1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #define LOG_TAG "nativebridge" 18 19 #include "nativebridge/native_bridge.h" 20 21 #include <dlfcn.h> 22 #include <errno.h> 23 #include <fcntl.h> 24 #include <stdio.h> 25 #include <sys/mount.h> 26 #include <sys/stat.h> 27 #include <unistd.h> 28 29 #include <cstring> 30 31 #include <log/log.h> 32 33 namespace android { 34 35 // Environment values required by the apps running with native bridge. 36 struct NativeBridgeRuntimeValues { 37 const char* os_arch; 38 const char* cpu_abi; 39 const char* cpu_abi2; 40 const char* *supported_abis; 41 int32_t abi_count; 42 }; 43 44 // The symbol name exposed by native-bridge with the type of NativeBridgeCallbacks. 45 static constexpr const char* kNativeBridgeInterfaceSymbol = "NativeBridgeItf"; 46 47 enum class NativeBridgeState { 48 kNotSetup, // Initial state. 49 kOpened, // After successful dlopen. 50 kPreInitialized, // After successful pre-initialization. 51 kInitialized, // After successful initialization. 52 kClosed // Closed or errors. 53 }; 54 55 static constexpr const char* kNotSetupString = "kNotSetup"; 56 static constexpr const char* kOpenedString = "kOpened"; 57 static constexpr const char* kPreInitializedString = "kPreInitialized"; 58 static constexpr const char* kInitializedString = "kInitialized"; 59 static constexpr const char* kClosedString = "kClosed"; 60 61 static const char* GetNativeBridgeStateString(NativeBridgeState state) { 62 switch (state) { 63 case NativeBridgeState::kNotSetup: 64 return kNotSetupString; 65 66 case NativeBridgeState::kOpened: 67 return kOpenedString; 68 69 case NativeBridgeState::kPreInitialized: 70 return kPreInitializedString; 71 72 case NativeBridgeState::kInitialized: 73 return kInitializedString; 74 75 case NativeBridgeState::kClosed: 76 return kClosedString; 77 } 78 } 79 80 // Current state of the native bridge. 81 static NativeBridgeState state = NativeBridgeState::kNotSetup; 82 83 // The version of NativeBridge implementation. 84 // Different Nativebridge interface needs the service of different version of 85 // Nativebridge implementation. 86 // Used by isCompatibleWith() which is introduced in v2. 87 enum NativeBridgeImplementationVersion { 88 // first version, not used. 89 DEFAULT_VERSION = 1, 90 // The version which signal semantic is introduced. 91 SIGNAL_VERSION = 2, 92 // The version which namespace semantic is introduced. 93 NAMESPACE_VERSION = 3, 94 // The version with vendor namespaces 95 VENDOR_NAMESPACE_VERSION = 4, 96 }; 97 98 // Whether we had an error at some point. 99 static bool had_error = false; 100 101 // Handle of the loaded library. 102 static void* native_bridge_handle = nullptr; 103 // Pointer to the callbacks. Available as soon as LoadNativeBridge succeeds, but only initialized 104 // later. 105 static const NativeBridgeCallbacks* callbacks = nullptr; 106 // Callbacks provided by the environment to the bridge. Passed to LoadNativeBridge. 107 static const NativeBridgeRuntimeCallbacks* runtime_callbacks = nullptr; 108 109 // The app's code cache directory. 110 static char* app_code_cache_dir = nullptr; 111 112 // Code cache directory (relative to the application private directory) 113 // Ideally we'd like to call into framework to retrieve this name. However that's considered an 114 // implementation detail and will require either hacks or consistent refactorings. We compromise 115 // and hard code the directory name again here. 116 static constexpr const char* kCodeCacheDir = "code_cache"; 117 118 // Characters allowed in a native bridge filename. The first character must 119 // be in [a-zA-Z] (expected 'l' for "libx"). The rest must be in [a-zA-Z0-9._-]. 