1 #include <errno.h>
2 #include <sys/capability.h>
3 #include <sys/prctl.h>
4 #include <sys/stat.h>
5
6 #include <cutils/properties.h>
7 #include <cutils/sched_policy.h>
8 #include <log/log.h>
9 #include <sys/resource.h>
10 #include <utils/threads.h>
11
12 #include <pdx/service_dispatcher.h>
13 #include <private/android_filesystem_config.h>
14
15 #include "performance_service.h"
16
17 namespace {
18
19 // Annoying that sys/capability.h doesn't define this directly.
20 constexpr int kMaxCapNumber = (CAP_TO_INDEX(CAP_LAST_CAP) + 1);
21
22 } // anonymous namespace
23
main(int,char **)24 int main(int /*argc*/, char** /*argv*/) {
25 int ret = -1;
26
27 struct __user_cap_header_struct capheader;
28 struct __user_cap_data_struct capdata[kMaxCapNumber];
29
30 std::shared_ptr<android::pdx::Service> service;
31 std::unique_ptr<android::pdx::ServiceDispatcher> dispatcher;
32
33 ALOGI("Starting up...");
34
35 // We need to be able to create endpoints with full perms.
36 umask(0000);
37
38 // Keep capabilities when switching UID to AID_SYSTEM.
39 ret = prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
40 CHECK_ERROR(ret < 0, error, "Failed to set KEEPCAPS: %s", strerror(errno));
41
42 // Set UID and GID to system.
43 ret = setresgid(AID_SYSTEM, AID_SYSTEM, AID_SYSTEM);
44 CHECK_ERROR(ret < 0, error, "Failed to set GID: %s", strerror(errno));
45 ret = setresuid(AID_SYSTEM, AID_SYSTEM, AID_SYSTEM);
46 CHECK_ERROR(ret < 0, error, "Failed to set UID: %s", strerror(errno));
47
48 // Keep CAP_SYS_NICE, allowing control of scheduler class, priority, and
49 // cpuset for other tasks in the system.
50 memset(&capheader, 0, sizeof(capheader));
51 memset(&capdata, 0, sizeof(capdata));
52 capheader.version = _LINUX_CAPABILITY_VERSION_3;
53 capdata[CAP_TO_INDEX(CAP_SYS_NICE)].effective |= CAP_TO_MASK(CAP_SYS_NICE);
54 capdata[CAP_TO_INDEX(CAP_SYS_NICE)].permitted |= CAP_TO_MASK(CAP_SYS_NICE);
55
56 // Drop all caps but the ones configured above.
57 ret = capset(&capheader, capdata);
58 CHECK_ERROR(ret < 0, error, "Could not set capabilities: %s",
59 strerror(errno));
60
61 dispatcher = android::pdx::ServiceDispatcher::Create();
62 CHECK_ERROR(!dispatcher, error, "Failed to create service dispatcher.");
63
64 service = android::dvr::PerformanceService::Create();
65 CHECK_ERROR(!service, error, "Failed to create performance service service.");
66 dispatcher->AddService(service);
67
68 ALOGI("Entering message loop.");
69
70 ret = dispatcher->EnterDispatchLoop();
71 CHECK_ERROR(ret < 0, error, "Dispatch loop exited because: %s\n",
72 strerror(-ret));
73
74 error:
75 return ret;
76 }
77