2009-06-10 23:11:53 +02:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2009 The Android Open Source Project
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2016-10-11 00:48:37 +02:00
|
|
|
#include "updater/install.h"
|
|
|
|
|
2009-06-24 18:36:20 +02:00
|
|
|
#include <ctype.h>
|
2009-06-10 23:11:53 +02:00
|
|
|
#include <errno.h>
|
2016-02-08 20:15:50 +01:00
|
|
|
#include <fcntl.h>
|
|
|
|
#include <ftw.h>
|
|
|
|
#include <inttypes.h>
|
2009-06-10 23:11:53 +02:00
|
|
|
#include <stdarg.h>
|
2009-06-24 18:36:20 +02:00
|
|
|
#include <stdio.h>
|
2009-06-10 23:11:53 +02:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
2016-02-08 20:15:50 +01:00
|
|
|
#include <sys/capability.h>
|
2009-06-10 23:11:53 +02:00
|
|
|
#include <sys/mount.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <sys/types.h>
|
2009-09-10 23:10:48 +02:00
|
|
|
#include <sys/wait.h>
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
#include <sys/xattr.h>
|
2016-02-08 20:15:50 +01:00
|
|
|
#include <time.h>
|
|
|
|
#include <unistd.h>
|
2016-09-09 05:10:11 +02:00
|
|
|
#include <utime.h>
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2016-02-04 03:16:02 +01:00
|
|
|
#include <memory>
|
2016-02-08 20:15:50 +01:00
|
|
|
#include <string>
|
2016-02-04 03:16:02 +01:00
|
|
|
#include <vector>
|
|
|
|
|
2015-12-05 00:30:20 +01:00
|
|
|
#include <android-base/parseint.h>
|
2016-09-24 00:30:55 +02:00
|
|
|
#include <android-base/properties.h>
|
2015-12-05 00:30:20 +01:00
|
|
|
#include <android-base/strings.h>
|
|
|
|
#include <android-base/stringprintf.h>
|
2016-10-11 00:48:37 +02:00
|
|
|
#include <cutils/android_reboot.h>
|
2016-10-06 08:17:01 +02:00
|
|
|
#include <ext4_utils/make_ext4fs.h>
|
|
|
|
#include <ext4_utils/wipe.h>
|
2016-02-08 20:15:50 +01:00
|
|
|
#include <openssl/sha.h>
|
2016-04-02 03:24:39 +02:00
|
|
|
#include <selinux/label.h>
|
|
|
|
#include <selinux/selinux.h>
|
2016-09-09 05:10:11 +02:00
|
|
|
#include <ziparchive/zip_archive.h>
|
2015-09-10 02:16:55 +02:00
|
|
|
|
2013-11-25 22:53:25 +01:00
|
|
|
#include "applypatch/applypatch.h"
|
2016-10-11 00:48:37 +02:00
|
|
|
#include "bootloader.h"
|
2009-06-10 23:11:53 +02:00
|
|
|
#include "edify/expr.h"
|
2016-04-30 20:49:59 +02:00
|
|
|
#include "error_code.h"
|
2016-06-10 02:41:22 +02:00
|
|
|
#include "mounts.h"
|
2015-12-16 01:04:53 +01:00
|
|
|
#include "ota_io.h"
|
2016-09-09 05:10:11 +02:00
|
|
|
#include "otautil/DirUtil.h"
|
|
|
|
#include "otautil/ZipUtil.h"
|
2016-02-08 20:15:50 +01:00
|
|
|
#include "print_sha1.h"
|
2014-11-21 09:12:28 +01:00
|
|
|
#include "tune2fs.h"
|
2016-10-11 00:48:37 +02:00
|
|
|
#include "updater/updater.h"
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2015-09-10 02:16:55 +02:00
|
|
|
// Send over the buffer to recovery though the command pipe.
|
|
|
|
static void uiPrint(State* state, const std::string& buffer) {
|
|
|
|
UpdaterInfo* ui = reinterpret_cast<UpdaterInfo*>(state->cookie);
|
|
|
|
|
|
|
|
// "line1\nline2\n" will be split into 3 tokens: "line1", "line2" and "".
|
|
|
|
// So skip sending empty strings to UI.
|
|
|
|
std::vector<std::string> lines = android::base::Split(buffer, "\n");
|
|
|
|
for (auto& line: lines) {
|
|
|
|
if (!line.empty()) {
|
|
|
|
fprintf(ui->cmd_pipe, "ui_print %s\n", line.c_str());
|
|
|
|
fprintf(ui->cmd_pipe, "ui_print\n");
|
|
|
|
}
|
2014-10-23 04:48:41 +02:00
|
|
|
}
|
2015-05-20 02:02:16 +02:00
|
|
|
|
2015-09-10 02:16:55 +02:00
|
|
|
// On the updater side, we need to dump the contents to stderr (which has
|
|
|
|
// been redirected to the log file). Because the recovery will only print
|
|
|
|
// the contents to screen when processing pipe command ui_print.
|
|
|
|
fprintf(stderr, "%s", buffer.c_str());
|
2014-10-23 04:48:41 +02:00
|
|
|
}
|
|
|
|
|
2016-06-30 18:28:42 +02:00
|
|
|
void uiPrintf(State* _Nonnull state, const char* _Nonnull format, ...) {
|
2015-09-10 02:16:55 +02:00
|
|
|
std::string error_msg;
|
|
|
|
|
2014-10-23 04:48:41 +02:00
|
|
|
va_list ap;
|
|
|
|
va_start(ap, format);
|
2015-09-10 02:16:55 +02:00
|
|
|
android::base::StringAppendV(&error_msg, format, ap);
|
2014-10-23 04:48:41 +02:00
|
|
|
va_end(ap);
|
2015-09-10 02:16:55 +02:00
|
|
|
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrint(state, error_msg);
|
|
|
|
}
|
|
|
|
|
2016-10-11 00:48:37 +02:00
|
|
|
// Create all parent directories of name, if necessary.
|
|
|
|
static int make_parents(char* name) {
|
|
|
|
char* p;
|
|
|
|
for (p = name + (strlen(name)-1); p > name; --p) {
|
|
|
|
if (*p != '/') continue;
|
|
|
|
*p = '\0';
|
|
|
|
if (make_parents(name) < 0) return -1;
|
|
|
|
int result = mkdir(name, 0700);
|
|
|
|
if (result == 0) printf("created [%s]\n", name);
|
|
|
|
*p = '/';
|
|
|
|
if (result == 0 || errno == EEXIST) {
|
|
|
|
// successfully created or already existed; we're done
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
printf("failed to mkdir %s: %s\n", name, strerror(errno));
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2010-07-01 18:18:44 +02:00
|
|
|
// mount(fs_type, partition_type, location, mount_point)
|
2009-06-10 23:11:53 +02:00
|
|
|
//
|
2010-07-01 18:18:44 +02:00
|
|
|
// fs_type="ext4" partition_type="EMMC" location=device
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
char* result = nullptr;
|
2014-10-23 02:05:08 +02:00
|
|
|
if (argc != 4 && argc != 5) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 4-5 args, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
2010-07-01 18:18:44 +02:00
|
|
|
char* fs_type;
|
|
|
|
char* partition_type;
|
2009-06-10 23:11:53 +02:00
|
|
|
char* location;
|
|
|
|
char* mount_point;
|
2014-10-23 02:05:08 +02:00
|
|
|
char* mount_options;
|
|
|
|
bool has_mount_options;
|
|
|
|
if (argc == 5) {
|
|
|
|
has_mount_options = true;
|
|
|
|
if (ReadArgs(state, argv, 5, &fs_type, &partition_type,
|
|
|
|
&location, &mount_point, &mount_options) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
has_mount_options = false;
|
|
|
|
if (ReadArgs(state, argv, 4, &fs_type, &partition_type,
|
2010-07-01 18:18:44 +02:00
|
|
|
&location, &mount_point) < 0) {
|
2014-10-23 02:05:08 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2010-07-01 18:18:44 +02:00
|
|
|
if (strlen(fs_type) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "fs_type argument to %s() can't be empty", name);
|
2010-07-01 18:18:44 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(partition_type) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "partition_type argument to %s() can't be empty",
|
2010-07-01 18:18:44 +02:00
|
|
|
name);
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(location) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "location argument to %s() can't be empty", name);
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(mount_point) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "mount_point argument to %s() can't be empty",
|
|
|
|
name);
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
{
|
|
|
|
char *secontext = NULL;
|
2012-02-09 20:13:23 +01:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
if (sehandle) {
|
|
|
|
selabel_lookup(sehandle, &secontext, mount_point, 0755);
|
|
|
|
setfscreatecon(secontext);
|
|
|
|
}
|
2012-02-09 20:13:23 +01:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
mkdir(mount_point, 0755);
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
if (secontext) {
|
|
|
|
freecon(secontext);
|
|
|
|
setfscreatecon(NULL);
|
|
|
|
}
|
2012-02-09 20:13:23 +01:00
|
|
|
}
|
|
|
|
|
2016-06-10 02:41:22 +02:00
|
|
|
if (mount(location, mount_point, fs_type,
|
|
|
|
MS_NOATIME | MS_NODEV | MS_NODIRATIME,
|
|
|
|
has_mount_options ? mount_options : "") < 0) {
|
|
|
|
uiPrintf(state, "%s: failed to mount %s at %s: %s\n",
|
|
|
|
name, location, mount_point, strerror(errno));
|
|
|
|
result = strdup("");
|
2009-06-10 23:11:53 +02:00
|
|
|
} else {
|
2016-06-10 02:41:22 +02:00
|
|
|
result = mount_point;
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2010-07-01 18:18:44 +02:00
|
|
|
free(fs_type);
|
|
|
|
free(partition_type);
|
2009-06-10 23:11:53 +02:00
|
|
|
free(location);
|
|
|
|
if (result != mount_point) free(mount_point);
|
2014-10-23 02:05:08 +02:00
|
|
|
if (has_mount_options) free(mount_options);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(result);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
