diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2024-04-23 23:26:42 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-04-23 23:26:42 +0000 |
commit | df6be02aa31589d91d17636b005e3487c68a8e8b (patch) | |
tree | 2acd288886737497e20d8ef7096ee3c4887c1a64 | |
parent | 82a49cede56fcd841b751ba910765ede5fad36f2 (diff) | |
parent | 0d526095d0394b50e714348d6d0f11a1fcbee8bd (diff) | |
download | native-df6be02aa31589d91d17636b005e3487c68a8e8b.tar.gz |
Merge "Snap for 11754915 from 951e73500c545b4d3ca995440d05f00dd7d6df07 to sdk-release" into sdk-release
-rw-r--r-- | libs/binder/Parcel.cpp | 1 | ||||
-rw-r--r-- | libs/binder/aidl/android/content/pm/IPackageManagerNative.aidl | 12 | ||||
-rw-r--r-- | libs/binder/binder_module.h | 73 | ||||
-rw-r--r-- | libs/binder/include_rpc_unstable/binder_rpc_unstable.hpp | 11 | ||||
-rw-r--r-- | libs/binder/libbinder_rpc_unstable.cpp | 4 | ||||
-rw-r--r-- | libs/binder/rust/rpcbinder/src/server/android.rs | 14 | ||||
-rw-r--r-- | libs/binder/tests/binderLibTest.cpp | 3 | ||||
-rw-r--r-- | libs/binder/tests/unit_fuzzers/Android.bp | 12 | ||||
-rw-r--r-- | libs/renderengine/include/renderengine/RenderEngine.h | 2 | ||||
-rw-r--r-- | services/surfaceflinger/SurfaceFlinger.cpp | 31 | ||||
-rw-r--r-- | services/surfaceflinger/SurfaceFlinger.h | 7 | ||||
-rw-r--r-- | services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h | 2 |
12 files changed, 87 insertions, 85 deletions
diff --git a/libs/binder/Parcel.cpp b/libs/binder/Parcel.cpp index 2dd310e9ca..84ef489a6c 100644 --- a/libs/binder/Parcel.cpp +++ b/libs/binder/Parcel.cpp @@ -30,6 +30,7 @@ #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> +#include <algorithm> #include <binder/Binder.h> #include <binder/BpBinder.h> diff --git a/libs/binder/aidl/android/content/pm/IPackageManagerNative.aidl b/libs/binder/aidl/android/content/pm/IPackageManagerNative.aidl index f8a8843309..3ddfefa311 100644 --- a/libs/binder/aidl/android/content/pm/IPackageManagerNative.aidl +++ b/libs/binder/aidl/android/content/pm/IPackageManagerNative.aidl @@ -43,6 +43,18 @@ interface IPackageManagerNative { @utf8InCpp String[] getNamesForUids(in int[] uids); /** + * Return the UID associated with the given package name. + * Note that the same package will have different UIDs under different UserHandle on + * the same device. + * @param packageName The full name (i.e. com.google.apps.contacts) of the desired package. + * @param flags Additional option flags to modify the data returned. + * @param userId The user handle identifier to look up the package under. + * @return Returns an integer UID who owns the given package name, or -1 if no such package is + * available to the caller. + */ + int getPackageUid(in @utf8InCpp String packageName, in long flags, in int userId); + + /** * Returns the name of the installer (a package) which installed the named * package. Preloaded packages return the string "preload". Sideloaded packages * return an empty string. Unknown or unknowable are returned as empty strings. diff --git a/libs/binder/binder_module.h b/libs/binder/binder_module.h index eef07aef2d..b3a2d9ec28 100644 --- a/libs/binder/binder_module.h +++ b/libs/binder/binder_module.h @@ -32,77 +32,4 @@ #include <linux/android/binder.h> #include <sys/ioctl.h> -#ifndef BR_FROZEN_REPLY -// Temporary definition of BR_FROZEN_REPLY. For production -// this will come from UAPI binder.h -#define BR_FROZEN_REPLY _IO('r', 18) -#endif // BR_FROZEN_REPLY - -#ifndef BINDER_FREEZE -/* - * Temporary definitions for freeze support. For the final version - * these will be defined in the UAPI binder.h file from upstream kernel. - */ -#define BINDER_FREEZE _IOW('b', 14, struct binder_freeze_info) - -struct binder_freeze_info { - // - // Group-leader PID of process to be frozen - // - uint32_t pid; - // - // Enable(1) / Disable(0) freeze for given PID - // - uint32_t enable; - // - // Timeout to wait for transactions to drain. - // 0: don't wait (ioctl will return EAGAIN if not drained) - // N: number of ms to wait - uint32_t timeout_ms; -}; -#endif // BINDER_FREEZE - -#ifndef BINDER_GET_FROZEN_INFO - -#define BINDER_GET_FROZEN_INFO _IOWR('b', 15, struct binder_frozen_status_info) - -struct binder_frozen_status_info { - // - // Group-leader PID of process to be queried - // - __u32 pid; - // - // Indicates whether the process has received any sync calls since last - // freeze (cleared at freeze/unfreeze) - // bit 0: received sync transaction after being frozen - // bit 1: new pending sync transaction during freezing - // - __u32 sync_recv; - // - // Indicates whether the process has received any async calls since last - // freeze (cleared at freeze/unfreeze) - // - __u32 async_recv; -}; -#endif // BINDER_GET_FROZEN_INFO - -#ifndef BR_ONEWAY_SPAM_SUSPECT -// Temporary definition of BR_ONEWAY_SPAM_SUSPECT. For production -// this will come from UAPI binder.h -#define BR_ONEWAY_SPAM_SUSPECT _IO('r', 19) -#endif // BR_ONEWAY_SPAM_SUSPECT - -#ifndef BINDER_ENABLE_ONEWAY_SPAM_DETECTION -/* - * Temporary definitions for oneway spam detection support. For the final version - * these will be defined in the UAPI binder.h file from upstream kernel. - */ -#define BINDER_ENABLE_ONEWAY_SPAM_DETECTION _IOW('b', 16, __u32) -#endif // BINDER_ENABLE_ONEWAY_SPAM_DETECTION - -#ifndef BR_TRANSACTION_PENDING_FROZEN -// Temporary definition of BR_TRANSACTION_PENDING_FROZEN until UAPI binder.h includes it. -#define BR_TRANSACTION_PENDING_FROZEN _IO('r', 20) -#endif // BR_TRANSACTION_PENDING_FROZEN - #endif // _BINDER_MODULE_H_ diff --git a/libs/binder/include_rpc_unstable/binder_rpc_unstable.hpp b/libs/binder/include_rpc_unstable/binder_rpc_unstable.hpp index 7d0acd1843..392ebb5b0a 100644 --- a/libs/binder/include_rpc_unstable/binder_rpc_unstable.hpp +++ b/libs/binder/include_rpc_unstable/binder_rpc_unstable.hpp @@ -73,6 +73,17 @@ void ARpcServer_setSupportedFileDescriptorTransportModes( const ARpcSession_FileDescriptorTransportMode modes[], size_t modes_len); +// Sets the maximum number of threads that the Server will use for +// incoming client connections. +// +// This must be called before adding a client session. This corresponds +// to the number of incoming connections to RpcSession objects in the +// server, which will correspond to the number of outgoing connections +// in client RpcSession objects. +// +// If this is not specified, this will be a single-threaded server. +void ARpcServer_setMaxThreads(ARpcServer* server, size_t threads); + // Runs ARpcServer_join() in a background thread. Immediately returns. void ARpcServer_start(ARpcServer* server); diff --git a/libs/binder/libbinder_rpc_unstable.cpp b/libs/binder/libbinder_rpc_unstable.cpp index cb44c58c2c..21537fc50d 100644 --- a/libs/binder/libbinder_rpc_unstable.cpp +++ b/libs/binder/libbinder_rpc_unstable.cpp @@ -167,6 +167,10 @@ void ARpcServer_setSupportedFileDescriptorTransportModes( server->setSupportedFileDescriptorTransportModes(modevec); } +void ARpcServer_setMaxThreads(ARpcServer* handle, size_t threads) { + handleToStrongPointer<RpcServer>(handle)->setMaxThreads(threads); +} + void ARpcServer_start(ARpcServer* handle) { handleToStrongPointer<RpcServer>(handle)->start(); } diff --git a/libs/binder/rust/rpcbinder/src/server/android.rs b/libs/binder/rust/rpcbinder/src/server/android.rs index ad0365b505..2ab34472a9 100644 --- a/libs/binder/rust/rpcbinder/src/server/android.rs +++ b/libs/binder/rust/rpcbinder/src/server/android.rs @@ -147,6 +147,20 @@ impl RpcServerRef { } } + /// Sets the max number of threads this Server uses for incoming client