<riandr...@google.com>
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 194 +++
1 file changed, 146 insertions(+), 48 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 16288e7..c3
This was introduced in the 2015 Nexus devices and should have been
submitted to the kernel then since we keep forward porting it to each
new device.
On Thu, Sep 8, 2016 at 9:12 AM, Todd Kjos <tk...@google.com> wrote:
> In Android systems, the display pipeline relies on low
> la
From: Todd Kjos <tk...@android.com>
In Android systems, the display pipeline relies on low
latency binder transactions and is therefore sensitive to
delays caused by contention for the global binder lock.
Jank is significantly reduced by disabling preemption
while the global binder lock i
On Fri, Sep 9, 2016 at 8:44 AM, Greg KH <gre...@linuxfoundation.org> wrote:
> On Fri, Sep 09, 2016 at 08:17:44AM -0700, Todd Kjos wrote:
>> From: Todd Kjos <tk...@android.com>
>>
>> In Android systems, the display pipeline relies on low
>> latency binder
> > On Sat, Sep 10, 2016 at 09:16:59AM -0700, Christoph Hellwig wrote:
>> > > On Thu, Sep 08, 2016 at 09:12:50AM -0700, Todd Kjos wrote:
>> > > > In Android systems, the display pipeline relies on low
>> > > > latency binder transactions and is therefore
Thanks Peter. We'll give that patch a try as part of our refactoring.
Looking at finer-grained locking and we'll try going back to rt_mutex
plus this patch.
On Wed, Sep 14, 2016 at 9:55 AM, Peter Zijlstra wrote:
> On Wed, Sep 14, 2016 at 06:13:40PM +0200, Peter Zijlstra
I suspect there won't be a respin. I'll ping you later if you don't
remember it yourself ;)
On Wed, Jul 5, 2017 at 11:47 AM, Greg KH <gre...@linuxfoundation.org> wrote:
> On Wed, Jul 05, 2017 at 09:13:16AM -0700, Todd Kjos wrote:
>> Yes, this one back to 4.4. 01/37 should
Move the binder allocator functionality to its own file
Continuation of splitting the binder allocator from the binder
driver. Split binder_alloc functions from normal binder functions.
Add kernel doc comments to functions declared extern in
binder_alloc.h
Signed-off-by: Todd Kjos <
From: Martijn Coenen
A race existed where one thread could register
a death notification for a node, while another
thread was cleaning up that node and sending
out death notifications for its references,
causing simultaneous access to ref->death
because different locks were
atomically in 1 pass so it stays consistent
with the kernel view.
The work item is now dequeued immediately since only
1 pass is needed.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 151 +--
1 file changed, 94 insertions(
From: Badhri Jagan Sridharan <bad...@google.com>
Use atomics for stats to avoid needing to lock for
increments/decrements
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 48
1 file changed, 28 inser
Use the inner lock to protect thread accounting fields in
proc structure: max_threads, requested_threads,
requested_threads_started and ready_threads.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 28 +++-
1 file changed, 23 insertions
lock.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 60
1 file changed, 40 insertions(+), 20 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index f07f0d488aa4..36ef88d10631
off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 133 +--
1 file changed, 83 insertions(+), 50 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 704540ea3e12..f07f0d488aa4 100644
--- a/drivers/android
node->node_lock is used to protect elements of node. No
need to acquire for fields that are invariant: debug_id,
ptr, cookie.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 220 +++
1 file changed, 165 insertio
proc->threads will need to be accessed with higher
locks of other processes held so use proc->inner_lock
to protect it. proc->tmp_ref now needs to be protected
by proc->inner_lock.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/and
From: Martijn Coenen
This makes future changes to priority inheritance
easier, since we want to be able to look at a thread's
transaction stack when selecting a thread to inherit
priority for.
It also allows us to take just a single lock in a
few paths, where we used to take
now have:
ret = binder_dec_ref_for_handle(proc, handle, strong, );
Since the actual ref is no longer exposed to callers, a
new struct binder_ref_data is introduced which can be used
to return a copy of ref state.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/bi
ced in
a later patch.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 355 +++
1 file changed, 269 insertions(+), 86 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 6c741416fa00..5a03897678
Remove global mutex and rely on fine-grained locking
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 46 +++---
1 file changed, 3 insertions(+), 43 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/bi
From: Martijn Coenen
Display information about allocated/free space whenever
binder buffer allocation fails on synchronous
transactions.
