2 * Copyright (C) 2005 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #define LOG_TAG "Parcel"
18 //#define LOG_NDEBUG 0
20 #include <binder/Parcel.h>
22 #include <binder/IPCThreadState.h>
23 #include <binder/Binder.h>
24 #include <binder/BpBinder.h>
25 #include <binder/ProcessState.h>
26 #include <binder/TextOutput.h>
28 #include <utils/Debug.h>
29 #include <utils/Log.h>
30 #include <utils/String8.h>
31 #include <utils/String16.h>
32 #include <utils/misc.h>
33 #include <utils/Flattenable.h>
34 #include <cutils/ashmem.h>
36 #include <private/binder/binder_module.h>
44 #define INT32_MAX ((int32_t)(2147483647))
48 //#define LOG_REFS(...) ALOG(LOG_DEBUG, "Parcel", __VA_ARGS__)
50 // ---------------------------------------------------------------------------
52 #define PAD_SIZE(s) (((s)+3)&~3)
54 // Note: must be kept in sync with android/os/StrictMode.java's PENALTY_GATHER
55 #define STRICT_MODE_PENALTY_GATHER 0x100
57 // Note: must be kept in sync with android/os/Parcel.java's EX_HAS_REPLY_HEADER
58 #define EX_HAS_REPLY_HEADER -128
60 // Maximum size of a blob to transfer in-place.
61 static const size_t IN_PLACE_BLOB_LIMIT = 40 * 1024;
63 // XXX This can be made public if we want to provide
64 // support for typed data.
65 struct small_flat_data
73 void acquire_object(const sp<ProcessState>& proc,
74 const flat_binder_object& obj, const void* who)
77 case BINDER_TYPE_BINDER:
79 LOG_REFS("Parcel %p acquiring reference on local %p", who, obj.cookie);
80 reinterpret_cast<IBinder*>(obj.cookie)->incStrong(who);
83 case BINDER_TYPE_WEAK_BINDER:
85 reinterpret_cast<RefBase::weakref_type*>(obj.binder)->incWeak(who);
87 case BINDER_TYPE_HANDLE: {
88 const sp<IBinder> b = proc->getStrongProxyForHandle(obj.handle);
90 LOG_REFS("Parcel %p acquiring reference on remote %p", who, b.get());
95 case BINDER_TYPE_WEAK_HANDLE: {
96 const wp<IBinder> b = proc->getWeakProxyForHandle(obj.handle);
97 if (b != NULL) b.get_refs()->incWeak(who);
100 case BINDER_TYPE_FD: {
101 // intentionally blank -- nothing to do to acquire this, but we do
102 // recognize it as a legitimate object type.
107 ALOGD("Invalid object type 0x%08x", obj.type);
110 void release_object(const sp<ProcessState>& proc,
111 const flat_binder_object& obj, const void* who)
114 case BINDER_TYPE_BINDER:
116 LOG_REFS("Parcel %p releasing reference on local %p", who, obj.cookie);
117 reinterpret_cast<IBinder*>(obj.cookie)->decStrong(who);
120 case BINDER_TYPE_WEAK_BINDER:
122 reinterpret_cast<RefBase::weakref_type*>(obj.binder)->decWeak(who);
124 case BINDER_TYPE_HANDLE: {
125 const sp<IBinder> b = proc->getStrongProxyForHandle(obj.handle);
127 LOG_REFS("Parcel %p releasing reference on remote %p", who, b.get());
132 case BINDER_TYPE_WEAK_HANDLE: {
133 const wp<IBinder> b = proc->getWeakProxyForHandle(obj.handle);
134 if (b != NULL) b.get_refs()->decWeak(who);
137 case BINDER_TYPE_FD: {
138 if (obj.cookie != 0) close(obj.handle);
143 ALOGE("Invalid object type 0x%08x", obj.type);
146 inline static status_t finish_flatten_binder(
147 const sp<IBinder>& /*binder*/, const flat_binder_object& flat, Parcel* out)
149 return out->writeObject(flat, false);
152 status_t flatten_binder(const sp<ProcessState>& /*proc*/,
153 const sp<IBinder>& binder, Parcel* out)
155 flat_binder_object obj;
157 obj.flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
158 if (binder != NULL) {
159 IBinder *local = binder->localBinder();
161 BpBinder *proxy = binder->remoteBinder();
165 const int32_t handle = proxy ? proxy->handle() : 0;
166 obj.type = BINDER_TYPE_HANDLE;
167 obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
171 obj.type = BINDER_TYPE_BINDER;
172 obj.binder = reinterpret_cast<uintptr_t>(local->getWeakRefs());
173 obj.cookie = reinterpret_cast<uintptr_t>(local);
176 obj.type = BINDER_TYPE_BINDER;
181 return finish_flatten_binder(binder, obj, out);
184 status_t flatten_binder(const sp<ProcessState>& /*proc*/,
185 const wp<IBinder>& binder, Parcel* out)
187 flat_binder_object obj;
189 obj.flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
190 if (binder != NULL) {
191 sp<IBinder> real = binder.promote();
193 IBinder *local = real->localBinder();
195 BpBinder *proxy = real->remoteBinder();
199 const int32_t handle = proxy ? proxy->handle() : 0;
200 obj.type = BINDER_TYPE_WEAK_HANDLE;
201 obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
205 obj.type = BINDER_TYPE_WEAK_BINDER;
206 obj.binder = reinterpret_cast<uintptr_t>(binder.get_refs());
207 obj.cookie = reinterpret_cast<uintptr_t>(binder.unsafe_get());
209 return finish_flatten_binder(real, obj, out);
212 // XXX How to deal? In order to flatten the given binder,
213 // we need to probe it for information, which requires a primary
214 // reference... but we don't have one.