120 static bool CharacterAllowed(char c, bool first) { 121 if (first) { 122 return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z'); 123 } else { 124 return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z') || ('0' <= c && c <= '9') || 125 (c == '.') || (c == '_') || (c == '-'); 126 } 127 } 128 129 static void ReleaseAppCodeCacheDir() { 130 if (app_code_cache_dir != nullptr) { 131 delete[] app_code_cache_dir; 132 app_code_cache_dir = nullptr; 133 } 134 } 135 136 // We only allow simple names for the library. It is supposed to be a file in 137 // /system/lib or /vendor/lib. Only allow a small range of characters, that is 138 // names consisting of [a-zA-Z0-9._-] and starting with [a-zA-Z]. 139 bool NativeBridgeNameAcceptable(const char* nb_library_filename) { 140 const char* ptr = nb_library_filename; 141 if (*ptr == 0) { 142 // Emptry string. Allowed, means no native bridge. 143 return true; 144 } else { 145 // First character must be [a-zA-Z]. 146 if (!CharacterAllowed(*ptr, true)) { 147 // Found an invalid fist character, don't accept. 148 ALOGE("Native bridge library %s has been rejected for first character %c", 149 nb_library_filename, 150 *ptr); 151 return false; 152 } else { 153 // For the rest, be more liberal. 154 ptr++; 155 while (*ptr != 0) { 156 if (!CharacterAllowed(*ptr, false)) { 157 // Found an invalid character, don't accept. 158 ALOGE("Native bridge library %s has been rejected for %c", nb_library_filename, *ptr); 159 return false; 160 } 161 ptr++; 162 } 163 } 164 return true; 165 } 166 } 167 168 // The policy of invoking Nativebridge changed in v3 with/without namespace. 169 // Suggest Nativebridge implementation not maintain backward-compatible. 170 static bool isCompatibleWith(const uint32_t version) { 171 // Libnativebridge is now designed to be forward-compatible. So only "0" is an unsupported 172 // version. 173 if (callbacks == nullptr || callbacks->version == 0 || version == 0) { 174 return false; 175 } 176 177 // If this is a v2+ bridge, it may not be forwards- or backwards-compatible. Check. 178 if (callbacks->version >= SIGNAL_VERSION) { 179 return callbacks->isCompatibleWith(version); 180 } 181 182 return true; 183 } 184 185 static void CloseNativeBridge(bool with_error) { 186 state = NativeBridgeState::kClosed; 187 had_error |= with_error; 188 ReleaseAppCodeCacheDir(); 189 } 190 191 bool LoadNativeBridge(const char* nb_library_filename, 192 const NativeBridgeRuntimeCallbacks* runtime_cbs) { 193 // We expect only one place that calls LoadNativeBridge: Runtime::Init. At that point we are not 194 // multi-threaded, so we do not need locking here. 195 196 if (state != NativeBridgeState::kNotSetup) { 197 // Setup has been called before. Ignore this call. 198 if (nb_library_filename != nullptr) { // Avoids some log-spam for dalvikvm. 199 ALOGW("Called LoadNativeBridge for an already set up native bridge. State is %s.", 200 GetNativeBridgeStateString(state)); 201 } 202 // Note: counts as an error, even though the bridge may be functional. 203 had_error = true; 204 return false; 205 } 206 207 if (nb_library_filename == nullptr || *nb_library_filename == 0) { 208 CloseNativeBridge(false); 209 return false; 210 } else { 211 if (!NativeBridgeNameAcceptable(nb_library_filename)) { 212 CloseNativeBridge(true); 213 } else { 214 // Try to open the library. 