1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "environment.h"
18 
19 #include <inttypes.h>
20 #include <signal.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <sys/resource.h>
25 #include <sys/utsname.h>
26 #include <unistd.h>
27 
28 #include <limits>
29 #include <optional>
30 #include <set>
31 #include <unordered_map>
32 #include <vector>
33 
34 #include <android-base/file.h>
35 #include <android-base/logging.h>
36 #include <android-base/parseint.h>
37 #include <android-base/stringprintf.h>
38 #include <android-base/strings.h>
39 #include <procinfo/process.h>
40 #include <procinfo/process_map.h>
41 
42 #if defined(__ANDROID__)
43 #include <android-base/properties.h>
44 #include <cutils/android_filesystem_config.h>
45 #endif
46 
47 #include "IOEventLoop.h"
48 #include "command.h"
49 #include "event_type.h"
50 #include "kallsyms.h"
51 #include "read_elf.h"
52 #include "thread_tree.h"
53 #include "utils.h"
54 #include "workload.h"
55 
56 namespace simpleperf {
57 
GetOnlineCpus()58 std::vector<int> GetOnlineCpus() {
59   std::vector<int> result;
60   LineReader reader("/sys/devices/system/cpu/online");
61   if (!reader.Ok()) {
62     PLOG(ERROR) << "can't open online cpu information";
63     return result;
64   }
65 
66   std::string* line;
67   if ((line = reader.ReadLine()) != nullptr) {
68     if (auto cpus = GetCpusFromString(*line); cpus) {
69       result.assign(cpus->begin(), cpus->end());
70     }
71   }
72   CHECK(!result.empty()) << "can't get online cpu information";
73   return result;
74 }
75 
GetAllModuleFiles(const std::string & path,std::unordered_map<std::string,std::string> * module_file_map)76 static void GetAllModuleFiles(const std::string& path,
77                               std::unordered_map<std::string, std::string>* module_file_map) {
78   if (!IsDir(path)) {
79     return;
80   }
81   for (const auto& name : GetEntriesInDir(path)) {
82     std::string entry_path = path + "/" + name;
83     if (IsRegularFile(entry_path) && android::base::EndsWith(name, ".ko")) {
84       std::string module_name = name.substr(0, name.size() - 3);
85       std::replace(module_name.begin(), module_name.end(), '-', '_');
86       module_file_map->insert(std::make_pair(module_name, entry_path));
87     } else if (IsDir(entry_path)) {
88       GetAllModuleFiles(entry_path, module_file_map);
89     }
90   }
91 }
92 
GetModulesInUse()93 static std::vector<KernelMmap> GetModulesInUse() {
94   std::vector<KernelMmap> module_mmaps = GetLoadedModules();
95   if (module_mmaps.empty()) {
96     return std::vector<KernelMmap>();
97   }
98   std::unordered_map<std::string, std::string> module_file_map;
99 #if defined(__ANDROID__)
100   // On Android, kernel modules are stored in /system/lib/modules, /vendor/lib/modules,
101   // /odm/lib/modules.
102   // See https://source.android.com/docs/core/architecture/partitions/gki-partitions and
103   // https://source.android.com/docs/core/architecture/partitions/vendor-odm-dlkm-partition.
104   // They can also be stored in vendor_kernel_ramdisk.img, which isn't accessible from userspace.
105   // See https://source.android.com/docs/core/architecture/kernel/kernel-module-support.
106   for (const auto& path : {"/system/lib/modules", "/vendor/lib/modules", "/odm/lib/modules"}) {
107     GetAllModuleFiles(path, &module_file_map);
108   }
109 #else
110   utsname uname_buf;
111   if (TEMP_FAILURE_RETRY(uname(&uname_buf)) != 0) {
112     PLOG(ERROR) << "uname() failed";
113     return std::vector<KernelMmap>();
114   }
115   std::string linux_version = uname_buf.release;
116   std::string module_dirpath = "/lib/modules/" + linux_version + "/kernel";
117   GetAllModuleFiles(module_dirpath, &module_file_map);
118 #endif
119   for (auto& module : module_mmaps) {
120     auto it = module_file_map.find(module.name);
121     if (it != module_file_map.end()) {
122       module.filepath = it->second;
123     }
124   }
125   return module_mmaps;
126 }
127 
GetKernelAndModuleMmaps(KernelMmap * kernel_mmap,std::vector<KernelMmap> * module_mmaps)128 void GetKernelAndModuleMmaps(KernelMmap* kernel_mmap, std::vector<KernelMmap>* module_mmaps) {
129   kernel_mmap->name = DEFAULT_KERNEL_MMAP_NAME;
130   kernel_mmap->start_addr = 0;
131   kernel_mmap->len = std::numeric_limits<uint64_t>::max();
132   if (uint64_t kstart_addr = GetKernelStartAddress(); kstart_addr != 0) {
133     kernel_mmap->name = std::string(DEFAULT_KERNEL_MMAP_NAME) + "_stext";
134     kernel_mmap->start_addr = kstart_addr;
135     kernel_mmap->len = std::numeric_limits<uint64_t>::max() - kstart_addr;
136   }
137   kernel_mmap->filepath = kernel_mmap->name;
138   *module_mmaps = GetModulesInUse();
139   for (auto& map : *module_mmaps) {
140     if (map.filepath.empty()) {
141       map.filepath = "[" + map.name + "]";
142     }
143   }
144 }
145 
ReadThreadNameAndPid(pid_t tid,std::string * comm,pid_t * pid)146 bool ReadThreadNameAndPid(pid_t tid, std::string* comm, pid_t* pid) {
147   android::procinfo::ProcessInfo procinfo;
148   if (!android::procinfo::GetProcessInfo(tid, &procinfo)) {
149     return false;
150   }
151   if (comm != nullptr) {
152     *comm = procinfo.name;
153   }
154   if (pid != nullptr) {
155     *pid = procinfo.pid;
156   }
157   return true;
158 }
159 
GetThreadsInProcess(pid_t pid)160 std::vector<pid_t> GetThreadsInProcess(pid_t pid) {
161   std::vector<pid_t> result;
162   android::procinfo::GetProcessTids(pid, &result);
163   return result;
164 }
165 
IsThreadAlive(pid_t tid)166 bool IsThreadAlive(pid_t tid) {
167   return IsDir(android::base::StringPrintf("/proc/%d", tid));
168 }
169 
GetProcessForThread(pid_t tid,pid_t * pid)170 bool GetProcessForThread(pid_t tid, pid_t* pid) {
171   return ReadThreadNameAndPid(tid, nullptr, pid);
172 }
173 
GetThreadName(pid_t tid,std::string * name)174 bool GetThreadName(pid_t tid, std::string* name) {
175   return ReadThreadNameAndPid(tid, name, nullptr);
176 }
177 
GetAllProcesses()178 std::vector<pid_t> GetAllProcesses() {
179   std::vector<pid_t> result;
180   std::vector<std::string> entries = GetEntriesInDir("/proc");
181   for (const auto& entry : entries) {
182     pid_t pid;
183     if (!android::base::ParseInt(entry.c_str(), &pid, 0)) {
184       continue;
185     }
186     result.push_back(pid);
187   }
188   return result;
189 }
190 
GetThreadMmapsInProcess(pid_t pid,std::vector<ThreadMmap> * thread_mmaps)191 bool GetThreadMmapsInProcess(pid_t pid, std::vector<ThreadMmap>* thread_mmaps) {
192   thread_mmaps->clear();
193   return android::procinfo::ReadProcessMaps(pid, [&](const android::procinfo::MapInfo& mapinfo) {
194     thread_mmaps->emplace_back(mapinfo.start, mapinfo.end - mapinfo.start, mapinfo.pgoff,
195                                mapinfo.name.c_str(), mapinfo.flags);
196   });
197 }
198 
GetKernelBuildId(BuildId * build_id)199 bool GetKernelBuildId(BuildId* build_id) {
200   ElfStatus result = GetBuildIdFromNoteFile("/sys/kernel/notes", build_id);
201   if (result != ElfStatus::NO_ERROR) {
202     LOG(DEBUG) << "failed to read /sys/kernel/notes: " << result;
203   }
204   return result == ElfStatus::NO_ERROR;
205 }
206 
GetModuleBuildId(const std::string & module_name,BuildId * build_id,const std::string & sysfs_dir)207 bool GetModuleBuildId(const std::string& module_name, BuildId* build_id,
208                       const std::string& sysfs_dir) {
209   std::string notefile = sysfs_dir + "/module/" + module_name + "/notes/.note.gnu.build-id";
210   return GetBuildIdFromNoteFile(notefile, build_id) == ElfStatus::NO_ERROR;
211 }
212 
213 /*
214  * perf event allow level:
215  *  -1 - everything allowed
216  *   0 - disallow raw tracepoint access for unpriv
217  *   1 - disallow cpu events for unpriv
218  *   2 - disallow kernel profiling for unpriv
219  *   3 - disallow user profiling for unpriv
220  */
221 static const char* perf_event_allow_path = "/proc/sys/kernel/perf_event_paranoid";
222 
ReadPerfEventAllowStatus()223 static std::optional<int> ReadPerfEventAllowStatus() {
224   std::string s;
225   if (!android::base::ReadFileToString(perf_event_allow_path, &s)) {
226     PLOG(DEBUG) << "failed to read " << perf_event_allow_path;
227     return std::nullopt;
228   }
229   s = android::base::Trim(s);
230   int value;
231   if (!android::base::ParseInt(s.c_str(), &value)) {
232     PLOG(ERROR) << "failed to parse " << perf_event_allow_path << ": " << s;
233     return std::nullopt;
234   }
235   return value;
236 }
237 
CanRecordRawData()238 bool CanRecordRawData() {
239   if (IsRoot()) {
240     return true;
241   }
242 #if defined(__ANDROID__)
243   // Android R uses selinux to control perf_event_open. Whether raw data can be recorded is hard
244   // to check unless we really try it. And probably there is no need to record raw data in non-root
245   // users.
246   return false;
247 #else
248   return ReadPerfEventAllowStatus() == -1;
249 #endif
250 }
251 
GetMemorySize()252 std::optional<uint64_t> GetMemorySize() {
253   std::unique_ptr<FILE, decltype(&fclose)> fp(fopen("/proc/meminfo", "r"), fclose);
254   uint64_t size;
255   if (fp && fscanf(fp.get(), "MemTotal:%" PRIu64 " k", &size) == 1) {
256     return size * kKilobyte;
257   }
258   PLOG(ERROR) << "failed to get memory size";
259   return std::nullopt;
260 }
261 
GetLimitLevelDescription(int limit_level)262 static const char* GetLimitLevelDescription(int limit_level) {
263   switch (limit_level) {
264     case -1:
265       return "unlimited";
266     case 0:
267       return "disallowing raw tracepoint access for unpriv";
268     case 1:
269       return "disallowing cpu events for unpriv";
270     case 2:
271       return "disallowing kernel profiling for unpriv";
272     case 3:
273       return "disallowing user profiling for unpriv";
274     default:
275       return "unknown level";
276   }
277 }
278 
CheckPerfEventLimit()279 bool CheckPerfEventLimit() {
280   std::optional<int> old_level = ReadPerfEventAllowStatus();
281 
282   // Root is not limited by perf_event_allow_path. However, the monitored threads
283   // may create child processes not running as root. To make sure the child processes have
284   // enough permission to create inherited tracepoint events, write -1 to perf_event_allow_path.
285   // See http://b/62230699.
286   if (IsRoot()) {
287     if (old_level == -1) {
288       return true;
289     }
290     if (android::base::WriteStringToFile("-1", perf_event_allow_path)) {
291       return true;
292     }
293     // On host, we may not be able to write to perf_event_allow_path (like when running in docker).
294 #if defined(__ANDROID__)
295     PLOG(ERROR) << "failed to write -1 to " << perf_event_allow_path;
296     return false;
297 #endif
298   }
299   if (old_level.has_value() && old_level <= 1) {
300     return true;
301   }
302 #if defined(__ANDROID__)
303   const std::string prop_name = "security.perf_harden";
304   std::string prop_value = android::base::GetProperty(prop_name, "");
305   if (prop_value.empty()) {
306     // can't do anything if there is no such property.
307     return true;
308   }
309   if (prop_value == "0") {
310     return true;
311   }
312   // Try to enable perf events by setprop security.perf_harden=0.
313   if (android::base::SetProperty(prop_name, "0")) {
314     sleep(1);
315     // Check the result of setprop, by reading allow status or the property value.
316     if (auto level = ReadPerfEventAllowStatus(); level.has_value() && level <= 1) {
317       return true;
318     }
319     if (android::base::GetProperty(prop_name, "") == "0") {
320       return true;
321     }
322   }
323   if (old_level.has_value()) {
324     LOG(ERROR) << perf_event_allow_path << " is " << old_level.value() << ", "
325                << GetLimitLevelDescription(old_level.value()) << ".";
326   }
327   LOG(ERROR) << "Try using `adb shell setprop security.perf_harden 0` to allow profiling.";
328   return false;
329 #else
330   if (old_level.has_value()) {
331     LOG(ERROR) << perf_event_allow_path << " is " << old_level.value() << ", "
332                << GetLimitLevelDescription(old_level.value()) << ". Try using `echo -1 >"
333                << perf_event_allow_path << "` to enable profiling.";
334     return false;
335   }
336 #endif
337   return true;
338 }
339 
340 #if defined(__ANDROID__)
SetProperty(const char * prop_name,uint64_t value)341 static bool SetProperty(const char* prop_name, uint64_t value) {
342   if (!android::base::SetProperty(prop_name, std::to_string(value))) {
343     LOG(ERROR) << "Failed to SetProperty " << prop_name << " to " << value;
344     return false;
345   }
346   return true;
347 }
348 
SetPerfEventLimits(uint64_t sample_freq,size_t cpu_percent,uint64_t mlock_kb)349 bool SetPerfEventLimits(uint64_t sample_freq, size_t cpu_percent, uint64_t mlock_kb) {
350   if (!SetProperty("debug.perf_event_max_sample_rate", sample_freq) ||
351       !SetProperty("debug.perf_cpu_time_max_percent", cpu_percent) ||
352       !SetProperty("debug.perf_event_mlock_kb", mlock_kb) ||
353       !SetProperty("security.perf_harden", 0)) {
354     return false;
355   }
356   // Wait for init process to change perf event limits based on properties.
357   const size_t max_wait_us = 3 * 1000000;
358   const size_t interval_us = 10000;
359   int finish_mask = 0;
360   for (size_t i = 0; i < max_wait_us && finish_mask != 7; i += interval_us) {
361     usleep(interval_us);  // Wait 10ms to avoid busy loop.
362     if ((finish_mask & 1) == 0) {
363       uint64_t freq;
364       if (!GetMaxSampleFrequency(&freq) || freq == sample_freq) {
365         finish_mask |= 1;
366       }
367     }
368     if ((finish_mask & 2) == 0) {
369       size_t percent;
370       if (!GetCpuTimeMaxPercent(&percent) || percent == cpu_percent) {
371         finish_mask |= 2;
372       }
373     }
374     if ((finish_mask & 4) == 0) {
375       uint64_t kb;
376       if (!GetPerfEventMlockKb(&kb) || kb == mlock_kb) {
377         finish_mask |= 4;
378       }
379     }
380   }
381   if (finish_mask != 7) {
382     LOG(WARNING) << "Wait setting perf event limits timeout";
383   }
384   return true;
385 }
386 #else  // !defined(__ANDROID__)
SetPerfEventLimits(uint64_t,size_t,uint64_t)387 bool SetPerfEventLimits(uint64_t, size_t, uint64_t) {
388   return true;
389 }
390 #endif
391 
392 template <typename T>
ReadUintFromProcFile(const std::string & path,T * value)393 static bool ReadUintFromProcFile(const std::string& path, T* value) {
394   std::string s;
395   if (!android::base::ReadFileToString(path, &s)) {
396     PLOG(DEBUG) << "failed to read " << path;
397     return false;
398   }
399   s = android::base::Trim(s);
400   if (!android::base::ParseUint(s.c_str(), value)) {
401     LOG(ERROR) << "failed to parse " << path << ": " << s;
402     return false;
403   }
404   return true;
405 }
406 
407 template <typename T>
WriteUintToProcFile(const std::string & path,T value)408 static bool WriteUintToProcFile(const std::string& path, T value) {
409   if (IsRoot()) {
410     return android::base::WriteStringToFile(std::to_string(value), path);
411   }
412   return false;
413 }
414 
GetMaxSampleFrequency(uint64_t * max_sample_freq)415 bool GetMaxSampleFrequency(uint64_t* max_sample_freq) {
416   return ReadUintFromProcFile("/proc/sys/kernel/perf_event_max_sample_rate", max_sample_freq);
417 }
418 
SetMaxSampleFrequency(uint64_t max_sample_freq)419 bool SetMaxSampleFrequency(uint64_t max_sample_freq) {
420   return WriteUintToProcFile("/proc/sys/kernel/perf_event_max_sample_rate", max_sample_freq);
421 }
422 
GetCpuTimeMaxPercent(size_t * percent)423 bool GetCpuTimeMaxPercent(size_t* percent) {
424   return ReadUintFromProcFile("/proc/sys/kernel/perf_cpu_time_max_percent", percent);
425 }
426 
SetCpuTimeMaxPercent(size_t percent)427 bool SetCpuTimeMaxPercent(size_t percent) {
428   return WriteUintToProcFile("/proc/sys/kernel/perf_cpu_time_max_percent", percent);
429 }
430 
GetPerfEventMlockKb(uint64_t * mlock_kb)431 bool GetPerfEventMlockKb(uint64_t* mlock_kb) {
432   return ReadUintFromProcFile("/proc/sys/kernel/perf_event_mlock_kb", mlock_kb);
433 }
434 
SetPerfEventMlockKb(uint64_t mlock_kb)435 bool SetPerfEventMlockKb(uint64_t mlock_kb) {
436   return WriteUintToProcFile("/proc/sys/kernel/perf_event_mlock_kb", mlock_kb);
437 }
438 
GetMachineArch()439 ArchType GetMachineArch() {
440 #if defined(__i386__)
441   // For 32 bit x86 build, we can't get machine arch by uname().
442   ArchType arch = ARCH_UNSUPPORTED;
443   std::unique_ptr<FILE, decltype(&pclose)> fp(popen("uname -m", "re"), pclose);
444   if (fp) {
445     char machine[40];
446     if (fgets(machine, sizeof(machine), fp.get()) == machine) {
447       arch = GetArchType(android::base::Trim(machine));
448     }
449   }
450 #else
451   utsname uname_buf;
452   if (TEMP_FAILURE_RETRY(uname(&uname_buf)) != 0) {
453     PLOG(WARNING) << "uname() failed";
454     return GetTargetArch();
455   }
456   ArchType arch = GetArchType(uname_buf.machine);
457 #endif
458   if (arch != ARCH_UNSUPPORTED) {
459     return arch;
460   }
461   return GetTargetArch();
462 }
463 
PrepareVdsoFile()464 void PrepareVdsoFile() {
465   // vdso is an elf file in memory loaded in each process's user space by the kernel. To read
466   // symbols from it and unwind through it, we need to dump it into a file in storage.
467   // It doesn't affect much when failed to prepare vdso file, so there is no need to return values.
468   std::vector<ThreadMmap> thread_mmaps;
469   if (!GetThreadMmapsInProcess(getpid(), &thread_mmaps)) {
470     return;
471   }
472   const ThreadMmap* vdso_map = nullptr;
473   for (const auto& map : thread_mmaps) {
474     if (map.name == "[vdso]") {
475       vdso_map = &map;
476       break;
477     }
478   }
479   if (vdso_map == nullptr) {
480     return;
481   }
482   std::string s(vdso_map->len, '\0');
483   memcpy(&s[0], reinterpret_cast<void*>(static_cast<uintptr_t>(vdso_map->start_addr)),
484          vdso_map->len);
485   std::unique_ptr<TemporaryFile> tmpfile = ScopedTempFiles::CreateTempFile();
486   if (!android::base::WriteStringToFd(s, tmpfile->fd)) {
487     return;
488   }
489   Dso::SetVdsoFile(tmpfile->path, sizeof(size_t) == sizeof(uint64_t));
490 }
491 
HasOpenedAppApkFile(int pid)492 static bool HasOpenedAppApkFile(int pid) {
493   std::string fd_path = "/proc/" + std::to_string(pid) + "/fd/";
494   std::vector<std::string> files = GetEntriesInDir(fd_path);
495   for (const auto& file : files) {
496     std::string real_path;
497     if (!android::base::Readlink(fd_path + file, &real_path)) {
498       continue;
499     }
500     if (real_path.find("app") != std::string::npos && real_path.find(".apk") != std::string::npos) {
501       return true;
502     }
503   }
504   return false;
505 }
506 
WaitForAppProcesses(const std::string & package_name)507 std::set<pid_t> WaitForAppProcesses(const std::string& package_name) {
508   std::set<pid_t> result;
509   size_t loop_count = 0;
510   while (true) {
511     std::vector<pid_t> pids = GetAllProcesses();
512     for (pid_t pid : pids) {
513       std::string process_name = GetCompleteProcessName(pid);
514       if (process_name.empty()) {
515         continue;
516       }
517       // The app may have multiple processes, with process name like
518       // com.google.android.googlequicksearchbox:search.
519       size_t split_pos = process_name.find(':');
520       if (split_pos != std::string::npos) {
521         process_name = process_name.substr(0, split_pos);
522       }
523       if (process_name != package_name) {
524         continue;
525       }
526       // If a debuggable app with wrap.sh runs on Android O, the app will be started with
527       // logwrapper as below:
528       // 1. Zygote forks a child process, rename it to package_name.
529       // 2. The child process execute sh, which starts a child process running
530       //    /system/bin/logwrapper.
531       // 3. logwrapper starts a child process running sh, which interprets wrap.sh.
532       // 4. wrap.sh starts a child process running the app.
533       // The problem here is we want to profile the process started in step 4, but sometimes we
534       // run into the process started in step 1. To solve it, we can check if the process has
535       // opened an apk file in some app dirs.
