SlideShare a Scribd company logo

Understanding binder in android

Haifeng Li
Haifeng Li

Binder is an inter-process communication system used in Android to allow processes to interact. It uses a client-server model where a client contacts a service via its binder handle. Data is packaged into a parcel and sent to the kernel binder driver via ioctl calls. The driver then delivers the transaction to the target service's thread to be processed by its stub and dispatched to the actual service code.

Engineering
1 of 23
Download to read offline
Understanding Binder in Android Haifeng Li 2014-9-2
Outline •Background –What is Binder –Binder Communication Model –Terminology –Binder Software Stack •Client(user space) •Binder driver (Kernel Space) •Service(user space)
Background •What is Binder? –An Inter-process communication system for developing object-oriented OS services. clientserverData
Binder Communication Model User SpaceKernel SpaceCclientserviceBinder Driverioctl/open/...ioctl/open/... mInmOutioctl/open/... mInmOutmInmOutService Manager/system/bin/servicemanagerCGet ServiceAdd ServiceService 1 – handle 1Service 2 – handle 2...
Terminology •Service Handle •Remote Binder •Local Binder •Binder node •Binder reference •Service Manager(Context Manager) –It’s handle is 0 in all binder client and server. Binder DriverRemote Binder/HandleLocal BinderBinder NodeBinder ref.
IPC Software Stack App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6 1. BpBinder(n) -> transact(OP, data, &reply) 2. IPCThreadState::transact(handle, OP, data, reply) 3. ioctl(binder_fd, BINDER_OPERATION, &bwr) 4. IPCThreadState::getAndExecuteCommand() 5. Bnxxx::onTransact(OP, data, reply)
Client(user space) • Initialization – Call system call open(), which is binder_open in kernel. Open /dev/binder file and get a file description. Create some key data structures. – mmap 1MB-8KB virtual space for data transaction by binder_mmap in kernel. • Get handle of service from service manager • Sent request to Service by BpBinder(handle) • Data transact to kernel by IPCThreadState. App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6
Data Transaction in Client(1) •Package in Client 102 virtual void Client::Foo(int32_t push_data) { 103 Parcel data, reply; 104 data.writeInterfaceToken(IDemo::getInterfaceDescriptor()); 105 data.writeInt32(push_data);//writeStrongBinder(service) 109 110 remote()->transact(OP, data, &reply); Parcel...flat_binder_objectmDataflat_binder_objectmObjectsService
Data Transaction in Client(2) •Packaged to binder_transaction_data IPCThreadState::writeTransactionData(int32_t cmd, …, int32_t handle, uint32_t code, const Parcel& data…) •cmd will add to mData.(BC_TRANSACTION, BC_REPLY,… Binder Command) •Target: target handle •Cookie: will be define according to handle in binder driver •Code: Operation of client. •Offsets could help the binder driver to process binder object reference. Parcel...flat_binder_objectmDataflat_binder_objectmObjectstargetcookiecode... data.ptr.bufferdata.ptr.offsets... binder_transaction_data
Data Transaction in Client(3) •Binder Command(User->Driver) –Binder Thread Support: BC_REGISTER_LOOPER, BC_ENTER LOOPER,BC_EXIT_LOOPER –Binder Transactions: BC_TRANSACTION, BC_REPLY –Further Mechanism: BC_INCREFS, BC_RELEASE , BC_DECREFS, BC_REQUEST_DEATH_NOTIFICIATION, BC_CLEAR_DEATH_NOTIFICATION, BC_DEAD_BINDER_DONE,… •Binder Return Command (Driver -> User) –Binder Thread Support: BR_SPAWN_LOOPER –Binder Transactions: BR_TRANSACTION, BR_REPLY –Further Mechanism: BR_INCREFS,BR_ACQUIRE, BR_RELEASE , BR_DECREFS, BR_CLEAR_DEATH_NOTIFICATION_DONE, … ClientServerDriverBC_TRANSACTIONBR_TRANSACTIONBC_REPLYBR_REPLYBC_FREE_BUFFERBC_FREE_BUFFER
Data Transaction in Client(4) •Repackage to Parcel(mOut) •Each working thread has two parcel: mOut and mIn. mOut is for write buffer, mIn for read buffer. Parcelcmdbinder_transactin_datamDatawrite_sizeWrite_bufferRead_sizeRead_bufferbinder_write_read
