2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
26 #include <sys/mount.h>
29 #include <sys/types.h>
31 #include <sys/prctl.h>
41 #define LOG_TAG "ENV_CONFIG"
43 #define _MAX_PACKAGEID_LENGTH 10
44 #define _MAX_APIVERSION_LENGTH 3
47 #define _SECURE_LOGI LOGI
48 #define _SECURE_LOGE LOGE
50 #define _SECURE_LOGI(...)
51 #define _SECURE_LOGE(...)
54 static const char _OSP_COMPAT_SHARED_PATH[] = "/opt/usr/share/.osp-compat/\0";
55 static const char _EXT_OSP_HOME_PATH[] = "/opt/storage/sdcard/osp/\0";
56 static const char OSP_COMPAT_LIB[] = "/usr/lib/osp/libosp-compat.so";
60 char src_path[PATH_MAX];
61 const char dest_path[PATH_MAX];
68 char app_privilege; // 0: root privilege
72 * XXX: The returned app_roodir must be freed in caller.
75 get_app_rootpath_from_path(const char* bin_path)
77 char* app_rootpath = NULL;
78 char* delimiter = NULL;
81 /* e.g., The specified bin_path is "/opt/apps/com.samsung.basicapp/bin/basicapp" */
82 length = strlen(bin_path);
83 app_rootpath = (char *)malloc(length + 1);
84 if(app_rootpath == NULL)
87 memset(app_rootpath, '\0', length + 1);
88 strncpy(app_rootpath, bin_path, length);
90 _SECURE_LOGI("input bin_path: %s", app_rootpath);
92 delimiter = strrchr(app_rootpath, '/');
95 delimiter = strrchr(app_rootpath, '/');
103 internal_is_mounted(const char* pkgid)
105 char mount_flag[64] = { 0, };
106 static const char dir[][64] =
108 { "/tmp/osp-compat" },
109 { "/tmp/osp-compat/mount" },
110 { "/tmp/osp-compat/mount/internal" }
113 sprintf(mount_flag, "/tmp/osp-compat/mount/internal/%s", pkgid);
114 int res = access(mount_flag, F_OK);
117 LOGI("Intenal path is already mounted.");
120 else if (res == -1 && errno == ENOENT)
123 for (i = 0; i < sizeof(dir)/64; ++i)
125 int res = mkdir(dir[i], 0755);
126 if (res == -1 && errno != EEXIST)
128 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
133 int fd = creat(mount_flag, 0644);
136 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
143 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
147 LOGI("Intenal path mount succeeded.");
152 external_is_mounted(const char* pkgid)
154 char mount_flag[64] = { 0, };
155 static const char dir[][64] =
157 { "/tmp/osp-compat" },
158 { "/tmp/osp-compat/mount" },
159 { "/tmp/osp-compat/mount/external" }
162 sprintf(mount_flag, "/tmp/osp-compat/mount/external/%s", pkgid);
163 int res = access(mount_flag, F_OK);
166 LOGI("Extenal path is already mounted.");
169 else if (res == -1 && errno == ENOENT)
172 for (i = 0; i < sizeof(dir)/64; ++i)
174 int res = mkdir(dir[i], 0755);
175 if (res == -1 && errno != EEXIST)
177 LOGE("Failed to create directory (%s), errno: %d (%s)", dir[i], errno, strerror(errno));
182 int fd = creat(mount_flag, 0644);
185 LOGE("Failed to create mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
192 LOGE("Failed to access mount flag (%s), errno: %d (%s)", mount_flag, errno, strerror(errno));
196 LOGI("Extenal path mount succeeded.");
201 mount_native_paths(const char* app_rootpath)
204 static const struct _path_info mount_info[] =
206 //{ "/bin", "./bin" },
209 { "/dev/pts", "./dev/pts" },
210 { "/dev/shm", "./dev/shm" },
214 { "/proc", "./proc" },
215 { "/sbin", "./sbin" },
216 { "/smack", "./smack" },
219 { "/sys/kernel/debug", "./sys/kernel/debug" },
223 { "/var/run", "./var/run" },
225 { "/opt/usr", "./opt/usr" },
226 { "/opt/var/kdb/db", "./opt/var/kdb/db" },
227 //{ "/opt/storage/sdcard","./opt/storage/sdcard" }
230 if (chdir(app_rootpath) != 0)
232 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
236 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
238 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
240 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
241 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
244 for (j = i; j > 0; --j)
246 umount2(mount_info[j-1].dest_path, MNT_DETACH);
256 mount_osp_internal_paths(const char* app_rootpath, const char* pkgid)
