diff --git a/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.cpp b/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.cpp index 548285abfb..9be9ea7c8e 100644 --- a/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.cpp +++ b/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.cpp @@ -31,6 +31,14 @@ namespace impl { GeneratorHub::GeneratorHub(const OnHalEvent& onHalEvent) : mOnHalEvent(onHalEvent), mThread(&GeneratorHub::run, this) {} +GeneratorHub::~GeneratorHub() { + mShuttingDownFlag.store(true); + mCond.notify_all(); + if (mThread.joinable()) { + mThread.join(); + } +} + void GeneratorHub::registerGenerator(int32_t cookie, FakeValueGeneratorPtr generator) { { std::lock_guard g(mLock); @@ -58,15 +66,18 @@ void GeneratorHub::unregisterGenerator(int32_t cookie) { } void GeneratorHub::run() { - while (true) { + while (!mShuttingDownFlag.load()) { std::unique_lock g(mLock); // Pop events whose generator does not exist (may be already unregistered) while (!mEventQueue.empty() && mGenerators.find(mEventQueue.top().cookie) == mGenerators.end()) { mEventQueue.pop(); } - // Wait until event queue is not empty - mCond.wait(g, [this] { return !mEventQueue.empty(); }); + // Wait until event queue is not empty or shutting down flag is set + mCond.wait(g, [this] { return !mEventQueue.empty() || mShuttingDownFlag.load(); }); + if (mShuttingDownFlag.load()) { + break; + } const VhalEvent& curEvent = mEventQueue.top(); diff --git a/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.h b/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.h index dcf6a4f06e..b25dbf1c09 100644 --- a/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.h +++ b/automotive/vehicle/2.0/default/impl/vhal_v2_0/GeneratorHub.h @@ -58,7 +58,7 @@ private: public: GeneratorHub(const OnHalEvent& onHalEvent); - ~GeneratorHub() = default; + ~GeneratorHub(); /** * Register a new generator. The generator will be discarded if it could not produce next event. @@ -84,6 +84,7 @@ private: mutable std::mutex mLock; std::condition_variable mCond; std::thread mThread; + std::atomic mShuttingDownFlag{false}; }; } // namespace impl diff --git a/camera/common/1.0/default/CameraModule.cpp b/camera/common/1.0/default/CameraModule.cpp index 27e74f1480..16fb85cc64 100644 --- a/camera/common/1.0/default/CameraModule.cpp +++ b/camera/common/1.0/default/CameraModule.cpp @@ -549,7 +549,6 @@ void CameraModule::removeCamera(int cameraId) { } } } - free_camera_metadata(metadata); } mCameraInfoMap.removeItem(cameraId); diff --git a/drm/1.0/default/Android.bp b/drm/1.0/default/Android.bp index af1c076e0d..a5cba5c2f4 100644 --- a/drm/1.0/default/Android.bp +++ b/drm/1.0/default/Android.bp @@ -32,6 +32,7 @@ cc_library_static { "-Werror", "-Wextra", "-Wall", + "-Wthread-safety", ], shared_libs: [ "liblog", @@ -42,7 +43,7 @@ cc_library_static { export_header_lib_headers: [ "libutils_headers", ], - export_include_dirs : ["include"] + export_include_dirs: ["include"], } soong_config_module_type { diff --git a/drm/1.0/default/CryptoPlugin.cpp b/drm/1.0/default/CryptoPlugin.cpp index e6d4e8447b..8dea7e9324 100644 --- a/drm/1.0/default/CryptoPlugin.cpp +++ b/drm/1.0/default/CryptoPlugin.cpp @@ -53,6 +53,8 @@ namespace implementation { uint32_t bufferId) { sp hidlMemory = mapMemory(base); + std::lock_guard shared_buffer_lock(mSharedBufferLock); + // allow mapMemory to return nullptr