Outline •Background •Client(user space) •Binder driver (Kernel Space) •Service(user space) App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6
Binder Driver:Binder Protocol •The protocol used for ioctl() system call. –BINDER_WRITE_READ –BINDER_SET_MAX_THREADS –BINDER_SET_CONTEXT_MGR –BINDER_THREAD_EXIT –BINDER_VERSION –BINDER_SET_IDLE_TIMEOUT
Key Data Structure (1) Binder Driver Process 1 Process 2 Process 3 binder_proc binder_proc binder_proc threads node refs_by_desc refs_by_node • The binder_proc is mapped to process by 1:1. It is created on binder_open(). • All binder_proc are listed in binder_procs. • The binder_proc has 4 red-black tree. • The binder_thread represents a working thread, inserted into threads rbtree. • The binder_node represents a service, inserted into node rbtree. • refs_by_desc and refs_by_node represent reference to a proc_node.
Key Data Structure (2) User spaceKernel spaceBpBinderRemote BinderBBinderLocal Binderbinder_procnoderefs_by_nodebinder_procnoderefs_by_nodebinder_refbinder_node
Key Data Structure (3) ... todothreadbinder_procbinder_threadtodobinder_workbinder_workbinder_workbinder_work... ... binder_transactionbinder_transaction
Input Data Format ParcelParcelwrite_sizewrite_bufferread_sizeread_bufferbinder_write_readbufferdata_sizeoffsets... binder_transaction_datacodecookiehandleoffset 1offset 2... ... flat_binder_objectflat_binder_objectBC_TRANSACTIONBC_XXXXxxx data structmOut... headIPCThreadStateClient
Transaction in Binder – Client (1) 1. Copy binder_write_read from user space 2. Copy xxx data to kernel space. Iterate the items: ① Get Binder command from write_buffer(BC_XXX). ② Get target thread/proc/node by handle. ③ Allocate binder_buffer from target space, and copy effective data. ④ Build a session(build_transaction). ⑤ Mount the session to target_thread’s todo list. ⑥ Mount a BINDER_WORK_TRANSACTION_COMPLETE binder_work to source thread ⑦ Wake up corresponding thread. Parcel Parcel write_size write_buffer read_size read_buffer binder_write_read buffer data_size offsets ... binder_transaction_data code cookie handle offset 1 offset 2 ... ... flat_binder_object flat_binder_object BC_TRANSACTION BC_XXX Xxxx data struct mOut ... head IPCThreadState Client 1 2 ① ② ③
Transaction in Binder –Client (2) Target SpacedataCopyParcelParcelwrite_sizewrite_bufferread_sizeread_bufferbinder_write_readbufferdata_sizeoffsets... binder_transaction_datacodecookiehandleoffset 1offset 2... ... flat_binder_objectflat_binder_objectBC_TRANSACTIONBC_XXXXxxx data structmOut... headIPCThreadStateClientbufferpriorityoffsetssender_euidbinder_transactioncodeto_threadto_procdata... offsets_sizedata_sizetarget_nodebinder_bufferOffsets[] Copy
Transaction in Binder -- Server 1.Server thread wake up and get a binder_work(binder_transaction) from todo list 2.Build a binder_transaction_data from binder_transaction 3.Set priority of current thread of client. 4.The buffer and offsets will be virtual address –Virtual address = kernel address + address offset 5.Copy binder_transaction_data to mIn 6.Return from kernel 7.IPCThreadState iternate the command and data. –For BR_TRANSACTION, call stub’s onTransact function, which will call server service function finally. Target Spacedatabufferpriorityoffsetssender_euidbinder_transactioncodeto_threadto_procdata... offsets_sizedata_sizetarget_nodebinder_bufferOffsets[] bufferdata_sizeoffsets... binder_transaction_datacodecookiehandle Kernel Space write_sizewrite_bufferread_sizeread_bufferbinder_write_readParcelmInBR_NOOPDatabinder_transaction_dataBR_TRANSACTIONCopy to user User Space
Transaction stack(1) •The stack is for recording transaction session. •Commonly, to_parent and from_parent is null. But, when the transaction rely on other session, what will happen? –The session in B will lost. A(list_head)todoBinder_thread BBinder_thread transaction_stackwait queue... (list_head)todotransaction_stackwait queue... to_parentfrom_parent... sender_euidbinder_transaction... to_threadtodo
Transaction stack(2) •For example, A -> B, B->C, C->A
Binder Workflow

