1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include "linker_config.h"
30 
31 #include "linker_globals.h"
32 #include "linker_debug.h"
33 #include "linker_utils.h"
34 
35 #include <android-base/file.h>
36 #include <android-base/properties.h>
37 #include <android-base/scopeguard.h>
38 #include <android-base/strings.h>
39 
40 #include <async_safe/log.h>
41 
42 #include <limits.h>
43 #include <stdlib.h>
44 #include <unistd.h>
45 
46 #include <string>
47 #include <unordered_map>
48 
49 #define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_
50 #include <sys/_system_properties.h>
51 
52 class ConfigParser {
53  public:
54   enum {
55     kPropertyAssign,
56     kPropertyAppend,
57     kSection,
58     kEndOfFile,
59     kError,
60   };
61 
ConfigParser(std::string && content)62   explicit ConfigParser(std::string&& content)
63       : content_(std::move(content)), p_(0), lineno_(0), was_end_of_file_(false) {}
64 
65   /*
66    * Possible return values
67    * kPropertyAssign: name is set to property name and value is set to property value
68    * kPropertyAppend: same as kPropertyAssign, but the value should be appended
69    * kSection: name is set to section name.
70    * kEndOfFile: reached end of file.
71    * kError: error_msg is set.
72    */
next_token(std::string * name,std::string * value,std::string * error_msg)73   int next_token(std::string* name, std::string* value, std::string* error_msg) {
74     std::string line;
75     while(NextLine(&line)) {
76       size_t found = line.find('#');
77       line = android::base::Trim(line.substr(0, found));
78 
79       if (line.empty()) {
80         continue;
81       }
82 
83       if (line[0] == '[' && line.back() == ']') {
84         *name = line.substr(1, line.size() - 2);
85         return kSection;
86       }
87 
88       size_t found_assign = line.find('=');
89       size_t found_append = line.find("+=");
90       if (found_assign != std::string::npos && found_append == std::string::npos) {
91         *name = android::base::Trim(line.substr(0, found_assign));
92         *value = android::base::Trim(line.substr(found_assign + 1));
93         return kPropertyAssign;
94       }
95 
96       if (found_append != std::string::npos) {
97         *name = android::base::Trim(line.substr(0, found_append));
98         *value = android::base::Trim(line.substr(found_append + 2));
99         return kPropertyAppend;
100       }
101 
102       *error_msg = std::string("invalid format: ") +
103                    line +
104                    ", expected \"name = property\", \"name += property\", or \"[section]\"";
105       return kError;
106     }
107 
108     // to avoid infinite cycles when programmer makes a mistake
109     CHECK(!was_end_of_file_);
110     was_end_of_file_ = true;
111     return kEndOfFile;
112   }
113 
lineno() const114   size_t lineno() const {
115     return lineno_;
116   }
117 
118  private:
NextLine(std::string * line)119   bool NextLine(std::string* line) {
120     if (p_ == std::string::npos) {
121       return false;
122     }
123 
124     size_t found = content_.find('\n', p_);
125     if (found != std::string::npos) {
126       *line = content_.substr(p_, found - p_);
127       p_ = found + 1;
128     } else {
129       *line = content_.substr(p_);
130       p_ = std::string::npos;
131     }
132 
133     lineno_++;
134     return true;
135   }
136 
137   std::string content_;
138   size_t p_;
139   size_t lineno_;
140   bool was_end_of_file_;
141 
142   DISALLOW_IMPLICIT_CONSTRUCTORS(ConfigParser);
143 };
144 
145 class PropertyValue {
146  public:
147   PropertyValue() = default;
148 
PropertyValue(std::string && value,size_t lineno)149   PropertyValue(std::string&& value, size_t lineno)
150     : value_(std::move(value)), lineno_(lineno) {}
151 
value() const152   const std::string& value() const {
153     return value_;
154   }
