From 5802c2b0c76b821c63c989afc8078bd5d2ddf2cb Mon Sep 17 00:00:00 2001 From: Steven Moreland Date: Wed, 12 May 2021 20:13:04 +0000 Subject: libbinder: RPC explicit connect thread ownership - thread is detached when it is no longer owned (avoids abort) - RpcServer passes connection thread ownership to RpcSession before it lets go of its lock (otherwise, it's possible to take the lock for both the session and the server, and have a relevant thread which isn't reflected as owned in either of these objects). Currently this only affects the fuzzer, but it will also be important for shutting down these threadpools. Future considerations - this code has a few messy parts, but it will have to be rewritten to avoid the std::thread constructor (which throws exceptions) and also to read a header instead of an ID. Bug: 185167543 Test: binderRpcTest, binder_rpc_fuzzer (which is in-progress) Change-Id: Ide630e36595d09a88e904af2e9ab6886ae4f2118 --- libs/binder/RpcSession.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'libs/binder/RpcSession.cpp') diff --git a/libs/binder/RpcSession.cpp b/libs/binder/RpcSession.cpp index f32aa7a72d..05fa49ec76 100644 --- a/libs/binder/RpcSession.cpp +++ b/libs/binder/RpcSession.cpp @@ -131,14 +131,16 @@ status_t RpcSession::readId() { return OK; } -void RpcSession::join(std::thread thread, unique_fd client) { +void RpcSession::preJoin(std::thread thread) { LOG_ALWAYS_FATAL_IF(thread.get_id() != std::this_thread::get_id(), "Must own this thread"); { std::lock_guard _l(mMutex); mThreads[thread.get_id()] = std::move(thread); } +} +void RpcSession::join(unique_fd client) { // must be registered to allow arbitrary client code executing commands to // be able to do nested calls (we can't only read from it) sp connection = assignServerToThisThread(std::move(client)); -- cgit v1.2.3-59-g8ed1b