216 // The OpenBinder implementation uses a dynamic_cast<> here,
217 // but we can't do that with the different reference counting
218 // implementation we are using.
219 ALOGE("Unable to unflatten Binder weak reference!");
220 obj.type = BINDER_TYPE_BINDER;
223 return finish_flatten_binder(NULL, obj, out);
226 obj.type = BINDER_TYPE_BINDER;
229 return finish_flatten_binder(NULL, obj, out);
233 inline static status_t finish_unflatten_binder(
234 BpBinder* /*proxy*/, const flat_binder_object& /*flat*/,
235 const Parcel& /*in*/)
240 status_t unflatten_binder(const sp<ProcessState>& proc,
241 const Parcel& in, sp<IBinder>* out)
243 const flat_binder_object* flat = in.readObject(false);
246 switch (flat->type) {
247 case BINDER_TYPE_BINDER:
248 *out = reinterpret_cast<IBinder*>(flat->cookie);
249 return finish_unflatten_binder(NULL, *flat, in);
250 case BINDER_TYPE_HANDLE:
251 *out = proc->getStrongProxyForHandle(flat->handle);
252 return finish_unflatten_binder(
253 static_cast<BpBinder*>(out->get()), *flat, in);
259 status_t unflatten_binder(const sp<ProcessState>& proc,
260 const Parcel& in, wp<IBinder>* out)
262 const flat_binder_object* flat = in.readObject(false);
265 switch (flat->type) {
266 case BINDER_TYPE_BINDER:
267 *out = reinterpret_cast<IBinder*>(flat->cookie);
268 return finish_unflatten_binder(NULL, *flat, in);
269 case BINDER_TYPE_WEAK_BINDER:
270 if (flat->binder != 0) {
271 out->set_object_and_refs(
272 reinterpret_cast<IBinder*>(flat->cookie),
273 reinterpret_cast<RefBase::weakref_type*>(flat->binder));
277 return finish_unflatten_binder(NULL, *flat, in);
278 case BINDER_TYPE_HANDLE:
279 case BINDER_TYPE_WEAK_HANDLE:
280 *out = proc->getWeakProxyForHandle(flat->handle);
281 return finish_unflatten_binder(
282 static_cast<BpBinder*>(out->unsafe_get()), *flat, in);
288 // ---------------------------------------------------------------------------
300 const uint8_t* Parcel::data() const
305 size_t Parcel::dataSize() const
307 return (mDataSize > mDataPos ? mDataSize : mDataPos);
310 size_t Parcel::dataAvail() const
312 // TODO: decide what to do about the possibility that this can
313 // report an available-data size that exceeds a Java int's max
314 // positive value, causing havoc. Fortunately this will only
315 // happen if someone constructs a Parcel containing more than two
316 // gigabytes of data, which on typical phone hardware is simply
318 return dataSize() - dataPosition();
321 size_t Parcel::dataPosition() const
326 size_t Parcel::dataCapacity() const
328 return mDataCapacity;
331 status_t Parcel::setDataSize(size_t size)
334 err = continueWrite(size);
335 if (err == NO_ERROR) {
337 ALOGV("setDataSize Setting data size of %p to %d\n", this, mDataSize);
342 void Parcel::setDataPosition(size_t pos) const
348 status_t Parcel::setDataCapacity(size_t size)
350 if (size > mDataCapacity) return continueWrite(size);
354 status_t Parcel::setData(const uint8_t* buffer, size_t len)
356 status_t err = restartWrite(len);
357 if (err == NO_ERROR) {
358 memcpy(const_cast<uint8_t*>(data()), buffer, len);
365 status_t Parcel::appendFrom(const Parcel *parcel, size_t offset, size_t len)
367 const sp<ProcessState> proc(ProcessState::self());
369 const uint8_t *data = parcel->mData;
370 const binder_size_t *objects = parcel->mObjects;
371 size_t size = parcel->mObjectsSize;
372 int startPos = mDataPos;
373 int firstIndex = -1, lastIndex = -2;
379 // range checks against the source parcel size
380 if ((offset > parcel->mDataSize)
381 || (len > parcel->mDataSize)
382 || (offset + len > parcel->mDataSize)) {
386 // Count objects in range
387 for (int i = 0; i < (int) size; i++) {
388 size_t off = objects[i];
389 if ((off >= offset) && (off < offset + len)) {
390 if (firstIndex == -1) {
396 int numObjects = lastIndex - firstIndex + 1;
398 if ((mDataSize+len) > mDataCapacity) {
401 if (err != NO_ERROR) {
407 memcpy(mData + mDataPos, data + offset, len);
413 if (numObjects > 0) {
415 if (mObjectsCapacity < mObjectsSize + numObjects) {
416 int newSize = ((mObjectsSize + numObjects)*3)/2;
417 binder_size_t *objects =
418 (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t));
419 if (objects == (binder_size_t*)0) {
423 mObjectsCapacity = newSize;
426 // append and acquire objects
427 int idx = mObjectsSize;
428 for (int i = firstIndex; i <= lastIndex; i++) {
429 size_t off = objects[i] - offset + startPos;
430 mObjects[idx++] = off;
433 flat_binder_object* flat
434 = reinterpret_cast<flat_binder_object*>(mData + off);
435 acquire_object(proc, *flat, this);
437 if (flat->type == BINDER_TYPE_FD) {
438 // If this is a file descriptor, we need to dup it so the
439 // new Parcel now owns its own fd, and can declare that we
440 // officially know we have fds.