155 
append_value(std::string && value)156   void append_value(std::string&& value) {
157     value_ = value_ + value;
158     // lineno isn't updated as we might have cases like this:
159     // property.x = blah
160     // property.y = blah
161     // property.x += blah
162   }
163 
lineno() const164   size_t lineno() const {
165     return lineno_;
166   }
167 
168  private:
169   std::string value_;
170   size_t lineno_;
171 };
172 
create_error_msg(const char * file,size_t lineno,const std::string & msg)173 static std::string create_error_msg(const char* file,
174                                     size_t lineno,
175                                     const std::string& msg) {
176   char buf[1024];
177   async_safe_format_buffer(buf, sizeof(buf), "%s:%zu: error: %s", file, lineno, msg.c_str());
178 
179   return std::string(buf);
180 }
181 
parse_config_file(const char * ld_config_file_path,const char * binary_realpath,std::unordered_map<std::string,PropertyValue> * properties,std::string * error_msg)182 static bool parse_config_file(const char* ld_config_file_path,
183                               const char* binary_realpath,
184                               std::unordered_map<std::string, PropertyValue>* properties,
185                               std::string* error_msg) {
186   std::string content;
187   if (!android::base::ReadFileToString(ld_config_file_path, &content)) {
188     if (errno != ENOENT) {
189       *error_msg = std::string("error reading file \"") +
190                    ld_config_file_path + "\": " + strerror(errno);
191     }
192     return false;
193   }
194 
195   ConfigParser cp(std::move(content));
196 
197   std::string section_name;
198 
199   while (true) {
200     std::string name;
201     std::string value;
202     std::string error;
203 
204     int result = cp.next_token(&name, &value, &error);
205     if (result == ConfigParser::kError) {
206       DL_WARN("%s:%zd: warning: couldn't parse %s (ignoring this line)",
207               ld_config_file_path,
208               cp.lineno(),
209               error.c_str());
210       continue;
211     }
212 
213     if (result == ConfigParser::kSection || result == ConfigParser::kEndOfFile) {
214       return false;
215     }
216 
217     if (result == ConfigParser::kPropertyAssign) {
218       if (!android::base::StartsWith(name, "dir.")) {
219         DL_WARN("%s:%zd: warning: unexpected property name \"%s\", "
220                 "expected format dir.<section_name> (ignoring this line)",
221                 ld_config_file_path,
222                 cp.lineno(),
223                 name.c_str());
224         continue;
225       }
226 
227       // remove trailing '/'
228       while (!value.empty() && value.back() == '/') {
229         value.pop_back();
230       }
231 
232       if (value.empty()) {
233         DL_WARN("%s:%zd: warning: property value is empty (ignoring this line)",
234                 ld_config_file_path,
235                 cp.lineno());
236         continue;
237       }
238 
239       // If the path can be resolved, resolve it
240       char buf[PATH_MAX];
241       std::string resolved_path;
242       if (access(value.c_str(), R_OK) != 0) {
243         if (errno == ENOENT) {
244           // no need to test for non-existing path. skip.
245           continue;
246         }
247         // If not accessible, don't call realpath as it will just cause
248         // SELinux denial spam. Use the path unresolved.
249         resolved_path = value;
250       } else if (realpath(value.c_str(), buf)) {
251         resolved_path = buf;
252       } else {
253         // realpath is expected to fail with EPERM in some situations, so log
254         // the failure with INFO rather than DL_WARN. e.g. A binary in
255         // /data/local/tmp may attempt to stat /postinstall. See
256         // http://b/120996057.
