Merge changes from topics "ndk-fixed-size-array", "simplify-ndk-backend" am: 3183b5c2cc am: 3f1d935b11
Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/1906327
Change-Id: I8f917b350d2f356da0e035a04af9d0d88d30ce5d
diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp
index 7027a4b..ba57a98 100644
--- a/libs/binder/Parcel.cpp
+++ b/libs/binder/Parcel.cpp
@@ -2202,12 +2202,14 @@
type == BINDER_TYPE_FD)) {
// We should never receive other types (eg BINDER_TYPE_FDA) as long as we don't support
// them in libbinder. If we do receive them, it probably means a kernel bug; try to
- // recover gracefully by clearing out the objects, and releasing the objects we do
- // know about.
+ // recover gracefully by clearing out the objects.
android_errorWriteLog(0x534e4554, "135930648");
+ android_errorWriteLog(0x534e4554, "203847542");
ALOGE("%s: unsupported type object (%" PRIu32 ") at offset %" PRIu64 "\n",
__func__, type, (uint64_t)offset);
- releaseObjects();
+
+ // WARNING: callers of ipcSetDataReference need to make sure they
+ // don't rely on mObjectsSize in their release_func.
mObjectsSize = 0;
break;
}
diff --git a/libs/binder/tests/binderLibTest.cpp b/libs/binder/tests/binderLibTest.cpp
index c893899..63a4b2c 100644
--- a/libs/binder/tests/binderLibTest.cpp
+++ b/libs/binder/tests/binderLibTest.cpp
@@ -112,7 +112,7 @@
BINDER_LIB_TEST_NOP_TRANSACTION_WAIT,
BINDER_LIB_TEST_GETPID,
BINDER_LIB_TEST_ECHO_VECTOR,
- BINDER_LIB_TEST_REJECT_BUF,
+ BINDER_LIB_TEST_REJECT_OBJECTS,
BINDER_LIB_TEST_CAN_GET_SID,
};
@@ -1166,13 +1166,53 @@
memcpy(parcelData, &obj, sizeof(obj));
data.setDataSize(sizeof(obj));
+ EXPECT_EQ(data.objectsCount(), 1);
+
// Either the kernel should reject this transaction (if it's correct), but
// if it's not, the server implementation should return an error if it
// finds an object in the received Parcel.
- EXPECT_THAT(server->transact(BINDER_LIB_TEST_REJECT_BUF, data, &reply),
+ EXPECT_THAT(server->transact(BINDER_LIB_TEST_REJECT_OBJECTS, data, &reply),
Not(StatusEq(NO_ERROR)));
}
+TEST_F(BinderLibTest, WeakRejected) {
+ Parcel data, reply;
+ sp<IBinder> server = addServer();
+ ASSERT_TRUE(server != nullptr);
+
+ auto binder = sp<BBinder>::make();
+ wp<BBinder> wpBinder(binder);
+ flat_binder_object obj{
+ .hdr = {.type = BINDER_TYPE_WEAK_BINDER},
+ .flags = 0,
+ .binder = reinterpret_cast<uintptr_t>(wpBinder.get_refs()),
+ .cookie = reinterpret_cast<uintptr_t>(wpBinder.unsafe_get()),
+ };
+ data.setDataCapacity(1024);
+ // Write a bogus object at offset 0 to get an entry in the offset table
+ data.writeFileDescriptor(0);
+ EXPECT_EQ(data.objectsCount(), 1);
+ uint8_t *parcelData = const_cast<uint8_t *>(data.data());
+ // And now, overwrite it with the weak binder
+ memcpy(parcelData, &obj, sizeof(obj));
+ data.setDataSize(sizeof(obj));
+
+ // a previous bug caused other objects to be released an extra time, so we
+ // test with an object that libbinder will actually try to release
+ EXPECT_EQ(OK, data.writeStrongBinder(sp<BBinder>::make()));
+
+ EXPECT_EQ(data.objectsCount(), 2);
+
+ // send it many times, since previous error was memory corruption, make it
+ // more likely that the server crashes
+ for (size_t i = 0; i < 100; i++) {
+ EXPECT_THAT(server->transact(BINDER_LIB_TEST_REJECT_OBJECTS, data, &reply),
+ StatusEq(BAD_VALUE));
+ }
+
+ EXPECT_THAT(server->pingBinder(), StatusEq(NO_ERROR));
+}
+
TEST_F(BinderLibTest, GotSid) {
sp<IBinder> server = addServer();
@@ -1566,7 +1606,7 @@
reply->writeUint64Vector(vector);
return NO_ERROR;
}
- case BINDER_LIB_TEST_REJECT_BUF: {
+ case BINDER_LIB_TEST_REJECT_OBJECTS: {
return data.objectsCount() == 0 ? BAD_VALUE : NO_ERROR;
}
case BINDER_LIB_TEST_CAN_GET_SID: {
diff --git a/services/sensorservice/SensorInterface.cpp b/services/sensorservice/SensorInterface.cpp
index c285c00..46f00e8 100644
