1 /*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define LOG_TAG "HidlServiceManagement"
18
19 #ifdef __ANDROID__
20 #include <android/api-level.h>
21 #include <android/dlext.h>
22 #endif // __ANDROID__
23
24 #include <condition_variable>
25 #include <dlfcn.h>
26 #include <dirent.h>
27 #include <fstream>
28 #include <pthread.h>
29 #include <unistd.h>
30
31 #include <mutex>
32 #include <regex>
33 #include <set>
34
35 #include <hidl/HidlBinderSupport.h>
36 #include <hidl/HidlInternal.h>
37 #include <hidl/HidlTransportUtils.h>
38 #include <hidl/ServiceManagement.h>
39 #include <hidl/Status.h>
40 #include <utils/SystemClock.h>
41
42 #include <android-base/file.h>
43 #include <android-base/logging.h>
44 #include <android-base/parseint.h>
45 #include <android-base/properties.h>
46 #include <android-base/stringprintf.h>
47 #include <android-base/strings.h>
48 #include <hwbinder/HidlSupport.h>
49 #include <hwbinder/IPCThreadState.h>
50 #include <hwbinder/Parcel.h>
51 #if !defined(__ANDROID_RECOVERY__) && defined(__ANDROID__)
52 #include <vndksupport/linker.h>
53 #endif
54
55 #include <android/hidl/manager/1.2/BnHwServiceManager.h>
56 #include <android/hidl/manager/1.2/BpHwServiceManager.h>
57 #include <android/hidl/manager/1.2/IServiceManager.h>
58
59 using ::android::hidl::base::V1_0::IBase;
60 using IServiceManager1_0 = android::hidl::manager::V1_0::IServiceManager;
61 using IServiceManager1_1 = android::hidl::manager::V1_1::IServiceManager;
62 using IServiceManager1_2 = android::hidl::manager::V1_2::IServiceManager;
63 using ::android::hidl::manager::V1_0::IServiceNotification;
64 using ::android::hidl::manager::V1_2::IClientCallback;
65
66 namespace android {
67 namespace hardware {
68
69 #if defined(__ANDROID_RECOVERY__)
70 static constexpr bool kIsRecovery = true;
71 #else
72 static constexpr bool kIsRecovery = false;
73 #endif
74
isHidlSupported()75 bool isHidlSupported() {
76 return isHwbinderSupportedBlocking();
77 }
78
binaryName()79 static std::string binaryName() {
80 std::ifstream ifs("/proc/self/cmdline");
81 std::string cmdline;
82 if (!ifs) {
83 return "";
84 }
85 ifs >> cmdline;
86
87 size_t idx = cmdline.rfind('/');
88 if (idx != std::string::npos) {
89 cmdline = cmdline.substr(idx + 1);
90 }
91
92 return cmdline;
93 }
94
packageWithoutVersion(const std::string & packageAndVersion)95 static std::string packageWithoutVersion(const std::string& packageAndVersion) {
96 size_t at = packageAndVersion.find('@');
97 if (at == std::string::npos) return packageAndVersion;
98 return packageAndVersion.substr(0, at);
99 }
100
tryShortenProcessName(const std::string & descriptor)101 __attribute__((noinline)) static void tryShortenProcessName(const std::string& descriptor) {
102 const static std::string kTasks = "/proc/self/task/";
103
104 // make sure that this binary name is in the same package
105 std::string processName = binaryName();
106
107 // e.x. android.hardware.foo is this package
108 if (!base::StartsWith(packageWithoutVersion(processName), packageWithoutVersion(descriptor))) {
109 return;
110 }
111
112 // e.x. android.hardware.module.foo@1.2::IFoo -> foo@1.2
113 size_t lastDot = descriptor.rfind('.');
114 if (lastDot == std::string::npos) return;
115 size_t secondDot = descriptor.rfind('.', lastDot - 1);
116 if (secondDot == std::string::npos) return;
117
118 std::string newName = processName.substr(secondDot + 1, std::string::npos);
119 ALOGI("Removing namespace from process name %s to %s.", processName.c_str(), newName.c_str());
120
121 std::unique_ptr<DIR, decltype(&closedir)> dir(opendir(kTasks.c_str()), closedir);
122 if (dir == nullptr) return;
123
124 dirent* dp;
125 while ((dp = readdir(dir.get())) != nullptr) {
126 if (dp->d_type != DT_DIR) continue;
127 if (dp->d_name[0] == '.') continue;
128
129 std::fstream fs(kTasks + dp->d_name + "/comm");
130 if (!fs) {
131 ALOGI("Could not rename process, failed read comm for %s.", dp->d_name);
132 continue;
133 }
134
135 std::string oldComm;
136 if (!(fs >> oldComm)) continue;
137
138 // don't rename if it already has an explicit name
139 if (base::StartsWith(descriptor, oldComm)) {
140 if (!fs.seekg(0, fs.beg)) continue;
141 fs << newName;
142 }
143 }
144 }
145
146 namespace details {
147
148 #ifdef ENFORCE_VINTF_MANIFEST
149 static constexpr bool kEnforceVintfManifest = true;
150 #else
151 static constexpr bool kEnforceVintfManifest = false;
152 #endif
153
getTrebleTestingOverridePtr()154 static bool* getTrebleTestingOverridePtr() {
155 static bool gTrebleTestingOverride = false;
