1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef FRAMEWORKS_BASE_CORE_JNI_FD_UTILS_H_ 18 #define FRAMEWORKS_BASE_CORE_JNI_FD_UTILS_H_ 19 20 #include <set> 21 #include <string> 22 #include <unordered_map> 23 #include <vector> 24 25 #include <dirent.h> 26 #include <inttypes.h> 27 #include <sys/stat.h> 28 29 #include <android-base/macros.h> 30 31 class FileDescriptorInfo; 32 33 // Whitelist of open paths that the zygote is allowed to keep open. 34 // 35 // In addition to the paths listed in kPathWhitelist in file_utils.cpp, and 36 // paths dynamically added with Allow(), all files ending with ".jar" 37 // under /system/framework" are whitelisted. See IsAllowed() for the canonical 38 // definition. 39 // 40 // If the whitelisted path is associated with a regular file or a 41 // character device, the file is reopened after a fork with the same 42 // offset and mode. If the whilelisted path is associated with a 43 // AF_UNIX socket, the socket will refer to /dev/null after each 44 // fork, and all operations on it will fail. 45 class FileDescriptorWhitelist { 46 public: 47 // Lazily creates the global whitelist. 48 static FileDescriptorWhitelist* Get(); 49 50 // Adds a path to the whitelist. 51 void Allow(const std::string& path) { 52 whitelist_.push_back(path); 53 } 54 55 // Returns true iff. a given path is whitelisted. A path is whitelisted 56 // if it belongs to the whitelist (see kPathWhitelist) or if it's a path 57 // under /system/framework that ends with ".jar" or if it is a system 58 // framework overlay. 59 bool IsAllowed(const std::string& path) const; 60 61 private: 62 FileDescriptorWhitelist(); 63 64 static FileDescriptorWhitelist* instance_; 65 66 std::vector<std::string> whitelist_; 67 68 DISALLOW_COPY_AND_ASSIGN(FileDescriptorWhitelist); 69 }; 70 71 // A FileDescriptorTable is a collection of FileDescriptorInfo objects 72 // keyed by their FDs. 73 class FileDescriptorTable { 74 public: 75 // Creates a new FileDescriptorTable. This function scans 76 // /proc/self/fd for the list of open file descriptors and collects 77 // information about them. Returns NULL if an error occurs. 78 static FileDescriptorTable* Create(const std::vector<int>& fds_to_ignore, 79 std::string* error_msg); 80 81 bool Restat(const std::vector<int>& fds_to_ignore, std::string* error_msg); 82 83 // Reopens all file descriptors that are contained in the table. Returns true 84 // if all descriptors were successfully re-opened or detached, and false if an 85 // error occurred. 86 bool ReopenOrDetach(std::string* error_msg); 87 88 private: 89 FileDescriptorTable(const std::unordered_map<int, FileDescriptorInfo*>& map); 90 91 bool RestatInternal(std::set<int>& open_fds, std::string* error_msg); 92 93 static int ParseFd(dirent* e, int dir_fd); 94 95 // Invariant: All values in this unordered_map are non-NULL. 96 std::unordered_map<int, FileDescriptorInfo*> open_fd_map_; 97 98 DISALLOW_COPY_AND_ASSIGN(FileDescriptorTable); 99 }; 100 101 #endif // FRAMEWORKS_BASE_CORE_JNI_FD_UTILS_H_ 102
