1 /*
2 **
3 ** Copyright 2015, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 ** http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17
18 //#define LOG_NDEBUG 0
19 #define LOG_TAG "ResourceManagerService"
20 #include <utils/Log.h>
21
22 #include <android/binder_manager.h>
23 #include <android/binder_process.h>
24 #include <binder/IPCThreadState.h>
25 #include <binder/IServiceManager.h>
26 #include <cutils/sched_policy.h>
27 #include <dirent.h>
28 #include <media/MediaResourcePolicy.h>
29 #include <media/stagefright/ProcessInfo.h>
30 #include <mediautils/BatteryNotifier.h>
31 #include <mediautils/SchedulingPolicyService.h>
32 #include <string.h>
33 #include <sys/types.h>
34 #include <sys/stat.h>
35 #include <sys/time.h>
36 #include <unistd.h>
37
38 #include "IMediaResourceMonitor.h"
39 #include "ResourceManagerService.h"
40 #include "ResourceObserverService.h"
41 #include "ServiceLog.h"
42
43 namespace android {
44
45 //static
46 std::mutex ResourceManagerService::sCookieLock;
47 //static
48 uintptr_t ResourceManagerService::sCookieCounter = 0;
49 //static
50 std::map<uintptr_t, sp<DeathNotifier> > ResourceManagerService::sCookieToDeathNotifierMap;
51
52 class DeathNotifier : public RefBase {
53 public:
54 DeathNotifier(const std::shared_ptr<ResourceManagerService> &service, int pid,
55 int64_t clientId);
56
~DeathNotifier()57 virtual ~DeathNotifier() {}
58
59 // Implement death recipient
60 static void BinderDiedCallback(void* cookie);
61 virtual void binderDied();
62
63 protected:
64 std::weak_ptr<ResourceManagerService> mService;
65 int mPid;
66 int64_t mClientId;
67 };
68
DeathNotifier(const std::shared_ptr<ResourceManagerService> & service,int pid,int64_t clientId)69 DeathNotifier::DeathNotifier(const std::shared_ptr<ResourceManagerService> &service,
70 int pid, int64_t clientId)
71 : mService(service), mPid(pid), mClientId(clientId) {}
72
73 //static
BinderDiedCallback(void * cookie)74 void DeathNotifier::BinderDiedCallback(void* cookie) {
75 sp<DeathNotifier> notifier;
76 {
77 std::scoped_lock lock{ResourceManagerService::sCookieLock};
78 auto it = ResourceManagerService::sCookieToDeathNotifierMap.find(
79 reinterpret_cast<uintptr_t>(cookie));
80 if (it == ResourceManagerService::sCookieToDeathNotifierMap.end()) {
81 return;
82 }
83 notifier = it->second;
84 }
85 if (notifier.get() != nullptr) {
86 notifier->binderDied();
87 }
88 }
89
binderDied()90 void DeathNotifier::binderDied() {
91 // Don't check for pid validity since we know it's already dead.
92 std::shared_ptr<ResourceManagerService> service = mService.lock();
93 if (service == nullptr) {
94 ALOGW("ResourceManagerService is dead as well.");
95 return;
96 }
97
98 service->overridePid(mPid, -1);
99 // thiz is freed in the call below, so it must be last call referring thiz
100 service->removeResource(mPid, mClientId, false /*checkValid*/);
101 }
102
103 class OverrideProcessInfoDeathNotifier : public DeathNotifier {
104 public:
OverrideProcessInfoDeathNotifier(const std::shared_ptr<ResourceManagerService> & service,int pid)105 OverrideProcessInfoDeathNotifier(const std::shared_ptr<ResourceManagerService> &service,
106 int pid) : DeathNotifier(service, pid, 0) {}
107
~OverrideProcessInfoDeathNotifier()108 virtual ~OverrideProcessInfoDeathNotifier() {}
109
110 virtual void binderDied();
111 };
112
binderDied()113 void OverrideProcessInfoDeathNotifier::binderDied() {
114 // Don't check for pid validity since we know it's already dead.
115 std::shared_ptr<ResourceManagerService> service = mService.lock();
116 if (service == nullptr) {
117 ALOGW("ResourceManagerService is dead as well.");
118 return;
119 }
120
121 service->removeProcessInfoOverride(mPid);
122 }
123
124 template <typename T>
getString(const std::vector<T> & items)125 static String8 getString(const std::vector<T> &items) {
126 String8 itemsStr;
127 for (size_t i = 0; i < items.size(); ++i) {
128 itemsStr.appendFormat("%s ", toString(items[i]).string());
129 }
130 return itemsStr;
131 }
132
hasResourceType(MediaResource::Type type,MediaResource::SubType subType,MediaResourceParcel resource)133 static bool hasResourceType(MediaResource::Type type, MediaResource::SubType subType,
134 MediaResourceParcel resource) {
135 if (type != resource.type) {
136 return false;
137 }
138 switch (type) {
139 // Codec subtypes (e.g. video vs. audio) are each considered separate resources, so
140 // compare the subtypes as well.
141 case MediaResource::Type::kSecureCodec:
142 case MediaResource::Type::kNonSecureCodec:
143 if (resource.subType == subType) {
144 return true;
145 }
146 break;
147 // Non-codec resources are not segregated by the subtype (e.g. video vs. audio).
