1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "user_collector.h"
18
19 #include <elf.h>
20 #include <fcntl.h>
21 #include <grp.h> // For struct group.
22 #include <pcrecpp.h>
23 #include <pwd.h> // For struct passwd.
24 #include <stdint.h>
25 #include <sys/cdefs.h> // For __WORDSIZE
26 #include <sys/fsuid.h>
27 #include <sys/types.h> // For getpwuid_r, getgrnam_r, WEXITSTATUS.
28 #include <unistd.h> // For setgroups
29
30 #include <iostream> // For std::oct
31 #include <string>
32 #include <vector>
33
34 #include <base/files/file_util.h>
35 #include <base/logging.h>
36 #include <base/posix/eintr_wrapper.h>
37 #include <base/strings/string_split.h>
38 #include <base/strings/string_util.h>
39 #include <base/strings/stringprintf.h>
40 #include <brillo/osrelease_reader.h>
41 #include <brillo/process.h>
42 #include <brillo/syslog_logging.h>
43 #include <cutils/properties.h>
44 #include <private/android_filesystem_config.h>
45
46 static const char kCollectionErrorSignature[] =
47 "crash_reporter-user-collection";
48 static const char kCorePatternProperty[] = "crash_reporter.coredump.enabled";
49 static const char kCoreToMinidumpConverterPath[] = "/system/bin/core2md";
50
51 static const char kStatePrefix[] = "State:\t";
52
53 static const char kCoreTempFolder[] = "/data/misc/crash_reporter/tmp";
54
55 // Define an otherwise invalid value that represents an unknown UID and GID.
56 static const uid_t kUnknownUid = -1;
57 static const gid_t kUnknownGid = -1;
58
59 const char *UserCollector::kUserId = "Uid:\t";
60 const char *UserCollector::kGroupId = "Gid:\t";
61
62 // Product information keys in the /etc/os-release.d folder.
63 static const char kBdkVersionKey[] = "bdk_version";
64 static const char kProductIDKey[] = "product_id";
65 static const char kProductVersionKey[] = "product_version";
66
67
68 using base::FilePath;
69 using base::StringPrintf;
70
UserCollector()71 UserCollector::UserCollector()
72 : generate_diagnostics_(false),
73 initialized_(false) {
74 }
75
Initialize(UserCollector::CountCrashFunction count_crash_function,const std::string & our_path,UserCollector::IsFeedbackAllowedFunction is_feedback_allowed_function,bool generate_diagnostics,bool core2md_failure,bool directory_failure,const std::string & filter_in)76 void UserCollector::Initialize(
77 UserCollector::CountCrashFunction count_crash_function,
78 const std::string &our_path,
79 UserCollector::IsFeedbackAllowedFunction is_feedback_allowed_function,
80 bool generate_diagnostics,
81 bool core2md_failure,
82 bool directory_failure,
83 const std::string &filter_in) {
84 CrashCollector::Initialize(count_crash_function,
85 is_feedback_allowed_function);
86 our_path_ = our_path;
87 initialized_ = true;
88 generate_diagnostics_ = generate_diagnostics;
89 core2md_failure_ = core2md_failure;
90 directory_failure_ = directory_failure;
91 filter_in_ = filter_in;
92
93 gid_t groups[] = { AID_ROOT, AID_SYSTEM, AID_DBUS, AID_READPROC };
94 if (setgroups(arraysize(groups), groups) != 0) {
95 PLOG(FATAL) << "Unable to set groups to root, system, dbus, and readproc";
96 }
97 }
98
~UserCollector()99 UserCollector::~UserCollector() {
100 }
101
GetErrorTypeSignature(ErrorType error_type) const102 std::string UserCollector::GetErrorTypeSignature(ErrorType error_type) const {
103 switch (error_type) {
104 case kErrorSystemIssue:
105 return "system-issue";
106 case kErrorReadCoreData:
107 return "read-core-data";
108 case kErrorUnusableProcFiles:
109 return "unusable-proc-files";
110 case kErrorInvalidCoreFile:
