blob: 8b36f1f0ef4a154d515f27533b4f00d5721f241e [file] [log] [blame]
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "HidlSupport"
#include <hidl/HidlBinderSupport.h>
#include <android/hidl/base/1.0/BpHwBase.h>
#include <android/hidl/manager/1.0/BpHwServiceManager.h>
#include <android/hidl/manager/1.1/BpHwServiceManager.h>
#include <android/hidl/manager/1.2/BpHwServiceManager.h>
#include <hwbinder/IPCThreadState.h>
#include "InternalStatic.h" // TODO(b/69122224): remove this include, for getOrCreateCachedBinder
// C includes
#include <inttypes.h>
#include <unistd.h>
// C++ includes
#include <fstream>
#include <sstream>
namespace android {
namespace hardware {
hidl_binder_death_recipient::hidl_binder_death_recipient(const sp<hidl_death_recipient> &recipient,
uint64_t cookie, const sp<::android::hidl::base::V1_0::IBase> &base) :
mRecipient(recipient), mCookie(cookie), mBase(base) {
}
void hidl_binder_death_recipient::binderDied(const wp<IBinder>& /*who*/) {
sp<hidl_death_recipient> recipient = mRecipient.promote();
if (recipient != nullptr && mBase != nullptr) {
recipient->serviceDied(mCookie, mBase);
}
mBase = nullptr;
}
wp<hidl_death_recipient> hidl_binder_death_recipient::getRecipient() {
return mRecipient;
}
const size_t hidl_handle::kOffsetOfNativeHandle = offsetof(hidl_handle, mHandle);
static_assert(hidl_handle::kOffsetOfNativeHandle == 0, "wrong offset");
status_t readEmbeddedFromParcel(const hidl_handle& /* handle */,
const Parcel &parcel, size_t parentHandle, size_t parentOffset) {
const native_handle_t *handle;
status_t _hidl_err = parcel.readNullableEmbeddedNativeHandle(
parentHandle,
parentOffset + hidl_handle::kOffsetOfNativeHandle,
&handle);
return _hidl_err;
}
status_t writeEmbeddedToParcel(const hidl_handle &handle,
Parcel *parcel, size_t parentHandle, size_t parentOffset) {
status_t _hidl_err = parcel->writeEmbeddedNativeHandle(
handle.getNativeHandle(),
parentHandle,
parentOffset + hidl_handle::kOffsetOfNativeHandle);
return _hidl_err;
}
const size_t hidl_memory::kOffsetOfHandle = offsetof(hidl_memory, mHandle);
const size_t hidl_memory::kOffsetOfName = offsetof(hidl_memory, mName);
static_assert(hidl_memory::kOffsetOfHandle == 0, "wrong offset");
static_assert(hidl_memory::kOffsetOfName == 24, "wrong offset");
status_t readEmbeddedFromParcel(const hidl_memory& memory,
const Parcel &parcel, size_t parentHandle, size_t parentOffset) {
// TODO(b/111883309): Invoke readEmbeddedFromParcel(hidl_handle, ...).
const native_handle_t *handle;
::android::status_t _hidl_err = parcel.readNullableEmbeddedNativeHandle(
parentHandle,
parentOffset + hidl_memory::kOffsetOfHandle,
&handle);
if (_hidl_err == ::android::OK) {
_hidl_err = readEmbeddedFromParcel(
memory.name(),
parcel,
parentHandle,
parentOffset + hidl_memory::kOffsetOfName);
}
// hidl_memory's size is stored in uint64_t, but mapMemory's mmap will map
// size in size_t. If size is over SIZE_MAX, mapMemory could succeed
// but the mapped memory's actual size will be smaller than the reported size.
if (memory.size() > SIZE_MAX) {
ALOGE("Cannot use memory with %" PRId64 " bytes because it is too large.", memory.size());
android_errorWriteLog(0x534e4554, "79376389");
return BAD_VALUE;
}
return _hidl_err;
}
status_t writeEmbeddedToParcel(const hidl_memory &memory,
Parcel *parcel, size_t parentHandle, size_t parentOffset) {
// TODO(b/111883309): Invoke writeEmbeddedToParcel(hidl_handle, ...).
status_t _hidl_err = parcel->writeEmbeddedNativeHandle(
memory.handle(),
parentHandle,
parentOffset + hidl_memory::kOffsetOfHandle);
if (_hidl_err == ::android::OK) {
_hidl_err = writeEmbeddedToParcel(
memory.name(),
parcel,
parentHandle,
parentOffset + hidl_memory::kOffsetOfName);
}
return _hidl_err;
}
const size_t hidl_string::kOffsetOfBuffer = offsetof(hidl_string, mBuffer);
static_assert(hidl_string::kOffsetOfBuffer == 0, "wrong offset");
status_t readEmbeddedFromParcel(const hidl_string &string ,
const Parcel &parcel, size_t parentHandle, size_t parentOffset) {
const void *out;
status_t status = parcel.readEmbeddedBuffer(
string.size() + 1,
nullptr /* buffer_handle */,
parentHandle,
parentOffset + hidl_string::kOffsetOfBuffer,
&out);
if (status != OK) {
return status;
}
// Always safe to access out[string.size()] because we read size+1 bytes
if (static_cast<const char *>(out)[string.size()] != '\0') {
ALOGE("Received unterminated hidl_string buffer.");
return BAD_VALUE;
}
return OK;
}
status_t writeEmbeddedToParcel(const hidl_string &string,
Parcel *parcel, size_t parentHandle, size_t parentOffset) {
return parcel->writeEmbeddedBuffer(
string.c_str(),
string.size() + 1,
nullptr /* handle */,
parentHandle,
parentOffset + hidl_string::kOffsetOfBuffer);
}
status_t readFromParcel(Status *s, const Parcel& parcel) {
int32_t exception;
status_t status = parcel.readInt32(&exception);
if (status != OK) {
s->setFromStatusT(status);
return status;
}
if (exception == Status::EX_NONE) {
*s = Status::ok();
return status;
}
// The remote threw an exception. Get the message back.
