simpleperf/simpleperf_app_runner/simpleperf_app_runner.cpp - platform/system/extras - Git at Google

 /*
  * Copyright (C) 2018 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #include <errno.h>
 #include <error.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include <sys/types.h>
 #include <unistd.h>

 #include <set>
 #include <string>
 #include <vector>

 #include <android-base/file.h>
 #include <android-base/parseint.h>
 #include <android-base/strings.h>
 #include <packagelistparser/packagelistparser.h>
 #include <private/android_filesystem_config.h>
 #include <scoped_minijail.h>
 #include <selinux/android.h>

 // simpleperf_app_runner is used to run simpleperf to profile apps with <profileable shell="true">
 // on user devices. It works as below:
 //   simpleperf cmds in shell -> simpleperf_app_runner -> /system/bin/simpleperf in app's context
 //
 // 1. User types simpleperf cmds in adb shell. If that is to profile an app, simpleperf calls
 //    /system/bin/simpleperf_app_runner with profiling arguments.
 // 2. simpleperf_app_runner checks if the app is profileable_from_shell. Then it switches the
 //    process to the app's user id / group id, switches secontext to the app's domain, and
 //    executes /system/bin/simpleperf with profiling arguments.
 // 3. /system/bin/simpleperf records profiling data and writes profiling data to a file descriptor
 //    opened by simpleperf cmds in shell.

 struct PackageListCallbackArg {
   const char* name;
   pkg_info* info;
 };

 static bool PackageListParseCallback(pkg_info* info, void* userdata) {
   PackageListCallbackArg* arg = static_cast<PackageListCallbackArg*>(userdata);
   if (strcmp(arg->name, info->name) == 0) {
     arg->info = info;
     return false;
   }
   packagelist_free(info);
   return true;
 }

 pkg_info* ReadPackageInfo(const char* pkgname) {
   // Switch to package_info gid to read package info.
   gid_t old_egid = getegid();
   if (setegid(AID_PACKAGE_INFO) == -1) {
     error(1, errno, "setegid failed");
   }
   PackageListCallbackArg arg;
   arg.name = pkgname;
   arg.info = nullptr;
   if (!packagelist_parse(PackageListParseCallback, &arg)) {
     error(1, errno, "packagelist_parse failed");
   }
   if (setegid(old_egid) == -1) {
     error(1, errno, "setegid failed");
   }
   return arg.info;
 }

 std::vector<gid_t> GetSupplementaryGids(uid_t userAppId) {
   std::vector<gid_t> gids;
   int size = getgroups(0, &gids[0]);
   if (size < 0) {
     error(1, errno, "getgroups failed");
   }
   gids.resize(size);
   size = getgroups(size, &gids[0]);
   if (size != static_cast<int>(gids.size())) {
     error(1, errno, "getgroups failed");
   }
   // Profile guide compiled oat files (like /data/app/xxx/oat/arm64/base.odex) are not readable
   // worldwide (DEXOPT_PUBLIC flag isn't set). To support reading them (needed by simpleperf for
   // profiling), add shared app gid to supplementary groups.
   gid_t shared_app_gid = userAppId % AID_USER_OFFSET - AID_APP_START + AID_SHARED_GID_START;
   gids.push_back(shared_app_gid);
   return gids;
 }

