Commit Graph

45 Commits

Author SHA1 Message Date
Arve Hjønnevåg
4cab0fd7f7 Binder: Make sure binder objects do not overlap
Fixes crashing part of bug 11355082.
The driver still leaks references.

Change-Id: Ibc6a63b151c1fc1f7666237f25255ba781e02071
2014-02-24 15:42:13 -08:00
Arve Hjønnevåg
07fd0f195d Binder: Fix some valgrind errors.
When using 64 bit binder pointers, only initializing the 32 bit
handle, in a stack allocated struct, will pass uninitialized stack
data to the kernel and other processes.

Change-Id: I3432d9d36bb251d8ddb0a863661aeb80aabb3d92
2014-02-18 21:14:41 -08:00
Colin Cross
6f4f3ab36c binder: fix all warnings
Fix warnings related to casting pointers to ints, using %d or %ld to
print size_t/ssize_t, and unused parameters.

Change-Id: I7a13ba83d402952989c1f795cd9e880a95b98d9e
2014-02-05 17:51:10 -08:00
Arve Hjønnevåg
84e625ac1e Binder: Use 64 bit pointers in 32 processes if selected by the target
Uses new kernel header where void * has been replaced by binder_uintptr_t

Change-Id: Icfc67c2a279269f700343bd9246fd7cb94efe2c1
2014-01-31 15:51:06 -08:00
Serban Constantinescu
f683e0163a Binder: Make binder portable
Changes include
- Binder attempts to cast pointers to a int datatype
  which is not sufficient on a 64-bit platform.

- This patch introduces new read/write functions into
  Parcel that allow pointers to be written using the
  uintptr_t datatype for compile-time data type size
  selection.

-  Change access specifier for the methods above.

-  Binder uses the 64bit android_atomic_release_cas64
   (aka cmpxchg)

Change-Id: I595280541e0ba1d19c94b2ca2127bf9d96efabf1
Signed-off-by: Matthew Leach <matthew.leach@arm.com>
Signed-off-by: Serban Constantinescu <serban.constantinescu@arm.com>
2014-01-31 10:49:40 +00:00
Marco Nelissen
708cc794f6 Native counterpart of new power manager method
Cherrypicked from master.

b/9464621

Change-Id: I54c0ed50a57ac870da91db8589a73a2c792dbd8d
2013-10-25 12:50:04 -07:00
Mathias Agopian
e142428a9c Make Flattenable not virtual
Fallout from the Flattenable change, update all its uses.

Additionnaly, fix/tighten size checks when (un)flatten()ing
things.

Removed the assumption by some flattenables (e.g.: Fence)
that the size passed to them would be exact (it can
and will be larger in some cases)

The code in Parcel is a bit complicated so that we don't
have to expose the full implementation (and also to
keep the code smallish).

Change-Id: I0bf1c8aca2a3128491b4f45510bc46667e566dde
2013-07-30 21:19:13 -07:00
Jeff Brown
af0f8c0a56 am 255405eb: am 86b2ecdd: Merge "fix mem leak on error handling"
* commit '255405eb19e6a3fa7f7bb4de9b07beacdf65ece9':
  fix mem leak on error handling
2013-05-30 14:23:58 -07:00
Hyejin Kim
3f727c0ea3 fix mem leak on error handling
Change-Id: I40d8e371c46184aa701fa676246201a9d8f6e27d
2013-05-28 18:39:02 -07:00
Mathias Agopian
002e1e58df libutils clean-up
Change-Id: I6ff4cfc736751de2912c697f954e45e275f2d386
2013-05-07 18:28:11 -07:00
Douglas Leung
cc1a4bb1e1 [MIPS] Avoid unaligned load/store for 64-bit doubles.
Change-Id: Iefdcac8742f23fef31f63730b48698fc4205c3ad
Signed-off-by: Douglas Leung <douglas@mips.com>
2013-01-17 13:03:43 -08:00
Magnus Strandberg
1ba24574b2 Aligning native Parcel implementation to Java.
The Java implementation of writing the RPC response header
calculates the length of the header including the 4 bytes
specifying the header length but the native implementation
excludes the 4 bytes specifying the length from the header
length.
The native implementation has been aligned to the Java impl.

