1 /* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <binder/Common.h> 20 #include <binder/unique_fd.h> 21 #include <utils/Errors.h> 22 #include <utils/RefBase.h> 23 #include <utils/String16.h> 24 #include <utils/Vector.h> 25 26 #include <functional> 27 28 // linux/binder.h defines this, but we don't want to include it here in order to 29 // avoid exporting the kernel headers 30 #ifndef B_PACK_CHARS 31 #define B_PACK_CHARS(c1, c2, c3, c4) \ 32 ((((c1)<<24)) | (((c2)<<16)) | (((c3)<<8)) | (c4)) 33 #endif // B_PACK_CHARS 34 35 // --------------------------------------------------------------------------- 36 namespace android { 37 38 class BBinder; 39 class BpBinder; 40 class IInterface; 41 class Parcel; 42 class IResultReceiver; 43 class IShellCallback; 44 45 /** 46 * Base class and low-level protocol for a remotable object. 47 * You can derive from this class to create an object for which other 48 * processes can hold references to it. Communication between processes 49 * (method calls, property get and set) is down through a low-level 50 * protocol implemented on top of the transact() API. 51 */ 52 class [[clang::lto_visibility_public]] LIBBINDER_EXPORTED IBinder : public virtual RefBase { 53 public: 54 enum { 55 FIRST_CALL_TRANSACTION = 0x00000001, 56 LAST_CALL_TRANSACTION = 0x00ffffff, 57 58 PING_TRANSACTION = B_PACK_CHARS('_', 'P', 'N', 'G'), 59 START_RECORDING_TRANSACTION = B_PACK_CHARS('_', 'S', 'R', 'D'), 60 STOP_RECORDING_TRANSACTION = B_PACK_CHARS('_', 'E', 'R', 'D'), 61 DUMP_TRANSACTION = B_PACK_CHARS('_', 'D', 'M', 'P'), 62 SHELL_COMMAND_TRANSACTION = B_PACK_CHARS('_', 'C', 'M', 'D'), 63 INTERFACE_TRANSACTION = B_PACK_CHARS('_', 'N', 'T', 'F'), 64 SYSPROPS_TRANSACTION = B_PACK_CHARS('_', 'S', 'P', 'R'), 65 EXTENSION_TRANSACTION = B_PACK_CHARS('_', 'E', 'X', 'T'), 66 DEBUG_PID_TRANSACTION = B_PACK_CHARS('_', 'P', 'I', 'D'), 67 SET_RPC_CLIENT_TRANSACTION = B_PACK_CHARS('_', 'R', 'P', 'C'), 68 69 // See android.os.IBinder.TWEET_TRANSACTION 70 // Most importantly, messages can be anything not exceeding 130 UTF-8 71 // characters, and callees should exclaim "jolly good message old boy!" 72 TWEET_TRANSACTION = B_PACK_CHARS('_', 'T', 'W', 'T'), 73 74 // See android.os.IBinder.LIKE_TRANSACTION 75 // Improve binder self-esteem. 76 LIKE_TRANSACTION = B_PACK_CHARS('_', 'L', 'I', 'K'), 77 78 // Corresponds to TF_ONE_WAY -- an asynchronous call. 79 FLAG_ONEWAY = 0x00000001, 80 81 // Corresponds to TF_CLEAR_BUF -- clear transaction buffers after call 82 // is made 83 FLAG_CLEAR_BUF = 0x00000020, 84 85 // Private userspace flag for transaction which is being requested from 86 // a vendor context. 87 FLAG_PRIVATE_VENDOR = 0x10000000, 88 }; 89 90 IBinder(); 91 92 /** 93 * Check if this IBinder implements the interface named by 94 * @a descriptor. If it does, the base pointer to it is returned, 95 * which you can safely static_cast<> to the concrete C++ interface. 96 */ 97 virtual sp<IInterface> queryLocalInterface(const String16& descriptor); 98 99 /** 100 * Return the canonical name of the interface provided by this IBinder 101 * object. 102 */ 103 virtual const String16& getInterfaceDescriptor() const = 0; 104 105 /** 106 * Last known alive status, from last call. May be arbitrarily stale. 107 * May be incorrect if a service returns an incorrect status code. 108 */ 109 virtual bool isBinderAlive() const = 0; 110 virtual status_t pingBinder() = 0; 111 virtual status_t dump(int fd, const Vector<String16>& args) = 0; 112 static status_t shellCommand(const sp<IBinder>& target, int in, int out, int err, 113 Vector<String16>& args, const sp<IShellCallback>& callback, 114 const sp<IResultReceiver>& resultReceiver); 115 116 /** 117 * This allows someone to add their own additions to an interface without 118 * having to modify the original interface. 119 * 120 * For instance, imagine if we have this interface: 121 * interface IFoo { void doFoo(); } 122 * 123 * If an unrelated owner (perhaps in a downstream codebase) wants to make a 124 * change to the interface, they have two options: 125 * 126 * A). Historical option that has proven to be BAD! Only the original 127 * author of an interface should change an interface. If someone 128 * downstream wants additional functionality, they should not ever 129 * change the interface or use this method. 130 * 131 * BAD TO DO: interface IFoo { BAD TO DO 132 * BAD TO DO: void doFoo(); BAD TO DO 133 * BAD TO DO: + void doBar(); // adding a method BAD TO DO 134 * BAD TO DO: } BAD TO DO 135 * 136 * B). Option that this method enables! 