--- a/services/sensorservice/SensorInterface.cpp
+++ b/services/sensorservice/SensorInterface.cpp
@@ -92,31 +92,13 @@
}
status_t ProximitySensor::activate(void* ident, bool enabled) {
- bool lastState = mSensorDevice.isSensorActive(mSensor.getHandle());
-
status_t status = HardwareSensor::activate(ident, enabled);
if (status != NO_ERROR) {
return status;
}
-
- bool currentState = mSensorDevice.isSensorActive(mSensor.getHandle());
- if (currentState != lastState) {
- mSensorService.onProximityActiveLocked(currentState);
- }
+ mSensorService.checkAndReportProxStateChangeLocked();
return NO_ERROR;
}
-void ProximitySensor::willDisableAllSensors() {
- if (mSensorDevice.isSensorActive(mSensor.getHandle())) {
- mSensorService.onProximityActiveLocked(false);
- }
-}
-
-void ProximitySensor::didEnableAllSensors() {
- if (mSensorDevice.isSensorActive(mSensor.getHandle())) {
- mSensorService.onProximityActiveLocked(true);
- }
-}
-
// ---------------------------------------------------------------------------
}; // namespace android
diff --git a/services/sensorservice/SensorInterface.h b/services/sensorservice/SensorInterface.h
index 4e9f7bf..5704359 100644
--- a/services/sensorservice/SensorInterface.h
+++ b/services/sensorservice/SensorInterface.h
@@ -44,9 +44,6 @@
virtual const Sensor& getSensor() const = 0;
virtual bool isVirtual() const = 0;
virtual void autoDisable(void* /*ident*/, int /*handle*/) = 0;
-
- virtual void willDisableAllSensors() = 0;
- virtual void didEnableAllSensors() = 0;
};
class BaseSensor : public SensorInterface {
@@ -70,8 +67,6 @@
virtual const Sensor& getSensor() const override { return mSensor; }
virtual void autoDisable(void* /*ident*/, int /*handle*/) override { }
- virtual void willDisableAllSensors() override { }
- virtual void didEnableAllSensors() override { }
protected:
SensorDevice& mSensorDevice;
Sensor mSensor;
@@ -115,8 +110,6 @@
status_t activate(void* ident, bool enabled) override;
- void willDisableAllSensors() override;
- void didEnableAllSensors() override;
private:
SensorService& mSensorService;
};
diff --git a/services/sensorservice/SensorService.cpp b/services/sensorservice/SensorService.cpp
index 726fe8e..bdbae7b 100644
--- a/services/sensorservice/SensorService.cpp
+++ b/services/sensorservice/SensorService.cpp
@@ -103,7 +103,7 @@
SensorService::SensorService()
: mInitCheck(NO_INIT), mSocketBufferSize(SOCKET_BUFFER_SIZE_NON_BATCHED),
- mWakeLockAcquired(false), mProximityActiveCount(0) {
+ mWakeLockAcquired(false), mLastReportedProxIsActive(false) {
mUidPolicy = new UidPolicy(this);
mSensorPrivacyPolicy = new SensorPrivacyPolicy(this);
}
@@ -204,9 +204,11 @@
}
if (useThisSensor) {
if (list[i].type == SENSOR_TYPE_PROXIMITY) {
- registerSensor(new ProximitySensor(list[i], *this));
+ SensorInterface* s = new ProximitySensor(list[i], *this);
+ registerSensor(s);
+ mProxSensorHandles.push_back(s->getSensor().getHandle());
} else {
- registerSensor( new HardwareSensor(list[i]) );
+ registerSensor(new HardwareSensor(list[i]));
}
}
}
@@ -331,6 +333,7 @@
conn->onSensorAccessChanged(hasAccess);
}
}
+ checkAndReportProxStateChangeLocked();
}
bool SensorService::hasSensorAccess(uid_t uid, const String16& opPackageName) {
@@ -680,11 +683,8 @@
bool hasAccess = hasSensorAccessLocked(conn->getUid(), conn->getOpPackageName());
conn->onSensorAccessChanged(hasAccess);
}
- mSensors.forEachEntry([](const SensorServiceUtil::SensorList::Entry& e) {
- e.si->willDisableAllSensors();
- return true;
- });
dev.disableAllSensors();
+ checkAndReportProxStateChangeLocked();
// Clear all pending flush connections for all active sensors. If one of the active
// connections has called flush() and the underlying sensor has been disabled before a
// flush complete event is returned, we need to remove the connection from this queue.