257         INFO("%s:%zd: warning: path \"%s\" couldn't be resolved: %s",
258              ld_config_file_path,
259              cp.lineno(),
260              value.c_str(),
261              strerror(errno));
262         resolved_path = value;
263       }
264 
265       if (file_is_under_dir(binary_realpath, resolved_path)) {
266         section_name = name.substr(4);
267         break;
268       }
269     }
270   }
271 
272   INFO("[ Using config section \"%s\" ]", section_name.c_str());
273 
274   // skip everything until we meet a correct section
275   while (true) {
276     std::string name;
277     std::string value;
278     std::string error;
279 
280     int result = cp.next_token(&name, &value, &error);
281 
282     if (result == ConfigParser::kSection && name == section_name) {
283       break;
284     }
285 
286     if (result == ConfigParser::kEndOfFile) {
287       *error_msg = create_error_msg(ld_config_file_path,
288                                     cp.lineno(),
289                                     std::string("section \"") + section_name + "\" not found");
290       return false;
291     }
292   }
293 
294   // found the section - parse it
295   while (true) {
296     std::string name;
297     std::string value;
298     std::string error;
299 
300     int result = cp.next_token(&name, &value, &error);
301 
302     if (result == ConfigParser::kEndOfFile || result == ConfigParser::kSection) {
303       break;
304     }
305 
306     if (result == ConfigParser::kPropertyAssign) {
307       if (properties->find(name) != properties->end()) {
308         DL_WARN("%s:%zd: warning: redefining property \"%s\" (overriding previous value)",
309                 ld_config_file_path,
310                 cp.lineno(),
311                 name.c_str());
312       }
313 
314       (*properties)[name] = PropertyValue(std::move(value), cp.lineno());
315     } else if (result == ConfigParser::kPropertyAppend) {
316       if (properties->find(name) == properties->end()) {
317         DL_WARN("%s:%zd: warning: appending to undefined property \"%s\" (treating as assignment)",
318                 ld_config_file_path,
319                 cp.lineno(),
320                 name.c_str());
321         (*properties)[name] = PropertyValue(std::move(value), cp.lineno());
322       } else {
323         if (android::base::EndsWith(name, ".links") ||
324             android::base::EndsWith(name, ".namespaces")) {
325           value = "," + value;
326           (*properties)[name].append_value(std::move(value));
327         } else if (android::base::EndsWith(name, ".paths") ||
328                    android::base::EndsWith(name, ".shared_libs") ||
329                    android::base::EndsWith(name, ".whitelisted") ||
330                    android::base::EndsWith(name, ".allowed_libs")) {
331           value = ":" + value;
332           (*properties)[name].append_value(std::move(value));
333         } else {
334           DL_WARN("%s:%zd: warning: += isn't allowed for property \"%s\" (ignoring)",
335                   ld_config_file_path,
336                   cp.lineno(),
337                   name.c_str());
338         }
339       }
340     }
341 
342     if (result == ConfigParser::kError) {
343       DL_WARN("%s:%zd: warning: couldn't parse %s (ignoring this line)",
344               ld_config_file_path,
345               cp.lineno(),
346               error.c_str());
347       continue;
348     }
349   }
350 
351   return true;
352 }
353 
354 static Config g_config;
355 
356 static constexpr const char* kDefaultConfigName = "default";
357 static constexpr const char* kPropertyAdditionalNamespaces = "additional.namespaces";
358 
359 class Properties {
360  public:
Properties(std::unordered_map<std::string,PropertyValue> && properties)361   explicit Properties(std::unordered_map<std::string, PropertyValue>&& properties)
362       : properties_(std::move(properties)), target_sdk_version_(__ANDROID_API__) {}
363 
get_strings(const std::string & name,size_t * lineno=nullptr) const364   std::vector<std::string> get_strings(const std::string& name, size_t* lineno = nullptr) const {
365     auto it = find_property(name, lineno);
366     if (it == properties_.end()) {
367       // return empty vector
368       return std::vector<std::string>();
369     }
370 
371     std::vector<std::string> strings = android::base::Split(it->second.value(), ",");
372 
373     for (size_t i = 0; i < strings.size(); ++i) {
374       strings[i] = android::base::Trim(strings[i]);
375     }
376 
377     return strings;
378   }
379 
get_bool(const std::string & name,size_t * lineno=nullptr) const380   bool get_bool(const std::string& name, size_t* lineno = nullptr) const {
381     auto it = find_property(name, lineno);
382     if (it == properties_.end()) {
383       return false;
384     }
385 
386     return it->second.value() == "true";
387   }
388 
get_string(const std::string & name,size_t * lineno=nullptr) const389   std::string get_string(const std::string& name, size_t* lineno = nullptr) const {
390     auto it = find_property(name, lineno);
