diff options
| author | 2013-08-11 12:54:42 -0700 | |
|---|---|---|
| committer | 2013-08-16 14:34:43 -0700 | |
| commit | da5a3e12f4f8f965c57d6f93c74190f43ea233f3 (patch) | |
| tree | 2476c82e8b84347f3e61cde21ba864f154ec1e22 | |
| parent | 2241d45c68739e5bdf187ba3325ee237ef143e21 (diff) | |
Richer ParcelFileDescriptor close events.
When reading from the end of a pipe or socket, there is no way to
tell if the other end has finished successfully, encountered an error,
or outright crashed. To solve this, we create a second socketpair()
as a communication channel between the two ends of a pipe or
socket pair, sending a status code with details about why the
ParcelFileDescriptor was closed.
The writer end of a pipe or socket can closeWithError() to send a
message to the reader end. When the reader encounters EOF, they
call checkError() to detect if any error occured. This also detects
the case where the remote process died without sending a success
message.
This design is also extended to support regular files on disk, using
the communication channel above to detect various remote close events
or crashes, and delivering that event to a supplied OnCloseListener.
Replaces JNI with best-practice Libcore.os calls, and deprecates
some flags to match Context.
Bug: 10330121
Change-Id: I8cfa1e4fb6f57397667c7f785106193e0faccad3
| -rw-r--r-- | api/current.txt | 15 | ||||
| -rw-r--r-- | core/java/android/content/ContentResolver.java | 15 | ||||
| -rw-r--r-- | core/java/android/os/Parcel.java | 5 | ||||
| -rw-r--r-- | core/java/android/os/ParcelFileDescriptor.java | 744 | ||||
| -rw-r--r-- | core/jni/Android.mk | 1 | ||||
| -rw-r--r-- | core/jni/AndroidRuntime.cpp | 2 | ||||
| -rw-r--r-- | core/jni/android_os_ParcelFileDescriptor.cpp | 151 |
7 files changed, 657 insertions, 276 deletions
diff --git a/api/current.txt b/api/current.txt index c0cb9f09a9a2..ab4199679606 100644 --- a/api/current.txt +++ b/api/current.txt @@ -18108,8 +18108,14 @@ package android.os { public class ParcelFileDescriptor implements java.io.Closeable android.os.Parcelable { ctor public ParcelFileDescriptor(android.os.ParcelFileDescriptor); method public static android.os.ParcelFileDescriptor adoptFd(int); + method public boolean canDetectErrors(); + method public void checkError(boolean) throws java.io.IOException; method public void close() throws java.io.IOException; + method public void closeWithError(java.lang.String) throws java.io.IOException; method public static android.os.ParcelFileDescriptor[] createPipe() throws java.io.IOException; + method public static android.os.ParcelFileDescriptor[] createReliablePipe() throws java.io.IOException; + method public static android.os.ParcelFileDescriptor[] createReliableSocketPair() throws java.io.IOException; + method public static android.os.ParcelFileDescriptor[] createSocketPair() throws java.io.IOException; method public int describeContents(); method public int detachFd(); method public static android.os.ParcelFileDescriptor dup(java.io.FileDescriptor) throws java.io.IOException; @@ -18121,6 +18127,7 @@ package android.os { method public java.io.FileDescriptor getFileDescriptor(); method public long getStatSize(); method public static android.os.ParcelFileDescriptor open(java.io.File, int) throws java.io.FileNotFoundException; + method public static android.os.ParcelFileDescriptor open(java.io.File, int, android.os.Handler, android.os.ParcelFileDescriptor.OnCloseListener) throws java.io.IOException; method public void writeToParcel(android.os.Parcel, int); field public static final android.os.Parcelable.Creator CREATOR; field public static final int MODE_APPEND = 33554432; // 0x2000000 @@ -18128,8 +18135,8 @@ package android.os { field public static final int MODE_READ_ONLY = 268435456; // 0x10000000 field public static final int MODE_READ_WRITE = 805306368; // 0x30000000 field public static final int MODE_TRUNCATE = 67108864; // 0x4000000 - field public static final int MODE_WORLD_READABLE = 1; // 0x1 - field public static final int MODE_WORLD_WRITEABLE = 2; // 0x2 + field public static final deprecated int MODE_WORLD_READABLE = 1; // 0x1 + field public static final deprecated int MODE_WORLD_WRITEABLE = 2; // 0x2 field public static final int MODE_WRITE_ONLY = 536870912; // 0x20000000 } @@ -18141,6 +18148,10 @@ package android.os { ctor public ParcelFileDescriptor.AutoCloseOutputStream(android.os.ParcelFileDescriptor); } + public static abstract interface ParcelFileDescriptor.OnCloseListener { + method public abstract void onClose(java.io.IOException, boolean); + } + public class ParcelFormatException extends java.lang.RuntimeException { ctor public ParcelFormatException(); ctor public ParcelFormatException(java.lang.String); diff --git a/core/java/android/content/ContentResolver.java b/core/java/android/content/ContentResolver.java index 45fed2defce5..5cabfeefa068 100644 --- a/core/java/android/content/ContentResolver.java +++ b/core/java/android/content/ContentResolver.java @@ -2060,7 +2060,7 @@ public abstract class ContentResolver { private final class ParcelFileDescriptorInner extends ParcelFileDescriptor { private final IContentProvider mContentProvider; - private boolean mReleaseProviderFlag = false; + private boolean mProviderReleased; ParcelFileDescriptorInner(ParcelFileDescriptor pfd, IContentProvider icp) { super(pfd); @@ -2069,17 +2069,10 @@ public abstract class ContentResolver { @Override public void close() throws IOException { - if(!mReleaseProviderFlag) { - super.close(); + super.close(); + if (!mProviderReleased) { ContentResolver.this.releaseProvider(mContentProvider); - mReleaseProviderFlag = true; - } - } - - @Override - protected void finalize() throws Throwable { - if (!mReleaseProviderFlag) { - close(); + mProviderReleased = true; } } } diff --git a/core/java/android/os/Parcel.java b/core/java/android/os/Parcel.java index 12f79157bc3e..46b015041f8f 100644 --- a/core/java/android/os/Parcel.java +++ b/core/java/android/os/Parcel.java @@ -1520,6 +1520,11 @@ public final class Parcel { return fd != null ? new ParcelFileDescriptor(fd) : null; } + /** {@hide} */ + public final FileDescriptor readRawFileDescriptor() { + return nativeReadFileDescriptor(mNativePtr); + } + /*package*/ static native FileDescriptor openFileDescriptor(String file, int mode) throws FileNotFoundException; /*package*/ static native FileDescriptor dupFileDescriptor(FileDescriptor orig) diff --git a/core/java/android/os/ParcelFileDescriptor.java b/core/java/android/os/ParcelFileDescriptor.java index 3de362c88ad3..579971d2ec58 100644 --- a/core/java/android/os/ParcelFileDescriptor.java +++ b/core/java/android/os/ParcelFileDescriptor.java @@ -16,8 +16,25 @@ package android.os; +import static libcore.io.OsConstants.AF_UNIX; +import static libcore.io.OsConstants.SEEK_SET; +import static libcore.io.OsConstants.SOCK_STREAM; +import static libcore.io.OsConstants.S_ISLNK; +import static libcore.io.OsConstants.S_ISREG; + +import android.content.BroadcastReceiver; +import android.content.ContentProvider; +import android.util.Log; + import dalvik.system.CloseGuard; +import libcore.io.ErrnoException; +import libcore.io.IoUtils; +import libcore.io.Libcore; +import libcore.io.Memory; +import libcore.io.OsConstants; +import libcore.io.StructStat; + import java.io.Closeable; import java.io.File; import java.io.FileDescriptor; @@ -27,36 +44,80 @@ import java.io.FileOutputStream; import java.io.IOException; import java.net.DatagramSocket; import java.net.Socket; +import java.nio.ByteOrder; /** * The FileDescriptor returned by {@link Parcel#readFileDescriptor}, allowing * you to close it when done with it. */ public class ParcelFileDescriptor implements Parcelable, Closeable { - private final FileDescriptor mFileDescriptor; + private static final String TAG = "ParcelFileDescriptor"; + + private final FileDescriptor mFd; + + /** + * Optional socket used to communicate close events, status at close, and + * detect remote process crashes. + */ + private FileDescriptor mCommFd; /** * Wrapped {@link ParcelFileDescriptor}, if any. Used to avoid - * double-closing {@link #mFileDescriptor}. + * double-closing {@link #mFd}. */ private final ParcelFileDescriptor mWrapped; + /** + * Maximum {@link #mStatusBuf} size; longer status messages will be + * truncated. + */ + private static final int MAX_STATUS = 1024; + + /** + * Temporary buffer used by {@link #readCommStatus(FileDescriptor, byte[])}, + * allocated on-demand. + */ + private byte[] mStatusBuf; + + /** + * Status read by {@link #checkError(boolean)}, or null if not read yet. + */ + private Status mStatus; + private volatile boolean mClosed; private final CloseGuard mGuard = CloseGuard.get(); /** - * For use with {@link #open}: if {@link #MODE_CREATE} has been supplied - * and this file doesn't already exist, then create the file with - * permissions such that any application can read it. + * For use with {@link #open}: if {@link #MODE_CREATE} has been supplied and + * this file doesn't already exist, then create the file with permissions + * such that any application can read it. + * + * @deprecated Creating world-readable files is very dangerous, and likely + * to cause security holes in applications. It is strongly + * discouraged; instead, applications should use more formal + * mechanism for interactions such as {@link ContentProvider}, + * {@link BroadcastReceiver}, and {@link android.app.Service}. + * There are no guarantees that this access mode will remain on + * a file, such as when it goes through a backup and restore. */ + @Deprecated public static final int MODE_WORLD_READABLE = 0x00000001; /** - * For use with {@link #open}: if {@link #MODE_CREATE} has been supplied - * and this file doesn't already exist, then create the file with - * permissions such that any application can write it. + * For use with {@link #open}: if {@link #MODE_CREATE} has been supplied and + * this file doesn't already exist, then create the file with permissions + * such that any application can write it. + * + * @deprecated Creating world-writable files is very dangerous, and likely + * to cause security holes in applications. It is strongly + * discouraged; instead, applications should use more formal + * mechanism for