Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / 7c292522d1a2c5751a4f4419d63d6d1d365d1905 / . / cmds / servicemanager / binder.c
blob: cf3b1728b62d56c8ea0275dfcc61ef2933e76c23 [file] [log] [blame]
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]1/* Copyright 2008 The Android Open Source Project
2 */
3
Mark Salyzyna5e161b2016-09-29 08:08:05 -0700[diff] [blame]4#define LOG_TAG "Binder"
5
6#include <errno.h>
7#include <fcntl.h>
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]8#include <inttypes.h>
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]9#include <stdio.h>
10#include <stdlib.h>
Elliott Hughes824e30e2015-01-29 22:32:32 -0800[diff] [blame]11#include <string.h>
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]12#include <sys/mman.h>
Mark Salyzyna5e161b2016-09-29 08:08:05 -0700[diff] [blame]13#include <unistd.h>
14
Mark Salyzyn7823e122016-09-29 08:08:05 -0700[diff] [blame]15#include <log/log.h>
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]16
17#include "binder.h"
18
19#define MAX_BIO_SIZE (1 << 30)
20
21#define TRACE 0
22
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]23void bio_init_from_txn(struct binder_io *io, struct binder_transaction_data *txn);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]24
25#if TRACE
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]26void hexdump(void *_data, size_t len)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]27{
28 unsigned char *data = _data;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]29 size_t count;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]30
31 for (count = 0; count < len; count++) {
32 if ((count & 15) == 0)
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]33 fprintf(stderr,"%04zu:", count);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]34 fprintf(stderr," %02x %c", *data,
35 (*data < 32) || (*data > 126) ? '.' : *data);
36 data++;
37 if ((count & 15) == 15)
38 fprintf(stderr,"\n");
39 }
40 if ((count & 15) != 0)
41 fprintf(stderr,"\n");
42}
43
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]44void binder_dump_txn(struct binder_transaction_data *txn)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]45{
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]46 struct flat_binder_object *obj;
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]47 binder_size_t *offs = (binder_size_t *)(uintptr_t)txn->data.ptr.offsets;
48 size_t count = txn->offsets_size / sizeof(binder_size_t);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]49
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]50 fprintf(stderr," target %016"PRIx64" cookie %016"PRIx64" code %08x flags %08x\n",
51 (uint64_t)txn->target.ptr, (uint64_t)txn->cookie, txn->code, txn->flags);
52 fprintf(stderr," pid %8d uid %8d data %"PRIu64" offs %"PRIu64"\n",
53 txn->sender_pid, txn->sender_euid, (uint64_t)txn->data_size, (uint64_t)txn->offsets_size);
54 hexdump((void *)(uintptr_t)txn->data.ptr.buffer, txn->data_size);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]55 while (count--) {
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]56 obj = (struct flat_binder_object *) (((char*)(uintptr_t)txn->data.ptr.buffer) + *offs++);
57 fprintf(stderr," - type %08x flags %08x ptr %016"PRIx64" cookie %016"PRIx64"\n",
58 obj->type, obj->flags, (uint64_t)obj->binder, (uint64_t)obj->cookie);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]59 }
60}
61
62#define NAME(n) case n: return #n
63const char *cmd_name(uint32_t cmd)
64{
65 switch(cmd) {
66 NAME(BR_NOOP);
67 NAME(BR_TRANSACTION_COMPLETE);
68 NAME(BR_INCREFS);
69 NAME(BR_ACQUIRE);
70 NAME(BR_RELEASE);
71 NAME(BR_DECREFS);
72 NAME(BR_TRANSACTION);
73 NAME(BR_REPLY);
74 NAME(BR_FAILED_REPLY);
75 NAME(BR_DEAD_REPLY);
76 NAME(BR_DEAD_BINDER);
77 default: return "???";
78 }
79}
80#else
81#define hexdump(a,b) do{} while (0)
82#define binder_dump_txn(txn) do{} while (0)
83#endif
84
85#define BIO_F_SHARED 0x01 /* needs to be buffer freed */
86#define BIO_F_OVERFLOW 0x02 /* ran out of space */
87#define BIO_F_IOERROR 0x04
88#define BIO_F_MALLOCED 0x08 /* needs to be free()'d */
89
90struct binder_state
91{
92 int fd;
93 void *mapped;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]94 size_t mapsize;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]95};
96
Martijn Coenen69b05152017-03-21 10:00:38 -0700[diff] [blame]97struct binder_state *binder_open(const char* driver, size_t mapsize)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]98{
99 struct binder_state *bs;
Serban Constantinescua44542c2014-01-30 15:16:45 +0000[diff] [blame]100 struct binder_version vers;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]101
102 bs = malloc(sizeof(*bs));
103 if (!bs) {
104 errno = ENOMEM;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]105 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]106 }
107
Martijn Coenen69b05152017-03-21 10:00:38 -0700[diff] [blame]108 bs->fd = open(driver, O_RDWR | O_CLOEXEC);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]109 if (bs->fd < 0) {