391     return (it == properties_.end()) ? "" : it->second.value();
392   }
393 
get_paths(const std::string & name,bool resolve,size_t * lineno=nullptr)394   std::vector<std::string> get_paths(const std::string& name, bool resolve, size_t* lineno = nullptr) {
395     std::string paths_str = get_string(name, lineno);
396 
397     std::vector<std::string> paths;
398     split_path(paths_str.c_str(), ":", &paths);
399 
400     std::vector<std::pair<std::string, std::string>> params;
401     params.push_back({ "LIB", kLibPath });
402     if (target_sdk_version_ != 0) {
403       char buf[16];
404       async_safe_format_buffer(buf, sizeof(buf), "%d", target_sdk_version_);
405       params.push_back({ "SDK_VER", buf });
406     }
407 
408     static std::string vndk_ver = Config::get_vndk_version_string('-');
409     params.push_back({ "VNDK_VER", vndk_ver });
410     static std::string vndk_apex_ver = Config::get_vndk_version_string('v');
411     params.push_back({ "VNDK_APEX_VER", vndk_apex_ver });
412 
413     for (auto& path : paths) {
414       format_string(&path, params);
415     }
416 
417     if (resolve) {
418       std::vector<std::string> resolved_paths;
419       for (const auto& path : paths) {
420         if (path.empty()) {
421           continue;
422         }
423         // this is single threaded. no need to lock
424         auto cached = resolved_paths_.find(path);
425         if (cached == resolved_paths_.end()) {
426           resolved_paths_[path] = resolve_path(path);
427           cached = resolved_paths_.find(path);
428         }
429         CHECK(cached != resolved_paths_.end());
430         if (cached->second.empty()) {
431           continue;
432         }
433         resolved_paths.push_back(cached->second);
434       }
435 
436       return resolved_paths;
437     } else {
438       return paths;
439     }
440   }
441 
set_target_sdk_version(int target_sdk_version)442   void set_target_sdk_version(int target_sdk_version) {
443     target_sdk_version_ = target_sdk_version;
444   }
445 
446  private:
447   std::unordered_map<std::string, PropertyValue>::const_iterator
find_property(const std::string & name,size_t * lineno) const448   find_property(const std::string& name, size_t* lineno) const {
449     auto it = properties_.find(name);
450     if (it != properties_.end() && lineno != nullptr) {
451       *lineno = it->second.lineno();
452     }
453 
454     return it;
455   }
456   std::unordered_map<std::string, PropertyValue> properties_;
457   std::unordered_map<std::string, std::string> resolved_paths_;
458   int target_sdk_version_;
459 
460   DISALLOW_IMPLICIT_CONSTRUCTORS(Properties);
461 };
462 
read_binary_config(const char * ld_config_file_path,const char * binary_realpath,bool is_asan,const Config ** config,std::string * error_msg)463 bool Config::read_binary_config(const char* ld_config_file_path,
464                                       const char* binary_realpath,
465                                       bool is_asan,
466                                       const Config** config,
467                                       std::string* error_msg) {
468   g_config.clear();
469 
470   std::unordered_map<std::string, PropertyValue> property_map;
471   if (!parse_config_file(ld_config_file_path, binary_realpath, &property_map, error_msg)) {
472     return false;
473   }
474 
475   Properties properties(std::move(property_map));
476 
477   auto failure_guard = android::base::make_scope_guard([] { g_config.clear(); });
478 
479   std::unordered_map<std::string, NamespaceConfig*> namespace_configs;
480 
481   namespace_configs[kDefaultConfigName] = g_config.create_namespace_config(kDefaultConfigName);
482 
483   std::vector<std::string> additional_namespaces = properties.get_strings(kPropertyAdditionalNamespaces);
484   for (const auto& name : additional_namespaces) {
485     namespace_configs[name] = g_config.create_namespace_config(name);
486   }
487 
488   bool versioning_enabled = properties.get_bool("enable.target.sdk.version");
489   int target_sdk_version = __ANDROID_API__;
490   if (versioning_enabled) {
491     std::string version_file = dirname(binary_realpath) + "/.version";
492     std::string content;
493     if (!android::base::ReadFileToString(version_file, &content)) {
494       if (errno != ENOENT) {
495         *error_msg = std::string("error reading version file \"") +
496                      version_file + "\": " + strerror(errno);
497         return false;
498       }
499     } else {
500       content = android::base::Trim(content);
501       errno = 0;
502       char* end = nullptr;
503       const char* content_str = content.c_str();
504       int result = strtol(content_str, &end, 10);
505       if (errno == 0 && *end == '\0' && result > 0) {
506         target_sdk_version = result;
507         properties.set_target_sdk_version(target_sdk_version);
508       } else {
509         *error_msg = std::string("invalid version \"") + version_file + "\": \"" + content +"\"";
510         return false;
511       }
512     }
513   }
514 
