1 /*
2  * Copyright (C) 2007-2016 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <ctype.h>
18 #include <errno.h>
19 #include <fcntl.h>
20 #include <stdbool.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <sys/types.h>
24 
25 #include <private/android_filesystem_config.h>
26 #include <private/android_logger.h>
27 
28 #include "config_read.h"
29 #include "logger.h"
30 
31 static int pmsgAvailable(log_id_t logId);
32 static int pmsgVersion(struct android_log_logger* logger,
33                        struct android_log_transport_context* transp);
34 static int pmsgRead(struct android_log_logger_list* logger_list,
35                     struct android_log_transport_context* transp,
36                     struct log_msg* log_msg);
37 static void pmsgClose(struct android_log_logger_list* logger_list,
38                       struct android_log_transport_context* transp);
39 static int pmsgClear(struct android_log_logger* logger,
40                      struct android_log_transport_context* transp);
41 
42 LIBLOG_HIDDEN struct android_log_transport_read pmsgLoggerRead = {
43   .node = { &pmsgLoggerRead.node, &pmsgLoggerRead.node },
44   .name = "pmsg",
45   .available = pmsgAvailable,
46   .version = pmsgVersion,
47   .read = pmsgRead,
48   .poll = NULL,
49   .close = pmsgClose,
50   .clear = pmsgClear,
51   .setSize = NULL,
52   .getSize = NULL,
53   .getReadableSize = NULL,
54   .getPrune = NULL,
55   .setPrune = NULL,
56   .getStats = NULL,
57 };
58 
pmsgAvailable(log_id_t logId)59 static int pmsgAvailable(log_id_t logId) {
60   if (logId > LOG_ID_SECURITY) {
61     return -EINVAL;
62   }
63   if (access("/dev/pmsg0", W_OK) == 0) {
64     return 0;
65   }
66   return -EBADF;
67 }
68 
69 /* Determine the credentials of the caller */
uid_has_log_permission(uid_t uid)70 static bool uid_has_log_permission(uid_t uid) {
71   return (uid == AID_SYSTEM) || (uid == AID_LOG) || (uid == AID_ROOT) ||
72          (uid == AID_LOGD);
73 }
74 
get_best_effective_uid()75 static uid_t get_best_effective_uid() {
76   uid_t euid;
77   uid_t uid;
78   gid_t gid;
79   ssize_t i;
80   static uid_t last_uid = (uid_t)-1;
81 
82   if (last_uid != (uid_t)-1) {
83     return last_uid;
84   }
85   uid = __android_log_uid();
86   if (uid_has_log_permission(uid)) {
87     return last_uid = uid;
88   }
89   euid = geteuid();
90   if (uid_has_log_permission(euid)) {
91     return last_uid = euid;
92   }
93   gid = getgid();
94   if (uid_has_log_permission(gid)) {
95     return last_uid = gid;
96   }
97   gid = getegid();
98   if (uid_has_log_permission(gid)) {
99     return last_uid = gid;
100   }
101   i = getgroups((size_t)0, NULL);
102   if (i > 0) {
103     gid_t list[i];
104 
105     getgroups(i, list);
106     while (--i >= 0) {
107       if (uid_has_log_permission(list[i])) {
108         return last_uid = list[i];
109       }
110     }
111   }
112   return last_uid = uid;
113 }
114 
pmsgClear(struct android_log_logger * logger __unused,struct android_log_transport_context * transp __unused)115 static int pmsgClear(struct android_log_logger* logger __unused,
116                      struct android_log_transport_context* transp __unused) {
117   if (uid_has_log_permission(get_best_effective_uid())) {
118     return unlink("/sys/fs/pstore/pmsg-ramoops-0");
119   }
120   errno = EPERM;
121   return -1;
122 }
123 
124 /*
125  * returns the logger version
126  */
pmsgVersion(struct android_log_logger * logger __unused,struct android_log_transport_context * transp __unused)127 static int pmsgVersion(struct android_log_logger* logger __unused,
128                        struct android_log_transport_context* transp __unused) {
