name;
1719 }
1720 }
1721 }
1722
1723 // Avoid generating an app image for extract only since it will not contain any classes.
1724 Dex2oatFileWrapper<std::function<void ()>> image_fd;
1725 const std::string image_path = create_image_filename(out_path);
1726 if (!image_path.empty()) {
1727 char app_image_format[kPropertyValueMax];
1728 bool have_app_image_format =
1729 get_property("dalvik.vm.appimageformat", app_image_format, NULL) > 0;
1730 // Use app images only if it is enabled (by a set image format) and we are compiling
1731 // profile-guided (so the app image doesn't conservatively contain all classes).
1732 if (profile_guided && have_app_image_format) {
1733 // Recreate is true since we do not want to modify a mapped image. If the app is
1734 // already running and we modify the image file, it can cause crashes (b/27493510).
1735 image_fd.reset(open_output_file(image_path.c_str(),
1736 true /*recreate*/,
1737 0600 /*permissions*/),
1738 [image_path]() { unlink(image_path.c_str()); }
1739 );
1740 if (image_fd.get() < 0) {
1741 // Could not create application image file. Go on since we can compile without
1742 // it.
1743 LOG(ERROR) << "installd could not create '"
1744 << image_path
1745 << "' for image file during dexopt";
1746 } else if (!set_permissions_and_ownership(image_fd.get(),
1747 is_public,
1748 uid,
1749 image_path.c_str())) {
1750 image_fd.reset(-1);
1751 }
1752 }
1753 // If we have a valid image file path but no image fd, explicitly erase the image file.
1754 if (image_fd.get() < 0) {
1755 if (unlink(image_path.c_str()) < 0) {
1756 if (errno != ENOENT) {
1757 PLOG(ERROR) << "Couldn't unlink image file " << image_path;
1758 }
1759 }
1760 }
1761 }
1762
1763 ALOGV("DexInv: --- BEGIN '%s' ---\n", input_file);
1764
1765 pid_t pid = fork();
1766 if (pid == 0) {
1767 /* child -- drop privileges before continuing */
1768 drop_capabilities(uid);
1769
1770 SetDex2OatAndPatchOatScheduling(boot_complete);
1771 if (flock(out_fd.get(), LOCK_EX | LOCK_NB) != 0) {
1772 ALOGE("flock(%s) failed: %s\n", out_path, strerror(errno));
1773 _exit(67);
1774 }
1775
1776 if (dexopt_needed == DEXOPT_PATCHOAT_NEEDED
1777 || dexopt_needed == DEXOPT_SELF_PATCHOAT_NEEDED) {
1778 run_patchoat(input_fd.get(),
1779 out_fd.get(),
1780 input_file,
1781 out_path,
1782 pkgname,
1783 instruction_set);
1784 } else if (dexopt_needed == DEXOPT_DEX2OAT_NEEDED) {
1785 // Pass dex2oat the relative path to the input file.
1786 const char *input_file_name = get_location_from_path(input_file);
1787 run_dex2oat(input_fd.get(),
1788 out_fd.get(),
1789 image_fd.get(),
1790 input_file_name,
1791 out_path,
1792 swap_fd.get(),
1793 instruction_set,
1794 compiler_filter,
1795 vm_safe_mode,
1796 debuggable,
1797 boot_complete,
1798 reference_profile_fd.get(),
1799 shared_libraries);
1800 } else {
1801 ALOGE("Invalid dexopt needed: %d\n", dexopt_needed);
1802 _exit(73);
1803 }
1804 _exit(68); /* only get here on exec failure */
1805 } else {
1806 int res = wait_child(pid);
1807 if (res == 0) {
1808 ALOGV("DexInv: --- END '%s' (success) ---\n", input_file);
1809 } else {
1810 ALOGE("DexInv: --- END '%s' --- status=0x%04x, process failed\n", input_file, res);
1811 return -1;
1812 }
1813 }
1814
1815 struct utimbuf ut;
1816 ut.actime = input_stat.st_atime;
1817 ut.modtime = input_stat.st_mtime;
1818 utime(out_path, &ut);
1819
1820 // We've been successful, don't delete output.
