1 /*
2 * Copyright (C) 2005 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <binder/Binder.h>
18
19 #include <atomic>
20 #include <utils/misc.h>
21 #include <binder/BpBinder.h>
22 #include <binder/IInterface.h>
23 #include <binder/IResultReceiver.h>
24 #include <binder/IShellCallback.h>
25 #include <binder/Parcel.h>
26
27 #include <linux/sched.h>
28 #include <stdio.h>
29
30 namespace android {
31
32 // Service implementations inherit from BBinder and IBinder, and this is frozen
33 // in prebuilts.
34 #ifdef __LP64__
35 static_assert(sizeof(IBinder) == 24);
36 static_assert(sizeof(BBinder) == 40);
37 #else
38 static_assert(sizeof(IBinder) == 12);
39 static_assert(sizeof(BBinder) == 20);
40 #endif
41
42 // ---------------------------------------------------------------------------
43
IBinder()44 IBinder::IBinder()
45 : RefBase()
46 {
47 }
48
~IBinder()49 IBinder::~IBinder()
50 {
51 }
52
53 // ---------------------------------------------------------------------------
54
queryLocalInterface(const String16 &)55 sp<IInterface> IBinder::queryLocalInterface(const String16& /*descriptor*/)
56 {
57 return nullptr;
58 }
59
localBinder()60 BBinder* IBinder::localBinder()
61 {
62 return nullptr;
63 }
64
remoteBinder()65 BpBinder* IBinder::remoteBinder()
66 {
67 return nullptr;
68 }
69
checkSubclass(const void *) const70 bool IBinder::checkSubclass(const void* /*subclassID*/) const
71 {
72 return false;
73 }
74
75
shellCommand(const sp<IBinder> & target,int in,int out,int err,Vector<String16> & args,const sp<IShellCallback> & callback,const sp<IResultReceiver> & resultReceiver)76 status_t IBinder::shellCommand(const sp<IBinder>& target, int in, int out, int err,
77 Vector<String16>& args, const sp<IShellCallback>& callback,
78 const sp<IResultReceiver>& resultReceiver)
79 {
80 Parcel send;
81 Parcel reply;
82 send.writeFileDescriptor(in);
83 send.writeFileDescriptor(out);
84 send.writeFileDescriptor(err);
85 const size_t numArgs = args.size();
86 send.writeInt32(numArgs);
87 for (size_t i = 0; i < numArgs; i++) {
88 send.writeString16(args[i]);
89 }
90 send.writeStrongBinder(callback != nullptr ? IInterface::asBinder(callback) : nullptr);
91 send.writeStrongBinder(resultReceiver != nullptr ? IInterface::asBinder(resultReceiver) : nullptr);
92 return target->transact(SHELL_COMMAND_TRANSACTION, send, &reply);
93 }
94
getExtension(sp<IBinder> * out)95 status_t IBinder::getExtension(sp<IBinder>* out) {
96 BBinder* local = this->localBinder();
97 if (local != nullptr) {
98 *out = local->getExtension();
99 return OK;
100 }
101
102 BpBinder* proxy = this->remoteBinder();
103 LOG_ALWAYS_FATAL_IF(proxy == nullptr);
104
105 Parcel data;
106 Parcel reply;
107 status_t status = transact(EXTENSION_TRANSACTION, data, &reply);
108 if (status != OK) return status;
109
110 return reply.readNullableStrongBinder(out);
111 }
112
getDebugPid(pid_t * out)113 status_t IBinder::getDebugPid(pid_t* out) {
114 BBinder* local = this->localBinder();
115 if (local != nullptr) {
116 *out = local->getDebugPid();
117 return OK;
118 }
119
120 BpBinder* proxy = this->remoteBinder();
121 LOG_ALWAYS_FATAL_IF(proxy == nullptr);
122
123 Parcel data;
124 Parcel reply;
125 status_t status = transact(DEBUG_PID_TRANSACTION, data, &reply);
126 if (status != OK) return status;
127
128 int32_t pid;
129 status = reply.readInt32(&pid);
130 if (status != OK) return status;
131
132 if (pid < 0 || pid > std::numeric_limits<pid_t>::max()) {
133 return BAD_VALUE;
134 }
135 *out = pid;
136 return OK;
137 }
138
139 // ---------------------------------------------------------------------------
140
141 class BBinder::Extras
142 {
143 public:
144 // unlocked objects
145 bool mRequestingSid = false;
146 bool mInheritRt = false;
147 sp<IBinder> mExtension;
148 int mPolicy = SCHED_NORMAL;
149 int mPriority = 0;
150
151 // for below objects
152 Mutex mLock;
153 BpBinder::ObjectManager mObjects;
154 };
155
156 // ---------------------------------------------------------------------------
157
BBinder()158 BBinder::BBinder() : mExtras(nullptr), mStability(0)
159 {
160 }
161
isBinderAlive() const162 bool BBinder::isBinderAlive() const
163 {
164 return true;
165 }
166
pingBinder()167 status_t BBinder::pingBinder()
168 {
169 return NO_ERROR;
170 }
171
getInterfaceDescriptor() const172 const String16& BBinder::getInterfaceDescriptor() const
173 {
174 // This is a local static rather than a global static,
175 // to avoid static initializer ordering issues.