111 return "invalid-core-file";
112 case kErrorUnsupported32BitCoreFile:
113 return "unsupported-32bit-core-file";
114 case kErrorCore2MinidumpConversion:
115 return "core2md-conversion";
116 default:
117 return "";
118 }
119 }
120
SetUpInternal(bool enabled)121 bool UserCollector::SetUpInternal(bool enabled) {
122 CHECK(initialized_);
123 LOG(INFO) << (enabled ? "Enabling" : "Disabling") << " user crash handling";
124
125 property_set(kCorePatternProperty, enabled ? "1" : "0");
126
127 return true;
128 }
129
GetFirstLineWithPrefix(const std::vector<std::string> & lines,const char * prefix,std::string * line)130 bool UserCollector::GetFirstLineWithPrefix(
131 const std::vector<std::string> &lines,
132 const char *prefix, std::string *line) {
133 std::vector<std::string>::const_iterator line_iterator;
134 for (line_iterator = lines.begin(); line_iterator != lines.end();
135 ++line_iterator) {
136 if (line_iterator->find(prefix) == 0) {
137 *line = *line_iterator;
138 return true;
139 }
140 }
141 return false;
142 }
143
GetIdFromStatus(const char * prefix,IdKind kind,const std::vector<std::string> & status_lines,int * id)144 bool UserCollector::GetIdFromStatus(
145 const char *prefix, IdKind kind,
146 const std::vector<std::string> &status_lines, int *id) {
147 // From fs/proc/array.c:task_state(), this file contains:
148 // \nUid:\t<uid>\t<euid>\t<suid>\t<fsuid>\n
149 std::string id_line;
150 if (!GetFirstLineWithPrefix(status_lines, prefix, &id_line)) {
151 return false;
152 }
153 std::string id_substring = id_line.substr(strlen(prefix), std::string::npos);
154 std::vector<std::string> ids = base::SplitString(
155 id_substring, "\t", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
156 if (ids.size() != kIdMax || kind < 0 || kind >= kIdMax) {
157 return false;
158 }
159 const char *number = ids[kind].c_str();
160 char *end_number = nullptr;
161 *id = strtol(number, &end_number, 10);
162 if (*end_number != '\0') {
163 return false;
164 }
165 return true;
166 }
167
GetStateFromStatus(const std::vector<std::string> & status_lines,std::string * state)168 bool UserCollector::GetStateFromStatus(
169 const std::vector<std::string> &status_lines, std::string *state) {
170 std::string state_line;
171 if (!GetFirstLineWithPrefix(status_lines, kStatePrefix, &state_line)) {
172 return false;
173 }
174 *state = state_line.substr(strlen(kStatePrefix), std::string::npos);
175 return true;
176 }
177
EnqueueCollectionErrorLog(pid_t pid,ErrorType error_type,const std::string & exec)178 void UserCollector::EnqueueCollectionErrorLog(pid_t pid,
179 ErrorType error_type,
180 const std::string &exec) {
181 FilePath crash_path;
182 LOG(INFO) << "Writing conversion problems as separate crash report.";
183 if (!GetCreatedCrashDirectoryByEuid(0, &crash_path, nullptr)) {
184 LOG(ERROR) << "Could not even get log directory; out of space?";
185 return;
186 }
187 AddCrashMetaData("sig", kCollectionErrorSignature);
188 AddCrashMetaData("error_type", GetErrorTypeSignature(error_type));
189 std::string dump_basename = FormatDumpBasename(exec, time(nullptr), pid);
190 std::string error_log = brillo::GetLog();
191 FilePath diag_log_path = GetCrashPath(crash_path, dump_basename, "diaglog");
192 if (GetLogContents(FilePath(log_config_path_), kCollectionErrorSignature,
193 diag_log_path)) {
194 // We load the contents of diag_log into memory and append it to
195 // the error log. We cannot just append to files because we need
196 // to always create new files to prevent attack.
