2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
26 #include <sys/mount.h>
29 #include <sys/types.h>
31 #include <sys/prctl.h>
38 #define LOG_TAG "ENV_CONFIG"
40 #define _MAX_PACKAGEID_LENGTH 10
41 #define _MAX_APIVERSION_LENGTH 3
44 #define _SECURE_LOGI LOGI
45 #define _SECURE_LOGE LOGE
47 #define _SECURE_LOGI(...)
48 #define _SECURE_LOGE(...)
51 static const char* _OSP_HOME_PATH = "/opt/osp/\0"; // /opt/apps/com.samsung.osp
52 static const char* _OSP_COMPAT_SHARED_PATH = "/opt/usr/share/.osp-compat/\0";
53 static const char* _EXT_OSP_HOME_PATH = "/opt/storage/sdcard/osp/\0";
57 char src_path[PATH_MAX];
58 char dest_path[PATH_MAX];
65 char app_privilege; // 0: root privilege
69 * XXX: The returned app_roodir must be freed in caller.
72 get_app_rootpath_from_path(const char* bin_path)
74 char* app_rootpath = NULL;
75 char* delimiter = NULL;
77 /* e.g., The specified bin_path is "/opt/apps/com.samsung.basicapp/bin/basicapp" */
79 length = strlen(bin_path);
80 app_rootpath = (char *)malloc(length + 1);
81 if(app_rootpath == NULL)
84 memset(app_rootpath, '\0', length + 1);
85 strncpy(app_rootpath, bin_path, length);
87 _SECURE_LOGI("input bin_path: %s", app_rootpath);
89 delimiter = strrchr(app_rootpath, '/');
92 delimiter = strrchr(app_rootpath, '/');
99 get_package_id_from_app_rootpath(const char* app_rootpath, char* package_id)
101 const char* p = NULL;
102 if (strncmp(app_rootpath, "/opt/apps/org.tizen.", 19) == 0)
104 p = strrchr(app_rootpath, '.') + 1;
108 p = strrchr(app_rootpath, '/') + 1;
110 strncpy(package_id, p, _MAX_PACKAGEID_LENGTH);
111 package_id[_MAX_PACKAGEID_LENGTH] = '\0';
112 _SECURE_LOGI("package id: %s", package_id);
116 get_package_id_from_package_name(const char* package_name, char* package_id)
120 if (strncmp(package_name, "com", 3) == 0)
121 { // in case of com.samsung.#osp#[package_id]#[serviceid]
122 tmpbuf = strstr(package_name, "#osp#");
125 strncpy(package_id, tmpbuf + 5, _MAX_PACKAGEID_LENGTH);
128 else if (strncmp(package_name, "osp", 3) == 0)
129 { // in case of osp.[package_id].#osp#[serviceid]
130 tmpbuf = strstr(package_name, "osp.");
133 strncpy(package_id, tmpbuf + 4, _MAX_PACKAGEID_LENGTH);
136 else if (strncmp(package_name, "org.tizen", 9) == 0)
138 // in case of org.tizen.[package_id]#[serviceid]
139 tmpbuf = strstr(package_name, "org.tizen.");
142 strncpy(package_id, tmpbuf + 10, _MAX_PACKAGEID_LENGTH);
145 else if (strlen(package_name) == 10)
147 strncpy(package_id, package_name, _MAX_PACKAGEID_LENGTH);
151 LOGE("package name is invalid (%s)", package_name);
154 package_id[_MAX_PACKAGEID_LENGTH] = '\0';
155 _SECURE_LOGI("package_id: %s", package_id);
159 internal_is_mounted(const char* pkgid)
161 char mount_flag[64] = { 0, };
162 static const char dir[][64] =
164 { "/tmp/osp-compat" },
165 { "/tmp/osp-compat/mount" },
166 { "/tmp/osp-compat/mount/internal" }
169 sprintf(mount_flag, "/tmp/osp-compat/mount/internal/%s", pkgid);
170 int res = access(mount_flag, F_OK);
173 LOGI("Intenal path is already mounted.");
176 else if (res == -1 && errno == ENOENT)
179 for (i = 0; i < sizeof(dir)/64; ++i)
181 int res = mkdir(dir[i], 0755);
182 if (res == -1 && errno != EEXIST)
184 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
189 int fd = creat(mount_flag, 0644);
192 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
199 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
203 LOGI("Intenal path mount succeeded.");
208 external_is_mounted(const char* pkgid)
210 char mount_flag[64] = { 0, };
211 static const char dir[][64] =
213 { "/tmp/osp-compat" },
214 { "/tmp/osp-compat/mount" },
215 { "/tmp/osp-compat/mount/external" }
218 sprintf(mount_flag, "/tmp/osp-compat/mount/external/%s", pkgid);
219 int res = access(mount_flag, F_OK);
222 LOGI("Extenal path is already mounted.");
225 else if (res == -1 && errno == ENOENT)
228 for (i = 0; i < sizeof(dir)/64; ++i)
230 int res = mkdir(dir[i], 0755);
231 if (res == -1 && errno != EEXIST)
233 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
238 int fd = creat(mount_flag, 0644);
241 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
248 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