156 return &gTrebleTestingOverride;
157 }
158
setTrebleTestingOverride(bool testingOverride)159 void setTrebleTestingOverride(bool testingOverride) {
160 *getTrebleTestingOverridePtr() = testingOverride;
161 }
162
isDebuggable()163 static bool isDebuggable() {
164 static bool debuggable = base::GetBoolProperty("ro.debuggable", false);
165 return debuggable;
166 }
167
isTrebleTestingOverride()168 static inline bool isTrebleTestingOverride() {
169 // return false early so we don't need to check the debuggable property
170 if (!*getTrebleTestingOverridePtr()) return false;
171
172 if (kEnforceVintfManifest && !isDebuggable()) {
173 // don't allow testing override in production
174 return false;
175 }
176
177 return true;
178 }
179
onRegistrationImpl(const std::string & descriptor,const std::string & instanceName)180 static void onRegistrationImpl(const std::string& descriptor, const std::string& instanceName) {
181 LOG(INFO) << "Registered " << descriptor << "/" << instanceName;
182 tryShortenProcessName(descriptor);
183 }
184
185 // only used by prebuilts - should be able to remove
onRegistration(const std::string & packageName,const std::string & interfaceName,const std::string & instanceName)186 void onRegistration(const std::string& packageName, const std::string& interfaceName,
187 const std::string& instanceName) {
188 return onRegistrationImpl(packageName + "::" + interfaceName, instanceName);
189 }
190
191 } // details
192
defaultServiceManager()193 sp<IServiceManager1_0> defaultServiceManager() {
194 return defaultServiceManager1_2();
195 }
defaultServiceManager1_1()196 sp<IServiceManager1_1> defaultServiceManager1_1() {
197 return defaultServiceManager1_2();
198 }
isServiceManager(const hidl_string & fqName)199 static bool isServiceManager(const hidl_string& fqName) {
200 return fqName == IServiceManager1_0::descriptor || fqName == IServiceManager1_1::descriptor ||
201 fqName == IServiceManager1_2::descriptor;
202 }
203
204 /*
205 * A replacement for hwservicemanager when it is not installed on a device.
206 *
207 * Clients in the framework need to continue supporting HIDL services through
208 * hwservicemanager for upgrading devices. Being unable to get an instance of
209 * hardware service manager is a hard error, so this implementation is returned
210 * to be able service the requests and tell clients there are no services
211 * registered.
212 */
213 struct NoHwServiceManager : public IServiceManager1_2, hidl_death_recipient {
getandroid::hardware::NoHwServiceManager214 Return<sp<IBase>> get(const hidl_string& fqName, const hidl_string&) override {
215 sp<IBase> ret = nullptr;
216
217 if (isServiceManager(fqName)) {
218 ret = defaultServiceManager1_2();
219 }
220 return ret;
221 }
222
addandroid::hardware::NoHwServiceManager223 Return<bool> add(const hidl_string& name, const sp<IBase>& /* service */) override {
224 LOG(INFO) << "Cannot add " << name << " without hwservicemanager";
225 return false;
226 }
227
getTransportandroid::hardware::NoHwServiceManager228 Return<Transport> getTransport(const hidl_string& fqName, const hidl_string& name) {
229 // We pretend like IServiceManager is declared for
230 // IServiceManager::getService to return this NoHwServiceManager
231 // instance
232 if (isServiceManager(fqName)) {
233 return Transport::HWBINDER;
234 }
235 LOG(INFO) << "Trying to get transport of " << fqName << "/" << name
236 << " without hwservicemanager";
237 return Transport::EMPTY;
238 }
239
listandroid::hardware::NoHwServiceManager240 Return<void> list(list_cb _hidl_cb) override {
241 _hidl_cb({});
242 LOG(INFO) << "Cannot list all services without hwservicemanager";
243 return Void();
244 }
listByInterfaceandroid::hardware::NoHwServiceManager245 Return<void> listByInterface(const hidl_string& fqName, listByInterface_cb _hidl_cb) override {
246 _hidl_cb({});
247 LOG(INFO) << "Cannot list service " << fqName << " without hwservicemanager";
248 return Void();
249 }
250
serviceDiedandroid::hardware::NoHwServiceManager251 void serviceDied(uint64_t /* cookie */, const wp<IBase>& who) override {
252 sp<IBase> promoted = who.promote();
253 if (promoted) {
254 bool removed = false;
255 for (auto [name, callbacks] : mServiceNotifications) {
256 for (auto it = callbacks.begin(); it != callbacks.end();) {
257 if (interfacesEqual(*it, promoted)) {
258 callbacks.erase(it);
259 removed = true;
260 }
261 it++;
262 }
263 if (removed) return;
264 }
265 }
266 LOG(ERROR) << "Could not find a registered callback for a service who died. "