176 static String16 sEmptyDescriptor;
177 ALOGW("reached BBinder::getInterfaceDescriptor (this=%p)", this);
178 return sEmptyDescriptor;
179 }
180
181 // NOLINTNEXTLINE(google-default-arguments)
transact(uint32_t code,const Parcel & data,Parcel * reply,uint32_t flags)182 status_t BBinder::transact(
183 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
184 {
185 data.setDataPosition(0);
186
187 if (reply != nullptr && (flags & FLAG_CLEAR_BUF)) {
188 reply->markSensitive();
189 }
190
191 status_t err = NO_ERROR;
192 switch (code) {
193 case PING_TRANSACTION:
194 err = pingBinder();
195 break;
196 case EXTENSION_TRANSACTION:
197 err = reply->writeStrongBinder(getExtension());
198 break;
199 case DEBUG_PID_TRANSACTION:
200 err = reply->writeInt32(getDebugPid());
201 break;
202 default:
203 err = onTransact(code, data, reply, flags);
204 break;
205 }
206
207 // In case this is being transacted on in the same process.
208 if (reply != nullptr) {
209 reply->setDataPosition(0);
210 }
211
212 return err;
213 }
214
215 // NOLINTNEXTLINE(google-default-arguments)
linkToDeath(const sp<DeathRecipient> &,void *,uint32_t)216 status_t BBinder::linkToDeath(
217 const sp<DeathRecipient>& /*recipient*/, void* /*cookie*/,
218 uint32_t /*flags*/)
219 {
220 return INVALID_OPERATION;
221 }
222
223 // NOLINTNEXTLINE(google-default-arguments)
unlinkToDeath(const wp<DeathRecipient> &,void *,uint32_t,wp<DeathRecipient> *)224 status_t BBinder::unlinkToDeath(
225 const wp<DeathRecipient>& /*recipient*/, void* /*cookie*/,
226 uint32_t /*flags*/, wp<DeathRecipient>* /*outRecipient*/)
227 {
228 return INVALID_OPERATION;
229 }
230
dump(int,const Vector<String16> &)231 status_t BBinder::dump(int /*fd*/, const Vector<String16>& /*args*/)
232 {
233 return NO_ERROR;
234 }
235
attachObject(const void * objectID,void * object,void * cleanupCookie,object_cleanup_func func)236 void BBinder::attachObject(
237 const void* objectID, void* object, void* cleanupCookie,
238 object_cleanup_func func)
239 {
240 Extras* e = getOrCreateExtras();
241 if (!e) return; // out of memory
242
243 AutoMutex _l(e->mLock);
244 e->mObjects.attach(objectID, object, cleanupCookie, func);
245 }
246
findObject(const void * objectID) const247 void* BBinder::findObject(const void* objectID) const
248 {
249 Extras* e = mExtras.load(std::memory_order_acquire);
250 if (!e) return nullptr;
251
252 AutoMutex _l(e->mLock);
253 return e->mObjects.find(objectID);
254 }
255
detachObject(const void * objectID)256 void BBinder::detachObject(const void* objectID)
257 {
258 Extras* e = mExtras.load(std::memory_order_acquire);
259 if (!e) return;
260
261 AutoMutex _l(e->mLock);
262 e->mObjects.detach(objectID);
263 }
264
localBinder()265 BBinder* BBinder::localBinder()
266 {
267 return this;
268 }
269
isRequestingSid()270 bool BBinder::isRequestingSid()
271 {
272 Extras* e = mExtras.load(std::memory_order_acquire);
273
274 return e && e->mRequestingSid;
275 }
276
setRequestingSid(bool requestingSid)277 void BBinder::setRequestingSid(bool requestingSid)
278 {
279 Extras* e = mExtras.load(std::memory_order_acquire);
280
281 if (!e) {
282 // default is false. Most things don't need sids, so avoiding allocations when possible.