215 void* handle = dlopen(nb_library_filename, RTLD_LAZY); 216 if (handle != nullptr) { 217 callbacks = reinterpret_cast<NativeBridgeCallbacks*>(dlsym(handle, 218 kNativeBridgeInterfaceSymbol)); 219 if (callbacks != nullptr) { 220 if (isCompatibleWith(NAMESPACE_VERSION)) { 221 // Store the handle for later. 222 native_bridge_handle = handle; 223 } else { 224 callbacks = nullptr; 225 dlclose(handle); 226 ALOGW("Unsupported native bridge interface."); 227 } 228 } else { 229 dlclose(handle); 230 } 231 } 232 233 // Two failure conditions: could not find library (dlopen failed), or could not find native 234 // bridge interface (dlsym failed). Both are an error and close the native bridge. 235 if (callbacks == nullptr) { 236 CloseNativeBridge(true); 237 } else { 238 runtime_callbacks = runtime_cbs; 239 state = NativeBridgeState::kOpened; 240 } 241 } 242 return state == NativeBridgeState::kOpened; 243 } 244 } 245 246 #if defined(__arm__) 247 static const char* kRuntimeISA = "arm"; 248 #elif defined(__aarch64__) 249 static const char* kRuntimeISA = "arm64"; 250 #elif defined(__mips__) && !defined(__LP64__) 251 static const char* kRuntimeISA = "mips"; 252 #elif defined(__mips__) && defined(__LP64__) 253 static const char* kRuntimeISA = "mips64"; 254 #elif defined(__i386__) 255 static const char* kRuntimeISA = "x86"; 256 #elif defined(__x86_64__) 257 static const char* kRuntimeISA = "x86_64"; 258 #else 259 static const char* kRuntimeISA = "unknown"; 260 #endif 261 262 263 bool NeedsNativeBridge(const char* instruction_set) { 264 if (instruction_set == nullptr) { 265 ALOGE("Null instruction set in NeedsNativeBridge."); 266 return false; 267 } 268 return strncmp(instruction_set, kRuntimeISA, strlen(kRuntimeISA) + 1) != 0; 269 } 270 271 #ifdef __APPLE__ 272 template<typename T> void UNUSED(const T&) {} 273 #endif 274 275 bool PreInitializeNativeBridge(const char* app_data_dir_in, const char* instruction_set) { 276 if (state != NativeBridgeState::kOpened) { 277 ALOGE("Invalid state: native bridge is expected to be opened."); 278 CloseNativeBridge(true); 279 return false; 280 } 281 282 if (app_data_dir_in == nullptr) { 283 ALOGE("Application private directory cannot be null."); 284 CloseNativeBridge(true); 285 return false; 286 } 287 288 // Create the path to the application code cache directory. 289 // The memory will be release after Initialization or when the native bridge is closed. 290 const size_t len = strlen(app_data_dir_in) + strlen(kCodeCacheDir) + 2; // '\0' + '/' 291 app_code_cache_dir = new char[len]; 292 snprintf(app_code_cache_dir, len, "%s/%s", app_data_dir_in, kCodeCacheDir); 293 294 // Bind-mount /system/lib{,64}/<isa>/cpuinfo to /proc/cpuinfo. 295 // Failure is not fatal and will keep the native bridge in kPreInitialized. 296 state = NativeBridgeState::kPreInitialized; 297 298 #ifndef __APPLE__ 299 if (instruction_set == nullptr) { 300 return true; 301 } 302 size_t isa_len = strlen(instruction_set); 303 if (isa_len > 10) { 304 // 10 is a loose upper bound on the currently known instruction sets (a tight bound is 7 for 305 // x86_64 [including the trailing \0]). This is so we don't have to change here if there will 306 // be another instruction set in the future. 307 ALOGW("Instruction set %s is malformed, must be less than or equal to 10 characters.", 308 instruction_set); 309 return true; 310 } 311 312 // If the file does not exist, the mount command will fail, 313 // so we save the extra file existence check. 