1 /*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ueventd.h"
18
19 #include <ctype.h>
20 #include <fcntl.h>
21 #include <signal.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <sys/wait.h>
26
27 #include <set>
28 #include <thread>
29
30 #include <android-base/chrono_utils.h>
31 #include <android-base/logging.h>
32 #include <android-base/properties.h>
33 #include <selinux/android.h>
34 #include <selinux/selinux.h>
35
36 #include "devices.h"
37 #include "firmware_handler.h"
38 #include "log.h"
39 #include "uevent_listener.h"
40 #include "ueventd_parser.h"
41 #include "util.h"
42
43 // At a high level, ueventd listens for uevent messages generated by the kernel through a netlink
44 // socket. When ueventd receives such a message it handles it by taking appropriate actions,
45 // which can typically be creating a device node in /dev, setting file permissions, setting selinux
46 // labels, etc.
47 // Ueventd also handles loading of firmware that the kernel requests, and creates symlinks for block
48 // and character devices.
49
50 // When ueventd starts, it regenerates uevents for all currently registered devices by traversing
51 // /sys and writing 'add' to each 'uevent' file that it finds. This causes the kernel to generate
52 // and resend uevent messages for all of the currently registered devices. This is done, because
53 // ueventd would not have been running when these devices were registered and therefore was unable
54 // to receive their uevent messages and handle them appropriately. This process is known as
55 // 'cold boot'.
56
57 // 'init' currently waits synchronously on the cold boot process of ueventd before it continues
58 // its boot process. For this reason, cold boot should be as quick as possible. One way to achieve
59 // a speed up here is to parallelize the handling of ueventd messages, which consume the bulk of the
60 // time during cold boot.
61
62 // Handling of uevent messages has two unique properties:
63 // 1) It can be done in isolation; it doesn't need to read or write any status once it is started.
64 // 2) It uses setegid() and setfscreatecon() so either care (aka locking) must be taken to ensure
65 // that no file system operations are done while the uevent process has an abnormal egid or
66 // fscreatecon or this handling must happen in a separate process.
67 // Given the above two properties, it is best to fork() subprocesses to handle the uevents. This
68 // reduces the overhead and complexity that would be required in a solution with threads and locks.
69 // In testing, a racy multithreaded solution has the same performance as the fork() solution, so
70 // there is no reason to deal with the complexity of the former.
71
72 // One other important caveat during the boot process is the handling of SELinux restorecon.
73 // Since many devices have child devices, calling selinux_android_restorecon() recursively for each
74 // device when its uevent is handled, results in multiple restorecon operations being done on a
75 // given file. It is more efficient to simply do restorecon recursively on /sys during cold boot,
76 // than to do restorecon on each device as its uevent is handled. This only applies to cold boot;
77 // once that has completed, restorecon is done for each device as its uevent is handled.
78
79 // With all of the above considered, the cold boot process has the below steps:
80 // 1) ueventd regenerates uevents by doing the /sys traversal and listens to the netlink socket for
81 // the generated uevents. It writes these uevents into a queue represented by a vector.
82 //
83 // 2) ueventd forks 'n' separate uevent handler subprocesses and has each of them to handle the
84 // uevents in the queue based on a starting offset (their process number) and a stride (the total
85 // number of processes). Note that no IPC happens at this point and only const functions from
86 // DeviceHandler should be called from this context.
87 //
88 // 3) In parallel to the subprocesses handling the uevents, the main thread of ueventd calls
89 // selinux_android_restorecon() recursively on /sys/class, /sys/block, and /sys/devices.
90 //
91 // 4) Once the restorecon operation finishes, the main thread calls waitpid() to wait for all
92 // subprocess handlers to complete and exit. Once this happens, it marks coldboot as having
93 // completed.
94 //
95 // At this point, ueventd is single threaded, poll()'s and then handles any future uevents.