129   return 4;
130 }
131 
pmsgRead(struct android_log_logger_list * logger_list,struct android_log_transport_context * transp,struct log_msg * log_msg)132 static int pmsgRead(struct android_log_logger_list* logger_list,
133                     struct android_log_transport_context* transp,
134                     struct log_msg* log_msg) {
135   ssize_t ret;
136   off_t current, next;
137   uid_t uid;
138   struct android_log_logger* logger;
139   struct __attribute__((__packed__)) {
140     android_pmsg_log_header_t p;
141     android_log_header_t l;
142     uint8_t prio;
143   } buf;
144   static uint8_t preread_count;
145   bool is_system;
146 
147   memset(log_msg, 0, sizeof(*log_msg));
148 
149   if (atomic_load(&transp->context.fd) <= 0) {
150     int i, fd = open("/sys/fs/pstore/pmsg-ramoops-0", O_RDONLY | O_CLOEXEC);
151 
152     if (fd < 0) {
153       return -errno;
154     }
155     if (fd == 0) { /* Argggg */
156       fd = open("/sys/fs/pstore/pmsg-ramoops-0", O_RDONLY | O_CLOEXEC);
157       close(0);
158       if (fd < 0) {
159         return -errno;
160       }
161     }
162     i = atomic_exchange(&transp->context.fd, fd);
163     if ((i > 0) && (i != fd)) {
164       close(i);
165     }
166     preread_count = 0;
167   }
168 
169   while (1) {
170     int fd;
171 
172     if (preread_count < sizeof(buf)) {
173       fd = atomic_load(&transp->context.fd);
174       if (fd <= 0) {
175         return -EBADF;
176       }
177       ret = TEMP_FAILURE_RETRY(
178           read(fd, &buf.p.magic + preread_count, sizeof(buf) - preread_count));
179       if (ret < 0) {
180         return -errno;
181       }
182       preread_count += ret;
183     }
184     if (preread_count != sizeof(buf)) {
185       return preread_count ? -EIO : -EAGAIN;
186     }
187     if ((buf.p.magic != LOGGER_MAGIC) || (buf.p.len <= sizeof(buf)) ||
188         (buf.p.len > (sizeof(buf) + LOGGER_ENTRY_MAX_PAYLOAD)) ||
189         (buf.l.id >= LOG_ID_MAX) || (buf.l.realtime.tv_nsec >= NS_PER_SEC) ||
190         ((buf.l.id != LOG_ID_EVENTS) && (buf.l.id != LOG_ID_SECURITY) &&
191          ((buf.prio == ANDROID_LOG_UNKNOWN) ||
192           (buf.prio == ANDROID_LOG_DEFAULT) ||
193           (buf.prio >= ANDROID_LOG_SILENT)))) {
194       do {
195         memmove(&buf.p.magic, &buf.p.magic + 1, --preread_count);
196       } while (preread_count && (buf.p.magic != LOGGER_MAGIC));
197       continue;
198     }
199     preread_count = 0;
200 
201     if ((transp->logMask & (1 << buf.l.id)) &&
202         ((!logger_list->start.tv_sec && !logger_list->start.tv_nsec) ||
203          ((logger_list->start.tv_sec <= buf.l.realtime.tv_sec) &&
204           ((logger_list->start.tv_sec != buf.l.realtime.tv_sec) ||
205            (logger_list->start.tv_nsec <= buf.l.realtime.tv_nsec)))) &&
206         (!logger_list->pid || (logger_list->pid == buf.p.pid))) {
207       uid = get_best_effective_uid();
208       is_system = uid_has_log_permission(uid);
209       if (is_system || (uid == buf.p.uid)) {
210         char* msg = is_system ? log_msg->entry_v4.msg : log_msg->entry_v3.msg;
211         *msg = buf.prio;
212         fd = atomic_load(&transp->context.fd);
213         if (fd <= 0) {
214           return -EBADF;
215         }
216         ret = TEMP_FAILURE_RETRY(
217             read(fd, msg + sizeof(buf.prio), buf.p.len - sizeof(buf)));
218         if (ret < 0) {
219           return -errno;
220         }
221         if (ret != (ssize_t)(buf.p.len - sizeof(buf))) {
222           return -EIO;
223         }
224 
225         log_msg->entry_v4.len = buf.p.len - sizeof(buf) + sizeof(buf.prio);
226         log_msg->entry_v4.hdr_size =