259 char osp_share_pkgid_path[PATH_MAX] = {0, };
260 char osp_share2_pkgid_path[PATH_MAX] = {0, };
261 struct _path_info mount_info[] =
263 { "\0", "./data/Share" },
264 { "\0", "./data/Share2" },
265 { "/opt/usr/share/.osp-compat/share", "./Share" },
266 { "/opt/usr/share/.osp-compat/share2", "./Share2" },
267 { "/opt/usr/media", "./Media" }
270 strncpy(osp_share_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
271 strncat(osp_share_pkgid_path, "share/", 6);
272 strncat(osp_share_pkgid_path, pkgid, strlen(pkgid));
274 strncpy(osp_share2_pkgid_path, _OSP_COMPAT_SHARED_PATH, strlen(_OSP_COMPAT_SHARED_PATH));
275 strncat(osp_share2_pkgid_path, "share2/", 7);
276 strncat(osp_share2_pkgid_path, pkgid, strlen(pkgid));
278 strncpy(mount_info[0].src_path, osp_share_pkgid_path, strlen(osp_share_pkgid_path));
279 strncpy(mount_info[1].src_path, osp_share2_pkgid_path, strlen(osp_share2_pkgid_path));
281 if (chdir(app_rootpath) != 0)
283 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
287 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
289 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
291 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
292 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
295 for (j = i; j > 0; --j)
297 umount2(mount_info[j-1].dest_path, MNT_DETACH);
307 mount_linux_paths(const char* app_rootpath)
310 static const struct _path_info mount_info[] =
313 { "/cache", "./cache" },
315 { "/data", "./data" },
317 { "/dev/pts", "./dev/pts" },
318 { "/dev/shm", "./dev/shm" },
321 { "/lib/modules", "./lib/modules" },
322 { "/media", "./media" },
324 { "/proc", "./proc" },
326 { "/sbin", "./sbin" },
327 { "/smack", "./smack" },
330 { "/sys/fs/cgroup", "./sys/fs/cgroup" },
331 { "/sys/fs/cgroup/systemd", "./sys/fs/cgroup/systemd" },
332 { "/system", "./system" },
336 { "/var/run", "./var/run" },
338 { "/opt/usr", "./opt/usr" },
339 //{ "/opt/var/run", "./opt/var/run" },
340 { "/opt/storage/sdcard","./opt/storage/sdcard" },
343 if (chdir(app_rootpath) != 0)
345 LOGE("chdir() failed path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
349 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); ++i)
351 if (i == 27) // /opt/storage/sdcard
354 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
357 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
359 if (mmc_mounted == 0)
365 LOGI("src path: %s, dest path: %s", mount_info[i].src_path, mount_info[i].dest_path);
366 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
368 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
369 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
372 for (j = i; j > 0; --j)
374 umount2(mount_info[j-1].dest_path, MNT_DETACH);
384 create_osp_external_paths(const char* app_rootpath, const char* pkgid)
386 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
387 char osp_ext_apps_pkgid_share_path[PATH_MAX] = {0, };
388 char osp_ext_apps_pkgid_share2_path[PATH_MAX] = {0, };
389 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
390 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
391 struct _dir_info external_dirs[] =
393 { "./HomeExt", 0000, 0 },
394 { "./ShareExt", 0000, 0 },
395 { "./Share2Ext", 0000, 0 },
396 { "/opt/storage/sdcard/osp", 0777, 0 },
397 { "/opt/storage/sdcard/osp/apps", 0777, 0 },
398 { "/opt/storage/sdcard/osp/share", 0777, 0 },
399 { "/opt/storage/sdcard/osp/share2", 0777, 0 },
405 { "/opt/storage/sdcard/Images", 0777, 0 },
406 { "/opt/storage/sdcard/Sounds", 0777, 0 },
407 { "/opt/storage/sdcard/Videos", 0777, 0 },
408 { "/opt/storage/sdcard/Others", 0777, 0 }
412 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
413 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
414 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
416 strncpy(osp_ext_apps_pkgid_share_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
417 strncat(osp_ext_apps_pkgid_share_path, "/Share", 6);