Recommended

Overview of Android binder IPC implementation
Overview of Android binder IPC implementationOverview of Android binder IPC implementation
Overview of Android binder IPC implementationChethan Pchethan
 
Android IPC Mechanism
Android IPC MechanismAndroid IPC Mechanism
Android IPC Mechanism
National Cheng Kung University
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
Yu-Hsin Hung
 
Binder: Android IPC
Binder: Android IPCBinder: Android IPC
Binder: Android IPC
Shaul Rosenzwieg
 
Understanding the Android System Server
Understanding the Android System ServerUnderstanding the Android System Server
Understanding the Android System Server
Opersys inc.
 
Android Binder: Deep Dive
Android Binder: Deep DiveAndroid Binder: Deep Dive
Android Binder: Deep Dive
Zafar Shahid, PhD
 
Android Internals
Android InternalsAndroid Internals
Android Internals
Opersys inc.
 
Embedded Android : System Development - Part II (Linux device drivers)
Embedded Android : System Development - Part II (Linux device drivers)Embedded Android : System Development - Part II (Linux device drivers)
Embedded Android : System Development - Part II (Linux device drivers)
Emertxe Information Technologies Pvt Ltd
 

Recommended

Overview of Android binder IPC implementation
Overview of Android binder IPC implementationOverview of Android binder IPC implementation
Overview of Android binder IPC implementationChethan Pchethan
 
Android IPC Mechanism
Android IPC MechanismAndroid IPC Mechanism
Android IPC Mechanism
National Cheng Kung University
 
Android Binder IPC for Linux
Android Binder IPC for LinuxAndroid Binder IPC for Linux
Android Binder IPC for Linux
Yu-Hsin Hung
 
Binder: Android IPC
Binder: Android IPCBinder: Android IPC
Binder: Android IPC
Shaul Rosenzwieg
 
Understanding the Android System Server
Understanding the Android System ServerUnderstanding the Android System Server
Understanding the Android System Server
Opersys inc.
 
Android Binder: Deep Dive
Android Binder: Deep DiveAndroid Binder: Deep Dive
Android Binder: Deep Dive
Zafar Shahid, PhD
 
Android Internals
Android InternalsAndroid Internals
Android Internals
Opersys inc.
 
Embedded Android : System Development - Part II (Linux device drivers)
Embedded Android : System Development - Part II (Linux device drivers)Embedded Android : System Development - Part II (Linux device drivers)
Embedded Android : System Development - Part II (Linux device drivers)
Emertxe Information Technologies Pvt Ltd
 
Low Level View of Android System Architecture
Low Level View of Android System ArchitectureLow Level View of Android System Architecture
Low Level View of Android System Architecture
National Cheng Kung University
 
Android AIDL Concept
Android AIDL ConceptAndroid AIDL Concept
Android AIDL Concept
Charile Tsai
 
Explore Android Internals
Explore Android InternalsExplore Android Internals
Explore Android Internals
National Cheng Kung University
 
Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)
Emertxe Information Technologies Pvt Ltd
 
Android for Embedded Linux Developers
Android for Embedded Linux DevelopersAndroid for Embedded Linux Developers
Android for Embedded Linux Developers
Opersys inc.
 
Embedded Android : System Development - Part I
Embedded Android : System Development - Part IEmbedded Android : System Development - Part I
Embedded Android : System Development - Part I
Emertxe Information Technologies Pvt Ltd
 
Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Opersys inc.
 
Android binder introduction
Android binder introductionAndroid binder introduction
Android binder introduction
Derek Fang
 
Android's Multimedia Framework
Android's Multimedia FrameworkAndroid's Multimedia Framework
Android's Multimedia Framework
Opersys inc.
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
Q4.11: Porting Android to new Platforms
Q4.11: Porting Android to new PlatformsQ4.11: Porting Android to new Platforms
Q4.11: Porting Android to new Platforms
Linaro
 
Inter-process communication of Android
Inter-process communication of AndroidInter-process communication of Android
Inter-process communication of Android
Tetsuyuki Kobayashi
 
Android IPC Mechanism
Android IPC MechanismAndroid IPC Mechanism
Android IPC MechanismLihan Chen
 
Android Things : Building Embedded Devices
Android Things : Building Embedded DevicesAndroid Things : Building Embedded Devices
Android Things : Building Embedded Devices
Emertxe Information Technologies Pvt Ltd
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
Chris Simmonds
 
Android Storage - Vold
Android Storage - VoldAndroid Storage - Vold
Android Storage - Vold
William Lee
 
Deep Dive into the AOSP
Deep Dive into the AOSPDeep Dive into the AOSP
Deep Dive into the AOSP
Dr. Ketan Parmar
 
Learning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverLearning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device Driver
Nanik Tolaram
 
Aidl service
Aidl serviceAidl service
Aidl service
Anjan Debnath
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013
Opersys inc.
 
