/*
|
* Copyright (C) 2019 The Android Open Source Project
|
*
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License.
|
*/
|
|
#define LOG_TAG "apexd"
|
|
#include "apex_database.h"
|
#include "apex_constants.h"
|
#include "apex_file.h"
|
#include "apexd_utils.h"
|
#include "status_or.h"
|
#include "string_log.h"
|
|
#include <android-base/file.h>
|
#include <android-base/logging.h>
|
#include <android-base/parseint.h>
|
#include <android-base/strings.h>
|
|
#include <filesystem>
|
#include <fstream>
|
#include <string>
|
#include <unordered_map>
|
#include <utility>
|
|
using android::base::EndsWith;
|
using android::base::ParseInt;
|
using android::base::ReadFileToString;
|
using android::base::Split;
|
using android::base::StartsWith;
|
using android::base::Trim;
|
|
namespace fs = std::filesystem;
|
|
namespace android {
|
namespace apex {
|
|
namespace {
|
|
using MountedApexData = MountedApexDatabase::MountedApexData;
|
|
// from art/runtime/class_linker.cc
|
inline size_t hash_combine(size_t seed, size_t val) {
|
return seed ^ (val + 0x9e3779b9 + (seed << 6) + (seed >> 2));
|
}
|
|
typedef std::pair<dev_t, ino_t> inode_t;
|
struct inode_hash {
|
size_t operator()(const inode_t& inode) const {
|
auto h1 = std::hash<dev_t>{}(inode.first);
|
auto h2 = std::hash<ino_t>{}(inode.second);
|
return hash_combine(h1, h2);
|
}
|
};
|
typedef std::unordered_map<inode_t, std::string, inode_hash> inode_map;
|
|
enum BlockDeviceType {
|
UnknownDevice,
|
LoopDevice,
|
DeviceMapperDevice,
|
};
|
|
const fs::path kDevBlock = "/dev/block";
|
const fs::path kSysBlock = "/sys/block";
|
|
class BlockDevice {
|
std::string name; // loopN, dm-N, ...
|
public:
|
explicit BlockDevice(const fs::path& path) { name = path.filename(); }
|
|
BlockDeviceType GetType() const {
|
if (StartsWith(name, "loop")) return LoopDevice;
|
if (StartsWith(name, "dm-")) return DeviceMapperDevice;
|
return UnknownDevice;
|
}
|
|
fs::path SysPath() const { return kSysBlock / name; }
|
|
fs::path DevPath() const { return kDevBlock / name; }
|
|
StatusOr<std::string> GetProperty(const std::string& property) const {
|
auto propertyFile = SysPath() / property;
|
std::string propertyValue;
|
if (!ReadFileToString(propertyFile, &propertyValue)) {
|
return StatusOr<std::string>::MakeError(PStringLog() << "Fail to read");
|
}
|
return StatusOr<std::string>(Trim(propertyValue));
|
}
|
|
std::vector<BlockDevice> GetSlaves() const {
|
std::vector<BlockDevice> slaves;
|
std::error_code ec;
|
auto status = WalkDir(SysPath() / "slaves", [&](const auto& entry) {
|
BlockDevice dev(entry);
|
if (fs::is_block_file(dev.DevPath(), ec)) {
|
slaves.push_back(dev);
|
}
|
});
|
if (!status.Ok()) {
|
LOG(WARNING) << status.ErrorMessage();
|
}
|
return slaves;
|
}
|
};
|
|
std::pair<fs::path, fs::path> parseMountInfo(const std::string& mountInfo) {
|
const auto& tokens = Split(mountInfo, " ");
|
if (tokens.size() < 2) {
|
return std::make_pair("", "");
|
}
|
return std::make_pair(tokens[0], tokens[1]);
|
}
|
|
std::pair<std::string, int> parseMountPoint(const std::string& mountPoint) {
|
auto packageId = fs::path(mountPoint).filename();
|
auto split = Split(packageId, "@");
|
if (split.size() == 2) {
|
int version;
|
if (!ParseInt(split[1], &version)) {
|
version = -1;
|
}
|
return std::make_pair(split[0], version);
|
}
|
return std::make_pair(packageId, -1);
|
}
|
|
bool isActiveMountPoint(const std::string& mountPoint) {
|
return (mountPoint.find('@') == std::string::npos);
|
}
|
|
StatusOr<inode_t> inodeFor(const std::string& path) {
|
struct stat buf;
|
if (stat(path.c_str(), &buf)) {
|
return StatusOr<inode_t>::MakeError(PStringLog() << "stat failed");
|
}
|
return StatusOr<inode_t>(buf.st_dev, buf.st_ino);
|
}
|
|
// Flattened packages from builtin APEX dirs(/system/apex, /product/apex, ...)
