On Binder Theory and Mechanism

Others 2020-03-05 23:15:09 views: null

Binder is an inter-process communication provided by Android ( the IPC, Inter-Process Communication) mechanism.

Android is a Linux-based operating systems, Linux comes with a variety of communication process, why the introduction of Binder. So before explaining Binder, first to analyze seven kinds of communication that comes with Linux.

First, the inter-process communication system Linux

Process is an independent resource allocation unit resources between different processes (usually refers to the user process) is an independent, a process can not access resources directly to another process, but the process is not isolated, different processes require information transfer interaction and status, etc., and therefore require inter-process communication.

Interprocess communication purposes:

  • Data transmission: a process needs to send its data to another process.
  • Notification events: a need to send a message to another process or group of processes, informing it (them) some event occurs (such as when to notify the parent process terminates).
  • Resource sharing: sharing the same resources among multiple processes. To do this, we need the kernel provides mutual exclusion and synchronization mechanisms.
  • Process Control: Some want to completely control the process of execution of another process (such as Debug process), and the control will process all want to be able to intercept and exceptions into another process, and be able to timely know its status changed.

Linux as long as seven inter-process communication support as follows:

(1) duct (pipe)

Pipeline is a kernel buffer management, the equivalent of a piece of paper into our memory. End of the pipe is connected to the output of a process, the process information to be placed in the pipeline. The other end of the pipe is connected to a process input, the process information is taken into the duct. It does not require a large buffer, which is designed as an annular structure data so as to be recycled. When the pipeline is no information, then read from the process piping will wait until the other end of the process into information. When the pipe is filled with information, try placing the information in the process will wait until the other end of the process out information. When the two processes are terminated, the pipeline automatically disappears.

Pipeline allows a process to another and it has to communicate between processes common ancestor.

(2) named pipe (FIFO)

Similar conduit, but it may be used for any communication between the two processes, named pipes have corresponding file names in the file system. Named Pipes mkfifo command or system call mkfifo to create.

Disadvantages (named pipes and pipe): allocating a duct, a relatively limited buffer size when creating the data streaming bytes unformatted; Android is not suitable for a large number of process communication.

(3) message queue (message queue)

Message queue provided a method of transmitting a block of data from one process to another process. Each data block is considered to contain a type, the receiving process can independently receive containing different types of data structures. We can avoid synchronization and named pipes blocking problems by sending a message. However, the message queue as named pipes, each data block has a maximum length limit.

Disadvantages: information copied twice, the additional CPU consumption; frequent or inappropriate amount of information communication;

(4) shared memory (shared memory)

Shared memory is to allow two unrelated processes to access the same logical memory is the fastest form of IPC available. Shared between different processes of memory is usually scheduled for the same period of physical memory, the process can be connected to the same period of shared memory address space of their own, all processes can access the shared memory address. Meanwhile, for security reasons, it is often, such as semaphores used in conjunction with other communication mechanisms to achieve synchronization and mutual exclusion between processes. Without copying, shared buffer pay directly attach to the process virtual address space and speed .

Cons: communication design requires a complex mechanism to ensure that all interprocess communication effectiveness. Synchronization between processes operating system can not be achieved, the processes must use synchronization tools to solve; security issues more prominent , if Android is no different from using Binder each App in a memory, so it is very unsafe.

(5) socket (Socket)

As a more general socket interface, transmission efficiency is low, mainly for nowhere machine or across a communications network.

(6) the amount of signal (semaphore)

Often as a lock mechanism to prevent access to shared resources is a process, other processes can also access the resource. Therefore, the main as well as inter-process synchronization means between the different threads within the same process.

(7) signal (Signal)

Does not apply to the exchange of information, more suitable for the process interrupt control, such as illegal memory access, to kill a process and so on;

Second, why the introduction of Android Binder communication?

Let's expand the analysis of the Binder from five angles:

(1) From the performance data copying number: Binder copy data only once, and pipes, message queues, Socket require twice, but a memory copy of the shared memory are not required; From a performance perspective, second only to performance Binder in shared memory.

