Android Binder: Deep Dive

Zafar Shahid, PhD Android Binder Deep Dive Track (1/3) 1
Android Binder:
Getting Started
by
Zafar Shahid
Oct. 14 2018
Silicon Valley Code Camp
Paypal San Jose CA

Who are we
IPC: The heart of Android
Design Patterns
Proxy, Bridge, Mediator
Binder IPC Internals
Case Study (Graphics)
Conclusion
Agenda

iBridge interview preparation group
https://www.meetup.com/iBridge-Interview-Preparation-Group/
Meetup for latest trends in technology
White boarding opportunity
Share knowledge and learn from peers
Challenge yourself
Who are we

IPC: The heart of Android

Activity
Manager
Window
Manager
Alarm
Manager
Activity
Kernel
IPC (Inter-Process Communication)

Why IPC?
o Why
o Sandboxed process
o Isolation
o Security
o Reliability
o IPC In GNU/Linux
o Signal
o Pipe
o Socket
o Semaphore
o Message queue
o Shared memory
o IPC In Android
o Binder: lightweight RPC

•Developed under the name OpenBinder by Palm Inc. under the
leadership of Dianne Hackborn
•Android Binder is the customized re-implementation of
OpenBinder, which provides bindings to functions and data
from one execution environment to another
Binder History

8
Problem statement
• Applications and Services may run in
separate processes but must communicate
and share data
• IPC can introduce significant processing
overhead and security holes.

Binder: Android's Solution
• Driver to facilitate inter-process communication
• High performance through shared memory
• Per-process thread pool for processing requests
• Reference counting, and mapping of object
references across processes
• Synchronous calls between processes
“In the Android platform, the binder is used for
nearly everything that happens across processes
in the core platform. " – Dianne Hackborn
https://lkml.org/lkml/2009/6/25/3

caller
callee
In the same process
Method invocation

caller
callee
callee
caller
interface
interface
interface
How?
Inter-process method invocation

caller
callee
Binder in kernel
callee
caller
Proxy
Binder Thread
Stub
interface
interface
interface
Inter-process method invocation

Design Patterns
• Proxy Pattern
• Mediator Pattern
• Bridge Pattern

14
Proxy Pattern in Android
•Binder decomposes the method call and all its corresponding
data to a level that Linux can understand.
• Transmitting it from the local process and address space to
the remote process and address space.
• Reassembling and reenacting the call there.
caller
callee
Binder in kernel
callee
caller
Proxy
Binder Thread
Stub
interface
interface
interface

Mediator Pattern
•With the mediator pattern, communication
between objects is encapsulated with
a mediator object.

Bridge Pattern
•decouple an abstraction from its implementation
so that the two can vary independently

Proxy Design Pattern
A Proxy is basically a representative between
the Client and the Component.
It gives the Client a simple interface to the
Component.

Some Proxy Pattern Usage
Protection Proxy: Controls access to
Component based on the access rights
of Clients.
Cache Proxy: Saves results temporarily
so when Client requests same expensive
operation again, the saved results are
returned without making call to
Component.
Virtual Proxy: Expensive objects are
created on demand.

Firewall Proxy

Cache Proxy

Mediator Pattern
Common problem: Multiple objects of
same or different classes must
communicate/interact. Multiple
dependencies complicate objects, lead to
“spaghetti code.”
Solution: Define an object that
encapsulates how a set of objects
interact and interconnect. Make that
object the hub of communications,
responsible for controlling and
coordinating the interactions of clients –
the colleague objects.

Law of Demeter
“… the methods of a class should
not depend in any way on the
structure of any class, except the
immediate (top-level) structure of
their own class. Further, each
method should send messages to
objects belonging to a very limited
set of classes only.”

