Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v5.13.13 2021-04-10T08:52:04Z 2021-04-10T08:52:04Z Hang Lu hangl@codeaurora.org 2021-04-09T09:40:46Z urn:sha1:a7dc1e6f99df59799ab0128d9c4e47bbeceb934d When async binder buffer got exhausted, some normal oneway transactions will also be discarded and may cause system or application failures. By that time, the binder debug information we dump may not be relevant to the root cause. And this issue is difficult to debug if without the backtrace of the thread sending spam. This change will send BR_ONEWAY_SPAM_SUSPECT to userspace when oneway spamming is detected, request to dump current backtrace. