From 53a77eca03059f1e974282a53af4ab3c6d1e3ef6 Mon Sep 17 00:00:00 2001 From: steven_q Date: Sat, 25 Feb 2023 12:17:54 +0000 Subject: [PATCH] set context in updater mode Signed-off-by: steven_q Change-Id: I8cb4cc6672a9c018ee3c0a6e17dae2fc4f8743cf --- BUILD.gn | 189 +++++++++++++++++++++++---------------- bundle.json | 3 +- src/common/async_cmd.cpp | 26 ++++++ src/daemon/shell.cpp | 20 +++++ 4 files changed, 162 insertions(+), 76 deletions(-) diff --git a/BUILD.gn b/BUILD.gn index 2d6ec5ff..84bfec63 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -62,91 +62,129 @@ config("hdc_config") { } } -ohos_executable("hdcd") { - use_exceptions = true - sources = [ - "src/daemon/daemon.cpp", - "src/daemon/daemon_app.cpp", - "src/daemon/daemon_forward.cpp", - "src/daemon/daemon_tcp.cpp", - "src/daemon/daemon_unity.cpp", - "src/daemon/daemon_usb.cpp", - "src/daemon/jdwp.cpp", - "src/daemon/main.cpp", - "src/daemon/shell.cpp", - "src/daemon/system_depend.cpp", - ] - sources += hdc_common_sources +template("hdcd_source_set") { + forward_variables_from(invoker, "*") - defines = [ - "HARMONY_PROJECT", - "USE_CONFIG_UV_THREADS", - "SIZE_THREAD_POOL=$hdcd_uv_thread_size", - ] + ohos_source_set(target_name) { + use_exceptions = true + sources = [ + "src/daemon/daemon.cpp", + "src/daemon/daemon_app.cpp", + "src/daemon/daemon_forward.cpp", + "src/daemon/daemon_tcp.cpp", + "src/daemon/daemon_unity.cpp", + "src/daemon/daemon_usb.cpp", + "src/daemon/jdwp.cpp", + "src/daemon/main.cpp", + "src/daemon/shell.cpp", + "src/daemon/system_depend.cpp", + ] + sources += hdc_common_sources - if (hdc_debug) { - defines += [ "HDC_DEBUG" ] + defines = [ + "HARMONY_PROJECT", + "USE_CONFIG_UV_THREADS", + "SIZE_THREAD_POOL=$hdcd_uv_thread_size", + ] + + if (hdc_debug) { + defines += [ "HDC_DEBUG" ] + } + if (hdc_support_uart) { + defines += [ "HDC_SUPPORT_UART" ] + sources += [ "src/daemon/daemon_uart.cpp" ] + } + if (js_jdwp_connect) { + defines += [ "JS_JDWP_CONNECT" ] + } + if (build_variant == "user") { + defines += [ "HDC_BUILD_VARIANT_USER" ] + } + configs = [ ":hdc_config" ] + + deps = [ + "//third_party/libuv:uv", + "//third_party/lz4:liblz4_static", + "//third_party/openssl:libcrypto_shared", + ] + + deps += [ + ":hdc_hash_gen", + "${HDC_PATH}/src/daemon/etc:daemon_etc", + ] + + if (hdc_jdwp_test) { + defines += [ "SIMULATE_JDWP" ] + deps += [ "${HDC_PATH}/src/test/jdwp:jdwp_test" ] + } + + external_deps = [ + "c_utils:utilsbase", + "init:libbegetutil", + ] + + include_dirs = [ + "//third_party/bounds_checking_function/include", + "//third_party/lz4/lib", + "//third_party/openssl/include", + "//third_party/libuv", + ] + + if (build_selinux) { + deps += [ "//third_party/selinux:libselinux" ] + include_dirs += [ "//third_party/selinux/libselinux/include" ] + defines += [ "SURPPORT_SELINUX" ] + if (image_name == "updater") { + defines += [ "UPDATER_MODE" ] + } + } + + if (hdc_version_check) { + defines += [ "HDC_VERSION_CHECK" ] + } + + ldflags = [ "-rdynamic" ] } - if (hdc_support_uart) { - defines += [ "HDC_SUPPORT_UART" ] - sources += [ "src/daemon/daemon_uart.cpp" ] - } - if (js_jdwp_connect) { - defines += [ "JS_JDWP_CONNECT" ] - } - if (build_variant == "user") { - defines += [ "HDC_BUILD_VARIANT_USER" ] - } - configs = [ ":hdc_config" ] +} - deps = [ - "//third_party/libuv:uv", - "//third_party/lz4:liblz4_static", - "//third_party/openssl:libcrypto_shared", - ] - - deps += [ - ":hdc_hash_gen", - "${HDC_PATH}/src/daemon/etc:daemon_etc", - ] - - if (hdc_jdwp_test) { - defines += [ "SIMULATE_JDWP" ] - deps += [ "${HDC_PATH}/src/test/jdwp:jdwp_test" ] +template("build_hdc") { + forward_variables_from(invoker, "*") + image_name = target_name + hdcd_source_set("hdcd_${image_name}_source") { + if (build_selinux) { + image_name = image_name + } } - external_deps = [ - "c_utils:utilsbase", - "init:libbegetutil", - ] - - include_dirs = [ - "//third_party/bounds_checking_function/include", - "//third_party/lz4/lib", - "//third_party/openssl/include", - "//third_party/libuv", - ] - - if (build_selinux) { - deps += [ "//third_party/selinux:libselinux" ] - include_dirs += [ "//third_party/selinux/libselinux/include" ] - defines += [ "SURPPORT_SELINUX" ] + ohos_executable("hdcd_${image_name}_exe") { + deps = [ ":hdcd_${image_name}_source" ] + output_name = "hdcd_${image_name}" + install_enable = false + subsystem_name = "developtools" + part_name = "hdc" } - if (hdc_version_check) { - defines += [ "HDC_VERSION_CHECK" ] + ohos_prebuilt_executable("hdcd_${image_name}") { + deps = [ ":hdcd_${image_name}_exe" ] + output = "${image_name}/hdcd" + install_enable = true + subsystem_name = "developtools" + part_name = "hdc" + source = "${root_out_dir}/${subsystem_name}/${part_name}/hdcd_${image_name}" + module_install_dir = "bin" + install_images = [] + if (image_name == "updater") { + install_images = [ "updater" ] + } else { + install_images = [ "system" ] + } } +} - install_images = [ - "system", - "updater", - ] +build_hdc("system") { +} - ldflags = [ "-rdynamic" ] - - install_enable = true - subsystem_name = "developtools" - part_name = "hdc" +build_hdc("updater") { } ohos_executable("hdc") { @@ -247,7 +285,8 @@ ohos_executable("hdc") { group("hdc_target") { deps = [ ":hdc", - ":hdcd", + ":hdcd_system", + ":hdcd_updater", ] } diff --git a/bundle.json b/bundle.json index f7fd26e7..271198b7 100644 --- a/bundle.json +++ b/bundle.json @@ -33,7 +33,8 @@ }, "build": { "sub_component": [ - "//developtools/hdc:hdcd" + "//developtools/hdc:hdcd_system", + "//developtools/hdc:hdcd_updater" ] } } diff --git a/src/common/async_cmd.cpp b/src/common/async_cmd.cpp index 2c00e030..fb2ea034 100644 --- a/src/common/async_cmd.cpp +++ b/src/common/async_cmd.cpp @@ -13,6 +13,11 @@ * limitations under the License. */ #include "async_cmd.h" +#if !defined(_WIN32) && !defined(HDC_HOST) +#if defined(SURPPORT_SELINUX) && defined(UPDATER_MODE) +#include "selinux/selinux.h" +#endif +#endif namespace Hdc { // Do not add thread-specific init op in the following methods as it's running in child thread. @@ -89,6 +94,24 @@ bool AsyncCmd::ChildReadCallback(const void *context, uint8_t *buf, const int si return thisClass->resultCallback(false, 0, s); }; +#if !defined(_WIN32) && !defined(HDC_HOST) +static void SetSelinuxLabel() +{ +#if defined(SURPPORT_SELINUX) && defined(UPDATER_MODE) + char *con = nullptr; + if (getcon(&con) != 0) { + return; + } + if (strcmp(con, "u:r:hdcd:s0") != 0) { + freecon(con); + return; + } + setcon("u:r:sh:s0"); + freecon(con); +#endif +} +#endif + int AsyncCmd::Popen(string command, bool readWrite, int &cpid) { #ifdef _WIN32 @@ -116,6 +139,9 @@ int AsyncCmd::Popen(string command, bool readWrite, int &cpid) setsid(); setpgid(childPid, childPid); +#if !defined(HDC_HOST) + SetSelinuxLabel(); +#endif string shellPath = Base::GetShellPath(); execl(shellPath.c_str(), shellPath.c_str(), "-c", command.c_str(), NULL); exit(0); diff --git a/src/daemon/shell.cpp b/src/daemon/shell.cpp index 6fcbbeab..34653d54 100644 --- a/src/daemon/shell.cpp +++ b/src/daemon/shell.cpp @@ -24,6 +24,9 @@ #include "unistd.h" #include "base.h" #include "file_descriptor.h" +#if defined(SURPPORT_SELINUX) && defined(UPDATER_MODE) +#include "selinux/selinux.h" +#endif namespace Hdc { std::mutex HdcShell::mutexPty; @@ -143,6 +146,22 @@ int HdcShell::ChildForkDo(int pts, const char *cmd, const char *arg0, const char return 0; } +static void SetSelinuxLabel() +{ +#if defined(SURPPORT_SELINUX) && defined(UPDATER_MODE) + char *con = nullptr; + if (getcon(&con) != 0) { + return; + } + if (strcmp(con, "u:r:hdcd:s0") != 0) { + freecon(con); + return; + } + setcon("u:r:sh:s0"); + freecon(con); +#endif +} + int HdcShell::ShellFork(const char *cmd, const char *arg0, const char *arg1) { pid_t pid; @@ -158,6 +177,7 @@ int HdcShell::ShellFork(const char *cmd, const char *arg0, const char *arg1) Base::DeInitProcess(); HdcShell::mutexPty.unlock(); setsid(); + SetSelinuxLabel(); Base::CloseFd(ptm); int pts = 0; if ((pts = open(devname, O_RDWR | O_CLOEXEC)) < 0) {