267 << "Service pointer: " << who.promote().get();
268 }
269
registerForNotificationsandroid::hardware::NoHwServiceManager270 Return<bool> registerForNotifications(const hidl_string& fqName, const hidl_string& name,
271 const sp<IServiceNotification>& callback) override {
272 LOG(INFO) << "Will not get any notifications for " << fqName << "/" << name
273 << " without hwservicemanager but keeping the callback.";
274 if (callback == nullptr) {
275 LOG(ERROR) << "Cannot register a null callback for " << fqName << "/" << name;
276 return false;
277 }
278 bool ret = callback->linkToDeath(this, 0);
279 if (!ret) {
280 LOG(ERROR) << "Failed to register death recipient for " << fqName << "/" << name;
281 return false;
282 }
283
284 auto [it, inserted] = mServiceNotifications[static_cast<std::string>(fqName) + "/" +
285 static_cast<std::string>(name)]
286 .insert(callback);
287 if (!inserted) {
288 LOG(WARNING) << "This callback for " << fqName << "/" << name
289 << " was already registered so "
290 << "we are not keeping a reference to this one.";
291 return false;
292 }
293 return true;
294 }
295
debugDumpandroid::hardware::NoHwServiceManager296 Return<void> debugDump(debugDump_cb _hidl_cb) override {
297 _hidl_cb({});
298 return Void();
299 }
300
registerPassthroughClientandroid::hardware::NoHwServiceManager301 Return<void> registerPassthroughClient(const hidl_string& fqName,
302 const hidl_string& name) override {
303 LOG(INFO) << "This process is a client of " << fqName << "/" << name
304 << " passthrough HAL, but it won't show up in lshal because hwservicemanager is "
305 "not installed";
306 return Void();
307 }
308
unregisterForNotificationsandroid::hardware::NoHwServiceManager309 Return<bool> unregisterForNotifications(const hidl_string& fqName, const hidl_string& name,
310 const sp<IServiceNotification>& callback) override {
311 auto ret = mServiceNotifications[static_cast<std::string>(fqName) + "/" +
312 static_cast<std::string>(name)]
313 .erase(callback);
314 if (!ret) {
315 LOG(WARNING) << "This callback for " << fqName << "/" << name << " was not previously "
316 << "registered so there is nothing to do.";
317 return false;
318 }
319 return true;
320 }
321
registerClientCallbackandroid::hardware::NoHwServiceManager322 Return<bool> registerClientCallback(const hidl_string& fqName, const hidl_string& name,
323 const sp<IBase>&, const sp<IClientCallback>&) {
324 LOG(INFO) << "Cannot add client callback for " << fqName << "/" << name
325 << " without hwservicemanager";
326 return false;
327 }
unregisterClientCallbackandroid::hardware::NoHwServiceManager328 Return<bool> unregisterClientCallback(const sp<IBase>&, const sp<IClientCallback>&) {
329 LOG(INFO) << "Cannot unregister client callbacks without hwservicemanager";
330 return false;
331 }
addWithChainandroid::hardware::NoHwServiceManager332 Return<bool> addWithChain(const hidl_string& fqName, const sp<IBase>&,
333 const hidl_vec<hidl_string>&) {
334 LOG(INFO) << "Cannot add " << fqName << " with chain without hwservicemanager";
335 return false;
336 }
listManifestByInterfaceandroid::hardware::NoHwServiceManager337 Return<void> listManifestByInterface(const hidl_string& fqName, listManifestByInterface_cb) {
338 LOG(INFO) << "Cannot list manifest for " << fqName << " without hwservicemanager";
339 return Void();
340 }
tryUnregisterandroid::hardware::NoHwServiceManager341 Return<bool> tryUnregister(const hidl_string& fqName, const hidl_string& name,
342 const sp<IBase>&) {
343 LOG(INFO) << "Cannot unregister service " << fqName << "/" << name
344 << " without hwservicemanager";
345 return false;
346 }
347
348 private:
349 std::map<std::string, std::set<sp<IServiceNotification>>> mServiceNotifications;
350 };
351
defaultServiceManager1_2()352 sp<IServiceManager1_2> defaultServiceManager1_2() {
353 using android::hidl::manager::V1_2::BnHwServiceManager;
354 using android::hidl::manager::V1_2::BpHwServiceManager;
355
356 static std::mutex& gDefaultServiceManagerLock = *new std::mutex;
357 static sp<IServiceManager1_2>& gDefaultServiceManager = *new sp<IServiceManager1_2>;
358
359 {
360 std::lock_guard<std::mutex> _l(gDefaultServiceManagerLock);
361 if (gDefaultServiceManager != nullptr) {
362 return gDefaultServiceManager;
363 }
364
365 if (access("/dev/hwbinder", F_OK|R_OK|W_OK) != 0) {
366 // HwBinder not available on this device or not accessible to
367 // this process.
368 return nullptr;
369 }
370
371 if (!isHidlSupported()) {
372 // hwservicemanager is not available on this device.