Understanding Monitor in Dalvik
Understanding Monitor in DalvikUnderstanding Monitor in Dalvik
Understanding Monitor in Dalvik
Haifeng Li
 
Understanding DLmalloc
Understanding DLmallocUnderstanding DLmalloc
Understanding DLmalloc
Haifeng Li
 

More Related Content

What's hot

Low Level View of Android System Architecture
Low Level View of Android System ArchitectureLow Level View of Android System Architecture
Low Level View of Android System Architecture
National Cheng Kung University
 
Android AIDL Concept
Android AIDL ConceptAndroid AIDL Concept
Android AIDL Concept
Charile Tsai
 
Explore Android Internals
Explore Android InternalsExplore Android Internals
Explore Android Internals
National Cheng Kung University
 
Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)
Emertxe Information Technologies Pvt Ltd
 
Android for Embedded Linux Developers
Android for Embedded Linux DevelopersAndroid for Embedded Linux Developers
Android for Embedded Linux Developers
Opersys inc.
 
Embedded Android : System Development - Part I
Embedded Android : System Development - Part IEmbedded Android : System Development - Part I
Embedded Android : System Development - Part I
Emertxe Information Technologies Pvt Ltd
 
Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Opersys inc.
 
Android binder introduction
Android binder introductionAndroid binder introduction
Android binder introduction
Derek Fang
 
Android's Multimedia Framework
Android's Multimedia FrameworkAndroid's Multimedia Framework
Android's Multimedia Framework
Opersys inc.
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
Q4.11: Porting Android to new Platforms
Q4.11: Porting Android to new PlatformsQ4.11: Porting Android to new Platforms
Q4.11: Porting Android to new Platforms
Linaro
 
Inter-process communication of Android
Inter-process communication of AndroidInter-process communication of Android
Inter-process communication of Android
Tetsuyuki Kobayashi
 
Android IPC Mechanism
Android IPC MechanismAndroid IPC Mechanism
Android IPC MechanismLihan Chen
 
Android Things : Building Embedded Devices
Android Things : Building Embedded DevicesAndroid Things : Building Embedded Devices
Android Things : Building Embedded Devices
Emertxe Information Technologies Pvt Ltd
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
Chris Simmonds
 
Android Storage - Vold
Android Storage - VoldAndroid Storage - Vold
Android Storage - Vold
William Lee
 
Deep Dive into the AOSP
Deep Dive into the AOSPDeep Dive into the AOSP
Deep Dive into the AOSP
Dr. Ketan Parmar
 
Learning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverLearning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device Driver
Nanik Tolaram
 
Aidl service
Aidl serviceAidl service
Aidl service
Anjan Debnath
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013
Opersys inc.
 

What's hot (20)

Low Level View of Android System Architecture
Low Level View of Android System ArchitectureLow Level View of Android System Architecture
Low Level View of Android System Architecture
 
Android AIDL Concept
Android AIDL ConceptAndroid AIDL Concept
Android AIDL Concept
 
Explore Android Internals
Explore Android InternalsExplore Android Internals
Explore Android Internals
 
Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)Embedded Android : System Development - Part II (HAL)
Embedded Android : System Development - Part II (HAL)
 
Android for Embedded Linux Developers
Android for Embedded Linux DevelopersAndroid for Embedded Linux Developers
Android for Embedded Linux Developers
 
Embedded Android : System Development - Part I
Embedded Android : System Development - Part IEmbedded Android : System Development - Part I
Embedded Android : System Development - Part I
 
Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Using and Customizing the Android Framework / part 4 of Embedded Android Work...
Using and Customizing the Android Framework / part 4 of Embedded Android Work...
 
Android binder introduction
Android binder introductionAndroid binder introduction
Android binder introduction
 
Android's Multimedia Framework
Android's Multimedia FrameworkAndroid's Multimedia Framework
Android's Multimedia Framework
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
 
Q4.11: Porting Android to new Platforms
Q4.11: Porting Android to new PlatformsQ4.11: Porting Android to new Platforms
Q4.11: Porting Android to new Platforms
 
Inter-process communication of Android
Inter-process communication of AndroidInter-process communication of Android
Inter-process communication of Android
 
Android IPC Mechanism
Android IPC MechanismAndroid IPC Mechanism
Android IPC Mechanism
 
Android Things : Building Embedded Devices
Android Things : Building Embedded DevicesAndroid Things : Building Embedded Devices
Android Things : Building Embedded Devices
 
Booting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot imagesBooting Android: bootloaders, fastboot and boot images
Booting Android: bootloaders, fastboot and boot images
 
Android Storage - Vold
Android Storage - VoldAndroid Storage - Vold
Android Storage - Vold
 
Deep Dive into the AOSP
Deep Dive into the AOSPDeep Dive into the AOSP
Deep Dive into the AOSP
 
Learning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverLearning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device Driver
 
