a9dfd6e453
Writing offset will trigger the kernel-side code to transform the flat binder object into the handle form, which (in my understanding) is not a valid operation for a NULL binder object. Meanwhile, the receiving side will create a corresponding Binder object from such handle, tripping the stability check as it will no longer accept UNDECLARED. OTOH, if the offset is not written, then the receiving side will receive the flat binder object as-is, with type BINDER and pointer NULL, which will be interpreted as NULL binder. This is also what Android's Parcel.cpp does [1][2]. IMO, this is sort of a hack. Binder kernel driver should handle the NULL binder internally, and not relying on the sender doing the correct thing. Meanwhile, the receiver should always reject a flat binder object of type BINDER. But that's how Android work, so... 🤷 [1]: https://github.com/LineageOS/android_frameworks_native/blob/lineage-19.1/libs/binder/Parcel.cpp#L1327-L1332 [2]: https://github.com/LineageOS/android_frameworks_native/blob/lineage-19.1/libs/binder/Parcel.cpp#L2023-L2029 Origin: vendor Forwarded: https://github.com/mer-hybris/libgbinder/pull/135
GLib-style interface to binder (Android IPC mechanism) Key features: 1. Integration with GLib event loop 2. Detection of 32 vs 64 bit kernel at runtime 3. Asynchronous transactions that don't block the event thread 4. Stable service manager and low-level transaction APIs Android keeps changing both low-level RPC and service manager protocols from version to version. To counter that, libgbinder implements configirable backends for different variants of those, and yet keeping its own API unchanged. Configuration is loaded from [Protocol] and [ServiceManager] sections of /etc/gbinder.conf file. The keys are binder device names or the special Default value, the value is the identifier of the protocol or service manager variant, respectively. In addition to reading /etc/gbinder.conf if it exists, /etc/gbinder.d directory is scanned for .conf files, the file list is sorted, files are loaded one by one, overwriting the entries loaded from /etc/gbinder.conf or from the previously processed file. Known protocol and service manager variants are aidl, aidl2, aidl3 and hidl. This list is expected to expand further in the future. The default configuration is as follows: [Protocol] Default = aidl /dev/binder = aidl /dev/hwbinder = hidl [ServiceManager] Default = aidl /dev/binder = aidl /dev/hwbinder = hidl Alternatively and preferably, one can specify the desired Android API level: [General] ApiLevel = 29 and let libgbinder pick the appropriate preset. Full list of presets can be found in src/gbinder_config.c