rpcbinder/session.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
/*
* Copyright (C) 2022 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
use binder::unstable_api::new_spibinder;
use binder::{FromIBinder, SpIBinder, StatusCode, Strong};
use foreign_types::{foreign_type, ForeignType, ForeignTypeRef};
use std::os::fd::RawFd;
use std::os::raw::{c_int, c_void};
pub use binder_rpc_unstable_bindgen::ARpcSession_FileDescriptorTransportMode as FileDescriptorTransportMode;
foreign_type! {
type CType = binder_rpc_unstable_bindgen::ARpcSession;
fn drop = binder_rpc_unstable_bindgen::ARpcSession_free;
/// A type that represents a foreign instance of RpcSession.
#[derive(Debug)]
pub struct RpcSession;
/// A borrowed RpcSession.
pub struct RpcSessionRef;
}
/// SAFETY: The opaque handle can be cloned freely.
unsafe impl Send for RpcSession {}
/// SAFETY: The underlying C++ RpcSession class is thread-safe.
unsafe impl Sync for RpcSession {}
impl RpcSession {
/// Allocates a new RpcSession object.
pub fn new() -> RpcSession {
// SAFETY: Takes ownership of the returned handle, which has correct refcount.
unsafe { RpcSession::from_ptr(binder_rpc_unstable_bindgen::ARpcSession_new()) }
}
}
impl Default for RpcSession {
fn default() -> Self {
Self::new()
}
}
impl RpcSessionRef {
/// Sets the file descriptor transport mode for this session.
pub fn set_file_descriptor_transport_mode(&self, mode: FileDescriptorTransportMode) {
// SAFETY: Only passes the 'self' pointer as an opaque handle.
unsafe {
binder_rpc_unstable_bindgen::ARpcSession_setFileDescriptorTransportMode(
self.as_ptr(),
mode,
)
};
}
/// Sets the maximum number of incoming threads.
pub fn set_max_incoming_threads(&self, threads: usize) {
// SAFETY: Only passes the 'self' pointer as an opaque handle.
unsafe {
binder_rpc_unstable_bindgen::ARpcSession_setMaxIncomingThreads(self.as_ptr(), threads)
};
}
/// Sets the maximum number of outgoing connections.
pub fn set_max_outgoing_connections(&self, connections: usize) {
// SAFETY: Only passes the 'self' pointer as an opaque handle.
unsafe {
binder_rpc_unstable_bindgen::ARpcSession_setMaxOutgoingConnections(
self.as_ptr(),
connections,
)
};
}
/// Connects to an RPC Binder server over vsock for a particular interface.
#[cfg(not(target_os = "trusty"))]
pub fn setup_vsock_client<T: FromIBinder + ?Sized>(
&self,
cid: u32,
port: u32,
) -> Result<Strong<T>, StatusCode> {
// SAFETY: AIBinder returned by ARpcSession_setupVsockClient has correct
// reference count, and the ownership can safely be taken by new_spibinder.
let service = unsafe {
new_spibinder(binder_rpc_unstable_bindgen::ARpcSession_setupVsockClient(
self.as_ptr(),
cid,
port,
))
};
Self::get_interface(service)
}
/// Connects to an RPC Binder server over a names Unix Domain Socket for
/// a particular interface.
#[cfg(not(target_os = "trusty"))]
pub fn setup_unix_domain_client<T: FromIBinder + ?Sized>(
&self,
socket_name: &str,
) -> Result<Strong<T>, StatusCode> {
let socket_name = match std::ffi::CString::new(socket_name) {
Ok(s) => s,
Err(e) => {
log::error!("Cannot convert {} to CString. Error: {:?}", socket_name, e);
return Err(StatusCode::NAME_NOT_FOUND);
}
};
// SAFETY: AIBinder returned by ARpcSession_setupUnixDomainClient has correct
// reference count, and the ownership can safely be taken by new_spibinder.
let service = unsafe {
new_spibinder(binder_rpc_unstable_bindgen::ARpcSession_setupUnixDomainClient(
self.as_ptr(),
socket_name.as_ptr(),
))
};
Self::get_interface(service)
}
/// Connects to an RPC Binder server over a bootstrap Unix Domain Socket
/// for a particular interface.