441 flat->handle = dup(flat->handle);
443 mHasFds = mFdsKnown = true;
445 err = FDS_NOT_ALLOWED;
454 bool Parcel::pushAllowFds(bool allowFds)
456 const bool origValue = mAllowFds;
463 void Parcel::restoreAllowFds(bool lastValue)
465 mAllowFds = lastValue;
468 bool Parcel::hasFileDescriptors() const
476 // Write RPC headers. (previously just the interface token)
477 status_t Parcel::writeInterfaceToken(const String16& interface)
479 writeInt32(IPCThreadState::self()->getStrictModePolicy() |
480 STRICT_MODE_PENALTY_GATHER);
481 // currently the interface identification token is just its name as a string
482 return writeString16(interface);
485 bool Parcel::checkInterface(IBinder* binder) const
487 return enforceInterface(binder->getInterfaceDescriptor());
490 bool Parcel::enforceInterface(const String16& interface,
491 IPCThreadState* threadState) const
493 int32_t strictPolicy = readInt32();
494 if (threadState == NULL) {
495 threadState = IPCThreadState::self();
497 if ((threadState->getLastTransactionBinderFlags() &
498 IBinder::FLAG_ONEWAY) != 0) {
499 // For one-way calls, the callee is running entirely
500 // disconnected from the caller, so disable StrictMode entirely.
501 // Not only does disk/network usage not impact the caller, but
502 // there's no way to commuicate back any violations anyway.
503 threadState->setStrictModePolicy(0);
505 threadState->setStrictModePolicy(strictPolicy);
507 const String16 str(readString16());
508 if (str == interface) {
511 ALOGW("**** enforceInterface() expected '%s' but read '%s'\n",
512 String8(interface).string(), String8(str).string());
517 const binder_size_t* Parcel::objects() const
522 size_t Parcel::objectsCount() const
527 status_t Parcel::errorCheck() const
532 void Parcel::setError(status_t err)
537 status_t Parcel::finishWrite(size_t len)
539 //printf("Finish write of %d\n", len);
541 ALOGV("finishWrite Setting data pos of %p to %d\n", this, mDataPos);
542 if (mDataPos > mDataSize) {
543 mDataSize = mDataPos;
544 ALOGV("finishWrite Setting data size of %p to %d\n", this, mDataSize);
546 //printf("New pos=%d, size=%d\n", mDataPos, mDataSize);
550 status_t Parcel::writeUnpadded(const void* data, size_t len)
552 size_t end = mDataPos + len;
553 if (end < mDataPos) {
558 if (end <= mDataCapacity) {
560 memcpy(mData+mDataPos, data, len);
561 return finishWrite(len);
564 status_t err = growData(len);
565 if (err == NO_ERROR) goto restart_write;
569 status_t Parcel::write(const void* data, size_t len)
571 void* const d = writeInplace(len);
573 memcpy(d, data, len);
579 void* Parcel::writeInplace(size_t len)
581 const size_t padded = PAD_SIZE(len);
583 // sanity check for integer overflow
584 if (mDataPos+padded < mDataPos) {
588 if ((mDataPos+padded) <= mDataCapacity) {
590 //printf("Writing %ld bytes, padded to %ld\n", len, padded);
591 uint8_t* const data = mData+mDataPos;
593 // Need to pad at end?
