1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#define LOG_TAG "IMemory" 18 19#include <stdint.h> 20#include <stdio.h> 21#include <stdlib.h> 22#include <fcntl.h> 23#include <unistd.h> 24 25#include <sys/types.h> 26#include <sys/mman.h> 27 28#include <binder/IMemory.h> 29#include <utils/KeyedVector.h> 30#include <utils/threads.h> 31#include <utils/Atomic.h> 32#include <binder/Parcel.h> 33#include <utils/CallStack.h> 34 35#define VERBOSE 0 36 37namespace android { 38// --------------------------------------------------------------------------- 39 40class HeapCache : public IBinder::DeathRecipient 41{ 42public: 43 HeapCache(); 44 virtual ~HeapCache(); 45 46 virtual void binderDied(const wp<IBinder>& who); 47 48 sp<IMemoryHeap> find_heap(const sp<IBinder>& binder); 49 void free_heap(const sp<IBinder>& binder); 50 sp<IMemoryHeap> get_heap(const sp<IBinder>& binder); 51 void dump_heaps(); 52 53private: 54 // For IMemory.cpp 55 struct heap_info_t { 56 sp<IMemoryHeap> heap; 57 int32_t count; 58 }; 59 60 void free_heap(const wp<IBinder>& binder); 61 62 Mutex mHeapCacheLock; 63 KeyedVector< wp<IBinder>, heap_info_t > mHeapCache; 64}; 65 66static sp<HeapCache> gHeapCache = new HeapCache(); 67 68/******************************************************************************/ 69 70enum { 71 HEAP_ID = IBinder::FIRST_CALL_TRANSACTION 72}; 73 74class BpMemoryHeap : public BpInterface<IMemoryHeap> 75{ 76public: 77 BpMemoryHeap(const sp<IBinder>& impl); 78 virtual ~BpMemoryHeap(); 79 80 virtual int getHeapID() const; 81 virtual void* getBase() const; 82 virtual size_t getSize() const; 83 virtual uint32_t getFlags() const; 84 virtual uint32_t getOffset() const; 85 86private: 87 friend class IMemory; 88 friend class HeapCache; 89 90 // for debugging in this module 91 static inline sp<IMemoryHeap> find_heap(const sp<IBinder>& binder) { 92 return gHeapCache->find_heap(binder); 93 } 94 static inline void free_heap(const sp<IBinder>& binder) { 95 gHeapCache->free_heap(binder); 96 } 97 static inline sp<IMemoryHeap> get_heap(const sp<IBinder>& binder) { 98 return gHeapCache->get_heap(binder); 99 } 100 static inline void dump_heaps() { 101 gHeapCache->dump_heaps(); 102 } 103 104 void assertMapped() const; 105 void assertReallyMapped() const; 106 107 mutable volatile int32_t mHeapId; 108 mutable void* mBase; 109 mutable size_t mSize; 110 mutable uint32_t mFlags; 111 mutable uint32_t mOffset; 112 mutable bool mRealHeap; 113 mutable Mutex mLock; 114}; 115 116// ---------------------------------------------------------------------------- 117 118enum { 119 GET_MEMORY = IBinder::FIRST_CALL_TRANSACTION 120}; 121 122class BpMemory : public BpInterface<IMemory> 123{ 124public: 125 BpMemory(const sp<IBinder>& impl); 126 virtual ~BpMemory(); 127 virtual sp<IMemoryHeap> getMemory(ssize_t* offset=0, size_t* size=0) const; 128 129private: 130 mutable sp<IMemoryHeap> mHeap; 131 mutable ssize_t mOffset; 132 mutable size_t mSize; 133}; 134 135/******************************************************************************/ 136 137void* IMemory::fastPointer(const sp<IBinder>& binder, ssize_t offset) const 138{ 139 sp<IMemoryHeap> realHeap = BpMemoryHeap::get_heap(binder); 140 void* const base = realHeap->base(); 141 if (base == MAP_FAILED) 142 return 0; 143 return static_cast<char*>(base) + offset; 144} 145 146void* IMemory::pointer() const { 147 ssize_t offset; 148 sp<IMemoryHeap> heap = getMemory(&offset); 149 void* const base = heap!=0 ? heap->base() : MAP_FAILED; 150 if (base == MAP_FAILED) 151 return 0; 152 return static_cast<char*>(base) + offset; 153} 154 155size_t IMemory::size() const { 156 size_t size; 157 getMemory(NULL, &size); 158 return size; 159} 160 161ssize_t IMemory::offset() const { 162 ssize_t offset; 163 getMemory(&offset); 164 return offset; 165} 166 167/******************************************************************************/ 168 169BpMemory::BpMemory(const sp<IBinder>& impl) 170 : BpInterface<IMemory>(impl), mOffset(0), mSize(0) 171{ 172} 173 174BpMemory::~BpMemory() 175{ 176} 177 178sp<IMemoryHeap> BpMemory::getMemory(ssize_t* offset, size_t* size) const 179{ 180 if (mHeap == 0) { 181 Parcel data, reply; 182 data.writeInterfaceToken(IMemory::getInterfaceDescriptor()); 183 if (remote()->transact(GET_MEMORY, data, &reply) == NO_ERROR) { 184 sp<IBinder> heap = reply.readStrongBinder(); 185 ssize_t o = reply.readInt32(); 186 size_t s = reply.readInt32(); 187 if (heap != 0) { 188 mHeap = interface_cast<IMemoryHeap>(heap); 189 if (mHeap != 0) { 190 mOffset = o; 191 mSize = s; 192 } 193 } 194 } 195 } 196 if (offset) *offset = mOffset; 197 if (size) *size = mSize; 198 return mHeap; 199} 200 201// --------------------------------------------------------------------------- 202 203IMPLEMENT_META_INTERFACE(Memory, "android.utils.IMemory"); 204 205BnMemory::BnMemory() { 206} 207 208BnMemory::~BnMemory() { 209} 210 211status_t BnMemory::onTransact( 212 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) 213{ 214 switch(code) { 215 case GET_MEMORY: { 216 CHECK_INTERFACE(IMemory, data, reply); 217 ssize_t offset; 218 size_t size; 219 reply->writeStrongBinder( IInterface::asBinder(getMemory(&offset, &size)) ); 220 reply->writeInt32(offset); 221 reply->writeInt32(size); 222 return NO_ERROR; 223 } break; 224 default: 225 return BBinder::onTransact(code, data, reply, flags); 226 } 227} 228 229 230/******************************************************************************/ 231 232BpMemoryHeap::BpMemoryHeap(const sp<IBinder>& impl) 233 : BpInterface<IMemoryHeap>(impl), 234 mHeapId(-1), mBase(MAP_FAILED), mSize(0), mFlags(0), mOffset(0), mRealHeap(false) 235{ 236} 237 238BpMemoryHeap::~BpMemoryHeap() { 239 if (mHeapId != -1) { 240 close(mHeapId); 241 if (mRealHeap) { 242 // by construction we're the last one 243 if (mBase != MAP_FAILED) { 244 sp<IBinder> binder = IInterface::asBinder(this); 245 246 if (VERBOSE) { 247 ALOGD("UNMAPPING binder=%p, heap=%p, size=%zu, fd=%d", 248 binder.get(), this, mSize, mHeapId); 249 CallStack stack(LOG_TAG); 250 } 251 252 munmap(mBase, mSize); 253 } 254 } else { 255 // remove from list only if it was mapped before 256 sp<IBinder> binder = IInterface::asBinder(this); 