#[cfg(not(target_os = "trusty"))]
pub fn setup_unix_domain_bootstrap_client<T: FromIBinder + ?Sized>(
&self,
bootstrap_fd: std::os::fd::BorrowedFd,
) -> Result<Strong<T>, StatusCode> {
use std::os::fd::AsRawFd;
// SAFETY: ARpcSession_setupUnixDomainBootstrapClient does not take
// ownership of bootstrap_fd. The returned AIBinder has correct
// reference count, and the ownership can safely be taken by new_spibinder.
let service = unsafe {
new_spibinder(binder_rpc_unstable_bindgen::ARpcSession_setupUnixDomainBootstrapClient(
self.as_ptr(),
bootstrap_fd.as_raw_fd(),
))
};
Self::get_interface(service)
}
/// Connects to an RPC Binder server over inet socket at the given address and port.
#[cfg(not(target_os = "trusty"))]
pub fn setup_inet_client<T: FromIBinder + ?Sized>(
&self,
address: &str,
port: u32,
) -> Result<Strong<T>, StatusCode> {
let address = match std::ffi::CString::new(address) {
Ok(s) => s,
Err(e) => {
log::error!("Cannot convert {} to CString. Error: {:?}", address, e);
return Err(StatusCode::BAD_VALUE);
}
};
// SAFETY: AIBinder returned by ARpcSession_setupInet has correct reference
// count, and the ownership can safely be taken by new_spibinder.
let service = unsafe {
new_spibinder(binder_rpc_unstable_bindgen::ARpcSession_setupInet(
self.as_ptr(),
address.as_ptr(),
port,
))
};
Self::get_interface(service)
}
#[cfg(target_os = "trusty")]
pub fn setup_trusty_client<T: FromIBinder + ?Sized>(
&self,
port: &std::ffi::CStr,
) -> Result<Strong<T>, StatusCode> {
self.setup_preconnected_client(|| {
let h = tipc::Handle::connect(port)
.expect("Failed to connect to service port {SERVICE_PORT}");
// Do not close the handle at the end of the scope
let fd = h.as_raw_fd();
core::mem::forget(h);
Some(fd)
})
}
/// Connects to an RPC Binder server, using the given callback to get (and
/// take ownership of) file descriptors already connected to it.
pub fn setup_preconnected_client<T: FromIBinder + ?Sized>(
&self,
mut request_fd: impl FnMut() -> Option<RawFd>,
) -> Result<Strong<T>, StatusCode> {
// Double reference the factory because trait objects aren't FFI safe.
let mut request_fd_ref: RequestFd = &mut request_fd;
let param = &mut request_fd_ref as *mut RequestFd as *mut c_void;
// SAFETY: AIBinder returned by RpcPreconnectedClient has correct reference count, and the
// ownership can be safely taken by new_spibinder. RpcPreconnectedClient does not take ownership
// of param, only passing it to request_fd_wrapper.
let service = unsafe {
new_spibinder(binder_rpc_unstable_bindgen::ARpcSession_setupPreconnectedClient(
self.as_ptr(),
Some(request_fd_wrapper),
param,
))
};
Self::get_interface(service)
}
fn get_interface<T: FromIBinder + ?Sized>(
service: Option<SpIBinder>,
) -> Result<Strong<T>, StatusCode> {
if let Some(service) = service {
FromIBinder::try_from(service)
} else {
Err(StatusCode::NAME_NOT_FOUND)
}
}
}
type RequestFd<'a> = &'a mut dyn FnMut() -> Option<RawFd>;
unsafe extern "C" fn request_fd_wrapper(param: *mut c_void) -> c_int {
let request_fd_ptr = param as *mut RequestFd;
// SAFETY: This is only ever called by RpcPreconnectedClient, within the lifetime of the
// BinderFdFactory reference, with param being a properly aligned non-null pointer to an
// initialized instance.
let request_fd = unsafe { request_fd_ptr.as_mut().unwrap() };
request_fd().unwrap_or(-1)
}