@@ -709,14 +709,11 @@
}
SensorDevice& dev(SensorDevice::getInstance());
dev.enableAllSensors();
- mSensors.forEachEntry([](const SensorServiceUtil::SensorList::Entry& e) {
- e.si->didEnableAllSensors();
- return true;
- });
for (const sp<SensorDirectConnection>& conn : connLock->getDirectConnections()) {
bool hasAccess = hasSensorAccessLocked(conn->getUid(), conn->getOpPackageName());
conn->onSensorAccessChanged(hasAccess);
}
+ checkAndReportProxStateChangeLocked();
}
void SensorService::capRates(userid_t userId) {
@@ -1538,10 +1535,7 @@
if (err == NO_ERROR) {
mCurrentOperatingMode = NORMAL;
dev.enableAllSensors();
- mSensors.forEachEntry([](const SensorServiceUtil::SensorList::Entry& e) {
- e.si->didEnableAllSensors();
- return true;
- });
+ checkAndReportProxStateChangeLocked();
}
return err;
}
@@ -1606,28 +1600,26 @@
mConnectionHolder.removeDirectConnection(c);
}
-void SensorService::onProximityActiveLocked(bool isActive) {
- int prevCount = mProximityActiveCount;
- bool activeStateChanged = false;
- if (isActive) {
- mProximityActiveCount++;
- activeStateChanged = prevCount == 0;
- } else {
- mProximityActiveCount--;
- if (mProximityActiveCount < 0) {
- ALOGE("Proximity active count is negative (%d)!", mProximityActiveCount);
- }
- activeStateChanged = prevCount > 0 && mProximityActiveCount <= 0;
- }
+void SensorService::checkAndReportProxStateChangeLocked() {
+ if (mProxSensorHandles.empty()) return;
- if (activeStateChanged) {
- notifyProximityStateLocked(mProximityActiveListeners);
+ SensorDevice& dev(SensorDevice::getInstance());
+ bool isActive = false;
+ for (auto& sensor : mProxSensorHandles) {
+ if (dev.isSensorActive(sensor)) {
+ isActive = true;
+ break;
+ }
+ }
+ if (isActive != mLastReportedProxIsActive) {
+ notifyProximityStateLocked(isActive, mProximityActiveListeners);
+ mLastReportedProxIsActive = isActive;
}
}
void SensorService::notifyProximityStateLocked(
+ const bool isActive,
const std::vector<sp<ProximityActiveListener>>& listeners) {
- const bool isActive = mProximityActiveCount > 0;
const uint64_t mySeq = ++curProxCallbackSeq;
std::thread t([isActive, mySeq, listenersCopy = listeners]() {
while (completedCallbackSeq.load() != mySeq - 1)
@@ -1655,7 +1647,7 @@
mProximityActiveListeners.push_back(callback);
std::vector<sp<ProximityActiveListener>> listener(1, callback);
- notifyProximityStateLocked(listener);
+ notifyProximityStateLocked(mLastReportedProxIsActive, listener);
return OK;
}
diff --git a/services/sensorservice/SensorService.h b/services/sensorservice/SensorService.h
index def6611..b059e61 100644
--- a/services/sensorservice/SensorService.h
+++ b/services/sensorservice/SensorService.h
@@ -103,8 +103,9 @@
void cleanupConnection(SensorDirectConnection* c);
// Call with mLock held.
- void onProximityActiveLocked(bool isActive);
- void notifyProximityStateLocked(const std::vector<sp<ProximityActiveListener>>& listeners);
+ void checkAndReportProxStateChangeLocked();
+ void notifyProximityStateLocked(const bool isActive,
+ const std::vector<sp<ProximityActiveListener>>& listeners);
status_t enable(const sp<SensorEventConnection>& connection, int handle,
nsecs_t samplingPeriodNs, nsecs_t maxBatchReportLatencyNs, int reservedFlags,
@@ -496,8 +497,11 @@
// Checks if the mic sensor privacy is enabled for the uid
bool isMicSensorPrivacyEnabledForUid(uid_t uid);
- // Counts how many proximity sensors are currently active.
- int mProximityActiveCount;
+ // Keeps track of the handles of all proximity sensors in the system.
+ std::vector<int32_t> mProxSensorHandles;
+ // The last proximity sensor active state reported to listeners.
+ bool mLastReportedProxIsActive;
+ // Listeners subscribed to receive updates on the proximity sensor active state.
std::vector<sp<ProximityActiveListener>> mProximityActiveListeners;
};