257 free_heap(binder); 258 } 259 } 260} 261 262void BpMemoryHeap::assertMapped() const 263{ 264 if (mHeapId == -1) { 265 sp<IBinder> binder(IInterface::asBinder(const_cast<BpMemoryHeap*>(this))); 266 sp<BpMemoryHeap> heap(static_cast<BpMemoryHeap*>(find_heap(binder).get())); 267 heap->assertReallyMapped(); 268 if (heap->mBase != MAP_FAILED) { 269 Mutex::Autolock _l(mLock); 270 if (mHeapId == -1) { 271 mBase = heap->mBase; 272 mSize = heap->mSize; 273 mOffset = heap->mOffset; 274 android_atomic_write( dup( heap->mHeapId ), &mHeapId ); 275 } 276 } else { 277 // something went wrong 278 free_heap(binder); 279 } 280 } 281} 282 283void BpMemoryHeap::assertReallyMapped() const 284{ 285 if (mHeapId == -1) { 286 287 // remote call without mLock held, worse case scenario, we end up 288 // calling transact() from multiple threads, but that's not a problem, 289 // only mmap below must be in the critical section. 290 291 Parcel data, reply; 292 data.writeInterfaceToken(IMemoryHeap::getInterfaceDescriptor()); 293 status_t err = remote()->transact(HEAP_ID, data, &reply); 294 int parcel_fd = reply.readFileDescriptor(); 295 ssize_t size = reply.readInt32(); 296 uint32_t flags = reply.readInt32(); 297 uint32_t offset = reply.readInt32(); 298 299 ALOGE_IF(err, "binder=%p transaction failed fd=%d, size=%zd, err=%d (%s)", 300 IInterface::asBinder(this).get(), 301 parcel_fd, size, err, strerror(-err)); 302 303 int fd = dup( parcel_fd ); 304 ALOGE_IF(fd==-1, "cannot dup fd=%d, size=%zd, err=%d (%s)", 305 parcel_fd, size, err, strerror(errno)); 306 307 int access = PROT_READ; 308 if (!(flags & READ_ONLY)) { 309 access |= PROT_WRITE; 310 } 311 312 Mutex::Autolock _l(mLock); 313 if (mHeapId == -1) { 314 mRealHeap = true; 315 mBase = mmap(0, size, access, MAP_SHARED, fd, offset); 316 if (mBase == MAP_FAILED) { 317 ALOGE("cannot map BpMemoryHeap (binder=%p), size=%zd, fd=%d (%s)", 318 IInterface::asBinder(this).get(), size, fd, strerror(errno)); 319 close(fd); 320 } else { 321 mSize = size; 322 mFlags = flags; 323 mOffset = offset; 324 android_atomic_write(fd, &mHeapId); 325 } 326 } 327 } 328} 329 330int BpMemoryHeap::getHeapID() const { 331 assertMapped(); 332 return mHeapId; 333} 334 335void* BpMemoryHeap::getBase() const { 336 assertMapped(); 337 return mBase; 338} 339 340size_t BpMemoryHeap::getSize() const { 341 assertMapped(); 342 return mSize; 343} 344 345uint32_t BpMemoryHeap::getFlags() const { 346 assertMapped(); 347 return mFlags; 348} 349 350uint32_t BpMemoryHeap::getOffset() const { 351 assertMapped(); 352 return mOffset; 353} 354 355// --------------------------------------------------------------------------- 356 357IMPLEMENT_META_INTERFACE(MemoryHeap, "android.utils.IMemoryHeap"); 358 359BnMemoryHeap::BnMemoryHeap() { 360} 361 362BnMemoryHeap::~BnMemoryHeap() { 363} 364 365status_t BnMemoryHeap::onTransact( 366 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) 367{ 368 switch(code) { 369 case HEAP_ID: { 370 CHECK_INTERFACE(IMemoryHeap, data, reply); 371 reply->writeFileDescriptor(getHeapID()); 372 reply->writeInt32(getSize()); 373 