Martijn Coenen69b05152017-03-21 10:00:38 -0700[diff] [blame]110 fprintf(stderr,"binder: cannot open %s (%s)\n",
111 driver, strerror(errno));
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]112 goto fail_open;
113 }
114
Serban Constantinescua44542c2014-01-30 15:16:45 +0000[diff] [blame]115 if ((ioctl(bs->fd, BINDER_VERSION, &vers) == -1) ||
116 (vers.protocol_version != BINDER_CURRENT_PROTOCOL_VERSION)) {
Serban Constantinescu018cf412014-02-19 15:34:02 +0000[diff] [blame]117 fprintf(stderr,
118 "binder: kernel driver version (%d) differs from user space version (%d)\n",
119 vers.protocol_version, BINDER_CURRENT_PROTOCOL_VERSION);
Serban Constantinescua44542c2014-01-30 15:16:45 +0000[diff] [blame]120 goto fail_open;
121 }
122
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]123 bs->mapsize = mapsize;
124 bs->mapped = mmap(NULL, mapsize, PROT_READ, MAP_PRIVATE, bs->fd, 0);
125 if (bs->mapped == MAP_FAILED) {
126 fprintf(stderr,"binder: cannot map device (%s)\n",
127 strerror(errno));
128 goto fail_map;
129 }
130
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]131 return bs;
132
133fail_map:
134 close(bs->fd);
135fail_open:
136 free(bs);
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]137 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]138}
139
140void binder_close(struct binder_state *bs)
141{
142 munmap(bs->mapped, bs->mapsize);
143 close(bs->fd);
144 free(bs);
145}
146
147int binder_become_context_manager(struct binder_state *bs)
148{
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]149 struct flat_binder_object obj;
150 memset(&obj, 0, sizeof(obj));
151 obj.flags = FLAT_BINDER_FLAG_TXN_SECURITY_CTX;
152
153 int result = ioctl(bs->fd, BINDER_SET_CONTEXT_MGR_EXT, &obj);
154
155 // fallback to original method
156 if (result != 0) {
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]157 android_errorWriteLog(0x534e4554, "121035042");
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]158
159 result = ioctl(bs->fd, BINDER_SET_CONTEXT_MGR, 0);
160 }
161 return result;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]162}
163
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]164int binder_write(struct binder_state *bs, void *data, size_t len)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]165{
166 struct binder_write_read bwr;
167 int res;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]168
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]169 bwr.write_size = len;
170 bwr.write_consumed = 0;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]171 bwr.write_buffer = (uintptr_t) data;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]172 bwr.read_size = 0;
173 bwr.read_consumed = 0;
174 bwr.read_buffer = 0;
175 res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr);
176 if (res < 0) {
177 fprintf(stderr,"binder_write: ioctl failed (%s)\n",
178 strerror(errno));
179 }
180 return res;
181}
182
dcashman51f592c2016-03-11 10:38:10 -0800[diff] [blame]183void binder_free_buffer(struct binder_state *bs,
184 binder_uintptr_t buffer_to_free)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]185{
186 struct {
187 uint32_t cmd_free;
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]188 binder_uintptr_t buffer;
dcashman51f592c2016-03-11 10:38:10 -0800[diff] [blame]189 } __attribute__((packed)) data;
190 data.cmd_free = BC_FREE_BUFFER;
191 data.buffer = buffer_to_free;
192 binder_write(bs, &data, sizeof(data));
193}
194
195void binder_send_reply(struct binder_state *bs,
196 struct binder_io *reply,
Mark Salyzyn52aa4a72016-05-25 13:14:10 -0700[diff] [blame]197 binder_uintptr_t buffer_to_free,
dcashman51f592c2016-03-11 10:38:10 -0800[diff] [blame]198 int status)
199{
200 struct {
Mark Salyzyn52aa4a72016-05-25 13:14:10 -0700[diff] [blame]201 uint32_t cmd_free;
202 binder_uintptr_t buffer;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]203 uint32_t cmd_reply;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]204 struct binder_transaction_data txn;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]205 } __attribute__((packed)) data;
206
Mark Salyzyn52aa4a72016-05-25 13:14:10 -0700[diff] [blame]207 data.cmd_free = BC_FREE_BUFFER;
208 data.buffer = buffer_to_free;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]209 data.cmd_reply = BC_REPLY;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]210 data.txn.target.ptr = 0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]211 data.txn.cookie = 0;
212 data.txn.code = 0;
213 if (status) {
214 data.txn.flags = TF_STATUS_CODE;
215 data.txn.data_size = sizeof(int);
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]216 data.txn.offsets_size = 0;
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]217 data.txn.data.ptr.buffer = (uintptr_t)&status;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]218 data.txn.data.ptr.offsets = 0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]219 } else {