148 default:
149 return true;
150 }
151 return false;
152 }
153
hasResourceType(MediaResource::Type type,MediaResource::SubType subType,const ResourceList & resources)154 static bool hasResourceType(MediaResource::Type type, MediaResource::SubType subType,
155 const ResourceList& resources) {
156 for (auto it = resources.begin(); it != resources.end(); it++) {
157 if (hasResourceType(type, subType, it->second)) {
158 return true;
159 }
160 }
161 return false;
162 }
163
hasResourceType(MediaResource::Type type,MediaResource::SubType subType,const ResourceInfos & infos)164 static bool hasResourceType(MediaResource::Type type, MediaResource::SubType subType,
165 const ResourceInfos& infos) {
166 for (size_t i = 0; i < infos.size(); ++i) {
167 if (hasResourceType(type, subType, infos[i].resources)) {
168 return true;
169 }
170 }
171 return false;
172 }
173
getResourceInfosForEdit(int pid,PidResourceInfosMap & map)174 static ResourceInfos& getResourceInfosForEdit(int pid, PidResourceInfosMap& map) {
175 ssize_t index = map.indexOfKey(pid);
176 if (index < 0) {
177 // new pid
178 ResourceInfos infosForPid;
179 map.add(pid, infosForPid);
180 }
181
182 return map.editValueFor(pid);
183 }
184
getResourceInfoForEdit(uid_t uid,int64_t clientId,const std::shared_ptr<IResourceManagerClient> & client,ResourceInfos & infos)185 static ResourceInfo& getResourceInfoForEdit(uid_t uid, int64_t clientId,
186 const std::shared_ptr<IResourceManagerClient>& client, ResourceInfos& infos) {
187 ssize_t index = infos.indexOfKey(clientId);
188
189 if (index < 0) {
190 ResourceInfo info;
191 info.uid = uid;
192 info.clientId = clientId;
193 info.client = client;
194 info.cookie = 0;
195 info.pendingRemoval = false;
196
197 index = infos.add(clientId, info);
198 }
199
200 return infos.editValueAt(index);
201 }
202
notifyResourceGranted(int pid,const std::vector<MediaResourceParcel> & resources)203 static void notifyResourceGranted(int pid, const std::vector<MediaResourceParcel> &resources) {
204 static const char* const kServiceName = "media_resource_monitor";
205 sp<IBinder> binder = defaultServiceManager()->checkService(String16(kServiceName));
206 if (binder != NULL) {
207 sp<IMediaResourceMonitor> service = interface_cast<IMediaResourceMonitor>(binder);
208 for (size_t i = 0; i < resources.size(); ++i) {
209 switch (resources[i].subType) {
210 case MediaResource::SubType::kAudioCodec:
211 service->notifyResourceGranted(pid, IMediaResourceMonitor::TYPE_AUDIO_CODEC);
212 break;
213 case MediaResource::SubType::kVideoCodec:
214 service->notifyResourceGranted(pid, IMediaResourceMonitor::TYPE_VIDEO_CODEC);
215 break;
216 case MediaResource::SubType::kImageCodec:
217 service->notifyResourceGranted(pid, IMediaResourceMonitor::TYPE_IMAGE_CODEC);
218 break;
219 case MediaResource::SubType::kUnspecifiedSubType:
220 break;
221 }
222 }
223 }
224 }
225
dump(int fd,const char **,uint32_t)226 binder_status_t ResourceManagerService::dump(int fd, const char** /*args*/, uint32_t /*numArgs*/) {
227 String8 result;
228
229 if (checkCallingPermission(String16("android.permission.DUMP")) == false) {
230 result.format("Permission Denial: "
231 "can't dump ResourceManagerService from pid=%d, uid=%d\n",
232 AIBinder_getCallingPid(),
233 AIBinder_getCallingUid());
234 write(fd, result.string(), result.size());
235 return PERMISSION_DENIED;
236 }
237
238 PidResourceInfosMap mapCopy;
239 bool supportsMultipleSecureCodecs;
240 bool supportsSecureWithNonSecureCodec;
241 std::map<int, int> overridePidMapCopy;
242 String8 serviceLog;
243 {
244 Mutex::Autolock lock(mLock);
245 mapCopy = mMap; // Shadow copy, real copy will happen on write.
246 supportsMultipleSecureCodecs = mSupportsMultipleSecureCodecs;
247 supportsSecureWithNonSecureCodec = mSupportsSecureWithNonSecureCodec;
248 serviceLog = mServiceLog->toString(" " /* linePrefix */);
249 overridePidMapCopy = mOverridePidMap;
250 }
251
252 const size_t SIZE = 256;
253 char buffer[SIZE];
254 snprintf(buffer, SIZE, "ResourceManagerService: %p\n", this);
255 result.append(buffer);
256 result.append(" Policies:\n");
257 snprintf(buffer, SIZE, " SupportsMultipleSecureCodecs: %d\n", supportsMultipleSecureCodecs);
258 result.append(buffer);
259 snprintf(buffer, SIZE, " SupportsSecureWithNonSecureCodec: %d\n",
260 supportsSecureWithNonSecureCodec);
261 result.append(buffer);
262
263 result.append(" Processes:\n");
264 for (size_t i = 0; i < mapCopy.size(); ++i) {
265 snprintf(buffer, SIZE, " Pid: %d\n", mapCopy.keyAt(i));
266 result.append(buffer);
267
268 const ResourceInfos &infos = mapCopy.valueAt(i);
269 for (size_t j = 0; j < infos.size(); ++j) {
270 result.append(" Client:\n");
271 snprintf(buffer, SIZE, " Id: %lld\n", (long long)infos[j].clientId);
272 result.append(buffer);
273
274 std::string clientName;
275 Status status = infos[j].client->getName(&clientName);
276 if (!status.isOk()) {
277 clientName = "<unknown client>";
278 }
279 snprintf(buffer, SIZE, " Name: %s\n", clientName.c_str());
280 result.append(buffer);
281
282 const ResourceList &resources = infos[j].resources;
283 result.append(" Resources:\n");
284 for (auto it = resources.begin(); it != resources.end(); it++) {
285 snprintf(buffer, SIZE, " %s\n", toString(it->second).string());
286 result.append(buffer);
287 }
288 }
289 }
290 result.append(" Process Pid override:\n");
291 for (auto it = overridePidMapCopy.begin(); it != overridePidMapCopy.end(); ++it) {
292 snprintf(buffer, SIZE, " Original Pid: %d, Override Pid: %d\n",
293 it->first, it->second);
294 result.append(buffer);
295 }
296 result.append(" Events logs (most recent at top):\n");