373 LOG(WARNING) << "hwservicemanager is not supported on the device.";
374 gDefaultServiceManager = sp<NoHwServiceManager>::make();
375 return gDefaultServiceManager;
376 }
377
378 while (gDefaultServiceManager == nullptr) {
379 gDefaultServiceManager =
380 fromBinder<IServiceManager1_2, BpHwServiceManager, BnHwServiceManager>(
381 ProcessState::self()->getContextObject(nullptr));
382 if (gDefaultServiceManager == nullptr) {
383 LOG(ERROR) << "Waited for hwservicemanager, but got nullptr.";
384 sleep(1);
385 }
386 }
387 }
388
389 return gDefaultServiceManager;
390 }
391
findFiles(const std::string & path,const std::string & prefix,const std::string & suffix)392 static std::vector<std::string> findFiles(const std::string& path, const std::string& prefix,
393 const std::string& suffix) {
394 std::unique_ptr<DIR, decltype(&closedir)> dir(opendir(path.c_str()), closedir);
395 if (!dir) return {};
396
397 std::vector<std::string> results{};
398
399 dirent* dp;
400 while ((dp = readdir(dir.get())) != nullptr) {
401 std::string name = dp->d_name;
402
403 if (base::StartsWith(name, prefix) && base::EndsWith(name, suffix)) {
404 results.push_back(name);
405 }
406 }
407
408 return results;
409 }
410
matchPackageName(const std::string & lib,std::string * matchedName,std::string * implName)411 static bool matchPackageName(const std::string& lib, std::string* matchedName,
412 std::string* implName) {
413 #define RE_COMPONENT "[a-zA-Z_][a-zA-Z_0-9]*"
414 #define RE_PATH RE_COMPONENT "(?:[.]" RE_COMPONENT ")*"
415 static const std::regex gLibraryFileNamePattern("(" RE_PATH "@[0-9]+[.][0-9]+)-impl(.*?).so");
416 #undef RE_PATH
417 #undef RE_COMPONENT
418
419 std::smatch match;
420 if (std::regex_match(lib, match, gLibraryFileNamePattern)) {
421 *matchedName = match.str(1) + "::I*";
422 *implName = match.str(2);
423 return true;
424 }
425 return false;
426 }
427
registerReference(const hidl_string & interfaceName,const hidl_string & instanceName)428 static void registerReference(const hidl_string &interfaceName, const hidl_string &instanceName) {
429 if (kIsRecovery) {
430 // No hwservicemanager in recovery.
431 return;
432 }
433
434 sp<IServiceManager1_0> binderizedManager = defaultServiceManager();
435 if (binderizedManager == nullptr) {
436 LOG(WARNING) << "Could not registerReference for "
437 << interfaceName << "/" << instanceName
438 << ": null binderized manager.";
439 return;
440 }
441 auto ret = binderizedManager->registerPassthroughClient(interfaceName, instanceName);
442 if (!ret.isOk()) {
443 LOG(WARNING) << "Could not registerReference for "
444 << interfaceName << "/" << instanceName
445 << ": " << ret.description();
446 return;
447 }
448 LOG(VERBOSE) << "Successfully registerReference for "
449 << interfaceName << "/" << instanceName;
450 }
451
452 using InstanceDebugInfo = hidl::manager::V1_0::IServiceManager::InstanceDebugInfo;
fetchPidsForPassthroughLibraries(std::map<std::string,InstanceDebugInfo> * infos)453 static inline void fetchPidsForPassthroughLibraries(
454 std::map<std::string, InstanceDebugInfo>* infos) {
455 static const std::string proc = "/proc/";
456
457 std::map<std::string, std::set<pid_t>> pids;
458 std::unique_ptr<DIR, decltype(&closedir)> dir(opendir(proc.c_str()), closedir);
459 if (!dir) return;
460 dirent* dp;
461 while ((dp = readdir(dir.get())) != nullptr) {
462 pid_t pid = strtoll(dp->d_name, nullptr, 0);
463 if (pid == 0) continue;
464 std::string mapsPath = proc + dp->d_name + "/maps";
465 std::ifstream ifs{mapsPath};
466 if (!ifs.is_open()) continue;
467
468 for (std::string line; std::getline(ifs, line);) {
469 // The last token of line should look like
470 // vendor/lib64/hw/android.hardware.foo@1.0-impl-extra.so
471 // Use some simple filters to ignore bad lines before extracting libFileName
472 // and checking the key in info to make parsing faster.
473 if (line.back() != 'o') continue;
474 if (line.rfind('@') == std::string::npos) continue;
475
476 auto spacePos = line.rfind(' ');
477 if (spacePos == std::string::npos) continue;
478 auto libFileName = line.substr(spacePos + 1);
479 auto it = infos->find(libFileName);
480 if (it == infos->end()) continue;
481 pids[libFileName].insert(pid);
482 }
483 }
484 for (auto& pair : *infos) {
485 pair.second.clientPids =
486 std::vector<pid_t>{pids[pair.first].begin(), pids[pair.first].end()};
487 }
488 }
489
490 struct PassthroughServiceManager : IServiceManager1_1 {
openLibsandroid::hardware::PassthroughServiceManager491 static void openLibs(
492 const std::string& fqName,
493 const std::function<bool /* continue */ (void* /* handle */, const std::string& /* lib */,
494 const std::string& /* sym */)>& eachLib) {
495 //fqName looks like android.hardware.foo@1.0::IFoo
496 size_t idx = fqName.find("::");
497
498 if (idx == std::string::npos ||
499 idx + strlen("::") + 1 >= fqName.size()) {
500 LOG(ERROR) << "Invalid interface name passthrough lookup: " << fqName;
