Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / de129224fcac1b1ae3ebd2bcc4773e9e959fa205 / . / arc / network / adb_proxy.cc
blob: 9b69c7c63d67a75e99f36bd4a92917f3b7bd32c8 [file] [log] [blame]
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]1// Copyright 2019 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "arc/network/adb_proxy.h"
6
jasongustaman14076282019-05-20 15:38:41 +0900[diff] [blame]7#include <linux/vm_sockets.h>
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]8#include <sys/socket.h>
9#include <sys/types.h>
10
11#include <utility>
12
13#include <base/bind.h>
14#include <base/logging.h>
15#include <base/strings/stringprintf.h>
16#include <brillo/minijail/minijail.h>
17
Hugo Benichi2ac4d072019-05-28 14:51:23 +0900[diff] [blame]18#include "arc/network/net_util.h"
19
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]20namespace arc_networkd {
21namespace {
Garrick Evansa7556db2019-05-07 11:22:40 +0900[diff] [blame]22// adb gets confused if we listen on 5555 and thinks there is an emulator
23// running, which in turn ends up confusing our integration test libraries
24// because multiple devices show up.
25constexpr uint16_t kTcpListenPort = 5550;
26// But we still connect to adbd on its standard TCP port.
27constexpr uint16_t kTcpConnectPort = 5555;
Hugo Benichi2ac4d072019-05-28 14:51:23 +0900[diff] [blame]28constexpr uint32_t kTcpAddr = Ipv4Addr(100, 115, 92, 2);
jasongustaman14076282019-05-20 15:38:41 +0900[diff] [blame]29constexpr uint32_t kVsockPort = 5555;
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]30constexpr uint64_t kCapMask = CAP_TO_MASK(CAP_NET_RAW);
31constexpr char kUnprivilegedUser[] = "arc-networkd";
32constexpr int kMaxConn = 16;
33
34} // namespace
35
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]36AdbProxy::AdbProxy(base::ScopedFD control_fd)
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]37 : msg_dispatcher_(std::move(control_fd)),
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]38 arc_type_(GuestMessage::UNKNOWN_GUEST),
39 arcvm_vsock_cid_(-1) {
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]40 msg_dispatcher_.RegisterFailureHandler(
41 base::Bind(&AdbProxy::OnParentProcessExit, weak_factory_.GetWeakPtr()));
42
43 msg_dispatcher_.RegisterGuestMessageHandler(
44 base::Bind(&AdbProxy::OnGuestMessage, weak_factory_.GetWeakPtr()));
45}
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]46
Hidehiko Abede129222019-08-16 00:55:04 +0900[diff] [blame^]47AdbProxy::~AdbProxy() = default;
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]48
49int AdbProxy::OnInit() {
50 // Prevent the main process from sending us any signals.
51 if (setsid() < 0) {
52 PLOG(ERROR) << "Failed to created a new session with setsid; exiting";
53 return -1;
54 }
55
56 // Run with minimal privileges.
57 brillo::Minijail* m = brillo::Minijail::GetInstance();
58 struct minijail* jail = m->New();
59
60 // Most of these return void, but DropRoot() can fail if the user/group
61 // does not exist.
62 CHECK(m->DropRoot(jail, kUnprivilegedUser, kUnprivilegedUser))
63 << "Could not drop root privileges";
64 m->UseCapabilities(jail, kCapMask);
65 m->Enter(jail);
66 m->Destroy(jail);
67
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]68 return Daemon::OnInit();
69}
70
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]71void AdbProxy::Reset() {
Hidehiko Abede129222019-08-16 00:55:04 +0900[diff] [blame^]72 src_watcher_.reset();
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]73 src_.reset();
74 fwd_.clear();
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]75 arcvm_vsock_cid_ = -1;
76 arc_type_ = GuestMessage::UNKNOWN_GUEST;
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]77}
78
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]79void AdbProxy::OnParentProcessExit() {
80 LOG(ERROR) << "Quitting because the parent process died";
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]81 Reset();
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]82 Quit();
83}
84
Hidehiko Abede129222019-08-16 00:55:04 +0900[diff] [blame^]85void AdbProxy::OnFileCanReadWithoutBlocking() {
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]86 if (auto conn = src_->Accept()) {
87 if (auto dst = Connect()) {
88 LOG(INFO) << "Connection established: " << *conn << " <-> " << *dst;
89 auto fwd = std::make_unique<SocketForwarder>(
90 base::StringPrintf("adbp%d-%d", conn->fd(), dst->fd()),
91 std::move(conn), std::move(dst));
92 fwd->Start();
93 fwd_.emplace_back(std::move(fwd));
94 }
95 }
96
97 // Cleanup any defunct forwarders.