Analogies/Metaphors
Air traffic control
Stock market
eBay
Linux File permissions

Linux
file
permissions

Air Traffic Control Tower Mediator
Air Traffic Control Tower: (Mediator)
• Control tower at a controlled airport :
• Pilot communicating with the Traffic control.
• Some constraints on take off and landing are enforced
by the tower
• Tower does not control the whole flight. It exists only
to enforce constraints in terminal area.
Air Traffic Controller

Motivation – Mozilla ver 1.4.1
GKGFX rendering library
From an abandoned code base
Lines are dependency relationships

Mutual Dependencies - Mozilla 1.4.1
Object Oriented Design
encourages distribution of
behavior among objects.
Such distribution can result
in an object structure with
many connections between
objects.
In the worst case, every
object ends up knowing
about every other.
www.castle-
cadenza.demon.co.uk/mediat.htm

Quote from Mozilla Developer
“Even though some of us used to work on Mozilla, we have
to admit that the Mozilla code is a gigantic, bloated mess,
not to mention slow, and with an internal API so
flamboyantly baroque that frankly we can't even
comprehend where to begin”
http://news.com.com/2100-1023-980492.html

Static Structure
ConcreteMediator
Mediator Colleague
ConcreteColleague1 ConcreteColleague2

Advantages
• Limits subclassing – localizes behavior that would otherwise be
distributed among several objects.
• Decouples colleagues – As the number of connections is limited
by redirecting to a common object.
• Promotes high level of reusability – It proliferates the
interconnections to help eventually reduce it.
• Due to loose coupling, both mediator and colleague classes can
be reused independent of each other.
• Changing the system behavior means subclassing the Mediator.
Danger
• Mediator can become monolithic, violating proscription
against “God” or manager classes and making it hard to
maintain.

Bridge patterns in
linking Java and C++
•Mediator pattern
Bridge Pattern in Android

Binder in Action
Process BProcess A

Binder Internals

•Binder framework
•Binder Object
–an instance of a class that implements the Binder interface.
–One Binder object can implement multiple Binders
•Binder Protocol
•IBinder Interface
–is a well-defined set of methods, properties and events that a
Binder can implement.
•Binder Token
–A numeric value that uniquely identifies a Binder
• Marshalling
• Parcels
• Binder driver
Binder Terminology

• IPC
•Identifying
•Calls
•Notification
•Security
Facilities

•Special Binder node with known Binder address
•Client does not know the address of remote Binder
–only Binder interface knows its own address
•Binder submits a name and its Binder token to SM
–Client retrieves Binder address with service name from SM
Service Manager (SM)

Get Service list from SM
•$ adb shell service list
Found 71 services:
0 stub_isms: [com.android.internal.telephony.ISms]
1 stub_phone: [com.android.internal.telephony.ITelephony]
2 stub_iphonesubinfo:
[com.android.internal.telephony.IPhoneSubInfo]
..
5 stub_telephony.registry:
[com.android.internal.telephony.ITelephonyRegistry]
...
7 stub_activity: [android.app.IActivityManager]
...
9 phone: [com.android.internal.telephony.ITelephony]
…
56 activity: [android.app.IActivityManager]
...
64 SurfaceFlinger: [android.ui.ISurfaceComposer]
...

Service Registration and Discovery

Implementation Layers of Binder
Implemented in C
Implemented in C++
Implemented in Java

API Layer
• AIDL (Android Interface Definition Languag
– Ease the implementation of
Android remote services
– Defines an interface with method
of remote services
• AIDL parser generates Java class
- Proxy class for Client
- Stub class for Service
• Java API Wrapper
- Introduce facilities to the binder
– Wraps the middleware layer

41
AIDL (Android Interface Definition Language)
• Jave like syntax
• Data Types
–Java Primitives
–Containers
•String, List, Map, CharSequence
•List<>
•Multidimensional Array
–Parcelable
–Interface Reference
• Direction - in, out, inout
• oneway
–android.os.IBinder.FLAG_ONEWAY

42
AIDL Compiler
Full-fledged Java(-only) Support
Stub and Proxy Generator
// Interface
interface IRemoteService {
void ping();
}
public class RemoteService extends Service {
public IBinder onBind(Intent intent) { return mBinder; }
private final IRemoteService.Stub mBinder =
new IRemoteService.Stub() {
public void ping() { // Nothing }
};
}
IRemoteService mService =
IRemoteService.Stub.asInterface(service);
Server
Client

• Problem: Kernel is in C language and does not
understand classes and other complex objects.
•Solution: Marshalling and Parcels.
• Simple inter process messaging system
• In an object oriented view, the transaction data is
called parcel.
• The procedure of building a parcel is called
marshalling an object.
• The procedure of rebuilding a object from a parcel
is called unmarshalling an object.
Parcels and Marshalling