|
|
|
|
// is_mounted(mount_point)
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* IsMountedFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
char* result = nullptr;
|
2009-06-12 02:21:44 +02:00
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
char* mount_point;
|
2009-06-12 21:24:39 +02:00
|
|
|
if (ReadArgs(state, argv, 1, &mount_point) < 0) {
|
2009-06-12 02:21:44 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (strlen(mount_point) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "mount_point argument to unmount() can't be empty");
|
2009-06-12 02:21:44 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
scan_mounted_volumes();
|
2015-06-24 08:23:33 +02:00
|
|
|
{
|
2016-06-10 02:41:22 +02:00
|
|
|
MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point);
|
2015-06-24 08:23:33 +02:00
|
|
|
if (vol == NULL) {
|
|
|
|
result = strdup("");
|
|
|
|
} else {
|
|
|
|
result = mount_point;
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
if (result != mount_point) free(mount_point);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(result);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* UnmountFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
char* result = nullptr;
|
2009-06-10 23:11:53 +02:00
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
char* mount_point;
|
2009-06-12 21:24:39 +02:00
|
|
|
if (ReadArgs(state, argv, 1, &mount_point) < 0) {
|
2009-06-10 23:11:53 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (strlen(mount_point) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "mount_point argument to unmount() can't be empty");
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
scan_mounted_volumes();
|
2015-06-24 08:23:33 +02:00
|
|
|
{
|
2016-06-10 02:41:22 +02:00
|
|
|
MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point);
|
2015-06-24 08:23:33 +02:00
|
|
|
if (vol == NULL) {
|
|
|
|
uiPrintf(state, "unmount of %s failed; no such volume\n", mount_point);
|
|
|
|
result = strdup("");
|
|
|
|
} else {
|
|
|
|
int ret = unmount_mounted_volume(vol);
|
|
|
|
if (ret != 0) {
|
|
|
|
uiPrintf(state, "unmount of %s failed (%d): %s\n",
|
|
|
|
mount_point, ret, strerror(errno));
|
|
|
|
}
|
|
|
|
result = mount_point;
|
2014-10-24 23:14:41 +02:00
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
if (result != mount_point) free(mount_point);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(result);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2014-06-17 04:07:39 +02:00
|
|
|
static int exec_cmd(const char* path, char* const argv[]) {
|
|
|
|
int status;
|
|
|
|
pid_t child;
|
|
|
|
if ((child = vfork()) == 0) {
|
|
|
|
execv(path, argv);
|
|
|
|
_exit(-1);
|
|
|
|
}
|
|
|
|
waitpid(child, &status, 0);
|
|
|
|
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
|
|
|
|
printf("%s failed with status %d\n", path, WEXITSTATUS(status));
|
|
|
|
}
|
|
|
|
return WEXITSTATUS(status);
|
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2012-02-09 20:13:23 +01:00
|
|
|
// format(fs_type, partition_type, location, fs_size, mount_point)
|
2009-06-10 23:11:53 +02:00
|
|
|
//
|
2012-02-09 20:13:23 +01:00
|
|
|
// fs_type="ext4" partition_type="EMMC" location=device fs_size=<bytes> mount_point=<location>
|
2014-06-17 04:07:39 +02:00
|
|
|
// fs_type="f2fs" partition_type="EMMC" location=device fs_size=<bytes> mount_point=<location>
|
|
|
|
// if fs_size == 0, then make fs uses the entire partition.
|
2011-01-15 03:55:05 +01:00
|
|
|
// if fs_size > 0, that is the size to use
|
2014-06-17 04:07:39 +02:00
|
|
|
// if fs_size < 0, then reserve that many bytes at the end of the partition (not for "f2fs")
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* FormatFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
char* result = nullptr;
|
2012-04-03 19:35:11 +02:00
|
|
|
if (argc != 5) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 5 args, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
2010-07-01 18:18:44 +02:00
|
|
|
char* fs_type;
|
|
|
|
char* partition_type;
|
2009-06-10 23:11:53 +02:00
|
|
|
char* location;
|
2011-01-15 03:55:05 +01:00
|
|
|
char* fs_size;
|
2012-04-03 19:35:11 +02:00
|
|
|
char* mount_point;
|
2012-02-09 20:13:23 +01:00
|
|
|
|
|
|
|
if (ReadArgs(state, argv, 5, &fs_type, &partition_type, &location, &fs_size, &mount_point) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2010-07-01 18:18:44 +02:00
|
|
|
if (strlen(fs_type) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "fs_type argument to %s() can't be empty", name);
|
2010-07-01 18:18:44 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(partition_type) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "partition_type argument to %s() can't be empty",
|
2010-07-01 18:18:44 +02:00
|
|
|
name);
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(location) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "location argument to %s() can't be empty", name);
|
2009-06-10 23:11:53 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2012-04-03 19:35:11 +02:00
|
|
|
if (strlen(mount_point) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "mount_point argument to %s() can't be empty",
|
|
|
|
name);
|
2012-02-09 20:13:23 +01:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2016-06-10 02:41:22 +02:00
|
|
|
if (strcmp(fs_type, "ext4") == 0) {
|
2012-02-09 20:13:23 +01:00
|
|
|
int status = make_ext4fs(location, atoll(fs_size), mount_point, sehandle);
|
2010-07-01 18:18:44 +02:00
|
|
|
if (status != 0) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: make_ext4fs failed (%d) on %s",
|
2010-07-01 18:18:44 +02:00
|
|
|
name, status, location);
|
|
|
|
result = strdup("");
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
result = location;
|
2014-06-17 04:07:39 +02:00
|
|
|
} else if (strcmp(fs_type, "f2fs") == 0) {
|
|
|
|
char *num_sectors;
|
|
|
|
if (asprintf(&num_sectors, "%lld", atoll(fs_size) / 512) <= 0) {
|
|
|
|
printf("format_volume: failed to create %s command for %s\n", fs_type, location);
|
|
|
|
result = strdup("");
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
const char *f2fs_path = "/sbin/mkfs.f2fs";
|
|
|
|
const char* const f2fs_argv[] = {"mkfs.f2fs", "-t", "-d1", location, num_sectors, NULL};
|
|
|
|
int status = exec_cmd(f2fs_path, (char* const*)f2fs_argv);
|
|
|
|
free(num_sectors);
|
|
|
|
if (status != 0) {
|
|
|
|
printf("%s: mkfs.f2fs failed (%d) on %s",
|
|
|
|
name, status, location);
|
|
|
|
result = strdup("");
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
result = location;
|
2009-06-10 23:11:53 +02:00
|
|
|
} else {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: unsupported fs_type \"%s\" partition_type \"%s\"",
|
2010-07-01 18:18:44 +02:00
|
|
|
name, fs_type, partition_type);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2010-07-01 18:18:44 +02:00
|
|
|
free(fs_type);
|
|
|
|
free(partition_type);
|
2009-06-10 23:11:53 +02:00
|
|
|
if (result != location) free(location);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(result);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2013-11-07 02:42:20 +01:00
|
|
|
Value* RenameFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
char* result = nullptr;
|
2013-11-07 02:42:20 +01:00
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2013-11-07 02:42:20 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* src_name;
|
|
|
|
char* dst_name;
|
|
|
|
|
|
|
|
if (ReadArgs(state, argv, 2, &src_name, &dst_name) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (strlen(src_name) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "src_name argument to %s() can't be empty", name);
|
2013-11-07 02:42:20 +01:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
if (strlen(dst_name) == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "dst_name argument to %s() can't be empty", name);
|
2013-11-07 02:42:20 +01:00
|
|
|
goto done;
|
|
|
|
}
|
2014-07-22 02:40:02 +02:00
|
|
|
if (make_parents(dst_name) != 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kFileRenameFailure, "Creating parent of %s failed, error %s",
|
2014-07-22 02:40:02 +02:00
|
|
|
dst_name, strerror(errno));
|
2014-10-22 23:28:23 +02:00
|
|
|
} else if (access(dst_name, F_OK) == 0 && access(src_name, F_OK) != 0) {
|
|
|
|
// File was already moved
