1 /*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <android-base/logging.h>
18 #include <binder/Binder.h>
19 #include <binder/IBinder.h>
20 #include <binder/IPCThreadState.h>
21 #include <binder/IServiceManager.h>
22 #include <binder/Parcel.h>
23 #include <binder/Stability.h>
24 #include <gtest/gtest.h>
25
26 #include "../Utils.h"
27
28 #include <sys/prctl.h>
29 #include <thread>
30
31 using namespace android;
32
33 const String16 kServerName = String16("binderClearBuf");
34
35 class FooBar : public BBinder {
36 public:
37 enum {
38 TRANSACTION_REPEAT_STRING = IBinder::FIRST_CALL_TRANSACTION,
39 };
40
41 std::mutex foo;
42 std::string last;
43
onTransact(uint32_t code,const Parcel & data,Parcel * reply,uint32_t flags)44 status_t onTransact(uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) {
45 // not checking data, since there is no hook at the time this test is
46 // written to check values there are set to zero. Instead, we only check
47 // the reply parcel.
48
49 switch (code) {
50 case TRANSACTION_REPEAT_STRING: {
51 const char* str = data.readCString();
52 return reply->writeCString(str == nullptr ? "<null>" : str);
53 }
54 }
55 return BBinder::onTransact(code, data, reply, flags);
56 }
RepeatString(const sp<IBinder> binder,const std::string & repeat,std::string * outBuffer)57 static std::string RepeatString(const sp<IBinder> binder,
58 const std::string& repeat,
59 std::string* outBuffer) {
60 Parcel data;
61 data.writeCString(repeat.c_str());
62 std::string result;
63 const uint8_t* lastReply;
64 size_t lastReplySize;
65 {
66 Parcel reply;
67 binder->transact(TRANSACTION_REPEAT_STRING, data, &reply, FLAG_CLEAR_BUF);
68 result = reply.readCString();
69 lastReply = reply.data();
70 lastReplySize = reply.dataSize();
71 }
72 *outBuffer = android::HexString(lastReply, lastReplySize);
73 return result;
74 }
75 };
76
TEST(BinderClearBuf,ClearKernelBuffer)77 TEST(BinderClearBuf, ClearKernelBuffer) {
78 #pragma clang diagnostic push
79 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
80 sp<IBinder> binder = defaultServiceManager()->getService(kServerName);
81 #pragma clang diagnostic pop
82 ASSERT_NE(nullptr, binder);
83
84 std::string replyBuffer;
85 std::string result = FooBar::RepeatString(binder, "foo", &replyBuffer);
86 EXPECT_EQ("foo", result);
87
88 // the buffer must have at least some length for the string, but we will
89 // just check it has some length, to avoid assuming anything about the
90 // format
91 EXPECT_GT(replyBuffer.size(), 0u);
92
93 for (size_t i = 0; i < replyBuffer.size(); i++) {
94 EXPECT_EQ(replyBuffer[i], '0') << "reply buffer at " << i;
95 }
96 }
97
main(int argc,char ** argv)98 int main(int argc, char** argv) {
99 ::testing::InitGoogleTest(&argc, argv);
100
101 if (fork() == 0) {
102 prctl(PR_SET_PDEATHSIG, SIGHUP);
103
104 sp<IBinder> server = new FooBar;
105 android::defaultServiceManager()->addService(kServerName, server);
106
107 IPCThreadState::self()->joinThreadPool(true);
108 exit(1); // should not reach
109 }
110
111 // This is not racey. Just giving these services some time to register before we call
112 // getService which sleeps for much longer. One alternative would be to
113 // start a threadpool + use waitForService, but we want to have as few
114 // binder things going on in this test as possible, since we are checking
115 // memory is zero'd which the kernel has a right to change.
116 usleep(100000);
117
118 return RUN_ALL_TESTS();
119 }
120