595 #if BYTE_ORDER == BIG_ENDIAN
596 static const uint32_t mask[4] = {
597 0x00000000, 0xffffff00, 0xffff0000, 0xff000000
600 #if BYTE_ORDER == LITTLE_ENDIAN
601 static const uint32_t mask[4] = {
602 0x00000000, 0x00ffffff, 0x0000ffff, 0x000000ff
605 //printf("Applying pad mask: %p to %p\n", (void*)mask[padded-len],
606 // *reinterpret_cast<void**>(data+padded-4));
607 *reinterpret_cast<uint32_t*>(data+padded-4) &= mask[padded-len];
614 status_t err = growData(padded);
615 if (err == NO_ERROR) goto restart_write;
619 status_t Parcel::writeInt32(int32_t val)
621 return writeAligned(val);
623 status_t Parcel::writeInt32Array(size_t len, const int32_t *val) {
625 return writeAligned(-1);
627 status_t ret = writeAligned(len);
628 if (ret == NO_ERROR) {
629 ret = write(val, len * sizeof(*val));
634 status_t Parcel::writeInt64(int64_t val)
636 return writeAligned(val);
639 status_t Parcel::writePointer(uintptr_t val)
641 return writeAligned<binder_uintptr_t>(val);
644 status_t Parcel::writeFloat(float val)
646 return writeAligned(val);
649 #if defined(__mips__) && defined(__mips_hard_float)
651 status_t Parcel::writeDouble(double val)
655 unsigned long long ll;
658 return writeAligned(u.ll);
663 status_t Parcel::writeDouble(double val)
665 return writeAligned(val);
670 status_t Parcel::writeIntPtr(intptr_t val)
672 return writeAligned(val);
675 status_t Parcel::writeCString(const char* str)
677 return write(str, strlen(str)+1);
680 status_t Parcel::writeString8(const String8& str)
682 status_t err = writeInt32(str.bytes());
683 // only write string if its length is more than zero characters,
684 // as readString8 will only read if the length field is non-zero.
685 // this is slightly different from how writeString16 works.
686 if (str.bytes() > 0 && err == NO_ERROR) {
687 err = write(str.string(), str.bytes()+1);
692 status_t Parcel::writeString16(const String16& str)
694 return writeString16(str.string(), str.size());
697 status_t Parcel::writeString16(const char16_t* str, size_t len)
699 if (str == NULL) return writeInt32(-1);
701 status_t err = writeInt32(len);
702 if (err == NO_ERROR) {
703 len *= sizeof(char16_t);
704 uint8_t* data = (uint8_t*)writeInplace(len+sizeof(char16_t));
706 memcpy(data, str, len);
707 *reinterpret_cast<char16_t*>(data+len) = 0;
715 status_t Parcel::writeStrongBinder(const sp<IBinder>& val)
717 return flatten_binder(ProcessState::self(), val, this);
720 status_t Parcel::writeWeakBinder(const wp<IBinder>& val)
722 return flatten_binder(ProcessState::self(), val, this);
725 status_t Parcel::writeNativeHandle(const native_handle* handle)
727 if (!handle || handle->version != sizeof(native_handle))
731 err = writeInt32(handle->numFds);
732 if (err != NO_ERROR) return err;
734 err = writeInt32(handle->numInts);
735 if (err != NO_ERROR) return err;
737 for (int i=0 ; err==NO_ERROR && i<handle->numFds ; i++)
738 err = writeDupFileDescriptor(handle->data[i]);
740 if (err != NO_ERROR) {
741 ALOGD("write native handle, write dup fd failed");
744 err = write(handle->data + handle->numFds, sizeof(int)*handle->numInts);
748 status_t Parcel::writeFileDescriptor(int fd, bool takeOwnership)
750 flat_binder_object obj;
751 obj.type = BINDER_TYPE_FD;
752 obj.flags = 0x7f | FLAT_BINDER_FLAG_ACCEPTS_FDS;
753 obj.binder = 0; /* Don't pass uninitialized stack data to a remote process */
755 obj.cookie = takeOwnership ? 1 : 0;
756 return writeObject(obj, true);
759 status_t Parcel::writeDupFileDescriptor(int fd)
765 status_t err = writeFileDescriptor(dupFd, true /*takeOwnership*/);
772 status_t Parcel::writeBlob(size_t len, WritableBlob* outBlob)
776 if (!mAllowFds || len <= IN_PLACE_BLOB_LIMIT) {
777 ALOGV("writeBlob: write in place");
778 status = writeInt32(0);
779 if (status) return status;
781 void* ptr = writeInplace(len);
782 if (!ptr) return NO_MEMORY;
784 outBlob->init(false /*mapped*/, ptr, len);
788 ALOGV("writeBlob: write to ashmem");
789 int fd = ashmem_create_region("Parcel Blob", len);
790 if (fd < 0) return NO_MEMORY;
792 int result = ashmem_set_prot_region(fd, PROT_READ | PROT_WRITE);
796 void* ptr = ::mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
797 if (ptr == MAP_FAILED) {
800 result = ashmem_set_prot_region(fd, PROT_READ);
804 status = writeInt32(1);
806 status = writeFileDescriptor(fd, true /*takeOwnership*/);
808 outBlob->init(true /*mapped*/, ptr, len);
820 status_t Parcel::write(const FlattenableHelperInterface& val)
825 const size_t len = val.getFlattenedSize();
826 const size_t fd_count = val.getFdCount();
828 err = this->writeInt32(len);
831 err = this->writeInt32(fd_count);
835 void* const buf = this->writeInplace(PAD_SIZE(len));
841 fds = new int[fd_count];
844 err = val.flatten(buf, len, fds, fd_count);
845 for (size_t i=0 ; i<fd_count && err==NO_ERROR ; i++) {
846 err = this->writeDupFileDescriptor( fds[i] );
856 status_t Parcel::writeObject(const flat_binder_object& val, bool nullMetaData)
858 const bool enoughData = (mDataPos+sizeof(val)) <= mDataCapacity;
859 const bool enoughObjects = mObjectsSize < mObjectsCapacity;
860 if (enoughData && enoughObjects) {
862 *reinterpret_cast<flat_binder_object*>(mData+mDataPos) = val;
864 // Need to write meta-data?
