1 /*
2 * Copyright 2014 Google, Inc
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 //#define LOG_NDEBUG 0
18 #define LOG_TAG "libprocessgroup"
19
20 #include <assert.h>
21 #include <dirent.h>
22 #include <errno.h>
23 #include <fcntl.h>
24 #include <inttypes.h>
25 #include <stdbool.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <sys/stat.h>
30 #include <sys/types.h>
31
32 #include <log/log.h>
33 #include <private/android_filesystem_config.h>
34
35 #include <utils/SystemClock.h>
36
37 #include <processgroup/processgroup.h>
38 #include "processgroup_priv.h"
39
40 struct ctx {
41 bool initialized;
42 int fd;
43 char buf[128];
44 char *buf_ptr;
45 size_t buf_len;
46 };
47
convertUidToPath(char * path,size_t size,uid_t uid)48 static int convertUidToPath(char *path, size_t size, uid_t uid)
49 {
50 return snprintf(path, size, "%s/%s%d",
51 PROCESSGROUP_CGROUP_PATH,
52 PROCESSGROUP_UID_PREFIX,
53 uid);
54 }
55
convertUidPidToPath(char * path,size_t size,uid_t uid,int pid)56 static int convertUidPidToPath(char *path, size_t size, uid_t uid, int pid)
57 {
58 return snprintf(path, size, "%s/%s%d/%s%d",
59 PROCESSGROUP_CGROUP_PATH,
60 PROCESSGROUP_UID_PREFIX,
61 uid,
62 PROCESSGROUP_PID_PREFIX,
63 pid);
64 }
65
initCtx(uid_t uid,int pid,struct ctx * ctx)66 static int initCtx(uid_t uid, int pid, struct ctx *ctx)
67 {
68 int ret;
69 char path[PROCESSGROUP_MAX_PATH_LEN] = {0};
70 convertUidPidToPath(path, sizeof(path), uid, pid);
71 strlcat(path, PROCESSGROUP_CGROUP_PROCS_FILE, sizeof(path));
72
73 int fd = open(path, O_RDONLY);
74 if (fd < 0) {
75 ret = -errno;
76 SLOGW("failed to open %s: %s", path, strerror(errno));
77 return ret;
78 }
79
80 ctx->fd = fd;
81 ctx->buf_ptr = ctx->buf;
82 ctx->buf_len = 0;
83 ctx->initialized = true;
84
85 SLOGV("Initialized context for %s", path);
86
87 return 0;
88 }
89
refillBuffer(struct ctx * ctx)90 static int refillBuffer(struct ctx *ctx)
91 {
92 memmove(ctx->buf, ctx->buf_ptr, ctx->buf_len);
93 ctx->buf_ptr = ctx->buf;
94
95 ssize_t ret = read(ctx->fd, ctx->buf_ptr + ctx->buf_len,
96 sizeof(ctx->buf) - ctx->buf_len - 1);
97 if (ret < 0) {
98 return -errno;
99 } else if (ret == 0) {
100 return 0;
101 }
102
103 ctx->buf_len += ret;
104 ctx->buf[ctx->buf_len] = 0;
105 SLOGV("Read %zd to buffer: %s", ret, ctx->buf);
106
107 assert(ctx->buf_len <= sizeof(ctx->buf));
108
109 return ret;
110 }
111
getOneAppProcess(uid_t uid,int appProcessPid,struct ctx * ctx)112 static pid_t getOneAppProcess(uid_t uid, int appProcessPid, struct ctx *ctx)
113 {
114 if (!ctx->initialized) {
115 int ret = initCtx(uid, appProcessPid, ctx);
116 if (ret < 0) {
117 return ret;
118 }
119 }
120
121 char *eptr;
122 while ((eptr = (char *)memchr(ctx->buf_ptr, '\n', ctx->buf_len)) == NULL) {
123 int ret = refillBuffer(ctx);
124 if (ret == 0) {
125 return -ERANGE;
126 }
127 if (ret < 0) {
128 return ret;
129 }
130 }
131
132 *eptr = '\0';
133 char *pid_eptr = NULL;
134 errno = 0;
135 long pid = strtol(ctx->buf_ptr, &pid_eptr, 10);
136 if (errno != 0) {
137 return -errno;
138 }
139 if (pid_eptr != eptr) {
140 return -EINVAL;
141 }
142
143 ctx->buf_len -= (eptr - ctx->buf_ptr) + 1;
144 ctx->buf_ptr = eptr + 1;
145
146 return (pid_t)pid;
147 }
148
removeProcessGroup(uid_t uid,int pid)149 static int removeProcessGroup(uid_t uid, int pid)
150 {
151 int ret;
152 char path[PROCESSGROUP_MAX_PATH_LEN] = {0};
153
154 convertUidPidToPath(path, sizeof(path), uid, pid);
155 ret = rmdir(path);
156
157 convertUidToPath(path, sizeof(path), uid);
158 rmdir(path);
159
160 return ret;
161 }
162
removeUidProcessGroups(const char * uid_path)163 static void removeUidProcessGroups(const char *uid_path)
164 {
165 DIR *uid = opendir(uid_path);
166 if (uid != NULL) {
167 struct dirent cur;
168 struct dirent *dir;
169 while ((readdir_r(uid, &cur, &dir) == 0) && dir) {
170 char path[PROCESSGROUP_MAX_PATH_LEN];
171
172 if (dir->d_type != DT_DIR) {
173 continue;
174 }
175
176 if (strncmp(dir->d_name, PROCESSGROUP_PID_PREFIX, strlen(PROCESSGROUP_PID_PREFIX))) {
177 continue;
178 }
179
180 snprintf(path, sizeof(path), "%s/%s", uid_path, dir->d_name);
181 SLOGV("removing %s\n", path);
182 rmdir(path);
183 }
184 closedir(uid);
185 }
186 }
187
removeAllProcessGroups()188 void removeAllProcessGroups()
189 {
190 SLOGV("removeAllProcessGroups()");
191 DIR *root = opendir(PROCESSGROUP_CGROUP_PATH);
