1 /*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #pragma once
18
19 #include <stdlib.h>
20 #include <string.h>
21 #include <sys/capability.h>
22
23 #include <android-base/logging.h>
24 #include <android-base/stringprintf.h>
25 #include <selinux/android.h>
26
27 uint8_t kBase64Map[256] = {
28 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
29 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
30 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
31 255, 255, 255, 255, 255, 255, 255, 62, 255, 255, 255, 63,
32 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 255, 255,
33 255, 254, 255, 255, 255, 0, 1, 2, 3, 4, 5, 6,
34 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
35 19, 20, 21, 22, 23, 24, 25, 255, 255, 255, 255, 255,
36 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36,
37 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
38 49, 50, 51, 255, 255, 255, 255, 255, 255, 255, 255, 255,
39 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
40 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
41 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
42 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
43 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
44 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
45 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
46 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
47 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
48 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
49 255, 255, 255, 255
50 };
51
DecodeBase64(const char * src,size_t * dst_size)52 uint8_t* DecodeBase64(const char* src, size_t* dst_size) {
53 CHECK(dst_size != nullptr);
54 std::vector<uint8_t> tmp;
55 uint32_t t = 0, y = 0;
56 int g = 3;
57 for (size_t i = 0; src[i] != '\0'; ++i) {
58 uint8_t c = kBase64Map[src[i] & 0xFF];
59 if (c == 255) continue;
60 // the final = symbols are read and used to trim the remaining bytes
61 if (c == 254) {
62 c = 0;
63 // prevent g < 0 which would potentially allow an overflow later
64 if (--g < 0) {
65 *dst_size = 0;
66 return nullptr;
67 }
68 } else if (g != 3) {
69 // we only allow = to be at the end
70 *dst_size = 0;
71 return nullptr;
72 }
73 t = (t << 6) | c;
74 if (++y == 4) {
75 tmp.push_back((t >> 16) & 255);
76 if (g > 1) {
77 tmp.push_back((t >> 8) & 255);
78 }
79 if (g > 2) {
80 tmp.push_back(t & 255);
81 }
82 y = t = 0;
83 }
84 }
85 if (y != 0) {
86 *dst_size = 0;
87 return nullptr;
88 }
89 std::unique_ptr<uint8_t[]> dst(new uint8_t[tmp.size()]);
90 *dst_size = tmp.size();
91 std::copy(tmp.begin(), tmp.end(), dst.get());
92 return dst.release();
93 }
94
WriteBase64ToFile(const char * base64,const std::string & file,uid_t uid,gid_t gid,int mode,std::string * error_msg)95 bool WriteBase64ToFile(const char* base64, const std::string& file,
96 uid_t uid, gid_t gid, int mode, std::string* error_msg) {
97 CHECK(base64 != nullptr);
98 size_t length;
99 std::unique_ptr<uint8_t[]> bytes(DecodeBase64(base64, &length));
100 CHECK(bytes != nullptr);
101
102
103 int fd = open(file.c_str(), O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
104
105 using android::base::StringPrintf;
106
107 if (fd < 0) {
108 *error_msg = StringPrintf("Could not open file %s: %s", file.c_str(), strerror(errno));
109 return false;
110 }
111
112 size_t wrote = 0;
113 while (wrote < length) {
114 ssize_t cur = write(fd, bytes.get() + wrote, length - wrote);
115 if (cur == -1) {
116 *error_msg = StringPrintf("Could not write file %s: %s", file.c_str(), strerror(errno));
117 return false;
118 }
119 wrote += cur;
120 }
121
122 if (::chown(file.c_str(), uid, gid) != 0) {
123 *error_msg = StringPrintf("Could not chown file %s: %s", file.c_str(), strerror(errno));
124 return false;
125 }
126 if (::chmod(file.c_str(), mode) != 0) {
127 *error_msg = StringPrintf("Could not chmod file %s: %s", file.c_str(), strerror(errno));
128 return false;
129 }
130 return true;
131 }
132
133 // TODO(calin): fix dexopt drop_capabilities and move to general utils (b/69678790).
DropCapabilities(uid_t uid,gid_t gid)134 bool DropCapabilities(uid_t uid, gid_t gid) {
135 if (setgid(gid) != 0) {
136 PLOG(ERROR) << "setgid failed: " << gid;
137 return false;
138 }
139 if (setuid(uid) != 0) {
140 PLOG(ERROR) << "setuid failed: " << uid;
141 return false;
142 }
143 // drop capabilities
144 struct __user_cap_header_struct capheader;
145 struct __user_cap_data_struct capdata[2];
146 memset(&capheader, 0, sizeof(capheader));
147 memset(&capdata, 0, sizeof(capdata));
148 capheader.version = _LINUX_CAPABILITY_VERSION_3;
149 if (capset(&capheader, &capdata[0]) < 0) {
150 PLOG(ERROR) << "capset failed";
151 return false;
152 }
153
154 return true;
155 }
156