314 char cpuinfo_path[1024]; 315 316 #if defined(__ANDROID__) 317 snprintf(cpuinfo_path, sizeof(cpuinfo_path), "/system/lib" 318 #ifdef __LP64__ 319 "64" 320 #endif // __LP64__ 321 "/%s/cpuinfo", instruction_set); 322 #else // !__ANDROID__ 323 // To be able to test on the host, we hardwire a relative path. 324 snprintf(cpuinfo_path, sizeof(cpuinfo_path), "./cpuinfo"); 325 #endif 326 327 // Bind-mount. 328 if (TEMP_FAILURE_RETRY(mount(cpuinfo_path, // Source. 329 "/proc/cpuinfo", // Target. 330 nullptr, // FS type. 331 MS_BIND, // Mount flags: bind mount. 332 nullptr)) == -1) { // "Data." 333 ALOGW("Failed to bind-mount %s as /proc/cpuinfo: %s", cpuinfo_path, strerror(errno)); 334 } 335 #else // __APPLE__ 336 UNUSED(instruction_set); 337 ALOGW("Mac OS does not support bind-mounting. Host simulation of native bridge impossible."); 338 #endif 339 340 return true; 341 } 342 343 static void SetCpuAbi(JNIEnv* env, jclass build_class, const char* field, const char* value) { 344 if (value != nullptr) { 345 jfieldID field_id = env->GetStaticFieldID(build_class, field, "Ljava/lang/String;"); 346 if (field_id == nullptr) { 347 env->ExceptionClear(); 348 ALOGW("Could not find %s field.", field); 349 return; 350 } 351 352 jstring str = env->NewStringUTF(value); 353 if (str == nullptr) { 354 env->ExceptionClear(); 355 ALOGW("Could not create string %s.", value); 356 return; 357 } 358 359 env->SetStaticObjectField(build_class, field_id, str); 360 } 361 } 362 363 // Set up the environment for the bridged app. 364 static void SetupEnvironment(const NativeBridgeCallbacks* callbacks, JNIEnv* env, const char* isa) { 365 // Need a JNIEnv* to do anything. 366 if (env == nullptr) { 367 ALOGW("No JNIEnv* to set up app environment."); 368 return; 369 } 370 371 // Query the bridge for environment values. 372 const struct NativeBridgeRuntimeValues* env_values = callbacks->getAppEnv(isa); 373 if (env_values == nullptr) { 374 return; 375 } 376 377 // Keep the JNIEnv clean. 378 jint success = env->PushLocalFrame(16); // That should be small and large enough. 379 if (success < 0) { 380 // Out of memory, really borked. 381 ALOGW("Out of memory while setting up app environment."); 382 env->ExceptionClear(); 383 return; 384 } 385 386 // Reset CPU_ABI & CPU_ABI2 to values required by the apps running with native bridge. 387 if (env_values->cpu_abi != nullptr || env_values->cpu_abi2 != nullptr || 388 env_values->abi_count >= 0) { 389 jclass bclass_id = env->FindClass("android/os/Build"); 390 if (bclass_id != nullptr) { 391 SetCpuAbi(env, bclass_id, "CPU_ABI", env_values->cpu_abi); 392 SetCpuAbi(env, bclass_id, "CPU_ABI2", env_values->cpu_abi2); 393 } else { 394 // For example in a host test environment. 395 env->ExceptionClear(); 396 ALOGW("Could not find Build class."); 397 } 398 } 399 400 if (env_values->os_arch != nullptr) { 401 jclass sclass_id = env->FindClass("java/lang/System"); 402 if (sclass_id != nullptr) { 403 jmethodID set_prop_id = env->GetStaticMethodID(sclass_id, "setUnchangeableSystemProperty", 404 "(Ljava/lang/String;Ljava/lang/String;)V"); 405 if (set_prop_id != nullptr) { 406 // Init os.arch to the value reqired by the apps running with native bridge. 407 env->CallStaticVoidMethod(sclass_id, set_prop_id, env->NewStringUTF("os.arch"), 408 env->NewStringUTF(env_values->os_arch)); 409 } else { 410 env->ExceptionClear(); 411 ALOGW("Could not find System#setUnchangeableSystemProperty."); 412 } 413 } else { 414 env->ExceptionClear(); 415 ALOGW("Could not find System class."); 416 } 417 } 418 419 // Make it pristine again. 