From 7a7d6b0029fd686d0ba9a6c0f1b48c79e36bf9d2 Mon Sep 17 00:00:00 2001 From: fuchao Date: Tue, 19 Jul 2022 03:22:19 +0000 Subject: [PATCH 01/15] link #I5HPWJ --- adapter/appspawn_ace.cpp | 14 ++++++++++++++ common/appspawn_server.h | 3 +++ interfaces/innerkits/include/appspawn_msg.h | 2 ++ 3 files changed, 19 insertions(+) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index debbbd4b..2942ced4 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -13,10 +13,13 @@ * limitations under the License. */ +#include #include "appspawn_adapter.h" #include "foundation/ability/ability_runtime/interfaces/kits/native/appkit/app/main_thread.h" +static const char *LIBNETSYS_CLIENT_NAME = "libnetsys_client.z.so"; +static const char *ALLOW_SOCKET_FUNCNAME = "setAllowCreateSocket"; void LoadExtendLib(AppSpawnContent *content) { #ifdef __aarch64__ @@ -38,6 +41,17 @@ void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client) { APPSPAWN_LOGI("AppExecFwk::MainThread::Start"); #ifndef APPSPAWN_TEST + if (client != NULL) { + void (*func)(bool); + void* handler = dlopen(LIBNETSYS_CLIENT_NAME, RTLD_LAZY); + if (handler != NULL) { + func = (void (*)(bool))dlsym(handler, ALLOW_SOCKET_FUNCNAME); + if (func != NULL && client->setAllowInternet == true) { + func(client->isAllowInternet); + } + dlclose(handler); + } + } OHOS::AppExecFwk::MainThread::Start(); #endif } diff --git a/common/appspawn_server.h b/common/appspawn_server.h index 1543d313..1c26dbd0 100644 --- a/common/appspawn_server.h +++ b/common/appspawn_server.h @@ -17,6 +17,7 @@ #define APPSPAWN_SERVER_H #include "beget_ext.h" +#include #include #include #include @@ -40,6 +41,8 @@ extern "C" { typedef struct AppSpawnClient_ { uint32_t id; int32_t flags; + bool setAllowInternet; + bool isAllowInternet; } AppSpawnClient; #define MAX_SOCKEYT_NAME_LEN 128 diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index 3ab90a6c..2817fac9 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -16,6 +16,7 @@ #ifndef APPSPAWN_MSG_H #define APPSPAWN_MSG_H +#include #include #include @@ -72,6 +73,7 @@ typedef struct AppParameter_ { int32_t pid; // query render process exited status by render process pid int32_t bundleIndex; AppOperateType code; + bool isAllowInternet; // app sockect allowed } AppParameter; #ifdef __cplusplus -- Gitee From 8df844bca8bd222c5987ec0dbef50971e87f5e5a Mon Sep 17 00:00:00 2001 From: fuchao Date: Tue, 19 Jul 2022 03:28:22 +0000 Subject: [PATCH 02/15] link #I5HPWJ --- interfaces/innerkits/include/appspawn_msg.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index 2817fac9..8c237a66 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -73,7 +73,7 @@ typedef struct AppParameter_ { int32_t pid; // query render process exited status by render process pid int32_t bundleIndex; AppOperateType code; - bool isAllowInternet; // app sockect allowed + bool isAllowInternet; // hap sockect allowed } AppParameter; #ifdef __cplusplus -- Gitee From 5159e7ae67f25c21335c15bc254c632a61de695c Mon Sep 17 00:00:00 2001 From: fuchao Date: Tue, 19 Jul 2022 05:16:55 +0000 Subject: [PATCH 03/15] fix compile --- adapter/appspawn_ace.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index 2942ced4..5f53b53c 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -12,14 +12,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - +#ifndef APPSPAWN_TEST #include +#endif #include "appspawn_adapter.h" #include "foundation/ability/ability_runtime/interfaces/kits/native/appkit/app/main_thread.h" - +#ifndef APPSPAWN_TEST static const char *LIBNETSYS_CLIENT_NAME = "libnetsys_client.z.so"; static const char *ALLOW_SOCKET_FUNCNAME = "setAllowCreateSocket"; +#endif void LoadExtendLib(AppSpawnContent *content) { #ifdef __aarch64__ -- Gitee From 81c8b19f137ab3772dc19070724c91a92544387a Mon Sep 17 00:00:00 2001 From: fuchao Date: Wed, 20 Jul 2022 06:48:21 +0000 Subject: [PATCH 04/15] fix client --- lite/appspawn_service.c | 2 ++ standard/appspawn_service.c | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/lite/appspawn_service.c b/lite/appspawn_service.c index 4566c340..56740830 100644 --- a/lite/appspawn_service.c +++ b/lite/appspawn_service.c @@ -134,6 +134,8 @@ static int Invoke(IServerProxy *iProxy, int funcId, void *origin, IpcIo *req, Ip AppSpawnClientLite client = {}; client.client.id = CLIENT_ID; client.client.flags = 0; + client.client.setAllowInternet = false; + client.client.isAllowInternet = false; if (GetMessageSt(&client.message, req) != EC_SUCCESS) { APPSPAWN_LOGE("[appspawn] invoke, parse failed! reply %d.", INVALID_PID); WriteInt64(reply, INVALID_PID); diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index da463042..d5ac93ed 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -370,6 +370,10 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); pid_t pid = 0; + if (appProperty->property.isAllowInternet == true) { + appProperty->client.setAllowInternet = true; + appProperty->client.isAllowInternet = true; + } int result = AppSpawnProcessMsg(&g_appSpawnContent->content, &appProperty->client, &pid); if (result == 0) { // wait child process result result = WaitChild(appProperty->fd[0], pid, appProperty); @@ -419,6 +423,8 @@ APPSPAWN_STATIC int OnConnection(const LoopHandle loopHandle, const TaskHandle s client->stream = stream; client->client.id = ++clientId; client->client.flags = 0; + client->client.setAllowInternet = false; + client->client.isAllowInternet = false; APPSPAWN_LOGI("OnConnection client fd %d Id %d", LE_GetSocketFd(stream), client->client.id); #ifdef APPSPAWN_TEST g_testClientHandle = stream; -- Gitee From 8122e4ecaae6de43703a6a851083444ba51a2575 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 03:02:46 +0000 Subject: [PATCH 05/15] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=BC=96=E7=A0=81?= =?UTF-8?q?=E8=A7=84=E8=8C=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adapter/appspawn_ace.cpp | 8 ++++---- interfaces/innerkits/include/appspawn_msg.h | 3 +-- lite/appspawn_service.c | 4 ++-- standard/appspawn_service.c | 10 +++++----- 4 files changed, 12 insertions(+), 13 deletions(-) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index 5f53b53c..f9548919 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -19,8 +19,9 @@ #include "foundation/ability/ability_runtime/interfaces/kits/native/appkit/app/main_thread.h" #ifndef APPSPAWN_TEST +typedef void (*AllowFunc)(uint8_t); static const char *LIBNETSYS_CLIENT_NAME = "libnetsys_client.z.so"; -static const char *ALLOW_SOCKET_FUNCNAME = "setAllowCreateSocket"; +static const char *ALLOW_SOCKET_FUNCNAME = "SetAllowCreateSocket"; #endif void LoadExtendLib(AppSpawnContent *content) { @@ -44,11 +45,10 @@ void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client) APPSPAWN_LOGI("AppExecFwk::MainThread::Start"); #ifndef APPSPAWN_TEST if (client != NULL) { - void (*func)(bool); void* handler = dlopen(LIBNETSYS_CLIENT_NAME, RTLD_LAZY); if (handler != NULL) { - func = (void (*)(bool))dlsym(handler, ALLOW_SOCKET_FUNCNAME); - if (func != NULL && client->setAllowInternet == true) { + AllowFunc func = (AllowFunc)dlsym(handler, ALLOW_SOCKET_FUNCNAME); + if (func != NULL && client->setAllowInternet == 1) { func(client->isAllowInternet); } dlclose(handler); diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index 8c237a66..e1ccbce3 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -16,7 +16,6 @@ #ifndef APPSPAWN_MSG_H #define APPSPAWN_MSG_H -#include #include #include @@ -73,7 +72,7 @@ typedef struct AppParameter_ { int32_t pid; // query render process exited status by render process pid int32_t bundleIndex; AppOperateType code; - bool isAllowInternet; // hap sockect allowed + uint8_t allowInternet; // hap sockect allowed } AppParameter; #ifdef __cplusplus diff --git a/lite/appspawn_service.c b/lite/appspawn_service.c index 56740830..994baf31 100644 --- a/lite/appspawn_service.c +++ b/lite/appspawn_service.c @@ -134,8 +134,8 @@ static int Invoke(IServerProxy *iProxy, int funcId, void *origin, IpcIo *req, Ip AppSpawnClientLite client = {}; client.client.id = CLIENT_ID; client.client.flags = 0; - client.client.setAllowInternet = false; - client.client.isAllowInternet = false; + client.client.setAllowInternet = 0; + client.client.allowInternet = 1; if (GetMessageSt(&client.message, req) != EC_SUCCESS) { APPSPAWN_LOGE("[appspawn] invoke, parse failed! reply %d.", INVALID_PID); WriteInt64(reply, INVALID_PID); diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index d5ac93ed..40c7d32a 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -370,9 +370,9 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); pid_t pid = 0; - if (appProperty->property.isAllowInternet == true) { - appProperty->client.setAllowInternet = true; - appProperty->client.isAllowInternet = true; + if (appProperty->property.allowInternet == 0) { + appProperty->client.setAllowInternet = 1; + appProperty->client.allowInternet = 0; } int result = AppSpawnProcessMsg(&g_appSpawnContent->content, &appProperty->client, &pid); if (result == 0) { // wait child process result @@ -423,8 +423,8 @@ APPSPAWN_STATIC int OnConnection(const LoopHandle loopHandle, const TaskHandle s client->stream = stream; client->client.id = ++clientId; client->client.flags = 0; - client->client.setAllowInternet = false; - client->client.isAllowInternet = false; + client->client.setAllowInternet = 0; + client->client.allowInternet = 1; APPSPAWN_LOGI("OnConnection client fd %d Id %d", LE_GetSocketFd(stream), client->client.id); #ifdef APPSPAWN_TEST g_testClientHandle = stream; -- Gitee From db27df3ba2b01f1c431d8116c937a587d7c00eb7 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 05:37:39 +0000 Subject: [PATCH 06/15] fix --- common/appspawn_server.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/common/appspawn_server.h b/common/appspawn_server.h index 1c26dbd0..495de369 100644 --- a/common/appspawn_server.h +++ b/common/appspawn_server.h @@ -17,7 +17,6 @@ #define APPSPAWN_SERVER_H #include "beget_ext.h" -#include #include #include #include @@ -41,8 +40,8 @@ extern "C" { typedef struct AppSpawnClient_ { uint32_t id; int32_t flags; - bool setAllowInternet; - bool isAllowInternet; + uint8_t setAllowInternet; + uint8_t allowInternet; } AppSpawnClient; #define MAX_SOCKEYT_NAME_LEN 128 -- Gitee From b593d0ae7c5eba409f072c94606e174e21fa3805 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 06:23:03 +0000 Subject: [PATCH 07/15] fix --- adapter/appspawn_ace.cpp | 8 ++++---- standard/appspawn_service.c | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index f9548919..6cbd9cac 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -19,7 +19,7 @@ #include "foundation/ability/ability_runtime/interfaces/kits/native/appkit/app/main_thread.h" #ifndef APPSPAWN_TEST -typedef void (*AllowFunc)(uint8_t); +using AllowFunc = void(*)(uint8_t); static const char *LIBNETSYS_CLIENT_NAME = "libnetsys_client.z.so"; static const char *ALLOW_SOCKET_FUNCNAME = "SetAllowCreateSocket"; #endif @@ -44,12 +44,12 @@ void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client) { APPSPAWN_LOGI("AppExecFwk::MainThread::Start"); #ifndef APPSPAWN_TEST - if (client != NULL) { + if (client != NULL && client->setAllowInternet == 1) { void* handler = dlopen(LIBNETSYS_CLIENT_NAME, RTLD_LAZY); if (handler != NULL) { AllowFunc func = (AllowFunc)dlsym(handler, ALLOW_SOCKET_FUNCNAME); - if (func != NULL && client->setAllowInternet == 1) { - func(client->isAllowInternet); + if (func != NULL) { + func(client->allowInternet); } dlclose(handler); } diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index 40c7d32a..9a9980f0 