/* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #define LOG_TAG "RpcSession" #include #include #include #include #include #include #include #include #include #include #include "RpcSocketAddress.h" #include "RpcState.h" #include "RpcWireFormat.h" #ifdef __GLIBC__ extern "C" pid_t gettid(); #endif namespace android { using base::unique_fd; RpcSession::RpcSession() { LOG_RPC_DETAIL("RpcSession created %p", this); mState = std::make_unique(); } RpcSession::~RpcSession() { LOG_RPC_DETAIL("RpcSession destroyed %p", this); std::lock_guard _l(mMutex); LOG_ALWAYS_FATAL_IF(mServerConnections.size() != 0, "Should not be able to destroy a session with servers in use."); } sp RpcSession::make() { return sp::make(); } void RpcSession::setMaxReverseConnections(size_t connections) { { std::lock_guard _l(mMutex); LOG_ALWAYS_FATAL_IF(mClientConnections.size() != 0, "Must setup reverse connections before setting up client connections, " "but already has %zu clients", mClientConnections.size()); } mMaxReverseConnections = connections; } bool RpcSession::setupUnixDomainClient(const char* path) { return setupSocketClient(UnixSocketAddress(path)); } bool RpcSession::setupVsockClient(unsigned int cid, unsigned int port) { return setupSocketClient(VsockSocketAddress(cid, port)); } bool RpcSession::setupInetClient(const char* addr, unsigned int port) { auto aiStart = InetSocketAddress::getAddrInfo(addr, port); if (aiStart == nullptr) return false; for (auto ai = aiStart.get(); ai != nullptr; ai = ai->ai_next) { InetSocketAddress socketAddress(ai->ai_addr, ai->ai_addrlen, addr, port); if (setupSocketClient(socketAddress)) return true; } ALOGE("None of the socket address resolved for %s:%u can be added as inet client.", addr, port); return false; } bool RpcSession::addNullDebuggingClient() { unique_fd serverFd(TEMP_FAILURE_RETRY(open("/dev/null", O_WRONLY | O_CLOEXEC))); if (serverFd == -1) { ALOGE("Could not connect to /dev/null: %s", strerror(errno)); return false; } return addClientConnection(std::move(serverFd)); } sp RpcSession::getRootObject() { ExclusiveConnection connection(sp::fromExisting(this), ConnectionUse::CLIENT); return state()->getRootObject(connection.fd(), sp::fromExisting(this)); } status_t RpcSession::getRemoteMaxThreads(size_t* maxThreads) { ExclusiveConnection connection(sp::fromExisting(this), ConnectionUse::CLIENT); return state()->getMaxThreads(connection.fd(), sp::fromExisting(this), maxThreads); } bool RpcSession::shutdown() { std::unique_lock _l(mMutex); LOG_ALWAYS_FATAL_IF(mForServer.promote() != nullptr, "Can only shut down client session"); LOG_ALWAYS_FATAL_IF(mShutdownTrigger == nullptr, "Shutdown trigger not installed"); LOG_ALWAYS_FATAL_IF(mShutdownListener == nullptr, "Shutdown listener not installed"); mShutdownTrigger->trigger(); mShutdownListener->waitForShutdown(_l); mState->terminate(); LOG_ALWAYS_FATAL_IF(!mThreads.empty(), "Shutdown failed"); return true; } status_t RpcSession::transact(const sp& binder, uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) { ExclusiveConnection connection(sp::fromExisting(this), (flags & IBinder::FLAG_ONEWAY) ? ConnectionUse::CLIENT_ASYNC : ConnectionUse::CLIENT); return state()->transact(connection.fd(), binder, code, data, sp::fromExisting(this), reply, flags); } status_t RpcSession::sendDecStrong(const RpcAddress& address) { ExclusiveConnection connection(sp::fromExisting(this), ConnectionUse::CLIENT_REFCOUNT); return state()->sendDecStrong(connection.fd(), address); } std::unique_ptr RpcSession::FdTrigger::make() { auto ret = std::make_unique(); if (!android::base::Pipe(&ret->mRead, &ret->mWrite)) return nullptr; return ret; } void RpcSession::FdTrigger::trigger() { mWrite.reset(); } status_t RpcSession::FdTrigger::triggerablePollRead(base::borrowed_fd fd) { while (true) { pollfd pfd[]{{.fd = fd.get(), .events = POLLIN | POLLHUP, .revents = 0}, {.fd = mRead.get(), .events = POLLHUP, .revents = 0}}; int ret = TEMP_FAILURE_RETRY(poll(pfd, arraysize(pfd), -1)); if (ret < 0) { return -errno; } if (ret == 0) { continue; } if (pfd[1].revents & POLLHUP) { return -ECANCELED; } return pfd[0].revents & POLLIN ? OK : DEAD_OBJECT; } } status_t RpcSession::FdTrigger::interruptableReadFully(base::borrowed_fd fd, void* data, size_t size) { uint8_t* buffer = reinterpret_cast(data); uint8_t* end = buffer + size; status_t status; while ((status = triggerablePollRead(fd)) == OK) { ssize_t readSize = TEMP_FAILURE_RETRY(recv(fd.get(), buffer, end - buffer, MSG_NOSIGNAL)); if (readSize == 0) return DEAD_OBJECT; // EOF if (readSize < 0) { return -errno; } buffer += readSize; if (buffer == end) return OK; } return status; } status_t RpcSession::readId() { { std::lock_guard _l(mMutex); LOG_ALWAYS_FATAL_IF(mForServer != nullptr, "Can only update ID for client."); } int32_t id; ExclusiveConnection connection(sp::fromExisting(this), ConnectionUse::CLIENT); status_t status = state()->getSessionId(connection.fd(), sp::fromExisting(this), &id); if (status != OK) return status; LOG_RPC_DETAIL("RpcSession %p has id %d", this, id); mId = id; return OK; } void RpcSession::WaitForShutdownListener::onSessionLockedAllServerThreadsEnded( const sp& session) { (void)session; mShutdown = true; } void RpcSession::WaitForShutdownListener::onSessionServerThreadEnded() { mCv.notify_all(); } void RpcSession::WaitForShutdownListener::waitForShutdown(std::unique_lock& lock) { while (!mShutdown) { if (std::cv_status::timeout == mCv.wait_for(lock, std::chrono::seconds(1))) { ALOGE("Waiting for RpcSession to shut down (1s w/o progress)."); } } } void RpcSession::preJoin(std::thread thread) { LOG_ALWAYS_FATAL_IF(thread.get_id() != std::this_thread::get_id(), "Must own this thread"); { std::lock_guard _l(mMutex); mThreads[thread.get_id()] = std::move(thread); } } void RpcSession::join(sp&& session, unique_fd client) { // must be registered to allow arbitrary client code executing commands to // be able to do nested calls (we can't only read from it) sp connection = session->assignServerToThisThread(std::move(client)); while (true) { status_t error = session->state()->getAndExecuteCommand(connection->fd, session); if (error != OK) { LOG_RPC_DETAIL("Binder connection thread closing w/ status %s", statusToString(error).c_str()); break; } } LOG_ALWAYS_FATAL_IF(!session->removeServerConnection(connection), "bad state: connection object guaranteed to be in list"); sp listener; { std::lock_guard _l(session->mMutex); auto it = session->mThreads.find(std::this_thread::get_id()); LOG_ALWAYS_FATAL_IF(it == session->mThreads.end()); it->second.detach(); session->mThreads.erase(it); listener = session->mEventListener.promote(); } session = nullptr; if (listener != nullptr) { listener->onSessionServerThreadEnded(); } } wp RpcSession::server() { return mForServer; } bool RpcSession::setupSocketClient(const RpcSocketAddress& addr) { { std::lock_guard _l(mMutex); LOG_ALWAYS_FATAL_IF(mClientConnections.size() != 0, "Must only setup session once, but already has %zu clients", mClientConnections.size()); } if (!setupOneSocketConnection(addr, RPC_SESSION_ID_NEW, false /*reverse*/)) return false; // TODO(b/185167543): we should add additional sessions dynamically // instead of all at once. // TODO(b/186470974): first risk of blocking size_t numThreadsAvailable; if (status_t status = getRemoteMaxThreads(&numThreadsAvailable); status != OK) { ALOGE("Could not get max threads after initial session to %s: %s", addr.toString().c_str(), statusToString(status).c_str()); return false; } if (status_t status = readId(); status != OK) { ALOGE("Could not get session id after initial session to %s; %s", addr.toString().c_str(), statusToString(status).c_str()); return false; } // we've already setup one client for (size_t i = 0; i + 1 < numThreadsAvailable; i++) { // TODO(b/185167543): shutdown existing connections? if (!setupOneSocketConnection(addr, mId.value(), false /*reverse*/)) return false; } // TODO(b/185167543): we should add additional sessions dynamically // instead of all at once - the other side should be responsible for setting // up additional connections. We need to create at least one (unless 0 are // requested to be set) in order to allow the other side to reliably make // any requests at all. for (size_t i = 0; i < mMaxReverseConnections; i++) { if (!setupOneSocketConnection(addr, mId.value(), true /*reverse*/)) return false; } return true; } bool RpcSession::setupOneSocketConnection(const RpcSocketAddress& addr, int32_t id, bool reverse) { for (size_t tries = 0; tries < 5; tries++) { if (tries > 0) usleep(10000); unique_fd serverFd( TEMP_FAILURE_RETRY(socket(addr.addr()->sa_family, SOCK_STREAM | SOCK_CLOEXEC, 0))); if (serverFd == -1) { int savedErrno = errno; ALOGE("Could not create socket at %s: %s", addr.toString().c_str(), strerror(savedErrno)); return false; } if (0 != TEMP_FAILURE_RETRY(connect(serverFd.get(), addr.addr(), addr.addrSize()))) { if (errno == ECONNRESET) { ALOGW("Connection reset on %s", addr.toString().c_str()); continue; } int savedErrno = errno; ALOGE("Could not connect socket at %s: %s", addr.toString().c_str(), strerror(savedErrno)); return false; } RpcConnectionHeader header{ .sessionId = id, }; if (reverse) header.options |= RPC_CONNECTION_OPTION_REVERSE; if (sizeof(header) != TEMP_FAILURE_RETRY(write(serverFd.get(), &header, sizeof(header)))) { int savedErrno = errno; ALOGE("Could not write connection header to socket at %s: %s", addr.toString().c_str(), strerror(savedErrno)); return false; } LOG_RPC_DETAIL("Socket at %s client with fd %d", addr.toString().c_str(), serverFd.get()); if (reverse) { std::mutex mutex; std::condition_variable joinCv; std::unique_lock lock(mutex); std::thread thread; sp thiz = sp::fromExisting(this); bool ownershipTransferred = false; thread = std::thread([&]() { std::unique_lock threadLock(mutex); unique_fd fd = std::move(serverFd); // NOLINTNEXTLINE(performance-unnecessary-copy-initialization) sp session = thiz; session->preJoin(std::move(thread)); ownershipTransferred = true; joinCv.notify_one(); threadLock.unlock(); // do not use & vars below RpcSession::join(std::move(session), std::move(fd)); }); joinCv.wait(lock, [&] { return ownershipTransferred; }); LOG_ALWAYS_FATAL_IF(!ownershipTransferred); return true; } else { return addClientConnection(std::move(serverFd)); } } ALOGE("Ran out of retries to connect to %s", addr.toString().c_str()); return false; } bool RpcSession::addClientConnection(unique_fd fd) { std::lock_guard _l(mMutex); // first client connection added, but setForServer not called, so // initializaing for a client. if (mShutdownTrigger == nullptr) { mShutdownTrigger = FdTrigger::make(); mEventListener = mShutdownListener = sp::make(); if (mShutdownTrigger == nullptr) return false; } sp session = sp::make(); session->fd = std::move(fd); mClientConnections.push_back(session); return true; } void RpcSession::setForServer(const wp& server, const wp& eventListener, int32_t sessionId, const std::shared_ptr& shutdownTrigger) { LOG_ALWAYS_FATAL_IF(mForServer != nullptr); LOG_ALWAYS_FATAL_IF(server == nullptr); LOG_ALWAYS_FATAL_IF(mEventListener != nullptr); LOG_ALWAYS_FATAL_IF(eventListener == nullptr); LOG_ALWAYS_FATAL_IF(mShutdownTrigger != nullptr); LOG_ALWAYS_FATAL_IF(shutdownTrigger == nullptr); mId = sessionId; mForServer = server; mEventListener = eventListener; mShutdownTrigger = shutdownTrigger; } sp RpcSession::assignServerToThisThread(unique_fd fd) { std::lock_guard _l(mMutex); sp session = sp::make(); session->fd = std::move(fd); session->exclusiveTid = gettid(); mServerConnections.push_back(session); return session; } bool RpcSession::removeServerConnection(const sp& connection) { std::lock_guard _l(mMutex); if (auto it = std::find(mServerConnections.begin(), mServerConnections.end(), connection); it != mServerConnections.end()) { mServerConnections.erase(it); if (mServerConnections.size() == 0) { sp listener = mEventListener.promote(); if (listener) { listener->onSessionLockedAllServerThreadsEnded(sp::fromExisting(this)); } } return true; } return false; } RpcSession::ExclusiveConnection::ExclusiveConnection(const sp& session, ConnectionUse use) : mSession(session) { pid_t tid = gettid(); std::unique_lock _l(mSession->mMutex); mSession->mWaitingThreads++; while (true) { sp exclusive; sp available; // CHECK FOR DEDICATED CLIENT SOCKET // // A server/looper should always use a dedicated connection if available findConnection(tid, &exclusive, &available, mSession->mClientConnections, mSession->mClientConnectionsOffset); // WARNING: this assumes a server cannot request its client to send // a transaction, as mServerConnections is excluded below. // // Imagine we have more than one thread in play, and a single thread // sends a synchronous, then an asynchronous command. Imagine the // asynchronous command is sent on the first client connection. Then, if // we naively send a synchronous command to that same connection, the // thread on the far side might be busy processing the asynchronous // command. So, we move to considering the second available thread // for subsequent calls. if (use == ConnectionUse::CLIENT_ASYNC && (exclusive != nullptr || available != nullptr)) { mSession->mClientConnectionsOffset = (mSession->mClientConnectionsOffset + 1) % mSession->mClientConnections.size(); } // USE SERVING SOCKET (for nested transaction) // // asynchronous calls cannot be nested if (use != ConnectionUse::CLIENT_ASYNC) { // server connections are always assigned to a thread findConnection(tid, &exclusive, nullptr /*available*/, mSession->mServerConnections, 0 /* index hint */); } // if our thread is already using a connection, prioritize using that if (exclusive != nullptr) { mConnection = exclusive; mReentrant = true; break; } else if (available != nullptr) { mConnection = available; mConnection->exclusiveTid = tid; break; } // TODO(b/185167543): this should return an error, rather than crash a // server // in regular binder, this would usually be a deadlock :) LOG_ALWAYS_FATAL_IF(mSession->mClientConnections.size() == 0, "Session has no client connections. This is required for an RPC server " "to make any non-nested (e.g. oneway or on another thread) calls."); LOG_RPC_DETAIL("No available connections (have %zu clients and %zu servers). Waiting...", mSession->mClientConnections.size(), mSession->mServerConnections.size()); mSession->mAvailableConnectionCv.wait(_l); } mSession->mWaitingThreads--; } void RpcSession::ExclusiveConnection::findConnection(pid_t tid, sp* exclusive, sp* available, std::vector>& sockets, size_t socketsIndexHint) { LOG_ALWAYS_FATAL_IF(sockets.size() > 0 && socketsIndexHint >= sockets.size(), "Bad index %zu >= %zu", socketsIndexHint, sockets.size()); if (*exclusive != nullptr) return; // consistent with break below for (size_t i = 0; i < sockets.size(); i++) { sp& socket = sockets[(i + socketsIndexHint) % sockets.size()]; // take first available connection (intuition = caching) if (available && *available == nullptr && socket->exclusiveTid == std::nullopt) { *available = socket; continue; } // though, prefer to take connection which is already inuse by this thread // (nested transactions) if (exclusive && socket->exclusiveTid == tid) { *exclusive = socket; break; // consistent with return above } } } RpcSession::ExclusiveConnection::~ExclusiveConnection() { // reentrant use of a connection means something less deep in the call stack // is using this fd, and it retains the right to it. So, we don't give up // exclusive ownership, and no thread is freed. if (!mReentrant) { std::unique_lock _l(mSession->mMutex); mConnection->exclusiveTid = std::nullopt; if (mSession->mWaitingThreads > 0) { _l.unlock(); mSession->mAvailableConnectionCv.notify_one(); } } } } // namespace android