Signed-off-by: Martijn Coenen
Signed-off-by: Siqi Lin
---
drivers/android/binder_alloc.c | 31
When obtaining a node via binder_get_node(),
binder_get_node_from_ref() or binder_new_node(),
increment node->tmp_refs to take a
temporary reference on the node to ensure the node
persists while being used. binder_put_node() must
be called to remove the temporary reference.
Signed-off-by: T
to
modify a bit, the BINDER_LOOPER_STATE_NEED_RETURN flag
is replaced by a separate field in struct binder_thread.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/drivers/a
-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 30 +++---
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index cb78a4e6872d..d2fcf3cc29a6 100644
--- a/drivers/android/binder.c
The binder driver uses a global mutex to serialize access to state in a
multi-threaded environment. This global lock has been increasingly
problematic as Android devices have scaled to more cores. The problem is
not so much contention for the global lock which still remains relatively
low, but the
roc if it has no
remaining threads and no reference.
A spinlock is added to the binder_transaction
to safely access and set references for t->from
and for debug code to safely access t->to_thread
and t->to_proc.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/andr
ock.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 249 +--
1 file changed, 198 insertions(+), 51 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 91fece5c067f..6c741416fa
When locks for binder_ref handling are added, proc->nodes
will need to be modified while holding the outer lock
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 112 +--
1 file changed, 89 insertions(+), 23 deletions
the suffix of the function name:
foo_olocked() : requires node->outer_lock
foo_nlocked() : requires node->lock
foo_ilocked() : requires proc->inner_lock
foo_iolocked(): requires proc->outer_lock and proc->inner_lock
foo_nilocked(): requires node->lock and proc->inner_
When initiating a transaction, the target_node must
have a strong ref on it. Then we take a second
strong ref to make sure the node survives until the
transaction is complete.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 22 +-
1 file chang
by using "% ARRAY_SIZE(log->entry)"
Also added "complete" field to the log entry which is
written last to tell the print code whether the
entry is complete
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 75 +
The buffer's transaction has already been freed before
binder_deferred_release. No need to do it again.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 11 ++-
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/drivers/android/binder.c b/d
The binder allocator assumes that the thread that
called binder_open will never die for the lifetime of
that proc. That thread is normally the group_leader,
however it may not be. Use the group_leader instead
of current.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/bi
Use an atomic for binder_last_id to avoid locking it
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index cd4191d027e1..25f30d81c7d0
Continuation of splitting the binder allocator from the binder
driver. Separate binder_alloc functions from normal binder
functions. Protect the allocator with a separate mutex.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c
where error detected
Also, return BR_DEAD_REPLY if an allocation error indicates
a dead proc (-ESRCH)
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 87 +-
drivers/android/binder_alloc.c | 20 +-
2 files chang
Add binder_dead_nodes_lock, binder_procs_lock, and
binder_context_mgr_node_lock to protect the associated global lists
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 81 +---
1 file changed, 63 insertions(+), 18 del
The binder allocator is logically separate from the rest
of the binder drivers. Separating the data structures
to prepare for splitting into separate file with separate
locking.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c
From: Riley Andrews <riandr...@google.com>
Use wake_up_interruptible_sync() to hint to the scheduler binder
transactions are synchronous wakeups. Disable preemption while waking
to avoid ping-ponging on the binder lock.
Signed-off-by: Todd Kjos <tk...@google.com>
Signed-off-by: Ompr
This reverts commit a906d6931f3ccaf7de805643190765ddd7378e27.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 5 -
1 file changed, 5 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index aae4d8d4be36..157bd3e49ff4 100644
--- a/d
work list for errors to guarantee
order. Also changed binder_send_failed_reply to pop
the transaction even if it failed to send a reply.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 127 +++
1 file changed, 73 insertions(
node is always non-NULL in binder_get_ref_for_node so the
conditional and else clause are not needed
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 16 +---
1 file changed, 5 insertions(+), 11 deletions(-)
diff --git a/drivers/android/binder.c b/d
.