connections. + /// + /// This must be called before adding a client session. This corresponds + /// to the number of incoming connections to RpcSession objects in the + /// server, which will correspond to the number of outgoing connections + /// in client RpcSession objects. Specifically this is useful for handling + /// client-side callback connections. + /// + /// If this is not specified, this will be a single-threaded server. + pub fn set_max_threads(&self, count: usize) { + // SAFETY: RpcServerRef wraps a valid pointer to an ARpcServer. + unsafe { binder_rpc_unstable_bindgen::ARpcServer_setMaxThreads(self.as_ptr(), count) }; + } + /// Starts a new background thread and calls join(). Returns immediately. pub fn start(&self) { // SAFETY: RpcServerRef wraps a valid pointer to an ARpcServer. diff --git a/libs/binder/tests/binderLibTest.cpp b/libs/binder/tests/binderLibTest.cpp index 2cea14f631..1f61f1852a 100644 --- a/libs/binder/tests/binderLibTest.cpp +++ b/libs/binder/tests/binderLibTest.cpp @@ -506,10 +506,11 @@ TEST_F(BinderLibTest, Freeze) { // Pass test on devices where BINDER_FREEZE ioctl is not supported int ret = IPCThreadState::self()->freeze(pid, false, 0); - if (ret != 0) { + if (ret == -EINVAL) { GTEST_SKIP(); return; } + EXPECT_EQ(NO_ERROR, ret); EXPECT_EQ(-EAGAIN, IPCThreadState::self()->freeze(pid, true, 0)); diff --git a/libs/binder/tests/unit_fuzzers/Android.bp b/libs/binder/tests/unit_fuzzers/Android.bp index a88158299e..6871cca3c1 100644 --- a/libs/binder/tests/unit_fuzzers/Android.bp +++ b/libs/binder/tests/unit_fuzzers/Android.bp @@ -52,6 +52,18 @@ cc_defaults { enabled: false, }, }, + fuzz_config: { + cc: [ + "smoreland@google.com", + "waghpawan@google.com", + ], + componentid: 32456, + description: "The fuzzer targets the APIs of libbinder", + vector: "local_no_privileges_required", + service_privilege: "privileged", + users: "multi_user", + fuzzed_code_usage: "shipped", + }, } cc_fuzz { diff --git a/libs/renderengine/include/renderengine/RenderEngine.h b/libs/renderengine/include/renderengine/RenderEngine.h index 818d0350c0..b41fa1dd69 100644 --- a/libs/renderengine/include/renderengine/RenderEngine.h +++ b/libs/renderengine/include/renderengine/RenderEngine.h @@ -33,7 +33,7 @@ #include <memory> /** - * Allows to set RenderEngine backend to GLES (default) or SkiaGL (NOT yet supported). + * Allows to override the RenderEngine backend. */ #define PROPERTY_DEBUG_RENDERENGINE_BACKEND "debug.renderengine.backend" diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp index f7cc13e7c1..b980a65255 100644 --- a/services/surfaceflinger/SurfaceFlinger.cpp +++ b/services/surfaceflinger/SurfaceFlinger.cpp @@ -2252,7 +2252,7 @@ bool SurfaceFlinger::updateLayerSnapshotsLegacy(VsyncId vsyncId, nsecs_t frameTi outTransactionsAreEmpty = !needsTraversal; const bool shouldCommit = (getTransactionFlags() & ~eTransactionFlushNeeded) || needsTraversal; if (shouldCommit) { - commitTransactions(); + commitTransactionsLegacy(); } bool mustComposite = latchBuffers() || shouldCommit; @@ -2380,8 +2380,14 @@ bool SurfaceFlinger::updateLayerSnapshots(VsyncId vsyncId, nsecs_t frameTimeNs, } } + // Keep a copy of the drawing state (that is going to be overwritten + // by commitTransactionsLocked) outside of mStateLock so that the side + // effects of the State assignment don't happen with mStateLock held, + // which can cause deadlocks. + State drawingState(mDrawingState); + Mutex::Autolock lock(mStateLock); bool mustComposite = false; - mustComposite |= applyAndCommitDisplayTransactionStates(update.transactions); + mustComposite |= applyAndCommitDisplayTransactionStatesLocked(update.transactions); { ATRACE_NAME("LayerSnapshotBuilder:update"); @@ -2420,7 +2426,7 @@ bool SurfaceFlinger::updateLayerSnapshots(VsyncId