252 LOGI("Extenal path mount succeeded.");
257 mount_native_paths(const char* app_rootpath)
260 static const struct _path_info mount_info[] =
262 //{ "/bin", "./bin" },
265 { "/dev/pts", "./dev/pts" },
266 { "/dev/shm", "./dev/shm" },
270 { "/proc", "./proc" },
271 { "/sbin", "./sbin" },
272 { "/smack", "./smack" },
275 { "/sys/kernel/debug", "./sys/kernel/debug" },
279 { "/var/run", "./var/run" },
281 { "/opt/usr", "./opt/usr" },
282 { "/opt/var/kdb/db", "./opt/var/kdb/db" },
283 //{ "/opt/storage/sdcard","./opt/storage/sdcard" }
286 if (chdir(app_rootpath) != 0)
288 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
292 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
294 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
296 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
297 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
300 for (j = i; j > 0; --j)
302 umount2(mount_info[j-1].dest_path, MNT_DETACH);
312 mount_osp_internal_paths(const char* app_rootpath, const char* pkgid)
315 char osp_share_pkgid_path[PATH_MAX] = {0, };
316 char osp_share2_pkgid_path[PATH_MAX] = {0, };
317 struct _path_info mount_info[] =
319 { "\0", "./data/Share" },
320 { "\0", "./data/Share2" },
321 { "/opt/usr/share/.osp-compat/share", "./Share" },
322 { "/opt/usr/share/.osp-compat/share2", "./Share2" },
323 { "/opt/usr/media", "./Media" }
326 strncpy(osp_share_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
327 strncat(osp_share_pkgid_path, "share/", 6);
328 strncat(osp_share_pkgid_path, pkgid, strlen(pkgid));
330 strncpy(osp_share2_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
331 strncat(osp_share2_pkgid_path, "share2/", 7);
332 strncat(osp_share2_pkgid_path, pkgid, strlen(pkgid));
334 strncpy(mount_info[0].src_path, osp_share_pkgid_path, strlen(osp_share_pkgid_path));
335 strncpy(mount_info[1].src_path, osp_share2_pkgid_path, strlen(osp_share2_pkgid_path));
337 if (chdir(app_rootpath) != 0)
339 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
343 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
345 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
347 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
348 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
351 for (j = i; j > 0; --j)
353 umount2(mount_info[j-1].dest_path, MNT_DETACH);
363 mount_linux_paths(const char* app_rootpath)
366 static const struct _path_info mount_info[] =
369 { "/cache", "./cache" },
371 { "/data", "./data" },
373 { "/dev/pts", "./dev/pts" },
374 { "/dev/shm", "./dev/shm" },
377 { "/lib/modules", "./lib/modules" },
378 { "/media", "./media" },
380 { "/proc", "./proc" },
382 { "/sbin", "./sbin" },
383 { "/smack", "./smack" },
386 { "/sys/fs/cgroup", "./sys/fs/cgroup" },
387 { "/sys/fs/cgroup/systemd", "./sys/fs/cgroup/systemd" },
388 { "/system", "./system" },
392 { "/var/run", "./var/run" },
394 { "/opt/usr", "./opt/usr" },
395 //{ "/opt/var/run", "./opt/var/run" },
396 { "/opt/storage/sdcard","./opt/storage/sdcard" },
399 if (chdir(app_rootpath) != 0)
401 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
405 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
407 if (i == 27) // /opt/storage/sdcard
410 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
413 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
415 if (mmc_mounted == 0)
421 LOGI("src path: %s, dest path: %s", mount_info[i].src_path, mount_info[i].dest_path);
422 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
424 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
425 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
428 for (j = i; j > 0; --j)
430 umount2(mount_info[j-1].dest_path, MNT_DETACH);
440 create_osp_external_paths(const char* app_rootpath, const char* pkgid)
442 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
443 char osp_ext_apps_pkgid_share_path[PATH_MAX] = {0, };
444 char osp_ext_apps_pkgid_share2_path[PATH_MAX] = {0, };
445 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
446 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
447 struct _dir_info external_dirs[] =
449 { "./HomeExt", 0000, 0 },