536       if (!HasOpenedAppApkFile(pid)) {
537         continue;
538       }
539       if (loop_count > 0u) {
540         LOG(INFO) << "Got process " << pid << " for package " << package_name;
541       }
542       result.insert(pid);
543     }
544     if (!result.empty()) {
545       return result;
546     }
547     if (++loop_count == 1u) {
548       LOG(INFO) << "Waiting for process of app " << package_name;
549     }
550     usleep(1000);
551   }
552 }
553 
554 namespace {
555 
IsAppDebuggable(int user_id,const std::string & package_name)556 bool IsAppDebuggable(int user_id, const std::string& package_name) {
557   return Workload::RunCmd({"run-as", package_name, "--user", std::to_string(user_id), "echo",
558                            ">/dev/null", "2>/dev/null"},
559                           false);
560 }
561 
562 class InAppRunner {
563  public:
InAppRunner(int user_id,const std::string & package_name)564   InAppRunner(int user_id, const std::string& package_name)
565       : user_id_(std::to_string(user_id)), package_name_(package_name) {}
~InAppRunner()566   virtual ~InAppRunner() {
567     if (!tracepoint_file_.empty()) {
568       unlink(tracepoint_file_.c_str());
569     }
570   }
571   virtual bool Prepare() = 0;
572   bool RunCmdInApp(const std::string& cmd, const std::vector<std::string>& args,
573                    size_t workload_args_size, const std::string& output_filepath,
574                    bool need_tracepoint_events);
575 
576  protected:
577   virtual std::vector<std::string> GetPrefixArgs(const std::string& cmd) = 0;
578 
579   const std::string user_id_;
580   const std::string package_name_;
581   std::string tracepoint_file_;
582 };
583 
RunCmdInApp(const std::string & cmd,const std::vector<std::string> & cmd_args,size_t workload_args_size,const std::string & output_filepath,bool need_tracepoint_events)584 bool InAppRunner::RunCmdInApp(const std::string& cmd, const std::vector<std::string>& cmd_args,
585                               size_t workload_args_size, const std::string& output_filepath,
586                               bool need_tracepoint_events) {
587   // 1. Build cmd args running in app's context.
588   std::vector<std::string> args = GetPrefixArgs(cmd);
589   args.insert(args.end(), {"--in-app", "--log", GetLogSeverityName()});
590   if (log_to_android_buffer) {
591     args.emplace_back("--log-to-android-buffer");
592   }
593   if (need_tracepoint_events) {
594     // Since we can't read tracepoint events from tracefs in app's context, we need to prepare
595     // them in tracepoint_file in shell's context, and pass the path of tracepoint_file to the
596     // child process using --tracepoint-events option.
597     const std::string tracepoint_file = "/data/local/tmp/tracepoint_events";
598     if (!EventTypeManager::Instance().WriteTracepointsToFile(tracepoint_file)) {
599       PLOG(ERROR) << "Failed to store tracepoint events";
600       return false;
601     }
602     tracepoint_file_ = tracepoint_file;
603     args.insert(args.end(), {"--tracepoint-events", tracepoint_file_});
604   }
605 
606   android::base::unique_fd out_fd;
607   if (!output_filepath.empty()) {
608     // A process running in app's context can't open a file outside it's data directory to write.
609     // So pass it a file descriptor to write.
610     out_fd = FileHelper::OpenWriteOnly(output_filepath);
611     if (out_fd == -1) {
612       PLOG(ERROR) << "Failed to open " << output_filepath;
613       return false;
614     }
615     args.insert(args.end(), {"--out-fd", std::to_string(int(out_fd))});
616   }
617 
618   // We can't send signal to a process running in app's context. So use a pipe file to send stop
619   // signal.
620   android::base::unique_fd stop_signal_rfd;
621   android::base::unique_fd stop_signal_wfd;
622   if (!android::base::Pipe(&stop_signal_rfd, &stop_signal_wfd, 0)) {
623     PLOG(ERROR) << "pipe";
624     return false;
625   }
626   args.insert(args.end(), {"--stop-signal-fd", std::to_string(int(stop_signal_rfd))});
627 
628   for (size_t i = 0; i < cmd_args.size(); ++i) {
629     if (i < cmd_args.size() - workload_args_size) {
630       // Omit "-o output_file". It is replaced by "--out-fd fd".
631       if (cmd_args[i] == "-o" || cmd_args[i] == "--app") {
632         i++;
633         continue;
634       }
635     }
636     args.push_back(cmd_args[i]);
637   }
638   char* argv[args.size() + 1];
639   for (size_t i = 0; i < args.size(); ++i) {
640     argv[i] = &args[i][0];
641   }
642   argv[args.size()] = nullptr;
643 
644   // 2. Run child process in app's context.
645   auto ChildProcFn = [&]() {
646     stop_signal_wfd.reset();
647     execvp(argv[0], argv);
648     exit(1);
649   };
650   std::unique_ptr<Workload> workload = Workload::CreateWorkload(ChildProcFn);
651   if (!workload) {
652     return false;
653   }
654   stop_signal_rfd.reset();
655 
656   // Wait on signals.
