Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3c4c09d6 authored by Arthur Ishiguro's avatar Arthur Ishiguro
Browse files

Add synchronization when EventFlag is created in sensors HAL init 

It's possible that race conditions can cause unexpected behavior if mEventQueueFlag is read while it is being created.

Bug: 380191409
Test: VTS pass
Change-Id: Ic9f1a901bcf1ce52907f3ce37a0cec75534d7bcd
parent 0b2502ba

sensors/aidl/default/Sensors.cpp

+19 −13
Original line number Diff line number Diff line
@@ -82,6 +82,7 @@ ScopedAStatus Sensors::initialize( 
        const MQDescriptor<int32_t, SynchronizedReadWrite>& in_wakeLockDescriptor,

        const std::shared_ptr<::aidl::android::hardware::sensors::ISensorsCallback>&

                in_sensorsCallback) {

    ALOGI("Sensors initializing");

    ScopedAStatus result = ScopedAStatus::ok();



    mEventQueue = std::make_unique<AidlMessageQueue<Event, SynchronizedReadWrite>>(
@@ -101,8 +102,12 @@ ScopedAStatus Sensors::initialize( 
    // Save a reference to the callback

    mCallback = in_sensorsCallback;



    {

        // Hold the lock to ensure that re-creation of event flag is atomic

        std::lock_guard<std::mutex> lock(mWriteLock);



        // Ensure that any existing EventFlag is properly deleted

    deleteEventFlag();

        deleteEventFlagLocked();



        // Create the EventFlag that is used to signal to the framework that sensor events have been

        // written to the Event FMQ
@@ -118,6 +123,7 @@ ScopedAStatus Sensors::initialize( 
        if (!mCallback || !mEventQueue || !mWakeLockQueue || mEventQueueFlag == nullptr) {

            result = ScopedAStatus::fromExceptionCode(EX_ILLEGAL_ARGUMENT);

        }

    }



    // Start the thread to read events from the Wake Lock FMQ

    mReadWakeLockQueueRun = true;

sensors/aidl/default/include/sensors-impl/Sensors.h

+8 −1
Original line number Diff line number Diff line
@@ -23,6 +23,8 @@ 
#include <map>

#include "Sensor.h"



#include <android-base/thread_annotations.h>



namespace aidl {

namespace android {

namespace hardware {
@@ -125,6 +127,11 @@ class Sensors : public BnSensors, public ISensorsEventCallback { 
    void deleteEventFlag() {

        // Hold the lock to ensure we don't delete the flag while it's being used in postEvents()

        std::lock_guard<std::mutex> lock(mWriteLock);

        deleteEventFlagLocked();

    }



    // Expects mWriteLock to be locked prior to invocation

    void deleteEventFlagLocked() {

        if (mEventQueueFlag != nullptr) {

            status_t status = EventFlag::deleteEventFlag(&mEventQueueFlag);

            if (status != OK) {
@@ -193,7 +200,7 @@ class Sensors : public BnSensors, public ISensorsEventCallback { 
    // The Wake Lock FMQ that is read to determine when the framework has handled WAKE_UP events

    std::unique_ptr<AidlMessageQueue<int32_t, SynchronizedReadWrite>> mWakeLockQueue;

    // Event Flag to signal to the framework when sensor events are available to be read

    EventFlag* mEventQueueFlag;

    EventFlag* mEventQueueFlag GUARDED_BY(mWriteLock);

    // Callback for asynchronous events, such as dynamic sensor connections.

    std::shared_ptr<::aidl::android::hardware::sensors::ISensorsCallback> mCallback;

    // A map of the available sensors.