420 env->PopLocalFrame(nullptr); 421 } 422 423 bool InitializeNativeBridge(JNIEnv* env, const char* instruction_set) { 424 // We expect only one place that calls InitializeNativeBridge: Runtime::DidForkFromZygote. At that 425 // point we are not multi-threaded, so we do not need locking here. 426 427 if (state == NativeBridgeState::kPreInitialized) { 428 // Check for code cache: if it doesn't exist try to create it. 429 struct stat st; 430 if (stat(app_code_cache_dir, &st) == -1) { 431 if (errno == ENOENT) { 432 if (mkdir(app_code_cache_dir, S_IRWXU | S_IRWXG | S_IXOTH) == -1) { 433 ALOGW("Cannot create code cache directory %s: %s.", app_code_cache_dir, strerror(errno)); 434 ReleaseAppCodeCacheDir(); 435 } 436 } else { 437 ALOGW("Cannot stat code cache directory %s: %s.", app_code_cache_dir, strerror(errno)); 438 ReleaseAppCodeCacheDir(); 439 } 440 } else if (!S_ISDIR(st.st_mode)) { 441 ALOGW("Code cache is not a directory %s.", app_code_cache_dir); 442 ReleaseAppCodeCacheDir(); 443 } 444 445 // If we're still PreInitialized (dind't fail the code cache checks) try to initialize. 446 if (state == NativeBridgeState::kPreInitialized) { 447 if (callbacks->initialize(runtime_callbacks, app_code_cache_dir, instruction_set)) { 448 SetupEnvironment(callbacks, env, instruction_set); 449 state = NativeBridgeState::kInitialized; 450 // We no longer need the code cache path, release the memory. 451 ReleaseAppCodeCacheDir(); 452 } else { 453 // Unload the library. 454 dlclose(native_bridge_handle); 455 CloseNativeBridge(true); 456 } 457 } 458 } else { 459 CloseNativeBridge(true); 460 } 461 462 return state == NativeBridgeState::kInitialized; 463 } 464 465 void UnloadNativeBridge() { 466 // We expect only one place that calls UnloadNativeBridge: Runtime::DidForkFromZygote. At that 467 // point we are not multi-threaded, so we do not need locking here. 468 469 switch(state) { 470 case NativeBridgeState::kOpened: 471 case NativeBridgeState::kPreInitialized: 472 case NativeBridgeState::kInitialized: 473 // Unload. 474 dlclose(native_bridge_handle); 475 CloseNativeBridge(false); 476 break; 477 478 case NativeBridgeState::kNotSetup: 479 // Not even set up. Error. 480 CloseNativeBridge(true); 481 break; 482 483 case NativeBridgeState::kClosed: 484 // Ignore. 485 break; 486 } 487 } 488 489 bool NativeBridgeError() { 490 return had_error; 491 } 492 493 bool NativeBridgeAvailable() { 494 return state == NativeBridgeState::kOpened 495 || state == NativeBridgeState::kPreInitialized 496 || state == NativeBridgeState::kInitialized; 497 } 498 499 bool NativeBridgeInitialized() { 500 // Calls of this are supposed to happen in a state where the native bridge is stable, i.e., after 501 // Runtime::DidForkFromZygote. In that case we do not need a lock. 502 return state == NativeBridgeState::kInitialized; 503 } 504 505 void* NativeBridgeLoadLibrary(const char* libpath, int flag) { 506 if (NativeBridgeInitialized()) { 507 return callbacks->loadLibrary(libpath, flag); 508 } 509 return nullptr; 510 } 511 512 void* NativeBridgeGetTrampoline(void* handle, const char* name, const char* shorty, 513 uint32_t len) { 514 if (NativeBridgeInitialized()) { 515 return callbacks->getTrampoline(handle, name, shorty, len); 516 } 517 return nullptr; 518 } 519 520 bool NativeBridgeIsSupported(const char* libpath) { 521 if (NativeBridgeInitialized()) { 522 return callbacks->isSupported(libpath); 523 } 524 return false; 525 } 526 527 uint32_t NativeBridgeGetVersion() { 528 if (NativeBridgeAvailable()) { 529 return callbacks->version; 530 } 531 