197 std::string diag_log_contents;
198 base::ReadFileToString(diag_log_path, &diag_log_contents);
199 error_log.append(diag_log_contents);
200 base::DeleteFile(diag_log_path, false);
201 }
202 FilePath log_path = GetCrashPath(crash_path, dump_basename, "log");
203 FilePath meta_path = GetCrashPath(crash_path, dump_basename, "meta");
204 // We must use WriteNewFile instead of base::WriteFile as we do
205 // not want to write with root access to a symlink that an attacker
206 // might have created.
207 if (WriteNewFile(log_path, error_log.data(), error_log.length()) < 0) {
208 LOG(ERROR) << "Error writing new file " << log_path.value();
209 return;
210 }
211 WriteCrashMetaData(meta_path, exec, log_path.value());
212 }
213
CopyOffProcFiles(pid_t pid,const FilePath & container_dir)214 bool UserCollector::CopyOffProcFiles(pid_t pid,
215 const FilePath &container_dir) {
216 if (!base::CreateDirectory(container_dir)) {
217 PLOG(ERROR) << "Could not create " << container_dir.value();
218 return false;
219 }
220 int dir_mask = base::FILE_PERMISSION_READ_BY_USER
221 | base::FILE_PERMISSION_WRITE_BY_USER
222 | base::FILE_PERMISSION_EXECUTE_BY_USER
223 | base::FILE_PERMISSION_READ_BY_GROUP
224 | base::FILE_PERMISSION_WRITE_BY_GROUP;
225 if (!base::SetPosixFilePermissions(container_dir,
226 base::FILE_PERMISSION_MASK & dir_mask)) {
227 PLOG(ERROR) << "Could not set permissions for " << container_dir.value()
228 << " to " << std::oct
229 << (base::FILE_PERMISSION_MASK & dir_mask);
230 return false;
231 }
232 FilePath process_path = GetProcessPath(pid);
233 if (!base::PathExists(process_path)) {
234 LOG(ERROR) << "Path " << process_path.value() << " does not exist";
235 return false;
236 }
237 static const char *proc_files[] = {
238 "auxv",
239 "cmdline",
240 "environ",
241 "maps",
242 "status"
243 };
244 for (unsigned i = 0; i < arraysize(proc_files); ++i) {
245 if (!base::CopyFile(process_path.Append(proc_files[i]),
246 container_dir.Append(proc_files[i]))) {
247 LOG(ERROR) << "Could not copy " << proc_files[i] << " file";
248 return false;
249 }
250 }
251 return true;
252 }
253
ValidateProcFiles(const FilePath & container_dir) const254 bool UserCollector::ValidateProcFiles(const FilePath &container_dir) const {
255 // Check if the maps file is empty, which could be due to the crashed
256 // process being reaped by the kernel before finishing a core dump.
257 int64_t file_size = 0;
258 if (!base::GetFileSize(container_dir.Append("maps"), &file_size)) {
259 LOG(ERROR) << "Could not get the size of maps file";
260 return false;
261 }
262 if (file_size == 0) {
263 LOG(ERROR) << "maps file is empty";
264 return false;
265 }
266 return true;
267 }
268
ValidateCoreFile(const FilePath & core_path) const269 UserCollector::ErrorType UserCollector::ValidateCoreFile(
270 const FilePath &core_path) const {
271 int fd = HANDLE_EINTR(open(core_path.value().c_str(), O_RDONLY));
272 if (fd < 0) {
273 PLOG(ERROR) << "Could not open core file " << core_path.value();
274 return kErrorInvalidCoreFile;
275 }
276
277 char e_ident[EI_NIDENT];
278 bool read_ok = base::ReadFromFD(fd, e_ident, sizeof(e_ident));
279 IGNORE_EINTR(close(fd));
280 if (!read_ok) {
281 LOG(ERROR) << "Could not read header of core file";
282 return kErrorInvalidCoreFile;
283 }
284
285 if (e_ident[EI_MAG0] != ELFMAG0 || e_ident[EI_MAG1] != ELFMAG1 ||
286 e_ident[EI_MAG2] != ELFMAG2 || e_ident[EI_MAG3] != ELFMAG3) {
287 LOG(ERROR) << "Invalid core file";
288 return kErrorInvalidCoreFile;
289 }
290
291 #if __WORDSIZE == 64
292 // TODO(benchan, mkrebs): Remove this check once core2md can
293 // handles both 32-bit and 64-bit ELF on a 64-bit platform.
