359 lines
11 KiB
Go
359 lines
11 KiB
Go
|
// Copyright 2018 Google Inc.
|
||
|
//
|
||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
// you may not use this file except in compliance with the License.
|
||
|
// You may obtain a copy of the License at
|
||
|
//
|
||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||
|
//
|
||
|
// Unless required by applicable law or agreed to in writing, software
|
||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
// See the License for the specific language governing permissions and
|
||
|
// limitations under the License.
|
||
|
|
||
|
// Package binder implements Android Binder IPC module.
|
||
|
package binder
|
||
|
|
||
|
import (
|
||
|
"sync"
|
||
|
|
||
|
"gvisor.googlesource.com/gvisor/pkg/abi/linux"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/arch"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/context"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/fs"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/fs/fsutil"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/kernel"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/kernel/time"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/memmap"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/platform"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/usage"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
|
||
|
"gvisor.googlesource.com/gvisor/pkg/syserror"
|
||
|
)
|
||
|
|
||
|
const (
|
||
|
currentProtocolVersion = 8
|
||
|
|
||
|
// mmapSizeLimit is the upper limit for mapped memory size in Binder.
|
||
|
mmapSizeLimit = 4 * 1024 * 1024 // 4MB
|
||
|
)
|
||
|
|
||
|
// Device implements fs.InodeOperations.
|
||
|
type Device struct {
|
||
|
fsutil.InodeNoExtendedAttributes
|
||
|
fsutil.InodeNotDirectory
|
||
|
fsutil.InodeNotRenameable
|
||
|
fsutil.InodeNotSocket
|
||
|
fsutil.InodeNotSymlink
|
||
|
fsutil.NoMappable
|
||
|
fsutil.NoopWriteOut
|
||
|
fsutil.DeprecatedFileOperations
|
||
|
|
||
|
// mu protects unstable.
|
||
|
mu sync.Mutex `state:"nosave"`
|
||
|
unstable fs.UnstableAttr
|
||
|
}
|
||
|
|
||
|
// NewDevice creates and intializes a Device structure.
|
||
|
func NewDevice(ctx context.Context, owner fs.FileOwner, fp fs.FilePermissions) *Device {
|
||
|
return &Device{
|
||
|
unstable: fs.WithCurrentTime(ctx, fs.UnstableAttr{
|
||
|
Owner: owner,
|
||
|
Perms: fp,
|
||
|
Links: 1,
|
||
|
}),
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Release implements fs.InodeOperations.Release.
|
||
|
func (bd *Device) Release(context.Context) {}
|
||
|
|
||
|
// GetFile implements fs.InodeOperations.GetFile.
|
||
|
//
|
||
|
// TODO: Add functionality to GetFile: Additional fields will be
|
||
|
// needed in the Device structure, initialize them here. Also, Device will need
|
||
|
// to keep track of the created Procs in order to implement BINDER_READ_WRITE
|
||
|
// ioctl.
|
||
|
func (bd *Device) GetFile(ctx context.Context, d *fs.Dirent, flags fs.FileFlags) (*fs.File, error) {
|
||
|
return fs.NewFile(ctx, d, flags, &Proc{
|
||
|
bd: bd,
|
||
|
task: kernel.TaskFromContext(ctx),
|
||
|
platform: platform.FromContext(ctx),
|
||
|
}), nil
|
||
|
}
|
||
|
|
||
|
// UnstableAttr implements fs.InodeOperations.UnstableAttr.
|
||
|
func (bd *Device) UnstableAttr(ctx context.Context, inode *fs.Inode) (fs.UnstableAttr, error) {
|
||
|
bd.mu.Lock()
|
||
|
defer bd.mu.Unlock()
|
||
|
return bd.unstable, nil
|
||
|
}
|
||
|
|
||
|
// Check implements fs.InodeOperations.Check.
|
||
|
func (bd *Device) Check(ctx context.Context, inode *fs.Inode, p fs.PermMask) bool {
|
||
|
return fs.ContextCanAccessFile(ctx, inode, p)
|
||
|
}
|
||
|
|
||
|
// SetPermissions implements fs.InodeOperations.SetPermissions.