mSharedBufferMap[bufferId] = hidlMemory; return Void(); @@ -65,7 +67,7 @@ namespace implementation { const SharedBuffer& source, uint64_t offset, const DestinationBuffer& destination, decrypt_cb _hidl_cb) { - + std::unique_lock shared_buffer_lock(mSharedBufferLock); if (mSharedBufferMap.find(source.bufferId) == mSharedBufferMap.end()) { _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, 0, "source decrypt buffer base not set"); return Void(); @@ -79,7 +81,7 @@ namespace implementation { } } - android::CryptoPlugin::Mode legacyMode; + android::CryptoPlugin::Mode legacyMode = android::CryptoPlugin::kMode_Unencrypted; switch(mode) { case Mode::UNENCRYPTED: legacyMode = android::CryptoPlugin::kMode_Unencrypted; @@ -146,7 +148,10 @@ namespace implementation { return Void(); } - if (destBuffer.offset + destBuffer.size > destBase->getSize()) { + size_t totalSize = 0; + if (__builtin_add_overflow(destBuffer.offset, destBuffer.size, &totalSize) || + totalSize > destBase->getSize()) { + android_errorWriteLog(0x534e4554, "176496353"); _hidl_cb(Status::ERROR_DRM_CANNOT_HANDLE, 0, "invalid buffer size"); return Void(); } @@ -157,7 +162,7 @@ namespace implementation { } base = static_cast(static_cast(destBase->getPointer())); - destPtr = static_cast(base + destination.nonsecureMemory.offset); + destPtr = static_cast(base + destination.nonsecureMemory.offset); } else if (destination.type == BufferType::NATIVE_HANDLE) { if (!secure) { _hidl_cb(Status::BAD_VALUE, 0, "native handle destination must be secure"); @@ -170,6 +175,10 @@ namespace implementation { _hidl_cb(Status::BAD_VALUE, 0, "invalid destination type"); return Void(); } + + // release mSharedBufferLock + shared_buffer_lock.unlock(); + ssize_t result = mLegacyPlugin->decrypt(secure, keyId.data(), iv.data(), legacyMode, legacyPattern, srcPtr, legacySubSamples.get(), subSamples.size(), destPtr, &detailMessage); diff --git a/drm/1.0/default/CryptoPlugin.h b/drm/1.0/default/CryptoPlugin.h index 11cc2aae47..0d091fae65 100644 --- a/drm/1.0/default/CryptoPlugin.h +++ b/drm/1.0/default/CryptoPlugin.h @@ -17,11 +17,14 @@ #ifndef ANDROID_HARDWARE_DRM_V1_0__CRYPTOPLUGIN_H #define ANDROID_HARDWARE_DRM_V1_0__CRYPTOPLUGIN_H -#include +#include #include +#include #include #include +#include + namespace android { namespace hardware { namespace drm { @@ -60,19 +63,21 @@ struct CryptoPlugin : public ICryptoPlugin { Return setSharedBufferBase(const ::android::hardware::hidl_memory& base, uint32_t bufferId) override; - Return decrypt(bool secure, const hidl_array& keyId, - const hidl_array& iv, Mode mode, const Pattern& pattern, - const hidl_vec& subSamples, const SharedBuffer& source, - uint64_t offset, const DestinationBuffer& destination, - decrypt_cb _hidl_cb) override; + Return decrypt( + bool secure, const hidl_array& keyId, const hidl_array& iv, + Mode mode, const Pattern& pattern, const hidl_vec& subSamples, + const SharedBuffer& source, uint64_t offset, const DestinationBuffer& destination, + decrypt_cb _hidl_cb) override NO_THREAD_SAFETY_ANALYSIS; // use unique_lock -private: + private: android::CryptoPlugin *mLegacyPlugin; - std::map > mSharedBufferMap; + std::map> mSharedBufferMap GUARDED_BY(mSharedBufferLock); CryptoPlugin() = delete; CryptoPlugin(const CryptoPlugin &) = delete; void operator=(const CryptoPlugin &) = delete; + + std::mutex mSharedBufferLock; }; } // namespace implementation