96
97 // Lastly, it should be noted that uevents that occur during the coldboot process are handled
98 // without issue after the coldboot process completes. This is because the uevent listener is
99 // paused while the uevent handler and restorecon actions take place. Once coldboot completes,
100 // the uevent listener resumes in polling mode and will handle the uevents that occurred during
101 // coldboot.
102
103 namespace android {
104 namespace init {
105
106 class ColdBoot {
107 public:
ColdBoot(UeventListener & uevent_listener,DeviceHandler & device_handler)108 ColdBoot(UeventListener& uevent_listener, DeviceHandler& device_handler)
109 : uevent_listener_(uevent_listener),
110 device_handler_(device_handler),
111 num_handler_subprocesses_(std::thread::hardware_concurrency() ?: 4) {}
112
113 void Run();
114
115 private:
116 void UeventHandlerMain(unsigned int process_num, unsigned int total_processes);
117 void RegenerateUevents();
118 void ForkSubProcesses();
119 void DoRestoreCon();
120 void WaitForSubProcesses();
121
122 UeventListener& uevent_listener_;
123 DeviceHandler& device_handler_;
124
125 unsigned int num_handler_subprocesses_;
126 std::vector<Uevent> uevent_queue_;
127
128 std::set<pid_t> subprocess_pids_;
129 };
130
UeventHandlerMain(unsigned int process_num,unsigned int total_processes)131 void ColdBoot::UeventHandlerMain(unsigned int process_num, unsigned int total_processes) {
132 for (unsigned int i = process_num; i < uevent_queue_.size(); i += total_processes) {
133 auto& uevent = uevent_queue_[i];
134 device_handler_.HandleDeviceEvent(uevent);
135 }
136 _exit(EXIT_SUCCESS);
137 }
138
RegenerateUevents()139 void ColdBoot::RegenerateUevents() {
140 uevent_listener_.RegenerateUevents([this](const Uevent& uevent) {
141 HandleFirmwareEvent(uevent);
142
143 uevent_queue_.emplace_back(std::move(uevent));
144 return ListenerAction::kContinue;
145 });
146 }
147
ForkSubProcesses()148 void ColdBoot::ForkSubProcesses() {
149 for (unsigned int i = 0; i < num_handler_subprocesses_; ++i) {
150 auto pid = fork();
151 if (pid < 0) {
152 PLOG(FATAL) << "fork() failed!";
153 }
154
155 if (pid == 0) {
156 UeventHandlerMain(i, num_handler_subprocesses_);
157 }
158
159 subprocess_pids_.emplace(pid);
160 }
161 }
162
DoRestoreCon()163 void ColdBoot::DoRestoreCon() {
164 selinux_android_restorecon("/sys", SELINUX_ANDROID_RESTORECON_RECURSE);
165 device_handler_.set_skip_restorecon(false);
166 }
167
WaitForSubProcesses()168 void ColdBoot::WaitForSubProcesses() {
169 // Treat subprocesses that crash or get stuck the same as if ueventd itself has crashed or gets
170 // stuck.
171 //
172 // When a subprocess crashes, we fatally abort from ueventd. init will restart ueventd when
173 // init reaps it, and the cold boot process will start again. If this continues to fail, then
174 // since ueventd is marked as a critical service, init will reboot to recovery.
175 //
176 // When a subprocess gets stuck, keep ueventd spinning waiting for it. init has a timeout for
177 // cold boot and will reboot to the bootloader if ueventd does not complete in time.