450 { "./ShareExt", 0000, 0 },
451 { "./Share2Ext", 0000, 0 },
452 { "/opt/storage/sdcard/osp", 0777, 0 },
453 { "/opt/storage/sdcard/osp/apps", 0777, 0 },
454 { "/opt/storage/sdcard/osp/share", 0777, 0 },
455 { "/opt/storage/sdcard/osp/share2", 0777, 0 },
461 { "/opt/storage/sdcard/Images", 0777, 0 },
462 { "/opt/storage/sdcard/Sounds", 0777, 0 },
463 { "/opt/storage/sdcard/Videos", 0777, 0 },
464 { "/opt/storage/sdcard/Others", 0777, 0 }
468 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
469 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
470 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
472 strncpy(osp_ext_apps_pkgid_share_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
473 strncat(osp_ext_apps_pkgid_share_path, "/Share", 6);
475 strncpy(osp_ext_apps_pkgid_share2_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
476 strncat(osp_ext_apps_pkgid_share2_path, "/Share2", 7);
478 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
479 strncat(osp_ext_share_pkgid_path, "share/", 6);
480 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
482 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
483 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
484 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
486 strncpy(external_dirs[7].path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
487 strncpy(external_dirs[8].path, osp_ext_apps_pkgid_share_path, strlen(osp_ext_apps_pkgid_share_path));
488 strncpy(external_dirs[9].path, osp_ext_apps_pkgid_share2_path, strlen(osp_ext_apps_pkgid_share2_path));
489 strncpy(external_dirs[10].path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
490 strncpy(external_dirs[11].path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
492 if (chdir(app_rootpath) != 0)
494 LOGE("chdir() failed (%s), path: %s", strerror(errno), app_rootpath);
498 for (i = 0; i < sizeof(external_dirs)/sizeof(struct _dir_info); i++)
500 int ret = mkdir(external_dirs[i].path, external_dirs[i].mode);
501 if (ret == -1 && errno != 17) // EEXIST
503 LOGE("mkdir() failed, path: %s, errno: %d (%s)", external_dirs[i].path, errno, strerror(errno));
512 mount_osp_external_paths(const char* app_rootpath, const char* pkgid)
514 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
515 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
516 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
517 struct _path_info mount_info[] =
519 { "/opt/storage/sdcard", "./Storagecard/Media" },
520 { "/opt/storage/sdcard/osp/share", "./ShareExt" },
521 { "/opt/storage/sdcard/osp/share2", "./Share2Ext" },
522 { "\0", "./HomeExt" },
523 { "\0", "./HomeExt/Share" },
524 { "\0", "./HomeExt/Share2" }
528 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
529 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
530 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
532 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
533 strncat(osp_ext_share_pkgid_path, "share/", 6);
534 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
536 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
537 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
538 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
540 strncpy(mount_info[3].src_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
541 strncpy(mount_info[4].src_path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
542 strncpy(mount_info[5].src_path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
544 if (chdir(app_rootpath) != 0)
546 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
549 LOGI("app_rootpath: %s", app_rootpath);
551 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); i++)
553 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
555 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
556 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
559 for (j = i; j > 0; --j)
561 umount2(mount_info[j-1].dest_path, MNT_DETACH);
571 do_pre_exe(const char* package_name, const char* bin_path, const char* package_id)
573 char* app_rootpath = NULL;
574 char osp_app_data_path[PATH_MAX] = {0, };
578 /* e.g., app_rootdir is "/opt/usr/apps/[pkgId] */