|
|
|
|
result = dst_name;
|
2014-07-22 02:40:02 +02:00
|
|
|
} else if (rename(src_name, dst_name) != 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kFileRenameFailure, "Rename of %s to %s failed, error %s",
|
2013-11-07 02:42:20 +01:00
|
|
|
src_name, dst_name, strerror(errno));
|
|
|
|
} else {
|
|
|
|
result = dst_name;
|
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
|
|
|
free(src_name);
|
|
|
|
if (result != dst_name) free(dst_name);
|
|
|
|
return StringValue(result);
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* DeleteFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2016-10-12 19:55:04 +02:00
|
|
|
std::vector<std::string> paths;
|
2015-06-24 08:23:33 +02:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
2016-10-12 19:55:04 +02:00
|
|
|
if (!Evaluate(state, argv[i], &paths[i])) {
|
|
|
|
return nullptr;
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool recursive = (strcmp(name, "delete_recursive") == 0);
|
|
|
|
|
|
|
|
int success = 0;
|
2015-06-24 08:23:33 +02:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
2016-10-12 19:55:04 +02:00
|
|
|
if ((recursive ? dirUnlinkHierarchy(paths[i].c_str()) : unlink(paths[i].c_str())) == 0) {
|
2009-06-10 23:11:53 +02:00
|
|
|
++success;
|
2016-10-12 19:55:04 +02:00
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(android::base::StringPrintf("%d", success));
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-10 23:11:53 +02:00
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
char* frac_str;
|
|
|
|
char* sec_str;
|
2009-06-12 21:24:39 +02:00
|
|
|
if (ReadArgs(state, argv, 2, &frac_str, &sec_str) < 0) {
|
2009-06-10 23:11:53 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
double frac = strtod(frac_str, NULL);
|
2015-09-24 20:10:51 +02:00
|
|
|
int sec;
|
|
|
|
android::base::ParseInt(sec_str, &sec);
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2009-06-12 21:24:39 +02:00
|
|
|
UpdaterInfo* ui = (UpdaterInfo*)(state->cookie);
|
2009-06-10 23:11:53 +02:00
|
|
|
fprintf(ui->cmd_pipe, "progress %f %d\n", frac, sec);
|
|
|
|
|
|
|
|
free(sec_str);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(frac_str);
|
2009-06-24 18:36:20 +02:00
|
|
|
}
|
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* SetProgressFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-24 18:36:20 +02:00
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2009-06-24 18:36:20 +02:00
|
|
|
}
|
|
|
|
char* frac_str;
|
|
|
|
if (ReadArgs(state, argv, 1, &frac_str) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
double frac = strtod(frac_str, NULL);
|
|
|
|
|
|
|
|
UpdaterInfo* ui = (UpdaterInfo*)(state->cookie);
|
|
|
|
fprintf(ui->cmd_pipe, "set_progress %f\n", frac);
|
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(frac_str);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
// package_extract_dir(package_path, destination_path)
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* PackageExtractDirFn(const char* name, State* state,
|
2009-06-12 02:21:44 +02:00
|
|
|
int argc, Expr* argv[]) {
|
2009-06-10 23:11:53 +02:00
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
char* zip_path;
|
|
|
|
char* dest_path;
|
2009-06-12 21:24:39 +02:00
|
|
|
if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL;
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
ZipArchiveHandle za = ((UpdaterInfo*)(state->cookie))->package_zip;
|
2009-06-10 23:11:53 +02:00
|
|
|
|
|
|
|
// To create a consistent system image, never use the clock for timestamps.
|
|
|
|
struct utimbuf timestamp = { 1217592000, 1217592000 }; // 8/1/2008 default
|
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
bool success = ExtractPackageRecursive(za, zip_path, dest_path, ×tamp, sehandle);
|
|
|
|
|
2009-06-10 23:11:53 +02:00
|
|
|
free(zip_path);
|
|
|
|
free(dest_path);
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(success ? "t" : "");
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
|
|
|
|
// package_extract_file(package_path, destination_path)
|
2010-02-01 23:40:12 +01:00
|
|
|
// or
|
|
|
|
// package_extract_file(package_path)
|
|
|
|
// to return the entire contents of the file as the result of this
|
2010-02-18 01:11:44 +01:00
|
|
|
// function (the char* returned is actually a FileContents*).
|
|
|
|
Value* PackageExtractFileFn(const char* name, State* state,
|
2009-06-12 02:21:44 +02:00
|
|
|
int argc, Expr* argv[]) {
|
2014-08-22 23:53:43 +02:00
|
|
|
if (argc < 1 || argc > 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 or 2 args, got %d",
|
2010-02-01 23:40:12 +01:00
|
|
|
name, argc);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
bool success = false;
|
2014-06-09 23:13:19 +02:00
|
|
|
|
2014-08-22 23:53:43 +02:00
|
|
|
if (argc == 2) {
|
|
|
|
// The two-argument version extracts to a file.
|
2014-02-25 01:02:50 +01:00
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
ZipArchiveHandle za = ((UpdaterInfo*)(state->cookie))->package_zip;
|
2010-02-01 23:40:12 +01:00
|
|
|
|
|
|
|
char* zip_path;
|
|
|
|
char* dest_path;
|
2014-08-22 23:53:43 +02:00
|
|
|
if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL;
|
2010-02-01 23:40:12 +01:00
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
ZipString zip_string_path(zip_path);
|
|
|
|
ZipEntry entry;
|
|
|
|
if (FindEntry(za, zip_string_path, &entry) != 0) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: no %s in package\n", name, zip_path);
|
2010-02-01 23:40:12 +01:00
|
|
|
goto done2;
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
{
|
2016-05-06 01:04:32 +02:00
|
|
|
int fd = TEMP_FAILURE_RETRY(ota_open(dest_path, O_WRONLY | O_CREAT | O_TRUNC,
|
2015-12-15 00:53:25 +01:00
|
|
|
S_IRUSR | S_IWUSR));
|
|
|
|
if (fd == -1) {
|
|
|
|
printf("%s: can't open %s for write: %s\n", name, dest_path, strerror(errno));
|
2015-06-24 08:23:33 +02:00
|
|
|
goto done2;
|
|
|
|
}
|
2016-09-09 05:10:11 +02:00
|
|
|
success = ExtractEntryToFile(za, &entry, fd);
|
2015-12-16 01:04:53 +01:00
|
|
|
if (ota_fsync(fd) == -1) {
|
2015-12-15 00:53:25 +01:00
|
|
|
printf("fsync of \"%s\" failed: %s\n", dest_path, strerror(errno));
|
|
|
|
success = false;
|
|
|
|
}
|
2015-12-16 01:04:53 +01:00
|
|
|
if (ota_close(fd) == -1) {
|
2015-12-15 00:53:25 +01:00
|
|
|
printf("close of \"%s\" failed: %s\n", dest_path, strerror(errno));
|
|
|
|
success = false;
|
|
|
|
}
|
2010-02-01 23:40:12 +01:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-01 23:40:12 +01:00
|
|
|
done2:
|
|
|
|
free(zip_path);
|
|
|
|
free(dest_path);
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(success ? "t" : "");
|
2010-02-01 23:40:12 +01:00
|
|
|
} else {
|
|
|
|
// The one-argument version returns the contents of the file
|
|
|
|
// as the result.
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-01 23:40:12 +01:00
|
|
|
char* zip_path;
|
2016-02-04 03:16:02 +01:00
|
|
|
if (ReadArgs(state, argv, 1, &zip_path) < 0) return NULL;
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
Value* v = new Value(VAL_INVALID, "");
|
2010-02-01 23:40:12 +01:00
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
ZipArchiveHandle za = ((UpdaterInfo*)(state->cookie))->package_zip;
|
|
|
|
ZipString zip_string_path(zip_path);
|
|
|
|
ZipEntry entry;
|
|
|
|
if (FindEntry(za, zip_string_path, &entry) != 0) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: no %s in package\n", name, zip_path);
|
2010-02-01 23:40:12 +01:00
|
|
|
goto done1;
|
|
|
|
}
|
|
|
|
|
2016-09-09 05:10:11 +02:00
|
|
|
v->data.resize(entry.uncompressed_length);
|
|
|
|
if (ExtractToMemory(za, &entry, reinterpret_cast<uint8_t*>(&v->data[0]),
|
|
|
|
v->data.size()) != 0) {
|
|
|
|
printf("%s: faled to extract %zu bytes to memory\n", name, v->data.size());
|
|
|
|
} else {
|
|
|
|
success = true;
|
|
|
|
}
|
2010-02-01 23:40:12 +01:00
|
|
|
|
|
|
|
done1:
|
|
|
|
free(zip_path);
|
|
|
|
if (!success) {
|
2016-10-12 19:55:04 +02:00
|
|
|
v->data.clear();
|
|
|
|
} else {
|
|
|
|
v->type = VAL_BLOB;
|
2010-02-01 23:40:12 +01:00
|
|
|
}
|
2010-02-18 01:11:44 +01:00
|
|
|
return v;
|
2010-02-01 23:40:12 +01:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
2009-06-10 23:11:53 +02:00
|
|
|
// symlink target src1 src2 ...
|
2009-09-19 00:11:24 +02:00
|
|
|
// unlinks any previously existing src1, src2, etc before creating symlinks.
