| Yabin Cui | 67d3abd | 2015-04-16 15:26:31 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2015 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 17 | #if defined(__ANDROID__) |
| 18 | #include <android-base/properties.h> |
| 19 | #endif |
| 20 | |
| Yabin Cui | 67d3abd | 2015-04-16 15:26:31 -0700 | [diff] [blame] | 21 | #include "command.h" |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 22 | #include "environment.h" |
| 23 | |
| Yabin Cui | acbdb24 | 2020-07-07 15:56:34 -0700 | [diff] [blame] | 24 | using namespace simpleperf; |
| 25 | |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 26 | #if defined(__ANDROID__) |
| 27 | |
| 28 | bool AndroidSecurityCheck() { |
| 29 | // Simpleperf can be executed by the shell, or by apps themselves. To avoid malicious apps |
| 30 | // exploiting perf_event_open interface via simpleperf, simpleperf needs proof that the user |
| 31 | // is expecting simpleperf to be ran: |
| Yabin Cui | 17cffbb | 2020-07-28 17:11:39 -0700 | [diff] [blame^] | 32 | // 1) On Android < R, perf_event_open is secured by perf_event_allow_path, which is controlled |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 33 | // by security.perf_harden property. perf_event_open syscall can be used only after user setting |
| 34 | // security.perf_harden to 0 in shell. So we don't need to check security.perf_harden explicitly. |
| 35 | // 2) On Android R, perf_event_open may be controlled by selinux instead of |
| Yabin Cui | 17cffbb | 2020-07-28 17:11:39 -0700 | [diff] [blame^] | 36 | // perf_event_allow_path. So we need to check security.perf_harden explicitly. If simpleperf is |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 37 | // running via shell, we already know the origin of the request is the user, so set the property |
| 38 | // ourselves for convenience. When started by the app, we won't have the permission to set the |
| 39 | // property, so the user will need to prove this intent by setting it manually via shell. |
| 40 | if (GetAndroidVersion() >= 11) { |
| 41 | std::string prop_name = "security.perf_harden"; |
| 42 | if (android::base::GetProperty(prop_name, "") != "0") { |
| 43 | if (!android::base::SetProperty(prop_name, "0")) { |
| 44 | fprintf(stderr, |
| 45 | "failed to set system property security.perf_harden to 0.\n" |
| 46 | "Try using `adb shell setprop security.perf_harden 0` to allow profiling.\n"); |
| 47 | return false; |
| 48 | } |
| 49 | } |
| 50 | } |
| 51 | return true; |
| 52 | } |
| 53 | |
| 54 | #endif |
| Yabin Cui | 6d2db33 | 2015-06-30 18:03:34 -0700 | [diff] [blame] | 55 | |
| Yabin Cui | 67d3abd | 2015-04-16 15:26:31 -0700 | [diff] [blame] | 56 | int main(int argc, char** argv) { |
| Yabin Cui | a569776 | 2020-01-13 14:48:01 -0800 | [diff] [blame] | 57 | #if defined(__ANDROID__) |
| 58 | if (!AndroidSecurityCheck()) { |
| 59 | return 1; |
| 60 | } |
| 61 | #endif |
| Yabin Cui | 616b3a0 | 2017-07-14 15:59:56 -0700 | [diff] [blame] | 62 | return RunSimpleperfCmd(argc, argv) ? 0 : 1; |
| Yabin Cui | 67d3abd | 2015-04-16 15:26:31 -0700 | [diff] [blame] | 63 | } |