1821 out_fd.SetCleanup(false);
1822 image_fd.SetCleanup(false);
1823 reference_profile_fd.SetCleanup(false);
1824
1825 return 0;
1826 }
1827
mark_boot_complete(const char * instruction_set)1828 int mark_boot_complete(const char* instruction_set)
1829 {
1830 char boot_marker_path[PKG_PATH_MAX];
1831 sprintf(boot_marker_path,
1832 "%s/%s/%s/.booting",
1833 android_data_dir.path,
1834 DALVIK_CACHE,
1835 instruction_set);
1836
1837 ALOGV("mark_boot_complete : %s", boot_marker_path);
1838 if (unlink(boot_marker_path) != 0) {
1839 ALOGE("Unable to unlink boot marker at %s, error=%s", boot_marker_path,
1840 strerror(errno));
1841 return -1;
1842 }
1843
1844 return 0;
1845 }
1846
mkinnerdirs(char * path,int basepos,mode_t mode,int uid,int gid,struct stat * statbuf)1847 void mkinnerdirs(char* path, int basepos, mode_t mode, int uid, int gid,
1848 struct stat* statbuf)
1849 {
1850 while (path[basepos] != 0) {
1851 if (path[basepos] == '/') {
1852 path[basepos] = 0;
1853 if (lstat(path, statbuf) < 0) {
1854 ALOGV("Making directory: %s\n", path);
1855 if (mkdir(path, mode) == 0) {
1856 chown(path, uid, gid);
1857 } else {
1858 ALOGW("Unable to make directory %s: %s\n", path, strerror(errno));
1859 }
1860 }
1861 path[basepos] = '/';
1862 basepos++;
1863 }
1864 basepos++;
1865 }
1866 }
1867
linklib(const char * uuid,const char * pkgname,const char * asecLibDir,int userId)1868 int linklib(const char* uuid, const char* pkgname, const char* asecLibDir, int userId)
1869 {
1870 struct stat s, libStat;
1871 int rc = 0;
1872
1873 std::string _pkgdir(create_data_user_ce_package_path(uuid, userId, pkgname));
1874 std::string _libsymlink(_pkgdir + PKG_LIB_POSTFIX);
1875
1876 const char* pkgdir = _pkgdir.c_str();
1877 const char* libsymlink = _libsymlink.c_str();
1878
1879 if (stat(pkgdir, &s) < 0) return -1;
1880
1881 if (chown(pkgdir, AID_INSTALL, AID_INSTALL) < 0) {
1882 ALOGE("failed to chown '%s': %s\n", pkgdir, strerror(errno));
1883 return -1;
1884 }
1885
1886 if (chmod(pkgdir, 0700) < 0) {
1887 ALOGE("linklib() 1: failed to chmod '%s': %s\n", pkgdir, strerror(errno));
1888 rc = -1;
1889 goto out;
1890 }
1891
1892 if (lstat(libsymlink, &libStat) < 0) {
1893 if (errno != ENOENT) {
1894 ALOGE("couldn't stat lib dir: %s\n", strerror(errno));
1895 rc = -1;
1896 goto out;
1897 }
1898 } else {
1899 if (S_ISDIR(libStat.st_mode)) {
1900 if (delete_dir_contents(libsymlink, 1, NULL) < 0) {
1901 rc = -1;
1902 goto out;
1903 }
1904 } else if (S_ISLNK(libStat.st_mode)) {
1905 if (unlink(libsymlink) < 0) {
1906 ALOGE("couldn't unlink lib dir: %s\n", strerror(errno));
1907 rc = -1;
1908 goto out;
1909 }
1910 }
1911 }
1912
1913 if (symlink(asecLibDir, libsymlink) < 0) {
1914 ALOGE("couldn't symlink directory '%s' -> '%s': %s\n", libsymlink, asecLibDir,
1915 strerror(errno));
1916 rc = -errno;
1917 goto out;
1918 }
1919
1920 out:
1921 if (chmod(pkgdir, s.st_mode) < 0) {
1922 ALOGE("linklib() 2: failed to chmod '%s': %s\n", pkgdir, strerror(errno));
1923 rc = -errno;
1924 }
1925