220 data.txn.flags = 0;
221 data.txn.data_size = reply->data - reply->data0;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]222 data.txn.offsets_size = ((char*) reply->offs) - ((char*) reply->offs0);
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]223 data.txn.data.ptr.buffer = (uintptr_t)reply->data0;
224 data.txn.data.ptr.offsets = (uintptr_t)reply->offs0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]225 }
226 binder_write(bs, &data, sizeof(data));
227}
228
229int binder_parse(struct binder_state *bs, struct binder_io *bio,
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]230 uintptr_t ptr, size_t size, binder_handler func)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]231{
232 int r = 1;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]233 uintptr_t end = ptr + (uintptr_t) size;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]234
235 while (ptr < end) {
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]236 uint32_t cmd = *(uint32_t *) ptr;
237 ptr += sizeof(uint32_t);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]238#if TRACE
239 fprintf(stderr,"%s:\n", cmd_name(cmd));
240#endif
241 switch(cmd) {
242 case BR_NOOP:
243 break;
244 case BR_TRANSACTION_COMPLETE:
245 break;
246 case BR_INCREFS:
247 case BR_ACQUIRE:
248 case BR_RELEASE:
249 case BR_DECREFS:
250#if TRACE
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]251 fprintf(stderr," %p, %p\n", (void *)ptr, (void *)(ptr + sizeof(void *)));
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]252#endif
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]253 ptr += sizeof(struct binder_ptr_cookie);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]254 break;
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]255 case BR_TRANSACTION_SEC_CTX:
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]256 case BR_TRANSACTION: {
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]257 struct binder_transaction_data_secctx txn;
258 if (cmd == BR_TRANSACTION_SEC_CTX) {
259 if ((end - ptr) < sizeof(struct binder_transaction_data_secctx)) {
260 ALOGE("parse: txn too small (binder_transaction_data_secctx)!\n");
261 return -1;
262 }
263 memcpy(&txn, (void*) ptr, sizeof(struct binder_transaction_data_secctx));
264 ptr += sizeof(struct binder_transaction_data_secctx);
265 } else /* BR_TRANSACTION */ {
266 if ((end - ptr) < sizeof(struct binder_transaction_data)) {
267 ALOGE("parse: txn too small (binder_transaction_data)!\n");
268 return -1;
269 }
270 memcpy(&txn.transaction_data, (void*) ptr, sizeof(struct binder_transaction_data));
271 ptr += sizeof(struct binder_transaction_data);
272
273 txn.secctx = 0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]274 }
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]275
276 binder_dump_txn(&txn.transaction_data);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]277 if (func) {
278 unsigned rdata[256/4];
279 struct binder_io msg;
280 struct binder_io reply;
281 int res;
282
283 bio_init(&reply, rdata, sizeof(rdata), 4);
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]284 bio_init_from_txn(&msg, &txn.transaction_data);
285 res = func(bs, &txn, &msg, &reply);
286 if (txn.transaction_data.flags & TF_ONE_WAY) {
287 binder_free_buffer(bs, txn.transaction_data.data.ptr.buffer);
Mark Salyzyn52aa4a72016-05-25 13:14:10 -0700[diff] [blame]288 } else {
Steven Moreland3d795472019-01-04 17:51:30 -0800[diff] [blame]289 binder_send_reply(bs, &reply, txn.transaction_data.data.ptr.buffer, res);
Mark Salyzyn52aa4a72016-05-25 13:14:10 -0700[diff] [blame]290 }
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]291 }
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]292 break;
293 }
294 case BR_REPLY: {
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]295 struct binder_transaction_data *txn = (struct binder_transaction_data *) ptr;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]296 if ((end - ptr) < sizeof(*txn)) {
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]297 ALOGE("parse: reply too small!\n");
298 return -1;
299 }
300 binder_dump_txn(txn);
301 if (bio) {
302 bio_init_from_txn(bio, txn);
303 bio = 0;
304 } else {
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]305 /* todo FREE BUFFER */
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]306 }
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]307 ptr += sizeof(*txn);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]308 r = 0;
309 break;
310 }
311 case BR_DEAD_BINDER: {
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]312 struct binder_death *death = (struct binder_death *)(uintptr_t) *(binder_uintptr_t *)ptr;
313 ptr += sizeof(binder_uintptr_t);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]314 death->func(bs, death->ptr);
315 break;
316 }
317 case BR_FAILED_REPLY:
318 r = -1;
319 break;
320 case BR_DEAD_REPLY:
321 r = -1;
322 break;
323 default:
324 ALOGE("parse: OOPS %d\n", cmd);
325 return -1;