|
||
|
func (bd *Device) SetPermissions(ctx context.Context, inode *fs.Inode, fp fs.FilePermissions) bool {
|
||
|
bd.mu.Lock()
|
||
|
defer bd.mu.Unlock()
|
||
|
bd.unstable.Perms = fp
|
||
|
bd.unstable.StatusChangeTime = time.NowFromContext(ctx)
|
||
|
return true
|
||
|
}
|
||
|
|
||
|
// SetOwner implements fs.InodeOperations.SetOwner.
|
||
|
func (bd *Device) SetOwner(ctx context.Context, inode *fs.Inode, owner fs.FileOwner) error {
|
||
|
bd.mu.Lock()
|
||
|
defer bd.mu.Unlock()
|
||
|
if owner.UID.Ok() {
|
||
|
bd.unstable.Owner.UID = owner.UID
|
||
|
}
|
||
|
if owner.GID.Ok() {
|
||
|
bd.unstable.Owner.GID = owner.GID
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// SetTimestamps implements fs.InodeOperations.SetTimestamps.
|
||
|
func (bd *Device) SetTimestamps(ctx context.Context, inode *fs.Inode, ts fs.TimeSpec) error {
|
||
|
if ts.ATimeOmit && ts.MTimeOmit {
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
bd.mu.Lock()
|
||
|
defer bd.mu.Unlock()
|
||
|
|
||
|
now := time.NowFromContext(ctx)
|
||
|
if !ts.ATimeOmit {
|
||
|
if ts.ATimeSetSystemTime {
|
||
|
bd.unstable.AccessTime = now
|
||
|
} else {
|
||
|
bd.unstable.AccessTime = ts.ATime
|
||
|
}
|
||
|
}
|
||
|
if !ts.MTimeOmit {
|
||
|
if ts.MTimeSetSystemTime {
|
||
|
bd.unstable.ModificationTime = now
|
||
|
} else {
|
||
|
bd.unstable.ModificationTime = ts.MTime
|
||
|
}
|
||
|
}
|
||
|
bd.unstable.StatusChangeTime = now
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// Truncate implements fs.InodeOperations.WriteOut.
|
||
|
//
|
||
|
// Ignored for a character device, such as Binder.
|
||
|
func (bd *Device) Truncate(ctx context.Context, inode *fs.Inode, size int64) error {
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// AddLink implements fs.InodeOperations.AddLink.
|
||
|
//
|
||
|
// Binder doesn't support links, no-op.
|
||
|
func (bd *Device) AddLink() {}
|
||
|
|
||
|
// DropLink implements fs.InodeOperations.DropLink.
|
||
|
//
|
||
|
// Binder doesn't support links, no-op.
|
||
|
func (bd *Device) DropLink() {}
|
||
|
|
||
|
// NotifyStatusChange implements fs.InodeOperations.NotifyStatusChange.
|
||
|
func (bd *Device) NotifyStatusChange(ctx context.Context) {
|
||
|
bd.mu.Lock()
|
||
|
defer bd.mu.Unlock()
|
||
|
now := time.NowFromContext(ctx)
|
||
|
bd.unstable.ModificationTime = now
|
||
|
bd.unstable.StatusChangeTime = now
|
||
|
}
|
||
|
|
||
|
// IsVirtual implements fs.InodeOperations.IsVirtual.
|
||
|
//
|
||
|
// Binder is virtual.
|
||
|
func (bd *Device) IsVirtual() bool {
|
||
|
return true
|
||
|
}
|
||
|
|
||
|
// StatFS implements fs.InodeOperations.StatFS.
|
||
|
//
|
||
|
// Binder doesn't support querying for filesystem info.
|
||
|
func (bd *Device) StatFS(context.Context) (fs.Info, error) {
|
||
|
return fs.Info{}, syserror.ENOSYS
|
||
|
}
|
||
|
|
||
|
// Proc implements fs.FileOperations and fs.IoctlGetter.