227             is_system ? sizeof(log_msg->entry_v4) : sizeof(log_msg->entry_v3);
228         log_msg->entry_v4.pid = buf.p.pid;
229         log_msg->entry_v4.tid = buf.l.tid;
230         log_msg->entry_v4.sec = buf.l.realtime.tv_sec;
231         log_msg->entry_v4.nsec = buf.l.realtime.tv_nsec;
232         log_msg->entry_v4.lid = buf.l.id;
233         if (is_system) {
234           log_msg->entry_v4.uid = buf.p.uid;
235         }
236 
237         return ret + sizeof(buf.prio) + log_msg->entry_v4.hdr_size;
238       }
239     }
240 
241     fd = atomic_load(&transp->context.fd);
242     if (fd <= 0) {
243       return -EBADF;
244     }
245     current = TEMP_FAILURE_RETRY(lseek(fd, (off_t)0, SEEK_CUR));
246     if (current < 0) {
247       return -errno;
248     }
249     fd = atomic_load(&transp->context.fd);
250     if (fd <= 0) {
251       return -EBADF;
252     }
253     next = TEMP_FAILURE_RETRY(
254         lseek(fd, (off_t)(buf.p.len - sizeof(buf)), SEEK_CUR));
255     if (next < 0) {
256       return -errno;
257     }
258     if ((next - current) != (ssize_t)(buf.p.len - sizeof(buf))) {
259       return -EIO;
260     }
261   }
262 }
263 
pmsgClose(struct android_log_logger_list * logger_list __unused,struct android_log_transport_context * transp)264 static void pmsgClose(struct android_log_logger_list* logger_list __unused,
265                       struct android_log_transport_context* transp) {
266   int fd = atomic_exchange(&transp->context.fd, 0);
267   if (fd > 0) {
268     close(fd);
269   }
270 }
271 
272 LIBLOG_ABI_PRIVATE ssize_t
__android_log_pmsg_file_read(log_id_t logId,char prio,const char * prefix,__android_log_pmsg_file_read_fn fn,void * arg)273 __android_log_pmsg_file_read(log_id_t logId, char prio, const char* prefix,
274                              __android_log_pmsg_file_read_fn fn, void* arg) {
275   ssize_t ret;
276   struct android_log_logger_list logger_list;
277   struct android_log_transport_context transp;
278   struct content {
279     struct listnode node;
280     union {
281       struct logger_entry_v4 entry;
282       struct logger_entry_v4 entry_v4;
283       struct logger_entry_v3 entry_v3;
284       struct logger_entry_v2 entry_v2;
285       struct logger_entry entry_v1;
286     };
287   } * content;
288   struct names {
289     struct listnode node;
290     struct listnode content;
291     log_id_t id;
292     char prio;
293     char name[];
294   } * names;
295   struct listnode name_list;
296   struct listnode *node, *n;
297   size_t len, prefix_len;
298 
299   if (!fn) {
300     return -EINVAL;
301   }
302 
303   /* Add just enough clues in logger_list and transp to make API function */
304   memset(&logger_list, 0, sizeof(logger_list));
305   memset(&transp, 0, sizeof(transp));
306 
307   logger_list.mode =
308       ANDROID_LOG_PSTORE | ANDROID_LOG_NONBLOCK | ANDROID_LOG_RDONLY;
309   transp.logMask = (unsigned)-1;
310   if (logId != LOG_ID_ANY) {
311     transp.logMask = (1 << logId);
312   }
313   transp.logMask &=
314       ~((1 << LOG_ID_KERNEL) | (1 << LOG_ID_EVENTS) | (1 << LOG_ID_SECURITY));
315   if (!transp.logMask) {
316     return -EINVAL;
317   }
318 
319   /* Initialize name list */
320   list_init(&name_list);
321 
322   ret = SSIZE_MAX;
323 
324   /* Validate incoming prefix, shift until it contains only 0 or 1 : or / */
325   prefix_len = 0;
326   if (prefix) {
327     const char *prev = NULL, *last = NULL, *cp = prefix;
328     while ((cp = strpbrk(cp, "/:"))) {
329       prev = last;
330       last = cp;
331       cp = cp + 1;
332     }
333     if (prev) {
334       prefix = prev + 1;
335     }
336     prefix_len = strlen(prefix);
337   }
338 