Change-Id: I325bf272a63152d8fded4cf4e51a906b5a9bfe19
2012-06-08 08:29:01 -07:00
Steve Block
e6f43ddce7 Rename (IF_)LOGE(_IF) to (IF_)ALOGE(_IF) DO NOT MERGE
See https://android-git.corp.google.com/g/#/c/157220

Bug: 5449033
Change-Id: Ic9c19d30693bd56755f55906127cd6bd7126096c
2012-01-08 13:19:13 +00:00
Steve Block
32397c1cd3 Rename (IF_)LOGW(_IF) to (IF_)ALOGW(_IF) DO NOT MERGE
See https://android-git.corp.google.com/g/157065

Bug: 5449033
Change-Id: I00a4b904f9449e6f93b7fd35eac28640d7929e69
2012-01-06 10:07:54 +00:00
Steve Block
a19954ab37 Rename (IF_)LOGI(_IF) to (IF_)ALOGI(_IF) DO NOT MERGE
See https://android-git.corp.google.com/g/156801

Bug: 5449033
Change-Id: Ib08fe86d23db91ee153e9f91a99a35c42b9208ea
2012-01-04 20:05:49 +00:00
Steve Block
9d45368352 Rename (IF_)LOGD(_IF) to (IF_)ALOGD(_IF) DO NOT MERGE
See https://android-git.corp.google.com/g/156016

Bug: 5449033
Change-Id: I4c4e33bb9df3e39e11cd985e193e6fbab4635298
2012-01-03 22:38:27 +00:00
Jeff Brown
d341c7178f Fix possible leak in Parcel::writeDupFileDescriptor.
Also, check the result of dup() just in case we got EMFILE
or something.

Change-Id: I18e627bd84f4c7941813fe1c2bad2cdd9e5afa83
2011-11-07 12:22:39 -08:00
Jeff Brown
c17f56fdf1 am 88061d6b: am 5462bc63: Fix a leak in Parcel::writeBlob.
* commit '88061d6b38cfb4bf374039846b753a3b21ac61e1':
  Fix a leak in Parcel::writeBlob.
2011-11-07 15:51:31 +00:00
Jeff Brown
93ff1f985e Fix a leak in Parcel::writeBlob.
Was mistakenly assuming that Parcel::writeFileDescriptor took
ownership of the fd that was passed in.  It does not!
Added some comments and a default parameter to allow the caller
to specify whether it wishes the Parcel to take ownership.

Bug: 5563374
Change-Id: I5a12f51d582bf246ce90133cce7690bb9bca93f6
2011-11-04 19:26:03 -07:00
Steve Block
6807e59e0f Rename (IF_)LOGV(_IF) to (IF_)ALOGV(_IF) DO NOT MERGE
See https://android-git.corp.google.com/g/#/c/143865

Bug: 5449033
Change-Id: I0122812ed6ff6f5b59fe4a43ab8bff0577adde0a
2011-10-26 09:57:54 +01:00
Steve Block
9f760150f6 Rename (IF_)LOG() to (IF_)ALOG() DO NOT MERGE
See https://android-git.corp.google.com/g/#/c/141576

Bug: 5449033
Change-Id: I42575e7c29cf1c0f465c357a5c97ab118df6f473
2011-10-25 16:28:24 +01:00
Jeff Brown
ec4e0063a1 Use ashmem for CursorWindows.
Bug: 5332296

The memory dealer introduces additional delays for reclaiming
the memory owned by CursorWindows because the Binder object must
be finalized.  Using ashmem instead gives CursorWindow more
direct control over the lifetime of the shared memory region.

The provider now allocates the CursorWindows and returns them
to clients with a read-only protection bit set on the ashmem
region.

Improved the encapsulation of CursorWindow.  Callers shouldn't
need to care about details like how string fields are allocated.

Removed the compile-time configuration of string and numeric
storage modes to remove some dead weight.

Change-Id: I07c2bc2a9c573d7e435dcaecd269d25ea9807acd
2011-10-11 11:03:19 -07:00
Dianne Hackborn
7746cc3188 Fix handling of "allow fds" state.
Didn't take into account nesting of bundles.  Boo.

Change-Id: Ic8cf21ad8d6f4938a3e105128624c9d162310d01
2011-10-03 21:09:35 -07:00
Jeff Brown
5707dbf15d Transfer large bitmaps using ashmem.
Bug: 5224703

Change-Id: If385a66adf4c6179a0bb49c0e6d09a9567e23808
2011-10-03 17:28:13 -07:00
Dianne Hackborn
8938ed2c8e Add mechanism for Parcel to not allow FDs to be written to it.
This is to help implement issue #5224703.

