1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "appspawn_hook.h"
16 #include "appspawn_msg.h"
17 #include "appspawn_manager.h"
18 #include "appspawn_utils.h"
19 #include "parameter.h"
20 #include "securec.h"
21 
22 // for stub
23 extern bool may_init_gwp_asan(bool forceInit);
24 
25 // ide-asan
26 #ifndef ASAN_DETECTOR
27 
28 #if defined(__aarch64__) || defined(__x86_64__)
29 #define ASAN_LD_PRELOAD "/system/lib64/libclang_rt.asan.so"
30 #else
31 #define ASAN_LD_PRELOAD "/system/lib/libclang_rt.asan.so"
32 #endif
33 #define HWASAN_LD_PRELOAD "/system/lib64/libclang_rt.hwasan.so"
34 #define TSAN_LD_PRELOAD "/system/lib64/libclang_rt.tsan.so"
35 
36 #define ASAN_OPTIONS "include=/system/etc/asan.options"
37 #define HWASAN_OPTIONS "include=/system/etc/asan.options"
38 #define TSAN_OPTIONS "include=/system/etc/tsan.options"
39 #define UBSAN_OPTIONS "print_stacktrace=1:print_module_map=2:log_exe_name=1"
40 
41 // 配置表数据
42 static const EnvConfig g_configTable[] = {
43     { APP_FLAGS_HWASAN_ENABLED, HWASAN_LD_PRELOAD, NULL, NULL, NULL, HWASAN_OPTIONS },
44     { APP_FLAGS_ASANENABLED, ASAN_LD_PRELOAD, ASAN_OPTIONS, NULL, NULL, NULL },
45     { APP_FLAGS_TSAN_ENABLED, TSAN_LD_PRELOAD, NULL, TSAN_OPTIONS, NULL, NULL },
46     { APP_FLAGS_UBSAN_ENABLED, NULL, NULL, NULL, UBSAN_OPTIONS, NULL },
47 };
48 
SetAsanEnabledEnv(const AppSpawnMgr * content,const AppSpawningCtx * property)49 static int SetAsanEnabledEnv(const AppSpawnMgr *content, const AppSpawningCtx *property)
50 {
51     size_t configTableSize = sizeof(g_configTable) / sizeof(g_configTable[0]);
52     for (size_t i = 0; i < configTableSize; ++i) {
53         if (CheckAppMsgFlagsSet(property, g_configTable[i].flag)) {
54             if (g_configTable[i].ldPreload) {
55                 setenv("LD_PRELOAD", g_configTable[i].ldPreload, 1);
56             }
57             if (g_configTable[i].asanOptions) {
58                 setenv("ASAN_OPTIONS", g_configTable[i].asanOptions, 1);
59             } else {
60                 unsetenv("ASAN_OPTIONS");
61             }
62             if (g_configTable[i].tsanOptions) {
63                 setenv("TSAN_OPTIONS", g_configTable[i].tsanOptions, 1);
64             } else {
65                 unsetenv("TSAN_OPTIONS");
66             }
67             if (g_configTable[i].ubsanOptions) {
68                 setenv("UBSAN_OPTIONS", g_configTable[i].ubsanOptions, 1);
69             } else {
70                 unsetenv("UBSAN_OPTIONS");
71             }
72             if (g_configTable[i].hwasanOptions) {
73                 setenv("HWASAN_OPTIONS", g_configTable[i].hwasanOptions, 1);
74             } else {
75                 unsetenv("HWASAN_OPTIONS");
76             }
77             APPSPAWN_LOGV("SetAsanEnabledEnv %{public}d,%{public}s,%{public}s,%{public}s,%{public}s,%{public}s",
78                 g_configTable[i].flag, g_configTable[i].ldPreload, g_configTable[i].asanOptions,
79                 g_configTable[i].tsanOptions, g_configTable[i].ubsanOptions, g_configTable[i].hwasanOptions);
80             return 0;
81         }
82     }
83     return -1;
84 }
85 #endif
86 
SetGwpAsanEnabled(const AppSpawnMgr * content,const AppSpawningCtx * property)87 static void SetGwpAsanEnabled(const AppSpawnMgr *content, const AppSpawningCtx *property)
