2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
26 #include <sys/mount.h>
29 #include <sys/types.h>
31 #include <sys/prctl.h>
40 #define LOG_TAG "ENV_CONFIG"
42 #define _MAX_PACKAGEID_LENGTH 10
43 #define _MAX_APIVERSION_LENGTH 3
46 #define _SECURE_LOGI LOGI
47 #define _SECURE_LOGE LOGE
49 #define _SECURE_LOGI(...)
50 #define _SECURE_LOGE(...)
53 static const char _OSP_COMPAT_SHARED_PATH[] = "/opt/usr/share/.osp-compat/\0";
54 static const char _EXT_OSP_HOME_PATH[] = "/opt/storage/sdcard/osp/\0";
55 static const char OSP_COMPAT_LIB[] = "/usr/lib/osp/libosp-compat.so.1";
59 char src_path[PATH_MAX];
60 char dest_path[PATH_MAX];
67 char app_privilege; // 0: root privilege
71 * XXX: The returned app_roodir must be freed in caller.
74 get_app_rootpath_from_path(const char* bin_path)
76 char* app_rootpath = NULL;
77 char* delimiter = NULL;
80 /* e.g., The specified bin_path is "/opt/apps/com.samsung.basicapp/bin/basicapp" */
81 length = strlen(bin_path);
82 app_rootpath = (char *)malloc(length + 1);
83 if(app_rootpath == NULL)
86 memset(app_rootpath, '\0', length + 1);
87 strncpy(app_rootpath, bin_path, length);
89 _SECURE_LOGI("input bin_path: %s", app_rootpath);
91 delimiter = strrchr(app_rootpath, '/');
94 delimiter = strrchr(app_rootpath, '/');
101 get_package_id_from_app_rootpath(const char* app_rootpath, char* package_id)
103 const char* p = NULL;
104 if (strncmp(app_rootpath, "/opt/apps/org.tizen.", 19) == 0)
106 p = strrchr(app_rootpath, '.') + 1;
110 p = strrchr(app_rootpath, '/') + 1;
112 strncpy(package_id, p, _MAX_PACKAGEID_LENGTH);
113 package_id[_MAX_PACKAGEID_LENGTH] = '\0';
114 _SECURE_LOGI("package id: %s", package_id);
119 get_package_id_from_package_name(const char* package_name, char* package_id)
123 if (strncmp(package_name, "com", 3) == 0)
124 { // in case of com.samsung.#osp#[package_id]#[serviceid]
125 tmpbuf = strstr(package_name, "#osp#");
128 strncpy(package_id, tmpbuf + 5, _MAX_PACKAGEID_LENGTH);
131 else if (strncmp(package_name, "osp", 3) == 0)
132 { // in case of osp.[package_id].#osp#[serviceid]
133 tmpbuf = strstr(package_name, "osp.");
136 strncpy(package_id, tmpbuf + 4, _MAX_PACKAGEID_LENGTH);
139 else if (strncmp(package_name, "org.tizen", 9) == 0)
141 // in case of org.tizen.[package_id]#[serviceid]
142 tmpbuf = strstr(package_name, "org.tizen.");
145 strncpy(package_id, tmpbuf + 10, _MAX_PACKAGEID_LENGTH);
148 else if (strlen(package_name) == 10)
150 strncpy(package_id, package_name, _MAX_PACKAGEID_LENGTH);
154 LOGE("package name is invalid (%s)", package_name);
157 package_id[_MAX_PACKAGEID_LENGTH] = '\0';
158 _SECURE_LOGI("package_id: %s", package_id);
163 internal_is_mounted(const char* pkgid)
165 char mount_flag[64] = { 0, };
166 static const char dir[][64] =
168 { "/tmp/osp-compat" },
169 { "/tmp/osp-compat/mount" },
170 { "/tmp/osp-compat/mount/internal" }
173 sprintf(mount_flag, "/tmp/osp-compat/mount/internal/%s", pkgid);
174 int res = access(mount_flag, F_OK);
177 LOGI("Intenal path is already mounted.");
180 else if (res == -1 && errno == ENOENT)
183 for (i = 0; i < sizeof(dir)/64; ++i)
185 int res = mkdir(dir[i], 0755);
186 if (res == -1 && errno != EEXIST)
188 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
193 int fd = creat(mount_flag, 0644);
196 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
203 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
207 LOGI("Intenal path mount succeeded.");
212 external_is_mounted(const char* pkgid)
214 char mount_flag[64] = { 0, };
215 static const char dir[][64] =
217 { "/tmp/osp-compat" },
218 { "/tmp/osp-compat/mount" },
219 { "/tmp/osp-compat/mount/external" }
222 sprintf(mount_flag, "/tmp/osp-compat/mount/external/%s", pkgid);
223 int res = access(mount_flag, F_OK);
226 LOGI("Extenal path is already mounted.");
229 else if (res == -1 && errno == ENOENT)
232 for (i = 0; i < sizeof(dir)/64; ++i)
234 int res = mkdir(dir[i], 0755);
235 if (res == -1 && errno != EEXIST)
237 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
242 int fd = creat(mount_flag, 0644);
245 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
252 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