|
||
|
type Proc struct {
|
||
|
fsutil.NoFsync
|
||
|
fsutil.DeprecatedFileOperations
|
||
|
fsutil.NotDirReaddir
|
||
|
|
||
|
bd *Device
|
||
|
task *kernel.Task
|
||
|
platform platform.Platform
|
||
|
|
||
|
// mu protects fr.
|
||
|
mu sync.Mutex `state:"nosave"`
|
||
|
|
||
|
// mapped is memory allocated from platform.Memory() by AddMapping.
|
||
|
mapped platform.FileRange
|
||
|
}
|
||
|
|
||
|
// Release implements fs.FileOperations.Release.
|
||
|
func (bp *Proc) Release() {
|
||
|
bp.mu.Lock()
|
||
|
defer bp.mu.Unlock()
|
||
|
if bp.mapped.Length() != 0 {
|
||
|
bp.platform.Memory().DecRef(bp.mapped)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Seek implements fs.FileOperations.Seek.
|
||
|
//
|
||
|
// Binder doesn't support seek operation (unless in debug mode).
|
||
|
func (bp *Proc) Seek(ctx context.Context, file *fs.File, whence fs.SeekWhence, offset int64) (int64, error) {
|
||
|
return offset, syserror.EOPNOTSUPP
|
||
|
}
|
||
|
|
||
|
// Read implements fs.FileOperations.Read.
|
||
|
//
|
||
|
// Binder doesn't support read operation (unless in debug mode).
|
||
|
func (bp *Proc) Read(ctx context.Context, file *fs.File, dst usermem.IOSequence, offset int64) (int64, error) {
|
||
|
return 0, syserror.EOPNOTSUPP
|
||
|
}
|
||
|
|
||
|
// Write implements fs.FileOperations.Write.
|
||
|
//
|
||
|
// Binder doesn't support write operation.
|
||
|
func (bp *Proc) Write(ctx context.Context, file *fs.File, src usermem.IOSequence, offset int64) (int64, error) {
|
||
|
return 0, syserror.EOPNOTSUPP
|
||
|
}
|
||
|
|
||
|
// Flush implements fs.FileOperations.Flush.
|
||
|
//
|
||
|
// TODO: Implement.
|
||
|
func (bp *Proc) Flush(ctx context.Context, file *fs.File) error {
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// ConfigureMMap implements fs.FileOperations.ConfigureMMap.
|
||
|
func (bp *Proc) ConfigureMMap(ctx context.Context, file *fs.File, opts *memmap.MMapOpts) error {
|
||
|
// Compare drivers/android/binder.c:binder_mmap().
|
||
|
if caller := kernel.TaskFromContext(ctx); caller != bp.task {
|
||
|
return syserror.EINVAL
|
||
|
}
|
||
|
if opts.Length > mmapSizeLimit {
|
||
|
opts.Length = mmapSizeLimit
|
||
|
}
|
||
|
opts.MaxPerms.Write = false
|
||
|
|
||
|
// TODO: Binder sets VM_DONTCOPY, preventing the created vma
|
||
|
// from being copied across fork(), but we don't support this yet. As
|
||
|
// a result, MMs containing a Binder mapping cannot be forked (MM.Fork will
|
||
|
// fail when AddMapping returns EBUSY).
|
||
|
|
||
|
return fsutil.GenericConfigureMMap(file, bp, opts)
|
||
|
}
|
||
|
|
||
|
// Ioctl implements fs.FileOperations.Ioctl.
|
||
|
//
|
||
|
// TODO: Implement.
|
||
|
func (bp *Proc) Ioctl(ctx context.Context, io usermem.IO, args arch.SyscallArguments) (uintptr, error) {
|
||
|
// Switch on ioctl request.
|
||
|
switch uint32(args[1].Int()) {
|
||
|
case linux.BinderVersionIoctl:
|
||
|
ver := &linux.BinderVersion{
|
||
|
ProtocolVersion: currentProtocolVersion,
|
||
|
}
|
||
|
// Copy result to user-space.