Change-Id: I026a5890495537d15b57fe61227a640aac806d46
2011-10-03 16:58:41 -07:00
Bart Sears
8acda78034 Revert "Transfer large bitmaps using ashmem. Bug: 5224703"
This reverts commit 56c58f66b97d22fe7e7de1f7d9548bcbe1973029

This CL was causing the browser to crash when adding bookmarks, visiting the bookmarks page, and sharing pages (see bug http://b/issue?id=5369231
2011-09-25 14:30:21 -07:00
Jeff Brown
f4c1088d75 Transfer large bitmaps using ashmem.
Bug: 5224703

Change-Id: Ic7481dd9f173986f085a8bbdcc59bbe9830d7a44
2011-09-23 21:20:47 -07:00
Andreas Huber
6e9eb7453f Merge "Parcel::appendFrom({const } Parcel *parcel, size_t, size_t)" 2011-04-18 08:12:36 -07:00
Dianne Hackborn
97e2bcd760 Rewrite battery history storage.
We now write battery history directly into a buffer, instead of
creating objects.  This allows for more efficient storage; later
it can be even better because we can only write deltas.

The old code is still there temporarily for validation.

Change-Id: I9707d4d8ff30855be8ebdc93bc078911040d8e0b
2011-04-14 10:57:22 -07:00
Andreas Huber
51faf46e29 Parcel::appendFrom({const } Parcel *parcel, size_t, size_t)
As far as I can tell "parcel" isn't actually modified by the implementation.

Change-Id: Ib806eefdc13c97b932773e1dc9ca3a4aad4422b2
2011-04-13 10:21:56 -07:00
Pravat Dalbehera
d1dff8d4d4 Fix for writing empty strings to Parcel::writeString8()
If writeString8 is called with the following sequence:

 writeString8(String8(""));
 writeString8(String8("TempString"));

Then in the readString8, the 2nd String i.e. "TempString" is not read,
instead an empty string is read.

The bug comes because of the write call for String8("") where there are
no String bytes present. In the write Statement, an extra ‘\0’ is
written. During the Marshalling, Following bytes are written:

1        2         3        4       5   ...
0x0      0x0       0xB      ‘T’     ‘e’  ...

The readString8 function has a check that, if String length is 0, don’t
read anything. So the first byte is read as the length for the first
string. The second byte i.e. ‘\0’ is read as the length for the second
string and hence the second string becomes empty too.

Change-Id: Id7acc0c80ae16e77be4331f1ddf69ea87e758420
2010-12-22 12:57:31 +01:00
Brad Fitzpatrick
5273603e98 Don't propagate StrictMode over one-way Binder calls.
This was causing stack stitching problems where a one-way call with
violations followed by a two-way call without violations was getting
the previous one-way call's violation stack stitched on to the second
caller's stack.

The solution is a little more indirect than I would've liked
(preserving the binder's onTransact flags until enforceInterface) but
was seemingly necessary to work without changing the AIDL compiler.
It should also be sufficiently cheap, since no new calls to
thread-local IPCThreadState lookups were required.  The additional
work is just same-thread getter/setters on the existing
IPCThreadState.

Change-Id: I4b6db1d445c56e868e6d0d7be3ba6849f4ef23ae
2010-08-31 13:16:49 -07:00
Brad Fitzpatrick
70081a1511 Replace several IPCThreadState::get() lookups with one.
Also, make StrictMode's ThreadLocal final.

Change-Id: I08d400ed254fa67bb7a3dae1227f205a54c00df0
2010-07-27 12:28:57 -07:00
Brad Fitzpatrick
d36f4a5f13 StrictMode: gather and return violating stacks in Binder replies
Now, when Thread A has a strict mode policy in effect and does a
Binder call to Thread B (most likely in another process), the strict
mode policy is passed along, but with the GATHER penalty bit set which
overrides other policies and instead gathers all offending stack
traces to a threadlocal which are then written back in the Parcel's
reply header.

Change-Id: I7d4497032a0609b37b1a2a15855f5c929ba0584d
2010-07-15 13:18:05 -07:00
Brad Fitzpatrick
a877cd85b5 More StrictMode work, keeping Binder & BlockGuard's thread-locals in-sync.
Change-Id: Ia67cabcc17a73a0f15907ffea683d06bc41b90e5
2010-07-15 13:18:05 -07:00
Brad Fitzpatrick
837a0d0fb2 Add Parcel::readExceptionCode() and Parcel::writeNoException()
Add native Parcel methods analogous to the Java versions.