256 LOGI("Extenal path mount succeeded.");
261 mount_native_paths(const char* app_rootpath)
264 static const struct _path_info mount_info[] =
266 //{ "/bin", "./bin" },
269 { "/dev/pts", "./dev/pts" },
270 { "/dev/shm", "./dev/shm" },
274 { "/proc", "./proc" },
275 { "/sbin", "./sbin" },
276 { "/smack", "./smack" },
279 { "/sys/kernel/debug", "./sys/kernel/debug" },
283 { "/var/run", "./var/run" },
285 { "/opt/usr", "./opt/usr" },
286 { "/opt/var/kdb/db", "./opt/var/kdb/db" },
287 //{ "/opt/storage/sdcard","./opt/storage/sdcard" }
290 if (chdir(app_rootpath) != 0)
292 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
296 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
298 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
300 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
301 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
304 for (j = i; j > 0; --j)
306 umount2(mount_info[j-1].dest_path, MNT_DETACH);
316 mount_osp_internal_paths(const char* app_rootpath, const char* pkgid)
319 char osp_share_pkgid_path[PATH_MAX] = {0, };
320 char osp_share2_pkgid_path[PATH_MAX] = {0, };
321 struct _path_info mount_info[] =
323 { "\0", "./data/Share" },
324 { "\0", "./data/Share2" },
325 { "/opt/usr/share/.osp-compat/share", "./Share" },
326 { "/opt/usr/share/.osp-compat/share2", "./Share2" },
327 { "/opt/usr/media", "./Media" }
330 strncpy(osp_share_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
331 strncat(osp_share_pkgid_path, "share/", 6);
332 strncat(osp_share_pkgid_path, pkgid, strlen(pkgid));
334 strncpy(osp_share2_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
335 strncat(osp_share2_pkgid_path, "share2/", 7);
336 strncat(osp_share2_pkgid_path, pkgid, strlen(pkgid));
338 strncpy(mount_info[0].src_path, osp_share_pkgid_path, strlen(osp_share_pkgid_path));
339 strncpy(mount_info[1].src_path, osp_share2_pkgid_path, strlen(osp_share2_pkgid_path));
341 if (chdir(app_rootpath) != 0)
343 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
347 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
349 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
351 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
352 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
355 for (j = i; j > 0; --j)
357 umount2(mount_info[j-1].dest_path, MNT_DETACH);
367 mount_linux_paths(const char* app_rootpath)
370 static const struct _path_info mount_info[] =
373 { "/cache", "./cache" },
375 { "/data", "./data" },
377 { "/dev/pts", "./dev/pts" },
378 { "/dev/shm", "./dev/shm" },
381 { "/lib/modules", "./lib/modules" },
382 { "/media", "./media" },
384 { "/proc", "./proc" },
386 { "/sbin", "./sbin" },
387 { "/smack", "./smack" },
390 { "/sys/fs/cgroup", "./sys/fs/cgroup" },
391 { "/sys/fs/cgroup/systemd", "./sys/fs/cgroup/systemd" },
392 { "/system", "./system" },
396 { "/var/run", "./var/run" },
398 { "/opt/usr", "./opt/usr" },
399 //{ "/opt/var/run", "./opt/var/run" },
400 { "/opt/storage/sdcard","./opt/storage/sdcard" },
403 if (chdir(app_rootpath) != 0)
405 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
409 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
411 if (i == 27) // /opt/storage/sdcard
414 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
417 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
419 if (mmc_mounted == 0)
425 LOGI("src path: %s, dest path: %s", mount_info[i].src_path, mount_info[i].dest_path);
426 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
428 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
429 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
432 for (j = i; j > 0; --j)
434 umount2(mount_info[j-1].dest_path, MNT_DETACH);
444 create_osp_external_paths(const char* app_rootpath, const char* pkgid)
446 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
447 char osp_ext_apps_pkgid_share_path[PATH_MAX] = {0, };
448 char osp_ext_apps_pkgid_share2_path[PATH_MAX] = {0, };
449 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
450 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
451 struct _dir_info external_dirs[] =
453 { "./HomeExt", 0000, 0 },
454 { "./ShareExt", 0000, 0 },