283 if (!requestingSid) {
284 return;
285 }
286
287 e = getOrCreateExtras();
288 if (!e) return; // out of memory
289 }
290
291 e->mRequestingSid = requestingSid;
292 }
293
getExtension()294 sp<IBinder> BBinder::getExtension() {
295 Extras* e = mExtras.load(std::memory_order_acquire);
296 if (e == nullptr) return nullptr;
297 return e->mExtension;
298 }
299
setMinSchedulerPolicy(int policy,int priority)300 void BBinder::setMinSchedulerPolicy(int policy, int priority) {
301 switch (policy) {
302 case SCHED_NORMAL:
303 LOG_ALWAYS_FATAL_IF(priority < -20 || priority > 19, "Invalid priority for SCHED_NORMAL: %d", priority);
304 break;
305 case SCHED_RR:
306 case SCHED_FIFO:
307 LOG_ALWAYS_FATAL_IF(priority < 1 || priority > 99, "Invalid priority for sched %d: %d", policy, priority);
308 break;
309 default:
310 LOG_ALWAYS_FATAL("Unrecognized scheduling policy: %d", policy);
311 }
312
313 Extras* e = mExtras.load(std::memory_order_acquire);
314
315 if (e == nullptr) {
316 // Avoid allocations if called with default.
317 if (policy == SCHED_NORMAL && priority == 0) {
318 return;
319 }
320
321 e = getOrCreateExtras();
322 if (!e) return; // out of memory
323 }
324
325 e->mPolicy = policy;
326 e->mPriority = priority;
327 }
328
getMinSchedulerPolicy()329 int BBinder::getMinSchedulerPolicy() {
330 Extras* e = mExtras.load(std::memory_order_acquire);
331 if (e == nullptr) return SCHED_NORMAL;
332 return e->mPolicy;
333 }
334
getMinSchedulerPriority()335 int BBinder::getMinSchedulerPriority() {
336 Extras* e = mExtras.load(std::memory_order_acquire);
337 if (e == nullptr) return 0;
338 return e->mPriority;
339 }
340
isInheritRt()341 bool BBinder::isInheritRt() {
342 Extras* e = mExtras.load(std::memory_order_acquire);
343
344 return e && e->mInheritRt;
345 }
346
setInheritRt(bool inheritRt)347 void BBinder::setInheritRt(bool inheritRt) {
348 Extras* e = mExtras.load(std::memory_order_acquire);
349
350 if (!e) {
351 if (!inheritRt) {
352 return;
353 }
354
355 e = getOrCreateExtras();
356 if (!e) return; // out of memory
357 }
358
359 e->mInheritRt = inheritRt;
360 }
361
getDebugPid()362 pid_t BBinder::getDebugPid() {
363 return getpid();
364 }
365
setExtension(const sp<IBinder> & extension)366 void BBinder::setExtension(const sp<IBinder>& extension) {
367 Extras* e = getOrCreateExtras();
368 e->mExtension = extension;
369 }
370
~BBinder()371 BBinder::~BBinder()
372 {
373 Extras* e = mExtras.load(std::memory_order_relaxed);
374 if (e) delete e;
375 }
376
377
378 // NOLINTNEXTLINE(google-default-arguments)
onTransact(uint32_t code,const Parcel & data,Parcel * reply,uint32_t)379 status_t BBinder::onTransact(
380 uint32_t code, const Parcel& data, Parcel* reply, uint32_t /*flags*/)
381 {
382 switch (code) {
383 case INTERFACE_TRANSACTION:
384 reply->writeString16(getInterfaceDescriptor());
385 return NO_ERROR;
386
387 case DUMP_TRANSACTION: {
388 int fd = data.readFileDescriptor();
389 int argc = data.readInt32();
390 Vector<String16> args;
391 for (int i = 0; i < argc && data.dataAvail() > 0; i++) {
392 args.add(data.readString16());
393 }
394 return dump(fd, args);
395 }
396
397 case SHELL_COMMAND_TRANSACTION: {
398 int in = data.readFileDescriptor();
399 int out = data.readFileDescriptor();
400 int err = data.readFileDescriptor();
401 int argc = data.readInt32();
402 Vector<String16> args;
403 for (int i = 0; i < argc && data.dataAvail() > 0; i++) {
404 args.add(data.readString16());
405 }
406 sp<IShellCallback> shellCallback = IShellCallback::asInterface(
407 data.readStrongBinder());
408 sp<IResultReceiver> resultReceiver = IResultReceiver::asInterface(
409 data.readStrongBinder());
410
411 // XXX can't add virtuals until binaries are updated.