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -333,7 +333,6 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t AppSpawnClientExt *appProperty = (AppSpawnClientExt *)LE_GetUserData(taskHandle); APPSPAWN_CHECK(appProperty != NULL, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "alloc client Failed"); - int ret = memcpy_s(&appProperty->property, sizeof(appProperty->property), buffer, buffLen); APPSPAWN_CHECK(ret == 0, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid buffer buffLen %u", buffLen); -- Gitee From 0a55b2a084c2b0c1375c469ad6b3c1c0d520ba21 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 08:03:35 +0000 Subject: [PATCH 08/15] fix code --- common/appspawn_server.h | 2 +- standard/appspawn_service.c | 12 ++---------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/common/appspawn_server.h b/common/appspawn_server.h index 495de369..59752413 100644 --- a/common/appspawn_server.h +++ b/common/appspawn_server.h @@ -39,7 +39,7 @@ extern "C" { typedef struct AppSpawnClient_ { uint32_t id; - int32_t flags; + uint32_t flags; uint8_t setAllowInternet; uint8_t allowInternet; } AppSpawnClient; diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index 9a9980f0..4bc5c3f0 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -331,12 +331,10 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t APPSPAWN_CHECK(buffer != NULL && buffLen >= sizeof(AppParameter), LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid buffer buffLen %u", buffLen); AppSpawnClientExt *appProperty = (AppSpawnClientExt *)LE_GetUserData(taskHandle); - APPSPAWN_CHECK(appProperty != NULL, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); - return, "alloc client Failed"); + APPSPAWN_CHECK(appProperty != NULL, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "alloc client Failed"); int ret = memcpy_s(&appProperty->property, sizeof(appProperty->property), buffer, buffLen); APPSPAWN_CHECK(ret == 0, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid buffer buffLen %u", buffLen); - #ifdef NWEB_SPAWN // get render process termination status, only nwebspawn need this logic. if (appProperty->property.code == GET_RENDER_TERMINATION_STATUS) { @@ -344,30 +342,24 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t return; } #endif - APPSPAWN_CHECK(appProperty->property.gidCount <= APP_MAX_GIDS && strlen(appProperty->property.processName) > 0, - LE_CloseTask(LE_GetDefaultLoop(), taskHandle); - return, "Invalid property %u", appProperty->property.gidCount); + LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid property %u", appProperty->property.gidCount); // special handle bundle name medialibrary and scanner HandleSpecial(appProperty); if (g_appSpawnContent->timer != NULL) { LE_StopTimer(LE_GetDefaultLoop(), g_appSpawnContent->timer); g_appSpawnContent->timer = NULL; } - CheckColdAppEnabled(appProperty); - // create pipe for commication from child if (pipe(appProperty->fd) == -1) { APPSPAWN_LOGE("create pipe fail, errno = %d", errno); LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return; } - APPSPAWN_LOGI("OnReceiveRequest client.id %d appProperty %d processname %s buffLen %d flags 0x%x", appProperty->client.id, appProperty->property.uid, appProperty->property.processName, buffLen, appProperty->property.flags); fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); - pid_t pid = 0; if (appProperty->property.allowInternet == 0) { appProperty->client.setAllowInternet = 1; -- Gitee From 388f5ffa85291a1c854c630d223c8b20eaa71509 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 08:37:17 +0000 Subject: [PATCH 09/15] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=A0=87=E8=AE=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- interfaces/innerkits/include/appspawn_msg.h | 1 + standard/appspawn_service.