455 { "./Share2Ext", 0000, 0 },
456 { "/opt/storage/sdcard/osp", 0777, 0 },
457 { "/opt/storage/sdcard/osp/apps", 0777, 0 },
458 { "/opt/storage/sdcard/osp/share", 0777, 0 },
459 { "/opt/storage/sdcard/osp/share2", 0777, 0 },
465 { "/opt/storage/sdcard/Images", 0777, 0 },
466 { "/opt/storage/sdcard/Sounds", 0777, 0 },
467 { "/opt/storage/sdcard/Videos", 0777, 0 },
468 { "/opt/storage/sdcard/Others", 0777, 0 }
472 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
473 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
474 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
476 strncpy(osp_ext_apps_pkgid_share_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
477 strncat(osp_ext_apps_pkgid_share_path, "/Share", 6);
479 strncpy(osp_ext_apps_pkgid_share2_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
480 strncat(osp_ext_apps_pkgid_share2_path, "/Share2", 7);
482 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
483 strncat(osp_ext_share_pkgid_path, "share/", 6);
484 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
486 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
487 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
488 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
490 strncpy(external_dirs[7].path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
491 strncpy(external_dirs[8].path, osp_ext_apps_pkgid_share_path, strlen(osp_ext_apps_pkgid_share_path));
492 strncpy(external_dirs[9].path, osp_ext_apps_pkgid_share2_path, strlen(osp_ext_apps_pkgid_share2_path));
493 strncpy(external_dirs[10].path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
494 strncpy(external_dirs[11].path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
496 if (chdir(app_rootpath) != 0)
498 LOGE("chdir() failed (%s), path: %s", strerror(errno), app_rootpath);
502 for (i = 0; i < sizeof(external_dirs)/sizeof(struct _dir_info); i++)
504 int ret = mkdir(external_dirs[i].path, external_dirs[i].mode);
505 if (ret == -1 && errno != 17) // EEXIST
507 LOGE("mkdir() failed, path: %s, errno: %d (%s)", external_dirs[i].path, errno, strerror(errno));
516 mount_osp_external_paths(const char* app_rootpath, const char* pkgid)
518 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
519 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
520 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
521 struct _path_info mount_info[] =
523 { "/opt/storage/sdcard", "./Storagecard/Media" },
524 { "/opt/storage/sdcard/osp/share", "./ShareExt" },
525 { "/opt/storage/sdcard/osp/share2", "./Share2Ext" },
526 { "\0", "./HomeExt" },
527 { "\0", "./HomeExt/Share" },
528 { "\0", "./HomeExt/Share2" }
532 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
533 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
534 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
536 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
537 strncat(osp_ext_share_pkgid_path, "share/", 6);
538 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
540 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
541 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
542 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
544 strncpy(mount_info[3].src_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
545 strncpy(mount_info[4].src_path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
546 strncpy(mount_info[5].src_path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
548 if (chdir(app_rootpath) != 0)
550 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
553 LOGI("app_rootpath: %s", app_rootpath);
555 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); i++)
557 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
559 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
560 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
563 for (j = i; j > 0; --j)
565 umount2(mount_info[j-1].dest_path, MNT_DETACH);
575 do_pre_exe(const char* bin_path, const char* package_id)
577 char* app_rootpath = NULL;
580 // preload libosp-compat.so.1 for compatibility
581 void* handle = dlopen(OSP_COMPAT_LIB, RTLD_GLOBAL);
584 LOGI("%s is preloaded.", OSP_COMPAT_LIB);