Aidl service
Aidl serviceAidl service
Aidl service
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013
 

Viewers also liked

Understanding Monitor in Dalvik
Understanding Monitor in DalvikUnderstanding Monitor in Dalvik
Understanding Monitor in Dalvik
Haifeng Li
 
Understanding DLmalloc
Understanding DLmallocUnderstanding DLmalloc
Understanding DLmalloc
Haifeng Li
 
Understanding Semi-Space Garbage Collector in ART
Understanding Semi-Space Garbage Collector in ARTUnderstanding Semi-Space Garbage Collector in ART
Understanding Semi-Space Garbage Collector in ART
Haifeng Li
 
Process Scheduler and Balancer in Linux Kernel
Process Scheduler and Balancer in Linux KernelProcess Scheduler and Balancer in Linux Kernel
Process Scheduler and Balancer in Linux Kernel
Haifeng Li
 
Understanding SLAB in Linux Kernel
Understanding SLAB in Linux KernelUnderstanding SLAB in Linux Kernel
Understanding SLAB in Linux Kernel
Haifeng Li
 
AARCH64 VMSA Under Linux Kernel
AARCH64 VMSA Under Linux KernelAARCH64 VMSA Under Linux Kernel
AARCH64 VMSA Under Linux Kernel
Haifeng Li
 

Viewers also liked (6)

Understanding Monitor in Dalvik
Understanding Monitor in DalvikUnderstanding Monitor in Dalvik
Understanding Monitor in Dalvik
 
Understanding DLmalloc
Understanding DLmallocUnderstanding DLmalloc
Understanding DLmalloc
 
Understanding Semi-Space Garbage Collector in ART
Understanding Semi-Space Garbage Collector in ARTUnderstanding Semi-Space Garbage Collector in ART
Understanding Semi-Space Garbage Collector in ART
 
Process Scheduler and Balancer in Linux Kernel
Process Scheduler and Balancer in Linux KernelProcess Scheduler and Balancer in Linux Kernel
Process Scheduler and Balancer in Linux Kernel
 
Understanding SLAB in Linux Kernel
Understanding SLAB in Linux KernelUnderstanding SLAB in Linux Kernel
Understanding SLAB in Linux Kernel
 
AARCH64 VMSA Under Linux Kernel
AARCH64 VMSA Under Linux KernelAARCH64 VMSA Under Linux Kernel
AARCH64 VMSA Under Linux Kernel
 

Similar to Understanding binder in android

Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
InfluxData
 
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
Arnaud Le Hors
 
Processing IoT Data with Apache Kafka
Processing IoT Data with Apache KafkaProcessing IoT Data with Apache Kafka
Processing IoT Data with Apache Kafka
Matthew Howlett
 
Introduction to enterprise applications capacity planning
Introduction to enterprise applications capacity planning Introduction to enterprise applications capacity planning
Introduction to enterprise applications capacity planning
Leonid Grinshpan, Ph.D.
 
From logs to metrics
From logs to metricsFrom logs to metrics
From logs to metrics
Leonardo Di Donato
 
20131028 BTUG.be - BizTalk Tracking
20131028 BTUG.be - BizTalk Tracking20131028 BTUG.be - BizTalk Tracking
20131028 BTUG.be - BizTalk Tracking
BTUGbe
 
Cascon Decentralized IoT update - Blockchain and Smart Contracts
Cascon Decentralized IoT update - Blockchain and Smart ContractsCascon Decentralized IoT update - Blockchain and Smart Contracts
Cascon Decentralized IoT update - Blockchain and Smart Contracts
Mehdi Shajari
 
Byte Ordering - Unit 2.pptx
Byte Ordering - Unit 2.pptxByte Ordering - Unit 2.pptx
Byte Ordering - Unit 2.pptx
RockyBhai46825
 
Citi TechTalk Session 2: Kafka Deep Dive
Citi TechTalk Session 2: Kafka Deep DiveCiti TechTalk Session 2: Kafka Deep Dive
Citi TechTalk Session 2: Kafka Deep Dive
confluent
 
Sharding and things we'd like to see improved
Sharding and things we'd like to see improvedSharding and things we'd like to see improved
Sharding and things we'd like to see improved
Igor Donchovski
 
Zipkin
ZipkinZipkin
Zipkin
Cem Başaranoğlu
 
16-bit Microprocessor Design (2005)
16-bit Microprocessor Design (2005)16-bit Microprocessor Design (2005)
16-bit Microprocessor Design (2005)
Susam Pal
 
Create C++ Applications with the Persistent Memory Development Kit
Create C++ Applications with the Persistent Memory Development KitCreate C++ Applications with the Persistent Memory Development Kit
Create C++ Applications with the Persistent Memory Development Kit
Intel® Software
 