”flatten” ”unflatten”
transmit
Delivering arguments of method
android.os.Parcel

Representation of Parcel
• Parcel is NOT for general-purpose serialization
–This class (and the corresponding Parcelable API for
placing arbitrary objects into a Parcel) is designed as
a high-performance IPC transport.
–Not appropriate to place any Parcel data into
persistent storage
• Functions for writing/reading primitive data types:
–writeByte(byte) / readByte()
–writeDouble(double) / readDouble()
–writeFloat(float) / readFloat()
–writeInt(int) / readInt()
–writeLong(long) / readLong()
–writeString(String) / readString()

Middleware Layer
• Implements the user space facilities
of the Binder framework in C++
• Implements structures and methods
to spawn and manage new threads
• Provides interaction with the Binder
kernel driver

Kernel Driver Layer
• Binder Driver supports the file operations:
- open, mmap, release, poll
• ioctl arguments
– Command
– Data buffer
• Command
– BINDER_WRITE_READ
– BINDER_SET_MAX_THREADS
– BINDER_SET_CONTEXT_MGR
– BINDER_THREAD_EXIT

/dev/binder$ adb cat /sys/devices/virtual/misc/binder/uevent
MAJOR=10
MINOR=47
DEVNAME=binder

socket binder
internal status associated to FD associated to PID
(FD can be shared among
threads in the same
process)
read & write
operation
stream I/O done at once by
ioctl
network
transparency
Yes No
expected local only
Binder vs UNIX socket

50
Binder Performance
• Good
• Compact method index
• Native binary marshalling
• Support of ashmem shortcut
• Bad
• Dalvik Parcel overhead
• ioctl() path is not optimal
• Interface name overhead
• Limitations
• Not for streaming data
• Only local

51
Binder Security
•Binder’s Security Features
–Securely Determined Client Identity
–Binder.getCallingUid(), Binder.getCallingPid()
–Similar to Unix Domain Socket
getsockopt(..., SO_PEERCRED, ...)
–Interface Reference Security
•Client cannot guess Interface Reference
•Service Manager
–Directory Service for System Services
•Serveice should check client permission
Context.checkPermission(permission, pid, uid)

Remote Procedure Call

BINDER_WRITE_READ

•Target Method
–handle : Remote Interface
–ptr & cookie : Local Interface
•– code : Method ID
•Parcel - Input/Output Parameters
–data.ptr.buffer
–data_size
•Object Reference Management
–data.ptr.offsets
–offsets_size
•Security
–sender_pid
–sender_euid
•No Transaction GUID
–Transparent Recursion
Binder Transaction

Object Reference Management

Binder use case: Android Graphics

Binder IPC is used for communicating between Graphics client and service.
Ref: http://www.cnblogs.com/xl19862005/archive/2011/11/17/2215363.html
Use
Case

Surface
Source: frameworks/base/core/java/android/view/Surface.java
/* Handle on to a raw buffer that is being
managed by the screen compositor */
public class Surface implements Parcelable
{
public Surface() {
mCanvas = new CompatibleCanvas();
}
private class CompatibleCanvas
extends Canvas { /* ... */ }
}
Surface instances can be written to and restored from a Parcel.

”flatten” ”unflatten”
transmit
Delivering arguments of method

• Can combine 2D/3D surfaces and surfaces from multiple applications
• Surfaces passed as buffers via Binder IPC calls
• Can use OpenGL ES and 2D hardware acceleraton.
Android SurfaceFlinger

Everything is
around Binder

Camera + SurfaceFlinger + Binder

Questions?
References:
• Android IPC Mechanism by Jim Huang
• Inter-process communication of Android, Tetsuyuki Kobayashi
• http://blog.goggb.com/?post=1580
• Android Binder – Android Interprocess Communication, Thorsten
Schreiber
• Design Patterns in the Android Framework, Prof. Sheng-De Wang
• Deep Dive into Android IPC/Binder Framework at Android Builders
Summit 2013, by Aleksandar Gargenta, Marakana Inc.

Android Binder: Deep Dive

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Android Binder: Deep Dive

Similar a Android Binder: Deep Dive (20)

Último

Último (20)

Android Binder: Deep Dive