 static void CheckSimpleperfArguments(const char* cmdname, char** args) {
   if (strcmp(cmdname, "stat") != 0 && strcmp(cmdname, "record") != 0 &&
       strcmp(cmdname, "api-collect") != 0) {
     error(1, 0, "cmd isn't allowed: %s", cmdname);
   }
   std::set<std::string> zero_arg_options = {
       "-b", "--csv", "--exit-with-parent", "-g", "--in-app", "--interval-only-values",
       "--no-callchain-joiner", "--no-dump-kernel-symbols", "--no-dump-symbols", "--no-inherit",
       "--post-unwind=no", "--post-unwind=yes", "--trace-offcpu", "--verbose",
   };
   std::set<std::string> one_arg_options = {
       "-c", "--call-graph", "--callchain-joiner-min-matching-nodes", "--clockid", "--cpu",
       "--cpu-percent", "--duration", "-e", "-f", "--group", "--interval", "-j", "--log", "-m",
       "-p", "--size-limit", "-t",
   };
   // options with a file descriptor
   std::set<std::string> fd_options = {
       "--start_profiling_fd", "--stop-signal-fd", "--out-fd",
   };
   // options with path from /data/local/tmp/
   std::set<std::string> path_options = {
       "--symfs", "--tracepoint-events",
   };
   one_arg_options.insert(fd_options.begin(), fd_options.end());
   one_arg_options.insert(path_options.begin(), path_options.end());
   for (int i = 0; args[i] != nullptr; ++i) {
     if (zero_arg_options.count(args[i])) {
       continue;
     } else if (one_arg_options.count(args[i])) {
       if (args[i + 1] == nullptr) {
         error(1, 0, "invalid arg: %s", args[i]);
       }
       if (fd_options.count(args[i])) {
         // Check if the file descriptor is valid.
         int fd;
         if (!android::base::ParseInt(args[i + 1], &fd) || fd < 3 || fcntl(fd, F_GETFD) == -1) {
           error(1, 0, "invalid fd for arg: %s", args[i]);
         }
       } else if (path_options.count(args[i])) {
         std::string path;
         if (!android::base::Realpath(args[i + 1], &path) ||
             !android::base::StartsWith(path, "/data/local/tmp/")) {
           error(1, 0, "invalid path for arg: %s", args[i]);
         }
       }
       ++i;
     } else {
       error(1, 0, "arg isn't allowed: %s", args[i]);
     }
   }
 }

 int main(int argc, char* argv[]) {
   if (argc < 2) {
     error(1, 0, "usage: simpleperf_app_runner package_name simpleperf_cmd simpleperf_cmd_args...");
   }
   if (argc < 3) {
     error(1, 0, "no simpleperf command name");
   }
   char* pkgname = argv[1];
   char* simpleperf_cmdname = argv[2];
   int simpleperf_arg_start = 3;
   CheckSimpleperfArguments(simpleperf_cmdname, argv + simpleperf_arg_start);

   if (getuid() != AID_SHELL && getuid() != AID_ROOT) {
     error(1, 0, "program can only run from shell or root");
   }

   pkg_info* info = ReadPackageInfo(pkgname);
   if (info == nullptr) {
     error(1, 0, "failed to find package %s", pkgname);
   }
   if (info->uid < AID_APP_START || info->uid > AID_APP_END) {
     error(1, 0, "package isn't an application: %s", pkgname);
   }
   if (!info->profileable_from_shell) {
     error(1, 0, "package isn't profileable from shell: %s", pkgname);
   }

   // Switch to the app's user id and group id.
   uid_t uid = info->uid;
   gid_t gid = info->uid;
   std::vector<gid_t> supplementary_gids = GetSupplementaryGids(info->uid);
   ScopedMinijail j(minijail_new());
   minijail_change_uid(j.get(), uid);
   minijail_change_gid(j.get(), gid);
   minijail_set_supplementary_gids(j.get(), supplementary_gids.size(), &supplementary_gids[0]);
   minijail_enter(j.get());

   // Switch to the app's selinux context.
   if (selinux_android_setcontext(uid, 0, info->seinfo, pkgname) < 0) {
     error(1, errno, "couldn't set SELinux security context");
   }

   // Switch to the app's data directory.
   if (TEMP_FAILURE_RETRY(chdir(info->data_dir)) == -1) {
     error(1, errno, "couldn't chdir to package's data directory");
   }

   // Run /system/bin/simpleperf.
   std::string simpleperf_in_system_img = "/system/bin/simpleperf";
   int new_argc = 4 + argc - simpleperf_arg_start;
   char* new_argv[new_argc + 1];

   new_argv[0] = &simpleperf_in_system_img[0];
   new_argv[1] = simpleperf_cmdname;
   std::string app_option = "--app";
   new_argv[2] = &app_option[0];
   new_argv[3] = pkgname;
   for (int i = 4, j = simpleperf_arg_start; j < argc;) {
     new_argv[i++] = argv[j++];
   }
   new_argv[new_argc] = nullptr;
   execvp(new_argv[0], new_argv);
   error(1, errno, "exec failed");
 }
	/*
	* Copyright (C) 2018 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#include <errno.h>
	#include <error.h>
	#include <fcntl.h>
	#include <stdio.h>
	#include <sys/types.h>
	#include <unistd.h>