501 return;
502 }
503
504 std::string packageAndVersion = fqName.substr(0, idx);
505 std::string ifaceName = fqName.substr(idx + strlen("::"));
506
507 const std::string prefix = packageAndVersion + "-impl";
508 const std::string sym = "HIDL_FETCH_" + ifaceName;
509
510 constexpr int dlMode = RTLD_LAZY;
511 void* handle = nullptr;
512
513 dlerror(); // clear
514
515 static std::string halLibPathVndkSp = details::getVndkSpHwPath();
516 std::vector<std::string> paths = {
517 HAL_LIBRARY_PATH_ODM, HAL_LIBRARY_PATH_VENDOR, halLibPathVndkSp,
518 #ifndef __ANDROID_VNDK__
519 HAL_LIBRARY_PATH_SYSTEM,
520 #endif
521 };
522
523 if (details::isTrebleTestingOverride()) {
524 // Load HAL implementations that are statically linked
525 handle = dlopen(nullptr, dlMode);
526 if (handle == nullptr) {
527 const char* error = dlerror();
528 LOG(ERROR) << "Failed to dlopen self: "
529 << (error == nullptr ? "unknown error" : error);
530 } else if (!eachLib(handle, "SELF", sym)) {
531 return;
532 }
533 }
534
535 for (const std::string& path : paths) {
536 std::vector<std::string> libs = findFiles(path, prefix, ".so");
537
538 for (const std::string &lib : libs) {
539 const std::string fullPath = path + lib;
540
541 if (kIsRecovery || path == HAL_LIBRARY_PATH_SYSTEM) {
542 handle = dlopen(fullPath.c_str(), dlMode);
543 } else {
544 #if !defined(__ANDROID_RECOVERY__) && defined(__ANDROID__)
545 handle = android_load_sphal_library(fullPath.c_str(), dlMode);
546 #endif
547 }
548
549 if (handle == nullptr) {
550 const char* error = dlerror();
551 LOG(ERROR) << "Failed to dlopen " << lib << ": "
552 << (error == nullptr ? "unknown error" : error);
553 continue;
554 }
555
556 if (!eachLib(handle, lib, sym)) {
557 return;
558 }
559 }
560 }
561 }
562
getandroid::hardware::PassthroughServiceManager563 Return<sp<IBase>> get(const hidl_string& fqName,
564 const hidl_string& name) override {
565 sp<IBase> ret = nullptr;
566 // This is required to run without hwservicemanager while we have
567 // passthrough HIDL services. Once the passthrough HIDL services have
568 // been removed, the PassthroughServiceManager will no longer be needed.
569 if (!isHidlSupported() && isServiceManager(fqName)) {
570 return defaultServiceManager1_2();
571 }
572
573 openLibs(fqName, [&](void* handle, const std::string &lib, const std::string &sym) {
574 IBase* (*generator)(const char* name);
575 *(void **)(&generator) = dlsym(handle, sym.c_str());
576 if(!generator) {
577 const char* error = dlerror();
578 LOG(ERROR) << "Passthrough lookup opened " << lib << " but could not find symbol "
579 << sym << ": " << (error == nullptr ? "unknown error" : error)
580 << ". Keeping library open.";
581
582 // dlclose too problematic in multi-threaded environment
583 // dlclose(handle);
584
585 return true; // continue
586 }
587
588 ret = (*generator)(name.c_str());
589
590 if (ret == nullptr) {
591 LOG(ERROR) << "Could not find instance '" << name.c_str() << "' in library " << lib
592 << ". Keeping library open.";
593
594 // dlclose too problematic in multi-threaded environment
595 // dlclose(handle);
596
597 // this module doesn't provide this particular instance
598 return true; // continue
599 }
600
601 // Actual fqname might be a subclass.
602 // This assumption is tested in vts_treble_vintf_test
603 using ::android::hardware::details::getDescriptor;
604 std::string actualFqName = getDescriptor(ret.get());
605 CHECK(actualFqName.size() > 0);
606 registerReference(actualFqName, name);
607 return false;
608 });
609
610 return ret;
611 }
612
addandroid::hardware::PassthroughServiceManager613 Return<bool> add(const hidl_string& /* name */,
614 const sp<IBase>& /* service */) override {
615 LOG(FATAL) << "Cannot register services with passthrough service manager.";
616 return false;
617 }
618
getTransportandroid::hardware::PassthroughServiceManager619 Return<Transport> getTransport(const hidl_string& /* fqName */,
620 const hidl_string& /* name */) {
621 LOG(FATAL) << "Cannot getTransport with passthrough service manager.";
622 return Transport::EMPTY;
623 }
624
listandroid::hardware::PassthroughServiceManager625 Return<void> list(list_cb /* _hidl_cb */) override {
626 LOG(FATAL) << "Cannot list services with passthrough service manager.";
627 return Void();
628 }
listByInterfaceandroid::hardware::PassthroughServiceManager629 Return<void> listByInterface(const hidl_string& /* fqInstanceName */,
630 listByInterface_cb /* _hidl_cb */) override {
631 // TODO: add this functionality
632 LOG(FATAL) << "Cannot list services with passthrough service manager.";
633 return Void();
634 }
635
registerForNotificationsandroid::hardware::PassthroughServiceManager636 Return<bool> registerForNotifications(const hidl_string& /* fqName */,
637 const hidl_string& /* name */,
638 const sp<IServiceNotification>& /* callback */) override {
639 // This makes no sense.
