Merge "libdebuggerd_handler: in-process crash dumping for seccomped processes."

}

cc_library_static {

    name: "libdebuggerd_handler",

    name: "libdebuggerd_handler_core",

    defaults: ["debuggerd_defaults"],

    srcs: ["handler/debuggerd_handler.cpp"],

    // libdebuggerd_handler gets async signal safe logging via libc_logging,

    // which defines its interface in bionic private headers.

    include_dirs: ["bionic/libc"],

    static_libs: ["libc_logging"],

    whole_static_libs: [

        "libc_logging",

        "libdebuggerd",

    ],

    export_include_dirs: ["include"],

}

cc_library_static {

    name: "libdebuggerd_handler",

    defaults: ["debuggerd_defaults"],

    srcs: ["handler/debuggerd_fallback_nop.cpp"],

    whole_static_libs: [

        "libdebuggerd_handler_core",

    ],

    export_include_dirs: ["include"],

}

cc_library_static {

    name: "libdebuggerd_handler_fallback",

    defaults: ["debuggerd_defaults"],

    srcs: ["handler/debuggerd_fallback.cpp"],

    // libdebuggerd_handler gets async signal safe logging via libc_logging,

    // which defines its interface in bionic private headers.

    include_dirs: ["bionic/libc"],

    static_libs: [

        "libdebuggerd",

        "libbacktrace",

        "libunwind",

        "liblzma",

        "libcutils",

    ],

    export_include_dirs: ["include"],

}

    export_include_dirs: ["include"],

}

cc_library {

cc_library_static {

    name: "libdebuggerd",

    defaults: ["debuggerd_defaults"],

    local_include_dirs: ["libdebuggerd/include"],

    export_include_dirs: ["libdebuggerd/include"],

    shared_libs: [

    static_libs: [

        "libbacktrace",

        "libunwind",

        "liblzma",

        "libbase",

        "libcutils",

        "liblog",

        },

    },

    static_libs: [

        "libdebuggerd",

        "libcutils",

    ],

    shared_libs: [

        "libbacktrace",

        "libbase",

        "libdebuggerd",

        "liblog",

        "libprocinfo",

        "libselinux",

  if (backtrace) {

    dump_backtrace(output_fd.get(), backtrace_map.get(), target, main_tid, attached_siblings, 0);

  } else {

    engrave_tombstone(output_fd.get(), backtrace_map.get(), open_files, target, main_tid,

                      attached_siblings, abort_address, fatal_signal ? &amfd_data : nullptr);

    engrave_tombstone(output_fd.get(), backtrace_map.get(), &open_files, target, main_tid,

                      &attached_siblings, abort_address, fatal_signal ? &amfd_data : nullptr);

  }

  // We don't actually need to PTRACE_DETACH, as long as our tracees aren't in

/*

 * Copyright (C) 2017 The Android Open Source Project

 * All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *  * Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 *  * Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,

 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,

 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS

 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT

 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 */

#include <stddef.h>

#include <sys/ucontext.h>

#include <unistd.h>

#include "tombstone.h"

extern "C" void __linker_use_fallback_allocator();

extern "C" bool debuggerd_fallback(ucontext_t* ucontext, siginfo_t* siginfo, void* abort_message) {

  // This is incredibly sketchy to do inside of a signal handler, especially when libbacktrace

  // uses the C++ standard library throughout, but this code runs in the linker, so we'll be using

  // the linker's malloc instead of the libc one. Switch it out for a replacement, just in case.

  //

  // This isn't the default method of dumping because it can fail in cases such as memory space

  // exhaustion.

  __linker_use_fallback_allocator();

  engrave_tombstone_ucontext(-1, getpid(), gettid(), reinterpret_cast<uintptr_t>(abort_message),

                             siginfo, ucontext);

  return true;

}

/*

 * Copyright (C) 2017 The Android Open Source Project

 * All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *  * Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 *  * Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,

 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,

 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS

 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED

 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT

 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 */

#include <stddef.h>

#include <sys/ucontext.h>

#include <unistd.h>

extern "C" bool debuggerd_fallback(ucontext_t*, siginfo_t*, void*) {

  return false;

}

#define CRASH_DUMP_PATH "/system/bin/" CRASH_DUMP_NAME

extern "C" bool debuggerd_fallback(ucontext_t*, siginfo_t*, void*);

static debuggerd_callbacks_t g_callbacks;

// Mutex to ensure only one crashing thread dumps itself.

// Handler that does crash dumping by forking and doing the processing in the child.

// Do this by ptracing the relevant thread, and then execing debuggerd to do the actual dump.

static void debuggerd_signal_handler(int signal_number, siginfo_t* info, void*) {

static void debuggerd_signal_handler(int signal_number, siginfo_t* info, void* context) {

  int ret = pthread_mutex_lock(&crash_mutex);

  if (ret != 0) {

    __libc_format_log(ANDROID_LOG_INFO, "libc", "pthread_mutex_lock failed: %s", strerror(ret));

  log_signal_summary(signal_number, info);

  void* abort_message = nullptr;

  if (g_callbacks.get_abort_message) {

    abort_message = g_callbacks.get_abort_message();

  }

  if (prctl(PR_GET_NO_NEW_PRIVS, 0, 0, 0, 0) == 1) {

    ucontext_t* ucontext = static_cast<ucontext_t*>(context);

    if (signal_number == DEBUGGER_SIGNAL || !debuggerd_fallback(ucontext, info, abort_message)) {

      // The process has NO_NEW_PRIVS enabled, so we can't transition to the crash_dump context.

      __libc_format_log(ANDROID_LOG_INFO, "libc",

                        "Suppressing debuggerd output because prctl(PR_GET_NO_NEW_PRIVS)==1");

    }

    resend_signal(info, false);

    return;

  }

  void* abort_message = nullptr;

  if (g_callbacks.get_abort_message) {

    abort_message = g_callbacks.get_abort_message();

  }

  // Populate si_value with the abort message address, if found.

  if (abort_message) {

    info->si_value.sival_ptr = abort_message;