178 while (!subprocess_pids_.empty()) {
179 int status;
180 pid_t pid = TEMP_FAILURE_RETRY(waitpid(-1, &status, 0));
181 if (pid == -1) {
182 PLOG(ERROR) << "waitpid() failed";
183 continue;
184 }
185
186 auto it = std::find(subprocess_pids_.begin(), subprocess_pids_.end(), pid);
187 if (it == subprocess_pids_.end()) continue;
188
189 if (WIFEXITED(status)) {
190 if (WEXITSTATUS(status) == EXIT_SUCCESS) {
191 subprocess_pids_.erase(it);
192 } else {
193 LOG(FATAL) << "subprocess exited with status " << WEXITSTATUS(status);
194 }
195 } else if (WIFSIGNALED(status)) {
196 LOG(FATAL) << "subprocess killed by signal " << WTERMSIG(status);
197 }
198 }
199 }
200
Run()201 void ColdBoot::Run() {
202 android::base::Timer cold_boot_timer;
203
204 RegenerateUevents();
205
206 ForkSubProcesses();
207
208 DoRestoreCon();
209
210 WaitForSubProcesses();
211
212 close(open(COLDBOOT_DONE, O_WRONLY | O_CREAT | O_CLOEXEC, 0000));
213 LOG(INFO) << "Coldboot took " << cold_boot_timer.duration().count() / 1000.0f << " seconds";
214 }
215
CreateDeviceHandler()216 DeviceHandler CreateDeviceHandler() {
217 Parser parser;
218
219 std::vector<Subsystem> subsystems;
220 parser.AddSectionParser("subsystem", std::make_unique<SubsystemParser>(&subsystems));
221
222 using namespace std::placeholders;
223 std::vector<SysfsPermissions> sysfs_permissions;
224 std::vector<Permissions> dev_permissions;
225 parser.AddSingleLineParser(
226 "/sys/", std::bind(ParsePermissionsLine, _1, _2, &sysfs_permissions, nullptr));
227 parser.AddSingleLineParser("/dev/",
228 std::bind(ParsePermissionsLine, _1, _2, nullptr, &dev_permissions));
229
230 parser.ParseConfig("/ueventd.rc");
231 parser.ParseConfig("/vendor/ueventd.rc");
232 parser.ParseConfig("/odm/ueventd.rc");
233
234 /*
235 * keep the current product name base configuration so
236 * we remain backwards compatible and allow it to override
237 * everything
238 * TODO: cleanup platform ueventd.rc to remove vendor specific
239 * device node entries (b/34968103)
240 */
241 std::string hardware = android::base::GetProperty("ro.hardware", "");
242 parser.ParseConfig("/ueventd." + hardware + ".rc");
243
244 return DeviceHandler(std::move(dev_permissions), std::move(sysfs_permissions),
245 std::move(subsystems), true);
246 }
247
ueventd_main(int argc,char ** argv)248 int ueventd_main(int argc, char** argv) {
249 /*
250 * init sets the umask to 077 for forked processes. We need to
251 * create files with exact permissions, without modification by
252 * the umask.
253 */
254 umask(000);
255
256 InitKernelLogging(argv);
257
258 LOG(INFO) << "ueventd started!";
259
260 selinux_callback cb;
261 cb.func_log = selinux_klog_callback;
262 selinux_set_callback(SELINUX_CB_LOG, cb);
263
264 DeviceHandler device_handler = CreateDeviceHandler();
265 UeventListener uevent_listener;
266
267 if (access(COLDBOOT_DONE, F_OK) != 0) {
268 ColdBoot cold_boot(uevent_listener, device_handler);
269 cold_boot.Run();
270 }
271
272 // We use waitpid() in ColdBoot, so we can't ignore SIGCHLD until now.
273 signal(SIGCHLD, SIG_IGN);
274 // Reap and pending children that exited between the last call to waitpid() and setting SIG_IGN
275 // for SIGCHLD above.
276 while (waitpid(-1, nullptr, WNOHANG) > 0) {
277 }
278
279 uevent_listener.Poll([&device_handler](const Uevent& uevent) {
280 HandleFirmwareEvent(uevent);
281 device_handler.HandleDeviceEvent(uevent);
282 return ListenerAction::kContinue;
283 });
284
285 return 0;
286 }
287
288 } // namespace init
289 } // namespace android
290