297 result.append(serviceLog);
298
299 write(fd, result.string(), result.size());
300 return OK;
301 }
302
303 struct SystemCallbackImpl : public ResourceManagerService::SystemCallbackInterface {
SystemCallbackImplandroid::SystemCallbackImpl304 SystemCallbackImpl() : mClientToken(new BBinder()) {}
305
noteStartVideoandroid::SystemCallbackImpl306 virtual void noteStartVideo(int uid) override {
307 BatteryNotifier::getInstance().noteStartVideo(uid);
308 }
noteStopVideoandroid::SystemCallbackImpl309 virtual void noteStopVideo(int uid) override {
310 BatteryNotifier::getInstance().noteStopVideo(uid);
311 }
noteResetVideoandroid::SystemCallbackImpl312 virtual void noteResetVideo() override {
313 BatteryNotifier::getInstance().noteResetVideo();
314 }
requestCpusetBoostandroid::SystemCallbackImpl315 virtual bool requestCpusetBoost(bool enable) override {
316 return android::requestCpusetBoost(enable, mClientToken);
317 }
318
319 protected:
~SystemCallbackImplandroid::SystemCallbackImpl320 virtual ~SystemCallbackImpl() {}
321
322 private:
323 DISALLOW_EVIL_CONSTRUCTORS(SystemCallbackImpl);
324 sp<IBinder> mClientToken;
325 };
326
ResourceManagerService()327 ResourceManagerService::ResourceManagerService()
328 : ResourceManagerService(new ProcessInfo(), new SystemCallbackImpl()) {}
329
ResourceManagerService(const sp<ProcessInfoInterface> & processInfo,const sp<SystemCallbackInterface> & systemResource)330 ResourceManagerService::ResourceManagerService(const sp<ProcessInfoInterface> &processInfo,
331 const sp<SystemCallbackInterface> &systemResource)
332 : mProcessInfo(processInfo),
333 mSystemCB(systemResource),
334 mServiceLog(new ServiceLog()),
335 mSupportsMultipleSecureCodecs(true),
336 mSupportsSecureWithNonSecureCodec(true),
337 mCpuBoostCount(0),
338 mDeathRecipient(AIBinder_DeathRecipient_new(DeathNotifier::BinderDiedCallback)) {
339 mSystemCB->noteResetVideo();
340 }
341
342 //static
instantiate()343 void ResourceManagerService::instantiate() {
344 std::shared_ptr<ResourceManagerService> service =
345 ::ndk::SharedRefBase::make<ResourceManagerService>();
346 binder_status_t status =
347 AServiceManager_addService(service->asBinder().get(), getServiceName());
348 if (status != STATUS_OK) {
349 return;
350 }
351
352 std::shared_ptr<ResourceObserverService> observerService =
353 ResourceObserverService::instantiate();
354
355 if (observerService != nullptr) {
356 service->setObserverService(observerService);
357 }
358 // TODO: mediaserver main() is already starting the thread pool,
359 // move this to mediaserver main() when other services in mediaserver
360 // are converted to ndk-platform aidl.
361 //ABinderProcess_startThreadPool();
362 }
363
~ResourceManagerService()364 ResourceManagerService::~ResourceManagerService() {}
365
setObserverService(const std::shared_ptr<ResourceObserverService> & observerService)366 void ResourceManagerService::setObserverService(
367 const std::shared_ptr<ResourceObserverService>& observerService) {
368 mObserverService = observerService;
369 }
370
config(const std::vector<MediaResourcePolicyParcel> & policies)371 Status ResourceManagerService::config(const std::vector<MediaResourcePolicyParcel>& policies) {
372 String8 log = String8::format("config(%s)", getString(policies).string());
373 mServiceLog->add(log);
374
375 Mutex::Autolock lock(mLock);
376 for (size_t i = 0; i < policies.size(); ++i) {
377 const std::string &type = policies[i].type;
378 const std::string &value = policies[i].value;
379 if (type == MediaResourcePolicy::kPolicySupportsMultipleSecureCodecs()) {
380 mSupportsMultipleSecureCodecs = (value == "true");
381 } else if (type == MediaResourcePolicy::kPolicySupportsSecureWithNonSecureCodec()) {
382 mSupportsSecureWithNonSecureCodec = (value == "true");
383 }
384 }
385 return Status::ok();
386 }
387
onFirstAdded(const MediaResourceParcel & resource,const ResourceInfo & clientInfo)388 void ResourceManagerService::onFirstAdded(const MediaResourceParcel& resource,
389 const ResourceInfo& clientInfo) {
390 // first time added
391 if (resource.type == MediaResource::Type::kCpuBoost
392 && resource.subType == MediaResource::SubType::kUnspecifiedSubType) {
393 // Request it on every new instance of kCpuBoost, as the media.codec
394 // could have died, if we only do it the first time subsequent instances
395 // never gets the boost.
396 if (mSystemCB->requestCpusetBoost(true) != OK) {
397 ALOGW("couldn't request cpuset boost");
398 }
399 mCpuBoostCount++;
400 } else if (resource.type == MediaResource::Type::kBattery
401 && resource.subType == MediaResource::SubType::kVideoCodec) {
402 mSystemCB->noteStartVideo(clientInfo.uid);
403 }
404 }
405
onLastRemoved(const MediaResourceParcel & resource,const ResourceInfo & clientInfo)406 void ResourceManagerService::onLastRemoved(const MediaResourceParcel& resource,
407 const ResourceInfo& clientInfo) {
408 if (resource.type == MediaResource::Type::kCpuBoost
409 && resource.subType == MediaResource::SubType::kUnspecifiedSubType
410 && mCpuBoostCount > 0) {
411 if (--mCpuBoostCount == 0) {
412 mSystemCB->requestCpusetBoost(false);
413 }
414 } else if (resource.type == MediaResource::Type::kBattery
415 && resource.subType == MediaResource::SubType::kVideoCodec) {
416 mSystemCB->noteStopVideo(clientInfo.uid);
417 }
418 }
419
mergeResources(MediaResourceParcel & r1,const MediaResourceParcel & r2)420 void ResourceManagerService::mergeResources(MediaResourceParcel& r1,
421 const MediaResourceParcel& r2) {
422 // The resource entry on record is maintained to be in [0,INT64_MAX].