	#include <set>
	#include <string>
	#include <vector>

	#include <android-base/file.h>
	#include <android-base/parseint.h>
	#include <android-base/strings.h>
	#include <packagelistparser/packagelistparser.h>
	#include <private/android_filesystem_config.h>
	#include <scoped_minijail.h>
	#include <selinux/android.h>

	// simpleperf_app_runner is used to run simpleperf to profile apps with <profileable shell="true">
	// on user devices. It works as below:
	// simpleperf cmds in shell -> simpleperf_app_runner -> /system/bin/simpleperf in app's context
	//
	// 1. User types simpleperf cmds in adb shell. If that is to profile an app, simpleperf calls
	// /system/bin/simpleperf_app_runner with profiling arguments.
	// 2. simpleperf_app_runner checks if the app is profileable_from_shell. Then it switches the
	// process to the app's user id / group id, switches secontext to the app's domain, and
	// executes /system/bin/simpleperf with profiling arguments.
	// 3. /system/bin/simpleperf records profiling data and writes profiling data to a file descriptor
	// opened by simpleperf cmds in shell.

	struct PackageListCallbackArg {
	const char* name;
	pkg_info* info;
	};

	static bool PackageListParseCallback(pkg_info* info, void* userdata) {
	PackageListCallbackArg* arg = static_cast<PackageListCallbackArg*>(userdata);
	if (strcmp(arg->name, info->name) == 0) {
	arg->info = info;
	return false;
	}
	packagelist_free(info);
	return true;
	}

	pkg_info* ReadPackageInfo(const char* pkgname) {
	// Switch to package_info gid to read package info.
	gid_t old_egid = getegid();
	if (setegid(AID_PACKAGE_INFO) == -1) {
	error(1, errno, "setegid failed");
	}
	PackageListCallbackArg arg;
	arg.name = pkgname;
	arg.info = nullptr;
	if (!packagelist_parse(PackageListParseCallback, &arg)) {
	error(1, errno, "packagelist_parse failed");
	}
	if (setegid(old_egid) == -1) {
	error(1, errno, "setegid failed");
	}
	return arg.info;
	}

	std::vector<gid_t> GetSupplementaryGids(uid_t userAppId) {
	std::vector<gid_t> gids;
	int size = getgroups(0, &gids[0]);
	if (size < 0) {
	error(1, errno, "getgroups failed");
	}
	gids.resize(size);
	size = getgroups(size, &gids[0]);
	if (size != static_cast<int>(gids.size())) {
	error(1, errno, "getgroups failed");
	}
	// Profile guide compiled oat files (like /data/app/xxx/oat/arm64/base.odex) are not readable
	// worldwide (DEXOPT_PUBLIC flag isn't set). To support reading them (needed by simpleperf for
	// profiling), add shared app gid to supplementary groups.
	gid_t shared_app_gid = userAppId % AID_USER_OFFSET - AID_APP_START + AID_SHARED_GID_START;
	gids.push_back(shared_app_gid);
	return gids;
	}