294 if (e_ident[EI_CLASS] == ELFCLASS32) {
295 LOG(ERROR) << "Conversion of 32-bit core file on 64-bit platform is "
296 << "currently not supported";
297 return kErrorUnsupported32BitCoreFile;
298 }
299 #endif
300
301 return kErrorNone;
302 }
303
GetCreatedCrashDirectory(pid_t pid,uid_t supplied_ruid,FilePath * crash_file_path,bool * out_of_capacity)304 bool UserCollector::GetCreatedCrashDirectory(pid_t pid, uid_t supplied_ruid,
305 FilePath *crash_file_path,
306 bool *out_of_capacity) {
307 FilePath process_path = GetProcessPath(pid);
308 std::string status;
309 if (directory_failure_) {
310 LOG(ERROR) << "Purposefully failing to create spool directory";
311 return false;
312 }
313
314 uid_t uid;
315 if (base::ReadFileToString(process_path.Append("status"), &status)) {
316 std::vector<std::string> status_lines = base::SplitString(
317 status, "\n", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
318
319 std::string process_state;
320 if (!GetStateFromStatus(status_lines, &process_state)) {
321 LOG(ERROR) << "Could not find process state in status file";
322 return false;
323 }
324 LOG(INFO) << "State of crashed process [" << pid << "]: " << process_state;
325
326 // Get effective UID of crashing process.
327 int id;
328 if (!GetIdFromStatus(kUserId, kIdEffective, status_lines, &id)) {
329 LOG(ERROR) << "Could not find euid in status file";
330 return false;
331 }
332 uid = id;
333 } else if (supplied_ruid != kUnknownUid) {
334 LOG(INFO) << "Using supplied UID " << supplied_ruid
335 << " for crashed process [" << pid
336 << "] due to error reading status file";
337 uid = supplied_ruid;
338 } else {
339 LOG(ERROR) << "Could not read status file and kernel did not supply UID";
340 LOG(INFO) << "Path " << process_path.value() << " DirectoryExists: "
341 << base::DirectoryExists(process_path);
342 return false;
343 }
344
345 if (!GetCreatedCrashDirectoryByEuid(uid, crash_file_path, out_of_capacity)) {
346 LOG(ERROR) << "Could not create crash directory";
347 return false;
348 }
349 return true;
350 }
351
CopyStdinToCoreFile(const FilePath & core_path)352 bool UserCollector::CopyStdinToCoreFile(const FilePath &core_path) {
353 // Copy off all stdin to a core file.
354 FilePath stdin_path("/proc/self/fd/0");
355 if (base::CopyFile(stdin_path, core_path)) {
356 return true;
357 }
358
359 PLOG(ERROR) << "Could not write core file";
360 // If the file system was full, make sure we remove any remnants.
361 base::DeleteFile(core_path, false);
362 return false;
363 }
364
RunCoreToMinidump(const FilePath & core_path,const FilePath & procfs_directory,const FilePath & minidump_path,const FilePath & temp_directory)365 bool UserCollector::RunCoreToMinidump(const FilePath &core_path,
366 const FilePath &procfs_directory,
367 const FilePath &minidump_path,
368 const FilePath &temp_directory) {
369 FilePath output_path = temp_directory.Append("output");
370 brillo::ProcessImpl core2md;
371 core2md.RedirectOutput(output_path.value());
372 core2md.AddArg(kCoreToMinidumpConverterPath);
373 core2md.AddArg(core_path.value());
374 core2md.AddArg(procfs_directory.value());
375
376 if (!core2md_failure_) {
377 core2md.AddArg(minidump_path.value());
378 } else {
379 // To test how core2md errors are propagaged, cause an error
380 // by forgetting a required argument.