1926 if (chown(pkgdir, s.st_uid, s.st_gid) < 0) {
1927 ALOGE("failed to chown '%s' : %s\n", pkgdir, strerror(errno));
1928 return -errno;
1929 }
1930
1931 return rc;
1932 }
1933
run_idmap(const char * target_apk,const char * overlay_apk,int idmap_fd)1934 static void run_idmap(const char *target_apk, const char *overlay_apk, int idmap_fd)
1935 {
1936 static const char *IDMAP_BIN = "/system/bin/idmap";
1937 static const size_t MAX_INT_LEN = 32;
1938 char idmap_str[MAX_INT_LEN];
1939
1940 snprintf(idmap_str, sizeof(idmap_str), "%d", idmap_fd);
1941
1942 execl(IDMAP_BIN, IDMAP_BIN, "--fd", target_apk, overlay_apk, idmap_str, (char*)NULL);
1943 ALOGE("execl(%s) failed: %s\n", IDMAP_BIN, strerror(errno));
1944 }
1945
1946 // Transform string /a/b/c.apk to (prefix)/a@b@c.apk@(suffix)
1947 // eg /a/b/c.apk to /data/resource-cache/a@b@c.apk@idmap
flatten_path(const char * prefix,const char * suffix,const char * overlay_path,char * idmap_path,size_t N)1948 static int flatten_path(const char *prefix, const char *suffix,
1949 const char *overlay_path, char *idmap_path, size_t N)
1950 {
1951 if (overlay_path == NULL || idmap_path == NULL) {
1952 return -1;
1953 }
1954 const size_t len_overlay_path = strlen(overlay_path);
1955 // will access overlay_path + 1 further below; requires absolute path
1956 if (len_overlay_path < 2 || *overlay_path != '/') {
1957 return -1;
1958 }
1959 const size_t len_idmap_root = strlen(prefix);
1960 const size_t len_suffix = strlen(suffix);
1961 if (SIZE_MAX - len_idmap_root < len_overlay_path ||
1962 SIZE_MAX - (len_idmap_root + len_overlay_path) < len_suffix) {
1963 // additions below would cause overflow
1964 return -1;
1965 }
1966 if (N < len_idmap_root + len_overlay_path + len_suffix) {
1967 return -1;
1968 }
1969 memset(idmap_path, 0, N);
1970 snprintf(idmap_path, N, "%s%s%s", prefix, overlay_path + 1, suffix);
1971 char *ch = idmap_path + len_idmap_root;
1972 while (*ch != '\0') {
1973 if (*ch == '/') {
1974 *ch = '@';
1975 }
1976 ++ch;
1977 }
1978 return 0;
1979 }
1980
idmap(const char * target_apk,const char * overlay_apk,uid_t uid)1981 int idmap(const char *target_apk, const char *overlay_apk, uid_t uid)
1982 {
1983 ALOGV("idmap target_apk=%s overlay_apk=%s uid=%d\n", target_apk, overlay_apk, uid);
1984
1985 int idmap_fd = -1;
1986 char idmap_path[PATH_MAX];
1987
1988 if (flatten_path(IDMAP_PREFIX, IDMAP_SUFFIX, overlay_apk,
1989 idmap_path, sizeof(idmap_path)) == -1) {
1990 ALOGE("idmap cannot generate idmap path for overlay %s\n", overlay_apk);
1991 goto fail;
1992 }
1993
1994 unlink(idmap_path);
1995 idmap_fd = open(idmap_path, O_RDWR | O_CREAT | O_EXCL, 0644);
1996 if (idmap_fd < 0) {
1997 ALOGE("idmap cannot open '%s' for output: %s\n", idmap_path, strerror(errno));
1998 goto fail;
1999 }
2000 if (fchown(idmap_fd, AID_SYSTEM, uid) < 0) {
2001 ALOGE("idmap cannot chown '%s'\n", idmap_path);
2002 goto fail;
2003 }
2004 if (fchmod(idmap_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) < 0) {
2005 ALOGE("idmap cannot chmod '%s'\n", idmap_path);