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-10 23:11:53 +02:00
|
|
|
if (argc == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1+ args, got %d", name, argc);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
std::string target;
|
|
|
|
if (!Evaluate(state, argv[0], &target)) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
|
2009-06-12 21:24:39 +02:00
|
|
|
char** srcs = ReadVarArgs(state, argc-1, argv+1);
|
2009-06-10 23:11:53 +02:00
|
|
|
if (srcs == NULL) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2012-03-22 22:32:52 +01:00
|
|
|
int bad = 0;
|
2009-06-10 23:11:53 +02:00
|
|
|
int i;
|
|
|
|
for (i = 0; i < argc-1; ++i) {
|
2009-09-19 00:11:24 +02:00
|
|
|
if (unlink(srcs[i]) < 0) {
|
|
|
|
if (errno != ENOENT) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: failed to remove %s: %s\n",
|
2009-09-19 00:11:24 +02:00
|
|
|
name, srcs[i], strerror(errno));
|
2012-03-22 22:32:52 +01:00
|
|
|
++bad;
|
2009-09-19 00:11:24 +02:00
|
|
|
}
|
|
|
|
}
|
2012-08-07 01:19:09 +02:00
|
|
|
if (make_parents(srcs[i])) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: failed to symlink %s to %s: making parents failed\n",
|
2016-10-12 19:55:04 +02:00
|
|
|
name, srcs[i], target.c_str());
|
2012-08-07 01:19:09 +02:00
|
|
|
++bad;
|
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
if (symlink(target.c_str(), srcs[i]) < 0) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("%s: failed to symlink %s to %s: %s\n",
|
2016-10-12 19:55:04 +02:00
|
|
|
name, srcs[i], target.c_str(), strerror(errno));
|
2012-03-22 22:32:52 +01:00
|
|
|
++bad;
|
2009-09-19 00:11:24 +02:00
|
|
|
}
|
2009-06-10 23:11:53 +02:00
|
|
|
free(srcs[i]);
|
|
|
|
}
|
|
|
|
free(srcs);
|
2012-03-22 22:32:52 +01:00
|
|
|
if (bad) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kSymlinkFailure, "%s: some symlinks failed", name);
|
2012-03-22 22:32:52 +01:00
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("");
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|
|
|
|
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
struct perm_parsed_args {
|
|
|
|
bool has_uid;
|
|
|
|
uid_t uid;
|
|
|
|
bool has_gid;
|
|
|
|
gid_t gid;
|
|
|
|
bool has_mode;
|
|
|
|
mode_t mode;
|
|
|
|
bool has_fmode;
|
|
|
|
mode_t fmode;
|
|
|
|
bool has_dmode;
|
|
|
|
mode_t dmode;
|
|
|
|
bool has_selabel;
|
|
|
|
char* selabel;
|
|
|
|
bool has_capabilities;
|
|
|
|
uint64_t capabilities;
|
|
|
|
};
|
|
|
|
|
2014-10-23 04:48:41 +02:00
|
|
|
static struct perm_parsed_args ParsePermArgs(State * state, int argc, char** args) {
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
int i;
|
|
|
|
struct perm_parsed_args parsed;
|
|
|
|
int bad = 0;
|
|
|
|
static int max_warnings = 20;
|
|
|
|
|
|
|
|
memset(&parsed, 0, sizeof(parsed));
|
|
|
|
|
|
|
|
for (i = 1; i < argc; i += 2) {
|
|
|
|
if (strcmp("uid", args[i]) == 0) {
|
|
|
|
int64_t uid;
|
|
|
|
if (sscanf(args[i+1], "%" SCNd64, &uid) == 1) {
|
|
|
|
parsed.uid = uid;
|
|
|
|
parsed.has_uid = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid UID \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("gid", args[i]) == 0) {
|
|
|
|
int64_t gid;
|
|
|
|
if (sscanf(args[i+1], "%" SCNd64, &gid) == 1) {
|
|
|
|
parsed.gid = gid;
|
|
|
|
parsed.has_gid = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid GID \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("mode", args[i]) == 0) {
|
|
|
|
int32_t mode;
|
|
|
|
if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) {
|
|
|
|
parsed.mode = mode;
|
|
|
|
parsed.has_mode = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid mode \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("dmode", args[i]) == 0) {
|
|
|
|
int32_t mode;
|
|
|
|
if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) {
|
|
|
|
parsed.dmode = mode;
|
|
|
|
parsed.has_dmode = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid dmode \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("fmode", args[i]) == 0) {
|
|
|
|
int32_t mode;
|
|
|
|
if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) {
|
|
|
|
parsed.fmode = mode;
|
|
|
|
parsed.has_fmode = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid fmode \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("capabilities", args[i]) == 0) {
|
|
|
|
int64_t capabilities;
|
|
|
|
if (sscanf(args[i+1], "%" SCNi64, &capabilities) == 1) {
|
|
|
|
parsed.capabilities = capabilities;
|
|
|
|
parsed.has_capabilities = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid capabilities \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp("selabel", args[i]) == 0) {
|
|
|
|
if (args[i+1][0] != '\0') {
|
|
|
|
parsed.selabel = args[i+1];
|
|
|
|
parsed.has_selabel = true;
|
|
|
|
} else {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ParsePermArgs: invalid selabel \"%s\"\n", args[i + 1]);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (max_warnings != 0) {
|
|
|
|
printf("ParsedPermArgs: unknown key \"%s\", ignoring\n", args[i]);
|
|
|
|
max_warnings--;
|
|
|
|
if (max_warnings == 0) {
|
|
|
|
printf("ParsedPermArgs: suppressing further warnings\n");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return parsed;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int ApplyParsedPerms(
|
2014-10-23 04:48:41 +02:00
|
|
|
State * state,
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
const char* filename,
|
|
|
|
const struct stat *statptr,
|
|
|
|
struct perm_parsed_args parsed)
|
|
|
|
{
|
|
|
|
int bad = 0;
|
|
|
|
|
unconditionally apply SELinux labels to symlinks
At the end of the OTA script, we walk through /system, updating
all the permissions on the filesystem, including the UID, GID,
standard UNIX permissions, capabilities, and SELinux labels.
In the case of a symbolic link, however, we want to skip most of
those operations. The UID, GID, UNIX permissions, and capabilities
don't meaningfully apply to symbolic links.
However, that's not true with SELinux labels. The SELinux label on
a symbolic link is important. We need to make sure the label on the
symbolic link is always updated, even if none of the other attributes
are updated.
This change unconditionally updates the SELinux label on the symbolic
link itself. lsetfilecon() is used, so that the link itself is updated,
not what it's pointing to.
In addition, drop the ENOTSUP special case. SELinux has been a
requirement since Android 4.4. Running without filesystem extended
attributes is no longer supported, and we shouldn't even try to handle
non-SELinux updates anymore. (Note: this could be problematic if
these scripts are ever used to produce OTA images for 4.2 devices)
Bug: 18079773
Change-Id: I87f99a1c88fe02bb2914f1884cac23ce1b385f91
2014-10-24 05:36:42 +02:00
|
|
|
if (parsed.has_selabel) {
|
|
|
|
if (lsetfilecon(filename, parsed.selabel) != 0) {
|
|
|
|
uiPrintf(state, "ApplyParsedPerms: lsetfilecon of %s to %s failed: %s\n",
|
|
|
|
filename, parsed.selabel, strerror(errno));
|
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-09-11 00:34:19 +02:00
|
|
|
/* ignore symlinks */
|
|
|
|
if (S_ISLNK(statptr->st_mode)) {
|
unconditionally apply SELinux labels to symlinks
At the end of the OTA script, we walk through /system, updating
all the permissions on the filesystem, including the UID, GID,
standard UNIX permissions, capabilities, and SELinux labels.
In the case of a symbolic link, however, we want to skip most of
those operations. The UID, GID, UNIX permissions, and capabilities
don't meaningfully apply to symbolic links.
However, that's not true with SELinux labels. The SELinux label on
a symbolic link is important. We need to make sure the label on the
symbolic link is always updated, even if none of the other attributes
are updated.
This change unconditionally updates the SELinux label on the symbolic
link itself. lsetfilecon() is used, so that the link itself is updated,
not what it's pointing to.