423 // Clamp if merging in the new resource value causes it to go out of bound.
424 // Note that the new resource value could be negative, eg.DrmSession, the
425 // value goes lower when the session is used more often. During reclaim
426 // the session with the highest value (lowest usage) would be closed.
427 if (r2.value < INT64_MAX - r1.value) {
428 r1.value += r2.value;
429 if (r1.value < 0) {
430 r1.value = 0;
431 }
432 } else {
433 r1.value = INT64_MAX;
434 }
435 }
436
addResource(int32_t pid,int32_t uid,int64_t clientId,const std::shared_ptr<IResourceManagerClient> & client,const std::vector<MediaResourceParcel> & resources)437 Status ResourceManagerService::addResource(int32_t pid, int32_t uid, int64_t clientId,
438 const std::shared_ptr<IResourceManagerClient>& client,
439 const std::vector<MediaResourceParcel>& resources) {
440 String8 log = String8::format("addResource(pid %d, clientId %lld, resources %s)",
441 pid, (long long) clientId, getString(resources).string());
442 mServiceLog->add(log);
443
444 Mutex::Autolock lock(mLock);
445 if (!mProcessInfo->isPidUidTrusted(pid, uid)) {
446 pid_t callingPid = IPCThreadState::self()->getCallingPid();
447 uid_t callingUid = IPCThreadState::self()->getCallingUid();
448 ALOGW("%s called with untrusted pid %d or uid %d, using calling pid %d, uid %d",
449 __FUNCTION__, pid, uid, callingPid, callingUid);
450 pid = callingPid;
451 uid = callingUid;
452 }
453 ResourceInfos& infos = getResourceInfosForEdit(pid, mMap);
454 ResourceInfo& info = getResourceInfoForEdit(uid, clientId, client, infos);
455 ResourceList resourceAdded;
456
457 for (size_t i = 0; i < resources.size(); ++i) {
458 const auto &res = resources[i];
459 const auto resType = std::tuple(res.type, res.subType, res.id);
460
461 if (res.value < 0 && res.type != MediaResource::Type::kDrmSession) {
462 ALOGW("Ignoring request to remove negative value of non-drm resource");
463 continue;
464 }
465 if (info.resources.find(resType) == info.resources.end()) {
466 if (res.value <= 0) {
467 // We can't init a new entry with negative value, although it's allowed
468 // to merge in negative values after the initial add.
469 ALOGW("Ignoring request to add new resource entry with value <= 0");
470 continue;
471 }
472 onFirstAdded(res, info);
473 info.resources[resType] = res;
474 } else {
475 mergeResources(info.resources[resType], res);
476 }
477 // Add it to the list of added resources for observers.
478 auto it = resourceAdded.find(resType);
479 if (it == resourceAdded.end()) {
480 resourceAdded[resType] = res;
481 } else {
482 mergeResources(it->second, res);
483 }
484 }
485 if (info.cookie == 0 && client != nullptr) {
486 info.cookie = addCookieAndLink_l(client,
487 new DeathNotifier(ref<ResourceManagerService>(), pid, clientId));
488 }
489 if (mObserverService != nullptr && !resourceAdded.empty()) {
490 mObserverService->onResourceAdded(uid, pid, resourceAdded);
491 }
492 notifyResourceGranted(pid, resources);
493 return Status::ok();
494 }
495
removeResource(int32_t pid,int64_t clientId,const std::vector<MediaResourceParcel> & resources)496 Status ResourceManagerService::removeResource(int32_t pid, int64_t clientId,
497 const std::vector<MediaResourceParcel>& resources) {
498 String8 log = String8::format("removeResource(pid %d, clientId %lld, resources %s)",
499 pid, (long long) clientId, getString(resources).string());
500 mServiceLog->add(log);
501
502 Mutex::Autolock lock(mLock);
503 if (!mProcessInfo->isPidTrusted(pid)) {
504 pid_t callingPid = IPCThreadState::self()->getCallingPid();
505 ALOGW("%s called with untrusted pid %d, using calling pid %d", __FUNCTION__,
506 pid, callingPid);
507 pid = callingPid;
508 }
509 ssize_t index = mMap.indexOfKey(pid);
510 if (index < 0) {
511 ALOGV("removeResource: didn't find pid %d for clientId %lld", pid, (long long) clientId);
512 return Status::ok();
513 }
514 ResourceInfos &infos = mMap.editValueAt(index);
515
516 index = infos.indexOfKey(clientId);
517 if (index < 0) {
518 ALOGV("removeResource: didn't find clientId %lld", (long long) clientId);
519 return Status::ok();
520 }
521
522 ResourceInfo &info = infos.editValueAt(index);
523 ResourceList resourceRemoved;
524 for (size_t i = 0; i < resources.size(); ++i) {
525 const auto &res = resources[i];
526 const auto resType = std::tuple(res.type, res.subType, res.id);
527
528 if (res.value < 0) {
529 ALOGW("Ignoring request to remove negative value of resource");
530 continue;
531 }
532 // ignore if we don't have it
533 if (info.resources.find(resType) != info.resources.end()) {
534 MediaResourceParcel &resource = info.resources[resType];
535 MediaResourceParcel actualRemoved = res;
536 if (resource.value > res.value) {
537 resource.value -= res.value;
538 } else {
539 onLastRemoved(res, info);
540 actualRemoved.value = resource.value;
541 info.resources.erase(resType);
542 }
543
544 // Add it to the list of removed resources for observers.