Removing it.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 31 ---
1 file changed, 8 insertions(+), 23 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 0512971cfc53..10fda7ab9fa5 100644
--- a/drivers/a
Adds protection against malicious user code freeing
the same buffer at the same time which could cause
a crash. Cannot happen under normal use.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 4 ++--
drivers/android/binder_alloc.
ed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index f17d1dfa5b02..71faf548482d 100644
--- a/drivers/android/binder.c
+++ b/drivers/andr
This reverts commit a906d6931f3ccaf7de805643190765ddd7378e27.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 5 -
1 file changed, 5 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index aae4d8d4be36..157bd3e49ff4 100644
--- a/d
e original patch should be reverted.
The reversion is being done as part of the fine-grained locking
patchset since the patch would need to be refactored when
proc->vmm_vm_mm is removed from struct binder_proc and added
in the binder allocator.
Also needs reversion in 4.9 LTS
Signed-off-by:
n initialized.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 9f95d7093f32..f34fcb513c64 100644
--- a/drivers/android/binder.c
+++ b/drive
I just went back through it -- turns out my email bounced back from
linux-kernel@vger.kernel.org (reason was "may contain a virus"). Sorry
I didn't notice that and resend.
On Wed, Aug 30, 2017 at 1:20 PM, Dan Carpenter wrote:
> On Wed, Aug 30, 2017 at 01:04:31PM -0700,
with
no issues (used hikey-linaro 4.9 kernel which has this patch).
-Todd
> On Mon, Sep 11, 2017 at 5:18 AM, Amit Pundir <amit.pun...@linaro.org> wrote:
>>
>> On 5 September 2017 at 22:51, Todd Kjos <tk...@android.com> wrote:
>> > From: Xu YiPing <xuyip...@hisil
From: Xu YiPing <xuyip...@hisilicon.com>
commit 372e3147df70 ("binder: guarantee txn complete / errors delivered
in-order") incorrectly defined a local ret value. This ret value will
be invalid when out of the if block
Signed-off-by: Xu YiPing <xuyip...@hislicon.com>
Si
d, without dequeued. It may cause the
thread->todo list to be corrupted.
So, dequeue it before freeing.
Signed-off-by: Xu YiPing <xuyip...@hisilicon.com>
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/
org> wrote:
> Hi Todd,
>
> On 11 September 2017 at 21:10, Todd Kjos <tk...@google.com> wrote:
>> (resend in plain-text mode -- sorry about that)
>>
>> Amit,
>>
>> Are you sure this patch is the culprit? That is pretty surprising
>> since this c
is used that
does the ref increments on both the node and proc.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 93 ++--
1 file changed, 66 insertions(+), 27 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/a
files is removed since we get it every
time.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 63 +++-
1 file changed, 30 insertions(+), 33 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
inde
prior to proc->files
cleanup. This has been seen once in task_get_unused_fd_flags()
when __alloc_fd() is called with a stale "files".
The fix is to protect proc->files with a mutex to prevent cleanup
while in use.
Signed-off-by: Todd Kjos <tk...@google.com>
---
v2: declare binde
Al, thanks for the detailed feedback. I didn't know about these rules
(are they written down somewhere?). I'll rework this and post a
compliant v3.
On Fri, Nov 17, 2017 at 11:31 AM, Al Viro <v...@zeniv.linux.org.uk> wrote:
> On Thu, Nov 16, 2017 at 09:56:50AM -0800, Todd Kjos wrote:
>
> @@ -875,22 +871,34 @@ static void binder_free_thread(struct binder_thread
> *thread);
> static void binder_free_proc(struct binder_proc *proc);
> static void binder_inc_node_tmpref_ilocked(struct binder_node *node);
>
> +struct files_struct *binder_get_files_struct(struct binder_proc *proc)
files is removed since we get it every
time.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 63 +++-
1 file changed, 30 insertions(+), 33 deletions(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
inde
Sorry about that, do you want a v3 with correct annotations?