419 strncpy(osp_ext_apps_pkgid_share2_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
420 strncat(osp_ext_apps_pkgid_share2_path, "/Share2", 7);
422 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
423 strncat(osp_ext_share_pkgid_path, "share/", 6);
424 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
426 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
427 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
428 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
430 strncpy(external_dirs[7].path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
431 strncpy(external_dirs[8].path, osp_ext_apps_pkgid_share_path, strlen(osp_ext_apps_pkgid_share_path));
432 strncpy(external_dirs[9].path, osp_ext_apps_pkgid_share2_path, strlen(osp_ext_apps_pkgid_share2_path));
433 strncpy(external_dirs[10].path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
434 strncpy(external_dirs[11].path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
436 if (chdir(app_rootpath) != 0)
438 LOGE("chdir() failed (%s), path: %s", strerror(errno), app_rootpath);
442 for (i = 0; i < sizeof(external_dirs)/sizeof(struct _dir_info); i++)
444 int ret = mkdir(external_dirs[i].path, external_dirs[i].mode);
445 if (ret == -1 && errno != 17) // EEXIST
447 LOGE("mkdir() failed, path: %s, errno: %d (%s)", external_dirs[i].path, errno, strerror(errno));
456 mount_osp_external_paths(const char* app_rootpath, const char* pkgid)
458 char osp_ext_apps_pkgid_path[PATH_MAX] = {0, };
459 char osp_ext_share_pkgid_path[PATH_MAX] = {0, };
460 char osp_ext_share2_pkgid_path[PATH_MAX] = {0, };
461 struct _path_info mount_info[] =
463 { "/opt/storage/sdcard", "./Storagecard/Media" },
464 { "/opt/storage/sdcard/osp/share", "./ShareExt" },
465 { "/opt/storage/sdcard/osp/share2", "./Share2Ext" },
466 { "\0", "./HomeExt" },
467 { "\0", "./HomeExt/Share" },
468 { "\0", "./HomeExt/Share2" }
472 strncpy(osp_ext_apps_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
473 strncat(osp_ext_apps_pkgid_path, "apps/", 5);
474 strncat(osp_ext_apps_pkgid_path, pkgid, strlen(pkgid));
476 strncpy(osp_ext_share_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
477 strncat(osp_ext_share_pkgid_path, "share/", 6);
478 strncat(osp_ext_share_pkgid_path, pkgid, strlen(pkgid));
480 strncpy(osp_ext_share2_pkgid_path, _EXT_OSP_HOME_PATH, strlen(_EXT_OSP_HOME_PATH));
481 strncat(osp_ext_share2_pkgid_path, "share2/", 7);
482 strncat(osp_ext_share2_pkgid_path, pkgid, strlen(pkgid));
484 strncpy(mount_info[3].src_path, osp_ext_apps_pkgid_path, strlen(osp_ext_apps_pkgid_path));
485 strncpy(mount_info[4].src_path, osp_ext_share_pkgid_path, strlen(osp_ext_share_pkgid_path));
486 strncpy(mount_info[5].src_path, osp_ext_share2_pkgid_path, strlen(osp_ext_share2_pkgid_path));
488 if (chdir(app_rootpath) != 0)
490 LOGE("chdir() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
493 LOGI("app_rootpath: %s", app_rootpath);
495 for (i = 0; i < sizeof(mount_info)/sizeof(struct _path_info); i++)
497 if (mount(mount_info[i].src_path, mount_info[i].dest_path, NULL, MS_BIND, NULL) != 0)
499 LOGE("mount() failed, src path: %s, dest path: %s, errno: %d (%s)",
500 mount_info[i].src_path, mount_info[i].dest_path, errno, strerror(errno));
503 for (j = i; j > 0; --j)
505 umount2(mount_info[j-1].dest_path, MNT_DETACH);
515 do_pre_exe(const char* bin_path, const char* package_id)
517 char* app_rootpath = NULL;
520 // preload libosp-compat.so.1 for compatibility
521 void* handle = dlopen(OSP_COMPAT_LIB, RTLD_GLOBAL);
524 LOGI("%s is preloaded.", OSP_COMPAT_LIB);
527 /* e.g., app_rootdir is "/opt/usr/apps/[pkgId] */
528 app_rootpath = get_app_rootpath_from_path(bin_path);
530 _SECURE_LOGI("[data_caging] do_pre_exe() was called, package id: %s, binary path: %s, app root: %s",
531 package_id, bin_path, app_rootpath);
535 if (!internal_is_mounted(package_id))