137 * Leave the original interface unchanged (do not change IFoo!). 138 * Instead, create a new interface in a downstream package: 139 * 140 * package com.<name>; // new functionality in a new package 141 * interface IBar { void doBar(); } 142 * 143 * When registering the interface, add: 144 * sp<MyFoo> foo = new MyFoo; // class in AOSP codebase 145 * sp<MyBar> bar = new MyBar; // custom extension class 146 * foo->setExtension(bar); // use method in BBinder 147 * 148 * Then, clients of IFoo can get this extension: 149 * sp<IBinder> binder = ...; 150 * sp<IFoo> foo = interface_cast<IFoo>(binder); // handle if null 151 * sp<IBinder> barBinder; 152 * ... handle error ... = binder->getExtension(&barBinder); 153 * sp<IBar> bar = interface_cast<IBar>(barBinder); 154 * // if bar is null, then there is no extension or a different 155 * // type of extension 156 */ 157 status_t getExtension(sp<IBinder>* out); 158 159 /** 160 * Dump PID for a binder, for debugging. 161 */ 162 status_t getDebugPid(pid_t* outPid); 163 164 /** 165 * Set the RPC client fd to this binder service, for debugging. This is only available on 166 * debuggable builds. 167 * 168 * When this is called on a binder service, the service: 169 * 1. sets up RPC server 170 * 2. spawns 1 new thread that calls RpcServer::join() 171 * - join() spawns some number of threads that accept() connections; see RpcServer 172 * 173 * setRpcClientDebug() may be called multiple times. Each call will add a new RpcServer 174 * and opens up a TCP port. 175 * 176 * Note: A thread is spawned for each accept()'ed fd, which may call into functions of the 177 * interface freely. See RpcServer::join(). To avoid such race conditions, implement the service 178 * functions with multithreading support. 179 * 180 * On death of @a keepAliveBinder, the RpcServer shuts down. 181 */ 182 [[nodiscard]] status_t setRpcClientDebug(binder::unique_fd socketFd, 183 const sp<IBinder>& keepAliveBinder); 184 185 // NOLINTNEXTLINE(google-default-arguments) 186 virtual status_t transact( uint32_t code, 187 const Parcel& data, 188 Parcel* reply, 189 uint32_t flags = 0) = 0; 190 191 // DeathRecipient is pure abstract, there is no virtual method 192 // implementation to put in a translation unit in order to silence the 193 // weak vtables warning. 194 #if defined(__clang__) 195 #pragma clang diagnostic push 196 #pragma clang diagnostic ignored "-Wweak-vtables" 197 #endif 198 199 class DeathRecipient : public virtual RefBase 200 { 201 public: 202 virtual void binderDied(const wp<IBinder>& who) = 0; 203 }; 204 205 class FrozenStateChangeCallback : public virtual RefBase { 206 public: 207 enum class State { 208 FROZEN, 209 UNFROZEN, 210 }; 211 virtual void onStateChanged(const wp<IBinder>& who, State state) = 0; 212 }; 213 214 #if defined(__clang__) 215 #pragma clang diagnostic pop 216 #endif 217 218 /** 219 * Register the @a recipient for a notification if this binder 220 * goes away. If this binder object unexpectedly goes away 221 * (typically because its hosting process has been killed), 222 * then DeathRecipient::binderDied() will be called with a reference 223 * to this. 224 * 225 * The @a cookie is optional -- if non-NULL, it should be a 226 * memory address that you own (that is, you know it is unique). 227 * 228 * @note When all references to the binder being linked to are dropped, the 229 * recipient is automatically unlinked. So, you must hold onto a binder in 230 * order to receive death notifications about it. 231 * 232 * @note You will only receive death notifications for remote binders, 233 * as local binders by definition can't die without you dying as well. 234 * Trying to use this function on a local binder will result in an 235 * INVALID_OPERATION code being returned and nothing happening. 236 * 237 * @note This link always holds a weak reference to its recipient. 238 * 239 * @note You will only receive a weak reference to the dead 240 * binder. You should not try to promote this to a strong reference. 241 * (Nor should you need to, as there is nothing useful you can 242 * directly do with it now that it has passed on.) 243 */ 244 // NOLINTNEXTLINE(google-default-arguments) 245 virtual status_t linkToDeath(const sp<DeathRecipient>& recipient, 246 void* cookie = nullptr, 247 uint32_t flags = 0) = 0; 248 249 /** 250 * Remove a previously registered death notification. 251 * The @a recipient will no longer be called if this object 252 * dies. The @a cookie is optional. If non-NULL, you can 253 * supply a NULL @a recipient, and the recipient previously 254 * added with that cookie will be unlinked. 