1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <android/binder_ibinder.h> 20 #include "ibinder_internal.h" 21 22 #include <atomic> 23 #include <mutex> 24 #include <vector> 25 26 #include <binder/Binder.h> 27 #include <binder/IBinder.h> 28 #include <utils/Vector.h> 29 30 inline bool isUserCommand(transaction_code_t code) { 31 return code >= FIRST_CALL_TRANSACTION && code <= LAST_CALL_TRANSACTION; 32 } 33 34 struct ABBinder; 35 struct ABpBinder; 36 37 struct AIBinder : public virtual ::android::RefBase { 38 explicit AIBinder(const AIBinder_Class* clazz); 39 virtual ~AIBinder(); 40 41 bool associateClass(const AIBinder_Class* clazz); 42 const AIBinder_Class* getClass() const { return mClazz; } 43 44 virtual ::android::sp<::android::IBinder> getBinder() = 0; 45 virtual ABBinder* asABBinder() { return nullptr; } 46 virtual ABpBinder* asABpBinder() { return nullptr; } 47 48 bool isRemote() const { 49 ::android::sp<::android::IBinder> binder = const_cast<AIBinder*>(this)->getBinder(); 50 return binder->remoteBinder() != nullptr; 51 } 52 53 private: 54 // AIBinder instance is instance of this class for a local object. In order to transact on a 55 // remote object, this also must be set for simplicity (although right now, only the 56 // interfaceDescriptor from it is used). 57 const AIBinder_Class* mClazz; 58 }; 59 60 // This is a local AIBinder object with a known class. 61 struct ABBinder : public AIBinder, public ::android::BBinder { 62 virtual ~ABBinder(); 63 64 void* getUserData() { return mUserData; } 65 66 ::android::sp<::android::IBinder> getBinder() override { return this; } 67 ABBinder* asABBinder() override { return this; } 68 69 const ::android::String16& getInterfaceDescriptor() const override; 70 ::android::status_t dump(int fd, const ::android::Vector<::android::String16>& args) override; 71 ::android::status_t onTransact(uint32_t code, const ::android::Parcel& data, 72 ::android::Parcel* reply, binder_flags_t flags) override; 73 74 private: 75 ABBinder(const AIBinder_Class* clazz, void* userData); 76 77 // only thing that should create an ABBinder 78 friend AIBinder* AIBinder_new(const AIBinder_Class*, void*); 79 80 // Can contain implementation if this is a local binder. This can still be nullptr for a local 81 // binder. If it is nullptr, the implication is the implementation state is entirely external to 82 // this object and the functionality provided in the AIBinder_Class is sufficient. 83 void* mUserData; 84 }; 85 86 // This binder object may be remote or local (even though it is 'Bp'). The implication if it is 87 // local is that it is an IBinder object created outside of the domain of libbinder_ndk. 88 struct ABpBinder : public AIBinder, public ::android::BpRefBase { 89 // Looks up to see if this object has or is an existing ABBinder or ABpBinder object, otherwise 90 // it creates an ABpBinder object. 91 static ::android::sp<AIBinder> lookupOrCreateFromBinder( 92 const ::android::sp<::android::IBinder>& binder); 93 94 virtual ~ABpBinder(); 95 96 void onLastStrongRef(const void* id) override; 97 98 ::android::sp<::android::IBinder> getBinder() override { return remote(); } 99 ABpBinder* asABpBinder() override { return this; } 100 101 private: 102 explicit ABpBinder(const ::android::sp<::android::IBinder>& binder); 103 }; 104 105 struct AIBinder_Class { 106 AIBinder_Class(const char* interfaceDescriptor, AIBinder_Class_onCreate onCreate, 107 AIBinder_Class_onDestroy onDestroy, AIBinder_Class_onTransact onTransact); 108 109 const ::android::String16& getInterfaceDescriptor() const { return mInterfaceDescriptor; } 110 111 // required to be non-null, implemented for every class 112 const AIBinder_Class_onCreate onCreate; 113 const AIBinder_Class_onDestroy onDestroy; 114 const AIBinder_Class_onTransact onTransact; 115 116 // optional methods for a class 117 AIBinder_onDump onDump; 118 119 private: 120 // This must be a String16 since BBinder virtual getInterfaceDescriptor returns a reference to 121 // one. 122 const ::android::String16 mInterfaceDescriptor; 123 }; 124 125 // Ownership is like this (when linked to death): 126 // 127 // AIBinder_DeathRecipient -sp-> TransferDeathRecipient <-wp-> IBinder 128 // 129 // When the AIBinder_DeathRecipient is dropped, so are the actual underlying death recipients. When 130 // the IBinder dies, only a wp to it is kept. 131 struct AIBinder_DeathRecipient : ::android::RefBase { 132 // One of these is created for every linkToDeath. This is to be able to recover data when a 133 // binderDied receipt only gives us information about the IBinder. 134 struct TransferDeathRecipient : ::android::IBinder::DeathRecipient { 135 TransferDeathRecipient(const ::android::wp<::android::IBinder>& who, void* cookie, 136 const ::android::wp<AIBinder_DeathRecipient>& parentRecipient, 137 const AIBinder_DeathRecipient_onBinderDied onDied) 138 : mWho(who), mCookie(cookie), mParentRecipient(parentRecipient), mOnDied(onDied) {} 139 140 void binderDied(const ::android::wp<::android::IBinder>& who) override; 141 142 const ::android::wp<::android::IBinder>& getWho() { return mWho; } 143 void* getCookie() { return mCookie; } 144 145 private: 146 ::android::wp<::android::IBinder> mWho; 147 void* mCookie; 148 149 ::android::wp<AIBinder_DeathRecipient> mParentRecipient; 150 151 // This is kept separately from AIBinder_DeathRecipient in case the death recipient is 152 // deleted while the death notification is fired 153 const AIBinder_DeathRecipient_onBinderDied mOnDied; 154 }; 155 156 explicit AIBinder_DeathRecipient(AIBinder_DeathRecipient_onBinderDied onDied); 157 binder_status_t linkToDeath(::android::sp<::android::IBinder>, void* cookie); 158 binder_status_t unlinkToDeath(::android::sp<::android::IBinder> binder, void* cookie); 159 160 private: 161 // When the user of this API deletes a Bp object but not the death recipient, the 162 // TransferDeathRecipient object can't be cleaned up. This is called whenever a new 163 // TransferDeathRecipient is linked, and it ensures that mDeathRecipients can't grow unbounded. 164 void pruneDeadTransferEntriesLocked(); 165 166 std::mutex mDeathRecipientsMutex; 167 std::vector<::android::sp<TransferDeathRecipient>> mDeathRecipients; 168 AIBinder_DeathRecipient_onBinderDied mOnDied; 169 }; 170