192 if (root == NULL) {
193 SLOGE("failed to open %s: %s", PROCESSGROUP_CGROUP_PATH, strerror(errno));
194 } else {
195 struct dirent cur;
196 struct dirent *dir;
197 while ((readdir_r(root, &cur, &dir) == 0) && dir) {
198 char path[PROCESSGROUP_MAX_PATH_LEN];
199
200 if (dir->d_type != DT_DIR) {
201 continue;
202 }
203 if (strncmp(dir->d_name, PROCESSGROUP_UID_PREFIX, strlen(PROCESSGROUP_UID_PREFIX))) {
204 continue;
205 }
206
207 snprintf(path, sizeof(path), "%s/%s", PROCESSGROUP_CGROUP_PATH, dir->d_name);
208 removeUidProcessGroups(path);
209 SLOGV("removing %s\n", path);
210 rmdir(path);
211 }
212 closedir(root);
213 }
214 }
215
killProcessGroupOnce(uid_t uid,int initialPid,int signal)216 static int killProcessGroupOnce(uid_t uid, int initialPid, int signal)
217 {
218 int processes = 0;
219 struct ctx ctx;
220 pid_t pid;
221
222 ctx.initialized = false;
223
224 while ((pid = getOneAppProcess(uid, initialPid, &ctx)) >= 0) {
225 processes++;
226 if (pid == 0) {
227 // Should never happen... but if it does, trying to kill this
228 // will boomerang right back and kill us! Let's not let that happen.
229 SLOGW("Yikes, we've been told to kill pid 0! How about we don't do that.");
230 continue;
231 }
232 if (pid != initialPid) {
233 // We want to be noisy about killing processes so we can understand
234 // what is going on in the log; however, don't be noisy about the base
235 // process, since that it something we always kill, and we have already
236 // logged elsewhere about killing it.
237 SLOGI("Killing pid %d in uid %d as part of process group %d", pid, uid, initialPid);
238 }
239 int ret = kill(pid, signal);
240 if (ret == -1) {
241 SLOGW("failed to kill pid %d: %s", pid, strerror(errno));
242 }
243 }
244
245 if (ctx.initialized) {
246 close(ctx.fd);
247 }
248
249 return processes;
250 }
251
killProcessGroup(uid_t uid,int initialPid,int signal)252 int killProcessGroup(uid_t uid, int initialPid, int signal)
253 {
254 int processes;
255 const int sleep_us = 5 * 1000; // 5ms
256 int64_t startTime = android::uptimeMillis();
257 int retry = 40;
258
259 while ((processes = killProcessGroupOnce(uid, initialPid, signal)) > 0) {
260 SLOGV("killed %d processes for processgroup %d\n", processes, initialPid);
261 if (retry > 0) {
262 usleep(sleep_us);
263 --retry;
264 } else {
265 SLOGE("failed to kill %d processes for processgroup %d\n",
266 processes, initialPid);
267 break;
268 }
269 }
270
271 SLOGV("Killed process group uid %d pid %d in %" PRId64 "ms, %d procs remain", uid, initialPid,
272 android::uptimeMillis()-startTime, processes);
273
274 if (processes == 0) {
275 return removeProcessGroup(uid, initialPid);
276 } else {
277 return -1;
278 }
279 }
280
mkdirAndChown(const char * path,mode_t mode,uid_t uid,gid_t gid)281 static int mkdirAndChown(const char *path, mode_t mode, uid_t uid, gid_t gid)
282 {
283 int ret;
284
285 ret = mkdir(path, mode);
286 if (ret < 0 && errno != EEXIST) {
287 return -errno;
288 }
289
290 ret = chown(path, uid, gid);
291 if (ret < 0) {
292 ret = -errno;
293 rmdir(path);
294 return ret;
295 }
296
297 return 0;
298 }
299
createProcessGroup(uid_t uid,int initialPid)300 int createProcessGroup(uid_t uid, int initialPid)
301 {
302 char path[PROCESSGROUP_MAX_PATH_LEN] = {0};
303 int ret;
304
305 convertUidToPath(path, sizeof(path), uid);
306
307 ret = mkdirAndChown(path, 0750, AID_SYSTEM, AID_SYSTEM);
308 if (ret < 0) {
309 SLOGE("failed to make and chown %s: %s", path, strerror(-ret));
310 return ret;
311 }
312
313 convertUidPidToPath(path, sizeof(path), uid, initialPid);
314
315 ret = mkdirAndChown(path, 0750, AID_SYSTEM, AID_SYSTEM);
316 if (ret < 0) {
317 SLOGE("failed to make and chown %s: %s", path, strerror(-ret));
318 return ret;
319 }
320
321 strlcat(path, PROCESSGROUP_CGROUP_PROCS_FILE, sizeof(path));
322
323 int fd = open(path, O_WRONLY);
324 if (fd < 0) {
325 ret = -errno;
326 SLOGE("failed to open %s: %s", path, strerror(errno));
327 return ret;
328 }
329
330 char pid[PROCESSGROUP_MAX_PID_LEN + 1] = {0};
331 int len = snprintf(pid, sizeof(pid), "%d", initialPid);
332
333 ret = write(fd, pid, len);
334 if (ret < 0) {
335 ret = -errno;
336 SLOGE("failed to write '%s' to %s: %s", pid, path, strerror(errno));
337 } else {
338 ret = 0;
339 }
340
341 close(fd);
342 return ret;
343 }
344
345