865 if (nullMetaData || val.binder != 0) {
866 mObjects[mObjectsSize] = mDataPos;
867 acquire_object(ProcessState::self(), val, this);
871 // remember if it's a file descriptor
872 if (val.type == BINDER_TYPE_FD) {
874 return FDS_NOT_ALLOWED;
876 mHasFds = mFdsKnown = true;
879 return finishWrite(sizeof(flat_binder_object));
883 const status_t err = growData(sizeof(val));
884 if (err != NO_ERROR) return err;
886 if (!enoughObjects) {
887 size_t newSize = ((mObjectsSize+2)*3)/2;
888 binder_size_t* objects = (binder_size_t*)realloc(mObjects, newSize*sizeof(binder_size_t));
889 if (objects == NULL) return NO_MEMORY;
891 mObjectsCapacity = newSize;
897 status_t Parcel::writeNoException()
899 return writeInt32(0);
902 void Parcel::remove(size_t /*start*/, size_t /*amt*/)
904 LOG_ALWAYS_FATAL("Parcel::remove() not yet implemented!");
907 status_t Parcel::read(void* outData, size_t len) const
909 if ((mDataPos+PAD_SIZE(len)) >= mDataPos && (mDataPos+PAD_SIZE(len)) <= mDataSize) {
910 memcpy(outData, mData+mDataPos, len);
911 mDataPos += PAD_SIZE(len);
912 ALOGV("read Setting data pos of %p to %d\n", this, mDataPos);
915 return NOT_ENOUGH_DATA;
918 const void* Parcel::readInplace(size_t len) const
920 if ((mDataPos+PAD_SIZE(len)) >= mDataPos && (mDataPos+PAD_SIZE(len)) <= mDataSize) {
921 const void* data = mData+mDataPos;
922 mDataPos += PAD_SIZE(len);
923 ALOGV("readInplace Setting data pos of %p to %d\n", this, mDataPos);
930 status_t Parcel::readAligned(T *pArg) const {
931 COMPILE_TIME_ASSERT_FUNCTION_SCOPE(PAD_SIZE(sizeof(T)) == sizeof(T));
933 if ((mDataPos+sizeof(T)) <= mDataSize) {
934 const void* data = mData+mDataPos;
935 mDataPos += sizeof(T);
936 *pArg = *reinterpret_cast<const T*>(data);
939 return NOT_ENOUGH_DATA;
944 T Parcel::readAligned() const {
946 if (readAligned(&result) != NO_ERROR) {
954 status_t Parcel::writeAligned(T val) {
955 COMPILE_TIME_ASSERT_FUNCTION_SCOPE(PAD_SIZE(sizeof(T)) == sizeof(T));
957 if ((mDataPos+sizeof(val)) <= mDataCapacity) {
959 *reinterpret_cast<T*>(mData+mDataPos) = val;
960 return finishWrite(sizeof(val));
963 status_t err = growData(sizeof(val));
964 if (err == NO_ERROR) goto restart_write;
968 status_t Parcel::readInt32(int32_t *pArg) const
970 return readAligned(pArg);
973 int32_t Parcel::readInt32() const
975 return readAligned<int32_t>();
979 status_t Parcel::readInt64(int64_t *pArg) const
981 return readAligned(pArg);
985 int64_t Parcel::readInt64() const
987 return readAligned<int64_t>();
990 status_t Parcel::readPointer(uintptr_t *pArg) const
993 binder_uintptr_t ptr;
994 ret = readAligned(&ptr);
1000 uintptr_t Parcel::readPointer() const
1002 return readAligned<binder_uintptr_t>();
1006 status_t Parcel::readFloat(float *pArg) const
1008 return readAligned(pArg);
1012 float Parcel::readFloat() const
1014 return readAligned<float>();
1017 #if defined(__mips__) && defined(__mips_hard_float)
1019 status_t Parcel::readDouble(double *pArg) const
1023 unsigned long long ll;
1026 status = readAligned(&u.ll);
1031 double Parcel::readDouble() const
1035 unsigned long long ll;
1037 u.ll = readAligned<unsigned long long>();
1043 status_t Parcel::readDouble(double *pArg) const
1045 return readAligned(pArg);
1048 double Parcel::readDouble() const
1050 return readAligned<double>();
1055 status_t Parcel::readIntPtr(intptr_t *pArg) const
1057 return readAligned(pArg);
1061 intptr_t Parcel::readIntPtr() const
1063 return readAligned<intptr_t>();
1067 const char* Parcel::readCString() const
1069 const size_t avail = mDataSize-mDataPos;
1071 const char* str = reinterpret_cast<const char*>(mData+mDataPos);
1072 // is the string's trailing NUL within the parcel's valid bounds?