98 for (auto it = fwd_.begin(); it != fwd_.end();) {
Garrick Evans088cd0e2019-06-04 15:20:43 +0900[diff] [blame]99 if (!(*it)->IsRunning() && (*it)->HasBeenStarted())
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]100 it = fwd_.erase(it);
Garrick Evans4e96fad2019-05-17 10:19:38 +0900[diff] [blame]101 else
102 ++it;
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]103 }
104}
105
106std::unique_ptr<Socket> AdbProxy::Connect() const {
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]107 switch (arc_type_) {
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]108 case GuestMessage::ARC:
109 case GuestMessage::ARC_LEGACY: {
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]110 struct sockaddr_in addr_in = {0};
111 addr_in.sin_family = AF_INET;
112 addr_in.sin_port = htons(kTcpConnectPort);
113 addr_in.sin_addr.s_addr = kTcpAddr;
114 auto dst = std::make_unique<Socket>(AF_INET, SOCK_STREAM);
115 return dst->Connect((const struct sockaddr*)&addr_in, sizeof(addr_in))
116 ? std::move(dst)
117 : nullptr;
118 }
119 case GuestMessage::ARC_VM: {
120 struct sockaddr_vm addr_vm = {0};
121 addr_vm.svm_family = AF_VSOCK;
122 addr_vm.svm_port = kVsockPort;
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]123 addr_vm.svm_cid = arcvm_vsock_cid_;
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]124 auto dst = std::make_unique<Socket>(AF_VSOCK, SOCK_STREAM);
125 return dst->Connect((const struct sockaddr*)&addr_vm, sizeof(addr_vm))
126 ? std::move(dst)
127 : nullptr;
128 }
129 default:
130 LOG(DFATAL) << "Unexpected connect - no ARC guest";
131 return nullptr;
132 }
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]133}
134
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]135void AdbProxy::OnGuestMessage(const GuestMessage& msg) {
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]136 if (msg.type() == GuestMessage::UNKNOWN_GUEST) {
137 LOG(DFATAL) << "Unexpected message from unknown guest";
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]138 return;
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]139 }
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]140
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]141 arc_type_ = msg.type();
Garrick Evans1cce71a2019-06-21 10:43:14 +0900[diff] [blame]142 arcvm_vsock_cid_ = msg.arcvm_vsock_cid();
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]143
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]144 // On ARC up, start accepting connections.
145 if (msg.event() == GuestMessage::START) {
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]146 src_ = std::make_unique<Socket>(AF_INET, SOCK_STREAM | SOCK_NONBLOCK);
Garrick Evans20cc37c2019-05-29 17:25:59 +0900[diff] [blame]147 // Need to set this to reuse the port on localhost.
Garrick Evans20cc37c2019-05-29 17:25:59 +0900[diff] [blame]148 int on = 1;
149 if (setsockopt(src_->fd(), SOL_SOCKET, SO_REUSEADDR, &on, sizeof(int)) <
150 0) {
151 PLOG(ERROR) << "setsockopt(SO_REUSEADDR) failed";
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]152 return;
Garrick Evans20cc37c2019-05-29 17:25:59 +0900[diff] [blame]153 }
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]154 struct sockaddr_in addr = {0};
155 addr.sin_family = AF_INET;
Garrick Evansa7556db2019-05-07 11:22:40 +0900[diff] [blame]156 addr.sin_port = htons(kTcpListenPort);
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]157 addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
158 if (!src_->Bind((const struct sockaddr*)&addr, sizeof(addr))) {
159 LOG(ERROR) << "Cannot bind source socket";
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]160 return;
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]161 }
162
163 if (!src_->Listen(kMaxConn)) {
164 LOG(ERROR) << "Cannot listen on source socket";
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]165 return;
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]166 }
167
168 // Run the accept loop.
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]169 LOG(INFO) << "Accepting connections...";
Hidehiko Abede129222019-08-16 00:55:04 +0900[diff] [blame^]170 src_watcher_ = base::FileDescriptorWatcher::WatchReadable(
171 src_->fd(), base::BindRepeating(&AdbProxy::OnFileCanReadWithoutBlocking,
172 base::Unretained(this)));
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]173 return;
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]174 }
175
Garrick Evans96e03042019-05-28 14:30:52 +0900[diff] [blame]176 // On ARC down, cull any open connections and stop listening.
177 if (msg.event() == GuestMessage::STOP) {
Garrick Evansbdf1f982019-06-07 09:46:49 +0900[diff] [blame]178 Reset();
Garrick Evans584210b2019-05-27 14:25:43 +0900[diff] [blame]179 }
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]180}
181
Garrick Evans3cbac7c2019-04-18 15:31:31 +0900[diff] [blame]182} // namespace arc_networkd