return 0; 532 } 533 534 NativeBridgeSignalHandlerFn NativeBridgeGetSignalHandler(int signal) { 535 if (NativeBridgeInitialized()) { 536 if (isCompatibleWith(SIGNAL_VERSION)) { 537 return callbacks->getSignalHandler(signal); 538 } else { 539 ALOGE("not compatible with version %d, cannot get signal handler", SIGNAL_VERSION); 540 } 541 } 542 return nullptr; 543 } 544 545 int NativeBridgeUnloadLibrary(void* handle) { 546 if (NativeBridgeInitialized()) { 547 if (isCompatibleWith(NAMESPACE_VERSION)) { 548 return callbacks->unloadLibrary(handle); 549 } else { 550 ALOGE("not compatible with version %d, cannot unload library", NAMESPACE_VERSION); 551 } 552 } 553 return -1; 554 } 555 556 const char* NativeBridgeGetError() { 557 if (NativeBridgeInitialized()) { 558 if (isCompatibleWith(NAMESPACE_VERSION)) { 559 return callbacks->getError(); 560 } else { 561 return "native bridge implementation is not compatible with version 3, cannot get message"; 562 } 563 } 564 return "native bridge is not initialized"; 565 } 566 567 bool NativeBridgeIsPathSupported(const char* path) { 568 if (NativeBridgeInitialized()) { 569 if (isCompatibleWith(NAMESPACE_VERSION)) { 570 return callbacks->isPathSupported(path); 571 } else { 572 ALOGE("not compatible with version %d, cannot check via library path", NAMESPACE_VERSION); 573 } 574 } 575 return false; 576 } 577 578 bool NativeBridgeInitAnonymousNamespace(const char* public_ns_sonames, 579 const char* anon_ns_library_path) { 580 if (NativeBridgeInitialized()) { 581 if (isCompatibleWith(NAMESPACE_VERSION)) { 582 return callbacks->initAnonymousNamespace(public_ns_sonames, anon_ns_library_path); 583 } else { 584 ALOGE("not compatible with version %d, cannot init namespace", NAMESPACE_VERSION); 585 } 586 } 587 588 return false; 589 } 590 591 native_bridge_namespace_t* NativeBridgeCreateNamespace(const char* name, 592 const char* ld_library_path, 593 const char* default_library_path, 594 uint64_t type, 595 const char* permitted_when_isolated_path, 596 native_bridge_namespace_t* parent_ns) { 597 if (NativeBridgeInitialized()) { 598 if (isCompatibleWith(NAMESPACE_VERSION)) { 599 return callbacks->createNamespace(name, 600 ld_library_path, 601 default_library_path, 602 type, 603 permitted_when_isolated_path, 604 parent_ns); 605 } else { 606 ALOGE("not compatible with version %d, cannot create namespace %s", NAMESPACE_VERSION, name); 607 } 608 } 609 610 return nullptr; 611 } 612 613 bool NativeBridgeLinkNamespaces(native_bridge_namespace_t* from, native_bridge_namespace_t* to, 614 const char* shared_libs_sonames) { 615 if (NativeBridgeInitialized()) { 616 if (isCompatibleWith(NAMESPACE_VERSION)) { 617 return callbacks->linkNamespaces(from, to, shared_libs_sonames); 618 } else { 619 ALOGE("not compatible with version %d, cannot init namespace", NAMESPACE_VERSION); 620 } 621 } 622 623 return false; 624 } 625 626 native_bridge_namespace_t* NativeBridgeGetVendorNamespace() { 627 if (!NativeBridgeInitialized() || !isCompatibleWith(VENDOR_NAMESPACE_VERSION)) { 628 return nullptr; 629 } 630 631 return callbacks->getVendorNamespace(); 632 } 633 634 void* NativeBridgeLoadLibraryExt(const char* libpath, int flag, native_bridge_namespace_t* ns) { 635 if (NativeBridgeInitialized()) { 636 if (isCompatibleWith(NAMESPACE_VERSION)) { 637 return callbacks->loadLibraryExt(libpath, flag, ns); 638 } else { 639 ALOGE("not compatible with version %d, cannot load library in namespace", NAMESPACE_VERSION); 640 } 641 } 642 return nullptr; 643 } 644 645 }; // namespace android 646