Mina2
Mina2Mina2
Mina2
ducquoc_vn
 
Build an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING StackBuild an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING Stack
InfluxData
 
Elements for an iOS Backend
Elements for an iOS BackendElements for an iOS Backend
Elements for an iOS Backend
Laurent Cerveau
 
Technical Report Vawtrak v2
Technical Report Vawtrak v2Technical Report Vawtrak v2
Technical Report Vawtrak v2
Blueliv
 
MongoDB World 2018: Building a New Transactional Model
MongoDB World 2018: Building a New Transactional ModelMongoDB World 2018: Building a New Transactional Model
MongoDB World 2018: Building a New Transactional Model
MongoDB
 

Similar to Understanding binder in android (20)

Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
Gene Hynson [InfluxData] | How We Built the MQTT Native Collector | InfluxDay...
 
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
 
Processing IoT Data with Apache Kafka
Processing IoT Data with Apache KafkaProcessing IoT Data with Apache Kafka
Processing IoT Data with Apache Kafka
 
Introduction to enterprise applications capacity planning
Introduction to enterprise applications capacity planning Introduction to enterprise applications capacity planning
Introduction to enterprise applications capacity planning
 
From logs to metrics
From logs to metricsFrom logs to metrics
From logs to metrics
 
20131028 BTUG.be - BizTalk Tracking
20131028 BTUG.be - BizTalk Tracking20131028 BTUG.be - BizTalk Tracking
20131028 BTUG.be - BizTalk Tracking
 
Cascon Decentralized IoT update - Blockchain and Smart Contracts
Cascon Decentralized IoT update - Blockchain and Smart ContractsCascon Decentralized IoT update - Blockchain and Smart Contracts
Cascon Decentralized IoT update - Blockchain and Smart Contracts
 
GCF
GCFGCF
GCF
 
Python lecture 11
Python lecture 11Python lecture 11
Python lecture 11
 
Byte Ordering - Unit 2.pptx
Byte Ordering - Unit 2.pptxByte Ordering - Unit 2.pptx
Byte Ordering - Unit 2.pptx
 
Citi TechTalk Session 2: Kafka Deep Dive
Citi TechTalk Session 2: Kafka Deep DiveCiti TechTalk Session 2: Kafka Deep Dive
Citi TechTalk Session 2: Kafka Deep Dive
 
Sharding and things we'd like to see improved
Sharding and things we'd like to see improvedSharding and things we'd like to see improved
Sharding and things we'd like to see improved
 
Zipkin
ZipkinZipkin
Zipkin
 
16-bit Microprocessor Design (2005)
16-bit Microprocessor Design (2005)16-bit Microprocessor Design (2005)
16-bit Microprocessor Design (2005)
 
Create C++ Applications with the Persistent Memory Development Kit
Create C++ Applications with the Persistent Memory Development KitCreate C++ Applications with the Persistent Memory Development Kit
Create C++ Applications with the Persistent Memory Development Kit
 
Mina2
Mina2Mina2
Mina2
 
Build an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING StackBuild an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING Stack
 
Elements for an iOS Backend
Elements for an iOS BackendElements for an iOS Backend
Elements for an iOS Backend
 
Technical Report Vawtrak v2
Technical Report Vawtrak v2Technical Report Vawtrak v2
Technical Report Vawtrak v2
 
MongoDB World 2018: Building a New Transactional Model
MongoDB World 2018: Building a New Transactional ModelMongoDB World 2018: Building a New Transactional Model
MongoDB World 2018: Building a New Transactional Model
 

Recently uploaded

在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
Intella Parts
 
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABSDESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
itech2017
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
An Approach to Detecting Writing Styles Based on Clustering Techniques
An Approach to Detecting Writing Styles Based on Clustering TechniquesAn Approach to Detecting Writing Styles Based on Clustering Techniques
An Approach to Detecting Writing Styles Based on Clustering Techniques
ambekarshweta25
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Teleport Manpower Consultant
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
manasideore6
 
basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
NidhalKahouli2
 
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
SamSarthak3
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
Dr Ramhari Poudyal
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
heavyhaig
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
aqil azizi
 
Modelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdfModelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdf
camseq
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 

Recently uploaded (20)

在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
 
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABSDESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
DESIGN AND ANALYSIS OF A CAR SHOWROOM USING E TABS
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
An Approach to Detecting Writing Styles Based on Clustering Techniques
An Approach to Detecting Writing Styles Based on Clustering TechniquesAn Approach to Detecting Writing Styles Based on Clustering Techniques
An Approach to Detecting Writing Styles Based on Clustering Techniques
 
