Android 多进程开发 - AIDL 回调、RemoteCallbackList、AIDL 安全校验

一、AIDL 的回调

1、基本介绍

• AIDL 的回调指服务端主动通知客户端，例如，位置变化，这需要跨进程回调

2、演示

（1）Callback

• IPlayerCallback.aidl，这里是位于src/main/java/com/my/common包下

packagecom.my.common;interfaceIPlayerCallback{voidonSongChanged(StringsongName);voidonPlayStateChanged(booleanisPlaying);}

（2）AIDL

• IMyAidlInterface.aidl，这里是位于src/main/java/com/my/common包下

packagecom.my.common;importcom.my.common.IPlayerCallback;interfaceIMyAidlInterface{voidplay();voidpause();voidregisterCallback(IPlayerCallbackcallback);voidunregisterCallback();}

（3）Server

privateIPlayerCallbackcallback;privateStringsongName;privatebooleanisPlaying=false;privatefinalIMyAidlInterface.Stubbinder=newIMyAidlInterface.Stub(){@Overridepublicvoidplay()throwsRemoteException{if(isPlaying)return;isPlaying=true;if(callback==null)return;callback.onPlayStateChanged(isPlaying);if(songName==null){songName="Server Song";callback.onSongChanged(songName);}}@Overridepublicvoidpause()throwsRemoteException{if(!isPlaying)return;isPlaying=false;if(callback==null)return;callback.onPlayStateChanged(isPlaying);}@OverridepublicvoidregisterCallback(IPlayerCallbackcallback)throwsRemoteException{ServerService.this.callback=callback;}@OverridepublicvoidunregisterCallback()throwsRemoteException{ServerService.this.callback=null;}};

（4）Client

try{myAidlInterface.play();Log.i(TAG,"play method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"play method error: "+e.getMessage());}

try{myAidlInterface.pause();Log.i(TAG,"pause method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"pause method error: "+e.getMessage());}

try{myAidlInterface.registerCallback(newIPlayerCallback.Stub(){@OverridepublicvoidonSongChanged(StringsongName)throwsRemoteException{Log.i(TAG,"now thread: "+Thread.currentThread().getName());Log.i(TAG,"onSongChanged: "+songName);}@OverridepublicvoidonPlayStateChanged(booleanisPlaying)throwsRemoteException{Log.i(TAG,"now thread: "+Thread.currentThread().getName());Log.i(TAG,"onPlayStateChanged: "+isPlaying);}});Log.i(TAG,"registerCallback method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"registerCallback method error: "+e.getMessage());}

try{myAidlInterface.unregisterCallback();Log.i(TAG,"unregisterCallback method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"unregisterCallback method error: "+e.getMessage());}

（5）Test

1. 先调用 registerCallback 方法，输出结果如下

registerCallback method success

2. 再调用 play 方法，输出结果如下

now thread: main onPlayStateChanged: true now thread: main onSongChanged: Server Song play method success

3. 再调用 pause 方法，输出结果如下

now thread: main onPlayStateChanged: false pause method success

4. 最后调用 unregisterCallback 方法，输出结果如下

unregisterCallback method success

二、RemoteCallbackList

1、基本介绍

1. RemoteCallbackList 是 Android 专门为跨进程通信设计的一个工具类，它用于安全、自动地管理回调

2. beginBroadcast 是 RemoteCallbackList 中用于安全遍历列表的一个方法，它配合 finishBroadcast 方法一起使用

3. beginBroadcast 方法会固定当前要遍历的快照（记录当前所有存活回调的数量），在调用finishBroadcast 方法之前，列表不会变化

2、演示

（1）Callback

• IPlayerCallback.aidl，这里是位于src/main/java/com/my/common包下

packagecom.my.common;interfaceIPlayerCallback{voidonSongChanged(StringsongName);voidonPlayStateChanged(booleanisPlaying);}

（2）AIDL

• IMyAidlInterface.aidl，这里是位于src/main/java/com/my/common包下

packagecom.my.common;importcom.my.common.IPlayerCallback;interfaceIMyAidlInterface{voidplay();voidpause();voidregisterCallback(IPlayerCallbackcallback);voidunregisterCallback(IPlayerCallbackcallback);}

（3）Server

privateRemoteCallbackList<IPlayerCallback>callbackList=newRemoteCallbackList<>();privateStringsongName;privatebooleanisPlaying=false;privatefinalIMyAidlInterface.Stubbinder=newIMyAidlInterface.Stub(){@Overridepublicvoidplay()throwsRemoteException{if(isPlaying)return;isPlaying=true;booleanisSongNameChanged=false;if(songName==null){songName="Server Song";isSongNameChanged=true;}intn=callbackList.beginBroadcast();for(inti=0;i<n;i++){IPlayerCallbackcallback=callbackList.getBroadcastItem(i);callback.onPlayStateChanged(isPlaying);if(isSongNameChanged)callback.onSongChanged(songName);}callbackList.finishBroadcast();}@Overridepublicvoidpause()throwsRemoteException{if(!isPlaying)return;isPlaying=false;intn=callbackList.beginBroadcast();for(inti=0;i<n;i++){IPlayerCallbackcallback=callbackList.getBroadcastItem(i);callback.onPlayStateChanged(isPlaying);}callbackList.finishBroadcast();}@OverridepublicvoidregisterCallback(IPlayerCallbackcallback)throwsRemoteException{callbackList.register(callback);}@OverridepublicvoidunregisterCallback(IPlayerCallbackcallback)throwsRemoteException{callbackList.unregister(callback);}};