545 auto it = resourceRemoved.find(resType);
546 if (it == resourceRemoved.end()) {
547 resourceRemoved[resType] = actualRemoved;
548 } else {
549 mergeResources(it->second, actualRemoved);
550 }
551 }
552 }
553 if (mObserverService != nullptr && !resourceRemoved.empty()) {
554 mObserverService->onResourceRemoved(info.uid, pid, resourceRemoved);
555 }
556 return Status::ok();
557 }
558
removeClient(int32_t pid,int64_t clientId)559 Status ResourceManagerService::removeClient(int32_t pid, int64_t clientId) {
560 removeResource(pid, clientId, true /*checkValid*/);
561 return Status::ok();
562 }
563
removeResource(int pid,int64_t clientId,bool checkValid)564 Status ResourceManagerService::removeResource(int pid, int64_t clientId, bool checkValid) {
565 String8 log = String8::format(
566 "removeResource(pid %d, clientId %lld)",
567 pid, (long long) clientId);
568 mServiceLog->add(log);
569
570 Mutex::Autolock lock(mLock);
571 if (checkValid && !mProcessInfo->isPidTrusted(pid)) {
572 pid_t callingPid = IPCThreadState::self()->getCallingPid();
573 ALOGW("%s called with untrusted pid %d, using calling pid %d", __FUNCTION__,
574 pid, callingPid);
575 pid = callingPid;
576 }
577 ssize_t index = mMap.indexOfKey(pid);
578 if (index < 0) {
579 ALOGV("removeResource: didn't find pid %d for clientId %lld", pid, (long long) clientId);
580 return Status::ok();
581 }
582 ResourceInfos &infos = mMap.editValueAt(index);
583
584 index = infos.indexOfKey(clientId);
585 if (index < 0) {
586 ALOGV("removeResource: didn't find clientId %lld", (long long) clientId);
587 return Status::ok();
588 }
589
590 const ResourceInfo &info = infos[index];
591 for (auto it = info.resources.begin(); it != info.resources.end(); it++) {
592 onLastRemoved(it->second, info);
593 }
594
595 removeCookieAndUnlink_l(info.client, info.cookie);
596
597 if (mObserverService != nullptr && !info.resources.empty()) {
598 mObserverService->onResourceRemoved(info.uid, pid, info.resources);
599 }
600
601 infos.removeItemsAt(index);
602 return Status::ok();
603 }
604
getClientForResource_l(int callingPid,const MediaResourceParcel * res,Vector<std::shared_ptr<IResourceManagerClient>> * clients)605 void ResourceManagerService::getClientForResource_l(int callingPid, const MediaResourceParcel *res,
606 Vector<std::shared_ptr<IResourceManagerClient>> *clients) {
607 if (res == NULL) {
608 return;
609 }
610 std::shared_ptr<IResourceManagerClient> client;
611 if (getLowestPriorityBiggestClient_l(callingPid, res->type, res->subType, &client)) {
612 clients->push_back(client);
613 }
614 }
615
reclaimResource(int32_t callingPid,const std::vector<MediaResourceParcel> & resources,bool * _aidl_return)616 Status ResourceManagerService::reclaimResource(int32_t callingPid,
617 const std::vector<MediaResourceParcel>& resources, bool* _aidl_return) {
618 String8 log = String8::format("reclaimResource(callingPid %d, resources %s)",
619 callingPid, getString(resources).string());
620 mServiceLog->add(log);
621 *_aidl_return = false;
622
623 Vector<std::shared_ptr<IResourceManagerClient>> clients;
624 {
625 Mutex::Autolock lock(mLock);
626 if (!mProcessInfo->isPidTrusted(callingPid)) {
627 pid_t actualCallingPid = IPCThreadState::self()->getCallingPid();
628 ALOGW("%s called with untrusted pid %d, using actual calling pid %d", __FUNCTION__,
629 callingPid, actualCallingPid);
630 callingPid = actualCallingPid;
631 }
632 const MediaResourceParcel *secureCodec = NULL;
633 const MediaResourceParcel *nonSecureCodec = NULL;
634 const MediaResourceParcel *graphicMemory = NULL;
635 const MediaResourceParcel *drmSession = NULL;
636 for (size_t i = 0; i < resources.size(); ++i) {
637 switch (resources[i].type) {
638 case MediaResource::Type::kSecureCodec:
639 secureCodec = &resources[i];
640 break;
641 case MediaResource::Type::kNonSecureCodec:
642 nonSecureCodec = &resources[i];
643 break;
644 case MediaResource::Type::kGraphicMemory:
645 graphicMemory = &resources[i];
646 break;
647 case MediaResource::Type::kDrmSession:
648 drmSession = &resources[i];
649 break;
650 default:
651 break;
652 }
653 }
654
655 // first pass to handle secure/non-secure codec conflict
656 if (secureCodec != NULL) {
657 if (!mSupportsMultipleSecureCodecs) {
658 if (!getAllClients_l(callingPid, MediaResource::Type::kSecureCodec,
659 secureCodec->subType, &clients)) {
660 return Status::ok();
661 }
662 }
663 if (!mSupportsSecureWithNonSecureCodec) {
664 if (!getAllClients_l(callingPid, MediaResource::Type::kNonSecureCodec,
665 secureCodec->subType, &clients)) {
666 return Status::ok();
667 }
668 }
669 }
670 if (nonSecureCodec != NULL) {
671 if (!mSupportsSecureWithNonSecureCodec) {
672 if (!getAllClients_l(callingPid, MediaResource::Type::kSecureCodec,
673 nonSecureCodec->subType, &clients)) {
674 return Status::ok();
675 }
676 }
677 }
678 if (drmSession != NULL) {
679 getClientForResource_l(callingPid, drmSession, &clients);
680 if (clients.size() == 0) {
681 return Status::ok();
682 }
683 }
684
685 if (clients.size() == 0) {
686 // if no secure/non-secure codec conflict, run second pass to handle other resources.
687 getClientForResource_l(callingPid, graphicMemory, &clients);
688 }
689
690 if (clients.size() == 0) {
691 // if we are here, run the third pass to free one codec with the same type.
692 getClientForResource_l(callingPid, secureCodec, &clients);
693 getClientForResource_l(callingPid, nonSecureCodec, &clients);
694 }
695
696 if (clients.size() == 0) {
697 // if we are here, run the fourth pass to free one codec with the different type.