String16 message;
status = parcel.readString16(&message);
if (status != OK) {
s->setFromStatusT(status);
return status;
}
s->setException(exception, String8(message));
return status;
}
status_t writeToParcel(const Status &s, Parcel* parcel) {
// Something really bad has happened, and we're not going to even
// try returning rich error data.
if (s.exceptionCode() == Status::EX_TRANSACTION_FAILED) {
return s.transactionError();
}
status_t status = parcel->writeInt32(s.exceptionCode());
if (status != OK) { return status; }
if (s.exceptionCode() == Status::EX_NONE) {
// We have no more information to write.
return status;
}
status = parcel->writeString16(String16(s.exceptionMessage()));
return status;
}
// assume: iface != nullptr, iface isRemote
// This function is to sandbox a cast through a BpHw* class into a function, so
// that we can remove cfi sanitization from it. Do not add additional
// functionality here.
__attribute__((no_sanitize("cfi"))) static inline BpHwRefBase* forceGetRefBase(
::android::hidl::base::V1_0::IBase* ifacePtr) {
using ::android::hidl::base::V1_0::BpHwBase;
// canary only
static_assert(sizeof(BpHwBase) == sizeof(hidl::manager::V1_0::BpHwServiceManager));
static_assert(sizeof(BpHwBase) == sizeof(hidl::manager::V1_1::BpHwServiceManager));
static_assert(sizeof(BpHwBase) == sizeof(hidl::manager::V1_2::BpHwServiceManager));
// All BpHw* are generated the same. This may be BpHwServiceManager,
// BpHwFoo, or any other class. For ABI compatibility, we can't modify the
// class hierarchy of these, so we have no way to get BpHwRefBase from a
// remote ifacePtr.
BpHwBase* bpBase = static_cast<BpHwBase*>(ifacePtr);
return static_cast<BpHwRefBase*>(bpBase);
}
sp<IBinder> getOrCreateCachedBinder(::android::hidl::base::V1_0::IBase* ifacePtr) {
if (ifacePtr == nullptr) {
return nullptr;
}
if (ifacePtr->isRemote()) {
BpHwRefBase* bpRefBase = forceGetRefBase(ifacePtr);
return sp<IBinder>(bpRefBase->remote());
}
std::string descriptor = details::getDescriptor(ifacePtr);
if (descriptor.empty()) {
// interfaceDescriptor fails
return nullptr;
}
// for get + set
std::unique_lock<std::mutex> _lock = details::gBnMap->lock();
wp<BHwBinder> wBnObj = details::gBnMap->getLocked(ifacePtr, nullptr);
sp<IBinder> sBnObj = wBnObj.promote();
if (sBnObj == nullptr) {
auto func = details::getBnConstructorMap().get(descriptor, nullptr);
LOG_ALWAYS_FATAL_IF(func == nullptr, "%s getBnConstructorMap returned null for %s",
__func__, descriptor.c_str());
sBnObj = sp<IBinder>(func(static_cast<void*>(ifacePtr)));
LOG_ALWAYS_FATAL_IF(sBnObj == nullptr, "%s Bn constructor function returned null for %s",
__func__, descriptor.c_str());
details::gBnMap->setLocked(ifacePtr, static_cast<BHwBinder*>(sBnObj.get()));
}
return sBnObj;
}
static bool gThreadPoolConfigured = false;
void configureBinderRpcThreadpool(size_t maxThreads, bool callerWillJoin) {
status_t ret = ProcessState::self()->setThreadPoolConfiguration(
maxThreads, callerWillJoin /*callerJoinsPool*/);
LOG_ALWAYS_FATAL_IF(ret != OK, "Could not setThreadPoolConfiguration: %d", ret);
gThreadPoolConfigured = true;
}
void joinBinderRpcThreadpool() {
LOG_ALWAYS_FATAL_IF(!gThreadPoolConfigured,
"HIDL joinRpcThreadpool without calling configureRpcThreadPool.");
IPCThreadState::self()->joinThreadPool();
}
int setupBinderPolling() {
int fd;
int err = IPCThreadState::self()->setupPolling(&fd);
LOG_ALWAYS_FATAL_IF(err != OK, "Failed to setup binder polling: %d (%s)", err, strerror(err));
return err == OK ? fd : -1;
}
status_t handleBinderPoll() {
return IPCThreadState::self()->handlePolledCommands();
}
void addPostCommandTask(const std::function<void(void)> task) {
IPCThreadState::self()->addPostCommandTask(task);
}
} // namespace hardware
} // namespace android