1 /* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ANDROID_IMEMORY_H 18 #define ANDROID_IMEMORY_H 19 20 #include <stdint.h> 21 #include <sys/types.h> 22 #include <sys/mman.h> 23 24 #include <utils/RefBase.h> 25 #include <utils/Errors.h> 26 #include <binder/IInterface.h> 27 28 namespace android { 29 30 // ---------------------------------------------------------------------------- 31 32 class IMemoryHeap : public IInterface 33 { 34 public: 35 DECLARE_META_INTERFACE(MemoryHeap) 36 37 // flags returned by getFlags() 38 enum { 39 READ_ONLY = 0x00000001 40 }; 41 42 virtual int getHeapID() const = 0; 43 virtual void* getBase() const = 0; 44 virtual size_t getSize() const = 0; 45 virtual uint32_t getFlags() const = 0; 46 virtual off_t getOffset() const = 0; 47 48 // these are there just for backward source compatibility heapID()49 int32_t heapID() const { return getHeapID(); } base()50 void* base() const { return getBase(); } virtualSize()51 size_t virtualSize() const { return getSize(); } 52 }; 53 54 class BnMemoryHeap : public BnInterface<IMemoryHeap> 55 { 56 public: 57 // NOLINTNEXTLINE(google-default-arguments) 58 virtual status_t onTransact( 59 uint32_t code, 60 const Parcel& data, 61 Parcel* reply, 62 uint32_t flags = 0); 63 64 BnMemoryHeap(); 65 protected: 66 virtual ~BnMemoryHeap(); 67 }; 68 69 // ---------------------------------------------------------------------------- 70 71 class IMemory : public IInterface 72 { 73 public: 74 DECLARE_META_INTERFACE(Memory) 75 76 // NOLINTNEXTLINE(google-default-arguments) 77 virtual sp<IMemoryHeap> getMemory(ssize_t* offset=nullptr, size_t* size=nullptr) const = 0; 78 79 // helpers 80 81 // Accessing the underlying pointer must be done with caution, as there are 82 // some inherent security risks associated with it. When receiving an 83 // IMemory from an untrusted process, there is currently no way to guarantee 84 // that this process would't change the content after the fact. This may 85 // lead to TOC/TOU class of security bugs. In most cases, when performance 86 // is not an issue, the recommended practice is to immediately copy the 87 // buffer upon reception, then work with the copy, e.g.: 88 // 89 // std::string private_copy(mem.size(), '\0'); 90 // memcpy(private_copy.data(), mem.unsecurePointer(), mem.size()); 91 // 92 // In cases where performance is an issue, this matter must be addressed on 93 // an ad-hoc basis. 94 void* unsecurePointer() const; 95 96 size_t size() const; 97 ssize_t offset() const; 98 99 private: 100 // These are now deprecated and are left here for backward-compatibility 101 // with prebuilts that may reference these symbol at runtime. 102 // Instead, new code should use unsecurePointer()/unsecureFastPointer(), 103 // which do the same thing, but make it more obvious that there are some 104 // security-related pitfalls associated with them. 105 void* pointer() const; 106 void* fastPointer(const sp<IBinder>& heap, ssize_t offset) const; 107 }; 108 109 class BnMemory : public BnInterface<IMemory> 110 { 111 public: 112 // NOLINTNEXTLINE(google-default-arguments) 113 virtual status_t onTransact( 114 uint32_t code, 115 const Parcel& data, 116 Parcel* reply, 117 uint32_t flags = 0); 118 119 BnMemory(); 120 protected: 121 virtual ~BnMemory(); 122 }; 123 124 // ---------------------------------------------------------------------------- 125 126 } // namespace android 127 128 #endif // ANDROID_IMEMORY_H 129