698 if (secureCodec != NULL) {
699 MediaResource temp(MediaResource::Type::kNonSecureCodec, secureCodec->subType, 1);
700 getClientForResource_l(callingPid, &temp, &clients);
701 }
702 if (nonSecureCodec != NULL) {
703 MediaResource temp(MediaResource::Type::kSecureCodec, nonSecureCodec->subType, 1);
704 getClientForResource_l(callingPid, &temp, &clients);
705 }
706 }
707 }
708
709 *_aidl_return = reclaimUnconditionallyFrom(clients);
710 return Status::ok();
711 }
712
reclaimUnconditionallyFrom(const Vector<std::shared_ptr<IResourceManagerClient>> & clients)713 bool ResourceManagerService::reclaimUnconditionallyFrom(
714 const Vector<std::shared_ptr<IResourceManagerClient>> &clients) {
715 if (clients.size() == 0) {
716 return false;
717 }
718
719 std::shared_ptr<IResourceManagerClient> failedClient;
720 for (size_t i = 0; i < clients.size(); ++i) {
721 String8 log = String8::format("reclaimResource from client %p", clients[i].get());
722 mServiceLog->add(log);
723 bool success;
724 Status status = clients[i]->reclaimResource(&success);
725 if (!status.isOk() || !success) {
726 failedClient = clients[i];
727 break;
728 }
729 }
730
731 if (failedClient == NULL) {
732 return true;
733 }
734
735 int failedClientPid = -1;
736 {
737 Mutex::Autolock lock(mLock);
738 bool found = false;
739 for (size_t i = 0; i < mMap.size(); ++i) {
740 ResourceInfos &infos = mMap.editValueAt(i);
741 for (size_t j = 0; j < infos.size();) {
742 if (infos[j].client == failedClient) {
743 j = infos.removeItemsAt(j);
744 found = true;
745 } else {
746 ++j;
747 }
748 }
749 if (found) {
750 failedClientPid = mMap.keyAt(i);
751 break;
752 }
753 }
754 if (found) {
755 ALOGW("Failed to reclaim resources from client with pid %d", failedClientPid);
756 } else {
757 ALOGW("Failed to reclaim resources from unlocateable client");
758 }
759 }
760
761 return false;
762 }
763
overridePid(int originalPid,int newPid)764 Status ResourceManagerService::overridePid(int originalPid, int newPid) {
765 String8 log = String8::format("overridePid(originalPid %d, newPid %d)",
766 originalPid, newPid);
767 mServiceLog->add(log);
768
769 // allow if this is called from the same process or the process has
770 // permission.
771 if ((AIBinder_getCallingPid() != getpid()) &&
772 (checkCallingPermission(String16(
773 "android.permission.MEDIA_RESOURCE_OVERRIDE_PID")) == false)) {
774 ALOGE(
775 "Permission Denial: can't access overridePid method from pid=%d, "
776 "self pid=%d\n",
777 AIBinder_getCallingPid(), getpid());
778 return Status::fromServiceSpecificError(PERMISSION_DENIED);
779 }
780
781 {
782 Mutex::Autolock lock(mLock);
783 mOverridePidMap.erase(originalPid);
784 if (newPid != -1) {
785 mOverridePidMap.emplace(originalPid, newPid);
786 }
787 }
788
789 return Status::ok();
790 }
791
overrideProcessInfo(const std::shared_ptr<IResourceManagerClient> & client,int pid,int procState,int oomScore)792 Status ResourceManagerService::overrideProcessInfo(
793 const std::shared_ptr<IResourceManagerClient>& client, int pid, int procState,
794 int oomScore) {
795 String8 log = String8::format("overrideProcessInfo(pid %d, procState %d, oomScore %d)",
796 pid, procState, oomScore);
797 mServiceLog->add(log);
798
799 // Only allow the override if the caller already can access process state and oom scores.
800 int callingPid = AIBinder_getCallingPid();
801 if (callingPid != getpid() && (callingPid != pid || !checkCallingPermission(String16(
802 "android.permission.GET_PROCESS_STATE_AND_OOM_SCORE")))) {
803 ALOGE("Permission Denial: overrideProcessInfo method from pid=%d", callingPid);
804 return Status::fromServiceSpecificError(PERMISSION_DENIED);
805 }
806
807 if (client == nullptr) {
808 return Status::fromServiceSpecificError(BAD_VALUE);
809 }
810
811 Mutex::Autolock lock(mLock);
812 removeProcessInfoOverride_l(pid);
813
814 if (!mProcessInfo->overrideProcessInfo(pid, procState, oomScore)) {
815 // Override value is rejected by ProcessInfo.
816 return Status::fromServiceSpecificError(BAD_VALUE);
817 }
818
819 uintptr_t cookie = addCookieAndLink_l(client,
820 new OverrideProcessInfoDeathNotifier(ref<ResourceManagerService>(), pid));
821
822 mProcessInfoOverrideMap.emplace(pid, ProcessInfoOverride{cookie, client});
823
824 return Status::ok();
825 }
826
addCookieAndLink_l(const std::shared_ptr<IResourceManagerClient> & client,const sp<DeathNotifier> & notifier)827 uintptr_t ResourceManagerService::addCookieAndLink_l(
828 const std::shared_ptr<IResourceManagerClient>& client, const sp<DeathNotifier>& notifier) {
829 if (client == nullptr) {
830 return 0;
831 }
832 std::scoped_lock lock{sCookieLock};
833
834 uintptr_t cookie;
835 // Need to skip cookie 0 (if it wraps around). ResourceInfo has cookie initialized to 0
836 // indicating the death notifier is not created yet.