interactions such as {@link ContentProvider}, + * {@link BroadcastReceiver}, and {@link android.app.Service}. + * There are no guarantees that this access mode will remain on + * a file, such as when it goes through a backup and restore. */ + @Deprecated public static final int MODE_WORLD_WRITEABLE = 0x00000002; /** @@ -90,32 +151,102 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { public static final int MODE_APPEND = 0x02000000; /** + * Create a new ParcelFileDescriptor wrapped around another descriptor. By + * default all method calls are delegated to the wrapped descriptor. + */ + public ParcelFileDescriptor(ParcelFileDescriptor wrapped) { + // We keep a strong reference to the wrapped PFD, and rely on its + // finalizer to trigger CloseGuard. All calls are delegated to wrapper. + mWrapped = wrapped; + mFd = null; + mCommFd = null; + mClosed = true; + } + + /** {@hide} */ + public ParcelFileDescriptor(FileDescriptor fd) { + this(fd, null); + } + + /** {@hide} */ + public ParcelFileDescriptor(FileDescriptor fd, FileDescriptor commChannel) { + if (fd == null) { + throw new NullPointerException("FileDescriptor must not be null"); + } + mWrapped = null; + mFd = fd; + mCommFd = commChannel; + mGuard.open("close"); + } + + /** * Create a new ParcelFileDescriptor accessing a given file. * * @param file The file to be opened. * @param mode The desired access mode, must be one of - * {@link #MODE_READ_ONLY}, {@link #MODE_WRITE_ONLY}, or - * {@link #MODE_READ_WRITE}; may also be any combination of - * {@link #MODE_CREATE}, {@link #MODE_TRUNCATE}, - * {@link #MODE_WORLD_READABLE}, and {@link #MODE_WORLD_WRITEABLE}. - * - * @return Returns a new ParcelFileDescriptor pointing to the given - * file. + * {@link #MODE_READ_ONLY}, {@link #MODE_WRITE_ONLY}, or + * {@link #MODE_READ_WRITE}; may also be any combination of + * {@link #MODE_CREATE}, {@link #MODE_TRUNCATE}, + * {@link #MODE_WORLD_READABLE}, and + * {@link #MODE_WORLD_WRITEABLE}. + * @return a new ParcelFileDescriptor pointing to the given file. + * @throws FileNotFoundException if the given file does not exist or can not + * be opened with the requested mode. + */ + public static ParcelFileDescriptor open(File file, int mode) throws FileNotFoundException { + final FileDescriptor fd = openInternal(file, mode); + if (fd == null) return null; + + return new ParcelFileDescriptor(fd); + } + + /** + * Create a new ParcelFileDescriptor accessing a given file. * - * @throws FileNotFoundException Throws FileNotFoundException if the given - * file does not exist or can not be opened with the requested mode. + * @param file The file to be opened. + * @param mode The desired access mode, must be one of + * {@link #MODE_READ_ONLY}, {@link #MODE_WRITE_ONLY}, or + * {@link #MODE_READ_WRITE}; may also be any combination of + * {@link #MODE_CREATE}, {@link #MODE_TRUNCATE}, + * {@link #MODE_WORLD_READABLE}, and + * {@link #MODE_WORLD_WRITEABLE}. + * @param handler to call listener from; must not be null. + * @param listener to be invoked when the returned descriptor has been + * closed; must not be null. + * @return a new ParcelFileDescriptor pointing to the given file. + * @throws FileNotFoundException if the given file does not exist or can not + * be opened with the requested mode. */ - public static ParcelFileDescriptor open(File file, int mode) - throws FileNotFoundException { - String path = file.getPath(); + public static ParcelFileDescriptor open( + File file, int mode, Handler handler, OnCloseListener listener) throws IOException { + if (handler == null) { + throw new IllegalArgumentException("Handler must not be null"); + } + if (listener == null) { + throw new IllegalArgumentException("Listener must not be null"); + } + + final FileDescriptor fd = openInternal(file, mode); + if (fd == null) return null; + + final FileDescriptor[] comm = createCommSocketPair(true); + final ParcelFileDescriptor pfd = new ParcelFileDescriptor(fd, comm[0]); + + // Kick off thread to watch for status updates + final ListenerBridge bridge = new ListenerBridge(comm[1], handler.getLooper(), listener); + bridge.start(); + + return pfd; + } - if ((mode&MODE_READ_WRITE) == 0) { + private static FileDescriptor openInternal(File file, int mode) throws FileNotFoundException { + if ((mode & MODE_READ_WRITE) == 0) { throw new IllegalArgumentException( "Must specify MODE_READ_ONLY, MODE_WRITE_ONLY, or MODE_READ_WRITE"); } - FileDescriptor fd = Parcel.openFileDescriptor(path, mode); - return fd != null ? new ParcelFileDescriptor(fd) : null; + final String path = file.getPath(); + return Parcel.openFileDescriptor(path, mode); } /** @@ -125,8 +256,12 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * original file descriptor. */ public static ParcelFileDescriptor dup(FileDescriptor orig) throws IOException { - FileDescriptor fd = Parcel.dupFileDescriptor(orig); - return fd != null ? new ParcelFileDescriptor(fd) : null; + try { + final FileDescriptor fd = Libcore.os.dup(orig); + return new ParcelFileDescriptor(fd); + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } } /** @@ -136,7 +271,11 