In addition, drop the ENOTSUP special case. SELinux has been a
requirement since Android 4.4. Running without filesystem extended
attributes is no longer supported, and we shouldn't even try to handle
non-SELinux updates anymore. (Note: this could be problematic if
these scripts are ever used to produce OTA images for 4.2 devices)
Bug: 18079773
Change-Id: I87f99a1c88fe02bb2914f1884cac23ce1b385f91
2014-10-24 05:36:42 +02:00
|
|
|
return bad;
|
2013-09-11 00:34:19 +02:00
|
|
|
}
|
|
|
|
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
if (parsed.has_uid) {
|
|
|
|
if (chown(filename, parsed.uid, -1) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: chown of %s to %d failed: %s\n",
|
|
|
|
filename, parsed.uid, strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (parsed.has_gid) {
|
|
|
|
if (chown(filename, -1, parsed.gid) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: chgrp of %s to %d failed: %s\n",
|
|
|
|
filename, parsed.gid, strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (parsed.has_mode) {
|
|
|
|
if (chmod(filename, parsed.mode) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n",
|
|
|
|
filename, parsed.mode, strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (parsed.has_dmode && S_ISDIR(statptr->st_mode)) {
|
|
|
|
if (chmod(filename, parsed.dmode) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n",
|
|
|
|
filename, parsed.dmode, strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (parsed.has_fmode && S_ISREG(statptr->st_mode)) {
|
|
|
|
if (chmod(filename, parsed.fmode) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n",
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
filename, parsed.fmode, strerror(errno));
|
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (parsed.has_capabilities && S_ISREG(statptr->st_mode)) {
|
|
|
|
if (parsed.capabilities == 0) {
|
|
|
|
if ((removexattr(filename, XATTR_NAME_CAPS) == -1) && (errno != ENODATA)) {
|
|
|
|
// Report failure unless it's ENODATA (attribute not set)
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: removexattr of %s to %" PRIx64 " failed: %s\n",
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
filename, parsed.capabilities, strerror(errno));
|
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
struct vfs_cap_data cap_data;
|
|
|
|
memset(&cap_data, 0, sizeof(cap_data));
|
|
|
|
cap_data.magic_etc = VFS_CAP_REVISION | VFS_CAP_FLAGS_EFFECTIVE;
|
|
|
|
cap_data.data[0].permitted = (uint32_t) (parsed.capabilities & 0xffffffff);
|
|
|
|
cap_data.data[0].inheritable = 0;
|
|
|
|
cap_data.data[1].permitted = (uint32_t) (parsed.capabilities >> 32);
|
|
|
|
cap_data.data[1].inheritable = 0;
|
|
|
|
if (setxattr(filename, XATTR_NAME_CAPS, &cap_data, sizeof(cap_data), 0) < 0) {
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrintf(state, "ApplyParsedPerms: setcap of %s to %" PRIx64 " failed: %s\n",
|
|
|
|
filename, parsed.capabilities, strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
bad++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return bad;
|
|
|
|
}
|
|
|
|
|
|
|
|
// nftw doesn't allow us to pass along context, so we need to use
|
|
|
|
// global variables. *sigh*
|
|
|
|
static struct perm_parsed_args recursive_parsed_args;
|
2014-10-23 04:48:41 +02:00
|
|
|
static State* recursive_state;
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
|
|
|
|
static int do_SetMetadataRecursive(const char* filename, const struct stat *statptr,
|
|
|
|
int fileflags, struct FTW *pfwt) {
|
2014-10-23 04:48:41 +02:00
|
|
|
return ApplyParsedPerms(recursive_state, filename, statptr, recursive_parsed_args);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static Value* SetMetadataFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
int bad = 0;
|
|
|
|
struct stat sb;
|
|
|
|
Value* result = NULL;
|
|
|
|
|
|
|
|
bool recursive = (strcmp(name, "set_metadata_recursive") == 0);
|
|
|
|
|
|
|
|
if ((argc % 2) != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure,
|
|
|
|
"%s() expects an odd number of arguments, got %d", name, argc);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
char** args = ReadVarArgs(state, argc, argv);
|
|
|
|
if (args == NULL) return NULL;
|
|
|
|
|
|
|
|
if (lstat(args[0], &sb) == -1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
result = ErrorAbort(state, kSetMetadataFailure, "%s: Error on lstat of \"%s\": %s",
|
|
|
|
name, args[0], strerror(errno));
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
{
|
|
|
|
struct perm_parsed_args parsed = ParsePermArgs(state, argc, args);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
if (recursive) {
|
|
|
|
recursive_parsed_args = parsed;
|
|
|
|
recursive_state = state;
|
|
|
|
bad += nftw(args[0], do_SetMetadataRecursive, 30, FTW_CHDIR | FTW_DEPTH | FTW_PHYS);
|
|
|
|
memset(&recursive_parsed_args, 0, sizeof(recursive_parsed_args));
|
|
|
|
recursive_state = NULL;
|
|
|
|
} else {
|
|
|
|
bad += ApplyParsedPerms(state, args[0], &sb, parsed);
|
|
|
|
}
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2015-06-24 08:23:33 +02:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
free(args[i]);
|
|
|
|
}
|
|
|
|
free(args);
|
|
|
|
|
|
|
|
if (result != NULL) {
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (bad > 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kSetMetadataFailure, "%s: some changes failed", name);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("");
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* GetPropFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-12 02:21:44 +02:00
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
std::string key;
|
|
|
|
if (!Evaluate(state, argv[0], &key)) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2016-09-24 00:30:55 +02:00
|
|
|
std::string value = android::base::GetProperty(key, "");
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(value);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-06-18 19:11:50 +02:00
|
|
|
// file_getprop(file, key)
|
|
|
|
//
|
|
|
|
// interprets 'file' as a getprop-style file (key=value pairs, one
|
2014-04-26 03:47:18 +02:00
|
|
|
// per line. # comment lines,blank lines, lines without '=' ignored),
|
|
|
|
// and returns the value for 'key' (or "" if it isn't defined).
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-18 19:11:50 +02:00
|
|
|
char* result = NULL;
|
|
|
|
char* buffer = NULL;
|
|
|
|
char* filename;
|
|
|
|
char* key;
|
|
|
|
if (ReadArgs(state, argv, 2, &filename, &key) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
struct stat st;
|
|
|
|
if (stat(filename, &st) < 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kFileGetPropFailure, "%s: failed to stat \"%s\": %s", name, filename,
|
|
|
|
strerror(errno));
|
2009-06-18 19:11:50 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define MAX_FILE_GETPROP_SIZE 65536
|
|
|
|
|
|
|
|
if (st.st_size > MAX_FILE_GETPROP_SIZE) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kFileGetPropFailure, "%s too large for %s (max %d)", filename, name,
|
|
|
|
MAX_FILE_GETPROP_SIZE);
|
2009-06-18 19:11:50 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
buffer = reinterpret_cast<char*>(malloc(st.st_size+1));
|
2009-06-18 19:11:50 +02:00
|
|
|
if (buffer == NULL) {
|
2016-05-23 20:42:40 +02:00
|
|
|
ErrorAbort(state, kFileGetPropFailure, "%s: failed to alloc %zu bytes", name,
|
2016-04-18 20:30:55 +02:00
|
|
|
static_cast<size_t>(st.st_size+1));
|
2009-06-18 19:11:50 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
FILE* f;
|
2015-12-16 01:04:53 +01:00
|
|
|
f = ota_fopen(filename, "rb");
|
2009-06-18 19:11:50 +02:00
|
|
|
if (f == NULL) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kFileOpenFailure, "%s: failed to open %s: %s", name, filename,
|
|
|
|
strerror(errno));
|
2009-06-18 19:11:50 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2015-12-16 01:04:53 +01:00
|
|
|
if (ota_fread(buffer, 1, st.st_size, f) != static_cast<size_t>(st.st_size)) {
|
2016-05-23 20:42:40 +02:00
|
|
|
ErrorAbort(state, kFreadFailure, "%s: failed to read %zu bytes from %s",
|
2016-04-18 20:30:55 +02:00
|
|
|
name, static_cast<size_t>(st.st_size), filename);
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_fclose(f);
|
2009-06-18 19:11:50 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
buffer[st.st_size] = '\0';
|
|
|
|
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_fclose(f);
|
2009-06-18 19:11:50 +02:00
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
char* line;
|
|
|
|
line = strtok(buffer, "\n");
|
2009-06-18 19:11:50 +02:00
|
|
|
do {
|
|
|
|
// skip whitespace at start of line
|
|
|
|
while (*line && isspace(*line)) ++line;
|
|
|
|
|
|
|
|
// comment or blank line: skip to next line
|
|
|
|
if (*line == '\0' || *line == '#') continue;
|
|
|
|
|
|
|
|
char* equal = strchr(line, '=');
|
|
|
|
if (equal == NULL) {
|
2014-04-26 03:47:18 +02:00
|
|
|
continue;
|
2009-06-18 19:11:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// trim whitespace between key and '='