2006 goto fail;
2007 }
2008
2009 pid_t pid;
2010 pid = fork();
2011 if (pid == 0) {
2012 /* child -- drop privileges before continuing */
2013 if (setgid(uid) != 0) {
2014 ALOGE("setgid(%d) failed during idmap\n", uid);
2015 exit(1);
2016 }
2017 if (setuid(uid) != 0) {
2018 ALOGE("setuid(%d) failed during idmap\n", uid);
2019 exit(1);
2020 }
2021 if (flock(idmap_fd, LOCK_EX | LOCK_NB) != 0) {
2022 ALOGE("flock(%s) failed during idmap: %s\n", idmap_path, strerror(errno));
2023 exit(1);
2024 }
2025
2026 run_idmap(target_apk, overlay_apk, idmap_fd);
2027 exit(1); /* only if exec call to idmap failed */
2028 } else {
2029 int status = wait_child(pid);
2030 if (status != 0) {
2031 ALOGE("idmap failed, status=0x%04x\n", status);
2032 goto fail;
2033 }
2034 }
2035
2036 close(idmap_fd);
2037 return 0;
2038 fail:
2039 if (idmap_fd >= 0) {
2040 close(idmap_fd);
2041 unlink(idmap_path);
2042 }
2043 return -1;
2044 }
2045
restorecon_app_data(const char * uuid,const char * pkgName,userid_t userid,int flags,appid_t appid,const char * seinfo)2046 int restorecon_app_data(const char* uuid, const char* pkgName, userid_t userid, int flags,
2047 appid_t appid, const char* seinfo) {
2048 int res = 0;
2049
2050 // SELINUX_ANDROID_RESTORECON_DATADATA flag is set by libselinux. Not needed here.
2051 unsigned int seflags = SELINUX_ANDROID_RESTORECON_RECURSE;
2052
2053 if (!pkgName || !seinfo) {
2054 ALOGE("Package name or seinfo tag is null when trying to restorecon.");
2055 return -1;
2056 }
2057
2058 uid_t uid = multiuser_get_uid(userid, appid);
2059 if (flags & FLAG_STORAGE_CE) {
2060 auto path = create_data_user_ce_package_path(uuid, userid, pkgName);
2061 if (selinux_android_restorecon_pkgdir(path.c_str(), seinfo, uid, seflags) < 0) {
2062 PLOG(ERROR) << "restorecon failed for " << path;
2063 res = -1;
2064 }
2065 }
2066 if (flags & FLAG_STORAGE_DE) {
2067 auto path = create_data_user_de_package_path(uuid, userid, pkgName);
2068 if (selinux_android_restorecon_pkgdir(path.c_str(), seinfo, uid, seflags) < 0) {
2069 PLOG(ERROR) << "restorecon failed for " << path;
2070 // TODO: include result once 25796509 is fixed
2071 }
2072 }
2073
2074 return res;
2075 }
2076
create_oat_dir(const char * oat_dir,const char * instruction_set)2077 int create_oat_dir(const char* oat_dir, const char* instruction_set)
2078 {
2079 char oat_instr_dir[PKG_PATH_MAX];
2080
2081 if (validate_apk_path(oat_dir)) {
2082 ALOGE("invalid apk path '%s' (bad prefix)\n", oat_dir);
2083 return -1;
2084 }
2085 if (fs_prepare_dir(oat_dir, S_IRWXU | S_IRWXG | S_IXOTH, AID_SYSTEM, AID_INSTALL)) {
2086 return -1;
2087 }
2088 if (selinux_android_restorecon(oat_dir, 0)) {
2089 ALOGE("cannot restorecon dir '%s': %s\n", oat_dir, strerror(errno));
2090 return -1;
2091 }
2092 snprintf(oat_instr_dir, PKG_PATH_MAX, "%s/%s", oat_dir, instruction_set);
2093 if (fs_prepare_dir(oat_instr_dir, S_IRWXU | S_IRWXG | S_IXOTH, AID_SYSTEM, AID_INSTALL)) {
2094 return -1;
2095 }
2096 return 0;
2097 }
2098