|
inode_map scanFlattendedPackages() {
|
inode_map map;
|
|
for (const auto& dir : kApexPackageBuiltinDirs) {
|
auto status = WalkDir(dir, [&](const fs::directory_entry& entry) {
|
const auto& path = entry.path();
|
if (isFlattenedApex(path)) {
|
auto inode = inodeFor(path);
|
if (inode.Ok()) {
|
map[*inode] = path;
|
}
|
}
|
});
|
if (!status.Ok()) {
|
LOG(ERROR) << "Failed to walk " << dir << " : " << status.ErrorMessage();
|
}
|
}
|
|
return map;
|
}
|
|
StatusOr<MountedApexData> resolveMountInfo(const BlockDevice& block,
|
const std::string& mountPoint,
|
const inode_map& inodeMap) {
|
auto Error = [](auto e) { return StatusOr<MountedApexData>::MakeError(e); };
|
|
// First, see if it is bind-mount'ed to a flattened APEX
|
// This is checked first since flattened APEXes can be located in any stacked
|
// filesystem. (e.g. if / is mounted via /dev/loop1, then /proc/mounts shows
|
// that loop device as associated block device. But it is not related to APEX
|
// activation.) In any cases, comparing (dev,inode) pair with scanned
|
// flattened APEXes must identify bind-mounted APEX properly.
|
// See b/131924899.
|
auto inode = inodeFor(mountPoint);
|
if (inode.Ok()) {
|
auto iter = inodeMap.find(*inode);
|
if (iter != inodeMap.end()) {
|
return StatusOr<MountedApexData>("", iter->second, mountPoint, "");
|
}
|
}
|
|
// Now, see if it is dm-verity or loop mounted
|
switch (block.GetType()) {
|
case LoopDevice: {
|
auto backingFile = block.GetProperty("loop/backing_file");
|
if (!backingFile.Ok()) {
|
return Error(backingFile.ErrorStatus());
|
}
|
return StatusOr<MountedApexData>(block.DevPath(), *backingFile,
|
mountPoint, "");
|
}
|
case DeviceMapperDevice: {
|
auto name = block.GetProperty("dm/name");
|
if (!name.Ok()) {
|
return Error(name.ErrorStatus());
|
}
|
auto slaves = block.GetSlaves();
|
if (slaves.empty() || slaves[0].GetType() != LoopDevice) {
|
return Error("DeviceMapper device with no loop devices");
|
}
|
// TODO(jooyung): handle multiple loop devices when hash tree is
|
// externalized
|
auto slave = slaves[0];
|
auto backingFile = slave.GetProperty("loop/backing_file");
|
if (!backingFile.Ok()) {
|
return Error(backingFile.ErrorStatus());
|
}
|
return StatusOr<MountedApexData>(slave.DevPath(), *backingFile,
|
mountPoint, *name);
|
}
|
case UnknownDevice: {
|
return Error("Can't resolve " + block.DevPath().string());
|
}
|
}
|
}
|
|
} // namespace
|
|
// On startup, APEX database is populated from /proc/mounts.
|
|
// /apex/<package-id> can be mounted from
|
// - /dev/block/loopX : loop device
|
// - /dev/block/dm-X : dm-verity
|
// - <flattened> : bind-mount
|
|
// In case of loop device, it is from a non-flattened
|
// APEX file. This original APEX file can be tracked
|
// by /sys/block/loopX/loop/backing_file.
|
|
// In case of dm-verity, it is mapped to a loop device.
|
// This mapped loop device can be traced by
|
// /sys/block/dm-X/slaves/ directory which contains
|
// a symlink to /sys/block/loopY, which leads to
|
// the original APEX file.
|
// Device name can be retrieved from
|
// /sys/block/dm-Y/dm/name.
|
|
// In case of <flattened>, it is --bind mounted to a flattened
|
// APEX directory. This is allowed only for system/product
|
// partitions. So, original APEX directory can be found
|
// by comparing dev/inode pair with candidates.
|
|
// By synchronizing the mounts info with Database on startup,
|
// Apexd serves the correct package list even on the devices
|
// which are not ro.apex.updatable.
|
void MountedApexDatabase::PopulateFromMounts() {
|
LOG(INFO) << "Populating APEX database from mounts...";
|
|
std::unordered_map<std::string, int> activeVersions;
|
inode_map inodeToFlattendApexMap = scanFlattendedPackages();
|
|
std::ifstream mounts("/proc/mounts");
|
std::string line;
|
while (std::getline(mounts, line)) {
|
auto [block, mountPoint] = parseMountInfo(line);
|
// TODO(jooyung): ignore tmp mount?
|
if (fs::path(mountPoint).parent_path() != kApexRoot) {
|
continue;
|
}
|
if (isActiveMountPoint(mountPoint)) {
|
continue;
|
}
|
|
auto mountData = resolveMountInfo(BlockDevice(block), mountPoint,
|
inodeToFlattendApexMap);
|
if (!mountData.Ok()) {
|
LOG(WARNING) << "Can't resolve mount info " << mountData.ErrorMessage();
|
continue;
|
}
|
|
auto [package, version] = parseMountPoint(mountPoint);
|
AddMountedApex(package, false, *mountData);
|
|
auto active = activeVersions[package] < version;
|
if (active) {
|
activeVersions[package] = version;
|
SetLatest(package, mountData->full_path);
|
}
|
LOG(INFO) << "Found " << mountPoint;
|
}
|
|
LOG(INFO) << mounted_apexes_.size() << " packages restored.";
|
}
|
|
} // namespace apex
|
} // namespace android
|
