| /* |
| * Copyright (C) 2018 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include <array> |
| #include <iomanip> |
| #include <random> |
| #include <sstream> |
| |
| #include <android/hardware_buffer.h> |
| #include <bufferhub/BufferHubService.h> |
| #include <cutils/native_handle.h> |
| #include <log/log.h> |
| #include <openssl/hmac.h> |
| #include <system/graphics-base.h> |
| #include <ui/BufferHubDefs.h> |
| |
| using ::android::BufferHubDefs::MetadataHeader; |
| using ::android::hardware::Void; |
| |
| namespace android { |
| namespace frameworks { |
| namespace bufferhub { |
| namespace V1_0 { |
| namespace implementation { |
| |
| BufferHubService::BufferHubService() { |
| std::mt19937_64 randomEngine; |
| randomEngine.seed(time(nullptr)); |
| |
| mKey = randomEngine(); |
| } |
| |
| Return<void> BufferHubService::allocateBuffer(const HardwareBufferDescription& description, |
| const uint32_t userMetadataSize, |
| allocateBuffer_cb _hidl_cb) { |
| AHardwareBuffer_Desc desc; |
| memcpy(&desc, &description, sizeof(AHardwareBuffer_Desc)); |
| |
| std::shared_ptr<BufferNode> node = |
| std::make_shared<BufferNode>(desc.width, desc.height, desc.layers, desc.format, |
| desc.usage, userMetadataSize, |
| BufferHubIdGenerator::getInstance().getId()); |
| if (node == nullptr || !node->isValid()) { |
| ALOGE("%s: creating BufferNode failed.", __FUNCTION__); |
| _hidl_cb(/*status=*/BufferHubStatus::ALLOCATION_FAILED, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| sp<BufferClient> client = BufferClient::create(this, node); |
| // Add it to list for bookkeeping and dumpsys. |
| std::lock_guard<std::mutex> lock(mClientSetMutex); |
| mClientSet.emplace(client); |
| |
| // Allocate memory for bufferInfo of type hidl_handle on the stack. See |
| // http://aosp/286282 for the usage of NATIVE_HANDLE_DECLARE_STORAGE. |
| NATIVE_HANDLE_DECLARE_STORAGE(bufferInfoStorage, BufferHubDefs::kBufferInfoNumFds, |
| BufferHubDefs::kBufferInfoNumInts); |
| hidl_handle bufferInfo = |
| buildBufferInfo(bufferInfoStorage, node->id(), node->addNewActiveClientsBitToMask(), |
| node->userMetadataSize(), node->metadata().ashmemFd(), |
| node->eventFd().get()); |
| // During the gralloc allocation carried out by BufferNode, gralloc allocator will populate the |
| // fields of its HardwareBufferDescription (i.e. strides) according to the actual |
| // gralloc implementation. We need to read those fields back and send them to the client via |
| // BufferTraits. |
| HardwareBufferDescription allocatedBufferDesc; |
| memcpy(&allocatedBufferDesc, &node->bufferDesc(), sizeof(AHardwareBuffer_Desc)); |
| BufferTraits bufferTraits = {/*bufferDesc=*/allocatedBufferDesc, |
| /*bufferHandle=*/hidl_handle(node->bufferHandle()), |
| /*bufferInfo=*/std::move(bufferInfo)}; |
| |
| _hidl_cb(/*status=*/BufferHubStatus::NO_ERROR, /*bufferClient=*/client, |
| /*bufferTraits=*/std::move(bufferTraits)); |
| return Void(); |
| } |
| |
| Return<void> BufferHubService::importBuffer(const hidl_handle& tokenHandle, |
| importBuffer_cb _hidl_cb) { |
| if (!tokenHandle.getNativeHandle() || tokenHandle->numFds != 0 || tokenHandle->numInts <= 1) { |
| // nullptr handle or wrong format |
| _hidl_cb(/*status=*/BufferHubStatus::INVALID_TOKEN, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| int tokenId = tokenHandle->data[0]; |
| |
| wp<BufferClient> originClientWp; |
| { |
| std::lock_guard<std::mutex> lock(mTokenMutex); |
| auto iter = mTokenMap.find(tokenId); |
| if (iter == mTokenMap.end()) { |
