Merge "libbinder: Handle large messages in Trusty" into main am: 33929991a1 am: b7750d5748
Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/3275274
Change-Id: I222de86d15904ed1c5501667706f6f4dff242aa1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/libs/binder/trusty/RpcTransportTipcTrusty.cpp b/libs/binder/trusty/RpcTransportTipcTrusty.cpp
index c74ba0a..65ad896 100644
--- a/libs/binder/trusty/RpcTransportTipcTrusty.cpp
+++ b/libs/binder/trusty/RpcTransportTipcTrusty.cpp
@@ -47,6 +47,71 @@
return mHaveMessage ? OK : WOULD_BLOCK;
}
+ void moveMsgStart(ipc_msg_t* msg, size_t msg_size, size_t offset) {
+ LOG_ALWAYS_FATAL_IF(offset > msg_size, "tried to move message past its end %zd>%zd", offset,
+ msg_size);
+ while (true) {
+ if (offset == 0) {
+ break;
+ }
+ if (offset >= msg->iov[0].iov_len) {
+ // Move to the next iov, this one was sent already
+ offset -= msg->iov[0].iov_len;
+ msg->iov++;
+ msg->num_iov -= 1;
+ } else {
+ // We need to move the base of the current iov
+ msg->iov[0].iov_len -= offset;
+ msg->iov[0].iov_base = static_cast<char*>(msg->iov[0].iov_base) + offset;
+ offset = 0;
+ }
+ }
+ // We only send handles on the first message. This can be changed in the future if we want
+ // to send more handles than the maximum per message limit (which would require sending
+ // multiple messages). The current code makes sure that we send less handles than the
+ // maximum trusty allows.
+ msg->num_handles = 0;
+ }
+
+ status_t sendTrustyMsg(ipc_msg_t* msg, size_t msg_size) {
+ do {
+ ssize_t rc = send_msg(mSocket.fd.get(), msg);
+ if (rc == ERR_NOT_ENOUGH_BUFFER) {
+ // Peer is blocked, wait until it unblocks.
+ // TODO: when tipc supports a send-unblocked handler,
+ // save the message here in a queue and retry it asynchronously
+ // when the handler gets called by the library
+ uevent uevt;
+ do {
+ rc = ::wait(mSocket.fd.get(), &uevt, INFINITE_TIME);
+ if (rc < 0) {
+ return statusFromTrusty(rc);
+ }
+ if (uevt.event & IPC_HANDLE_POLL_HUP) {
+ return DEAD_OBJECT;
+ }
+ } while (!(uevt.event & IPC_HANDLE_POLL_SEND_UNBLOCKED));
+
+ // Retry the send, it should go through this time because
+ // sending is now unblocked
+ rc = send_msg(mSocket.fd.get(), msg);
+ }
+ if (rc < 0) {
+ return statusFromTrusty(rc);
+ }
+ size_t sent_bytes = static_cast<size_t>(rc);
+ if (sent_bytes < msg_size) {
+ moveMsgStart(msg, msg_size, static_cast<size_t>(sent_bytes));
+ msg_size -= sent_bytes;
+ } else {
+ LOG_ALWAYS_FATAL_IF(static_cast<size_t>(rc) != msg_size,
+ "Sent the wrong number of bytes %zd!=%zu", rc, msg_size);
+ break;
+ }
+ } while (true);
+ return OK;
+ }
+
status_t interruptableWriteFully(
FdTrigger* /*fdTrigger*/, iovec* iovs, int niovs,
const std::optional<SmallFunction<status_t()>>& /*altPoll*/,
@@ -86,34 +151,7 @@
msg.handles = msgHandles;
}
- ssize_t rc = send_msg(mSocket.fd.get(), &msg);
- if (rc == ERR_NOT_ENOUGH_BUFFER) {
- // Peer is blocked, wait until it unblocks.
- // TODO: when tipc supports a send-unblocked handler,
- // save the message here in a queue and retry it asynchronously
- // when the handler gets called by the library
- uevent uevt;
- do {
- rc = ::wait(mSocket.fd.get(), &uevt, INFINITE_TIME);
- if (rc < 0) {
- return statusFromTrusty(rc);
- }
- if (uevt.event & IPC_HANDLE_POLL_HUP) {
- return DEAD_OBJECT;
- }
- } while (!(uevt.event & IPC_HANDLE_POLL_SEND_UNBLOCKED));
-
- // Retry the send, it should go through this time because
- // sending is now unblocked
- rc = send_msg(mSocket.fd.get(), &msg);
- }
- if (rc < 0) {
- return statusFromTrusty(rc);
- }
- LOG_ALWAYS_FATAL_IF(static_cast<size_t>(rc) != size,
- "Sent the wrong number of bytes %zd!=%zu", rc, size);
-
- return OK;
+ return sendTrustyMsg(&msg, size);
}
status_t interruptableReadFully(