/*
* Copyright (C) 2018 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "apexd"
#include "apexd_loop.h"
#include <dirent.h>
#include <fcntl.h>
#include <linux/fs.h>
#include <linux/loop.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include "apexd_utils.h"
#include "string_log.h"
using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::unique_fd;
namespace android {
namespace apex {
namespace loop {
static constexpr const char* kApexLoopIdPrefix = "apex:";
// 128 kB read-ahead, which we currently use for /system as well
static constexpr const char* kReadAheadKb = "128";
// TODO(b/122059364): Even though the kernel has created the loop
// device, we still depend on ueventd to run to actually create the
// device node in userspace. To solve this properly we should listen on
// the netlink socket for uevents, or use inotify. For now, this will
// have to do.
static constexpr size_t kLoopDeviceRetryAttempts = 3u;
void LoopbackDeviceUniqueFd::MaybeCloseBad() {
if (device_fd.get() != -1) {
// Disassociate any files.
if (ioctl(device_fd.get(), LOOP_CLR_FD) == -1) {
PLOG(ERROR) << "Unable to clear fd for loopback device";
}
}
}
Status configureReadAhead(const std::string& device_path) {
auto pos = device_path.find("/dev/block/");
if (pos != 0) {
return Status::Fail(StringLog()
<< "Device path does not start with /dev/block.");
}
pos = device_path.find_last_of('/');
std::string device_name = device_path.substr(pos + 1, std::string::npos);
std::string sysfs_device =
StringPrintf("/sys/block/%s/queue/read_ahead_kb", device_name.c_str());
unique_fd sysfs_fd(open(sysfs_device.c_str(), O_RDWR | O_CLOEXEC));
if (sysfs_fd.get() == -1) {
return Status::Fail(PStringLog() << "Failed to open " << sysfs_device);
}
int ret = TEMP_FAILURE_RETRY(
write(sysfs_fd.get(), kReadAheadKb, strlen(kReadAheadKb) + 1));
if (ret < 0) {
return Status::Fail(PStringLog() << "Failed to write to " << sysfs_device);
}
return Status::Success();
}
Status preAllocateLoopDevices(size_t num) {
Status loopReady = WaitForFile("/dev/loop-control", 20s);
if (!loopReady.Ok()) {
return loopReady;
}
unique_fd ctl_fd(
TEMP_FAILURE_RETRY(open("/dev/loop-control", O_RDWR | O_CLOEXEC)));
if (ctl_fd.get() == -1) {
return Status::Fail(PStringLog() << "Failed to open loop-control");
}
// Assumption: loop device ID [0..num) is valid.
// This is because pre-allocation happens during bootstrap.
// Anyway Kernel pre-allocated loop devices
// as many as CONFIG_BLK_DEV_LOOP_MIN_COUNT,
// Within the amount of kernel-pre-allocation,
// LOOP_CTL_ADD will fail with EEXIST
for (size_t id = 0ul; id < num; ++id) {
int ret = ioctl(ctl_fd.get(), LOOP_CTL_ADD, id);
if (ret < 0 && errno != EEXIST) {
return Status::Fail(PStringLog() << "Failed LOOP_CTL_ADD");
}
}
// Don't wait until the dev nodes are actually created, which
// will delay the boot. By simply returing here, the creation of the dev
// nodes will be done in parallel with other boot processes, and we
// just optimistally hope that they are all created when we actually
// access them for activating APEXes. If the dev nodes are not ready
// even then, we wait 50ms and warning message will be printed (see below
// createLoopDevice()).
LOG(INFO) << "Pre-allocated " << num << " loopback devices";
return Status::Success();
}
StatusOr<LoopbackDeviceUniqueFd> createLoopDevice(const std::string& target,
const int32_t imageOffset,
const size_t imageSize) {
using Failed = StatusOr<LoopbackDeviceUniqueFd>;
unique_fd ctl_fd(open("/dev/loop-control", O_RDWR | O_CLOEXEC));
if (ctl_fd.get() == -1) {
return Failed::MakeError(PStringLog() << "Failed to open loop-control");
}
int num = ioctl(ctl_fd.get(), LOOP_CTL_GET_FREE);
if (num == -1) {
return Failed::MakeError(PStringLog() << "Failed LOOP_CTL_GET_FREE");
}
std::string device = StringPrintf("/dev/block/loop%d", num);
unique_fd target_fd(open(target.c_str(), O_RDONLY | O_CLOEXEC));
if (target_fd.get() == -1) {
return Failed::MakeError(PStringLog() << "Failed to open " << target);
}
LoopbackDeviceUniqueFd device_fd;
{
// See comment on kLoopDeviceRetryAttempts.