|
|
|
|
char* key_end = equal-1;
|
|
|
|
while (key_end > line && isspace(*key_end)) --key_end;
|
|
|
|
key_end[1] = '\0';
|
|
|
|
|
|
|
|
// not the key we're looking for
|
|
|
|
if (strcmp(key, line) != 0) continue;
|
|
|
|
|
|
|
|
// skip whitespace after the '=' to the start of the value
|
|
|
|
char* val_start = equal+1;
|
|
|
|
while(*val_start && isspace(*val_start)) ++val_start;
|
|
|
|
|
|
|
|
// trim trailing whitespace
|
|
|
|
char* val_end = val_start + strlen(val_start)-1;
|
|
|
|
while (val_end > val_start && isspace(*val_end)) --val_end;
|
|
|
|
val_end[1] = '\0';
|
|
|
|
|
|
|
|
result = strdup(val_start);
|
|
|
|
break;
|
|
|
|
|
|
|
|
} while ((line = strtok(NULL, "\n")));
|
|
|
|
|
|
|
|
if (result == NULL) result = strdup("");
|
|
|
|
|
|
|
|
done:
|
|
|
|
free(filename);
|
|
|
|
free(key);
|
|
|
|
free(buffer);
|
2010-02-18 01:11:44 +01:00
|
|
|
return StringValue(result);
|
2009-06-18 19:11:50 +02:00
|
|
|
}
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
// apply_patch_space(bytes)
|
2010-02-22 23:46:32 +01:00
|
|
|
Value* ApplyPatchSpaceFn(const char* name, State* state,
|
|
|
|
int argc, Expr* argv[]) {
|
|
|
|
char* bytes_str;
|
|
|
|
if (ReadArgs(state, argv, 1, &bytes_str) < 0) {
|
|
|
|
return NULL;
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2015-09-24 20:10:51 +02:00
|
|
|
size_t bytes;
|
|
|
|
if (!android::base::ParseUint(bytes_str, &bytes)) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "%s(): can't parse \"%s\" as byte count\n\n",
|
|
|
|
name, bytes_str);
|
2010-02-22 23:46:32 +01:00
|
|
|
free(bytes_str);
|
2015-09-24 20:10:51 +02:00
|
|
|
return nullptr;
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(CacheSizeCheck(bytes) ? "" : "t");
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2014-02-11 00:30:30 +01:00
|
|
|
// apply_patch(file, size, init_sha1, tgt_sha1, patch)
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2010-02-22 23:46:32 +01:00
|
|
|
Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc < 6 || (argc % 2) == 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s(): expected at least 6 args and an "
|
|
|
|
"even number, got %d", name, argc);
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* source_filename;
|
|
|
|
char* target_filename;
|
|
|
|
char* target_sha1;
|
|
|
|
char* target_size_str;
|
|
|
|
if (ReadArgs(state, argv, 4, &source_filename, &target_filename,
|
|
|
|
&target_sha1, &target_size_str) < 0) {
|
|
|
|
return NULL;
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
2015-09-24 20:10:51 +02:00
|
|
|
size_t target_size;
|
|
|
|
if (!android::base::ParseUint(target_size_str, &target_size)) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "%s(): can't parse \"%s\" as byte count",
|
|
|
|
name, target_size_str);
|
2010-02-22 23:46:32 +01:00
|
|
|
free(source_filename);
|
|
|
|
free(target_filename);
|
|
|
|
free(target_sha1);
|
|
|
|
free(target_size_str);
|
2015-09-24 20:10:51 +02:00
|
|
|
return nullptr;
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int patchcount = (argc-4) / 2;
|
2016-10-12 19:55:04 +02:00
|
|
|
std::unique_ptr<Value*> arg_values(ReadValueVarArgs(state, argc-4, argv+4));
|
2016-02-04 03:16:02 +01:00
|
|
|
if (!arg_values) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
std::vector<std::unique_ptr<Value>> patch_shas;
|
|
|
|
std::vector<std::unique_ptr<Value>> patches;
|
2016-02-04 03:16:02 +01:00
|
|
|
// Protect values by unique_ptrs first to get rid of memory leak.
|
|
|
|
for (int i = 0; i < patchcount * 2; i += 2) {
|
2016-10-12 19:55:04 +02:00
|
|
|
patch_shas.emplace_back(arg_values.get()[i]);
|
|
|
|
patches.emplace_back(arg_values.get()[i+1]);
|
2016-02-04 03:16:02 +01:00
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2016-02-04 03:16:02 +01:00
|
|
|
for (int i = 0; i < patchcount; ++i) {
|
|
|
|
if (patch_shas[i]->type != VAL_STRING) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "%s(): sha-1 #%d is not string", name, i);
|
2016-02-04 03:16:02 +01:00
|
|
|
return nullptr;
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
2016-02-04 03:16:02 +01:00
|
|
|
if (patches[i]->type != VAL_BLOB) {
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kArgsParsingFailure, "%s(): patch #%d is not blob", name, i);
|
2016-02-04 03:16:02 +01:00
|
|
|
return nullptr;
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
std::vector<std::string> patch_sha_str;
|
2016-02-04 03:16:02 +01:00
|
|
|
for (int i = 0; i < patchcount; ++i) {
|
|
|
|
patch_sha_str.push_back(patch_shas[i]->data);
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
2010-02-22 23:46:32 +01:00
|
|
|
|
|
|
|
int result = applypatch(source_filename, target_filename,
|
|
|
|
target_sha1, target_size,
|
2016-10-28 03:16:06 +02:00
|
|
|
patch_sha_str, patches, NULL);
|
2010-02-22 23:46:32 +01:00
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(result == 0 ? "t" : "");
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// apply_patch_check(file, [sha1_1, ...])
|
|
|
|
Value* ApplyPatchCheckFn(const char* name, State* state,
|
|
|
|
int argc, Expr* argv[]) {
|
|
|
|
if (argc < 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s(): expected at least 1 arg, got %d",
|
2010-02-22 23:46:32 +01:00
|
|
|
name, argc);
|
|
|
|
}
|
|
|
|
|
|
|
|
char* filename;
|
|
|
|
if (ReadArgs(state, argv, 1, &filename) < 0) {
|
2016-10-12 19:55:04 +02:00
|
|
|
return nullptr;
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
std::vector<std::string> sha1s;
|
|
|
|
if (!ReadArgs(state, argc-1, argv+1, &sha1s)) {
|
|
|
|
return nullptr;
|
2010-02-22 23:46:32 +01:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
int result = applypatch_check(filename, sha1s);
|
|
|
|
|
|
|
|
return StringValue(result == 0 ? "t" : "");
|
2009-06-12 02:21:44 +02:00
|
|
|
}
|
|
|
|
|
2015-09-10 02:16:55 +02:00
|
|
|
// This is the updater side handler for ui_print() in edify script. Contents
|
|
|
|
// will be sent over to the recovery side for on-screen display.
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* UIPrintFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-06-12 21:24:39 +02:00
|
|
|
char** args = ReadVarArgs(state, argc, argv);
|
|
|
|
if (args == NULL) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2015-09-10 02:16:55 +02:00
|
|
|
std::string buffer;
|
|
|
|
for (int i = 0; i < argc; ++i) {
|
|
|
|
buffer += args[i];
|
2009-06-12 21:24:39 +02:00
|
|
|
free(args[i]);
|
|
|
|
}
|
|
|
|
free(args);
|
2015-09-10 02:16:55 +02:00
|
|
|
|
|
|
|
buffer += "\n";
|
2014-10-23 04:48:41 +02:00
|
|
|
uiPrint(state, buffer);
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(buffer);
|
2009-06-12 21:24:39 +02:00
|
|
|
}
|
|
|
|
|
2011-10-19 19:51:12 +02:00
|
|
|
Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects no args, got %d", name, argc);
|
2011-10-19 19:51:12 +02:00
|
|
|
}
|
|
|
|
fprintf(((UpdaterInfo*)(state->cookie))->cmd_pipe, "wipe_cache\n");
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("t");
|
2011-10-19 19:51:12 +02:00
|
|
|
}
|
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
Value* RunProgramFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2009-09-10 23:10:48 +02:00
|
|
|
if (argc < 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects at least 1 arg", name);
|
2009-09-10 23:10:48 +02:00
|
|
|
}
|
|
|
|
char** args = ReadVarArgs(state, argc, argv);
|
|
|
|
if (args == NULL) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
char** args2 = reinterpret_cast<char**>(malloc(sizeof(char*) * (argc+1)));
|
2009-09-10 23:10:48 +02:00
|
|
|
memcpy(args2, args, sizeof(char*) * argc);
|
|
|
|
args2[argc] = NULL;
|
|
|
|
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("about to run program [%s] with %d args\n", args2[0], argc);
|
2009-09-10 23:10:48 +02:00
|
|
|
|
|
|
|
pid_t child = fork();
|
|
|
|
if (child == 0) {
|
|
|
|
execv(args2[0], args2);
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("run_program: execv failed: %s\n", strerror(errno));
|
2009-09-10 23:10:48 +02:00
|
|
|
_exit(1);
|
|
|
|
}
|
|
|
|
int status;
|
|
|
|
waitpid(child, &status, 0);
|
|
|
|
if (WIFEXITED(status)) {
|
|
|
|
if (WEXITSTATUS(status) != 0) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("run_program: child exited with status %d\n",
|
2009-09-10 23:10:48 +02:00
|
|
|
WEXITSTATUS(status));
|
|
|
|
}
|
|
|
|
} else if (WIFSIGNALED(status)) {
|
2013-07-09 21:29:45 +02:00
|
|
|
printf("run_program: child terminated by signal %d\n",
|
2009-09-10 23:10:48 +02:00
|
|
|
WTERMSIG(status));
|
|
|
|
}
|
|
|
|
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < argc; ++i) {
|
|
|
|
free(args[i]);
|
|
|
|
}
|
|
|
|
free(args);
|
|
|
|
free(args2);
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(android::base::StringPrintf("%d", status));
|
2009-09-10 23:10:48 +02:00
|
|
|
}
|
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
// sha1_check(data)
|
|
|
|
// to return the sha1 of the data (given in the format returned by
|
|
|
|
// read_file).