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdfTop 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
Top 10 Oil and Gas Projects in Saudi Arabia 2024.pdf
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
 
basic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdfbasic-wireline-operations-course-mahmoud-f-radwan.pdf
basic-wireline-operations-course-mahmoud-f-radwan.pdf
 
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
 
Modelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdfModelagem de um CSTR com reação endotermica.pdf
Modelagem de um CSTR com reação endotermica.pdf
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 

Understanding binder in android

  • 1. Understanding Binder in Android Haifeng Li 2014-9-2
  • 2. Outline •Background –What is Binder –Binder Communication Model –Terminology –Binder Software Stack •Client(user space) •Binder driver (Kernel Space) •Service(user space)
  • 3. Background •What is Binder? –An Inter-process communication system for developing object-oriented OS services. clientserverData
  • 4. Binder Communication Model User SpaceKernel SpaceCclientserviceBinder Driverioctl/open/...ioctl/open/... mInmOutioctl/open/... mInmOutmInmOutService Manager/system/bin/servicemanagerCGet ServiceAdd ServiceService 1 – handle 1Service 2 – handle 2...
  • 5. Terminology •Service Handle •Remote Binder •Local Binder •Binder node •Binder reference •Service Manager(Context Manager) –It’s handle is 0 in all binder client and server. Binder DriverRemote Binder/HandleLocal BinderBinder NodeBinder ref.
  • 6. IPC Software Stack App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6 1. BpBinder(n) -> transact(OP, data, &reply) 2. IPCThreadState::transact(handle, OP, data, reply) 3. ioctl(binder_fd, BINDER_OPERATION, &bwr) 4. IPCThreadState::getAndExecuteCommand() 5. Bnxxx::onTransact(OP, data, reply)
  • 7. Client(user space) • Initialization – Call system call open(), which is binder_open in kernel. Open /dev/binder file and get a file description. Create some key data structures. – mmap 1MB-8KB virtual space for data transaction by binder_mmap in kernel. • Get handle of service from service manager • Sent request to Service by BpBinder(handle) • Data transact to kernel by IPCThreadState. App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6
  • 8. Data Transaction in Client(1) •Package in Client 102 virtual void Client::Foo(int32_t push_data) { 103 Parcel data, reply; 104 data.writeInterfaceToken(IDemo::getInterfaceDescriptor()); 105 data.writeInt32(push_data);//writeStrongBinder(service) 109 110 remote()->transact(OP, data, &reply); Parcel...flat_binder_objectmDataflat_binder_objectmObjectsService
  • 9. Data Transaction in Client(2) •Packaged to binder_transaction_data IPCThreadState::writeTransactionData(int32_t cmd, …, int32_t handle, uint32_t code, const Parcel& data…) •cmd will add to mData.(BC_TRANSACTION, BC_REPLY,… Binder Command) •Target: target handle •Cookie: will be define according to handle in binder driver •Code: Operation of client. •Offsets could help the binder driver to process binder object reference. Parcel...flat_binder_objectmDataflat_binder_objectmObjectstargetcookiecode... data.ptr.bufferdata.ptr.offsets... binder_transaction_data
  • 10. Data Transaction in Client(3) •Binder Command(User->Driver) –Binder Thread Support: BC_REGISTER_LOOPER, BC_ENTER LOOPER,BC_EXIT_LOOPER –Binder Transactions: BC_TRANSACTION, BC_REPLY –Further Mechanism: BC_INCREFS, BC_RELEASE , BC_DECREFS, BC_REQUEST_DEATH_NOTIFICIATION, BC_CLEAR_DEATH_NOTIFICATION, BC_DEAD_BINDER_DONE,… •Binder Return Command (Driver -> User) –Binder Thread Support: BR_SPAWN_LOOPER –Binder Transactions: BR_TRANSACTION, BR_REPLY –Further Mechanism: BR_INCREFS,BR_ACQUIRE, BR_RELEASE , BR_DECREFS, BR_CLEAR_DEATH_NOTIFICATION_DONE, … ClientServerDriverBC_TRANSACTIONBR_TRANSACTIONBC_REPLYBR_REPLYBC_FREE_BUFFERBC_FREE_BUFFER
  • 11. Data Transaction in Client(4) •Repackage to Parcel(mOut) •Each working thread has two parcel: mOut and mIn. mOut is for write buffer, mIn for read buffer. Parcelcmdbinder_transactin_datamDatawrite_sizeWrite_bufferRead_sizeRead_bufferbinder_write_read