837 while ((cookie = ++sCookieCounter) == 0);
838 AIBinder_linkToDeath(client->asBinder().get(), mDeathRecipient.get(), (void*)cookie);
839 sCookieToDeathNotifierMap.emplace(cookie, notifier);
840
841 return cookie;
842 }
843
removeCookieAndUnlink_l(const std::shared_ptr<IResourceManagerClient> & client,uintptr_t cookie)844 void ResourceManagerService::removeCookieAndUnlink_l(
845 const std::shared_ptr<IResourceManagerClient>& client, uintptr_t cookie) {
846 std::scoped_lock lock{sCookieLock};
847 if (client != nullptr) {
848 AIBinder_unlinkToDeath(client->asBinder().get(), mDeathRecipient.get(), (void*)cookie);
849 }
850 sCookieToDeathNotifierMap.erase(cookie);
851 }
852
removeProcessInfoOverride(int pid)853 void ResourceManagerService::removeProcessInfoOverride(int pid) {
854 Mutex::Autolock lock(mLock);
855
856 removeProcessInfoOverride_l(pid);
857 }
858
removeProcessInfoOverride_l(int pid)859 void ResourceManagerService::removeProcessInfoOverride_l(int pid) {
860 auto it = mProcessInfoOverrideMap.find(pid);
861 if (it == mProcessInfoOverrideMap.end()) {
862 return;
863 }
864
865 mProcessInfo->removeProcessInfoOverride(pid);
866
867 removeCookieAndUnlink_l(it->second.client, it->second.cookie);
868
869 mProcessInfoOverrideMap.erase(pid);
870 }
871
markClientForPendingRemoval(int32_t pid,int64_t clientId)872 Status ResourceManagerService::markClientForPendingRemoval(int32_t pid, int64_t clientId) {
873 String8 log = String8::format(
874 "markClientForPendingRemoval(pid %d, clientId %lld)",
875 pid, (long long) clientId);
876 mServiceLog->add(log);
877
878 Mutex::Autolock lock(mLock);
879 if (!mProcessInfo->isPidTrusted(pid)) {
880 pid_t callingPid = IPCThreadState::self()->getCallingPid();
881 ALOGW("%s called with untrusted pid %d, using calling pid %d", __FUNCTION__,
882 pid, callingPid);
883 pid = callingPid;
884 }
885 ssize_t index = mMap.indexOfKey(pid);
886 if (index < 0) {
887 ALOGV("markClientForPendingRemoval: didn't find pid %d for clientId %lld",
888 pid, (long long)clientId);
889 return Status::ok();
890 }
891 ResourceInfos &infos = mMap.editValueAt(index);
892
893 index = infos.indexOfKey(clientId);
894 if (index < 0) {
895 ALOGV("markClientForPendingRemoval: didn't find clientId %lld", (long long) clientId);
896 return Status::ok();
897 }
898
899 ResourceInfo &info = infos.editValueAt(index);
900 info.pendingRemoval = true;
901 return Status::ok();
902 }
903
reclaimResourcesFromClientsPendingRemoval(int32_t pid)904 Status ResourceManagerService::reclaimResourcesFromClientsPendingRemoval(int32_t pid) {
905 String8 log = String8::format("reclaimResourcesFromClientsPendingRemoval(pid %d)", pid);
906 mServiceLog->add(log);
907
908 Vector<std::shared_ptr<IResourceManagerClient>> clients;
909 {
910 Mutex::Autolock lock(mLock);
911 if (!mProcessInfo->isPidTrusted(pid)) {
912 pid_t callingPid = IPCThreadState::self()->getCallingPid();
913 ALOGW("%s called with untrusted pid %d, using calling pid %d", __FUNCTION__,
914 pid, callingPid);
915 pid = callingPid;
916 }
917
918 for (MediaResource::Type type : {MediaResource::Type::kSecureCodec,
919 MediaResource::Type::kNonSecureCodec,
920 MediaResource::Type::kGraphicMemory,
921 MediaResource::Type::kDrmSession}) {
922 switch (type) {
923 // Codec resources are segregated by audio, video and image domains.
924 case MediaResource::Type::kSecureCodec:
925 case MediaResource::Type::kNonSecureCodec:
926 for (MediaResource::SubType subType : {MediaResource::SubType::kAudioCodec,
927 MediaResource::SubType::kVideoCodec,
928 MediaResource::SubType::kImageCodec}) {
929 std::shared_ptr<IResourceManagerClient> client;
930 if (getBiggestClientPendingRemoval_l(pid, type, subType, &client)) {
931 clients.add(client);
932 continue;
933 }
934 }
935 break;
936 // Non-codec resources are shared by audio, video and image codecs (no subtype).
937 default:
938 std::shared_ptr<IResourceManagerClient> client;
939 if (getBiggestClientPendingRemoval_l(pid, type,
940 MediaResource::SubType::kUnspecifiedSubType, &client)) {
941 clients.add(client);
942 }
943 break;
944 }
945 }
946 }
947
948 if (!clients.empty()) {
949 reclaimUnconditionallyFrom(clients);
950 }
951 return Status::ok();
952 }
953
getPriority_l(int pid,int * priority)954 bool ResourceManagerService::getPriority_l(int pid, int* priority) {
955 int newPid = pid;
956
957 if (mOverridePidMap.find(pid) != mOverridePidMap.end()) {
958 newPid = mOverridePidMap[pid];
959 ALOGD("getPriority_l: use override pid %d instead original pid %d",
960 newPid, pid);
961 }
962
963 return mProcessInfo->getPriority(newPid, priority);
964 }
965
getAllClients_l(int callingPid,MediaResource::Type type,MediaResource::SubType subType,Vector<std::shared_ptr<IResourceManagerClient>> * clients)966 bool ResourceManagerService::getAllClients_l(int callingPid, MediaResource::Type type,
967 MediaResource::SubType subType, Vector<std::shared_ptr<IResourceManagerClient>> *clients) {
968 Vector<std::shared_ptr<IResourceManagerClient>> temp;
969 for (size_t i = 0; i < mMap.size(); ++i) {
970 ResourceInfos &infos = mMap.editValueAt(i);
971 for (size_t j = 0; j < infos.size(); ++j) {
972 if (hasResourceType(type, subType, infos[j].resources)) {
973 if (!isCallingPriorityHigher_l(callingPid, mMap.keyAt(i))) {
974 // some higher/equal priority process owns the resource,
975 // this request can't be fulfilled.