vsyncId, nsecs_t frameTimeNs, bool newDataLatched = false; if (!mLegacyFrontEndEnabled) { ATRACE_NAME("DisplayCallbackAndStatsUpdates"); - mustComposite |= applyTransactions(update.transactions, vsyncId); + mustComposite |= applyTransactionsLocked(update.transactions, vsyncId); traverseLegacyLayers([&](Layer* layer) { layer->commitTransaction(); }); const nsecs_t latchTime = systemTime(); bool unused = false; @@ -3266,6 +3272,19 @@ void SurfaceFlinger::computeLayerBounds() { void SurfaceFlinger::commitTransactions() { ATRACE_CALL(); + mDebugInTransaction = systemTime(); + + // Here we're guaranteed that some transaction flags are set + // so we can call commitTransactionsLocked unconditionally. + // We clear the flags with mStateLock held to guarantee that + // mCurrentState won't change until the transaction is committed. + mScheduler->modulateVsync({}, &VsyncModulator::onTransactionCommit); + commitTransactionsLocked(clearTransactionFlags(eTransactionMask)); + mDebugInTransaction = 0; +} + +void SurfaceFlinger::commitTransactionsLegacy() { + ATRACE_CALL(); // Keep a copy of the drawing state (that is going to be overwritten // by commitTransactionsLocked) outside of mStateLock so that the side @@ -5070,9 +5089,8 @@ bool SurfaceFlinger::applyTransactionState(const FrameTimelineInfo& frameTimelin return needsTraversal; } -bool SurfaceFlinger::applyAndCommitDisplayTransactionStates( +bool SurfaceFlinger::applyAndCommitDisplayTransactionStatesLocked( std::vector<TransactionState>& transactions) { - Mutex::Autolock lock(mStateLock); bool needsTraversal = false; uint32_t transactionFlags = 0; for (auto& transaction : transactions) { @@ -5864,7 +5882,8 @@ void SurfaceFlinger::initializeDisplays() { if (mLegacyFrontEndEnabled) { applyTransactions(transactions, VsyncId{0}); } else { - applyAndCommitDisplayTransactionStates(transactions); + Mutex::Autolock lock(mStateLock); + applyAndCommitDisplayTransactionStatesLocked(transactions); } { diff --git a/services/surfaceflinger/SurfaceFlinger.h b/services/surfaceflinger/SurfaceFlinger.h index 6b4440193b..61360a70df 100644 --- a/services/surfaceflinger/SurfaceFlinger.h +++ b/services/surfaceflinger/SurfaceFlinger.h @@ -751,7 +751,8 @@ private: bool force = false) REQUIRES(mStateLock, kMainThreadContext); - void commitTransactions() EXCLUDES(mStateLock) REQUIRES(kMainThreadContext); + void commitTransactionsLegacy() EXCLUDES(mStateLock) REQUIRES(kMainThreadContext); + void commitTransactions() REQUIRES(kMainThreadContext, mStateLock); void commitTransactionsLocked(uint32_t transactionFlags) REQUIRES(mStateLock, kMainThreadContext); void doCommitTransactions() REQUIRES(mStateLock); @@ -804,8 +805,8 @@ private: bool flushTransactionQueues(VsyncId) REQUIRES(kMainThreadContext); bool applyTransactions(std::vector<TransactionState>&, VsyncId) REQUIRES(kMainThreadContext); - bool applyAndCommitDisplayTransactionStates(std::vector<TransactionState>& transactions) - REQUIRES(kMainThreadContext); + bool applyAndCommitDisplayTransactionStatesLocked(std::vector<TransactionState>& transactions) + REQUIRES(kMainThreadContext, mStateLock); // Returns true if there is at least one transaction that needs to be flushed bool transactionFlushNeeded(); diff --git a/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h b/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h index 4fc39cc912..81fbc847a3 100644 --- a/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h +++ b/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h @@ -610,7 +610,7 @@ public: { ftl::FakeGuard guard(kMainThreadContext); - mFlinger->commitTransactions(); + mFlinger->commitTransactionsLegacy(); mFlinger->flushTransactionQueues(getFuzzedVsyncId(mFdp)); scheduler::FrameTargeter frameTargeter(displayId, mFdp.ConsumeBool()); |