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * original file descriptor. */ public ParcelFileDescriptor dup() throws IOException { - return dup(getFileDescriptor()); + if (mWrapped != null) { + return mWrapped.dup(); + } else { + return dup(getFileDescriptor()); + } } /** @@ -150,12 +289,16 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * for a dup of the given fd. */ public static ParcelFileDescriptor fromFd(int fd) throws IOException { - FileDescriptor fdesc = getFileDescriptorFromFd(fd); - return new ParcelFileDescriptor(fdesc); - } + final FileDescriptor original = new FileDescriptor(); + original.setInt$(fd); - // Extracts the file descriptor from the specified socket and returns it untouched - private static native FileDescriptor getFileDescriptorFromFd(int fd) throws IOException; + try { + final FileDescriptor dup = Libcore.os.dup(original); + return new ParcelFileDescriptor(dup); + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } /** * Take ownership of a raw native fd in to a new ParcelFileDescriptor. @@ -168,13 +311,12 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * for the given fd. */ public static ParcelFileDescriptor adoptFd(int fd) { - FileDescriptor fdesc = getFileDescriptorFromFdNoDup(fd); + final FileDescriptor fdesc = new FileDescriptor(); + fdesc.setInt$(fd); + return new ParcelFileDescriptor(fdesc); } - // Extracts the file descriptor from the specified socket and returns it untouched - private static native FileDescriptor getFileDescriptorFromFdNoDup(int fd); - /** * Create a new ParcelFileDescriptor from the specified Socket. The new * ParcelFileDescriptor holds a dup of the original FileDescriptor in @@ -212,15 +354,90 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * is the write side. */ public static ParcelFileDescriptor[] createPipe() throws IOException { - FileDescriptor[] fds = new FileDescriptor[2]; - createPipeNative(fds); - ParcelFileDescriptor[] pfds = new ParcelFileDescriptor[2]; - pfds[0] = new ParcelFileDescriptor(fds[0]); - pfds[1] = new ParcelFileDescriptor(fds[1]); - return pfds; + try { + final FileDescriptor[] fds = Libcore.os.pipe(); + return new ParcelFileDescriptor[] { + new ParcelFileDescriptor(fds[0]), + new ParcelFileDescriptor(fds[1]) }; + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } + + /** + * Create two ParcelFileDescriptors structured as a data pipe. The first + * ParcelFileDescriptor in the returned array is the read side; the second + * is the write side. + * <p> + * The write end has the ability to deliver an error message through + * {@link #closeWithError(String)} which can be handled by the read end + * calling {@link #checkError(boolean)}, usually after detecting an EOF. + * This can also be used to detect remote crashes. + */ + public static ParcelFileDescriptor[] createReliablePipe() throws IOException { + try { + final FileDescriptor[] comm = createCommSocketPair(false); + final FileDescriptor[] fds = Libcore.os.pipe(); + return new ParcelFileDescriptor[] { + new ParcelFileDescriptor(fds[0], comm[0]), + new ParcelFileDescriptor(fds[1], comm[1]) }; + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } } - private static native void createPipeNative(FileDescriptor[] outFds) throws IOException; + /** + * Create two ParcelFileDescriptors structured as a pair of sockets + * connected to each other. The two sockets are indistinguishable. + */ + public static ParcelFileDescriptor[] createSocketPair() throws IOException { + try { + final FileDescriptor fd0 = new FileDescriptor(); + final FileDescriptor fd1 = new FileDescriptor(); + Libcore.os.socketpair(AF_UNIX, SOCK_STREAM, 0, fd0, fd1); + return new ParcelFileDescriptor[] { + new ParcelFileDescriptor(fd0), + new ParcelFileDescriptor(fd1) }; + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } + + /** + * Create two ParcelFileDescriptors structured as a pair of sockets + * connected to each other. The two sockets are indistinguishable. + * <p> + * Both ends have the ability to deliver an error message through + * {@link #closeWithError(String)} which can be detected by the other end + * calling {@link #checkError(boolean)}, usually after detecting an EOF. + * This can also be used to detect remote crashes. + */ + public static ParcelFileDescriptor[] createReliableSocketPair() throws IOException { + try { + final FileDescriptor[] comm = createCommSocketPair(false); + final FileDescriptor fd0 = new FileDescriptor(); + final FileDescriptor fd1 = new FileDescriptor(); + Libcore.os.socketpair(AF_UNIX, SOCK_STREAM, 0, fd0, fd1); + return new ParcelFileDescriptor[] { + new ParcelFileDescriptor(fd0, comm[0]), + new ParcelFileDescriptor(fd1, comm[1]) }; + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } + + private static FileDescriptor[] createCommSocketPair(boolean blocking) throws IOException { + try { + final FileDescriptor comm1 = new FileDescriptor(); + final FileDescriptor comm2 = new FileDescriptor(); + Libcore.os.socketpair(AF_UNIX, SOCK_STREAM, 0, comm1, comm2); + IoUtils.setBlocking(comm1, blocking); + IoUtils.setBlocking(comm2, blocking); + return new FileDescriptor[] { comm1, comm2 }; + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } /** * @hide Please use createPipe() or ContentProvider.openPipeHelper(). @@ -250,21 +467,51 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * @return Returns the FileDescriptor associated with this object. */ public FileDescriptor getFileDescriptor() { - return mFileDescriptor; + if (mWrapped != null) { + return mWrapped.getFileDescriptor(); + } else { + return mFd; + } } /** - * Return the total size of the file representing this fd, as determined - * by stat(). Returns -1 if the fd is not a file. + * Return the total size of the file representing this fd, as determined by + * {@code stat()}. Returns -1 if the fd is not a file. */ - public native long getStatSize(); + public long getStatSize() { + if (mWrapped != null) { + return mWrapped.getStatSize(); + } else { + try { + final StructStat st = Libcore.os.fstat(mFd); + if (S_ISREG(st.st_mode) || S_ISLNK(st.st_mode)) { + return st.st_size; + } else { + return -1; + } + } catch (ErrnoException e) { + Log.w(TAG, "fstat() failed: " + e); + return -1; + } + } + } /** * This is needed for implementing AssetFileDescriptor.AutoCloseOutputStream, * and I really don't think we want it to be public. * @hide */ - public native long seekTo(long pos); + public long seekTo(long pos) throws IOException { + if (mWrapped != null) { + return mWrapped.seekTo(pos); + } else { + try { + return Libcore.os.lseek(mFd, pos, SEEK_SET); + } catch (ErrnoException e) { + throw e.rethrowAsIOException(); + } + } + } /** * Return the native fd int for this ParcelFileDescriptor. The @@ -272,34 +519,39 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * through this API. */ public int getFd() { - if (mClosed) { - throw new IllegalStateException("Already closed"); + if (mWrapped != null) { + return mWrapped.getFd(); + } else { + if (mClosed) { + throw new IllegalStateException("Already closed"); + } + return mFd.getInt$(); } - return getFdNative(); } - private native int getFdNative(); - /** - * Return the native fd int for this ParcelFileDescriptor and detach it - * from the object here. You are now responsible for closing the fd in - * native code. + * Return the native fd int for this ParcelFileDescriptor and detach it from + * the object here. You are now responsible for closing the fd in native + * code. + * <p> + * You should not detach when the original creator of the descriptor is + * expecting a reliable signal through {@link #close()} or + * {@link #closeWithError(String)}. + * + * @see #canDetectErrors() */ public int detachFd() { - if (mClosed) { - throw new IllegalStateException("Already closed"); - } if (mWrapped != null) { - int fd = mWrapped.detachFd(); - mClosed = true; - mGuard.close(); + return mWrapped.detachFd(); + } else { + if (mClosed) { + throw new IllegalStateException("Already closed"); + } + final int fd = getFd(); + Parcel.clearFileDescriptor(mFd); + writeCommStatusAndClose(Status.DETACHED, null); return fd; } - int fd = getFd(); - mClosed = true; - mGuard.close(); - Parcel.clearFileDescriptor(mFileDescriptor); - return fd; } /** @@ -311,16 +563,176 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { */ @Override public void close() throws IOException { - if (mClosed) return; - mClosed = true; - mGuard.close(); - if (mWrapped != null) { - // If this is a proxy to another file descriptor, just call through to its - // close method. mWrapped.close(); } else { - Parcel.closeFileDescriptor(mFileDescriptor); + closeWithStatus(Status.OK, null); + } + } + + /** + * Close the ParcelFileDescriptor, informing any peer that an error occurred + * while processing. If the creator of this descriptor is not observing + * errors, it will close normally. + * + * @param msg describing the error; must not be null. + */ + public void closeWithError(String msg) throws IOException { + if (mWrapped != null) { + mWrapped.closeWithError(msg); + } else { + if (msg == null) { + throw new IllegalArgumentException("Message must not be null"); + } + closeWithStatus(Status.ERROR, msg); + } + } + + private void closeWithStatus(int status, String msg) throws IOException { + if (mWrapped != null) { + mWrapped.closeWithStatus(status, msg); + } else { + if (mClosed) return; + mClosed = true; + mGuard.close(); + // Status MUST be sent before closing actual descriptor + writeCommStatusAndClose(status, msg); + IoUtils.closeQuietly(mFd); + } + } + + private byte[] getOrCreateStatusBuffer() { + if (mStatusBuf == null) { + mStatusBuf = new byte[MAX_STATUS]; + } + return mStatusBuf; + } + + private void writeCommStatusAndClose(int status, String msg) { + if (mCommFd == null) { + // Not reliable, or someone already sent status + if (msg != null) { + Log.w(TAG, "Unable to inform peer: " + msg); + } + return; + } + + if (status == Status.DETACHED) { + Log.w(TAG, "Peer expected signal when closed; unable to deliver after detach"); + } + + try { + try { + if (status != Status.SILENCE) { + final byte[] buf = getOrCreateStatusBuffer(); + int writePtr = 0; + + Memory.pokeInt(buf, writePtr, status, ByteOrder.BIG_ENDIAN); + writePtr += 4; + + if (msg != null) { + final byte[] rawMsg = msg.getBytes(); + final int len = Math.min(rawMsg.length, buf.length - writePtr); + System.arraycopy(rawMsg, 0, buf, writePtr, len); + writePtr += len; + } + + Libcore.os.write(mCommFd, buf, 0, writePtr); + } + } catch (ErrnoException e) { + // Reporting status is best-effort + Log.w(TAG, "Failed to report status: " + e); + } + + if (status != Status.SILENCE) { + // Since we're about to close, read off any remote status. It's + // okay to remember missing here. + mStatus = readCommStatus(mCommFd, getOrCreateStatusBuffer()); + } + + } finally { + IoUtils.closeQuietly(mCommFd); + mCommFd = null; + } + } + + private static Status readCommStatus(FileDescriptor comm, byte[] buf) { + try { + final int n = Libcore.os.read(comm, buf, 0, buf.length); + if (n == 0) { + // EOF means they're dead + return new Status(Status.DEAD); + } else { + final int status = Memory.peekInt(buf, 0, ByteOrder.BIG_ENDIAN); + if (status == Status.ERROR) { + final String msg = new String(buf, 4, n - 4); + return new Status(status, msg); + } + return new Status(status); + } + } catch (ErrnoException e) { + if (e.errno == OsConstants.EAGAIN) { + // Remote is still alive, but no status written yet + return null; + } else { + Log.d(TAG, "Failed to read status; assuming dead: " + e); + return new Status(Status.DEAD); + } + } + } + + /** + * Indicates if this ParcelFileDescriptor can communicate and detect remote + * errors/crashes. + * + * @see #checkError(boolean) + */ + public boolean canDetectErrors() { + if (mWrapped != null) { + return mWrapped.canDetectErrors(); + } else { + return mCommFd != null; + } + } + + /** + * Detect and throw if the other end of a pipe or socket pair encountered an + * error or crashed. This allows a reader to distinguish between a valid EOF + * and an error/crash. + * <p> + * If this ParcelFileDescriptor is unable to detect remote errors, it will + * return silently. + * + * @param throwIfDetached requests that an exception be thrown if the remote + * side called {@link #detachFd()}. Once detached, the remote + * side is unable to communicate any errors through + * {@link #closeWithError(String)}. An application may pass true + * if it needs a stronger guarantee that the stream was closed + * normally and was not merely detached. + * @see #canDetectErrors() + */ + public void checkError(boolean throwIfDetached) throws IOException { + if (mWrapped != null) { + mWrapped.checkError(throwIfDetached); + } else { + if (mStatus == null) { + if (mCommFd == null) { + Log.w(TAG, "Peer didn't provide a comm channel; unable to check for errors"); + return; + } + + // Try reading status; it might be null if nothing written yet. + // Either way, we keep comm open to write our status later. + mStatus = readCommStatus(mCommFd, getOrCreateStatusBuffer()); + } + + if (mStatus == null || mStatus.status == Status.OK + || (mStatus.status == Status.DETACHED && !throwIfDetached)) { + // No status yet, or everything is peachy! + return; + } else { + throw mStatus.asIOException(); + } } } @@ -330,17 +742,17 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * ParcelFileDescriptor.close()} for you when the stream is closed. */ public static class AutoCloseInputStream extends FileInputStream { - private final ParcelFileDescriptor mFd; + private final ParcelFileDescriptor mPfd; - public AutoCloseInputStream(ParcelFileDescriptor fd) { - super(fd.getFileDescriptor()); - mFd = fd; + public AutoCloseInputStream(ParcelFileDescriptor pfd) { + super(pfd.getFileDescriptor()); + mPfd = pfd; } @Override public void close() throws IOException { try { - mFd.close(); + mPfd.close(); } finally { super.close(); } @@ -353,17 +765,17 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { * ParcelFileDescriptor.close()} for you when the stream is closed. */ public static class AutoCloseOutputStream extends FileOutputStream { - private final ParcelFileDescriptor mFd; + private final ParcelFileDescriptor mPfd; - public AutoCloseOutputStream(ParcelFileDescriptor fd) { - super(fd.getFileDescriptor()); - mFd = fd; + public AutoCloseOutputStream(ParcelFileDescriptor pfd) { + super(pfd.getFileDescriptor()); + mPfd = pfd; } @Override public void close() throws IOException { try { - mFd.close(); + mPfd.close(); } finally { super.close(); } @@ -372,7 +784,11 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { @Override public String toString() { - return "{ParcelFileDescriptor: " + mFileDescriptor + "}"; + if (mWrapped != null) { + return mWrapped.toString(); + } else { + return "{ParcelFileDescriptor: " + mFd + "}"; + } } @Override @@ -382,32 +798,20 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { } try { if (!mClosed) { - close(); + closeWithStatus(Status.LEAKED, null); } } finally { super.finalize(); } } - public ParcelFileDescriptor(ParcelFileDescriptor descriptor) { - mWrapped = descriptor; - mFileDescriptor = mWrapped.mFileDescriptor; - mGuard.open("close"); - } - - /** {@hide} */ - public ParcelFileDescriptor(FileDescriptor descriptor) { - if (descriptor == null) { - throw new NullPointerException("descriptor must not be null"); - } - mWrapped = null; - mFileDescriptor = descriptor; - mGuard.open("close"); - } - @Override public int describeContents() { - return Parcelable.CONTENTS_FILE_DESCRIPTOR; + if (mWrapped != null) { + return mWrapped.describeContents(); + } else { + return Parcelable.CONTENTS_FILE_DESCRIPTOR; + } } /** @@ -417,12 +821,22 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { */ @Override public void writeToParcel(Parcel out, int flags) { - out.writeFileDescriptor(mFileDescriptor); - if ((flags&PARCELABLE_WRITE_RETURN_VALUE) != 0 && !mClosed) { - try { - close(); - } catch (IOException e) { - // Empty + if (mWrapped != null) { + mWrapped.writeToParcel(out, flags); + } else { + out.writeFileDescriptor(mFd); + if (mCommFd != null) { + out.writeInt(1); + out.writeFileDescriptor(mCommFd); + } else { + out.writeInt(0); + } + if ((flags & PARCELABLE_WRITE_RETURN_VALUE) != 0 && !mClosed) { + try { + // Not a real close, so emit no status + closeWithStatus(Status.SILENCE, null); + } catch (IOException e) { + } } } } @@ -431,7 +845,12 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { = new Parcelable.Creator<ParcelFileDescriptor>() { @Override public ParcelFileDescriptor createFromParcel(Parcel in) { - return in.readFileDescriptor(); + final FileDescriptor fd = in.readRawFileDescriptor(); + FileDescriptor commChannel = null; + if (in.readInt() != 0) { + commChannel = in.readRawFileDescriptor(); + } + return new ParcelFileDescriptor(fd, commChannel); } @Override @@ -439,4 +858,111 @@ public class ParcelFileDescriptor implements Parcelable, Closeable { return new ParcelFileDescriptor[size]; } }; + + /** + * Callback indicating that a ParcelFileDescriptor has been closed. + */ + public interface OnCloseListener { + /** + * Event indicating the ParcelFileDescriptor to which this listener was + * attached has been closed. + * + * @param e error state, or {@code null} if closed cleanly. + * @param fromDetach indicates if close event was result of + * {@link ParcelFileDescriptor#detachFd()}. After detach the + * remote side may continue reading/writing to the underlying + * {@link FileDescriptor}, but they can no longer deliver + * reliable close/error events. + */ + public void onClose(IOException e, boolean fromDetach); + } + + /** + * Internal class representing a remote status read by + * {@link ParcelFileDescriptor#readCommStatus(FileDescriptor, byte[])}. + */ + private static class Status { + /** Special value indicating remote side died. */ + public static final int DEAD = -2; + /** Special value indicating no status should be written. */ + public static final int SILENCE = -1; + + /** Remote reported that everything went better than expected. */ + public static final int OK = 0; + /** Remote reported error; length and message follow. */ + public static final int ERROR = 1; + /** Remote reported {@link #detachFd()} and went rogue. */ + public static final int DETACHED = 2; + /** Remote reported their object was finalized. */ + public static final int LEAKED = 3; + + public final int status; + public final String msg; + + public Status(int status) { + this(status, null); + } + + public Status(int status, String msg) { + this.status = status; + this.msg = msg; + } + + public IOException asIOException() { + switch (status) { + case DEAD: + return new IOException("Remote side is dead"); + case OK: + return null; + case ERROR: + return new IOException("Remote error: " + msg); + case DETACHED: + return new IOException("Remote side is detached"); + case LEAKED: + return new IOException("Remote side was leaked"); + default: + return new IOException("Unknown status: " + status); + } + } + } + + /** + * Bridge to watch for remote status, and deliver to listener. Currently + * requires that communication socket is <em>blocking</em>. + */ + private static final class ListenerBridge extends Thread { + // TODO: switch to using Looper to avoid burning a thread + + private FileDescriptor mCommFd; + private final Handler mHandler; + + public ListenerBridge(FileDescriptor comm, Looper looper, final OnCloseListener listener) { + mCommFd = comm; + mHandler = new Handler(looper) { + @Override + public void handleMessage(Message msg) { + final Status s = (Status) msg.obj; + if (s.status == Status.DETACHED) { + listener.onClose(null, true); + } else if (s.status == Status.OK) { + listener.onClose(null, false); + } else { + listener.onClose(s.asIOException(), false); + } + } + }; + } + + @Override + public void run() { + try { + final byte[] buf = new byte[MAX_STATUS]; + final Status status = readCommStatus(mCommFd, buf); + mHandler.obtainMessage(0, status).sendToTarget(); + } finally { + IoUtils.closeQuietly(mCommFd); + mCommFd = null; + } + } + } } diff --git a/core/jni/Android.mk b/core/jni/Android.mk index 0efa227e535c..65b367871ddb 100644 --- a/core/jni/Android.mk +++ b/core/jni/Android.mk @@ -63,7 +63,6 @@ LOCAL_SRC_FILES:= \ android_os_FileUtils.cpp \ android_os_MemoryFile.cpp \ android_os_MessageQueue.cpp \ - android_os_ParcelFileDescriptor.cpp \ android_os_Parcel.cpp \ android_os_SELinux.cpp \ android_os_SystemClock.cpp \ diff --git