381 }
382
383 int errorlevel = core2md.Run();
384
385 std::string output;
386 base::ReadFileToString(output_path, &output);
387 if (errorlevel != 0) {
388 LOG(ERROR) << "Problem during " << kCoreToMinidumpConverterPath
389 << " [result=" << errorlevel << "]: " << output;
390 return false;
391 }
392
393 if (!base::PathExists(minidump_path)) {
394 LOG(ERROR) << "Minidump file " << minidump_path.value()
395 << " was not created";
396 return false;
397 }
398 return true;
399 }
400
ConvertCoreToMinidump(pid_t pid,const FilePath & container_dir,const FilePath & core_path,const FilePath & minidump_path)401 UserCollector::ErrorType UserCollector::ConvertCoreToMinidump(
402 pid_t pid,
403 const FilePath &container_dir,
404 const FilePath &core_path,
405 const FilePath &minidump_path) {
406 // If proc files are unuable, we continue to read the core file from stdin,
407 // but only skip the core-to-minidump conversion, so that we may still use
408 // the core file for debugging.
409 bool proc_files_usable =
410 CopyOffProcFiles(pid, container_dir) && ValidateProcFiles(container_dir);
411
412 // Switch back to the original UID/GID.
413 gid_t rgid, egid, sgid;
414 if (getresgid(&rgid, &egid, &sgid) != 0) {
415 PLOG(FATAL) << "Unable to read saved gid";
416 }
417 if (setresgid(sgid, sgid, -1) != 0) {
418 PLOG(FATAL) << "Unable to set real group ID back to saved gid";
419 } else {
420 if (getresgid(&rgid, &egid, &sgid) != 0) {
421 // If the groups cannot be read at this point, the rgid variable will
422 // contain the previously read group ID from before changing it. This
423 // will cause the chown call below to set the incorrect group for
424 // non-root crashes. But do not treat this as a fatal error, so that
425 // the rest of the collection will continue for potential manual
426 // collection by a developer.
427 PLOG(ERROR) << "Unable to read real group ID after setting it";
428 }
429 }
430
431 uid_t ruid, euid, suid;
432 if (getresuid(&ruid, &euid, &suid) != 0) {
433 PLOG(FATAL) << "Unable to read saved uid";
434 }
435 if (setresuid(suid, suid, -1) != 0) {
436 PLOG(FATAL) << "Unable to set real user ID back to saved uid";
437 } else {
438 if (getresuid(&ruid, &euid, &suid) != 0) {
439 // If the user ID cannot be read at this point, the ruid variable will
440 // contain the previously read user ID from before changing it. This
441 // will cause the chown call below to set the incorrect user for
442 // non-root crashes. But do not treat this as a fatal error, so that
443 // the rest of the collection will continue for potential manual
444 // collection by a developer.
445 PLOG(ERROR) << "Unable to read real user ID after setting it";
446 }
447 }
448
449 if (!CopyStdinToCoreFile(core_path)) {
450 return kErrorReadCoreData;
451 }
452
453 if (!proc_files_usable) {
454 LOG(INFO) << "Skipped converting core file to minidump due to "
455 << "unusable proc files";
456 return kErrorUnusableProcFiles;
457 }
458
459 ErrorType error = ValidateCoreFile(core_path);
460 if (error != kErrorNone) {
461 return error;
462 }
463
464 // Chown the temp container directory back to the original user/group that
465 // crash_reporter is run as, so that additional files can be written to
466 // the temp folder.