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index e1ccbce3..8e5835d1 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -72,6 +72,7 @@ typedef struct AppParameter_ { int32_t pid; // query render process exited status by render process pid int32_t bundleIndex; AppOperateType code; + uint8_t setAllowInternet; uint8_t allowInternet; // hap sockect allowed } AppParameter; diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index 4bc5c3f0..887eb36c 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -361,7 +361,7 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t buffLen, appProperty->property.flags); fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); pid_t pid = 0; - if (appProperty->property.allowInternet == 0) { + if (appProperty->property.setAllowInternet == 1 && appProperty->property.allowInternet == 0) { appProperty->client.setAllowInternet = 1; appProperty->client.allowInternet = 0; } -- Gitee From 385bd45f5e3ff47c3103bc863b7589d8171f7df1 Mon Sep 17 00:00:00 2001 From: fuchao Date: Thu, 21 Jul 2022 08:43:13 +0000 Subject: [PATCH 10/15] =?UTF-8?q?=E8=BF=98=E5=8E=9F=E6=9B=B4=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- standard/appspawn_service.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index 887eb36c..6bea4094 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -331,10 +331,13 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t APPSPAWN_CHECK(buffer != NULL && buffLen >= sizeof(AppParameter), LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid buffer buffLen %u", buffLen); AppSpawnClientExt *appProperty = (AppSpawnClientExt *)LE_GetUserData(taskHandle); - APPSPAWN_CHECK(appProperty != NULL, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "alloc client Failed"); + APPSPAWN_CHECK(appProperty != NULL, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); + return, "alloc client Failed"); + int ret = memcpy_s(&appProperty->property, sizeof(appProperty->property), buffer, buffLen); APPSPAWN_CHECK(ret == 0, LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid buffer buffLen %u", buffLen); + #ifdef NWEB_SPAWN // get render process termination status, only nwebspawn need this logic. if (appProperty->property.code == GET_RENDER_TERMINATION_STATUS) { @@ -342,24 +345,30 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t return; } #endif + APPSPAWN_CHECK(appProperty->property.gidCount <= APP_MAX_GIDS && strlen(appProperty->property.processName) > 0, - LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return, "Invalid property %u", appProperty->property.gidCount); + LE_CloseTask(LE_GetDefaultLoop(), taskHandle); + return, "Invalid property %u", appProperty->property.gidCount); // special handle bundle name medialibrary and scanner HandleSpecial(appProperty); if (g_appSpawnContent->timer != NULL) { LE_StopTimer(LE_GetDefaultLoop(), g_appSpawnContent->timer); g_appSpawnContent->timer = NULL; } + CheckColdAppEnabled(appProperty); + // create pipe for commication from child if (pipe(appProperty->fd) == -1) { APPSPAWN_LOGE("create pipe fail, errno = %d", errno); LE_CloseTask(LE_GetDefaultLoop(), taskHandle); return; } + APPSPAWN_LOGI("OnReceiveRequest client.id %d appProperty %d processname %s buffLen %d flags 0x%x", appProperty->client.id, appProperty->property.uid, appProperty->property.processName, buffLen, appProperty->property.flags); fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); + pid_t pid = 0; if (appProperty->property.setAllowInternet == 1 && appProperty->property.allowInternet == 0) { appProperty->client.setAllowInternet = 1; -- Gitee From 2eae115fc7536216dfb8cb08d531fbc9da405aca Mon Sep 17 00:00:00 2001 From: fuchao Date: Fri, 22 Jul 2022 02:39:29 +0000 Subject: [PATCH 11/15] fix --- adapter/appspawn_ace.cpp | 4 ++-- lite/appspawn_service.c | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index 6cbd9cac..2c450402 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -44,12 +44,12 @@ void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client) { APPSPAWN_LOGI("AppExecFwk::MainThread::Start"); #ifndef APPSPAWN_TEST - if (client != NULL && client->setAllowInternet == 1) { + if (client != NULL && client->setAllowInternet == 1 && client->allowInternet == 0) { void* handler = dlopen(LIBNETSYS_CLIENT_NAME, RTLD_LAZY); if (handler != NULL) { AllowFunc func = (AllowFunc)dlsym(handler, ALLOW_SOCKET_FUNCNAME); if (func != NULL) { - func(client->allowInternet); + func(0); } dlclose(handler); } diff --git a/lite/appspawn_service.c b/lite/appspawn_service.c index 994baf31..4566c340 100644 --- a/lite/appspawn_service.c +++ b/lite/appspawn_service.c @@ -134,8 +134,6 @@ static int Invoke(IServerProxy *iProxy, int funcId, void *origin, IpcIo *req, Ip AppSpawnClientLite client = {}; client.client.id = CLIENT_ID; client.client.flags = 0; - client.client.setAllowInternet = 0; - client.client.allowInternet = 1; if (GetMessageSt(&client.message, req) != EC_SUCCESS) { APPSPAWN_LOGE("[appspawn] invoke, parse failed! reply %d.", INVALID_PID); WriteInt64(reply, INVALID_PID); -- Gitee From 116952322e16b26568487ccfe7cdcb6b575f06ec Mon Sep 17 00:00:00 2001 From: fuchao Date: Fri, 22 Jul 2022 02:44:20 +0000 Subject: [PATCH 12/15] fix --- common/appspawn_server.h | 2 ++ interfaces/innerkits/include/appspawn_msg.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/common/appspawn_server.h b/common/appspawn_server.h index 59752413..4884c4b3 100644 --- a/common/appspawn_server.h +++ b/common/appspawn_server.h @@ -42,6 +42,8 @@ typedef struct AppSpawnClient_ { uint32_t flags; uint8_t setAllowInternet; uint8_t allowInternet; + uint8_t reserved1; + uint8_t reserved2; } AppSpawnClient; #define MAX_SOCKEYT_NAME_LEN 128 diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index 8e5835d1..188b8351 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -74,6 +74,8 @@ typedef struct AppParameter_ { AppOperateType code; uint8_t setAllowInternet; uint8_t allowInternet; // hap sockect allowed + uint8_t reserved1; + uint8_t reserved2; } AppParameter; #ifdef __cplusplus -- Gitee From 899ebc892f11e5afa0f24bd2ccf5f26605233bc8 Mon Sep 17 00:00:00 2001 From: fuchao Date: Tue, 26 Jul 2022 03:22:10 +0000 Subject: [PATCH 13/15] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=BD=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adapter/appspawn_ace.cpp | 20 +------------------- common/appspawn_server.c | 13 +++++++++++++ 2 files changed, 14 insertions(+), 19 deletions(-) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index 2c450402..822f239f 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -12,17 +12,9 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#ifndef APPSPAWN_TEST -#include -#endif #include "appspawn_adapter.h" - #include "foundation/ability/ability_runtime/interfaces/kits/native/appkit/app/main_thread.h" -#ifndef APPSPAWN_TEST -using AllowFunc = void(*)(uint8_t); -static const char *LIBNETSYS_CLIENT_NAME = "libnetsys_client.z.so"; -static const char *ALLOW_SOCKET_FUNCNAME = "SetAllowCreateSocket"; -#endif + void LoadExtendLib(AppSpawnContent *content) { #ifdef __aarch64__ @@ -44,16 +36,6 @@ void RunChildProcessor(AppSpawnContent *content, AppSpawnClient *client) { APPSPAWN_LOGI("AppExecFwk::MainThread::Start"); #ifndef APPSPAWN_TEST - if (client != NULL && client->setAllowInternet == 1 && client->allowInternet == 0) { - void* handler = dlopen(LIBNETSYS_CLIENT_NAME, RTLD_LAZY); - if (handler != NULL) { - AllowFunc func = (AllowFunc)dlsym(handler, ALLOW_SOCKET_FUNCNAME); - if (func != NULL) { - func(0); - } - dlclose(handler); - } - } OHOS::AppExecFwk::MainThread::Start(); #endif } diff --git a/common/appspawn_server.c b/common/appspawn_server.c index 7d27d8ea..9dd78ce8 100644 --- a/common/appspawn_server.c +++ b/common/appspawn_server.c @@ -45,6 +45,17 @@ static void ProcessExit(void) #endif } +extern void set_allow_internet(uint8_t allow_internet); + +int SetAllowInternet(struct AppSpawnContent_ *content, AppSpawnClient *client) +{ + int32_t ret = 0; + if (client != NULL && client->setAllowInternet == 1 && client->allowInternet == 0) { + set_allow_internet(0); + } + return ret; +} + int DoStartApp(struct AppSpawnContent_ *content, AppSpawnClient *client, char *longProcName, uint32_t longProcNameLen) { APPSPAWN_LOGI("DoStartApp id %d longProcNameLen %u", client->id, longProcNameLen); @@ -87,6 +98,8 @@ int DoStartApp(struct AppSpawnContent_ *content, AppSpawnClient *client, char *l return ret, "Failed to setCapabilities"); } + SetAllowInternet(content, client); + // notify success to father process and start app process NotifyResToParent(content, client, 0); return 0; -- Gitee From bd7256a8eed762d2f744866bdae599c6f4add045 Mon Sep 17 00:00:00 2001 From: fuchao Date: Tue, 26 Jul 2022 03:25:59 +0000 Subject: [PATCH 14/15] =?UTF-8?q?=E6=94=BE=E5=BC=83=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adapter/appspawn_ace.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/adapter/appspawn_ace.cpp b/adapter/appspawn_ace.cpp index 2cecb4f8..42cde25a 100644 --- a/adapter/appspawn_ace.cpp +++ b/adapter/appspawn_ace.cpp @@ -12,6 +12,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + #include "appspawn_adapter.h" #include "js_runtime.h" -- Gitee From 911079720921b790a0d8a68c8ec05445e5d3f101 Mon Sep 17 00:00:00 2001 From: fuchao Date: Wed, 27 Jul 2022 05:17:07 +0000 Subject: [PATCH 15/15] =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- BUILD.gn | 2 ++ common/appspawn_server.c | 28 +++++++++++++++------ common/appspawn_server.h | 4 +++ interfaces/innerkits/include/appspawn_msg.h | 4 +++ standard/appspawn_service.c | 17 ++++++++++--- 5 files changed, 43 insertions(+), 12 deletions(-) diff --git a/BUILD.gn b/BUILD.gn index 30206a9e..88cf9ef2 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -89,6 +89,7 @@ ohos_static_library("appspawn_server") { deps = [ "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", "//base/startup/init/interfaces/innerkits:libbegetutil", + "//foundation/communication/netmanager_base/services/netmanagernative/netsys_client:netsys_client", "//utils/native/base:utils", ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] @@ -132,6 +133,7 @@ ohos_static_library("nwebspawn_server") { deps = [ "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", "//base/startup/init/interfaces/innerkits:libbegetutil", + "//foundation/communication/netmanager_base/services/netmanagernative/netsys_client:netsys_client", "//utils/native/base:utils", ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] diff --git a/common/appspawn_server.c b/common/appspawn_server.c index 87a3403e..8a810434 100644 --- a/common/appspawn_server.c +++ b/common/appspawn_server.c @@ -45,15 +45,27 @@ static void ProcessExit(void) #endif } -extern void set_allow_internet(uint8_t allow_internet); +#ifndef APPSPAWN_TEST +#ifndef OHOS_LITE +void DisallowInternet(void); +#endif +#endif -int SetAllowInternet(struct AppSpawnContent_ *content, AppSpawnClient *client) +static void SetInternetPermission(AppSpawnClient *client) { - int32_t ret = 0; - if (client != NULL && client->setAllowInternet == 1 && client->allowInternet == 0) { - set_allow_internet(0); +#ifndef APPSPAWN_TEST +#ifndef OHOS_LITE + if (client == NULL) { + return; } - return ret; + + APPSPAWN_LOGI("SetInternetPermission id %d setAllowInternet %hhu allowInternet %hhu", client->id, + client->setAllowInternet, client->allowInternet); + if (client->setAllowInternet == 1 && client->allowInternet == 0) { + DisallowInternet(); + } +#endif +#endif } int DoStartApp(struct AppSpawnContent_ *content, AppSpawnClient *client, char *longProcName, uint32_t longProcNameLen) @@ -61,6 +73,8 @@ int DoStartApp(struct AppSpawnContent_ *content, AppSpawnClient *client, char *l APPSPAWN_LOGI("DoStartApp id %d longProcNameLen %u", client->id, longProcNameLen); int32_t ret = 0; + SetInternetPermission(client); + if (content->setAppSandbox) { ret = content->setAppSandbox(content, client); APPSPAWN_CHECK(ret == 0, NotifyResToParent(content, client, ret); @@ -98,8 +112,6 @@ int DoStartApp(struct AppSpawnContent_ *content, AppSpawnClient *client, char *l return ret, "Failed to setCapabilities"); } - SetAllowInternet(content, client); - // notify success to father process and start app process NotifyResToParent(content, client, 0); return 0; diff --git a/common/appspawn_server.h b/common/appspawn_server.h index 4884c4b3..39f46cdd 100644 --- a/common/appspawn_server.h +++ b/common/appspawn_server.h @@ -40,10 +40,14 @@ extern "C" { typedef struct AppSpawnClient_ { uint32_t id; uint32_t flags; +#ifndef APPSPAWN_TEST +#ifndef OHOS_LITE uint8_t setAllowInternet; uint8_t allowInternet; uint8_t reserved1; uint8_t reserved2; +#endif +#endif } AppSpawnClient; #define MAX_SOCKEYT_NAME_LEN 128 diff --git a/interfaces/innerkits/include/appspawn_msg.h b/interfaces/innerkits/include/appspawn_msg.h index 188b8351..946a72df 100644 --- a/interfaces/innerkits/include/appspawn_msg.h +++ b/interfaces/innerkits/include/appspawn_msg.h @@ -72,10 +72,14 @@ typedef struct AppParameter_ { int32_t pid; // query render process exited status by render process pid int32_t bundleIndex; AppOperateType code; +#ifndef APPSPAWN_TEST +#ifndef OHOS_LITE uint8_t setAllowInternet; uint8_t allowInternet; // hap sockect allowed uint8_t reserved1; uint8_t reserved2; +#endif +#endif } AppParameter; #ifdef __cplusplus diff --git a/standard/appspawn_service.c b/standard/appspawn_service.c index 90db0dfc..1456d03b 100644 --- a/standard/appspawn_service.c +++ b/standard/appspawn_service.c @@ -327,6 +327,16 @@ static void GetProcessTerminationStatus(AppSpawnClientExt *appProperty) } #endif +APPSPAWN_STATIC void SetInternetPermission(AppSpawnClientExt *appProperty) +{ +#ifndef APPSPAWN_TEST + if (appProperty->property.setAllowInternet == 1 && appProperty->property.allowInternet == 0) { + appProperty->client.setAllowInternet = 1; + appProperty->client.allowInternet = 0; + } +#endif +} + APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t *buffer, uint32_t buffLen) { APPSPAWN_CHECK(buffer != NULL && buffLen >= sizeof(AppParameter), LE_CloseTask(LE_GetDefaultLoop(), taskHandle); @@ -352,6 +362,7 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t return, "Invalid property %u", appProperty->property.gidCount); // special handle bundle name medialibrary and scanner HandleSpecial(appProperty); + SetInternetPermission(appProperty); if (g_appSpawnContent->timer != NULL) { LE_StopTimer(LE_GetDefaultLoop(), g_appSpawnContent->timer); g_appSpawnContent->timer = NULL; @@ -371,10 +382,6 @@ APPSPAWN_STATIC void OnReceiveRequest(const TaskHandle taskHandle, const uint8_t fcntl(appProperty->fd[0], F_SETFL, O_NONBLOCK); pid_t pid = 0; - if (appProperty->property.setAllowInternet == 1 && appProperty->property.allowInternet == 0) { - appProperty->client.setAllowInternet = 1; - appProperty->client.allowInternet = 0; - } int result = AppSpawnProcessMsg(&g_appSpawnContent->content, &appProperty->client, &pid); if (result == 0) { // wait child process result result = WaitChild(appProperty->fd[0], pid, appProperty); @@ -424,8 +431,10 @@ APPSPAWN_STATIC int OnConnection(const LoopHandle loopHandle, const TaskHandle s client->stream = stream; client->client.id = ++clientId; client->client.flags = 0; +#ifndef APPSPAWN_TEST client->client.setAllowInternet = 0; client->client.allowInternet = 1; +#endif APPSPAWN_LOGI("OnConnection client fd %d Id %d", LE_GetSocketFd(stream), client->client.id); #ifdef APPSPAWN_TEST g_testClientHandle = stream; -- Gitee