(2) from the viewpoint of stability is based on Binder C / S architecture, a simple explanation in C / S architecture, refers to the client (Client) and server (Server) consisting architecture, what needs Client terminal, sent directly Server side to give complete, clear and bright architecture, Server-side and client-independent, good stability; and shared memory implementation complexity, no other client and server, the need to fully take into account access to critical resources concurrency synchronization problems, Doing so could deadlock and other problems; this stability point of view, Binder superior to shared memory architecture.

Only from the above two points, each with pros and cons, not enough to support the use of IPC mechanism to google binder, then the more important reason is:

(3) From a security point of view the traditional recipient Linux IPC can not get a reliable partner process UID / PID, and thus can not identify the identity of the other; but Android as an open open-source system, with a lot of development platform, App Sources wide, So the phone's security seems extra important; for ordinary users, not want to download from the App store peeping hint data, background and so on power consumption caused by mobile phones, the traditional Linux IPC without any protective measures, entirely ensured by the upper-layer protocols.

Android installed for each application is assigned its own UID, UID so the process is an important symbol to identify the identity of the process, the aforementioned C / S architecture, Android system only exposed External Client terminal, the Client-side mission will be sent to Server-side, Server-side controls in accordance with the rights policy, judge UID / PID meets the access rights, access control is currently very often through pop-up dialog box asking permission to allow users to choose whether to run . Android 6.0, also known as Android M, at 6.0 before the system was first installed in the App first, all permissions will be involved in the entire App once asked, just keep your eyes will find a lot of App no access to address book and SMS , but in this one-time permission rights will be included in, allowing users may not refuse, because the refusal App does not work properly, and once authorized, the application will be able to misbehave.

To address this issue, google in Android M made adjustments no longer ask all the permissions together during installation, but in the course of App operation, which required permission to another bomb box asking whether the user to the appropriate authority for permission to do more fine control, allowing users to have more control, but it also brings a ** place to another user criticized, that is, the number of bomb box asking permission greatly increased. ** For the Android M platform, some App developers may write the mobile phone extremely frequent bomb box App, until the user attempts to authorization so far, which the user can not tolerate, not just the user's last Tucao App, there Android system and mobile phone manufacturers, some users might jump fruit powder, and it also requires the majority of Android developers, and handset manufacturers to work together to jointly create security and experience the superb Android phone.

Traditional IPC can only fill in data package UID / PID by the user; in addition, a reliable marker of identity itself only added by the IPC mechanism in the kernel. Second, the traditional IPC access points are open, can not establish a private channel. From a security point of view, greater security of Binder.

Having said that, some people may want to argue , even with the Android Binder architecture, and now Android phone's various rogue software, not just doing this peeping hint, backstage sneak flow thing? Yes, indeed there is, but it can not be said Binder security is not good, because the Android system is still master the mastership App can control this type of hooliganism, but for what the strategy adopted to control, android in this regard indeed there is a lot of room to be improved, and this is one of google and major mobile phone manufacturers have been working for improvement. In Android 6.0, google app for the rights issue as more efforts to apply permissions significantly tightened; In addition, Android Bootcamp 2016 Google held the General Assembly, google also said in Android 7.0 (also known as Android N) privacy rights aspects will be further strengthened reinforcement, such as SELinux, Memory safe language (still in the research), etc., in this year's may 18 to may 20, google will launch Android N.

Topics pulling away, and went on to say Binder.

(4) the level of language point of view we know more about Linux is based on the C language (language process-oriented), and Android is based on Java language (object-oriented statements), and for Binder precisely in line with object-oriented thinking, between the processes communication method call by reference into the object of a Binder object rather unique in that it is a Binder object can be cross-referenced process objects, it is an entity located in a process, and it was all over in a reference system among the various processes. It can be passed from one process to other processes, so that everyone can access the same Server, like an object or a reference to another reference assigned to the same. Binder blurred process boundaries, played down the inter-process communication process, the whole system seems to run into the same object-oriented programming. From the linguistic level, Binder Android system is more suitable for object-oriented language based system for Linux may be a bit "acclimatized."