| // Token Id not exist |
| ALOGD("%s: token #%d not found.", __FUNCTION__, tokenId); |
| _hidl_cb(/*status=*/BufferHubStatus::INVALID_TOKEN, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| const std::vector<uint8_t>& tokenHMAC = iter->second.first; |
| |
| int numIntsForHMAC = (int)ceil(tokenHMAC.size() * sizeof(uint8_t) / (double)sizeof(int)); |
| if (tokenHandle->numInts - 1 != numIntsForHMAC) { |
| // HMAC size not match |
| ALOGD("%s: token #%d HMAC size not match. Expected: %d Actual: %d", __FUNCTION__, |
| tokenId, numIntsForHMAC, tokenHandle->numInts - 1); |
| _hidl_cb(/*status=*/BufferHubStatus::INVALID_TOKEN, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| size_t hmacSize = tokenHMAC.size() * sizeof(uint8_t); |
| if (memcmp(tokenHMAC.data(), &tokenHandle->data[1], hmacSize) != 0) { |
| // HMAC not match |
| ALOGD("%s: token #%d HMAC not match.", __FUNCTION__, tokenId); |
| _hidl_cb(/*status=*/BufferHubStatus::INVALID_TOKEN, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| originClientWp = iter->second.second; |
| mTokenMap.erase(iter); |
| } |
| |
| // Check if original client is dead |
| sp<BufferClient> originClient = originClientWp.promote(); |
| if (!originClient) { |
| // Should not happen since token should be removed if already gone |
| ALOGE("%s: original client %p gone!", __FUNCTION__, originClientWp.unsafe_get()); |
| _hidl_cb(/*status=*/BufferHubStatus::BUFFER_FREED, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| sp<BufferClient> client = new BufferClient(*originClient); |
| uint32_t clientStateMask = client->getBufferNode()->addNewActiveClientsBitToMask(); |
| if (clientStateMask == 0U) { |
| // Reach max client count |
| ALOGE("%s: import failed, BufferNode#%u reached maximum clients.", __FUNCTION__, |
| client->getBufferNode()->id()); |
| _hidl_cb(/*status=*/BufferHubStatus::MAX_CLIENT, /*bufferClient=*/nullptr, |
| /*bufferTraits=*/{}); |
| return Void(); |
| } |
| |
| std::lock_guard<std::mutex> lock(mClientSetMutex); |
| mClientSet.emplace(client); |
| |
| std::shared_ptr<BufferNode> node = client->getBufferNode(); |
| |
| HardwareBufferDescription bufferDesc; |
| memcpy(&bufferDesc, &node->bufferDesc(), sizeof(HardwareBufferDescription)); |
| |
| // Allocate memory for bufferInfo of type hidl_handle on the stack. See |
| // http://aosp/286282 for the usage of NATIVE_HANDLE_DECLARE_STORAGE. |
| NATIVE_HANDLE_DECLARE_STORAGE(bufferInfoStorage, BufferHubDefs::kBufferInfoNumFds, |
| BufferHubDefs::kBufferInfoNumInts); |
| hidl_handle bufferInfo = buildBufferInfo(bufferInfoStorage, node->id(), clientStateMask, |
| node->userMetadataSize(), node->metadata().ashmemFd(), |
| node->eventFd().get()); |
| BufferTraits bufferTraits = {/*bufferDesc=*/bufferDesc, |
| /*bufferHandle=*/hidl_handle(node->bufferHandle()), |
| /*bufferInfo=*/std::move(bufferInfo)}; |
| |
| _hidl_cb(/*status=*/BufferHubStatus::NO_ERROR, /*bufferClient=*/client, |
| /*bufferTraits=*/std::move(bufferTraits)); |
| return Void(); |
| } |
| |
| Return<void> BufferHubService::debug(const hidl_handle& fd, const hidl_vec<hidl_string>& args) { |
| if (fd.getNativeHandle() == nullptr || fd->numFds < 1) { |
| ALOGE("%s: missing fd for writing.", __FUNCTION__); |
| return Void(); |
| } |
| |
| FILE* out = fdopen(dup(fd->data[0]), "w"); |
| |
| if (args.size() != 0) { |
| fprintf(out, |
| "Note: lshal bufferhub currently does not support args. Input arguments are " |
| "ignored.\n"); |
| } |
| |
| std::ostringstream stream; |
| |
| // Get the number of clients of each buffer. |