515   g_config.set_target_sdk_version(target_sdk_version);
516 
517   for (const auto& ns_config_it : namespace_configs) {
518     auto& name = ns_config_it.first;
519     NamespaceConfig* ns_config = ns_config_it.second;
520 
521     std::string property_name_prefix = std::string("namespace.") + name;
522 
523     size_t lineno = 0;
524     std::vector<std::string> linked_namespaces =
525         properties.get_strings(property_name_prefix + ".links", &lineno);
526 
527     for (const auto& linked_ns_name : linked_namespaces) {
528       if (namespace_configs.find(linked_ns_name) == namespace_configs.end()) {
529         *error_msg = create_error_msg(ld_config_file_path,
530                                       lineno,
531                                       std::string("undefined namespace: ") + linked_ns_name);
532         return false;
533       }
534 
535       bool allow_all_shared_libs = properties.get_bool(property_name_prefix + ".link." +
536                                                        linked_ns_name + ".allow_all_shared_libs");
537 
538       std::string shared_libs = properties.get_string(property_name_prefix +
539                                                       ".link." +
540                                                       linked_ns_name +
541                                                       ".shared_libs", &lineno);
542 
543       if (!allow_all_shared_libs && shared_libs.empty()) {
544         *error_msg = create_error_msg(ld_config_file_path,
545                                       lineno,
546                                       std::string("list of shared_libs for ") +
547                                       name +
548                                       "->" +
549                                       linked_ns_name +
550                                       " link is not specified or is empty.");
551         return false;
552       }
553 
554       if (allow_all_shared_libs && !shared_libs.empty()) {
555         *error_msg = create_error_msg(ld_config_file_path, lineno,
556                                       std::string("both shared_libs and allow_all_shared_libs "
557                                                   "are set for ") +
558                                       name + "->" + linked_ns_name + " link.");
559         return false;
560       }
561 
562       ns_config->add_namespace_link(linked_ns_name, shared_libs, allow_all_shared_libs);
563     }
564 
565     ns_config->set_isolated(properties.get_bool(property_name_prefix + ".isolated"));
566     ns_config->set_visible(properties.get_bool(property_name_prefix + ".visible"));
567 
568     std::string allowed_libs =
569         properties.get_string(property_name_prefix + ".whitelisted", &lineno);
570     const std::string libs = properties.get_string(property_name_prefix + ".allowed_libs", &lineno);
571     if (!allowed_libs.empty() && !libs.empty()) {
572       allowed_libs += ":";
573     }
574     allowed_libs += libs;
575     if (!allowed_libs.empty()) {
576       ns_config->set_allowed_libs(android::base::Split(allowed_libs, ":"));
577     }
578 
579     // these are affected by is_asan flag
580     if (is_asan) {
581       property_name_prefix += ".asan";
582     }
583 
584     // search paths are resolved (canonicalized). This is required mainly for
585     // the case when /vendor is a symlink to /system/vendor, which is true for
586     // non Treble-ized legacy devices.
587     ns_config->set_search_paths(properties.get_paths(property_name_prefix + ".search.paths", true));
588 
589     // However, for permitted paths, we are not required to resolve the paths
590     // since they are only set for isolated namespaces, which implies the device
591     // is Treble-ized (= /vendor is not a symlink to /system/vendor).
592     // In fact, the resolving is causing an unexpected side effect of selinux
593     // denials on some executables which are not allowed to access some of the
594     // permitted paths.
595     ns_config->set_permitted_paths(properties.get_paths(property_name_prefix + ".permitted.paths", false));
596   }
597 
598   failure_guard.Disable();
599   *config = &g_config;
600   return true;
601 }
602 
get_vndk_version_string(const char delimiter)603 std::string Config::get_vndk_version_string(const char delimiter) {
604   std::string version = android::base::GetProperty("ro.vndk.version", "");
605   if (version != "" && version != "current") {
606     //add the delimiter char in front of the string and return it.
607     return version.insert(0, 1, delimiter);
608   }
609   return "";
610 }
611 
create_namespace_config(const std::string & name)612 NamespaceConfig* Config::create_namespace_config(const std::string& name) {
613   namespace_configs_.push_back(std::unique_ptr<NamespaceConfig>(new NamespaceConfig(name)));
614   NamespaceConfig* ns_config_ptr = namespace_configs_.back().get();
615   namespace_configs_map_[name] = ns_config_ptr;
616   return ns_config_ptr;
617 }
618 
clear()619 void Config::clear() {
620   namespace_configs_.clear();
621   namespace_configs_map_.clear();
622 }
623