339   /* Read the file content */
340   while (pmsgRead(&logger_list, &transp, &transp.logMsg) > 0) {
341     char* cp;
342     size_t hdr_size = transp.logMsg.entry.hdr_size
343                           ? transp.logMsg.entry.hdr_size
344                           : sizeof(transp.logMsg.entry_v1);
345     char* msg = (char*)&transp.logMsg + hdr_size;
346     char* split = NULL;
347 
348     if ((hdr_size < sizeof(transp.logMsg.entry_v1)) ||
349         (hdr_size > sizeof(transp.logMsg.entry))) {
350       continue;
351     }
352     /* Check for invalid sequence number */
353     if ((transp.logMsg.entry.nsec % ANDROID_LOG_PMSG_FILE_SEQUENCE) ||
354         ((transp.logMsg.entry.nsec / ANDROID_LOG_PMSG_FILE_SEQUENCE) >=
355          ANDROID_LOG_PMSG_FILE_MAX_SEQUENCE)) {
356       continue;
357     }
358 
359     /* Determine if it has <dirbase>:<filebase> format for tag */
360     len = transp.logMsg.entry.len - sizeof(prio);
361     for (cp = msg + sizeof(prio); *cp && isprint(*cp) && !isspace(*cp) && --len;
362          ++cp) {
363       if (*cp == ':') {
364         if (split) {
365           break;
366         }
367         split = cp;
368       }
369     }
370     if (*cp || !split) {
371       continue;
372     }
373 
374     /* Filters */
375     if (prefix_len && strncmp(msg + sizeof(prio), prefix, prefix_len)) {
376       size_t offset;
377       /*
378        *   Allow : to be a synonym for /
379        * Things we do dealing with const char * and do not alloc
380        */
381       split = strchr(prefix, ':');
382       if (split) {
383         continue;
384       }
385       split = strchr(prefix, '/');
386       if (!split) {
387         continue;
388       }
389       offset = split - prefix;
390       if ((msg[offset + sizeof(prio)] != ':') ||
391           strncmp(msg + sizeof(prio), prefix, offset)) {
392         continue;
393       }
394       ++offset;
395       if ((prefix_len > offset) && strncmp(&msg[offset + sizeof(prio)],
396                                            split + 1, prefix_len - offset)) {
397         continue;
398       }
399     }
400 
401     if ((prio != ANDROID_LOG_ANY) && (*msg < prio)) {
402       continue;
403     }
404 
405     /* check if there is an existing entry */
406     list_for_each(node, &name_list) {
407       names = node_to_item(node, struct names, node);
408       if (!strcmp(names->name, msg + sizeof(prio)) &&
409           (names->id == transp.logMsg.entry.lid) && (names->prio == *msg)) {
410         break;
411       }
412     }
413 
414     /* We do not have an existing entry, create and add one */
415     if (node == &name_list) {
416       static const char numbers[] = "0123456789";
417       unsigned long long nl;
418 
419       len = strlen(msg + sizeof(prio)) + 1;
420       names = calloc(1, sizeof(*names) + len);
421       if (!names) {
422         ret = -ENOMEM;
423         break;
424       }
425       strcpy(names->name, msg + sizeof(prio));
426       names->id = transp.logMsg.entry.lid;
427       names->prio = *msg;
428       list_init(&names->content);
429       /*
430        * Insert in reverse numeric _then_ alpha sorted order as
431        * representative of log rotation:
432        *
433        *   log.10
434        *   klog.10
435        *   . . .
436        *   log.2
437        *   klog.2
438        *   log.1
439        *   klog.1
440        *   log
441        *   klog
442        *
443        * thus when we present the content, we are provided the oldest
444        * first, which when 'refreshed' could spill off the end of the
445        * pmsg FIFO but retaining the newest data for last with best
446        * chances to survive.
