config-fs-gen: Initial commit

Change-Id: Ie9655475aa46a393ea829f9321452d315c68d7fa
2019-07-13 23:00:03 +02:00
parent 7d5fd1d3fc
commit c4ed5a6a06
2 changed files with 301 additions and 0 deletions
--- a/config-fs-gen/README.md
+++ b/config-fs-gen/README.md
@@ -0,0 +1,164 @@
+# config-fs-gen
+
+```
+usage: config-fs-gen.py [-h]
+                        capability_header_path
+                        android_filesystem_config_header_path
+                        vendor_group_path fs_config_paths
+                        [fs_config_paths ...]
+
+Convert /vendor/etc/group ×
+/(system|vendor)/etc/(fs_config_dirs|fs_config_files) to config.fs
+
+positional arguments:
+  capability_header_path
+                        path to
+                        {android}/bionic/libc/kernel/uapi/linux/capability.h
+  android_filesystem_config_header_path
+                        path to {android}/system/core/libcutils/include/privat
+                        e/android_filesystem_config.h
+  vendor_group_path     path to {rom}/vendor/etc/group
+  fs_config_paths       paths to
+                        {rom}/(system|vendor)/etc/fs_config_(dirs|files)
+
+optional arguments:
+  -h, --help            show this help message and exit
+```
+```
+  Example usage:
+    $ ./config-fs-gen.py ~/lineage-16.0/bionic/libc/kernel/uapi/linux/capability.h \
+      ~/lineage-16.0/system/core/libcutils/include/private/android_filesystem_config.h \
+      ~/lineage-16.0/out/target/product/guacamole/vendor/etc/group \
+      ~/lineage-16.0/out/target/product/guacamole/{system,vendor}/etc/{fs_config_dirs,fs_config_files}
+    [AID_VENDOR_QTI_DIAG]
+    value:2901
+
+    [AID_VENDOR_QDSS]
+    value:2902
+
+    [AID_VENDOR_RFS]
+    value:2903
+
+    [AID_VENDOR_RFS_SHARED]
+    value:2904
+
+    [AID_VENDOR_ADPL_ODL]
+    value:2905
+
+    [AID_VENDOR_QRTR]
+    value:2906
+
+    [bt_firmware/]
+    mode: 0771
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: 0
+
+    [dsp/]
+    mode: 0771
+    user: AID_MEDIA
+    group: AID_MEDIA
+    caps: 0
+
+    [firmware/]
+    mode: 0771
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: 0
+
+    [firmware/image/*]
+    mode: 0771
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: 0
+
+    [persist/]
+    mode: 0771
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: 0
+
+    [vendor/bin/cnd]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: NET_BIND_SERVICE NET_ADMIN BLOCK_SUSPEND
+
+    [vendor/bin/hw/android.hardware.bluetooth@1.0-service-qti]
+    mode: 0755
+    user: AID_BLUETOOTH
+    group: AID_BLUETOOTH
+    caps: NET_ADMIN BLOCK_SUSPEND
+
+    [vendor/bin/ims_rtp_daemon]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_RADIO
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/imsdatadaemon]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/imsrcsd]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_RADIO
+    caps: NET_BIND_SERVICE WAKE_ALARM BLOCK_SUSPEND
+
+    [vendor/bin/loc_launcher]
+    mode: 0755
+    user: AID_GPS
+    group: AID_GPS
+    caps: SETGID SETUID
+
+    [vendor/bin/pd-mapper]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/pm-service]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/sensors.qti]
+    mode: 0755
+    user: AID_SYSTEM
+    group: AID_SYSTEM
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/slim_daemon]
+    mode: 0755
+    user: AID_GPS
+    group: AID_GPS
+    caps: NET_BIND_SERVICE
+
+    [vendor/bin/wcnss_filter]
+    mode: 0755
+    user: AID_BLUETOOTH
+    group: AID_BLUETOOTH
+    caps: BLOCK_SUSPEND
+
+    [vendor/bin/xtwifi-client]
+    mode: 0755
+    user: AID_GPS
+    group: AID_GPS
+    caps: NET_BIND_SERVICE WAKE_ALARM BLOCK_SUSPEND
+
+    [vendor/firmware_mnt/image/*]
+    mode: 0771
+    user: AID_ROOT
+    group: AID_SYSTEM
+    caps: 0
+
+    [vendor/lib/modules-aging/*]
+    mode: 0644
+    user: AID_ROOT
+    group: AID_ROOT
+    caps: 0
+```
--- a/config-fs-gen/config-fs-gen.py
+++ b/config-fs-gen/config-fs-gen.py
@@ -0,0 +1,137 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from __future__ import print_function
+
+import argparse
+import parse
+import struct
+
+
+def parse_cmdline():
+    parser = argparse.ArgumentParser(