rm_package_dir(const char * apk_path)2099 int rm_package_dir(const char* apk_path)
2100 {
2101 if (validate_apk_path(apk_path)) {
2102 ALOGE("invalid apk path '%s' (bad prefix)\n", apk_path);
2103 return -1;
2104 }
2105 return delete_dir_contents(apk_path, 1 /* also_delete_dir */ , NULL /* exclusion_predicate */);
2106 }
2107
link_file(const char * relative_path,const char * from_base,const char * to_base)2108 int link_file(const char* relative_path, const char* from_base, const char* to_base) {
2109 char from_path[PKG_PATH_MAX];
2110 char to_path[PKG_PATH_MAX];
2111 snprintf(from_path, PKG_PATH_MAX, "%s/%s", from_base, relative_path);
2112 snprintf(to_path, PKG_PATH_MAX, "%s/%s", to_base, relative_path);
2113
2114 if (validate_apk_path_subdirs(from_path)) {
2115 ALOGE("invalid app data sub-path '%s' (bad prefix)\n", from_path);
2116 return -1;
2117 }
2118
2119 if (validate_apk_path_subdirs(to_path)) {
2120 ALOGE("invalid app data sub-path '%s' (bad prefix)\n", to_path);
2121 return -1;
2122 }
2123
2124 const int ret = link(from_path, to_path);
2125 if (ret < 0) {
2126 ALOGE("link(%s, %s) failed : %s", from_path, to_path, strerror(errno));
2127 return -1;
2128 }
2129
2130 return 0;
2131 }
2132
2133 // Helper for move_ab, so that we can have common failure-case cleanup.
unlink_and_rename(const char * from,const char * to)2134 static bool unlink_and_rename(const char* from, const char* to) {
2135 // Check whether "from" exists, and if so whether it's regular. If it is, unlink. Otherwise,
2136 // return a failure.
2137 struct stat s;
2138 if (stat(to, &s) == 0) {
2139 if (!S_ISREG(s.st_mode)) {
2140 LOG(ERROR) << from << " is not a regular file to replace for A/B.";
2141 return false;
2142 }
2143 if (unlink(to) != 0) {
2144 LOG(ERROR) << "Could not unlink " << to << " to move A/B.";
2145 return false;
2146 }
2147 } else {
2148 // This may be a permission problem. We could investigate the error code, but we'll just
2149 // let the rename failure do the work for us.
2150 }
2151
2152 // Try to rename "to" to "from."
2153 if (rename(from, to) != 0) {
2154 PLOG(ERROR) << "Could not rename " << from << " to " << to;
2155 return false;
2156 }
2157
2158 return true;
2159 }
2160
2161 // Move/rename a B artifact (from) to an A artifact (to).
move_ab_path(const std::string & b_path,const std::string & a_path)2162 static bool move_ab_path(const std::string& b_path, const std::string& a_path) {
2163 // Check whether B exists.
2164 {
2165 struct stat s;
2166 if (stat(b_path.c_str(), &s) != 0) {
2167 // Silently ignore for now. The service calling this isn't smart enough to understand
2168 // lack of artifacts at the moment.
2169 return false;
2170 }
2171 if (!S_ISREG(s.st_mode)) {
2172 LOG(ERROR) << "A/B artifact " << b_path << " is not a regular file.";
2173 // Try to unlink, but swallow errors.
2174 unlink(b_path.c_str());
2175 return false;
2176 }
2177 }
2178
2179 // Rename B to A.
2180 if (!unlink_and_rename(b_path.c_str(), a_path.c_str())) {
2181 // Delete the b_path so we don't try again (or fail earlier).