587 /* e.g., app_rootdir is "/opt/usr/apps/[pkgId] */
588 app_rootpath = get_app_rootpath_from_path(bin_path);
590 _SECURE_LOGI("[data_caging] do_pre_exe() was called, package id: %s, binary path: %s, app root: %s",
591 package_id, bin_path, app_rootpath);
595 if (!internal_is_mounted(package_id))
597 if (mount_native_paths(app_rootpath) != 0)
601 if (mount_osp_internal_paths(app_rootpath, package_id) != 0)
607 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
610 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
612 if (mmc_mounted == 1)
614 LOGI("MMC is mounted.");
615 if (create_osp_external_paths(app_rootpath, package_id) != 0)
620 if (!external_is_mounted(package_id))
622 if (mount_osp_external_paths(app_rootpath, package_id) != 0)
628 LOGI("mount() succeeded.");
630 if (chroot(app_rootpath) != 0)
632 LOGE("chroot() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
637 LOGE("chdir() failed, path: /, errno: %d (%s)", errno, strerror(errno));
640 LOGI("chroot() succeeded.");
642 if (chdir("/data") != 0)
644 LOGE("chdir() failed, path: /data, errno: %d (%s)", errno, strerror(errno));
651 LOGI("[data_caging] do_pre_exe() succeeded.");
658 LOGI("[data_caging] do_pre_exe() failed.");
663 do_virtual_root(const char* virtual_root_path, const char* package_id)
665 _SECURE_LOGI("[virtual_root] do_virtual_root() was called, virtual root path: %s, package id: %s",
666 virtual_root_path, package_id);
670 if (!internal_is_mounted(package_id))
672 if (mount_linux_paths(virtual_root_path) != 0)
677 LOGI("mount() succeeded.");
679 if (chroot(virtual_root_path) != 0)
681 LOGE("chroot() failed. path: %s, errno: %d (%s)", virtual_root_path, errno, strerror(errno));
686 LOGE("chdir() failed. path: /data, errno: %d (%s)", errno, strerror(errno));
689 LOGI("chroot() succeeded.");
693 LOGI("[virtual_root] do_virtual_root() succeeded.");
699 LOGI("[virtual_root] do_virtual_root() failed.");
704 do_pre_exec(const char* package_name, const char* bin_path)
706 char* app_rootpath = NULL;
707 char app_compat_path[PATH_MAX] = { 0, };
708 const char app_compat_file[] = "/info/compat.info\0";
709 char package_id[_MAX_PACKAGEID_LENGTH + 1] = { 0, };
710 char osp_app_data_path[PATH_MAX] = { 0, };
713 _SECURE_LOGI("do_pre_exec() is called, app name: %s, binary path: %s", package_name, bin_path);
715 app_rootpath = get_app_rootpath_from_path(bin_path);
717 strncpy(app_compat_path, app_rootpath, strlen(app_rootpath));
718 strncat(app_compat_path, app_compat_file, strlen(app_compat_file));
719 if (access(app_compat_path, F_OK) == 0)
724 get_package_id_from_app_rootpath(app_rootpath, package_id);
726 _SECURE_LOGI("package id: %s, binary path: %s, OSP compat: %d", package_id, bin_path, osp_compat);
728 // FIXME: Temporary code with security risk
729 prctl(PR_SET_KEEPCAPS, 1);
734 //unshare(CLONE_NEWNS);
735 return do_pre_exe(bin_path, package_id);
738 char virtual_root_file[PATH_MAX] = { 0, };
739 const char virtual_root_info[] = "/info/virtualroot.info";
740 strncpy(virtual_root_file, app_rootpath, strlen(app_rootpath));
741 strncat(virtual_root_file, virtual_root_info, strlen(virtual_root_info));
742 if (access(virtual_root_file, F_OK) == 0)
744 LOGI("This is virtual root application.");
745 int fd = open(virtual_root_file, O_RDONLY);
748 LOGE("failed to open %s, errno: %d (%s)", virtual_root_file, errno, strerror(errno));
752 char user_path[PATH_MAX] = { 0, };
753 int read_bytes = read(fd, user_path, PATH_MAX);
756 LOGE("failed to read %s, errno: %d (%s)", virtual_root_file, errno, strerror(errno));
762 char virtual_root_path[PATH_MAX] = { 0, };
763 sprintf(virtual_root_path, "%s/data/%s", app_rootpath, user_path);
765 int res = do_virtual_root(virtual_root_path, package_id);
770 // API version is equal to or greater than Tizen 2.0
771 // Set current working dir to "/opt/apps/{pkgId}/data"
772 strncpy(osp_app_data_path, app_rootpath, strlen(app_rootpath));
773 strncat(osp_app_data_path, "/data", strlen("/data"));
775 if (chdir(osp_app_data_path) != 0)
777 LOGE("chdir() failed, path: %s, errno: %d (%s)", osp_app_data_path, errno, strerror(errno));
781 LOGI("[data_caging] do_pre_exec() succeeded.");