You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
250 lines
7.6 KiB
250 lines
7.6 KiB
4 months ago
|
/* util.h
|
||
|
* Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
|
||
|
* Use of this source code is governed by a BSD-style license that can be
|
||
|
* found in the LICENSE file.
|
||
|
*
|
||
|
* Logging and other utility functions.
|
||
|
*/
|
||
|
|
||
|
#ifndef _UTIL_H_
|
||
|
#define _UTIL_H_
|
||
|
|
||
|
#include <stdbool.h>
|
||
|
#include <stdio.h>
|
||
|
#include <stdlib.h>
|
||
|
#include <sys/types.h>
|
||
|
#include <syslog.h>
|
||
|
#include <unistd.h>
|
||
|
|
||
|
#include "libsyscalls.h"
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
/*
|
||
|
* Silence compiler warnings for unused variables/functions.
|
||
|
*
|
||
|
* If the definition is actually used, the attribute should be removed, but if
|
||
|
* it's forgotten or left in place, it doesn't cause a problem.
|
||
|
*
|
||
|
* If the definition is actually unused, the compiler is free to remove it from
|
||
|
* the output so as to save size. If you want to make sure the definition is
|
||
|
* kept (e.g. for ABI compatibility), look at the "used" attribute instead.
|
||
|
*/
|
||
|
#define attribute_unused __attribute__((__unused__))
|
||
|
|
||
|
/*
|
||
|
* Mark the symbol as "weak" in the ELF output. This provides a fallback symbol
|
||
|
* that may be overriden at link time. See this page for more details:
|
||
|
* https://en.wikipedia.org/wiki/Weak_symbol
|
||
|
*/
|
||
|
#define attribute_weak __attribute__((__weak__))
|
||
|
|
||
|
/*
|
||
|
* Mark the function as a printf-style function.
|
||
|
* @format_idx The index in the function argument list where the format string
|
||
|
* is passed (where the first argument is "1").
|
||
|
* @check_idx The index in the function argument list where the first argument
|
||
|
* used in the format string is passed.
|
||
|
* Some examples:
|
||
|
* foo([1] const char *format, [2] ...): format=1 check=2
|
||
|
* foo([1] int, [2] const char *format, [3] ...): format=2 check=3
|
||
|
* foo([1] const char *format, [2] const char *, [3] ...): format=1 check=3
|
||
|
*/
|
||
|
#define attribute_printf(format_idx, check_idx) \
|
||
|
__attribute__((__format__(__printf__, format_idx, check_idx)))
|
||
|
|
||
|
/* clang-format off */
|
||
|
#define die(_msg, ...) \
|
||
|
do_fatal_log(LOG_ERR, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__)
|
||
|
|
||
|
#define pdie(_msg, ...) \
|
||
|
die(_msg ": %m", ## __VA_ARGS__)
|
||
|
|
||
|
#define warn(_msg, ...) \
|
||
|
do_log(LOG_WARNING, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__)
|
||
|
|
||
|
#define pwarn(_msg, ...) \
|
||
|
warn(_msg ": %m", ## __VA_ARGS__)
|
||
|
|
||
|
#define info(_msg, ...) \
|
||
|
do_log(LOG_INFO, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__)
|
||
|
|
||
|
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
|
||
|
/* clang-format on */
|
||
|
|
||
|
extern const char *log_syscalls[];
|
||
|
extern const size_t log_syscalls_len;
|
||
|
|
||
|
enum logging_system_t {
|
||
|
/* Log to syslog. This is the default. */
|
||
|
LOG_TO_SYSLOG = 0,
|
||
|
|
||
|
/* Log to a file descriptor. */
|
||
|
LOG_TO_FD,
|
||
|
};
|
||
|
|
||
|
/*
|
||
|
* Even though this function internally calls abort(2)/exit(2), it is
|
||
|
* intentionally not marked with the noreturn attribute. When marked as
|
||
|
* noreturn, clang coalesces several of the do_fatal_log() calls in methods that
|
||
|
* have a large number of such calls (like minijail_enter()), making it
|
||
|
* impossible for breakpad to correctly identify the line where it was called,
|
||
|
* making the backtrace somewhat useless.
|
||
|
*/
|
||
|
extern void do_fatal_log(int priority, const char *format, ...)
|
||
|
attribute_printf(2, 3);
|
||
|
|
||
|
extern void do_log(int priority, const char *format, ...)
|
||
|
attribute_printf(2, 3);
|
||
|
|
||
|
static inline int is_android(void)
|
||
|
{
|
||
|
#if defined(__ANDROID__)
|
||
|
return 1;
|
||
|
#else
|
||
|
return 0;
|
||
|
#endif
|
||
|
}
|
||
|
|
||
|
static inline bool compiled_with_asan(void)
|
||
|
{
|
||
|
#if defined(__SANITIZE_ADDRESS__)
|
||
|
/* For gcc. */
|
||
|
return true;
|
||
|
#elif defined(__has_feature)
|
||
|
/* For clang. */
|
||
|
return __has_feature(address_sanitizer) ||
|
||
|
__has_feature(hwaddress_sanitizer);
|
||
|
#else
|
||
|
return false;
|
||
|
#endif
|
||
|
}
|
||
|
|
||
|
void __asan_init(void) attribute_weak;
|
||
|
void __hwasan_init(void) attribute_weak;
|
||
|
|
||
|
static inline bool running_with_asan(void)
|
||
|
{
|
||
|
/*
|
||
|
* There are some configurations under which ASan needs a dynamic (as
|
||
|
* opposed to compile-time) test. Some Android processes that start
|
||
|
* before /data is mounted run with non-instrumented libminijail.so, so
|
||
|
* the symbol-sniffing code must be present to make the right decision.