657   IOEventLoop loop;
658   bool need_to_stop_child = false;
659   std::vector<int> stop_signals = {SIGINT, SIGTERM};
660   if (!SignalIsIgnored(SIGHUP)) {
661     stop_signals.push_back(SIGHUP);
662   }
663   if (!loop.AddSignalEvents(stop_signals, [&]() {
664         need_to_stop_child = true;
665         return loop.ExitLoop();
666       })) {
667     return false;
668   }
669   if (!loop.AddSignalEvent(SIGCHLD, [&]() { return loop.ExitLoop(); })) {
670     return false;
671   }
672 
673   if (!workload->Start()) {
674     return false;
675   }
676   if (!loop.RunLoop()) {
677     return false;
678   }
679   if (need_to_stop_child) {
680     stop_signal_wfd.reset();
681   }
682   int exit_code;
683   if (!workload->WaitChildProcess(true, &exit_code) || exit_code != 0) {
684     return false;
685   }
686   return true;
687 }
688 
689 class RunAs : public InAppRunner {
690  public:
RunAs(int user_id,const std::string & package_name)691   RunAs(int user_id, const std::string& package_name) : InAppRunner(user_id, package_name) {}
~RunAs()692   virtual ~RunAs() {
693     if (simpleperf_copied_in_app_) {
694       Workload::RunCmd({"run-as", package_name_, "--user", user_id_, "rm", "-rf", "simpleperf"});
695     }
696   }
697   bool Prepare() override;
698 
699  protected:
GetPrefixArgs(const std::string & cmd)700   std::vector<std::string> GetPrefixArgs(const std::string& cmd) {
701     std::vector<std::string> args = {"run-as",
702                                      package_name_,
703                                      "--user",
704                                      user_id_,
705                                      simpleperf_copied_in_app_ ? "./simpleperf" : simpleperf_path_,
706                                      cmd,
707                                      "--app",
708                                      package_name_};
709     if (cmd == "record") {
710       if (simpleperf_copied_in_app_ || GetAndroidVersion() >= kAndroidVersionS) {
711         args.emplace_back("--add-meta-info");
712         args.emplace_back("app_type=debuggable");
713       }
714     }
715     return args;
716   }
717 
718   bool simpleperf_copied_in_app_ = false;
719   std::string simpleperf_path_;
720 };
721 
Prepare()722 bool RunAs::Prepare() {
723   // run-as can't run /data/local/tmp/simpleperf directly. So copy simpleperf binary if needed.
724   if (!android::base::Readlink("/proc/self/exe", &simpleperf_path_)) {
725     PLOG(ERROR) << "ReadLink failed";
726     return false;
727   }
728   if (simpleperf_path_.find("CtsSimpleperfTest") != std::string::npos) {
729     simpleperf_path_ = "/system/bin/simpleperf";
730     return true;
731   }
732   if (android::base::StartsWith(simpleperf_path_, "/system")) {
733     return true;
734   }
735   if (!Workload::RunCmd(
736           {"run-as", package_name_, "--user", user_id_, "cp", simpleperf_path_, "simpleperf"})) {
737     return false;
738   }
739   simpleperf_copied_in_app_ = true;
740   return true;
741 }
742 
743 class SimpleperfAppRunner : public InAppRunner {
744  public:
SimpleperfAppRunner(int user_id,const std::string & package_name,const std::string & app_type)745   SimpleperfAppRunner(int user_id, const std::string& package_name, const std::string& app_type)
746       : InAppRunner(user_id, package_name) {
747     // On Android < S, the app type is unknown before running simpleperf_app_runner. Assume it's
748     // profileable.
749     app_type_ = app_type == "unknown" ? "profileable" : app_type;
750   }
Prepare()751   bool Prepare() override { return GetAndroidVersion() >= kAndroidVersionQ; }
752 
753  protected:
GetPrefixArgs(const std::string & cmd)754   std::vector<std::string> GetPrefixArgs(const std::string& cmd) {
755     std::vector<std::string> args = {"simpleperf_app_runner", package_name_};
756     if (user_id_ != "0") {
757       args.emplace_back("--user");
758       args.emplace_back(user_id_);
759     }
760     args.emplace_back(cmd);
761     if (cmd == "record" && GetAndroidVersion() >= kAndroidVersionS) {
762       args.emplace_back("--add-meta-info");
763       args.emplace_back("app_type=" + app_type_);
764     }
765     return args;
766   }
767 
768   std::string app_type_;
769 };
770 
771 }  // namespace
772 
773 static bool allow_run_as = true;
774 static bool allow_simpleperf_app_runner = true;
775 
SetRunInAppToolForTesting(bool run_as,bool simpleperf_app_runner)776 void SetRunInAppToolForTesting(bool run_as, bool simpleperf_app_runner) {
777   allow_run_as = run_as;
778   allow_simpleperf_app_runner = simpleperf_app_runner;
779 }
780 
GetCurrentUserId()781 static int GetCurrentUserId() {
782   std::unique_ptr<FILE, decltype(&pclose)> fd(popen("am get-current-user", "r"), pclose);
783   if (fd) {
784     char buf[128];
785     if (fgets(buf, sizeof(buf), fd.get()) != nullptr) {
786       int user_id;
787       if (android::base::ParseInt(android::base::Trim(buf), &user_id, 0)) {
788         return user_id;
789       }
790     }
791   }
792   return 0;
793 }
794 
GetAppType(const std::string & app_package_name)795 std::string GetAppType(const std::string& app_package_name) {
796   if (GetAndroidVersion() < kAndroidVersionS) {
797     return "unknown";
798   }
799   std::string cmd = "simpleperf_app_runner " + app_package_name + " --show-app-type";
800   std::unique_ptr<FILE, decltype(&pclose)> fp(popen(cmd.c_str(), "re"), pclose);
801   if (fp) {
802     char buf[128];
803     if (fgets(buf, sizeof(buf), fp.get()) != nullptr) {
804       return android::base::Trim(buf);
805     }
806   }
807   // Can't get app_type. It means the app doesn't exist.