326 }
327 }
328
329 return r;
330}
331
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]332void binder_acquire(struct binder_state *bs, uint32_t target)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]333{
334 uint32_t cmd[2];
335 cmd[0] = BC_ACQUIRE;
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]336 cmd[1] = target;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]337 binder_write(bs, cmd, sizeof(cmd));
338}
339
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]340void binder_release(struct binder_state *bs, uint32_t target)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]341{
342 uint32_t cmd[2];
343 cmd[0] = BC_RELEASE;
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]344 cmd[1] = target;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]345 binder_write(bs, cmd, sizeof(cmd));
346}
347
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]348void binder_link_to_death(struct binder_state *bs, uint32_t target, struct binder_death *death)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]349{
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]350 struct {
351 uint32_t cmd;
352 struct binder_handle_cookie payload;
353 } __attribute__((packed)) data;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]354
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]355 data.cmd = BC_REQUEST_DEATH_NOTIFICATION;
356 data.payload.handle = target;
357 data.payload.cookie = (uintptr_t) death;
358 binder_write(bs, &data, sizeof(data));
359}
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]360
361int binder_call(struct binder_state *bs,
362 struct binder_io *msg, struct binder_io *reply,
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]363 uint32_t target, uint32_t code)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]364{
365 int res;
366 struct binder_write_read bwr;
367 struct {
368 uint32_t cmd;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]369 struct binder_transaction_data txn;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]370 } __attribute__((packed)) writebuf;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]371 unsigned readbuf[32];
372
373 if (msg->flags & BIO_F_OVERFLOW) {
374 fprintf(stderr,"binder: txn buffer overflow\n");
375 goto fail;
376 }
377
378 writebuf.cmd = BC_TRANSACTION;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]379 writebuf.txn.target.handle = target;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]380 writebuf.txn.code = code;
381 writebuf.txn.flags = 0;
382 writebuf.txn.data_size = msg->data - msg->data0;
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]383 writebuf.txn.offsets_size = ((char*) msg->offs) - ((char*) msg->offs0);
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]384 writebuf.txn.data.ptr.buffer = (uintptr_t)msg->data0;
385 writebuf.txn.data.ptr.offsets = (uintptr_t)msg->offs0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]386
387 bwr.write_size = sizeof(writebuf);
388 bwr.write_consumed = 0;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]389 bwr.write_buffer = (uintptr_t) &writebuf;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]390
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]391 hexdump(msg->data0, msg->data - msg->data0);
392 for (;;) {
393 bwr.read_size = sizeof(readbuf);
394 bwr.read_consumed = 0;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]395 bwr.read_buffer = (uintptr_t) readbuf;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]396
397 res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr);
398
399 if (res < 0) {
400 fprintf(stderr,"binder: ioctl failed (%s)\n", strerror(errno));
401 goto fail;
402 }
403
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]404 res = binder_parse(bs, reply, (uintptr_t) readbuf, bwr.read_consumed, 0);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]405 if (res == 0) return 0;
406 if (res < 0) goto fail;
407 }
408
409fail:
410 memset(reply, 0, sizeof(*reply));
411 reply->flags |= BIO_F_IOERROR;
412 return -1;
413}
414
415void binder_loop(struct binder_state *bs, binder_handler func)
416{
417 int res;
418 struct binder_write_read bwr;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]419 uint32_t readbuf[32];
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]420
421 bwr.write_size = 0;
422 bwr.write_consumed = 0;
423 bwr.write_buffer = 0;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]424
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]425 readbuf[0] = BC_ENTER_LOOPER;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]426 binder_write(bs, readbuf, sizeof(uint32_t));
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]427
428 for (;;) {
429 bwr.read_size = sizeof(readbuf);
430 bwr.read_consumed = 0;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]431 bwr.read_buffer = (uintptr_t) readbuf;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]432
433 res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr);
434
435 if (res < 0) {