Currently, these don't do much, but upcoming StrictMode work changes
the RPC calling conventions in some cases, so it's important that
everybody uses these consistently, rather than having a lot of code
trying to parse RPC responses out of Parcels themselves.

As a summary, the current convention that Java Binder services use is
to prepend the reply Parcel with an int32 signaling the exception
status:

     0: no exception
     -1: Security exception
     -2: Bad Parcelable
     -3: ...
     -4: ...
     -5: ...

... followed by Parceled String if the exception code is non-zero.

With an upcoming change, it'll be the case that a response Parcel can,
non-exceptionally return rich data in the header, and also return data
to the caller.  The important thing to note in this new case is that
the first int32 in the reply parcel *will not be zero*, so anybody
manually checking for it with reply.readInt32() will get false
negative failures.

Short summary: If you're calling into a Java service and manually
checking the exception status with reply.readInt32(), change it to
reply.readExceptionCode().

Change-Id: I23f9a0e53a8cfbbd9759242cfde16723641afe04
2010-07-13 15:45:18 -07:00
Brad Fitzpatrick
702ea9d42f Start of work on passing around StrictMode policy over Binder calls.
This is (intendend to be) a no-op change.

At this stage, Binder RPCs just have an additional uint32 passed around
in the header, right before the interface name.  But nothing is actually
done with them yet.  That value should right now always be 0.

This now boots and seems to work.

Change-Id: I135b7c84f07575e6b9717fef2424d301a450df7b
2010-06-21 12:56:35 -07:00
Mathias Agopian
98e71ddaed remove a dependency of GraphicBuffer (libui) on Parcel (libbinder).
Add a Flattenable interface to libutils which can be used to flatten
an object into bytestream + filedescriptor stream.
Parcel is modified to handle Flattenable. And GraphicBuffer implements
Flattenable.

Except for the overlay classes libui is now independent of libbinder.
2010-02-21 23:27:25 -08:00
Andreas Huber
84a6d041e2 Support for marshalling pointers / intptr_t in Parcel.
Some refactoring to eliminate code duplication in Parcel implementation.
2009-08-17 15:31:25 -07:00
Mathias Agopian
1d0a95b12a don't crash in Parcel when given a null (and therfore invalid) native_handle_t 2009-07-31 16:18:16 -07:00
Mathias Agopian
83c0446f27 some work to try to reduce the code size of some native libraries
- make sure that all binder Bn classes define a ctor and dtor in their respective library.
  This avoids duplication of the ctor/dtor in libraries where these objects are instantiated.
  This is also cleaner, should we want these ctor/dtor to do something one day.

- same change as above for some Bp classes and various other non-binder classes

- moved the definition of CHECK_INTERFACE() in IInterface.h instead of having it everywhere.

- improved the CHECK_INTERFACE() macro so it calls a single method in Parcel, instead of inlining its code everywhere

- IBinder::getInterfaceDescriptor() now returns a "const String16&" instead of String16, which saves calls to String16 and ~String16

- implemented a cache for BpBinder::getInterfaceDescriptor(), since this does an IPC. HOWEVER, this method never seems to be called.
  The cache makes BpBinder bigger, so we need to figure out if we need this method at all.
2009-05-26 16:12:20 -07:00
Android (Google) Code Review
4e97f8c62f am d50a458b: Merge change 2351 into donut
Merge commit 'd50a458bb291801ab9fdc119301bc7b84b42a6e3'

* commit 'd50a458bb291801ab9fdc119301bc7b84b42a6e3':
  Fix a major bug in Bundle when unparcelling from AIDL.
2009-05-22 14:53:18 -07:00
Mathias Agopian
a47f02afb1 change 2115 wasn't merged properly into master. this fixes that.
Merge change 2115 into donut

* changes:
  bring the native_handle stuff back from master_gl

Conflicts:

	libs/binder/Parcel.cpp
2009-05-21 16:29:38 -07:00
Mathias Agopian
c5b2c0bf80 move libbinder's header files under includes/binder 2009-05-20 12:55:03 -07:00
Mathias Agopian
208059f67e checkpoint: split libutils into libutils + libbinder 2009-05-20 12:55:02 -07:00