1073 const char* eos = reinterpret_cast<const char*>(memchr(str, 0, avail));
1075 const size_t len = eos - str;
1076 mDataPos += PAD_SIZE(len+1);
1077 ALOGV("readCString Setting data pos of %p to %d\n", this, mDataPos);
1084 String8 Parcel::readString8() const
1086 int32_t size = readInt32();
1087 // watch for potential int overflow adding 1 for trailing NUL
1088 if (size > 0 && size < INT32_MAX) {
1089 const char* str = (const char*)readInplace(size+1);
1090 if (str) return String8(str, size);
1095 String16 Parcel::readString16() const
1098 const char16_t* str = readString16Inplace(&len);
1099 if (str) return String16(str, len);
1100 ALOGE("Reading a NULL string not supported here.");
1104 const char16_t* Parcel::readString16Inplace(size_t* outLen) const
1106 int32_t size = readInt32();
1107 // watch for potential int overflow from size+1
1108 if (size >= 0 && size < INT32_MAX) {
1110 const char16_t* str = (const char16_t*)readInplace((size+1)*sizeof(char16_t));
1119 sp<IBinder> Parcel::readStrongBinder() const
1122 unflatten_binder(ProcessState::self(), *this, &val);
1126 wp<IBinder> Parcel::readWeakBinder() const
1129 unflatten_binder(ProcessState::self(), *this, &val);
1133 int32_t Parcel::readExceptionCode() const
1135 int32_t exception_code = readAligned<int32_t>();
1136 if (exception_code == EX_HAS_REPLY_HEADER) {
1137 int32_t header_start = dataPosition();
1138 int32_t header_size = readAligned<int32_t>();
1139 // Skip over fat responses headers. Not used (or propagated) in
1141 setDataPosition(header_start + header_size);
1142 // And fat response headers are currently only used when there are no
1143 // exceptions, so return no error:
1146 return exception_code;
1149 native_handle* Parcel::readNativeHandle() const
1151 int numFds, numInts;
1153 err = readInt32(&numFds);
1154 if (err != NO_ERROR) return 0;
1155 err = readInt32(&numInts);
1156 if (err != NO_ERROR) return 0;
1158 native_handle* h = native_handle_create(numFds, numInts);
1159 for (int i=0 ; err==NO_ERROR && i<numFds ; i++) {
1160 h->data[i] = dup(readFileDescriptor());
1161 if (h->data[i] < 0) err = BAD_VALUE;
1163 err = read(h->data + numFds, sizeof(int)*numInts);
1164 if (err != NO_ERROR) {
1165 native_handle_close(h);
1166 native_handle_delete(h);
1173 int Parcel::readFileDescriptor() const
1175 const flat_binder_object* flat = readObject(true);
1177 switch (flat->type) {
1178 case BINDER_TYPE_FD:
1179 //ALOGI("Returning file descriptor %ld from parcel %p\n", flat->handle, this);
1180 return flat->handle;
1186 status_t Parcel::readBlob(size_t len, ReadableBlob* outBlob) const
1189 status_t status = readInt32(&useAshmem);
1190 if (status) return status;
1193 ALOGV("readBlob: read in place");
1194 const void* ptr = readInplace(len);
1195 if (!ptr) return BAD_VALUE;
1197 outBlob->init(false /*mapped*/, const_cast<void*>(ptr), len);
1201 ALOGV("readBlob: read from ashmem");
1202 int fd = readFileDescriptor();
1203 if (fd == int(BAD_TYPE)) return BAD_VALUE;
1205 void* ptr = ::mmap(NULL, len, PROT_READ, MAP_SHARED, fd, 0);
1206 if (!ptr) return NO_MEMORY;
1208 outBlob->init(true /*mapped*/, ptr, len);
1212 status_t Parcel::read(FlattenableHelperInterface& val) const
1215 const size_t len = this->readInt32();
1216 const size_t fd_count = this->readInt32();
1219 void const* const buf = this->readInplace(PAD_SIZE(len));
1225 fds = new int[fd_count];
1228 status_t err = NO_ERROR;
1229 for (size_t i=0 ; i<fd_count && err==NO_ERROR ; i++) {
1230 fds[i] = dup(this->readFileDescriptor());
1231 if (fds[i] < 0) err = BAD_VALUE;
1234 if (err == NO_ERROR) {
1235 err = val.unflatten(buf, len, fds, fd_count);
1244 const flat_binder_object* Parcel::readObject(bool nullMetaData) const
1246 const size_t DPOS = mDataPos;
1247 if ((DPOS+sizeof(flat_binder_object)) <= mDataSize) {
1248 const flat_binder_object* obj
1249 = reinterpret_cast<const flat_binder_object*>(mData+DPOS);
1250 mDataPos = DPOS + sizeof(flat_binder_object);
1251 if (!nullMetaData && (obj->cookie == 0 && obj->binder == 0)) {
1252 // When transferring a NULL object, we don't write it into
1253 // the object list, so we don't want to check for it when
1255 ALOGV("readObject Setting data pos of %p to %d\n", this, mDataPos);
1259 // Ensure that this object is valid...