  • 12. Outline •Background •Client(user space) •Binder driver (Kernel Space) •Service(user space) App1 service Proxy(BpBinder) Stub(BnBinder) IPCThreadState IPCThreadState Binder Module User Space Kernel Space Client Server 1 2 3 4 5 6
  • 13. Binder Driver:Binder Protocol •The protocol used for ioctl() system call. –BINDER_WRITE_READ –BINDER_SET_MAX_THREADS –BINDER_SET_CONTEXT_MGR –BINDER_THREAD_EXIT –BINDER_VERSION –BINDER_SET_IDLE_TIMEOUT
  • 14. Key Data Structure (1) Binder Driver Process 1 Process 2 Process 3 binder_proc binder_proc binder_proc threads node refs_by_desc refs_by_node • The binder_proc is mapped to process by 1:1. It is created on binder_open(). • All binder_proc are listed in binder_procs. • The binder_proc has 4 red-black tree. • The binder_thread represents a working thread, inserted into threads rbtree. • The binder_node represents a service, inserted into node rbtree. • refs_by_desc and refs_by_node represent reference to a proc_node.
  • 15. Key Data Structure (2) User spaceKernel spaceBpBinderRemote BinderBBinderLocal Binderbinder_procnoderefs_by_nodebinder_procnoderefs_by_nodebinder_refbinder_node
  • 16. Key Data Structure (3) ... todothreadbinder_procbinder_threadtodobinder_workbinder_workbinder_workbinder_work... ... binder_transactionbinder_transaction
  • 17. Input Data Format ParcelParcelwrite_sizewrite_bufferread_sizeread_bufferbinder_write_readbufferdata_sizeoffsets... binder_transaction_datacodecookiehandleoffset 1offset 2... ... flat_binder_objectflat_binder_objectBC_TRANSACTIONBC_XXXXxxx data structmOut... headIPCThreadStateClient
  • 18. Transaction in Binder – Client (1) 1. Copy binder_write_read from user space 2. Copy xxx data to kernel space. Iterate the items: ① Get Binder command from write_buffer(BC_XXX). ② Get target thread/proc/node by handle. ③ Allocate binder_buffer from target space, and copy effective data. ④ Build a session(build_transaction). ⑤ Mount the session to target_thread’s todo list. ⑥ Mount a BINDER_WORK_TRANSACTION_COMPLETE binder_work to source thread ⑦ Wake up corresponding thread. Parcel Parcel write_size write_buffer read_size read_buffer binder_write_read buffer data_size offsets ... binder_transaction_data code cookie handle offset 1 offset 2 ... ... flat_binder_object flat_binder_object BC_TRANSACTION BC_XXX Xxxx data struct mOut ... head IPCThreadState Client 1 2 ① ② ③
  • 19. Transaction in Binder –Client (2) Target SpacedataCopyParcelParcelwrite_sizewrite_bufferread_sizeread_bufferbinder_write_readbufferdata_sizeoffsets... binder_transaction_datacodecookiehandleoffset 1offset 2... ... flat_binder_objectflat_binder_objectBC_TRANSACTIONBC_XXXXxxx data structmOut... headIPCThreadStateClientbufferpriorityoffsetssender_euidbinder_transactioncodeto_threadto_procdata... offsets_sizedata_sizetarget_nodebinder_bufferOffsets[] Copy
  • 20. Transaction in Binder -- Server 1.Server thread wake up and get a binder_work(binder_transaction) from todo list 2.Build a binder_transaction_data from binder_transaction 3.Set priority of current thread of client. 4.The buffer and offsets will be virtual address –Virtual address = kernel address + address offset 5.Copy binder_transaction_data to mIn 6.Return from kernel 7.IPCThreadState iternate the command and data. –For BR_TRANSACTION, call stub’s onTransact function, which will call server service function finally. Target Spacedatabufferpriorityoffsetssender_euidbinder_transactioncodeto_threadto_procdata... offsets_sizedata_sizetarget_nodebinder_bufferOffsets[] bufferdata_sizeoffsets... binder_transaction_datacodecookiehandle Kernel Space write_sizewrite_bufferread_sizeread_bufferbinder_write_readParcelmInBR_NOOPDatabinder_transaction_dataBR_TRANSACTIONCopy to user User Space
  • 21. Transaction stack(1) •The stack is for recording transaction session. •Commonly, to_parent and from_parent is null. But, when the transaction rely on other session, what will happen? –The session in B will lost. A(list_head)todoBinder_thread BBinder_thread transaction_stackwait queue... (list_head)todotransaction_stackwait queue... to_parentfrom_parent... sender_euidbinder_transaction... to_threadtodo
  • 22. Transaction stack(2) •For example, A -> B, B->C, C->A