467 if (chown(container_dir.value().c_str(), ruid, rgid) < 0) {
468 PLOG(ERROR) << "Could not set owner for " << container_dir.value();
469 }
470
471 if (!RunCoreToMinidump(core_path,
472 container_dir, // procfs directory
473 minidump_path,
474 container_dir)) { // temporary directory
475 return kErrorCore2MinidumpConversion;
476 }
477
478 LOG(INFO) << "Stored minidump to " << minidump_path.value();
479 return kErrorNone;
480 }
481
ConvertAndEnqueueCrash(pid_t pid,const std::string & exec,uid_t supplied_ruid,bool * out_of_capacity)482 UserCollector::ErrorType UserCollector::ConvertAndEnqueueCrash(
483 pid_t pid, const std::string &exec, uid_t supplied_ruid,
484 bool *out_of_capacity) {
485 FilePath crash_path;
486 if (!GetCreatedCrashDirectory(pid, supplied_ruid, &crash_path,
487 out_of_capacity)) {
488 LOG(ERROR) << "Unable to find/create process-specific crash path";
489 return kErrorSystemIssue;
490 }
491
492 // Directory like /tmp/crash_reporter/1234 which contains the
493 // procfs entries and other temporary files used during conversion.
494 FilePath container_dir(StringPrintf("%s/%d", kCoreTempFolder, pid));
495 // Delete a pre-existing directory from crash reporter that may have
496 // been left around for diagnostics from a failed conversion attempt.
497 // If we don't, existing files can cause forking to fail.
498 base::DeleteFile(container_dir, true);
499 std::string dump_basename = FormatDumpBasename(exec, time(nullptr), pid);
500 FilePath core_path = GetCrashPath(crash_path, dump_basename, "core");
501 FilePath meta_path = GetCrashPath(crash_path, dump_basename, "meta");
502 FilePath minidump_path = GetCrashPath(crash_path, dump_basename, "dmp");
503 FilePath log_path = GetCrashPath(crash_path, dump_basename, "log");
504
505 if (GetLogContents(FilePath(log_config_path_), exec, log_path))
506 AddCrashMetaData("log", log_path.value());
507
508 brillo::OsReleaseReader reader;
509 reader.Load();
510 std::string value = "undefined";
511 if (!reader.GetString(kBdkVersionKey, &value)) {
512 LOG(ERROR) << "Could not read " << kBdkVersionKey
513 << " from /etc/os-release.d/";
514 }
515 AddCrashMetaData(kBdkVersionKey, value);
516
517 value = "undefined";
518 if (!reader.GetString(kProductIDKey, &value)) {
519 LOG(ERROR) << "Could not read " << kProductIDKey
520 << " from /etc/os-release.d/";
521 }
522 AddCrashMetaData(kProductIDKey, value);
523
524 value = "undefined";
525 if (!reader.GetString(kProductVersionKey, &value)) {
526 LOG(ERROR) << "Could not read " << kProductVersionKey
527 << " from /etc/os-release.d/";
528 }
529 AddCrashMetaData(kProductVersionKey, value);
530
531 ErrorType error_type =
532 ConvertCoreToMinidump(pid, container_dir, core_path, minidump_path);
533 if (error_type != kErrorNone) {
534 LOG(INFO) << "Leaving core file at " << core_path.value()
535 << " due to conversion error";
536 return error_type;
537 }
538
539 // Here we commit to sending this file. We must not return false
540 // after this point or we will generate a log report as well as a
541 // crash report.
542 WriteCrashMetaData(meta_path,
543 exec,
544 minidump_path.value());
545
546 if (!IsDeveloperImage()) {
547 base::DeleteFile(core_path, false);
548 } else {
549 LOG(INFO) << "Leaving core file at " << core_path.value()
550 << " due to developer image";
551 }
552
553 base::DeleteFile(container_dir, true);
554 return kErrorNone;
555 }
556
ParseCrashAttributes(const std::string & crash_attributes,pid_t * pid,int * signal,uid_t * uid,gid_t * gid,std::string * kernel_supplied_name)557 bool UserCollector::ParseCrashAttributes(const std::string &crash_attributes,
558 pid_t *pid, int *signal, uid_t *uid,
559 gid_t *gid,
560 std::string *kernel_supplied_name) {
561 pcrecpp::RE re("(\\d+):(\\d+):(\\d+):(\\d+):(.*)");
562 if (re.FullMatch(crash_attributes, pid, signal, uid, gid,
563 kernel_supplied_name))
564 return true;
565
566 LOG(INFO) << "Falling back to parsing crash attributes '"
567 << crash_attributes << "' without UID and GID";
568 pcrecpp::RE re_without_uid("(\\d+):(\\d+):(.*)");
569 *uid = kUnknownUid;
570 *gid = kUnknownGid;
571 return re_without_uid.FullMatch(crash_attributes, pid, signal,
572 kernel_supplied_name);
573 }
574
ShouldDump(bool has_owner_consent,bool is_developer,std::string * reason)575 bool UserCollector::ShouldDump(bool has_owner_consent,
576 bool is_developer,
577 std::string *reason) {
578 reason->clear();
579
580 // For developer builds, we always want to keep the crash reports unless
581 // we're testing the crash facilities themselves. This overrides
582 // feedback. Crash sending still obeys consent.