On Thu, Nov 16, 2017 at 12:27 PM, Greg KH <gre...@linuxfoundation.org> wrote:
> On Thu, Nov 16, 2017 at 09:56:50AM -0800, Todd Kjos wrote:
>> proc->files cleanup is initiated by binder_vma_close. Theref
> @@ -8683,6 +8692,10 @@ static void nohz_balancer_kick(void)
>
> if (test_and_set_bit(NOHZ_BALANCE_KICK, nohz_flags(ilb_cpu)))
> return;
> +
> + if (only_update)
> + set_bit(NOHZ_STATS_KICK, nohz_flags(ilb_cpu));
Should there be an "else
Greg- when this is in, we'll want it in 4.14 as well.
On Mon, Nov 27, 2017 at 9:32 AM, Todd Kjos <tk...@android.com> wrote:
> proc->files cleanup is initiated by binder_vma_close. Therefore
> a reference on the binder_proc is not enough to prevent the
> files_struct from be
On Wed, May 9, 2018 at 12:31 AM 宋金时 wrote:
> In case of the BINDER_WORK_RETURN_ERROR the cmd is no assignment,
> so it's value will be old value or dirty value, before modifying
> e->cmd, assign the value of the e->cmd to cmd to ensure the correct
> print of
Looks good to me.
On Tue, Jan 30, 2018 at 11:11 PM, Eric Biggers wrote:
> From: Eric Biggers
>
> If the kzalloc() in binder_get_thread() fails, binder_poll()
> dereferences the resulting NULL pointer.
>
> Fix it by returning POLLERR if the memory
chronous
transaction to complete. If it ever does check, it will see an
error.
Changed the WARN() to a pr_warn().
Signed-off-by: Todd Kjos <tk...@android.com>
Reported-by: syzbot <syzkal...@googlegroups.com>
---
drivers/android/binder.c | 10 --
1 file changed, 8 insertion
The format specifier "%p" can leak kernel addresses. Use
"%pK" instead. There were 4 remaining cases in binder.c.
Signed-off-by: Todd Kjos <tk...@google.com>
---
drivers/android/binder.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/
On Mon, Feb 12, 2018 at 7:57 AM, Dmitry Vyukov wrote:
>
> On Mon, Feb 12, 2018 at 4:54 PM, syzbot
> wrote:
> > Hello,
> >
> > syzbot hit the following crash on upstream commit
> > f1517df8701c9f12dae9ce7f43a5d300a6917619
This issue was discovered on a 4.9-based android device, but the
relevant mainline code appears to be the same. The symptom is that
over time the some workloads become sluggish resulting in missed
frames or sluggishness. It appears to be the same issue described in
allocate new
fds in the target (probably due to out of file descriptors),
the transaction is discarded with a log message. In the old
implementation this would have been detected in the sender
context and failed prior to sending.
Signed-off-by: Todd Kjos
---
drivers/android/Kconfig| 2
allocate new
fds in the target (probably due to out of file descriptors),
the transaction is discarded with a log message. In the old
implementation this would have been detected in the sender
context and failed prior to sending.
Signed-off-by: Todd Kjos
---
v2: use "%zu" printk format
Sorry, forgot to bump the version. Ignore this one.
On Tue, Aug 28, 2018 at 1:43 PM Todd Kjos wrote:
>
> Binder uses internal fs interfaces to allocate and install fds:
>
> __alloc_fd
> __fd_install
> __close_fd
> get_files_struct
> put_files_struct
>
> These we
allocate new
fds in the target (probably due to out of file descriptors),
the transaction is discarded with a log message. In the old
implementation this would have been detected in the sender
context and failed prior to sending.
Signed-off-by: Todd Kjos
---
v2: use "%zu" printk format
allocate new
fds in the target (probably due to out of file descriptors),
the transaction is discarded with a log message. In the old
implementation this would have been detected in the sender
context and failed prior to sending.