|
|
|
|
//
|
|
|
|
// sha1_check(data, sha1_hex, [sha1_hex, ...])
|
|
|
|
// returns the sha1 of the file if it matches any of the hex
|
|
|
|
// strings passed, or "" if it does not equal any of them.
|
|
|
|
//
|
|
|
|
Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc < 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects at least 1 arg", name);
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
std::unique_ptr<Value*> arg_values(ReadValueVarArgs(state, argc, argv));
|
2016-02-04 03:16:02 +01:00
|
|
|
if (arg_values == nullptr) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
std::vector<std::unique_ptr<Value>> args;
|
2016-02-04 03:16:02 +01:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
2016-10-12 19:55:04 +02:00
|
|
|
args.emplace_back(arg_values.get()[i]);
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
if (args[0]->type == VAL_INVALID) {
|
|
|
|
return StringValue("");
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
2016-02-04 09:23:21 +01:00
|
|
|
uint8_t digest[SHA_DIGEST_LENGTH];
|
2016-10-12 19:55:04 +02:00
|
|
|
SHA1(reinterpret_cast<const uint8_t*>(args[0]->data.c_str()), args[0]->data.size(), digest);
|
2010-02-18 01:11:44 +01:00
|
|
|
|
|
|
|
if (argc == 1) {
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(print_sha1(digest));
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
|
2016-02-08 20:15:50 +01:00
|
|
|
for (int i = 1; i < argc; ++i) {
|
|
|
|
uint8_t arg_digest[SHA_DIGEST_LENGTH];
|
2010-02-18 01:11:44 +01:00
|
|
|
if (args[i]->type != VAL_STRING) {
|
2016-02-08 20:15:50 +01:00
|
|
|
printf("%s(): arg %d is not a string; skipping", name, i);
|
2016-10-12 19:55:04 +02:00
|
|
|
} else if (ParseSha1(args[i]->data.c_str(), arg_digest) != 0) {
|
2010-02-18 01:11:44 +01:00
|
|
|
// Warn about bad args and skip them.
|
2016-10-12 19:55:04 +02:00
|
|
|
printf("%s(): error parsing \"%s\" as sha-1; skipping", name, args[i]->data.c_str());
|
2016-02-04 09:23:21 +01:00
|
|
|
} else if (memcmp(digest, arg_digest, SHA_DIGEST_LENGTH) == 0) {
|
2016-02-08 20:15:50 +01:00
|
|
|
// Found a match.
|
|
|
|
return args[i].release();
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
}
|
2016-02-08 20:15:50 +01:00
|
|
|
|
|
|
|
// Didn't match any of the hex strings; return false.
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("");
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
|
2010-08-02 19:29:49 +02:00
|
|
|
// Read a local file and return its contents (the Value* returned
|
2010-02-18 01:11:44 +01:00
|
|
|
// is actually a FileContents*).
|
|
|
|
Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
char* filename;
|
|
|
|
if (ReadArgs(state, argv, 1, &filename) < 0) return NULL;
|
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
Value* v = new Value(VAL_INVALID, "");
|
2010-02-18 01:11:44 +01:00
|
|
|
|
|
|
|
FileContents fc;
|
2016-06-11 12:56:38 +02:00
|
|
|
if (LoadFileContents(filename, &fc) == 0) {
|
2016-10-12 19:55:04 +02:00
|
|
|
v->type = VAL_BLOB;
|
|
|
|
v->data = std::string(fc.data.begin(), fc.data.end());
|
2010-02-18 01:11:44 +01:00
|
|
|
}
|
|
|
|
free(filename);
|
|
|
|
return v;
|
|
|
|
}
|
2009-06-12 02:21:44 +02:00
|
|
|
|
2013-11-25 22:53:25 +01:00
|
|
|
// Immediately reboot the device. Recovery is not finished normally,
|
|
|
|
// so if you reboot into recovery it will re-start applying the
|
|
|
|
// current package (because nothing has cleared the copy of the
|
|
|
|
// arguments stored in the BCB).
|
|
|
|
//
|
|
|
|
// The argument is the partition name passed to the android reboot
|
|
|
|
// property. It can be "recovery" to boot from the recovery
|
|
|
|
// partition, or "" (empty string) to boot from the regular boot
|
|
|
|
// partition.
|
|
|
|
Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2013-11-25 22:53:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* filename;
|
|
|
|
char* property;
|
|
|
|
if (ReadArgs(state, argv, 2, &filename, &property) < 0) return NULL;
|
|
|
|
|
|
|
|
// zero out the 'command' field of the bootloader message.
|
2016-09-24 00:30:55 +02:00
|
|
|
char buffer[80];
|
2013-11-25 22:53:25 +01:00
|
|
|
memset(buffer, 0, sizeof(((struct bootloader_message*)0)->command));
|
2015-12-16 01:04:53 +01:00
|
|
|
FILE* f = ota_fopen(filename, "r+b");
|
2013-11-25 22:53:25 +01:00
|
|
|
fseek(f, offsetof(struct bootloader_message, command), SEEK_SET);
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_fwrite(buffer, sizeof(((struct bootloader_message*)0)->command), 1, f);
|
|
|
|
ota_fclose(f);
|
2013-11-25 22:53:25 +01:00
|
|
|
free(filename);
|
|
|
|
|
2016-09-24 00:30:55 +02:00
|
|
|
std::string reboot_cmd = "reboot,";
|
|
|
|
if (property != nullptr) reboot_cmd += property;
|
|
|
|
android::base::SetProperty(ANDROID_RB_PROPERTY, reboot_cmd);
|
2013-11-25 22:53:25 +01:00
|
|
|
|
|
|
|
sleep(5);
|
|
|
|
free(property);
|
2016-04-30 20:49:59 +02:00
|
|
|
ErrorAbort(state, kRebootFailure, "%s() failed to reboot", name);
|
2013-11-25 22:53:25 +01:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Store a string value somewhere that future invocations of recovery
|
|
|
|
// can access it. This value is called the "stage" and can be used to
|
|
|
|
// drive packages that need to do reboots in the middle of
|
|
|
|
// installation and keep track of where they are in the multi-stage
|
|
|
|
// install.
|
|
|
|
//
|
|
|
|
// The first argument is the block device for the misc partition
|
|
|
|
// ("/misc" in the fstab), which is where this value is stored. The
|
|
|
|
// second argument is the string to store; it should not exceed 31
|
|
|
|
// bytes.
|
|
|
|
Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2013-11-25 22:53:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* filename;
|
|
|
|
char* stagestr;
|
|
|
|
if (ReadArgs(state, argv, 2, &filename, &stagestr) < 0) return NULL;
|
|
|
|
|
|
|
|
// Store this value in the misc partition, immediately after the
|
|
|
|
// bootloader message that the main recovery uses to save its
|
|
|
|
// arguments in case of the device restarting midway through
|
|
|
|
// package installation.
|
2015-12-16 01:04:53 +01:00
|
|
|
FILE* f = ota_fopen(filename, "r+b");
|
2013-11-25 22:53:25 +01:00
|
|
|
fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET);
|
2016-10-12 19:55:04 +02:00
|
|
|
size_t to_write = strlen(stagestr) + 1;
|
|
|
|
size_t max_size = sizeof(((struct bootloader_message*)0)->stage);
|
2013-11-25 22:53:25 +01:00
|
|
|
if (to_write > max_size) {
|
|
|
|
to_write = max_size;
|
2016-10-12 19:55:04 +02:00
|
|
|
stagestr[max_size - 1] = 0;
|
2013-11-25 22:53:25 +01:00
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
size_t status = ota_fwrite(stagestr, to_write, 1, f);
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_fclose(f);
|
2013-11-25 22:53:25 +01:00
|
|
|
|
|
|
|
free(stagestr);
|
2016-10-12 19:55:04 +02:00
|
|
|
if (status != to_write) {
|
|
|
|
return StringValue("");
|
|
|
|
}
|
2013-11-25 22:53:25 +01:00
|
|
|
return StringValue(filename);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Return the value most recently saved with SetStageFn. The argument
|
|
|
|
// is the block device for the misc partition.