579 app_rootpath = get_app_rootpath_from_path(bin_path);
581 _SECURE_LOGI("[data_caging] do_pre_exe() was called, package name: %s, package id: %s, binary: %s, app root: %s",
582 package_name, package_id, bin_path, app_rootpath);
586 if (!internal_is_mounted(package_id))
588 if (mount_native_paths(app_rootpath) != 0)
592 if (mount_osp_internal_paths(app_rootpath, package_id) != 0)
598 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
601 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
603 if (mmc_mounted == 1)
605 LOGI("MMC is mounted.");
606 if (create_osp_external_paths(app_rootpath, package_id) != 0)
611 if (!external_is_mounted(package_id))
613 if (mount_osp_external_paths(app_rootpath, package_id) != 0)
619 LOGI("mount() succeeded.");
621 if (chroot(app_rootpath) != 0)
623 LOGE("chroot() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
628 LOGE("chdir() failed, path: /, errno: %d (%s)", errno, strerror(errno));
631 LOGI("chroot() succeeded.");
633 // set current working dir to "/opt/apps/{packageId}/data"
635 strncpy(osp_app_data_path, app_rootpath, strlen(app_rootpath));
636 strncat(osp_app_data_path, "/data", strlen("/data"));
639 if (chdir("/data") != 0)
641 LOGE("chdir() failed, path: /data, errno: %d (%s)", errno, strerror(errno));
648 LOGI("[data_caging] do_pre_exec() succeeded.");
655 LOGI("[data_caging] do_pre_exec() failed.");
660 do_virtual_root(const char* virtual_root_path, const char* package_id)
662 _SECURE_LOGI("[virtual_root] do_virtual_root() was called, virtual root path: %s, package id: %s",
663 virtual_root_path, package_id);
667 if (!internal_is_mounted(package_id))
669 if (mount_linux_paths(virtual_root_path) != 0)
674 LOGI("mount() succeeded.");
676 if (chroot(virtual_root_path) != 0)
678 LOGE("chroot() failed. path: %s, errno: %d (%s)", virtual_root_path, errno, strerror(errno));
683 LOGE("chdir() failed. path: /data, errno: %d (%s)", errno, strerror(errno));
686 LOGI("chroot() succeeded.");
690 LOGI("[virtual_root] do_virtual_root() succeeded.");
696 LOGI("[virtual_root] do_virtual_root() failed.");
701 do_pre_exec(const char* package_name, const char* bin_path)
703 char* app_rootpath = NULL;
704 char app_compat_path[PATH_MAX] = { 0, };
705 const char app_compat_file[] = "/info/compat.info\0";
707 char package_id[_MAX_PACKAGEID_LENGTH + 1] = { 0, };
708 char osp_app_data_path[PATH_MAX] = { 0, };
711 _SECURE_LOGI("do_pre_exec() is called, package name: %s, binary path: %s", package_name, bin_path);
713 app_rootpath = get_app_rootpath_from_path(bin_path);
715 strncpy(app_compat_path, app_rootpath, strlen(app_rootpath));
716 strncat(app_compat_path, app_compat_file, strlen(app_compat_file));
717 if (access(app_compat_path, F_OK) == 0)
723 //if (package_name == NULL)
725 //LOGI("The package name is empty.");
726 get_package_id_from_app_rootpath(app_rootpath, package_id);
731 get_package_id_from_package_name(package_name, package_id);
736 _SECURE_LOGI("package: %s (%s), binary: %s, OSP compat: %d", package_name, package_id, bin_path, osp_compat);
738 // FIXME: Temporary code with security risk
739 prctl(PR_SET_KEEPCAPS, 1);
744 //unshare(CLONE_NEWNS);
745 return do_pre_exe(package_name, bin_path, package_id);
748 char virtual_root_file[PATH_MAX] = { 0, };
749 const char virtual_root_info[] = "/info/virtualroot.info";
750 strncpy(virtual_root_file, app_rootpath, strlen(app_rootpath));
751 strncat(virtual_root_file, virtual_root_info, strlen(virtual_root_info));
752 if (access(virtual_root_file, F_OK) == 0)
754 LOGI("This is virtual root application.");
755 char virtual_root_path[PATH_MAX] = { 0, };
756 sprintf(virtual_root_path, "%s/virtual-root", app_rootpath);
757 int res = do_virtual_root(virtual_root_path, package_id);
762 // API version is equal to or greater than Tizen 2.0
763 // Set current working dir to "/opt/apps/{pkgId}/data"
764 strncpy(osp_app_data_path, app_rootpath, strlen(app_rootpath));
765 strncat(osp_app_data_path, "/data", strlen("/data"));
767 if (chdir(osp_app_data_path) != 0)
769 LOGE("chdir() failed, path: %s, errno: %d (%s)", osp_app_data_path, errno, strerror(errno));
773 LOGI("[data_caging] do_pre_exec() succeeded.");