+        description='Convert /vendor/etc/group × /(system|vendor)/etc/(fs_config_dirs|fs_config_files) to config.fs')
+    parser.add_argument('capability_header_path',
+                        help='path to {android}/bionic/libc/kernel/uapi/linux/capability.h')
+    parser.add_argument('android_filesystem_config_header_path',
+                        help='path to {android}/system/core/libcutils/include/private/android_filesystem_config.h')
+    parser.add_argument('vendor_group_path',
+                        help='path to {rom}/vendor/etc/group')
+    parser.add_argument('fs_config_paths', nargs='+',
+                        help='paths to {rom}/(system|vendor)/etc/fs_config_(dirs|files)')
+    return parser.parse_args()
+
+
+def get_capabilities(capability_header_path):
+    capabilities = {}
+
+    with open(capability_header_path, 'r') as file:
+        for line in file:
+            s = parse.search('#define CAP_{:w} {:d}', line)
+
+            if s is not None:
+                capabilities[s[1]] = s[0]
+
+    return capabilities
+
+
+def get_groups(android_filesystem_config_header_path, vendor_group_path):
+    system_groups = {}
+    vendor_groups = {}
+
+    with open(android_filesystem_config_header_path, 'r') as file:
+        for line in file:
+            s = parse.search('#define AID_{:w} {:d}', line)
+
+            if s is not None:
+                system_groups[s[1]] = 'AID_' + s[0]
+
+    with open(vendor_group_path, 'r') as file:
+        for line in file:
+            name, _, uid, _ = line.split(':', 3)
+            vendor_groups[uid] = 'AID_' + name.upper()
+
+    return system_groups, vendor_groups
+
+
+def get_fs_path_configs(fs_config_paths, system_groups, vendor_groups):
+    fs_path_config = {}
+
+    for fs_config_path in args.fs_config_paths:
+        with open(fs_config_path, 'rb') as file:
+            while True:
+                bytes = file.read(struct.calcsize('<HHHHQ'))
+
+                if bytes is b'':
+                    break
+
+                length, mode, uid, gid, caps = struct.unpack('<HHHHQ', bytes)
+                name = file.read(length - len(bytes)).decode().rstrip('\x00')
+
+                fs_path_config[name] = {
+                    'mode': mode,
+                    'user': gid_to_str(uid, system_groups, vendor_groups),
+                    'group': gid_to_str(gid, system_groups, vendor_groups),
+                    'caps': caps_to_str(caps)
+                }
+
+    return fs_path_config
+
+
+def caps_to_str(caps):
+    caps_list = []
+
+    # return '0' directly if there are no special capabilities set
+    if caps == 0:
+        return str(caps)
+
+    # try to match well known linux capabilities
+    for cap in capabilities:
+        cap_mask_long = 1 << cap
+
+        if caps & cap_mask_long:
+            caps = caps & ~cap_mask_long
+            caps_list.append(capabilities[cap])
+
+    # append unmatched caps if needed
+    if caps > 0:
+        caps_list.append(str(caps))
+
+    return ' '.join(caps_list)
+
+
+def gid_to_str(gid, system_groups, vendor_groups):
+    if gid in system_groups:
+        return system_groups[gid]
+
+    if gid in vendor_groups:
+        return vendor_groups[gid]
+
+    return gid
+
+
+if __name__ == '__main__':
+    args = parse_cmdline()
+    capabilities = get_capabilities(args.capability_header_path)
+    system_groups, vendor_groups = get_groups(
+        args.android_filesystem_config_header_path,
+        args.vendor_group_path)
+    fs_path_configs = get_fs_path_configs(
+        args.fs_config_paths,
+        system_groups,
+        vendor_groups)
+
+    # print vendor AIDs
+    for gid in sorted(vendor_groups):
+        print('[{}]'.format(vendor_groups[gid]))
+        print('value:{}'.format(gid))
+        print()
+
+    # print {system,vendor} fs path configs
+    for name in sorted(fs_path_configs):
+        print('[{}]'.format(name))
+        print('mode: {:04o}'.format(fs_path_configs[name]['mode']))
+        print('user: {}'.format(fs_path_configs[name]['user']))
+        print('group: {}'.format(fs_path_configs[name]['group']))
+        print('caps: {}'.format(fs_path_configs[name]['caps']))
+        print()