412 //return shellCommand(in, out, err, args, resultReceiver);
413 (void)in;
414 (void)out;
415 (void)err;
416
417 if (resultReceiver != nullptr) {
418 resultReceiver->send(INVALID_OPERATION);
419 }
420
421 return NO_ERROR;
422 }
423
424 case SYSPROPS_TRANSACTION: {
425 report_sysprop_change();
426 return NO_ERROR;
427 }
428
429 default:
430 return UNKNOWN_TRANSACTION;
431 }
432 }
433
getOrCreateExtras()434 BBinder::Extras* BBinder::getOrCreateExtras()
435 {
436 Extras* e = mExtras.load(std::memory_order_acquire);
437
438 if (!e) {
439 e = new Extras;
440 Extras* expected = nullptr;
441 if (!mExtras.compare_exchange_strong(expected, e,
442 std::memory_order_release,
443 std::memory_order_acquire)) {
444 delete e;
445 e = expected; // Filled in by CAS
446 }
447 if (e == nullptr) return nullptr; // out of memory
448 }
449
450 return e;
451 }
452
453 // ---------------------------------------------------------------------------
454
455 enum {
456 // This is used to transfer ownership of the remote binder from
457 // the BpRefBase object holding it (when it is constructed), to the
458 // owner of the BpRefBase object when it first acquires that BpRefBase.
459 kRemoteAcquired = 0x00000001
460 };
461
BpRefBase(const sp<IBinder> & o)462 BpRefBase::BpRefBase(const sp<IBinder>& o)
463 : mRemote(o.get()), mRefs(nullptr), mState(0)
464 {
465 extendObjectLifetime(OBJECT_LIFETIME_WEAK);
466
467 if (mRemote) {
468 mRemote->incStrong(this); // Removed on first IncStrong().
469 mRefs = mRemote->createWeak(this); // Held for our entire lifetime.
470 }
471 }
472
~BpRefBase()473 BpRefBase::~BpRefBase()
474 {
475 if (mRemote) {
476 if (!(mState.load(std::memory_order_relaxed)&kRemoteAcquired)) {
477 mRemote->decStrong(this);
478 }
479 mRefs->decWeak(this);
480 }
481 }
482
onFirstRef()483 void BpRefBase::onFirstRef()
484 {
485 mState.fetch_or(kRemoteAcquired, std::memory_order_relaxed);
486 }
487
onLastStrongRef(const void *)488 void BpRefBase::onLastStrongRef(const void* /*id*/)
489 {
490 if (mRemote) {
491 mRemote->decStrong(this);
492 }
493 }
494
onIncStrongAttempted(uint32_t,const void *)495 bool BpRefBase::onIncStrongAttempted(uint32_t /*flags*/, const void* /*id*/)
496 {
497 return mRemote ? mRefs->attemptIncStrong(this) : false;
498 }
499
500 // ---------------------------------------------------------------------------
501
502 } // namespace android
503