|
||
|
_, err := usermem.CopyObjectOut(ctx, io, args[2].Pointer(), ver, usermem.IOOpts{
|
||
|
AddressSpaceActive: true,
|
||
|
})
|
||
|
return 0, err
|
||
|
case linux.BinderWriteReadIoctl:
|
||
|
// TODO: Implement.
|
||
|
fallthrough
|
||
|
case linux.BinderSetIdleTimeoutIoctl:
|
||
|
// TODO: Implement.
|
||
|
fallthrough
|
||
|
case linux.BinderSetMaxThreadsIoctl:
|
||
|
// TODO: Implement.
|
||
|
fallthrough
|
||
|
case linux.BinderSetIdlePriorityIoctl:
|
||
|
// TODO: Implement.
|
||
|
fallthrough
|
||
|
case linux.BinderSetContextMgrIoctl:
|
||
|
// TODO: Implement.
|
||
|
fallthrough
|
||
|
case linux.BinderThreadExitIoctl:
|
||
|
// TODO: Implement.
|
||
|
return 0, syserror.ENOSYS
|
||
|
default:
|
||
|
// Ioctls irrelevant to Binder.
|
||
|
return 0, syserror.EINVAL
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// AddMapping implements memmap.Mappable.AddMapping.
|
||
|
func (bp *Proc) AddMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) error {
|
||
|
bp.mu.Lock()
|
||
|
defer bp.mu.Unlock()
|
||
|
if bp.mapped.Length() != 0 {
|
||
|
// mmap has been called before, which binder_mmap() doesn't like.
|
||
|
return syserror.EBUSY
|
||
|
}
|
||
|
// Binder only allocates and maps a single page up-front
|
||
|
// (drivers/android/binder.c:binder_mmap() => binder_update_page_range()).
|
||
|
fr, err := bp.platform.Memory().Allocate(usermem.PageSize, usage.Anonymous)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
bp.mapped = fr
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// RemoveMapping implements memmap.Mappable.RemoveMapping.
|
||
|
func (bp *Proc) RemoveMapping(ctx context.Context, ms memmap.MappingSpace, ar usermem.AddrRange, offset uint64) {
|
||
|
// Nothing to do. Notably, we don't free bp.mapped to allow another mmap.
|
||
|
}
|
||
|
|
||
|
// CopyMapping implements memmap.Mappable.CopyMapping.
|
||
|
func (bp *Proc) CopyMapping(ctx context.Context, ms memmap.MappingSpace, srcAR, dstAR usermem.AddrRange, offset uint64) error {
|
||
|
// Nothing to do. Notably, this is one case where CopyMapping isn't
|
||
|
// equivalent to AddMapping, as AddMapping would return EBUSY.
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// Translate implements memmap.Mappable.Translate.
|
||
|
func (bp *Proc) Translate(ctx context.Context, required, optional memmap.MappableRange, at usermem.AccessType) ([]memmap.Translation, error) {
|
||
|
// TODO: In addition to the page initially allocated and mapped
|
||
|
// in AddMapping (Linux: binder_mmap), Binder allocates and maps pages for
|
||
|
// each transaction (Linux: binder_ioctl => binder_ioctl_write_read =>
|
||
|
// binder_thread_write => binder_transaction => binder_alloc_buf =>
|
||
|
// binder_update_page_range). Since we don't actually implement
|
||
|
// BinderWriteReadIoctl (Linux: BINDER_WRITE_READ), we only ever have the
|
||
|
// first page.
|
||
|
var err error
|
||
|
if required.End > usermem.PageSize {
|
||
|
err = &memmap.BusError{syserror.EFAULT}
|
||
|
}
|
||
|
if required.Start == 0 {
|
||
|
return []memmap.Translation{
|
||
|
{
|
||
|
Source: memmap.MappableRange{0, usermem.PageSize},
|
||
|
File: bp.platform.Memory(),
|
||
|
Offset: bp.mapped.Start,
|
||
|
},
|
||
|
}, err
|
||
|
}
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
// InvalidateUnsavable implements memmap.Mappable.InvalidateUnsavable.
|
||
|
func (bp *Proc) InvalidateUnsavable(ctx context.Context) error {
|
||
|
return nil
|
||
|
}
|