1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
|
/*
* Copyright (C) 2024 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "FileSystemUtils"
#include "com_android_internal_content_FileSystemUtils.h"
#include <android-base/file.h>
#include <android-base/hex.h>
#include <android-base/unique_fd.h>
#include <bionic/macros.h>
#include <elf.h>
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <linux/fs.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <utils/Log.h>
#include <array>
#include <fstream>
#include <vector>
using android::base::borrowed_fd;
using android::base::HexString;
using android::base::ReadFullyAtOffset;
namespace android {
bool punchWithBlockAlignment(borrowed_fd fd, uint64_t start, uint64_t length, uint64_t blockSize) {
uint64_t end;
if (__builtin_add_overflow(start, length, &end)) {
ALOGE("Overflow occurred when calculating end");
return false;
}
start = align_up(start, blockSize);
end = align_down(end, blockSize);
uint64_t alignedLength;
if (__builtin_sub_overflow(end, start, &alignedLength)) {
ALOGE("Overflow occurred when calculating length");
return false;
}
if (alignedLength < blockSize) {
ALOGW("Skipping punching hole as aligned length is less than block size");
return false;
}
ALOGD("Punching hole in file - start: %" PRIu64 " len:%" PRIu64 "", start, alignedLength);
int result =
fallocate(fd.get(), FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, start, alignedLength);
if (result < 0) {
ALOGE("fallocate failed to punch hole, error:%d", errno);
return false;
}
return true;
}
bool punchHoles(const char *filePath, const uint64_t offset,
const std::vector<Elf64_Phdr> &programHeaders) {
struct stat64 beforePunch;
if (int result = lstat64(filePath, &beforePunch); result != 0) {
ALOGE("lstat64 failed for filePath %s, error:%d", filePath, errno);
return false;
}
uint64_t blockSize = beforePunch.st_blksize;
IF_ALOGD() {
ALOGD("Total number of LOAD segments %zu", programHeaders.size());
ALOGD("Size before punching holes st_blocks: %" PRIu64
", st_blksize: %ld, st_size: %" PRIu64 "",
beforePunch.st_blocks, beforePunch.st_blksize,
static_cast<uint64_t>(beforePunch.st_size));
}
android::base::unique_fd fd(open(filePath, O_RDWR | O_CLOEXEC));
if (!fd.ok()) {
ALOGE("Can't open file to punch %s", filePath);
return false;
}
// read in chunks of 64KB
constexpr uint64_t kChunkSize = 64 * 1024;
// malloc is used to gracefully handle oom which might occur during the allocation of buffer.
// allocating using new or vector here results in oom/exception on failure where as malloc will
// return nullptr.
std::unique_ptr<uint8_t, decltype(&free)> buffer(static_cast<uint8_t *>(malloc(kChunkSize)),
&free);
if (buffer == nullptr) {
ALOGE("Failed to allocate read buffer");
return false;
}
for (size_t index = 0; programHeaders.size() >= 2 && index < programHeaders.size() - 1;
index++) {
// find LOAD segments from program headers, calculate padding and punch holes
uint64_t punchOffset;
if (__builtin_add_overflow(programHeaders[index].p_offset, programHeaders[index].p_filesz,
&punchOffset)) {
ALOGE("Overflow occurred when adding offset and filesize");
return false;
}
uint64_t punchLen;
if (__builtin_sub_overflow(programHeaders[index + 1].p_offset, punchOffset, &punchLen)) {
ALOGE("Overflow occurred when calculating length");
return false;
}
if (punchLen < blockSize) {
continue;
}
// if we have a uncompressed file which is being opened from APK, use the offset to
// punch native lib inside Apk.
uint64_t punchStartOffset;
if (__builtin_add_overflow(offset, punchOffset, &punchStartOffset)) {
ALOGE("Overflow occurred when calculating length");
return false;
}
uint64_t position = punchStartOffset;
uint64_t endPosition;
if (__builtin_add_overflow(position, punchLen, &endPosition)) {
ALOGE("Overflow occurred when calculating length");
return false;
}
// Read content in kChunkSize and verify it is zero
while (position <= endPosition) {
uint64_t uncheckedChunkEnd;
if (__builtin_add_overflow(position, kChunkSize, &uncheckedChunkEnd)) {
ALOGE("Overflow occurred when calculating uncheckedChunkEnd");
return false;
}
uint64_t readLength;
if (__builtin_sub_overflow(std::min(uncheckedChunkEnd, endPosition), position,
&readLength)) {
ALOGE("Overflow occurred when calculating readLength");
return false;
}
if (!ReadFullyAtOffset(fd, buffer.get(), readLength, position)) {
ALOGE("Failed to read content to punch holes");
return false;
}
IF_ALOGD() {
ALOGD("Punching holes for length:%" PRIu64 " content which should be zero: %s",
readLength, HexString(buffer.get(), readLength).c_str());
}
bool isZero = std::all_of(buffer.get(), buffer.get() + readLength,
[](uint8_t i) constexpr { return i == 0; });
if (!isZero) {
ALOGE("Found non zero content while trying to punch hole. Skipping operation");
return false;
}
position = uncheckedChunkEnd;
}