In addition, Binder for Android born of such systems, rather than the Linux community did not think the presence of Binder IPC mechanism, for the majority of developers in the Linux community, I express my deep admiration, the world has been so superb and wonderful open source systems . Linux is not existing IPC mechanism is not good enough, on the contrary, after so many excellent engineers continually polished, still very good, each Linux IPC mechanism has a value of existence, while the Android system is also still using a lot of Linux existing IPC mechanism, according to the principle characteristic of each type of the IPC, and the time, tend to use different scene characteristics under the most suitable. For example, in IPC Zygote process of the Android OS uses a Socket (socket) mechanism , Android in the signal Kill Process adopted (signal) mechanism and so on. The Binder is more interaction with the IPC App system_server process with the upper layer .

(5) from the perspective of corporate strategy

As we know, Linux kernel is open source system, the open source licenses GPL protection, the agreement has the ability to "viral infection", and how to understand the Bible? Linux Kernel GPL-protected is running in kernel space, for running any class libraries, services, applications and other upper layer in user space, once SysCall (system call), calls to the underlying Kernel, you must also follow the GPL.

The father of Android Andy Rubin to the GPL clearly unacceptable, to that end, Google skillfully control the GPL kernel space and user space of the protocol using Apache-2.0 protocol (based on Android allows developers to not source community feedback ), while using the GPL agreement between the Lib library and the Apache-2.0 BSD license authorization method, effectively cut off infectious GPL, there is still much controversy, but at least for now relieve Android, let GPL stop at the kernel space, Google is a successful example of open source under the GPL Linux and commercialization of coexistence.

The above 5:00, we can see Binder is among the top Android system the process of choice for communication.

Three, Binder Theory and Mechanism

 The space is divided into Linux kernel space and user space, Linux operating system and drivers run in kernel space and user application program (user process) run in user space. Can not be accessed directly, the user can space System calls (correction system) to communicate with the kernel space, if there is a module in the kernel space, it is possible to complete the forwarding of data between two different user processes, the two processes can you can communicate a. Binder is based on the C / S architecture, meaning the client (Client) and server (Server) consisting architecture, what needs Client terminal, sent directly to the end to complete Server, as shown below:

Binder communication model has four characters: Binder Client, Binder Server, Binder Driver (Binder drive), ServiceManager.

Binder Client is the process of requesting a service; Binder Server is the process of providing services; Binder drive between carrying forward the process of data communication; ServiceManager maintain a mapping table, what are the services, each of which is what, what methods can be invoked. ServiceManager, Binder Client, Binder Server in a different process, all three of them in user space, while Binder driver in the kernel space.

Here we have a case to general description of the communication process Binder, Case: Client A process calls the add method computer object Server B process.

1, Server ServiceManager registration process to tell ServiceManager who I am, what I have, what I can do. There is like a computer than the Server B process objects, add the computer object has a method, then mapping table is generated.

2, Client A process to ServiceManager inquiry, I will call the add method computer object Server B process, due Binder Client and ServiceManager in a different process, so this process is also subject to drive Binder, Binder driver this time began to play his a role. When the query is completed to ServiceManager, Binder drive the computer objects converted computerProxy object and forwarded to the Client A process, therefore, is not to get the process Client A real computer object, but a proxy object that computerProxy object.

3, when Client A process calls the add method, the message is sent to the Binder driver, then drive to find the original is computerProxy, then Client A process should call the add method computer object, then drive to inform Server B process, call add your computer object's method, the results to me. Server B process then results will be sent to the driver, the driver forwarded to Client A process, then Client process also kept in the dark, he thought he was calling the method add real computer object, in fact, he just calls Acting only, but Client eventually got the results. Here can be found, Binder driver played a role in transit.

Binder architecture is shown below:

 

 

Reference links:

http://blog.csdn.net/lianghe_work/article/details/47707667

https://blog.csdn.net/zhu2695/article/details/51148249

https://github.com/interviewandroid/AndroidInterView

 

Guess you like

Origin www.cnblogs.com/yocapl/p/12422617.html
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com