Snap for 6022569 from cb6af747 to rvc-release

static constexpr const char* CACHE_DIR_POSTFIX = "/cache";

static constexpr const char* CODE_CACHE_DIR_POSTFIX = "/code_cache";

static constexpr const char *kIdMapPath = "/system/bin/idmap";

static constexpr const char* IDMAP_PREFIX = "/data/resource-cache/";

static constexpr const char* IDMAP_SUFFIX = "@idmap";

// fsverity assumes the page size is always 4096. If not, the feature can not be

// enabled.

static constexpr int kVerityPageSize = 4096;

    return res;

}

static void run_idmap(const char *target_apk, const char *overlay_apk, int idmap_fd)

{

    execl(kIdMapPath, kIdMapPath, "--fd", target_apk, overlay_apk,

            StringPrintf("%d", idmap_fd).c_str(), (char*)nullptr);

    PLOG(ERROR) << "execl (" << kIdMapPath << ") failed";

}

static void run_verify_idmap(const char *target_apk, const char *overlay_apk, int idmap_fd)

{

    execl(kIdMapPath, kIdMapPath, "--verify", target_apk, overlay_apk,

            StringPrintf("%d", idmap_fd).c_str(), (char*)nullptr);

    PLOG(ERROR) << "execl (" << kIdMapPath << ") failed";

}

static bool delete_stale_idmap(const char* target_apk, const char* overlay_apk,

        const char* idmap_path, int32_t uid) {

    int idmap_fd = open(idmap_path, O_RDWR);

    if (idmap_fd < 0) {

        PLOG(ERROR) << "idmap open failed: " << idmap_path;

        unlink(idmap_path);

        return true;

    }

    pid_t pid;

    pid = fork();

    if (pid == 0) {

        /* child -- drop privileges before continuing */

        if (setgid(uid) != 0) {

            LOG(ERROR) << "setgid(" << uid << ") failed during idmap";

            exit(1);

        }

        if (setuid(uid) != 0) {

            LOG(ERROR) << "setuid(" << uid << ") failed during idmap";

            exit(1);

        }

        if (flock(idmap_fd, LOCK_EX | LOCK_NB) != 0) {

            PLOG(ERROR) << "flock(" << idmap_path << ") failed during idmap";

            exit(1);

        }

        run_verify_idmap(target_apk, overlay_apk, idmap_fd);

        exit(1); /* only if exec call to deleting stale idmap failed */

    } else {

        int status = wait_child(pid);

        close(idmap_fd);

        if (status != 0) {

            // Failed on verifying if idmap is made from target_apk and overlay_apk.

            LOG(DEBUG) << "delete stale idmap: " << idmap_path;

            unlink(idmap_path);

            return true;

        }

    }

    return false;

}

// Transform string /a/b/c.apk to (prefix)/a@b@c.apk@(suffix)

// eg /a/b/c.apk to /data/resource-cache/a@b@c.apk@idmap

static int flatten_path(const char *prefix, const char *suffix,

        const char *overlay_path, char *idmap_path, size_t N)

{

    if (overlay_path == nullptr || idmap_path == nullptr) {

        return -1;

    }

    const size_t len_overlay_path = strlen(overlay_path);

    // will access overlay_path + 1 further below; requires absolute path

    if (len_overlay_path < 2 || *overlay_path != '/') {

        return -1;

    }

    const size_t len_idmap_root = strlen(prefix);

    const size_t len_suffix = strlen(suffix);

    if (SIZE_MAX - len_idmap_root < len_overlay_path ||

            SIZE_MAX - (len_idmap_root + len_overlay_path) < len_suffix) {

        // additions below would cause overflow

        return -1;

    }

    if (N < len_idmap_root + len_overlay_path + len_suffix) {

        return -1;

    }

    memset(idmap_path, 0, N);

    snprintf(idmap_path, N, "%s%s%s", prefix, overlay_path + 1, suffix);

    char *ch = idmap_path + len_idmap_root;

    while (*ch != '\0') {

        if (*ch == '/') {

            *ch = '@';

        }

        ++ch;

    }

    return 0;

}

binder::Status InstalldNativeService::idmap(const std::string& targetApkPath,

        const std::string& overlayApkPath, int32_t uid) {

    ENFORCE_UID(AID_SYSTEM);

    CHECK_ARGUMENT_PATH(targetApkPath);

    CHECK_ARGUMENT_PATH(overlayApkPath);

    std::lock_guard<std::recursive_mutex> lock(mLock);

    const char* target_apk = targetApkPath.c_str();

    const char* overlay_apk = overlayApkPath.c_str();

    ALOGV("idmap target_apk=%s overlay_apk=%s uid=%d\n", target_apk, overlay_apk, uid);

    int idmap_fd = -1;

    char idmap_path[PATH_MAX];

    struct stat idmap_stat;

    bool outdated = false;

    if (flatten_path(IDMAP_PREFIX, IDMAP_SUFFIX, overlay_apk,

                idmap_path, sizeof(idmap_path)) == -1) {

        ALOGE("idmap cannot generate idmap path for overlay %s\n", overlay_apk);

        goto fail;

    }

    if (stat(idmap_path, &idmap_stat) < 0) {

        outdated = true;

    } else {

        outdated = delete_stale_idmap(target_apk, overlay_apk, idmap_path, uid);

    }

    if (outdated) {

        idmap_fd = open(idmap_path, O_RDWR | O_CREAT | O_EXCL, 0644);

    } else {

        idmap_fd = open(idmap_path, O_RDWR);