447        */
448       nl = 0;
449       cp = strpbrk(names->name, numbers);
450       if (cp) {
451         nl = strtoull(cp, NULL, 10);
452       }
453       list_for_each_reverse(node, &name_list) {
454         struct names* a_name = node_to_item(node, struct names, node);
455         const char* r = a_name->name;
456         int compare = 0;
457 
458         unsigned long long nr = 0;
459         cp = strpbrk(r, numbers);
460         if (cp) {
461           nr = strtoull(cp, NULL, 10);
462         }
463         if (nr != nl) {
464           compare = (nl > nr) ? 1 : -1;
465         }
466         if (compare == 0) {
467           compare = strcmp(names->name, r);
468         }
469         if (compare <= 0) {
470           break;
471         }
472       }
473       list_add_head(node, &names->node);
474     }
475 
476     /* Remove any file fragments that match our sequence number */
477     list_for_each_safe(node, n, &names->content) {
478       content = node_to_item(node, struct content, node);
479       if (transp.logMsg.entry.nsec == content->entry.nsec) {
480         list_remove(&content->node);
481         free(content);
482       }
483     }
484 
485     /* Add content */
486     content =
487         calloc(1, sizeof(content->node) + hdr_size + transp.logMsg.entry.len);
488     if (!content) {
489       ret = -ENOMEM;
490       break;
491     }
492     memcpy(&content->entry, &transp.logMsg.entry,
493            hdr_size + transp.logMsg.entry.len);
494 
495     /* Insert in sequence number sorted order, to ease reconstruction */
496     list_for_each_reverse(node, &names->content) {
497       if ((node_to_item(node, struct content, node))->entry.nsec <
498           transp.logMsg.entry.nsec) {
499         break;
500       }
501     }
502     list_add_head(node, &content->node);
503   }
504   pmsgClose(&logger_list, &transp);
505 
506   /* Progress through all the collected files */
507   list_for_each_safe(node, n, &name_list) {
508     struct listnode *content_node, *m;
509     char* buf;
510     size_t sequence, tag_len;
511 
512     names = node_to_item(node, struct names, node);
513 
514     /* Construct content into a linear buffer */
515     buf = NULL;
516     len = 0;
517     sequence = 0;
518     tag_len = strlen(names->name) + sizeof(char); /* tag + nul */
519     list_for_each_safe(content_node, m, &names->content) {
520       ssize_t add_len;
521 
522       content = node_to_item(content_node, struct content, node);
523       add_len = content->entry.len - tag_len - sizeof(prio);
524       if (add_len <= 0) {
525         list_remove(content_node);
526         free(content);
527         continue;
528       }
529 
530       if (!buf) {
531         buf = malloc(sizeof(char));
532         if (!buf) {
533           ret = -ENOMEM;
534           list_remove(content_node);
535           free(content);
536           continue;
537         }
538         *buf = '\0';
539       }
540 
541       /* Missing sequence numbers */
542       while (sequence < content->entry.nsec) {
543         /* plus space for enforced nul */
544         buf = realloc(buf, len + sizeof(char) + sizeof(char));
545         if (!buf) {
546           break;
547         }
548         buf[len] = '\f'; /* Mark missing content with a form feed */
549         buf[++len] = '\0';
550         sequence += ANDROID_LOG_PMSG_FILE_SEQUENCE;
551       }
552       if (!buf) {
553         ret = -ENOMEM;
554         list_remove(content_node);
555         free(content);
556         continue;
557       }
558       /* plus space for enforced nul */
559       buf = realloc(buf, len + add_len + sizeof(char));
560       if (!buf) {
561         ret = -ENOMEM;
562         list_remove(content_node);
563         free(content);
564         continue;
565       }
566       memcpy(buf + len,
567              (char*)&content->entry + content->entry.hdr_size + tag_len +
568                  sizeof(prio),
569              add_len);
570       len += add_len;
571       buf[len] = '\0'; /* enforce trailing hidden nul */
572       sequence = content->entry.nsec + ANDROID_LOG_PMSG_FILE_SEQUENCE;
573 
574       list_remove(content_node);
575       free(content);
576     }
577     if (buf) {
578       if (len) {
579         /* Buffer contains enforced trailing nul just beyond length */
580         ssize_t r;
581         *strchr(names->name, ':') = '/'; /* Convert back to filename */
582         r = (*fn)(names->id, names->prio, names->name, buf, len, arg);
583         if ((ret >= 0) && (r > 0)) {
584           if (ret == SSIZE_MAX) {
585             ret = r;
586           } else {
587             ret += r;
588           }
589         } else if (r < ret) {
590           ret = r;
591         }
592       }
593       free(buf);
594     }
595     list_remove(node);
596     free(names);
597   }
598   return (ret == SSIZE_MAX) ? -ENOENT : ret;
599 }
600