| // Map from bufferId to bufferNode_clientCount pair. |
| std::map<int, std::pair<const std::shared_ptr<BufferNode>, uint32_t>> clientCount; |
| { |
| std::lock_guard<std::mutex> lock(mClientSetMutex); |
| for (auto iter = mClientSet.begin(); iter != mClientSet.end(); ++iter) { |
| sp<BufferClient> client = iter->promote(); |
| if (client != nullptr) { |
| const std::shared_ptr<BufferNode> node = client->getBufferNode(); |
| auto mapIter = clientCount.find(node->id()); |
| if (mapIter != clientCount.end()) { |
| ++mapIter->second.second; |
| } else { |
| clientCount.emplace(node->id(), |
| std::pair<std::shared_ptr<BufferNode>, uint32_t>(node, 1U)); |
| } |
| } |
| } |
| } |
| |
| stream << "Active Buffers:\n"; |
| stream << std::right; |
| stream << std::setw(6) << "Id"; |
| stream << " "; |
| stream << std::setw(9) << "#Clients"; |
| stream << " "; |
| stream << std::setw(14) << "Geometry"; |
| stream << " "; |
| stream << std::setw(6) << "Format"; |
| stream << " "; |
| stream << std::setw(10) << "Usage"; |
| stream << " "; |
| stream << std::setw(10) << "State"; |
| stream << " "; |
| stream << std::setw(8) << "Index"; |
| stream << std::endl; |
| |
| for (auto iter = clientCount.begin(); iter != clientCount.end(); ++iter) { |
| const std::shared_ptr<BufferNode> node = std::move(iter->second.first); |
| const uint32_t clientCount = iter->second.second; |
| AHardwareBuffer_Desc desc = node->bufferDesc(); |
| |
| MetadataHeader* metadataHeader = |
| const_cast<BufferHubMetadata*>(&node->metadata())->metadataHeader(); |
| const uint32_t state = metadataHeader->bufferState.load(std::memory_order_acquire); |
| const uint64_t index = metadataHeader->queueIndex; |
| |
| stream << std::right; |
| stream << std::setw(6) << /*Id=*/node->id(); |
| stream << " "; |
| stream << std::setw(9) << /*#Clients=*/clientCount; |
| stream << " "; |
| if (desc.format == HAL_PIXEL_FORMAT_BLOB) { |
| std::string size = std::to_string(desc.width) + " B"; |
| stream << std::setw(14) << /*Geometry=*/size; |
| } else { |
| std::string dimensions = std::to_string(desc.width) + "x" + |
| std::to_string(desc.height) + "x" + std::to_string(desc.layers); |
| stream << std::setw(14) << /*Geometry=*/dimensions; |
| } |
| stream << " "; |
| stream << std::setw(6) << /*Format=*/desc.format; |
| stream << " "; |
| stream << "0x" << std::hex << std::setfill('0'); |
| stream << std::setw(8) << /*Usage=*/desc.usage; |
| stream << std::dec << std::setfill(' '); |
| stream << " "; |
| stream << "0x" << std::hex << std::setfill('0'); |
| stream << std::setw(8) << /*State=*/state; |
| stream << std::dec << std::setfill(' '); |
| stream << " "; |
| stream << std::setw(8) << /*Index=*/index; |
| stream << std::endl; |
| } |
| |
| stream << std::endl; |
| |
| // Get the number of tokens of each buffer. |
| // Map from bufferId to tokenCount |
| std::map<int, uint32_t> tokenCount; |
| { |
| std::lock_guard<std::mutex> lock(mTokenMutex); |
| for (auto iter = mTokenMap.begin(); iter != mTokenMap.end(); ++iter) { |
| sp<BufferClient> client = iter->second.second.promote(); |
| if (client != nullptr) { |
| const std::shared_ptr<BufferNode> node = client->getBufferNode(); |
| auto mapIter = tokenCount.find(node->id()); |
| if (mapIter != tokenCount.end()) { |
| ++mapIter->second; |
| } else { |
| tokenCount.emplace(node->id(), 1U); |
| } |
| } |
| } |
| } |
| |
| stream << "Unused Tokens:\n"; |
| stream << std::right; |
| stream << std::setw(8) << "Buffer Id"; |
| stream << " "; |