（4）Client

try{myAidlInterface.play();Log.i(TAG,"play method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"play method error: "+e.getMessage());}

try{myAidlInterface.pause();Log.i(TAG,"pause method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"pause method error: "+e.getMessage());}

try{myAidlInterface.registerCallback(newIPlayerCallback.Stub(){@OverridepublicvoidonSongChanged(StringsongName)throwsRemoteException{Log.i(TAG,"now thread: "+Thread.currentThread().getName());Log.i(TAG,"onSongChanged: "+songName);}@OverridepublicvoidonPlayStateChanged(booleanisPlaying)throwsRemoteException{Log.i(TAG,"now thread: "+Thread.currentThread().getName());Log.i(TAG,"onPlayStateChanged: "+isPlaying);}});Log.i(TAG,"registerCallback method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"registerCallback method error: "+e.getMessage());}

try{myAidlInterface.unregisterCallback();Log.i(TAG,"unregisterCallback method success");}catch(RemoteExceptione){e.printStackTrace();Log.e(TAG,"unregisterCallback method error: "+e.getMessage());}

（5）Test

1. 先调用 registerCallback 方法，输出结果如下

registerCallback method success

2. 再调用 play 方法，输出结果如下

now thread: main onPlayStateChanged: true now thread: main onSongChanged: Server Song play method success

3. 再调用 pause 方法，输出结果如下

now thread: main onPlayStateChanged: false pause method success

4. 最后调用 unregisterCallback 方法，输出结果如下

unregisterCallback method success

三、AIDL 安全校验

需求引入

• 默认情况下，任何知道 AIDL 接口的应用都能绑定服务并调用方法，这可能导致数据泄露和恶意调用

1、权限校验

（1）Server

1. AndroidManifest.xml，定义权限

<permissionandroid:name="com.my.ACCESS_TEST_SERVICE"android:protectionLevel="normal"/>

2. 在 Binder 方法中校验权限

intresult=checkCallingPermission("com.my.ACCESS_TEST_SERVICE");Log.i(TAG,"权限检查结果: "+result);if(result==PackageManager.PERMISSION_DENIED){Log.i(TAG,"权限拒绝");thrownewSecurityException("权限拒绝");}Log.i(TAG,"权限通过");// 执行其他业务逻辑

（2）Client

• AndroidManifest.xml，声明权限

<uses-permissionandroid:name="com.my.ACCESS_TEST_SERVICE"/>

2、UID / PID 校验

• Server：在 Binder 方法中校验 UID / PID

intcallingUid=Binder.getCallingUid();if(callingUid!=1000&&callingUid!=1001){thrownewSecurityException("无权调用");}// 执行其他业务逻辑

3、包名白名单校验

• Server：在 Binder 方法中校验包名白名单

privatestaticfinalList<String>ALLOWED_PACKAGES=Arrays.asList("com.my.server","com.my.client");privatebooleanallowedPackagesCheck(){intcallingUid=Binder.getCallingUid();String[]packages=getPackageManager().getPackagesForUid(callingUid);if(packages!=null){for(Stringpkg:packages){Log.i(TAG,"package: "+pkg);if(ALLOWED_PACKAGES.contains(pkg)){returntrue;}}}returnfalse;}

if(!allowedPackagesCheck()){Log.i(TAG,"调用者未被授权");thrownewSecurityException("调用者未被授权");}Log.i(TAG,"调用者已被授权");// 执行其他业务逻辑

四、protectionLevel（补充学习）

• protectionLevel 是 Android 权限系统中定义权限风险等级的属性

1. normal：普通级别，安装时自动授予，无需用户确认

2. dangerous：危险级别，运行时需用户明确授权

3. signature：签名级别，只有相同签名的应用才能获得权限，安装时自动授予

4. signatureOrSystem：签名或系统级别，只有相同签名的应用才能获得权限，或者位于 Android 系统映像的专用文件夹中的应用才能获得权限，在 API 级别 23 中已废弃，是signature|privileged的旧同义词，建议使用 signature 代替

• 参考文档 1：https://developer.android.google.cn/guide/topics/manifest/permission-element?hl=zh-cn

• 参考文档 2：https://developer.android.google.cn/reference/android/R.attr#protectionLevel