if (!punchWithBlockAlignment(fd, punchStartOffset, punchLen, blockSize)) {
return false;
}
}
IF_ALOGD() {
struct stat64 afterPunch;
if (int result = lstat64(filePath, &afterPunch); result != 0) {
ALOGD("lstat64 failed for filePath %s, error:%d", filePath, errno);
return false;
}
ALOGD("Size after punching holes st_blocks: %" PRIu64 ", st_blksize: %ld, st_size: %" PRIu64
"",
afterPunch.st_blocks, afterPunch.st_blksize,
static_cast<uint64_t>(afterPunch.st_size));
}
return true;
}
bool punchHolesInElf64(const char *filePath, const uint64_t offset) {
// Open Elf file
Elf64_Ehdr ehdr;
std::ifstream inputStream(filePath, std::ifstream::in);
// If this is a zip file, set the offset so that we can read elf file directly
inputStream.seekg(offset);
// read executable headers
inputStream.read((char *)&ehdr, sizeof(ehdr));
if (!inputStream.good()) {
return false;
}
// only consider elf64 for punching holes
if (ehdr.e_ident[EI_CLASS] != ELFCLASS64) {
ALOGW("Provided file is not ELF64");
return false;
}
// read the program headers from elf file
uint64_t programHeaderOffset = ehdr.e_phoff;
uint16_t programHeaderNum = ehdr.e_phnum;
IF_ALOGD() {
ALOGD("Punching holes in file: %s programHeaderOffset: %" PRIu64 " programHeaderNum: %hu",
filePath, programHeaderOffset, programHeaderNum);
}
// if this is a zip file, also consider elf offset inside a file
uint64_t phOffset;
if (__builtin_add_overflow(offset, programHeaderOffset, &phOffset)) {
ALOGE("Overflow occurred when calculating phOffset");
return false;
}
inputStream.seekg(phOffset);
std::vector<Elf64_Phdr> programHeaders;
for (int headerIndex = 0; headerIndex < programHeaderNum; headerIndex++) {
Elf64_Phdr header;
inputStream.read((char *)&header, sizeof(header));
if (!inputStream.good()) {
return false;
}
if (header.p_type != PT_LOAD) {
continue;
}
programHeaders.push_back(header);
}
return punchHoles(filePath, offset, programHeaders);
}
bool punchHolesInZip(const char *filePath, uint64_t offset, uint16_t extraFieldLen) {
android::base::unique_fd fd(open(filePath, O_RDWR | O_CLOEXEC));
if (!fd.ok()) {
ALOGE("Can't open file to punch %s", filePath);
return false;
}
struct stat64 beforePunch;
if (int result = lstat64(filePath, &beforePunch); result != 0) {
ALOGE("lstat64 failed for filePath %s, error:%d", filePath, errno);
return false;
}
uint64_t blockSize = beforePunch.st_blksize;
IF_ALOGD() {
ALOGD("Extra field length: %hu, Size before punching holes st_blocks: %" PRIu64
", st_blksize: %ld, st_size: %" PRIu64 "",
extraFieldLen, beforePunch.st_blocks, beforePunch.st_blksize,
static_cast<uint64_t>(beforePunch.st_size));
}
if (extraFieldLen < blockSize) {
ALOGD("Skipping punching apk as extra field length is less than block size");
return false;
}
// content is preceded by extra field. Zip offset is offset of exact content.
// move back by extraFieldLen so that scan can be started at start of extra field.
uint64_t extraFieldStart;
if (__builtin_sub_overflow(offset, extraFieldLen, &extraFieldStart)) {
ALOGE("Overflow occurred when calculating start of extra field");
return false;
}
constexpr uint64_t kMaxSize = 64 * 1024;
// Use malloc to gracefully handle any oom conditions
std::unique_ptr<uint8_t, decltype(&free)> buffer(static_cast<uint8_t *>(malloc(kMaxSize)),
&free);
if (buffer == nullptr) {
ALOGE("Failed to allocate read buffer");
return false;
}
// Read the entire extra fields at once and punch file according to zero stretches.
if (!ReadFullyAtOffset(fd, buffer.get(), extraFieldLen, extraFieldStart)) {
ALOGE("Failed to read extra field content");
return false;
}
IF_ALOGD() {
ALOGD("Extra field length: %hu content near offset: %s", extraFieldLen,
HexString(buffer.get(), extraFieldLen).c_str());
}
uint64_t currentSize = 0;
while (currentSize < extraFieldLen) {
uint64_t end = currentSize;
// find zero ranges
while (end < extraFieldLen && *(buffer.get() + end) == 0) {
++end;
}
uint64_t punchLen;
if (__builtin_sub_overflow(end, currentSize, &punchLen)) {
ALOGW("Overflow occurred when calculating punching length");
return false;
}
// Don't punch for every stretch of zero which is found
if (punchLen > blockSize) {
uint64_t punchOffset;
if (__builtin_add_overflow(extraFieldStart, currentSize, &punchOffset)) {
ALOGW("Overflow occurred when calculating punch start offset");
return false;
}
if (!punchWithBlockAlignment(fd, punchOffset, punchLen, blockSize)) {
return false;
}
}
currentSize = end;
++currentSize;
}
IF_ALOGD() {
struct stat64 afterPunch;
if (int result = lstat64(filePath, &afterPunch); result != 0) {
ALOGD("lstat64 failed for filePath %s, error:%d", filePath, errno);
return false;
}
ALOGD("punchHolesInApk:: Size after punching holes st_blocks: %" PRIu64
", st_blksize: %ld, st_size: %" PRIu64 "",
afterPunch.st_blocks, afterPunch.st_blksize,
static_cast<uint64_t>(afterPunch.st_size));
}
return true;
}
}; // namespace android
|