a/core/jni/AndroidRuntime.cpp b/core/jni/AndroidRuntime.cpp index 91fdcc2cf180..63310ab4c62e 100644 --- a/core/jni/AndroidRuntime.cpp +++ b/core/jni/AndroidRuntime.cpp @@ -135,7 +135,6 @@ extern int register_android_text_format_Time(JNIEnv* env); extern int register_android_os_Debug(JNIEnv* env); extern int register_android_os_MessageQueue(JNIEnv* env); extern int register_android_os_Parcel(JNIEnv* env); -extern int register_android_os_ParcelFileDescriptor(JNIEnv *env); extern int register_android_os_SELinux(JNIEnv* env); extern int register_android_os_SystemProperties(JNIEnv *env); extern int register_android_os_SystemClock(JNIEnv* env); @@ -1178,7 +1177,6 @@ static const RegJNIRec gRegJNI[] = { REG_JNI(register_android_os_FileObserver), REG_JNI(register_android_os_FileUtils), REG_JNI(register_android_os_MessageQueue), - REG_JNI(register_android_os_ParcelFileDescriptor), REG_JNI(register_android_os_SELinux), REG_JNI(register_android_os_Trace), REG_JNI(register_android_os_UEventObserver), diff --git a/core/jni/android_os_ParcelFileDescriptor.cpp b/core/jni/android_os_ParcelFileDescriptor.cpp deleted file mode 100644 index 99a2d049be87..000000000000 --- a/core/jni/android_os_ParcelFileDescriptor.cpp +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (C) 2008 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -//#define LOG_NDEBUG 0 - -#include "JNIHelp.h" - -#include <fcntl.h> -#include <sys/stat.h> -#include <stdio.h> - -#include <utils/Log.h> - -#include <android_runtime/AndroidRuntime.h> - -namespace android -{ - -static struct parcel_file_descriptor_offsets_t -{ - jfieldID mFileDescriptor; -} gParcelFileDescriptorOffsets; - -static jobject android_os_ParcelFileDescriptor_getFileDescriptorFromFd(JNIEnv* env, - jobject clazz, jint origfd) -{ - int fd = dup(origfd); - if (fd < 0) { - jniThrowException(env, "java/io/IOException", strerror(errno)); - return NULL; - } - return jniCreateFileDescriptor(env, fd); -} - -static jobject android_os_ParcelFileDescriptor_getFileDescriptorFromFdNoDup(JNIEnv* env, - jobject clazz, jint fd) -{ - return jniCreateFileDescriptor(env, fd); -} - -static void android_os_ParcelFileDescriptor_createPipeNative(JNIEnv* env, - jobject clazz, jobjectArray outFds) -{ - int fds[2]; - if (pipe(fds) < 0) { - int therr = errno; - jniThrowException(env, "java/io/IOException", strerror(therr)); - return; - } - - for (int i=0; i<2; i++) { - jobject fdObj = jniCreateFileDescriptor(env, fds[i]); - env->SetObjectArrayElement(outFds, i, fdObj); - } -} - -static jint getFd(JNIEnv* env, jobject clazz) -{ - jobject descriptor = env->GetObjectField(clazz, gParcelFileDescriptorOffsets.mFileDescriptor); - if (descriptor == NULL) return -1; - return jniGetFDFromFileDescriptor(env, descriptor); -} - -static jlong android_os_ParcelFileDescriptor_getStatSize(JNIEnv* env, - jobject clazz) -{ - jint fd = getFd(env, clazz); - if (fd < 0) { - jniThrowException(env, "java/lang/IllegalArgumentException", "bad file descriptor"); - return -1; - } - - struct stat st; - if (fstat(fd, &st) != 0) { - return -1; - } - - if (S_ISREG(st.st_mode) || S_ISLNK(st.st_mode)) { - return st.st_size; - } - - return -1; -} - -static jlong android_os_ParcelFileDescriptor_seekTo(JNIEnv* env, - jobject clazz, jlong pos) -{ - jint fd = getFd(env, clazz); - if (fd < 0) { - jniThrowException(env, "java/lang/IllegalArgumentException", "bad file descriptor"); - return -1; - } - - return lseek(fd, pos, SEEK_SET); -} - -static jlong android_os_ParcelFileDescriptor_getFdNative(JNIEnv* env, jobject clazz) -{ - jint fd = getFd(env, clazz); - if (fd < 0) { - jniThrowException(env, "java/lang/IllegalArgumentException", "bad file descriptor"); - return -1; - } - - return fd; -} - -static const JNINativeMethod gParcelFileDescriptorMethods[] = { - {"getFileDescriptorFromFd", "(I)Ljava/io/FileDescriptor;", - (void*)android_os_ParcelFileDescriptor_getFileDescriptorFromFd}, - {"getFileDescriptorFromFdNoDup", "(I)Ljava/io/FileDescriptor;", - (void*)android_os_ParcelFileDescriptor_getFileDescriptorFromFdNoDup}, - {"createPipeNative", "([Ljava/io/FileDescriptor;)V", - (void*)android_os_ParcelFileDescriptor_createPipeNative}, - {"getStatSize", "()J", - (void*)android_os_ParcelFileDescriptor_getStatSize}, - {"seekTo", "(J)J", - (void*)android_os_ParcelFileDescriptor_seekTo}, - {"getFdNative", "()I", - (void*)android_os_ParcelFileDescriptor_getFdNative} -}; - -const char* const kParcelFileDescriptorPathName = "android/os/ParcelFileDescriptor"; - -int register_android_os_ParcelFileDescriptor(JNIEnv* env) -{ - jclass clazz = env->FindClass(kParcelFileDescriptorPathName); - LOG_FATAL_IF(clazz == NULL, "Unable to find class android.os.ParcelFileDescriptor"); - gParcelFileDescriptorOffsets.mFileDescriptor = env->GetFieldID(clazz, "mFileDescriptor", "Ljava/io/FileDescriptor;"); - LOG_FATAL_IF(gParcelFileDescriptorOffsets.mFileDescriptor == NULL, - "Unable to find mFileDescriptor field in android.os.ParcelFileDescriptor"); - - return AndroidRuntime::registerNativeMethods( - env, kParcelFileDescriptorPathName, - gParcelFileDescriptorMethods, NELEM(gParcelFileDescriptorMethods)); -} - -} |