unique_fd sysfs_fd;
for (size_t i = 0; i != kLoopDeviceRetryAttempts; ++i) {
sysfs_fd.reset(open(device.c_str(), O_RDWR | O_CLOEXEC));
if (sysfs_fd.get() != -1) {
break;
}
PLOG(WARNING) << "Loopback device " << device
<< " not ready. Waiting 50ms...";
usleep(50000);
}
if (sysfs_fd.get() == -1) {
return Failed::MakeError(PStringLog() << "Failed to open " << device);
}
device_fd = LoopbackDeviceUniqueFd(std::move(sysfs_fd), device);
CHECK_NE(device_fd.get(), -1);
}
if (ioctl(device_fd.get(), LOOP_SET_FD, target_fd.get()) == -1) {
return Failed::MakeError(PStringLog() << "Failed to LOOP_SET_FD");
}
struct loop_info64 li;
memset(&li, 0, sizeof(li));
strlcpy((char*)li.lo_crypt_name, kApexLoopIdPrefix, LO_NAME_SIZE);
li.lo_offset = imageOffset;
li.lo_sizelimit = imageSize;
if (ioctl(device_fd.get(), LOOP_SET_STATUS64, &li) == -1) {
return Failed::MakeError(PStringLog() << "Failed to LOOP_SET_STATUS64");
}
if (ioctl(device_fd.get(), BLKFLSBUF, 0) == -1) {
// This works around a kernel bug where the following happens.
// 1) The device runs with a value of loop.max_part > 0
// 2) As part of LOOP_SET_FD above, we do a partition scan, which loads
// the first 2 pages of the underlying file into the buffer cache
// 3) When we then change the offset with LOOP_SET_STATUS64, those pages
// are not invalidated from the cache.
// 4) When we try to mount an ext4 filesystem on the loop device, the ext4
// code will try to find a superblock by reading 4k at offset 0; but,
// because we still have the old pages at offset 0 lying in the cache,
// those pages will be returned directly. However, those pages contain
// the data at offset 0 in the underlying file, not at the offset that
// we configured
// 5) the ext4 driver fails to find a superblock in the (wrong) data, and
// fails to mount the filesystem.
//
// To work around this, explicitly flush the block device, which will flush
// the buffer cache and make sure we actually read the data at the correct
// offset.
return Failed::MakeError(PStringLog()
<< "Failed to flush buffers on the loop device");
}
// Direct-IO requires the loop device to have the same block size as the
// underlying filesystem.
if (ioctl(device_fd.get(), LOOP_SET_BLOCK_SIZE, 4096) == -1) {
PLOG(WARNING) << "Failed to LOOP_SET_BLOCK_SIZE";
} else {
if (ioctl(device_fd.get(), LOOP_SET_DIRECT_IO, 1) == -1) {
PLOG(WARNING) << "Failed to LOOP_SET_DIRECT_IO";
// TODO Eventually we'll want to fail on this; right now we can't because
// not all devices have the necessary kernel patches.
}
}
Status readAheadStatus = configureReadAhead(device);
if (!readAheadStatus.Ok()) {
return Failed::MakeError(StringLog() << readAheadStatus.ErrorMessage());
}
return StatusOr<LoopbackDeviceUniqueFd>(std::move(device_fd));
}
void DestroyLoopDevice(const std::string& path, const DestroyLoopFn& extra) {
unique_fd fd(open(path.c_str(), O_RDWR | O_CLOEXEC));
if (fd.get() == -1) {
if (errno != ENOENT) {
PLOG(WARNING) << "Failed to open " << path;
}
return;
}
struct loop_info64 li;
if (ioctl(fd.get(), LOOP_GET_STATUS64, &li) < 0) {
if (errno != ENXIO) {
PLOG(WARNING) << "Failed to LOOP_GET_STATUS64 " << path;
}
return;
}
auto id = std::string((char*)li.lo_crypt_name);
if (StartsWith(id, kApexLoopIdPrefix)) {
extra(path, id);
if (ioctl(fd.get(), LOOP_CLR_FD, 0) < 0) {
PLOG(WARNING) << "Failed to LOOP_CLR_FD " << path;
}
}
}
} // namespace loop
} // namespace apex
} // namespace android