Signed-off-by: Todd Kjos
---
v2: use "%zu" printk format
On Wed, Aug 29, 2018 at 12:00 AM Christoph Hellwig wrote:
>
> > config ANDROID_BINDER_IPC
> > bool "Android Binder IPC Driver"
> > - depends on MMU
> > + depends on MMU && !CPU_CACHE_VIVT
>
> Thats is a purely arm specific symbol which should not be
> used in common code.
Vitaly, can you say more about the behavior you observed that led you
to make this change? It is not obvious what workload would cause the
contention on this mutex to make a difference (at least in an Android
environment).
On Mon, Jan 22, 2018 at 7:44 AM, Greg Kroah-Hartman
On Mon, Jan 22, 2018 at 7:54 AM, Greg KH wrote:
> On Wed, Jan 10, 2018 at 10:49:05AM +0800, Ganesh Mahendran wrote:
>> VM_IOREMAP is used to access hardware through a mechanism called
>> I/O mapped memory. Android binder is a IPC machanism which will
>> not access I/O
Reviewed-by: Todd Kjos <tk...@android.com>
On Tue, Apr 10, 2018 at 6:21 AM, Geert Uytterhoeven
<geert+rene...@glider.be> wrote:
> The driver_override implementation is susceptible to a race condition
> when different threads are reading vs storing a different driver
> o
Reviewed-by: Todd Kjos <tk...@android.com>
On Tue, Apr 10, 2018 at 6:21 AM, Geert Uytterhoeven
<geert+rene...@glider.be> wrote:
> When printing the driver_override parameter when it is 4095 and 4094
> bytes long, the printing code would access invalid memory because we
>
Reviewed-by: Todd Kjos <tk...@google.com>
On Tue, Apr 10, 2018 at 6:21 AM, Geert Uytterhoeven
<geert+rene...@glider.be> wrote:
> For AMBA devices with unconfigured driver override, the
> "driver_override" sysfs virtual file is empty, while it contains
> "
Reviewed-by: Todd Kjos <tk...@android.com>
On Tue, Apr 10, 2018 at 6:21 AM, Geert Uytterhoeven
<geert+rene...@glider.be> wrote:
> Indentation is one TAB and 7 spaces instead of 2 TABs.
>
> Fixes: 3cf385713460eb2b ("ARM: 8256/1: driver coamba: add device bindin
+stable
what is the status of this patch? We'd like to get it into the android
common branches to fix possible double free.
On Fri, Jan 19, 2018 at 7:24 AM, Geert Uytterhoeven
wrote:
> The driver_override implementation is susceptible to a race condition
> when
p_sem (try to acquire)
>>>
>>> There is a lock ordering created between mmap_sem and inode->i_rwsem
>>> causing a lockdep splat [2] during a syzcaller test, this patch fixes
>>> the issue by unlocking the mutex earlier. Functionally that's Ok since
>>
On Fri, Sep 7, 2018 at 6:38 AM Martijn Coenen wrote:
>
> This allows the context manager to retrieve information about nodes
> that it holds a reference to, such as the current number of
> references to those nodes.
>
> Such information can for example be used to determine whether the
>
+christ...@brauner.io
On Sun, Oct 28, 2018 at 7:29 PM chouryzhou(周威) wrote:
...
>
> > It's not obvious from this patch where this dependency comes
> > from...why is SYSVIPC required? I'd like to not have to require IPC_NS
> > either for devices.
>
> Yes, the patch is not highly dependent on
On Fri, Oct 26, 2018 at 2:20 AM chouryzhou(周威) wrote:
>
> Hi
> We are working for running android in container, but we found that binder is
> not isolated by ipc namespace. Since binder is a form of IPC and therefore
> should
> be tied to ipc namespace. With this patch, we can run more than
was that when the struct
buffer was recycled, allow_user_free was stale
and set to 1 allowing a free to go through.
Signed-off-by: Todd Kjos
Acked-by: Arve Hjønnevåg
---
drivers/android/binder.c | 21 -
drivers/android/binder_alloc.c | 16 ++--
drivers/android
Add __acquire()/__release() annnotations to fix warnings
in sparse context checking
There is one case where the warning was due to a lack of
a "default:" case in a switch statement where a lock was
being released in each of the cases, so the default
case was added.