808   return "not_exist";
809 }
810 
RunInAppContext(const std::string & app_package_name,const std::string & cmd,const std::vector<std::string> & args,size_t workload_args_size,const std::string & output_filepath,bool need_tracepoint_events)811 bool RunInAppContext(const std::string& app_package_name, const std::string& cmd,
812                      const std::vector<std::string>& args, size_t workload_args_size,
813                      const std::string& output_filepath, bool need_tracepoint_events) {
814   int user_id = GetCurrentUserId();
815   std::unique_ptr<InAppRunner> in_app_runner;
816 
817   std::string app_type = GetAppType(app_package_name);
818   if (app_type == "unknown" && IsAppDebuggable(user_id, app_package_name)) {
819     app_type = "debuggable";
820   }
821 
822   if (allow_run_as && app_type == "debuggable") {
823     in_app_runner.reset(new RunAs(user_id, app_package_name));
824     if (!in_app_runner->Prepare()) {
825       in_app_runner = nullptr;
826     }
827   }
828   if (!in_app_runner && allow_simpleperf_app_runner) {
829     if (app_type == "debuggable" || app_type == "profileable" || app_type == "unknown") {
830       in_app_runner.reset(new SimpleperfAppRunner(user_id, app_package_name, app_type));
831       if (!in_app_runner->Prepare()) {
832         in_app_runner = nullptr;
833       }
834     }
835   }
836   if (!in_app_runner) {
837     LOG(ERROR) << "Package " << app_package_name
838                << " doesn't exist or isn't debuggable/profileable.";
839     return false;
840   }
841   return in_app_runner->RunCmdInApp(cmd, args, workload_args_size, output_filepath,
842                                     need_tracepoint_events);
843 }
844 
AllowMoreOpenedFiles()845 void AllowMoreOpenedFiles() {
846   // On Android <= O, the hard limit is 4096, and the soft limit is 1024.
847   // On Android >= P, both the hard and soft limit are 32768.
848   rlimit limit;
849   if (getrlimit(RLIMIT_NOFILE, &limit) != 0) {
850     return;
851   }
852   rlim_t new_limit = limit.rlim_max;
853   if (IsRoot()) {
854     rlim_t sysctl_nr_open = 0;
855     if (ReadUintFromProcFile("/proc/sys/fs/nr_open", &sysctl_nr_open) &&
856         sysctl_nr_open > new_limit) {
857       new_limit = sysctl_nr_open;
858     }
859   }
860   if (limit.rlim_cur < new_limit) {
861     limit.rlim_cur = limit.rlim_max = new_limit;
862     if (setrlimit(RLIMIT_NOFILE, &limit) == 0) {
863       LOG(DEBUG) << "increased open file limit to " << new_limit;
864     }
865   }
866 }
867 
868 std::string ScopedTempFiles::tmp_dir_;
869 std::vector<std::string> ScopedTempFiles::files_to_delete_;
870 
Create(const std::string & tmp_dir)871 std::unique_ptr<ScopedTempFiles> ScopedTempFiles::Create(const std::string& tmp_dir) {
872   if (access(tmp_dir.c_str(), W_OK | X_OK) != 0) {
873     return nullptr;
874   }
875   return std::unique_ptr<ScopedTempFiles>(new ScopedTempFiles(tmp_dir));
876 }
877 
ScopedTempFiles(const std::string & tmp_dir)878 ScopedTempFiles::ScopedTempFiles(const std::string& tmp_dir) {
879   CHECK(tmp_dir_.empty());  // No other ScopedTempFiles.
880   tmp_dir_ = tmp_dir;
881 }
882 
~ScopedTempFiles()883 ScopedTempFiles::~ScopedTempFiles() {
884   tmp_dir_.clear();
885   for (auto& file : files_to_delete_) {
886     unlink(file.c_str());
887   }
888   files_to_delete_.clear();
889 }
890 
CreateTempFile(bool delete_in_destructor)891 std::unique_ptr<TemporaryFile> ScopedTempFiles::CreateTempFile(bool delete_in_destructor) {
892   CHECK(!tmp_dir_.empty());
893   std::unique_ptr<TemporaryFile> tmp_file(new TemporaryFile(tmp_dir_));
894   CHECK_NE(tmp_file->fd, -1) << "failed to create tmpfile under " << tmp_dir_;
895   if (delete_in_destructor) {
896     tmp_file->DoNotRemove();
897     files_to_delete_.push_back(tmp_file->path);
898   }
899   return tmp_file;
900 }
901 
RegisterTempFile(const std::string & path)902 void ScopedTempFiles::RegisterTempFile(const std::string& path) {
903   files_to_delete_.emplace_back(path);
904 }
905 
SignalIsIgnored(int signo)906 bool SignalIsIgnored(int signo) {
907   struct sigaction act;
908   if (sigaction(signo, nullptr, &act) != 0) {
909     PLOG(FATAL) << "failed to query signal handler for signal " << signo;
910   }
911 
912   if ((act.sa_flags & SA_SIGINFO)) {
913     return false;
914   }
915 
916   return act.sa_handler == SIG_IGN;
917 }
918 
GetAndroidVersion()919 int GetAndroidVersion() {
920 #if defined(__ANDROID__)
921   static int android_version = -1;
922   if (android_version == -1) {
923     android_version = 0;
924     std::string s = android::base::GetProperty("ro.build.version.codename", "REL");
925     if (s == "REL") {
926       s = android::base::GetProperty("ro.build.version.release", "");
927     }
928     // The release string can be a list of numbers (like 8.1.0), a character (like Q)
929     // or many characters (like OMR1).
930     if (!s.empty()) {
931       // Each Android version has a version number: L is 5, M is 6, N is 7, O is 8, etc.