1260 binder_size_t* const OBJS = mObjects;
1261 const size_t N = mObjectsSize;
1262 size_t opos = mNextObjectHint;
1265 ALOGV("Parcel %p looking for obj at %d, hint=%d\n",
1268 // Start at the current hint position, looking for an object at
1269 // the current data position.
1271 while (opos < (N-1) && OBJS[opos] < DPOS) {
1277 if (OBJS[opos] == DPOS) {
1279 ALOGV("Parcel found obj %d at index %d with forward search",
1281 mNextObjectHint = opos+1;
1282 ALOGV("readObject Setting data pos of %p to %d\n", this, mDataPos);
1286 // Look backwards for it...
1287 while (opos > 0 && OBJS[opos] > DPOS) {
1290 if (OBJS[opos] == DPOS) {
1292 ALOGV("Parcel found obj %d at index %d with backward search",
1294 mNextObjectHint = opos+1;
1295 ALOGV("readObject Setting data pos of %p to %d\n", this, mDataPos);
1299 ALOGW("Attempt to read object from Parcel %p at offset %zu that is not in the object list",
1305 void Parcel::closeFileDescriptors()
1307 size_t i = mObjectsSize;
1309 //ALOGI("Closing file descriptors for %d objects...", mObjectsSize);
1313 const flat_binder_object* flat
1314 = reinterpret_cast<flat_binder_object*>(mData+mObjects[i]);
1315 if (flat->type == BINDER_TYPE_FD) {
1316 //ALOGI("Closing fd: %ld\n", flat->handle);
1317 close(flat->handle);
1322 uintptr_t Parcel::ipcData() const
1324 return reinterpret_cast<uintptr_t>(mData);
1327 size_t Parcel::ipcDataSize() const
1329 return (mDataSize > mDataPos ? mDataSize : mDataPos);
1332 uintptr_t Parcel::ipcObjects() const
1334 return reinterpret_cast<uintptr_t>(mObjects);
1337 size_t Parcel::ipcObjectsCount() const
1339 return mObjectsSize;
1342 void Parcel::ipcSetDataReference(const uint8_t* data, size_t dataSize,
1343 const binder_size_t* objects, size_t objectsCount, release_func relFunc, void* relCookie)
1347 mData = const_cast<uint8_t*>(data);
1348 mDataSize = mDataCapacity = dataSize;
1349 //ALOGI("setDataReference Setting data size of %p to %lu (pid=%d)\n", this, mDataSize, getpid());
1351 ALOGV("setDataReference Setting data pos of %p to %d\n", this, mDataPos);
1352 mObjects = const_cast<binder_size_t*>(objects);
1353 mObjectsSize = mObjectsCapacity = objectsCount;
1354 mNextObjectHint = 0;
1356 mOwnerCookie = relCookie;
1360 void Parcel::print(TextOutput& to, uint32_t /*flags*/) const
1364 if (errorCheck() != NO_ERROR) {
1365 const status_t err = errorCheck();
1366 to << "Error: " << (void*)(intptr_t)err << " \"" << strerror(-err) << "\"";
1367 } else if (dataSize() > 0) {
1368 const uint8_t* DATA = data();
1369 to << indent << HexDump(DATA, dataSize()) << dedent;
1370 const binder_size_t* OBJS = objects();
1371 const size_t N = objectsCount();
1372 for (size_t i=0; i<N; i++) {
1373 const flat_binder_object* flat
1374 = reinterpret_cast<const flat_binder_object*>(DATA+OBJS[i]);
1375 to << endl << "Object #" << i << " @ " << (void*)OBJS[i] << ": "
1376 << TypeCode(flat->type & 0x7f7f7f00)
1377 << " = " << flat->binder;
1386 void Parcel::releaseObjects()
1388 const sp<ProcessState> proc(ProcessState::self());
1389 size_t i = mObjectsSize;
1390 uint8_t* const data = mData;
1391 binder_size_t* const objects = mObjects;
1394 const flat_binder_object* flat
1395 = reinterpret_cast<flat_binder_object*>(data+objects[i]);
1396 release_object(proc, *flat, this);
1400 void Parcel::acquireObjects()
1402 const sp<ProcessState> proc(ProcessState::self());
1403 size_t i = mObjectsSize;
1404 uint8_t* const data = mData;
1405 binder_size_t* const objects = mObjects;
1408 const flat_binder_object* flat
1409 = reinterpret_cast<flat_binder_object*>(data+objects[i]);
1410 acquire_object(proc, *flat, this);
1414 void Parcel::freeData()
1420 void Parcel::freeDataNoInit()
1423 //ALOGI("Freeing data ref of %p (pid=%d)\n", this, getpid());
1424 mOwner(this, mData, mDataSize, mObjects, mObjectsSize, mOwnerCookie);
1427 if (mData) free(mData);
1428 if (mObjects) free(mObjects);
1432 status_t Parcel::growData(size_t len)
1434 size_t newSize = ((mDataSize+len)*3)/2;
1435 return (newSize <= mDataSize)
1436 ? (status_t) NO_MEMORY
1437 : continueWrite(newSize);
1440 status_t Parcel::restartWrite(size_t desired)
1444 return continueWrite(desired);
1447 uint8_t* data = (uint8_t*)realloc(mData, desired);
1448 if (!data && desired > mDataCapacity) {
1457 mDataCapacity = desired;
1460 mDataSize = mDataPos = 0;
1461 ALOGV("restartWrite Setting data size of %p to %d\n", this, mDataSize);
1462 ALOGV("restartWrite Setting data pos of %p to %d\n", this, mDataPos);
1466 mObjectsSize = mObjectsCapacity = 0;
1467 mNextObjectHint = 0;
1475 status_t Parcel::continueWrite(size_t desired)
1477 // If shrinking, first adjust for any objects that appear
1478 // after the new data size.