2182 if (unlink(b_path.c_str()) != 0) {
2183 PLOG(ERROR) << "Could not unlink " << b_path;
2184 }
2185
2186 return false;
2187 }
2188
2189 return true;
2190 }
2191
move_ab(const char * apk_path,const char * instruction_set,const char * oat_dir)2192 int move_ab(const char* apk_path, const char* instruction_set, const char* oat_dir) {
2193 if (apk_path == nullptr || instruction_set == nullptr || oat_dir == nullptr) {
2194 LOG(ERROR) << "Cannot move_ab with null input";
2195 return -1;
2196 }
2197
2198 // Get the current slot suffix. No suffix, no A/B.
2199 std::string slot_suffix;
2200 {
2201 char buf[kPropertyValueMax];
2202 if (get_property("ro.boot.slot_suffix", buf, nullptr) <= 0) {
2203 return -1;
2204 }
2205 slot_suffix = buf;
2206
2207 if (!ValidateTargetSlotSuffix(slot_suffix)) {
2208 LOG(ERROR) << "Target slot suffix not legal: " << slot_suffix;
2209 return -1;
2210 }
2211 }
2212
2213 // Validate other inputs.
2214 if (validate_apk_path(apk_path) != 0) {
2215 LOG(ERROR) << "invalid apk_path " << apk_path;
2216 return -1;
2217 }
2218 if (validate_apk_path(oat_dir) != 0) {
2219 LOG(ERROR) << "invalid oat_dir " << oat_dir;
2220 return -1;
2221 }
2222
2223 char a_path[PKG_PATH_MAX];
2224 if (!calculate_oat_file_path(a_path, oat_dir, apk_path, instruction_set)) {
2225 return -1;
2226 }
2227 const std::string a_image_path = create_image_filename(a_path);
2228
2229 // B path = A path + slot suffix.
2230 const std::string b_path = StringPrintf("%s.%s", a_path, slot_suffix.c_str());
2231 const std::string b_image_path = StringPrintf("%s.%s",
2232 a_image_path.c_str(),
2233 slot_suffix.c_str());
2234
2235 bool oat_success = move_ab_path(b_path, a_path);
2236 bool success;
2237
2238 if (oat_success) {
2239 // Note: we can live without an app image. As such, ignore failure to move the image file.
2240 // If we decide to require the app image, or the app image being moved correctly,
2241 // then change accordingly.
2242 constexpr bool kIgnoreAppImageFailure = true;
2243
2244 bool art_success = true;
2245 if (!a_image_path.empty()) {
2246 art_success = move_ab_path(b_image_path, a_image_path);
2247 if (!art_success) {
2248 unlink(a_image_path.c_str());
2249 }
2250 }
2251
2252 success = art_success || kIgnoreAppImageFailure;
2253 } else {
2254 // Cleanup: delete B image, ignore errors.
2255 unlink(b_image_path.c_str());
2256
2257 success = false;
2258 }
2259
2260 return success ? 0 : -1;
2261 }
2262
delete_odex(const char * apk_path,const char * instruction_set,const char * oat_dir)2263 bool delete_odex(const char *apk_path, const char *instruction_set, const char *oat_dir) {
2264 // Delete the oat/odex file.
2265 char out_path[PKG_PATH_MAX];
2266 if (!create_oat_out_path(apk_path, instruction_set, oat_dir, out_path)) {
2267 return false;
2268 }
2269
2270 // In case of a permission failure report the issue. Otherwise just print a warning.
2271 auto unlink_and_check = [](const char* path) -> bool {
2272 int result = unlink(path);
2273 if (result != 0) {
2274 if (errno == EACCES || errno == EPERM) {
2275 PLOG(ERROR) << "Could not unlink " << path;
2276 return false;
2277 }
2278 PLOG(WARNING) << "Could not unlink " << path;
2279 }
2280 return true;
2281 };
2282
2283 // Delete the oat/odex file.
2284 bool return_value_oat = unlink_and_check(out_path);
2285
2286 // Derive and delete the app image.
2287 bool return_value_art = unlink_and_check(create_image_filename(out_path).c_str());
2288
2289 // Report success.
2290 return return_value_oat && return_value_art;
2291 }
2292
2293 } // namespace installd
2294 } // namespace android
2295