436 ALOGE("binder_loop: ioctl failed (%s)\n", strerror(errno));
437 break;
438 }
439
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]440 res = binder_parse(bs, 0, (uintptr_t) readbuf, bwr.read_consumed, func);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]441 if (res == 0) {
442 ALOGE("binder_loop: unexpected reply?!\n");
443 break;
444 }
445 if (res < 0) {
446 ALOGE("binder_loop: io error %d %s\n", res, strerror(errno));
447 break;
448 }
449 }
450}
451
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]452void bio_init_from_txn(struct binder_io *bio, struct binder_transaction_data *txn)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]453{
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]454 bio->data = bio->data0 = (char *)(intptr_t)txn->data.ptr.buffer;
455 bio->offs = bio->offs0 = (binder_size_t *)(intptr_t)txn->data.ptr.offsets;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]456 bio->data_avail = txn->data_size;
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]457 bio->offs_avail = txn->offsets_size / sizeof(size_t);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]458 bio->flags = BIO_F_SHARED;
459}
460
461void bio_init(struct binder_io *bio, void *data,
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]462 size_t maxdata, size_t maxoffs)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]463{
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]464 size_t n = maxoffs * sizeof(size_t);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]465
466 if (n > maxdata) {
467 bio->flags = BIO_F_OVERFLOW;
468 bio->data_avail = 0;
469 bio->offs_avail = 0;
470 return;
471 }
472
473 bio->data = bio->data0 = (char *) data + n;
474 bio->offs = bio->offs0 = data;
475 bio->data_avail = maxdata - n;
476 bio->offs_avail = maxoffs;
477 bio->flags = 0;
478}
479
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]480static void *bio_alloc(struct binder_io *bio, size_t size)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]481{
482 size = (size + 3) & (~3);
483 if (size > bio->data_avail) {
484 bio->flags |= BIO_F_OVERFLOW;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]485 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]486 } else {
487 void *ptr = bio->data;
488 bio->data += size;
489 bio->data_avail -= size;
490 return ptr;
491 }
492}
493
494void binder_done(struct binder_state *bs,
Ian Pedowitzd57d9b92016-02-19 08:34:43 +0000[diff] [blame]495 __unused struct binder_io *msg,
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]496 struct binder_io *reply)
497{
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]498 struct {
499 uint32_t cmd;
500 uintptr_t buffer;
501 } __attribute__((packed)) data;
502
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]503 if (reply->flags & BIO_F_SHARED) {
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]504 data.cmd = BC_FREE_BUFFER;
505 data.buffer = (uintptr_t) reply->data0;
506 binder_write(bs, &data, sizeof(data));
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]507 reply->flags = 0;
508 }
509}
510
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]511static struct flat_binder_object *bio_alloc_obj(struct binder_io *bio)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]512{
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]513 struct flat_binder_object *obj;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]514
515 obj = bio_alloc(bio, sizeof(*obj));
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]516
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]517 if (obj && bio->offs_avail) {
518 bio->offs_avail--;
519 *bio->offs++ = ((char*) obj) - ((char*) bio->data0);
520 return obj;
521 }
522
523 bio->flags |= BIO_F_OVERFLOW;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]524 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]525}
526
527void bio_put_uint32(struct binder_io *bio, uint32_t n)
528{
529 uint32_t *ptr = bio_alloc(bio, sizeof(n));
530 if (ptr)
531 *ptr = n;
532}
533
534void bio_put_obj(struct binder_io *bio, void *ptr)
535{
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]536 struct flat_binder_object *obj;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]537
538 obj = bio_alloc_obj(bio);
539 if (!obj)
540 return;
541
542 obj->flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
Christopher Ferrisdbaa22a2017-07-27 10:38:45 -0700[diff] [blame]543 obj->hdr.type = BINDER_TYPE_BINDER;
Arve Hjønnevåg399b6c32014-01-28 21:25:12 -0800[diff] [blame]544 obj->binder = (uintptr_t)ptr;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]545 obj->cookie = 0;
546}
547
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]548void bio_put_ref(struct binder_io *bio, uint32_t handle)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]549{
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]550 struct flat_binder_object *obj;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]551