reply->writeInt32(getFlags()); 374 reply->writeInt32(getOffset()); 375 return NO_ERROR; 376 } break; 377 default: 378 return BBinder::onTransact(code, data, reply, flags); 379 } 380} 381 382/*****************************************************************************/ 383 384HeapCache::HeapCache() 385 : DeathRecipient() 386{ 387} 388 389HeapCache::~HeapCache() 390{ 391} 392 393void HeapCache::binderDied(const wp<IBinder>& binder) 394{ 395 //ALOGD("binderDied binder=%p", binder.unsafe_get()); 396 free_heap(binder); 397} 398 399sp<IMemoryHeap> HeapCache::find_heap(const sp<IBinder>& binder) 400{ 401 Mutex::Autolock _l(mHeapCacheLock); 402 ssize_t i = mHeapCache.indexOfKey(binder); 403 if (i>=0) { 404 heap_info_t& info = mHeapCache.editValueAt(i); 405 ALOGD_IF(VERBOSE, 406 "found binder=%p, heap=%p, size=%zu, fd=%d, count=%d", 407 binder.get(), info.heap.get(), 408 static_cast<BpMemoryHeap*>(info.heap.get())->mSize, 409 static_cast<BpMemoryHeap*>(info.heap.get())->mHeapId, 410 info.count); 411 android_atomic_inc(&info.count); 412 return info.heap; 413 } else { 414 heap_info_t info; 415 info.heap = interface_cast<IMemoryHeap>(binder); 416 info.count = 1; 417 //ALOGD("adding binder=%p, heap=%p, count=%d", 418 // binder.get(), info.heap.get(), info.count); 419 mHeapCache.add(binder, info); 420 return info.heap; 421 } 422} 423 424void HeapCache::free_heap(const sp<IBinder>& binder) { 425 free_heap( wp<IBinder>(binder) ); 426} 427 428void HeapCache::free_heap(const wp<IBinder>& binder) 429{ 430 sp<IMemoryHeap> rel; 431 { 432 Mutex::Autolock _l(mHeapCacheLock); 433 ssize_t i = mHeapCache.indexOfKey(binder); 434 if (i>=0) { 435 heap_info_t& info(mHeapCache.editValueAt(i)); 436 int32_t c = android_atomic_dec(&info.count); 437 if (c == 1) { 438 ALOGD_IF(VERBOSE, 439 "removing binder=%p, heap=%p, size=%zu, fd=%d, count=%d", 440 binder.unsafe_get(), info.heap.get(), 441 static_cast<BpMemoryHeap*>(info.heap.get())->mSize, 442 static_cast<BpMemoryHeap*>(info.heap.get())->mHeapId, 443 info.count); 444 rel = mHeapCache.valueAt(i).heap; 445 mHeapCache.removeItemsAt(i); 446 } 447 } else { 448 ALOGE("free_heap binder=%p not found!!!", binder.unsafe_get()); 449 } 450 } 451} 452 453sp<IMemoryHeap> HeapCache::get_heap(const sp<IBinder>& binder) 454{ 455 sp<IMemoryHeap> realHeap; 456 Mutex::Autolock _l(mHeapCacheLock); 457 ssize_t i = mHeapCache.indexOfKey(binder); 458 if (i>=0) realHeap = mHeapCache.valueAt(i).heap; 459 else realHeap = interface_cast<IMemoryHeap>(binder); 460 return realHeap; 461} 462 463void HeapCache::dump_heaps() 464{ 465 Mutex::Autolock _l(mHeapCacheLock); 466 int c = mHeapCache.size(); 467 for (int i=0 ; i<c ; i++) { 468 const heap_info_t& info = mHeapCache.valueAt(i); 469 BpMemoryHeap const* h(static_cast<BpMemoryHeap const *>(info.heap.get())); 470 ALOGD("hey=%p, heap=%p, count=%d, (fd=%d, base=%p, size=%zu)", 471 mHeapCache.keyAt(i).unsafe_get(), 472 info.heap.get(), info.count, 473 h->mHeapId, h->mBase, h->mSize); 474 } 475} 476 477 478// --------------------------------------------------------------------------- 479}; // namespace android 480