	static void CheckSimpleperfArguments(const char* cmdname, char** args) {
	if (strcmp(cmdname, "stat") != 0 && strcmp(cmdname, "record") != 0 &&
	strcmp(cmdname, "api-collect") != 0) {
	error(1, 0, "cmd isn't allowed: %s", cmdname);
	}
	std::set<std::string> zero_arg_options = {
	"-b", "--csv", "--exit-with-parent", "-g", "--in-app", "--interval-only-values",
	"--no-callchain-joiner", "--no-dump-kernel-symbols", "--no-dump-symbols", "--no-inherit",
	"--post-unwind=no", "--post-unwind=yes", "--trace-offcpu", "--verbose",
	};
	std::set<std::string> one_arg_options = {
	"-c", "--call-graph", "--callchain-joiner-min-matching-nodes", "--clockid", "--cpu",
	"--cpu-percent", "--duration", "-e", "-f", "--group", "--interval", "-j", "--log", "-m",
	"-p", "--size-limit", "-t",
	};
	// options with a file descriptor
	std::set<std::string> fd_options = {
	"--start_profiling_fd", "--stop-signal-fd", "--out-fd",
	};
	// options with path from /data/local/tmp/
	std::set<std::string> path_options = {
	"--symfs", "--tracepoint-events",
	};
	one_arg_options.insert(fd_options.begin(), fd_options.end());
	one_arg_options.insert(path_options.begin(), path_options.end());
	for (int i = 0; args[i] != nullptr; ++i) {
	if (zero_arg_options.count(args[i])) {
	continue;
	} else if (one_arg_options.count(args[i])) {
	if (args[i + 1] == nullptr) {
	error(1, 0, "invalid arg: %s", args[i]);
	}
	if (fd_options.count(args[i])) {
	// Check if the file descriptor is valid.
	int fd;
	if (!android::base::ParseInt(args[i + 1], &fd) \|\| fd < 3 \|\| fcntl(fd, F_GETFD) == -1) {
	error(1, 0, "invalid fd for arg: %s", args[i]);
	}
	} else if (path_options.count(args[i])) {
	std::string path;
	if (!android::base::Realpath(args[i + 1], &path) \|\|
	!android::base::StartsWith(path, "/data/local/tmp/")) {
	error(1, 0, "invalid path for arg: %s", args[i]);
	}
	}
	++i;
	} else {
	error(1, 0, "arg isn't allowed: %s", args[i]);
	}
	}
	}

	int main(int argc, char* argv[]) {
	if (argc < 2) {
	error(1, 0, "usage: simpleperf_app_runner package_name simpleperf_cmd simpleperf_cmd_args...");
	}
	if (argc < 3) {
	error(1, 0, "no simpleperf command name");
	}
	char* pkgname = argv[1];
	char* simpleperf_cmdname = argv[2];
	int simpleperf_arg_start = 3;
	CheckSimpleperfArguments(simpleperf_cmdname, argv + simpleperf_arg_start);

	if (getuid() != AID_SHELL && getuid() != AID_ROOT) {
	error(1, 0, "program can only run from shell or root");
	}

	pkg_info* info = ReadPackageInfo(pkgname);
	if (info == nullptr) {
	error(1, 0, "failed to find package %s", pkgname);
	}
	if (info->uid < AID_APP_START \|\| info->uid > AID_APP_END) {
	error(1, 0, "package isn't an application: %s", pkgname);
	}
	if (!info->profileable_from_shell) {
	error(1, 0, "package isn't profileable from shell: %s", pkgname);
	}

	// Switch to the app's user id and group id.
	uid_t uid = info->uid;
	gid_t gid = info->uid;
	std::vector<gid_t> supplementary_gids = GetSupplementaryGids(info->uid);
	ScopedMinijail j(minijail_new());
	minijail_change_uid(j.get(), uid);
	minijail_change_gid(j.get(), gid);
	minijail_set_supplementary_gids(j.get(), supplementary_gids.size(), &supplementary_gids[0]);
	minijail_enter(j.get());

	// Switch to the app's selinux context.
	if (selinux_android_setcontext(uid, 0, info->seinfo, pkgname) < 0) {
	error(1, errno, "couldn't set SELinux security context");
	}

	// Switch to the app's data directory.
	if (TEMP_FAILURE_RETRY(chdir(info->data_dir)) == -1) {
	error(1, errno, "couldn't chdir to package's data directory");
	}

	// Run /system/bin/simpleperf.
	std::string simpleperf_in_system_img = "/system/bin/simpleperf";
	int new_argc = 4 + argc - simpleperf_arg_start;
	char* new_argv[new_argc + 1];

	new_argv[0] = &simpleperf_in_system_img[0];
	new_argv[1] = simpleperf_cmdname;
	std::string app_option = "--app";
	new_argv[2] = &app_option[0];
	new_argv[3] = pkgname;
	for (int i = 4, j = simpleperf_arg_start; j < argc;) {
	new_argv[i++] = argv[j++];
	}
	new_argv[new_argc] = nullptr;
	execvp(new_argv[0], new_argv);
	error(1, errno, "exec failed");
	}