640 LOG(FATAL) << "Cannot register for notifications with passthrough service manager.";
641 return false;
642 }
643
debugDumpandroid::hardware::PassthroughServiceManager644 Return<void> debugDump(debugDump_cb _hidl_cb) override {
645 using Arch = ::android::hidl::base::V1_0::DebugInfo::Architecture;
646 using std::literals::string_literals::operator""s;
647 static std::string halLibPathVndkSp64 = details::getVndkSpHwPath("lib64");
648 static std::string halLibPathVndkSp32 = details::getVndkSpHwPath("lib");
649 static std::vector<std::pair<Arch, std::vector<const char*>>> sAllPaths{
650 {Arch::IS_64BIT,
651 {
652 HAL_LIBRARY_PATH_ODM_64BIT, HAL_LIBRARY_PATH_VENDOR_64BIT,
653 halLibPathVndkSp64.c_str(),
654 #ifndef __ANDROID_VNDK__
655 HAL_LIBRARY_PATH_SYSTEM_64BIT,
656 #endif
657 }},
658 {Arch::IS_32BIT,
659 {
660 HAL_LIBRARY_PATH_ODM_32BIT, HAL_LIBRARY_PATH_VENDOR_32BIT,
661 halLibPathVndkSp32.c_str(),
662 #ifndef __ANDROID_VNDK__
663 HAL_LIBRARY_PATH_SYSTEM_32BIT,
664 #endif
665 }}};
666 std::map<std::string, InstanceDebugInfo> map;
667 for (const auto &pair : sAllPaths) {
668 Arch arch = pair.first;
669 for (const auto &path : pair.second) {
670 std::vector<std::string> libs = findFiles(path, "", ".so");
671 for (const std::string &lib : libs) {
672 std::string matchedName;
673 std::string implName;
674 if (matchPackageName(lib, &matchedName, &implName)) {
675 std::string instanceName{"* ("s + path + ")"s};
676 if (!implName.empty()) instanceName += " ("s + implName + ")"s;
677 map.emplace(path + lib, InstanceDebugInfo{.interfaceName = matchedName,
678 .instanceName = instanceName,
679 .clientPids = {},
680 .arch = arch});
681 }
682 }
683 }
684 }
685 fetchPidsForPassthroughLibraries(&map);
686 hidl_vec<InstanceDebugInfo> vec;
687 vec.resize(map.size());
688 size_t idx = 0;
689 for (auto&& pair : map) {
690 vec[idx++] = std::move(pair.second);
691 }
692 _hidl_cb(vec);
693 return Void();
694 }
695
registerPassthroughClientandroid::hardware::PassthroughServiceManager696 Return<void> registerPassthroughClient(const hidl_string &, const hidl_string &) override {
697 // This makes no sense.
698 LOG(FATAL) << "Cannot call registerPassthroughClient on passthrough service manager. "
699 << "Call it on defaultServiceManager() instead.";
700 return Void();
701 }
702
unregisterForNotificationsandroid::hardware::PassthroughServiceManager703 Return<bool> unregisterForNotifications(const hidl_string& /* fqName */,
704 const hidl_string& /* name */,
705 const sp<IServiceNotification>& /* callback */) override {
706 // This makes no sense.
707 LOG(FATAL) << "Cannot unregister for notifications with passthrough service manager.";
708 return false;
709 }
710
711 };
712
getPassthroughServiceManager()713 sp<IServiceManager1_0> getPassthroughServiceManager() {
714 return getPassthroughServiceManager1_1();
715 }
getPassthroughServiceManager1_1()716 sp<IServiceManager1_1> getPassthroughServiceManager1_1() {
717 static sp<PassthroughServiceManager> manager(new PassthroughServiceManager());
718 return manager;
719 }
720
getAllHalInstanceNames(const std::string & descriptor)721 std::vector<std::string> getAllHalInstanceNames(const std::string& descriptor) {
722 std::vector<std::string> ret;
723 auto sm = defaultServiceManager1_2();
724 sm->listManifestByInterface(descriptor, [&](const auto& instances) {
725 ret.reserve(instances.size());
726 for (const auto& i : instances) {
727 ret.push_back(i);
728 }
729 });
730 return ret;
731 }
732
733 namespace details {
734
preloadPassthroughService(const std::string & descriptor)735 void preloadPassthroughService(const std::string &descriptor) {
736 PassthroughServiceManager::openLibs(descriptor,
737 [&](void* /* handle */, const std::string& /* lib */, const std::string& /* sym */) {
738 // do nothing
739 return true; // open all libs
740 });
741 }
742
743 struct Waiter : IServiceNotification {
Waiterandroid::hardware::details::Waiter744 Waiter(const std::string& interface, const std::string& instanceName,
745 const sp<IServiceManager1_1>& sm) : mInterfaceName(interface),
746 mInstanceName(instanceName), mSm(sm) {
747 }
748
onFirstRefandroid::hardware::details::Waiter749 void onFirstRef() override {
750 // If this process only has one binder thread, and we're calling wait() from
751 // that thread, it will block forever because we hung up the one and only
752 // binder thread on a condition variable that can only be notified by an
753 // incoming binder call.