Signed-off-by:
On Fri, Nov 9, 2018 at 8:43 PM chouryzhou(周威) wrote:
>
> If IPC_NS is disabled, "current-nsporxy->ipc_ns" will also exists, it will
> be a static
> reference of "init_ipc_ns" (in ipc/msgutil.c, not defined in binder.c by me)
> with
> no namespace-ization. You will get the same one in all
On Fri, Nov 9, 2018 at 7:09 PM chouryzhou(周威) wrote:
>
> >
> > I still don't understand the dependencies on SYSVIPC or POSIX_MQUEUE.
> > It seems like this mechanism would work even if both are disabled --
> > as long as IPC_NS is enabled. Seems cleaner to change init/Kconfig and
> > allow IPC_NS
On Fri, Nov 9, 2018 at 9:43 PM chouryzhou(周威) wrote:
>
> > >
> > > If IPC_NS is disabled, "current-nsporxy->ipc_ns" will also exists, it
> > > will be a static
> > > reference of "init_ipc_ns" (in ipc/msgutil.c, not defined in binder.c by
> > > me) with
> > > no namespace-ization. You will get
On Tue, Nov 13, 2018 at 12:12 AM chouryzhou(周威) wrote:
>
> > I have not received an answer to my questions in the last version of this
> > patch
> > set. Also it would be good if I could be Cc'ed by default. I can't hunt
> > down all
> > patches.
> > I do not know of any kernel entity,
On Fri, Nov 9, 2018 at 4:32 AM Greg KH wrote:
>
> On Tue, Nov 06, 2018 at 03:55:32PM -0800, Todd Kjos wrote:
> > Malicious code can attempt to free buffers using the
> > BC_FREE_BUFFER ioctl to binder. There are protections
> > against a user freeing a buffer while
+christ...@brauner.io +Martijn Coenen
Christian,
Does this patch work for your container use-cases? If not, please
comment on this thread. Let's discuss at LPC this week.
-Todd
On Mon, Nov 12, 2018 at 1:38 AM chouryzhou(周威) wrote:
>
> Currently android's binder is not isolated by ipc
On Fri, Nov 9, 2018 at 10:27 AM Davidlohr Bueso wrote:
>
> On Thu, 08 Nov 2018, chouryzhou(??) wrote:
>
> >+#ifdef CONFIG_ANDROID_BINDER_IPC
> >+ /* next fields are for binder */
> >+ struct mutex binder_procs_lock;
> >+ struct hlist_head binder_procs;
> >+ struct
On Thu, Nov 8, 2018 at 5:02 AM chouryzhou(周威) wrote:
>
> We are working for running android in container, but we found that binder is
> not isolated by ipc namespace. Since binder is a form of IPC and therefore
> should
> be tied to ipc namespace. With this patch, we can run more than one
ndation.org
> Signed-off-by: Joel Fernandes (Google)
> ---
> MAINTAINERS | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 544cac829cf4..d639c4d04438 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -894,6 +894,7 @@ M: Gr
+Joel Fernandes
On Thu, Sep 20, 2018 at 2:11 PM Andrew Morton wrote:
>
>
> Thanks. Let's cc the ashmem folks.
>
> On Thu, 20 Sep 2018 14:04:05 -0700 syzbot
> wrote:
>
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit:a0cb0cabe4bb Add linux-next specific files for
On Thu, Nov 15, 2018 at 2:54 PM gre...@linuxfoundation.org
wrote:
...
>
> A number of us have talked about this in the plumbers Android track, and
> a different proposal for how to solve this has been made that should be
> much more resiliant. So I will drop this patch from my queue and wait
>
When dumping out binder transactions via a debug node,
the output is too verbose if a process has many nodes.
Change the output for transaction dumps to only display
nodes with pending async transactions.
Signed-off-by: Todd Kjos
---
v2: no change, just resubmitted as #3 of 3 patches instead
Add __acquire()/__release() annnotations to fix warnings
in sparse context checking
There is one case where the warning was due to a lack of
a "default:" case in a switch statement where a lock was
being released in each of the cases, so the default
case was added.
Signed-off-by:
1 - 100 of 338 matches
Mail list logo