583 if (is_developer) {
584 *reason = "developer build - not testing - always dumping";
585 return true;
586 }
587
588 if (!has_owner_consent) {
589 *reason = "ignoring - no consent";
590 return false;
591 }
592
593 *reason = "handling";
594 return true;
595 }
596
HandleCrash(const std::string & crash_attributes,const char * force_exec)597 bool UserCollector::HandleCrash(const std::string &crash_attributes,
598 const char *force_exec) {
599 CHECK(initialized_);
600 pid_t pid = 0;
601 int signal = 0;
602 uid_t supplied_ruid = kUnknownUid;
603 gid_t supplied_rgid = kUnknownGid;
604 std::string kernel_supplied_name;
605
606 if (!ParseCrashAttributes(crash_attributes, &pid, &signal, &supplied_ruid,
607 &supplied_rgid, &kernel_supplied_name)) {
608 LOG(ERROR) << "Invalid parameter: --user=" << crash_attributes;
609 return false;
610 }
611
612 // Switch to the group and user that ran the crashing binary in order to
613 // access their /proc files. Do not set suid/sgid, so that we can switch
614 // back after copying the necessary files.
615 if (setresgid(supplied_rgid, supplied_rgid, -1) != 0) {
616 PLOG(FATAL) << "Unable to set real group ID to access process files";
617 }
618 if (setresuid(supplied_ruid, supplied_ruid, -1) != 0) {
619 PLOG(FATAL) << "Unable to set real user ID to access process files";
620 }
621
622 std::string exec;
623 if (force_exec) {
624 exec.assign(force_exec);
625 } else if (!GetExecutableBaseNameFromPid(pid, &exec)) {
626 // If we cannot find the exec name, use the kernel supplied name.
627 // We don't always use the kernel's since it truncates the name to
628 // 16 characters.
629 exec = StringPrintf("supplied_%s", kernel_supplied_name.c_str());
630 }
631
632 // Allow us to test the crash reporting mechanism successfully even if
633 // other parts of the system crash.
634 if (!filter_in_.empty() &&
635 (filter_in_ == "none" ||
636 filter_in_ != exec)) {
637 // We use a different format message to make it more obvious in tests
638 // which crashes are test generated and which are real.
639 LOG(WARNING) << "Ignoring crash from " << exec << "[" << pid << "] while "
640 << "filter_in=" << filter_in_ << ".";
641 return true;
642 }
643
644 std::string reason;
645 bool dump = ShouldDump(is_feedback_allowed_function_(),
646 IsDeveloperImage(),
647 &reason);
648
649 LOG(WARNING) << "Received crash notification for " << exec << "[" << pid
650 << "] sig " << signal << ", user " << supplied_ruid
651 << " (" << reason << ")";
652
653 if (dump) {
654 count_crash_function_();
655
656 if (generate_diagnostics_) {
657 bool out_of_capacity = false;
658 ErrorType error_type =
659 ConvertAndEnqueueCrash(pid, exec, supplied_ruid, &out_of_capacity);
660 if (error_type != kErrorNone) {
661 if (!out_of_capacity)
662 EnqueueCollectionErrorLog(pid, error_type, exec);
663 return false;
664 }
665 }
666 }
667
668 return true;
669 }
670