932       if (s[0] >= 'A' && s[0] <= 'Z') {
933         android_version = s[0] - 'P' + kAndroidVersionP;
934       } else if (isdigit(s[0])) {
935         sscanf(s.c_str(), "%d", &android_version);
936       }
937     }
938   }
939   return android_version;
940 #else  // defined(__ANDROID__)
941   return 0;
942 #endif
943 }
944 
GetHardwareFromCpuInfo(const std::string & cpu_info)945 std::string GetHardwareFromCpuInfo(const std::string& cpu_info) {
946   for (auto& line : android::base::Split(cpu_info, "\n")) {
947     size_t pos = line.find(':');
948     if (pos != std::string::npos) {
949       std::string key = android::base::Trim(line.substr(0, pos));
950       if (key == "Hardware") {
951         return android::base::Trim(line.substr(pos + 1));
952       }
953     }
954   }
955   return "";
956 }
957 
MappedFileOnlyExistInMemory(const char * filename)958 bool MappedFileOnlyExistInMemory(const char* filename) {
959   // Mapped files only existing in memory:
960   //   empty name
961   //   [anon:???]
962   //   [stack]
963   //   /dev/*
964   //   //anon: generated by kernel/events/core.c.
965   //   /memfd: created by memfd_create.
966   return filename[0] == '\0' || (filename[0] == '[' && strcmp(filename, "[vdso]") != 0) ||
967          strncmp(filename, "//", 2) == 0 || strncmp(filename, "/dev/", 5) == 0 ||
968          strncmp(filename, "/memfd:", 7) == 0;
969 }
970 
GetCompleteProcessName(pid_t pid)971 std::string GetCompleteProcessName(pid_t pid) {
972   std::string argv0;
973   if (!android::base::ReadFileToString("/proc/" + std::to_string(pid) + "/cmdline", &argv0)) {
974     // Maybe we don't have permission to read it.
975     return std::string();
976   }
977   size_t pos = argv0.find('\0');
978   if (pos != std::string::npos) {
979     argv0.resize(pos);
980   }
981   // argv0 can be empty if the process is in zombie state. In that case, we don't want to pass argv0
982   // to Basename(), which returns ".".
983   return argv0.empty() ? std::string() : android::base::Basename(argv0);
984 }
985 
GetTraceFsDir()986 const char* GetTraceFsDir() {
987   static const char* tracefs_dir = nullptr;
988   if (tracefs_dir == nullptr) {
989     for (const char* path : {"/sys/kernel/debug/tracing", "/sys/kernel/tracing"}) {
990       if (IsDir(path)) {
991         tracefs_dir = path;
992         break;
993       }
994     }
995   }
996   return tracefs_dir;
997 }
998 
GetKernelVersion()999 std::optional<std::pair<int, int>> GetKernelVersion() {
1000   static std::optional<std::pair<int, int>> kernel_version;
1001   if (!kernel_version.has_value()) {
1002     utsname uname_buf;
1003     int major;
1004     int minor;
1005     if (TEMP_FAILURE_RETRY(uname(&uname_buf)) != 0 ||
1006         sscanf(uname_buf.release, "%d.%d", &major, &minor) != 2) {
1007       return std::nullopt;
1008     }
1009     kernel_version = std::make_pair(major, minor);
1010   }
1011   return kernel_version;
1012 }
1013 
1014 #if defined(__ANDROID__)
IsInAppUid()1015 bool IsInAppUid() {
1016   return getuid() % AID_USER_OFFSET >= AID_APP_START;
1017 }
1018 #endif
1019 
GetProcessUid(pid_t pid)1020 std::optional<uid_t> GetProcessUid(pid_t pid) {
1021   std::string status_file = "/proc/" + std::to_string(pid) + "/status";
1022   LineReader reader(status_file);
1023   if (!reader.Ok()) {
1024     return std::nullopt;
1025   }
1026 
1027   std::string* line;
1028   while ((line = reader.ReadLine()) != nullptr) {
1029     if (android::base::StartsWith(*line, "Uid:")) {
1030       uid_t uid;
1031       if (sscanf(line->data() + strlen("Uid:"), "%u", &uid) == 1) {
1032         return uid;
1033       }
1034     }
1035   }
1036   return std::nullopt;
1037 }
1038 
GetARMCpuModels()1039 std::vector<ARMCpuModel> GetARMCpuModels() {
1040   std::vector<ARMCpuModel> cpu_models;
1041   LineReader reader("/proc/cpuinfo");
1042   if (!reader.Ok()) {
1043     return cpu_models;
1044   }
1045   auto add_cpu = [&](uint32_t processor, uint32_t implementer, uint32_t partnum) {
1046     for (auto& model : cpu_models) {
1047       if (model.implementer == implementer && model.partnum == partnum) {
1048         model.cpus.push_back(processor);
1049         return;
1050       }
1051     }
1052     cpu_models.resize(cpu_models.size() + 1);
1053     ARMCpuModel& model = cpu_models.back();
1054     model.implementer = implementer;
1055     model.partnum = partnum;
1056     model.cpus.push_back(processor);
1057   };
1058 
1059   uint32_t processor = 0;
1060   uint32_t implementer = 0;
1061   uint32_t partnum = 0;
1062   int parsed = 0;
1063   std::string* line;
1064   while ((line = reader.ReadLine()) != nullptr) {
1065     std::vector<std::string> strs = android::base::Split(*line, ":");
1066     if (strs.size() != 2) {
1067       continue;
1068     }
1069     std::string name = android::base::Trim(strs[0]);
1070     std::string value = android::base::Trim(strs[1]);
1071     if (name == "processor") {
1072       if (android::base::ParseUint(value, &processor)) {
1073         parsed |= 1;
1074       }
1075     } else if (name == "CPU implementer") {
1076       if (android::base::ParseUint(value, &implementer)) {
1077         parsed |= 2;
1078       }
1079     } else if (name == "CPU part") {
1080       if (android::base::ParseUint(value, &partnum) && parsed == 0x3) {
1081         add_cpu(processor, implementer, partnum);
1082       }
1083       parsed = 0;
1084     }
1085   }
1086   return cpu_models;
1087 }
1088 
1089 }  // namespace simpleperf
1090