|
||
|
*/
|
||
|
return compiled_with_asan() || &__asan_init != 0 || &__hwasan_init != 0;
|
||
|
}
|
||
|
|
||
|
static inline bool debug_logging_allowed(void) {
|
||
|
#if defined(ALLOW_DEBUG_LOGGING)
|
||
|
return true;
|
||
|
#else
|
||
|
return false;
|
||
|
#endif
|
||
|
}
|
||
|
|
||
|
static inline size_t get_num_syscalls(void)
|
||
|
{
|
||
|
return syscall_table_size;
|
||
|
}
|
||
|
|
||
|
int lookup_syscall(const char *name, size_t *ind);
|
||
|
const char *lookup_syscall_name(int nr);
|
||
|
|
||
|
long int parse_single_constant(char *constant_str, char **endptr);
|
||
|
long int parse_constant(char *constant_str, char **endptr);
|
||
|
int parse_size(size_t *size, const char *sizespec);
|
||
|
|
||
|
char *strip(char *s);
|
||
|
|
||
|
/*
|
||
|
* tokenize: locate the next token in @stringp using the @delim
|
||
|
* @stringp A pointer to the string to scan for tokens
|
||
|
* @delim The delimiter to split by
|
||
|
*
|
||
|
* Note that, unlike strtok, @delim is not a set of characters, but the full
|
||
|
* delimiter. e.g. "a,;b,;c" with a delim of ",;" will yield ["a","b","c"].
|
||
|
*
|
||
|
* Note that, unlike strtok, this may return an empty token. e.g. "a,,b" with
|
||
|
* strtok will yield ["a","b"], but this will yield ["a","","b"].
|
||
|
*/
|
||
|
char *tokenize(char **stringp, const char *delim);
|
||
|
|
||
|
char *path_join(const char *external_path, const char *internal_path);
|
||
|
|
||
|
/*
|
||
|
* consumebytes: consumes @length bytes from a buffer @buf of length @buflength
|
||
|
* @length Number of bytes to consume
|
||
|
* @buf Buffer to consume from
|
||
|
* @buflength Size of @buf
|
||
|
*
|
||
|
* Returns a pointer to the base of the bytes, or NULL for errors.
|
||
|
*/
|
||
|
void *consumebytes(size_t length, char **buf, size_t *buflength);
|
||
|
|
||
|
/*
|
||
|
* consumestr: consumes a C string from a buffer @buf of length @length
|
||
|
* @buf Buffer to consume
|
||
|
* @length Length of buffer
|
||
|
*
|
||
|
* Returns a pointer to the base of the string, or NULL for errors.
|
||
|
*/
|
||
|
char *consumestr(char **buf, size_t *buflength);
|
||
|
|
||
|
/*
|
||
|
* init_logging: initializes the module-wide logging.
|
||
|
* @logger The logging system to use.
|
||
|
* @fd The file descriptor to log into. Ignored unless
|
||
|
* @logger = LOG_TO_FD.
|
||
|
* @min_priority The minimum priority to display. Corresponds to syslog's
|
||
|
priority parameter. Ignored unless @logger = LOG_TO_FD.
|
||
|
*/
|
||
|
void init_logging(enum logging_system_t logger, int fd, int min_priority);
|
||
|
|
||
|
/*
|
||
|
* minjail_free_env: Frees an environment array plus the environment strings it
|
||
|
* points to. The environment and its constituent strings must have been
|
||
|
* allocated (as opposed to pointing to static data), e.g. by using
|
||
|
* minijail_copy_env() and minijail_setenv().
|
||
|
*
|
||
|
* @env The environment to free.
|
||
|
*/
|
||
|
void minijail_free_env(char **env);
|
||
|
|
||
|
/*
|
||
|
* minjail_copy_env: Copy an environment array (such as passed to execve),
|
||
|
* duplicating the environment strings and the array pointing at them.
|
||
|
*
|
||
|
* @env The environment to copy.
|
||
|
*
|
||
|
* Returns a pointer to the copied environment or NULL on memory allocation
|
||
|
* failure.
|
||
|
*/
|
||
|
char **minijail_copy_env(char *const *env);
|
||
|
|
||
|
/*
|
||
|
* minjail_setenv: Set an environment variable in @env. Semantics match the
|
||
|
* standard setenv() function, but this operates on @env, not the global
|
||
|
* environment. @env must be dynamically allocated (as opposed to pointing to
|
||
|
* static data), e.g. via minijail_copy_env(). @name and @value get copied into
|
||
|
* newly-allocated memory.
|
||
|
*
|
||
|
* @env Address of the environment to modify. Might be re-allocated to
|
||
|
* make room for the new entry.
|
||
|
* @name Name of the key to set.
|
||
|
* @value The value to set.
|
||
|
* @overwrite Whether to replace the existing value for @name. If non-zero and
|
||
|
* the entry is already present, no changes will be made.
|
||
|
*
|
||
|
* Returns 0 and modifies *@env on success, returns an error code otherwise.
|
||
|
*/
|
||
|
int minijail_setenv(char ***env, const char *name, const char *value,
|
||
|
int overwrite);
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}; /* extern "C" */
|
||
|
#endif
|
||
|
|
||
|
#endif /* _UTIL_H_ */
|