| stream << std::setw(7) << "#Tokens"; |
| stream << std::endl; |
| |
| for (auto iter = tokenCount.begin(); iter != tokenCount.end(); ++iter) { |
| stream << std::right; |
| stream << std::setw(8) << /*Buffer Id=*/iter->first; |
| stream << " "; |
| stream << std::setw(7) << /*#Tokens=*/iter->second; |
| stream << std::endl; |
| } |
| |
| fprintf(out, "%s", stream.str().c_str()); |
| |
| fclose(out); |
| return Void(); |
| } |
| |
| hidl_handle BufferHubService::registerToken(const wp<BufferClient>& client) { |
| // Find next available token id |
| std::lock_guard<std::mutex> lock(mTokenMutex); |
| do { |
| ++mLastTokenId; |
| } while (mTokenMap.find(mLastTokenId) != mTokenMap.end()); |
| |
| std::array<uint8_t, EVP_MAX_MD_SIZE> hmac; |
| uint32_t hmacSize = 0U; |
| |
| HMAC(/*evp_md=*/EVP_sha256(), /*key=*/&mKey, /*key_len=*/kKeyLen, |
| /*data=*/(uint8_t*)&mLastTokenId, /*data_len=*/mTokenIdSize, |
| /*out=*/hmac.data(), /*out_len=*/&hmacSize); |
| |
| int numIntsForHMAC = (int)ceil(hmacSize / (double)sizeof(int)); |
| native_handle_t* handle = native_handle_create(/*numFds=*/0, /*numInts=*/1 + numIntsForHMAC); |
| handle->data[0] = mLastTokenId; |
| // Set all the the bits of last int to 0 since it might not be fully overwritten |
| handle->data[numIntsForHMAC] = 0; |
| memcpy(&handle->data[1], hmac.data(), hmacSize); |
| |
| // returnToken owns the native_handle_t* thus doing lifecycle management |
| hidl_handle returnToken; |
| returnToken.setTo(handle, /*shoudOwn=*/true); |
| |
| std::vector<uint8_t> hmacVec; |
| hmacVec.resize(hmacSize); |
| memcpy(hmacVec.data(), hmac.data(), hmacSize); |
| mTokenMap.emplace(mLastTokenId, std::pair(hmacVec, client)); |
| |
| return returnToken; |
| } |
| |
| void BufferHubService::onClientClosed(const BufferClient* client) { |
| removeTokenByClient(client); |
| |
| std::lock_guard<std::mutex> lock(mClientSetMutex); |
| auto iter = std::find(mClientSet.begin(), mClientSet.end(), client); |
| if (iter != mClientSet.end()) { |
| mClientSet.erase(iter); |
| } |
| } |
| |
| // Implementation of this function should be consistent with the definition of bufferInfo handle in |
| // ui/BufferHubDefs.h. |
| hidl_handle BufferHubService::buildBufferInfo(char* bufferInfoStorage, int bufferId, |
| uint32_t clientBitMask, uint32_t userMetadataSize, |
| int metadataFd, int eventFd) { |
| native_handle_t* infoHandle = |
| native_handle_init(bufferInfoStorage, BufferHubDefs::kBufferInfoNumFds, |
| BufferHubDefs::kBufferInfoNumInts); |
| |
| infoHandle->data[0] = metadataFd; |
| infoHandle->data[1] = eventFd; |
| infoHandle->data[2] = bufferId; |
| // Use memcpy to convert to int without missing digit. |
| // TOOD(b/121345852): use bit_cast to unpack bufferInfo when C++20 becomes available. |
| memcpy(&infoHandle->data[3], &clientBitMask, sizeof(clientBitMask)); |
| memcpy(&infoHandle->data[4], &userMetadataSize, sizeof(userMetadataSize)); |
| |
| hidl_handle bufferInfo; |
| bufferInfo.setTo(infoHandle, /*shouldOwn=*/false); |
| |
| return bufferInfo; |
| } |
| |
| void BufferHubService::removeTokenByClient(const BufferClient* client) { |
| std::lock_guard<std::mutex> lock(mTokenMutex); |
| auto iter = mTokenMap.begin(); |
| while (iter != mTokenMap.end()) { |
| if (iter->second.second == client) { |
| auto oldIter = iter; |
| ++iter; |
| mTokenMap.erase(oldIter); |
| } else { |
| ++iter; |
| } |
| } |
| } |
| |
| } // namespace implementation |
| } // namespace V1_0 |
| } // namespace bufferhub |
| } // namespace frameworks |
| } // namespace android |