88 {
89     int enforce = CheckAppMsgFlagsSet(property, APP_FLAGS_GWP_ENABLED_FORCE);
90     if (!enforce && !CheckAppMsgFlagsSet(property, APP_FLAGS_GWP_ENABLED_NORMAL)) {
91         return;
92     }
93     APPSPAWN_LOGV("SetGwpAsanEnabled with flags: %{public}d", enforce);
94     may_init_gwp_asan(enforce);
95 }
96 
97 #ifdef ASAN_DETECTOR
98 #define WRAP_VALUE_MAX_LENGTH 96
CheckSupportColdStart(const char * bundleName)99 static int CheckSupportColdStart(const char *bundleName)
100 {
101     char wrapBundleNameKey[WRAP_VALUE_MAX_LENGTH] = {0};
102     char wrapBundleNameValue[WRAP_VALUE_MAX_LENGTH] = {0};
103 
104     int len = sprintf_s(wrapBundleNameKey, WRAP_VALUE_MAX_LENGTH, "wrap.%s", bundleName);
105     APPSPAWN_CHECK(len > 0 && (len < WRAP_VALUE_MAX_LENGTH), return -1, "Invalid to format wrapBundleNameKey");
106 
107     int ret = GetParameter(wrapBundleNameKey, "", wrapBundleNameValue, WRAP_VALUE_MAX_LENGTH);
108     APPSPAWN_CHECK(ret > 0 && (!strcmp(wrapBundleNameValue, "asan_wrapper")), return -1,
109         "Not wrap %{public}s.", bundleName);
110     APPSPAWN_LOGI("Asan: GetParameter %{public}s the value is %{public}s.", wrapBundleNameKey, wrapBundleNameValue);
111     return 0;
112 }
113 #endif
114 
AsanSpawnGetSpawningFlag(AppSpawnMgr * content,AppSpawningCtx * property)115 static int AsanSpawnGetSpawningFlag(AppSpawnMgr *content, AppSpawningCtx *property)
116 {
117     APPSPAWN_LOGV("Prepare spawn app %{public}s", GetProcessName(property));
118 #ifdef ASAN_DETECTOR
119     if (CheckSupportColdStart(GetBundleName(property)) == 0) {
120         property->client.flags |= APP_COLD_START;
121         property->client.flags |= APP_ASAN_DETECTOR;
122         if (property->forkCtx.coldRunPath) {
123             free(property->forkCtx.coldRunPath);
124         }
125 #ifndef CJAPP_SPAWN
126         property->forkCtx.coldRunPath = strdup("/system/asan/bin/appspawn");
127 #elif NATIVE_SPAWN
128         property->forkCtx.coldRunPath = strdup("/system/asan/bin/nativespawn");
129 #else
130         property->forkCtx.coldRunPath = strdup("/system/asan/bin/cjappspawn");
131 #endif
132         if (property->forkCtx.coldRunPath == NULL) {
133             APPSPAWN_LOGE("Failed to set asan exec path %{public}s", GetProcessName(property));
134         }
135     }
136 #endif
137     return 0;
138 }
139 
AsanSpawnInitSpawningEnv(AppSpawnMgr * content,AppSpawningCtx * property)140 static int AsanSpawnInitSpawningEnv(AppSpawnMgr *content, AppSpawningCtx *property)
141 {
142     if (GetAppSpawnMsgType(property) == MSG_SPAWN_NATIVE_PROCESS) {
143         return 0;
144     }
145 #ifndef ASAN_DETECTOR
146     int ret = SetAsanEnabledEnv(content, property);
147     if (ret == 0) {
148         APPSPAWN_LOGI("SetAsanEnabledEnv cold start app %{public}s", GetProcessName(property));
149         property->client.flags |= APP_COLD_START;
150     }
151 #endif
152     (void)SetGwpAsanEnabled(content, property);
153     return 0;
154 }
155 
MODULE_CONSTRUCTOR(void)156 MODULE_CONSTRUCTOR(void)
157 {
158     APPSPAWN_LOGV("Load asan module ...");
159     AddAppSpawnHook(STAGE_CHILD_PRE_COLDBOOT, HOOK_PRIO_COMMON, AsanSpawnInitSpawningEnv);
160     AddAppSpawnHook(STAGE_PARENT_PRE_FORK, HOOK_PRIO_COMMON, AsanSpawnGetSpawningFlag);
161 }
162