537 if (mount_native_paths(app_rootpath) != 0)
541 if (mount_osp_internal_paths(app_rootpath, package_id) != 0)
547 int ret = vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS, &mmc_mounted);
550 LOGE("vconf_get_int(VCONFKEY_SYSMAN_MMC_STATUS) failed.");
552 if (mmc_mounted == 1)
554 LOGI("MMC is mounted.");
555 if (create_osp_external_paths(app_rootpath, package_id) != 0)
560 if (!external_is_mounted(package_id))
562 if (mount_osp_external_paths(app_rootpath, package_id) != 0)
568 LOGI("mount() succeeded.");
570 if (chroot(app_rootpath) != 0)
572 LOGE("chroot() failed, path: %s, errno: %d (%s)", app_rootpath, errno, strerror(errno));
577 LOGE("chdir() failed, path: /, errno: %d (%s)", errno, strerror(errno));
580 LOGI("chroot() succeeded.");
582 if (chdir("/data") != 0)
584 LOGE("chdir() failed, path: /data, errno: %d (%s)", errno, strerror(errno));
591 LOGI("[data_caging] do_pre_exe() succeeded.");
598 LOGI("[data_caging] do_pre_exe() failed.");
603 do_virtual_root(const char* virtual_root_path, const char* package_id)
605 _SECURE_LOGI("[virtual_root] do_virtual_root() was called, virtual root path: %s, package id: %s",
606 virtual_root_path, package_id);
610 if (!internal_is_mounted(package_id))
612 if (mount_linux_paths(virtual_root_path) != 0)
617 LOGI("mount() succeeded.");
619 if (chroot(virtual_root_path) != 0)
621 LOGE("chroot() failed. path: %s, errno: %d (%s)", virtual_root_path, errno, strerror(errno));
626 LOGE("chdir() failed. path: /data, errno: %d (%s)", errno, strerror(errno));
629 LOGI("chroot() succeeded.");
633 LOGI("[virtual_root] do_virtual_root() succeeded.");
639 LOGI("[virtual_root] do_virtual_root() failed.");
644 do_pre_exec(const char* package_name, const char* bin_path)
646 char* app_rootpath = NULL;
647 char app_compat_path[PATH_MAX] = { 0, };
648 const char app_compat_file[] = "/info/compat.info\0";
649 char osp_app_data_path[PATH_MAX] = { 0, };
652 _SECURE_LOGI("do_pre_exec() is called, app name: %s, binary path: %s", package_name, bin_path);
654 app_rootpath = get_app_rootpath_from_path(bin_path);
656 strncpy(app_compat_path, app_rootpath, strlen(app_rootpath));
657 strncat(app_compat_path, app_compat_file, strlen(app_compat_file));
658 if (access(app_compat_path, F_OK) == 0)
663 appinfo_init(package_name, 0);
664 appinfo_set_compat(osp_compat);
666 const char* package_id = appinfo_get_packageid();
668 _SECURE_LOGI("package id: %s, binary path: %s, OSP compat: %d", package_id, bin_path, osp_compat);
670 // FIXME: Temporary code with security risk
671 prctl(PR_SET_KEEPCAPS, 1);
676 //unshare(CLONE_NEWNS);
677 return do_pre_exe(bin_path, package_id);
680 char virtual_root_file[PATH_MAX] = { 0, };
681 const char virtual_root_info[] = "/info/virtualroot.info";
682 strncpy(virtual_root_file, app_rootpath, strlen(app_rootpath));
683 strncat(virtual_root_file, virtual_root_info, strlen(virtual_root_info));
684 if (access(virtual_root_file, F_OK) == 0)
686 LOGI("This is virtual root application.");
687 int fd = open(virtual_root_file, O_RDONLY);
690 LOGE("failed to open %s, errno: %d (%s)", virtual_root_file, errno, strerror(errno));
694 char user_path[PATH_MAX] = { 0, };
695 int read_bytes = read(fd, user_path, PATH_MAX);
698 LOGE("failed to read %s, errno: %d (%s)", virtual_root_file, errno, strerror(errno));
704 char virtual_root_path[PATH_MAX] = { 0, };
705 sprintf(virtual_root_path, "%s/data/%s", app_rootpath, user_path);
707 int res = do_virtual_root(virtual_root_path, package_id);
712 // API version is equal to or greater than Tizen 2.0
713 // Set current working dir to "/opt/apps/{pkgId}/data"
714 strncpy(osp_app_data_path, app_rootpath, strlen(app_rootpath));
715 strncat(osp_app_data_path, "/data", strlen("/data"));
717 if (chdir(osp_app_data_path) != 0)
719 LOGE("chdir() failed, path: %s, errno: %d (%s)", osp_app_data_path, errno, strerror(errno));
723 LOGI("[data_caging] do_pre_exec() succeeded.");