255 * 256 * If the binder is dead, this will return DEAD_OBJECT. Deleting 257 * the object will also unlink all death recipients. 258 */ 259 // NOLINTNEXTLINE(google-default-arguments) 260 virtual status_t unlinkToDeath( const wp<DeathRecipient>& recipient, 261 void* cookie = nullptr, 262 uint32_t flags = 0, 263 wp<DeathRecipient>* outRecipient = nullptr) = 0; 264 265 /** 266 * addFrozenStateChangeCallback provides a callback mechanism to notify 267 * about process frozen/unfrozen events. Upon registration and any 268 * subsequent state changes, the callback is invoked with the latest process 269 * frozen state. 270 * 271 * If the listener process (the one using this API) is itself frozen, state 272 * change events might be combined into a single one with the latest state. 273 * (meaning 'frozen, unfrozen' might just be 'unfrozen'). This single event 274 * would then be delivered when the listener process becomes unfrozen. 275 * Similarly, if an event happens before the previous event is consumed, 276 * they might be combined. This means the callback might not be called for 277 * every single state change, so don't rely on this API to count how many 278 * times the state has changed. 279 * 280 * @note When all references to the binder are dropped, the callback is 281 * automatically removed. So, you must hold onto a binder in order to 282 * receive notifications about it. 283 * 284 * @note You will only receive freeze notifications for remote binders, as 285 * local binders by definition can't be frozen without you being frozen as 286 * well. Trying to use this function on a local binder will result in an 287 * INVALID_OPERATION code being returned and nothing happening. 288 * 289 * @note This binder always holds a weak reference to the callback. 290 * 291 * @note You will only receive a weak reference to the binder object. You 292 * should not try to promote this to a strong reference. (Nor should you 293 * need to, as there is nothing useful you can directly do with it now that 294 * it has passed on.) 295 */ 296 [[nodiscard]] status_t addFrozenStateChangeCallback( 297 const wp<FrozenStateChangeCallback>& callback); 298 299 /** 300 * Remove a previously registered freeze callback. 301 * The @a callback will no longer be called if this object 302 * changes its frozen state. 303 */ 304 [[nodiscard]] status_t removeFrozenStateChangeCallback( 305 const wp<FrozenStateChangeCallback>& callback); 306 307 virtual bool checkSubclass(const void* subclassID) const; 308 309 typedef void (*object_cleanup_func)(const void* id, void* obj, void* cleanupCookie); 310 311 /** 312 * This object is attached for the lifetime of this binder object. When 313 * this binder object is destructed, the cleanup function of all attached 314 * objects are invoked with their respective objectID, object, and 315 * cleanupCookie. Access to these APIs can be made from multiple threads, 316 * but calls from different threads are allowed to be interleaved. 317 * 318 * This returns the object which is already attached. If this returns a 319 * non-null value, it means that attachObject failed (a given objectID can 320 * only be used once). 321 */ 322 [[nodiscard]] virtual void* attachObject(const void* objectID, void* object, 323 void* cleanupCookie, object_cleanup_func func) = 0; 324 /** 325 * Returns object attached with attachObject. 326 */ 327 [[nodiscard]] virtual void* findObject(const void* objectID) const = 0; 328 /** 329 * Returns object attached with attachObject, and detaches it. This does not 330 * delete the object. 331 */ 332 [[nodiscard]] virtual void* detachObject(const void* objectID) = 0; 333 334 /** 335 * Use the lock that this binder contains internally. For instance, this can 336 * be used to modify an attached object without needing to add an additional 337 * lock (though, that attached object must be retrieved before calling this 338 * method). Calling (most) IBinder methods inside this will deadlock. 339 */ 340 void withLock(const std::function<void()>& doWithLock); 341 342 virtual BBinder* localBinder(); 343 virtual BpBinder* remoteBinder(); 344 typedef sp<IBinder> (*object_make_func)(const void* makeArgs); 345 sp<IBinder> lookupOrCreateWeak(const void* objectID, object_make_func make, 346 const void* makeArgs); 347 348 protected: 349 virtual ~IBinder(); 350 351 private: 352 }; 353 354 } // namespace android 355 356 // --------------------------------------------------------------------------- 357