|
|
|
|
Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) {
|
2014-02-25 01:02:50 +01:00
|
|
|
if (argc != 1) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc);
|
2013-11-25 22:53:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* filename;
|
|
|
|
if (ReadArgs(state, argv, 1, &filename) < 0) return NULL;
|
|
|
|
|
|
|
|
char buffer[sizeof(((struct bootloader_message*)0)->stage)];
|
2015-12-16 01:04:53 +01:00
|
|
|
FILE* f = ota_fopen(filename, "rb");
|
2013-11-25 22:53:25 +01:00
|
|
|
fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET);
|
2016-10-12 19:55:04 +02:00
|
|
|
size_t status = ota_fread(buffer, sizeof(buffer), 1, f);
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_fclose(f);
|
2016-10-12 19:55:04 +02:00
|
|
|
if (status != sizeof(buffer)) {
|
|
|
|
return StringValue("");
|
|
|
|
}
|
2013-11-25 22:53:25 +01:00
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
buffer[sizeof(buffer)-1] = '\0';
|
|
|
|
return StringValue(buffer);
|
2013-11-25 22:53:25 +01:00
|
|
|
}
|
|
|
|
|
2014-02-25 01:02:50 +01:00
|
|
|
Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 2) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc);
|
2014-02-25 01:02:50 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char* filename;
|
|
|
|
char* len_str;
|
|
|
|
if (ReadArgs(state, argv, 2, &filename, &len_str) < 0) return NULL;
|
|
|
|
|
2015-09-24 20:10:51 +02:00
|
|
|
size_t len;
|
|
|
|
android::base::ParseUint(len_str, &len);
|
2015-12-16 01:04:53 +01:00
|
|
|
int fd = ota_open(filename, O_WRONLY, 0644);
|
2014-02-25 01:02:50 +01:00
|
|
|
int success = wipe_block_device(fd, len);
|
|
|
|
|
|
|
|
free(filename);
|
|
|
|
free(len_str);
|
|
|
|
|
2015-12-16 01:04:53 +01:00
|
|
|
ota_close(fd);
|
2014-02-25 01:02:50 +01:00
|
|
|
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue(success ? "t" : "");
|
2014-02-25 01:02:50 +01:00
|
|
|
}
|
|
|
|
|
2014-05-23 17:40:35 +02:00
|
|
|
Value* EnableRebootFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc != 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects no args, got %d", name, argc);
|
2014-05-23 17:40:35 +02:00
|
|
|
}
|
|
|
|
UpdaterInfo* ui = (UpdaterInfo*)(state->cookie);
|
|
|
|
fprintf(ui->cmd_pipe, "enable_reboot\n");
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("t");
|
2014-05-23 17:40:35 +02:00
|
|
|
}
|
|
|
|
|
2014-11-21 09:12:28 +01:00
|
|
|
Value* Tune2FsFn(const char* name, State* state, int argc, Expr* argv[]) {
|
|
|
|
if (argc == 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() expects args, got %d", name, argc);
|
2014-11-21 09:12:28 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
char** args = ReadVarArgs(state, argc, argv);
|
|
|
|
if (args == NULL) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kArgsParsingFailure, "%s() could not read args", name);
|
2014-11-21 09:12:28 +01:00
|
|
|
}
|
|
|
|
|
2015-06-24 08:23:33 +02:00
|
|
|
char** args2 = reinterpret_cast<char**>(malloc(sizeof(char*) * (argc+1)));
|
2014-11-21 09:12:28 +01:00
|
|
|
// Tune2fs expects the program name as its args[0]
|
|
|
|
args2[0] = strdup(name);
|
2015-06-24 08:23:33 +02:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
2014-11-21 09:12:28 +01:00
|
|
|
args2[i + 1] = args[i];
|
|
|
|
}
|
|
|
|
int result = tune2fs_main(argc + 1, args2);
|
2015-06-24 08:23:33 +02:00
|
|
|
for (int i = 0; i < argc; ++i) {
|
2014-11-21 09:12:28 +01:00
|
|
|
free(args[i]);
|
|
|
|
}
|
|
|
|
free(args);
|
|
|
|
|
|
|
|
free(args2[0]);
|
|
|
|
free(args2);
|
|
|
|
if (result != 0) {
|
2016-04-30 20:49:59 +02:00
|
|
|
return ErrorAbort(state, kTune2FsFailure, "%s() returned error code %d",
|
|
|
|
name, result);
|
2014-11-21 09:12:28 +01:00
|
|
|
}
|
2016-10-12 19:55:04 +02:00
|
|
|
return StringValue("t");
|
2014-11-21 09:12:28 +01:00
|
|
|
}
|
|
|
|
|
2009-06-10 23:11:53 +02:00
|
|
|
void RegisterInstallFunctions() {
|
|
|
|
RegisterFunction("mount", MountFn);
|
2009-06-12 02:21:44 +02:00
|
|
|
RegisterFunction("is_mounted", IsMountedFn);
|
2009-06-10 23:11:53 +02:00
|
|
|
RegisterFunction("unmount", UnmountFn);
|
|
|
|
RegisterFunction("format", FormatFn);
|
|
|
|
RegisterFunction("show_progress", ShowProgressFn);
|
2009-06-24 18:36:20 +02:00
|
|
|
RegisterFunction("set_progress", SetProgressFn);
|
2009-06-10 23:11:53 +02:00
|
|
|
RegisterFunction("delete", DeleteFn);
|
|
|
|
RegisterFunction("delete_recursive", DeleteFn);
|
2009-06-12 02:21:44 +02:00
|
|
|
RegisterFunction("package_extract_dir", PackageExtractDirFn);
|
|
|
|
RegisterFunction("package_extract_file", PackageExtractFileFn);
|
2009-06-10 23:11:53 +02:00
|
|
|
RegisterFunction("symlink", SymlinkFn);
|
updater: introduce and set_metadata and set_metadata_recursive
Introduce two new updater functions:
* set_metadata
* set_metadata_recursive
Long term, these functions are intended to be more flexible replacements
for the following methods:
* set_perm
* set_perm_recursive
Usage:
set_metadata("filename", "key1", "value1", "key2", "value2", ...)
set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
Description:
set_metadata() and set_metadata_recursive() set the attributes on a file/directory
according to the key/value pairs provided. Today, the following keys are
supported:
* uid
* gid
* mode (set_perm_extd only)
* fmode (set_perm_extd_recursive only)
* dmode (set_perm_extd_recursive only)
* selabel
* capabilities
Unknown keys are logged as warnings, but are not fatal errors.
Examples:
* set_metadata("/system/bin/netcfg", "selabel", "u:object_r:system_file:s0");
This sets the SELinux label of /system/bin/netcfg to u:object_r:system_file:s0.
No other changes occur.
* set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
This sets /system/bin/netcfg to uid=0, gid=3003, mode=02750,
selinux label=u:object_r:system_file:s0, and clears the capabilities
associated with the file.
* set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
All files and directories under /system are set to uid=0, gid=0,
and selinux label=u:object_r:system_file:s0. Directories are set to
mode=0755. Files are set to mode=0644 and all capabilities are cleared.
Bug: 10183961
Bug: 10186213
Bug: 8985290
Change-Id: Ifdcf186a7ed45265511dc493c4036e1ac5e3d0af
2013-09-07 23:41:06 +02:00
|
|
|
|
|
|
|
// Usage:
|
|
|
|
// set_metadata("filename", "key1", "value1", "key2", "value2", ...)
|
|
|
|
// Example:
|
|
|
|
// set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
|
|
|
|
RegisterFunction("set_metadata", SetMetadataFn);
|
|
|
|
|
|
|
|
// Usage:
|
|
|
|
// set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...)
|
|
|
|
// Example:
|
|
|
|
// set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0);
|
|
|
|
RegisterFunction("set_metadata_recursive", SetMetadataFn);
|
|
|
|
|
2009-06-12 02:21:44 +02:00
|
|
|
RegisterFunction("getprop", GetPropFn);
|
2009-06-18 19:11:50 +02:00
|
|
|
RegisterFunction("file_getprop", FileGetPropFn);
|
2009-06-12 02:21:44 +02:00
|
|
|
|
|
|
|
RegisterFunction("apply_patch", ApplyPatchFn);
|
2010-02-22 23:46:32 +01:00
|
|
|
RegisterFunction("apply_patch_check", ApplyPatchCheckFn);
|
|
|
|
RegisterFunction("apply_patch_space", ApplyPatchSpaceFn);
|
2009-06-12 21:24:39 +02:00
|
|
|
|
2014-02-25 01:02:50 +01:00
|
|
|
RegisterFunction("wipe_block_device", WipeBlockDeviceFn);
|
2014-02-11 00:30:30 +01:00
|
|
|
|
2010-02-18 01:11:44 +01:00
|
|
|
RegisterFunction("read_file", ReadFileFn);
|
|
|
|
RegisterFunction("sha1_check", Sha1CheckFn);
|
2013-11-07 02:42:20 +01:00
|
|
|
RegisterFunction("rename", RenameFn);
|
2010-02-18 01:11:44 +01:00
|
|
|
|
2011-10-19 19:51:12 +02:00
|
|
|
RegisterFunction("wipe_cache", WipeCacheFn);
|
|
|
|
|
2009-06-12 21:24:39 +02:00
|
|
|
RegisterFunction("ui_print", UIPrintFn);
|
2009-09-10 23:10:48 +02:00
|
|
|
|
|
|
|
RegisterFunction("run_program", RunProgramFn);
|
2013-11-25 22:53:25 +01:00
|
|
|
|
|
|
|
RegisterFunction("reboot_now", RebootNowFn);
|
|
|
|
RegisterFunction("get_stage", GetStageFn);
|
|
|
|
RegisterFunction("set_stage", SetStageFn);
|
2014-05-23 17:40:35 +02:00
|
|
|
|
|
|
|
RegisterFunction("enable_reboot", EnableRebootFn);
|
2014-11-21 09:12:28 +01:00
|
|
|
RegisterFunction("tune2fs", Tune2FsFn);
|
2009-06-10 23:11:53 +02:00
|
|
|
}
|