754 if (IPCThreadState::self()->isOnlyBinderThread()) {
755 LOG(WARNING) << "Can't efficiently wait for " << mInterfaceName << "/"
756 << mInstanceName << ", because we are called from "
757 << "the only binder thread in this process.";
758 return;
759 }
760
761 Return<bool> ret = mSm->registerForNotifications(mInterfaceName, mInstanceName, this);
762
763 if (!ret.isOk()) {
764 LOG(ERROR) << "Transport error, " << ret.description()
765 << ", during notification registration for " << mInterfaceName << "/"
766 << mInstanceName << ".";
767 return;
768 }
769
770 if (!ret) {
771 LOG(ERROR) << "Could not register for notifications for " << mInterfaceName << "/"
772 << mInstanceName << ".";
773 return;
774 }
775
776 mRegisteredForNotifications = true;
777 }
778
~Waiterandroid::hardware::details::Waiter779 ~Waiter() {
780 if (!mDoneCalled) {
781 LOG(FATAL)
782 << "Waiter still registered for notifications, call done() before dropping ref!";
783 }
784 }
785
onRegistrationandroid::hardware::details::Waiter786 Return<void> onRegistration(const hidl_string& /* fqName */,
787 const hidl_string& /* name */,
788 bool /* preexisting */) override {
789 std::unique_lock<std::mutex> lock(mMutex);
790 if (mRegistered) {
791 return Void();
792 }
793 mRegistered = true;
794 lock.unlock();
795
796 mCondition.notify_one();
797 return Void();
798 }
799
waitandroid::hardware::details::Waiter800 void wait(bool timeout) {
801 using std::literals::chrono_literals::operator""s;
802
803 if (!mRegisteredForNotifications) {
804 // As an alternative, just sleep for a second and return
805 LOG(WARNING) << "Waiting one second for " << mInterfaceName << "/" << mInstanceName;
806 sleep(1);
807 return;
808 }
809
810 std::unique_lock<std::mutex> lock(mMutex);
811 do {
812 mCondition.wait_for(lock, 1s, [this]{
813 return mRegistered;
814 });
815
816 if (mRegistered) {
817 break;
818 }
819
820 LOG(WARNING) << "Waited one second for " << mInterfaceName << "/" << mInstanceName;
821 } while (!timeout);
822 }
823
824 // Be careful when using this; after calling reset(), you must always try to retrieve
825 // the corresponding service before blocking on the waiter; otherwise, you might run
826 // into a race-condition where the service has just (re-)registered, you clear the state
827 // here, and subsequently calling waiter->wait() will block forever.
resetandroid::hardware::details::Waiter828 void reset() {
829 std::unique_lock<std::mutex> lock(mMutex);
830 mRegistered = false;
831 }
832
833 // done() must be called before dropping the last strong ref to the Waiter, to make
834 // sure we can properly unregister with hwservicemanager.
doneandroid::hardware::details::Waiter835 void done() {
836 if (mRegisteredForNotifications) {
837 if (!mSm->unregisterForNotifications(mInterfaceName, mInstanceName, this)
838 .withDefault(false)) {
839 LOG(ERROR) << "Could not unregister service notification for " << mInterfaceName
840 << "/" << mInstanceName << ".";
841 } else {
842 mRegisteredForNotifications = false;
843 }
844 }
845 mDoneCalled = true;
846 }
847
848 private:
849 const std::string mInterfaceName;
850 const std::string mInstanceName;
851 sp<IServiceManager1_1> mSm;
852 std::mutex mMutex;
853 std::condition_variable mCondition;
854 bool mRegistered = false;
855 bool mRegisteredForNotifications = false;
856 bool mDoneCalled = false;
857 };
858
waitForHwService(const std::string & interface,const std::string & instanceName)859 void waitForHwService(
860 const std::string &interface, const std::string &instanceName) {
861 sp<Waiter> waiter = new Waiter(interface, instanceName, defaultServiceManager1_1());
862 waiter->wait(false /* timeout */);
863 waiter->done();
864 }
865
866 // Prints relevant error/warning messages for error return values from
867 // details::canCastInterface(), both transaction errors (!castReturn.isOk())
868 // as well as actual cast failures (castReturn.isOk() && castReturn = false).
869 // Returns 'true' if the error is non-fatal and it's useful to retry
handleCastError(const Return<bool> & castReturn,const std::string & descriptor,const std::string & instance)870 bool handleCastError(const Return<bool>& castReturn, const std::string& descriptor,
871 const std::string& instance) {
872 if (castReturn.isOk()) {
873 if (castReturn) {
874 details::logAlwaysFatal("Successful cast value passed into handleCastError.");
875 }
876 // This should never happen, and there's not really a point in retrying.
877 ALOGE("getService: received incompatible service (bug in hwservicemanager?) for "
878 "%s/%s.", descriptor.c_str(), instance.c_str());
879 return false;
880 }
881 if (castReturn.isDeadObject()) {
882 ALOGW("getService: found dead hwbinder service for %s/%s.", descriptor.c_str(),
883 instance.c_str());
884 return true;
885 }
886 // This can happen due to:
887 // 1) No SELinux permissions
888 // 2) Other transaction failure (no buffer space, kernel error)
889 // The first isn't recoverable, but the second is.
890 // Since we can't yet differentiate between the two, and clients depend
891 // on us not blocking in case 1), treat this as a fatal error for now.
