Binder系列1—Binder Driver初探


android6.0

kernel/drivers/ (不同Linux分支路径略有不同) - staging/android/binder.c - android/binder.c

流程如下:

IPC

Zygote socket

Client Server ServiceManager binder

Service Server

Service Manager

binder_init

misc_register

binder_open

binder_mmap

void *start,void *end,

物理空间映射到虚拟进程空间

binder_ioctl

binder_get_thread

binder_ref ->BpBinder

binder_node->BnBinder

binder_transaction_data

write_buffer->BC_TRANSACTION

read_buffer->BR_TRANSACTION write_buffer->BC_TRANSACTION

union {
struct {
binder_uintptr_t buffer; //数据区起始地址
binder_uintptr_t offsets; //数据区IPC对象偏移量
} ptr;
__u8 buf[8];
} data; //RPC数据

flat_binder_object

struct binder_transaction_data {
union {
__u32 handle; //binder_ref(即handle)->BpBinder(客户端)
binder_uintptr_t ptr; //Binder_node的内存地址 - >BnBinder(服务端)
} target; //RPC目标

}

binder_ref ->BpBinder

binder_node->BnBinder

binder_transaction

3. 源码附录

本文基于Linux 4.4源码, 从上之下, 整个Binder架构所涉及的总共有以下5个目录:

1
2
3
4
5
/framework/base/core/java/               (Java)
/framework/base/core/jni/                (JNI)
/framework/native/libs/binder            (Native)
/framework/native/cmds/servicemanager/   (Native)
/kernel/drivers/android                  (Driver)

(1)Java framework

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
/framework/base/core/java/android/os/  
    - IServiceManager.java
    - ServiceManager.java
    - ServiceManagerNative.java
    - IInterface.java
    - IBinder.java
    - Parcel.java
    - Binder.java  

    - IHwInterface.java
    - IHwBinder.java
    - HwParcel.java
    - HwBinder.java
    - HwRemoteBinder.java


/framework/base/core/jni/    
    - AndroidRuntime.cpp
    - android_os_Parcel.cpp
    - android_util_Binder.cpp
    - android_os_HwParcel.cpp
    - android_os_HwBinder.cpp

    - android_os_Parcel.h
    - android_util_Binder.h
    - android_os_HwParcel.h
    - android_os_HwBinder.h

(2)Native framework

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
/framework/native/libs/binder        
    - IServiceManager.cpp
    - Interface.cpp
    - Binder.cpp
    - BpBinder.cpp
    - Parcel.cpp
    - IPCThreadState.cpp
    - ProcessState.cpp

/framework/native/libs/binder/include/binder
    - IServiceManager.h
    - Interface.h
    - Binder.h
    - BpBinder.h
    - Parcel.h
    - IPCThreadState.h
    - ProcessState.h
    - BinderService.h

/framework/native/cmds/servicemanager/
    - service_manager.c
    - binder.c
    - binder.h

(3)Kernel

1
2
3
4
5
6
7
/kernel/drivers/android/
    - binder.c
    - binder_alloc.c
    - binder_alloc.h

/kernel/include/uapi/linux/android/
    - binder.h