1479 size_t objectsSize = mObjectsSize;
1480 if (desired < mDataSize) {
1484 while (objectsSize > 0) {
1485 if (mObjects[objectsSize-1] < desired)
1493 // If the size is going to zero, just release the owner's data.
1499 // If there is a different owner, we need to take
1501 uint8_t* data = (uint8_t*)malloc(desired);
1506 binder_size_t* objects = NULL;
1509 objects = (binder_size_t*)malloc(objectsSize*sizeof(binder_size_t));
1517 // Little hack to only acquire references on objects
1518 // we will be keeping.
1519 size_t oldObjectsSize = mObjectsSize;
1520 mObjectsSize = objectsSize;
1522 mObjectsSize = oldObjectsSize;
1526 memcpy(data, mData, mDataSize < desired ? mDataSize : desired);
1528 if (objects && mObjects) {
1529 memcpy(objects, mObjects, objectsSize*sizeof(binder_size_t));
1531 //ALOGI("Freeing data ref of %p (pid=%d)\n", this, getpid());
1532 mOwner(this, mData, mDataSize, mObjects, mObjectsSize, mOwnerCookie);
1537 mDataSize = (mDataSize < desired) ? mDataSize : desired;
1538 ALOGV("continueWrite Setting data size of %p to %d\n", this, mDataSize);
1539 mDataCapacity = desired;
1540 mObjectsSize = mObjectsCapacity = objectsSize;
1541 mNextObjectHint = 0;
1544 if (objectsSize < mObjectsSize) {
1545 // Need to release refs on any objects we are dropping.
1546 const sp<ProcessState> proc(ProcessState::self());
1547 for (size_t i=objectsSize; i<mObjectsSize; i++) {
1548 const flat_binder_object* flat
1549 = reinterpret_cast<flat_binder_object*>(mData+mObjects[i]);
1550 if (flat->type == BINDER_TYPE_FD) {
1551 // will need to rescan because we may have lopped off the only FDs
1554 release_object(proc, *flat, this);
1556 binder_size_t* objects =
1557 (binder_size_t*)realloc(mObjects, objectsSize*sizeof(binder_size_t));
1561 mObjectsSize = objectsSize;
1562 mNextObjectHint = 0;
1565 // We own the data, so we can just do a realloc().
1566 if (desired > mDataCapacity) {
1567 uint8_t* data = (uint8_t*)realloc(mData, desired);
1570 mDataCapacity = desired;
1571 } else if (desired > mDataCapacity) {
1576 if (mDataSize > desired) {
1577 mDataSize = desired;
1578 ALOGV("continueWrite Setting data size of %p to %d\n", this, mDataSize);
1580 if (mDataPos > desired) {
1582 ALOGV("continueWrite Setting data pos of %p to %d\n", this, mDataPos);
1587 // This is the first data. Easy!
1588 uint8_t* data = (uint8_t*)malloc(desired);
1594 if(!(mDataCapacity == 0 && mObjects == NULL
1595 && mObjectsCapacity == 0)) {
1596 ALOGE("continueWrite: %zu/%p/%zu/%zu", mDataCapacity, mObjects, mObjectsCapacity, desired);
1600 mDataSize = mDataPos = 0;
1601 ALOGV("continueWrite Setting data size of %p to %d\n", this, mDataSize);
1602 ALOGV("continueWrite Setting data pos of %p to %d\n", this, mDataPos);
1603 mDataCapacity = desired;
1609 void Parcel::initState()
1616 ALOGV("initState Setting data size of %p to %d\n", this, mDataSize);
1617 ALOGV("initState Setting data pos of %p to %d\n", this, mDataPos);
1620 mObjectsCapacity = 0;
1621 mNextObjectHint = 0;
1628 void Parcel::scanForFds() const
1630 bool hasFds = false;
1631 for (size_t i=0; i<mObjectsSize; i++) {
1632 const flat_binder_object* flat
1633 = reinterpret_cast<const flat_binder_object*>(mData + mObjects[i]);
1634 if (flat->type == BINDER_TYPE_FD) {
1643 // --- Parcel::Blob ---
1645 Parcel::Blob::Blob() :
1646 mMapped(false), mData(NULL), mSize(0) {
1649 Parcel::Blob::~Blob() {
1653 void Parcel::Blob::release() {
1654 if (mMapped && mData) {
1655 ::munmap(mData, mSize);
1660 void Parcel::Blob::init(bool mapped, void* data, size_t size) {
1666 void Parcel::Blob::clear() {
1672 }; // namespace android