892 ALOGW("getService: unable to call into hwbinder service for %s/%s.",
893 descriptor.c_str(), instance.c_str());
894 return false;
895 }
896
getRawServiceInternal(const std::string & descriptor,const std::string & instance,bool retry,bool getStub)897 sp<::android::hidl::base::V1_0::IBase> getRawServiceInternal(const std::string& descriptor,
898 const std::string& instance,
899 bool retry, bool getStub) {
900 using Transport = IServiceManager1_0::Transport;
901 sp<Waiter> waiter;
902
903 sp<IServiceManager1_1> sm;
904 Transport transport = Transport::EMPTY;
905 if (kIsRecovery) {
906 transport = Transport::PASSTHROUGH;
907 } else {
908 sm = defaultServiceManager1_1();
909 if (sm == nullptr) {
910 ALOGE("getService: defaultServiceManager() is null");
911 return nullptr;
912 }
913
914 Return<Transport> transportRet = sm->getTransport(descriptor, instance);
915
916 if (!transportRet.isOk()) {
917 ALOGE("getService: defaultServiceManager()->getTransport returns %s",
918 transportRet.description().c_str());
919 return nullptr;
920 }
921 transport = transportRet;
922 }
923
924 const bool vintfHwbinder = (transport == Transport::HWBINDER);
925 const bool vintfPassthru = (transport == Transport::PASSTHROUGH);
926 const bool trebleTestingOverride = isTrebleTestingOverride();
927 const bool allowLegacy = !kEnforceVintfManifest || (trebleTestingOverride && isDebuggable());
928 const bool vintfLegacy = (transport == Transport::EMPTY) && allowLegacy;
929
930 if (!kEnforceVintfManifest) {
931 ALOGE("getService: Potential race detected. The VINTF manifest is not being enforced. If "
932 "a HAL server has a delay in starting and it is not in the manifest, it will not be "
933 "retrieved. Please make sure all HALs on this device are in the VINTF manifest and "
934 "enable PRODUCT_ENFORCE_VINTF_MANIFEST on this device (this is also enabled by "
935 "PRODUCT_FULL_TREBLE). PRODUCT_ENFORCE_VINTF_MANIFEST will ensure that no race "
936 "condition is possible here.");
937 sleep(1);
938 }
939
940 for (int tries = 0; !getStub && (vintfHwbinder || vintfLegacy); tries++) {
941 if (waiter == nullptr && tries > 0) {
942 waiter = new Waiter(descriptor, instance, sm);
943 }
944 if (waiter != nullptr) {
945 waiter->reset(); // don't reorder this -- see comments on reset()
946 }
947 Return<sp<IBase>> ret = sm->get(descriptor, instance);
948 if (!ret.isOk()) {
949 ALOGE("getService: defaultServiceManager()->get returns %s for %s/%s.",
950 ret.description().c_str(), descriptor.c_str(), instance.c_str());
951 break;
952 }
953 sp<IBase> base = ret;
954 if (base != nullptr) {
955 Return<bool> canCastRet =
956 details::canCastInterface(base.get(), descriptor.c_str(), true /* emitError */);
957
958 if (canCastRet.isOk() && canCastRet) {
959 if (waiter != nullptr) {
960 waiter->done();
961 }
962 return base; // still needs to be wrapped by Bp class.
963 }
964
965 if (!handleCastError(canCastRet, descriptor, instance)) break;
966 }
967
968 // In case of legacy or we were not asked to retry, don't.
969 if (vintfLegacy || !retry) break;
970
971 if (waiter != nullptr) {
972 ALOGI("getService: Trying again for %s/%s...", descriptor.c_str(), instance.c_str());
973 waiter->wait(true /* timeout */);
974 }
975 }
976
977 if (waiter != nullptr) {
978 waiter->done();
979 }
980
981 if (getStub || vintfPassthru || vintfLegacy) {
982 const sp<IServiceManager1_0> pm = getPassthroughServiceManager();
983 if (pm != nullptr) {
984 sp<IBase> base = pm->get(descriptor, instance).withDefault(nullptr);
985 if (!getStub || trebleTestingOverride) {
986 base = wrapPassthrough(base);
987 }
988 return base;
989 }
990 }
991
992 return nullptr;
993 }
994
registerAsServiceInternal(const sp<IBase> & service,const std::string & name)995 status_t registerAsServiceInternal(const sp<IBase>& service, const std::string& name) {
996 if (service == nullptr) {
997 return UNEXPECTED_NULL;
998 }
999
1000 sp<IServiceManager1_2> sm = defaultServiceManager1_2();
1001 if (sm == nullptr) {
1002 return INVALID_OPERATION;
1003 }
1004
1005 const std::string descriptor = getDescriptor(service.get());
1006
1007 if (kEnforceVintfManifest && !isTrebleTestingOverride()) {
1008 using Transport = IServiceManager1_0::Transport;
1009 Return<Transport> transport = sm->getTransport(descriptor, name);
1010
1011 if (!transport.isOk()) {
1012 LOG(ERROR) << "Could not get transport for " << descriptor << "/" << name << ": "
1013 << transport.description();
1014 return UNKNOWN_ERROR;
1015 }
1016
1017 if (transport != Transport::HWBINDER) {
1018 LOG(ERROR) << "Service " << descriptor << "/" << name
1019 << " must be in VINTF manifest in order to register/get.";
1020 return UNKNOWN_ERROR;
1021 }
1022 }
1023
1024 bool registered = false;
1025 Return<void> ret = service->interfaceChain([&](const auto& chain) {
1026 registered = sm->addWithChain(name.c_str(), service, chain).withDefault(false);
1027 });
1028
1029 if (!ret.isOk()) {
1030 LOG(ERROR) << "Could not retrieve interface chain: " << ret.description();
1031 }
1032
1033 if (registered) {
1034 onRegistrationImpl(descriptor, name);
1035 }
1036
1037 return registered ? OK : UNKNOWN_ERROR;
1038 }
1039
1040 } // namespace details
1041
1042 } // namespace hardware
1043 } // namespace android
1044