    }

    if (idmap_fd < 0) {

        ALOGE("idmap cannot open '%s' for output: %s\n", idmap_path, strerror(errno));

        goto fail;

    }

    if (fchown(idmap_fd, AID_SYSTEM, uid) < 0) {

        ALOGE("idmap cannot chown '%s'\n", idmap_path);

        goto fail;

    }

    if (fchmod(idmap_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) < 0) {

        ALOGE("idmap cannot chmod '%s'\n", idmap_path);

        goto fail;

    }

    if (!outdated) {

        close(idmap_fd);

        return ok();

    }

    pid_t pid;

    pid = fork();

    if (pid == 0) {

        /* child -- drop privileges before continuing */

        if (setgid(uid) != 0) {

            ALOGE("setgid(%d) failed during idmap\n", uid);

            exit(1);

        }

        if (setuid(uid) != 0) {

            ALOGE("setuid(%d) failed during idmap\n", uid);

            exit(1);

        }

        if (flock(idmap_fd, LOCK_EX | LOCK_NB) != 0) {

            ALOGE("flock(%s) failed during idmap: %s\n", idmap_path, strerror(errno));

            exit(1);

        }

        run_idmap(target_apk, overlay_apk, idmap_fd);

        exit(1); /* only if exec call to idmap failed */

    } else {

        int status = wait_child(pid);

        if (status != 0) {

            ALOGE("idmap failed, status=0x%04x\n", status);

            goto fail;

        }

    }

    close(idmap_fd);

    return ok();

fail:

    if (idmap_fd >= 0) {

        close(idmap_fd);

        unlink(idmap_path);

    }

    return error();

}

binder::Status InstalldNativeService::removeIdmap(const std::string& overlayApkPath) {

    ENFORCE_UID(AID_SYSTEM);

    CHECK_ARGUMENT_PATH(overlayApkPath);

    std::lock_guard<std::recursive_mutex> lock(mLock);

    const char* overlay_apk = overlayApkPath.c_str();

    char idmap_path[PATH_MAX];

    if (flatten_path(IDMAP_PREFIX, IDMAP_SUFFIX, overlay_apk,

                idmap_path, sizeof(idmap_path)) == -1) {

        ALOGE("idmap cannot generate idmap path for overlay %s\n", overlay_apk);

        return error();

    }

    if (unlink(idmap_path) < 0) {

        ALOGE("couldn't unlink idmap file %s\n", idmap_path);

        return error();

    }

    return ok();

}

binder::Status InstalldNativeService::restoreconAppData(const std::unique_ptr<std::string>& uuid,

        const std::string& packageName, int32_t userId, int32_t flags, int32_t appId,

        const std::string& seInfo) {

    binder::Status destroyProfileSnapshot(const std::string& packageName,

            const std::string& profileName);

    binder::Status idmap(const std::string& targetApkPath, const std::string& overlayApkPath,

            int32_t uid);

    binder::Status removeIdmap(const std::string& overlayApkPath);

    binder::Status rmPackageDir(const std::string& packageDir);

    binder::Status markBootComplete(const std::string& instructionSet);

    binder::Status freeCache(const std::unique_ptr<std::string>& uuid, int64_t targetFreeBytes,

            @utf8InCpp String profileName, @utf8InCpp String classpath);

    void destroyProfileSnapshot(@utf8InCpp String packageName, @utf8InCpp String profileName);

    void idmap(@utf8InCpp String targetApkPath, @utf8InCpp String overlayApkPath, int uid);

    void removeIdmap(@utf8InCpp String overlayApkPath);

    void rmPackageDir(@utf8InCpp String packageDir);

    void markBootComplete(@utf8InCpp String instructionSet);

    void freeCache(@nullable @utf8InCpp String uuid, long targetFreeBytes,

                ? "dalvik.vm.dex2oat-threads"

                : "dalvik.vm.boot-dex2oat-threads";

        std::string dex2oat_threads_arg = MapPropertyToArg(threads_property, "-j%s");

        const char* cpu_set_property = post_bootcomplete

                ? "dalvik.vm.dex2oat-cpu-set"

                : "dalvik.vm.boot-dex2oat-cpu-set";

        std::string dex2oat_cpu_set_arg = MapPropertyToArg(cpu_set_property, "--cpu-set=%s");

        std::string bootclasspath;

        char* dex2oat_bootclasspath = getenv("DEX2OATBOOTCLASSPATH");

        AddArg(image_block_size_arg);

        AddArg(dex2oat_compiler_filter_arg);

        AddArg(dex2oat_threads_arg);

        AddArg(dex2oat_cpu_set_arg);

        AddArg(dex2oat_swap_fd);

        AddArg(dex2oat_image_fd);

# See the License for the specific language governing permissions and

# limitations under the License.

rm -rf /data/media/Android/obb/test_probe

mkdir -p /data/media/Android/obb/

touch /data/media/Android/obb/test_probe

rm -rf /data/media/0/Android/obb/test_probe

mkdir -p /data/media/0/Android/obb/

touch /data/media/0/Android/obb/test_probe

if ! test -f /data/media/0/Android/obb/test_probe ; then

  log -p i -t migrate_legacy_obb_data "No support for 'unshared_obb'. Not migrating"

  rm -rf /data/media/Android/obb/test_probe

  rm -rf /data/media/0/Android/obb/test_probe

  exit 0

fi

# Delete the test file, and remove the obb folder if it is empty

rm -rf /data/media/Android/obb/test_probe

rm -rf /data/media/0/Android/obb/test_probe

rmdir /data/media/obb

if ! test -d /data/media/obb ; then