81 lines
3.2 KiB
C++
81 lines
3.2 KiB
C++
/*
|
|
* Copyright (C) 2015 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#if defined(__ANDROID__)
|
|
#include <android-base/properties.h>
|
|
#endif
|
|
|
|
#include "command.h"
|
|
#include "environment.h"
|
|
#include "utils.h"
|
|
|
|
using namespace simpleperf;
|
|
|
|
#if defined(__ANDROID__)
|
|
|
|
bool AndroidSecurityCheck() {
|
|
if (IsRoot()) {
|
|
return true;
|
|
}
|
|
// Simpleperf can be executed by the shell, or by apps themselves. To avoid malicious apps
|
|
// exploiting perf_event_open interface via simpleperf, simpleperf needs proof that the user
|
|
// is expecting simpleperf to be ran:
|
|
// 1) On Android < 11, perf_event_open is secured by perf_event_allow_path, which is controlled
|
|
// by security.perf_harden property. perf_event_open syscall can be used only after user setting
|
|
// security.perf_harden to 0 in shell. So we don't need to check security.perf_harden explicitly.
|
|
// 2) On Android >= 11, perf_event_open may be controlled by selinux instead of
|
|
// perf_event_allow_path. So we need to check security.perf_harden explicitly. If simpleperf is
|
|
// running via shell, we already know the origin of the request is the user, so set the property
|
|
// ourselves for convenience. When started by the app, we won't have the permission to set the
|
|
// property, so the user will need to prove this intent by setting it manually via shell.
|
|
// 3) On Android >= 13, besides perf_harden property, we use persist properties to allow an app
|
|
// profiling itself even after device reboot. User needs to set the uid of the app which wants to
|
|
// profile itself. And the permission has an expiration time.
|
|
int android_version = GetAndroidVersion();
|
|
if (android_version >= 13) {
|
|
if (IsInAppUid() && android::base::GetUintProperty("persist.simpleperf.profile_app_uid", 0u,
|
|
UINT_MAX) == getuid()) {
|
|
if (android::base::GetUintProperty<uint64_t>("persist.simpleperf.profile_app_expiration_time",
|
|
0, UINT64_MAX) > time(nullptr)) {
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
if (android_version >= 11) {
|
|
std::string prop_name = "security.perf_harden";
|
|
if (android::base::GetProperty(prop_name, "") != "0") {
|
|
if (!android::base::SetProperty(prop_name, "0")) {
|
|
fprintf(stderr,
|
|
"failed to set system property security.perf_harden to 0.\n"
|
|
"Try using `adb shell setprop security.perf_harden 0` to allow profiling.\n");
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
#endif
|
|
|
|
int main(int argc, char** argv) {
|
|
#if defined(__ANDROID__)
|
|
if (!AndroidSecurityCheck()) {
|
|
return 1;
|
|
}
|
|
#endif
|
|
return RunSimpleperfCmd(argc, argv) ? 0 : 1;
|
|
}
|