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]552 if (handle)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]553 obj = bio_alloc_obj(bio);
554 else
555 obj = bio_alloc(bio, sizeof(*obj));
556
557 if (!obj)
558 return;
559
560 obj->flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
Christopher Ferrisdbaa22a2017-07-27 10:38:45 -0700[diff] [blame]561 obj->hdr.type = BINDER_TYPE_HANDLE;
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]562 obj->handle = handle;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]563 obj->cookie = 0;
564}
565
566void bio_put_string16(struct binder_io *bio, const uint16_t *str)
567{
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]568 size_t len;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]569 uint16_t *ptr;
570
571 if (!str) {
572 bio_put_uint32(bio, 0xffffffff);
573 return;
574 }
575
576 len = 0;
577 while (str[len]) len++;
578
579 if (len >= (MAX_BIO_SIZE / sizeof(uint16_t))) {
580 bio_put_uint32(bio, 0xffffffff);
581 return;
582 }
583
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]584 /* Note: The payload will carry 32bit size instead of size_t */
585 bio_put_uint32(bio, (uint32_t) len);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]586 len = (len + 1) * sizeof(uint16_t);
587 ptr = bio_alloc(bio, len);
588 if (ptr)
589 memcpy(ptr, str, len);
590}
591
592void bio_put_string16_x(struct binder_io *bio, const char *_str)
593{
594 unsigned char *str = (unsigned char*) _str;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]595 size_t len;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]596 uint16_t *ptr;
597
598 if (!str) {
599 bio_put_uint32(bio, 0xffffffff);
600 return;
601 }
602
603 len = strlen(_str);
604
605 if (len >= (MAX_BIO_SIZE / sizeof(uint16_t))) {
606 bio_put_uint32(bio, 0xffffffff);
607 return;
608 }
609
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]610 /* Note: The payload will carry 32bit size instead of size_t */
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]611 bio_put_uint32(bio, len);
612 ptr = bio_alloc(bio, (len + 1) * sizeof(uint16_t));
613 if (!ptr)
614 return;
615
616 while (*str)
617 *ptr++ = *str++;
618 *ptr++ = 0;
619}
620
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]621static void *bio_get(struct binder_io *bio, size_t size)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]622{
623 size = (size + 3) & (~3);
624
625 if (bio->data_avail < size){
626 bio->data_avail = 0;
627 bio->flags |= BIO_F_OVERFLOW;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]628 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]629 } else {
630 void *ptr = bio->data;
631 bio->data += size;
632 bio->data_avail -= size;
633 return ptr;
634 }
635}
636
637uint32_t bio_get_uint32(struct binder_io *bio)
638{
639 uint32_t *ptr = bio_get(bio, sizeof(*ptr));
640 return ptr ? *ptr : 0;
641}
642
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]643uint16_t *bio_get_string16(struct binder_io *bio, size_t *sz)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]644{
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]645 size_t len;
646
647 /* Note: The payload will carry 32bit size instead of size_t */
648 len = (size_t) bio_get_uint32(bio);
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]649 if (sz)
650 *sz = len;
651 return bio_get(bio, (len + 1) * sizeof(uint16_t));
652}
653
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]654static struct flat_binder_object *_bio_get_obj(struct binder_io *bio)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]655{
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]656 size_t n;
657 size_t off = bio->data - bio->data0;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]658
Serban Constantinescu3a345f02013-12-19 09:11:41 +0000[diff] [blame]659 /* TODO: be smarter about this? */
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]660 for (n = 0; n < bio->offs_avail; n++) {
661 if (bio->offs[n] == off)
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]662 return bio_get(bio, sizeof(struct flat_binder_object));
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]663 }
664
665 bio->data_avail = 0;
666 bio->flags |= BIO_F_OVERFLOW;
Serban Constantinescu9b738bb2014-01-10 15:48:29 +0000[diff] [blame]667 return NULL;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]668}
669
Serban Constantinescu5fb1b882014-01-30 14:07:34 +0000[diff] [blame]670uint32_t bio_get_ref(struct binder_io *bio)
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]671{
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]672 struct flat_binder_object *obj;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]673
674 obj = _bio_get_obj(bio);
675 if (!obj)
676 return 0;
677
Christopher Ferrisdbaa22a2017-07-27 10:38:45 -0700[diff] [blame]678 if (obj->hdr.type == BINDER_TYPE_HANDLE)
Serban Constantinescubcf38882014-01-10 13:56:27 +0000[diff] [blame]679 return obj->handle;
Mike Lockwood94afecf2012-10-24 10:45:23 -0700[diff] [blame]680
681 return 0;
682}