976 ALOGE("getAllClients_l: can't reclaim resource %s from pid %d",
977 asString(type), mMap.keyAt(i));
978 return false;
979 }
980 temp.push_back(infos[j].client);
981 }
982 }
983 }
984 if (temp.size() == 0) {
985 ALOGV("getAllClients_l: didn't find any resource %s", asString(type));
986 return true;
987 }
988 clients->appendVector(temp);
989 return true;
990 }
991
getLowestPriorityBiggestClient_l(int callingPid,MediaResource::Type type,MediaResource::SubType subType,std::shared_ptr<IResourceManagerClient> * client)992 bool ResourceManagerService::getLowestPriorityBiggestClient_l(int callingPid,
993 MediaResource::Type type, MediaResource::SubType subType,
994 std::shared_ptr<IResourceManagerClient> *client) {
995 int lowestPriorityPid;
996 int lowestPriority;
997 int callingPriority;
998
999 // Before looking into other processes, check if we have clients marked for
1000 // pending removal in the same process.
1001 if (getBiggestClientPendingRemoval_l(callingPid, type, subType, client)) {
1002 return true;
1003 }
1004 if (!getPriority_l(callingPid, &callingPriority)) {
1005 ALOGE("getLowestPriorityBiggestClient_l: can't get process priority for pid %d",
1006 callingPid);
1007 return false;
1008 }
1009 if (!getLowestPriorityPid_l(type, subType, &lowestPriorityPid, &lowestPriority)) {
1010 return false;
1011 }
1012 if (lowestPriority <= callingPriority) {
1013 ALOGE("getLowestPriorityBiggestClient_l: lowest priority %d vs caller priority %d",
1014 lowestPriority, callingPriority);
1015 return false;
1016 }
1017
1018 if (!getBiggestClient_l(lowestPriorityPid, type, subType, client)) {
1019 return false;
1020 }
1021 return true;
1022 }
1023
getLowestPriorityPid_l(MediaResource::Type type,MediaResource::SubType subType,int * lowestPriorityPid,int * lowestPriority)1024 bool ResourceManagerService::getLowestPriorityPid_l(MediaResource::Type type,
1025 MediaResource::SubType subType, int *lowestPriorityPid, int *lowestPriority) {
1026 int pid = -1;
1027 int priority = -1;
1028 for (size_t i = 0; i < mMap.size(); ++i) {
1029 if (mMap.valueAt(i).size() == 0) {
1030 // no client on this process.
1031 continue;
1032 }
1033 if (!hasResourceType(type, subType, mMap.valueAt(i))) {
1034 // doesn't have the requested resource type
1035 continue;
1036 }
1037 int tempPid = mMap.keyAt(i);
1038 int tempPriority;
1039 if (!getPriority_l(tempPid, &tempPriority)) {
1040 ALOGV("getLowestPriorityPid_l: can't get priority of pid %d, skipped", tempPid);
1041 // TODO: remove this pid from mMap?
1042 continue;
1043 }
1044 if (pid == -1 || tempPriority > priority) {
1045 // initial the value
1046 pid = tempPid;
1047 priority = tempPriority;
1048 }
1049 }
1050 if (pid != -1) {
1051 *lowestPriorityPid = pid;
1052 *lowestPriority = priority;
1053 }
1054 return (pid != -1);
1055 }
1056
isCallingPriorityHigher_l(int callingPid,int pid)1057 bool ResourceManagerService::isCallingPriorityHigher_l(int callingPid, int pid) {
1058 int callingPidPriority;
1059 if (!getPriority_l(callingPid, &callingPidPriority)) {
1060 return false;
1061 }
1062
1063 int priority;
1064 if (!getPriority_l(pid, &priority)) {
1065 return false;
1066 }
1067
1068 return (callingPidPriority < priority);
1069 }
1070
getBiggestClientPendingRemoval_l(int pid,MediaResource::Type type,MediaResource::SubType subType,std::shared_ptr<IResourceManagerClient> * client)1071 bool ResourceManagerService::getBiggestClientPendingRemoval_l(int pid, MediaResource::Type type,
1072 MediaResource::SubType subType, std::shared_ptr<IResourceManagerClient> *client) {
1073 return getBiggestClient_l(pid, type, subType, client, true /* pendingRemovalOnly */);
1074 }
1075
getBiggestClient_l(int pid,MediaResource::Type type,MediaResource::SubType subType,std::shared_ptr<IResourceManagerClient> * client,bool pendingRemovalOnly)1076 bool ResourceManagerService::getBiggestClient_l(int pid, MediaResource::Type type,
1077 MediaResource::SubType subType, std::shared_ptr<IResourceManagerClient> *client,
1078 bool pendingRemovalOnly) {
1079 ssize_t index = mMap.indexOfKey(pid);
1080 if (index < 0) {
1081 ALOGE_IF(!pendingRemovalOnly,
1082 "getBiggestClient_l: can't find resource info for pid %d", pid);
1083 return false;
1084 }
1085
1086 std::shared_ptr<IResourceManagerClient> clientTemp;
1087 uint64_t largestValue = 0;
1088 const ResourceInfos &infos = mMap.valueAt(index);
1089 for (size_t i = 0; i < infos.size(); ++i) {
1090 const ResourceList &resources = infos[i].resources;
1091 if (pendingRemovalOnly && !infos[i].pendingRemoval) {
1092 continue;
1093 }
1094 for (auto it = resources.begin(); it != resources.end(); it++) {
1095 const MediaResourceParcel &resource = it->second;
1096 if (hasResourceType(type, subType, resource)) {
1097 if (resource.value > largestValue) {
1098 largestValue = resource.value;
1099 clientTemp = infos[i].client;
1100 }
1101 }
1102 }
1103 }
1104
1105 if (clientTemp == NULL) {
1106 ALOGE_IF(!pendingRemovalOnly,
1107 "getBiggestClient_l: can't find resource type %s and subtype %s for pid %d",
1108 asString(type), asString(subType), pid);
1109 return false;
1110 }
1111
1112 *client = clientTemp;
1113 return true;
1114 }
1115
1116 } // namespace android
1117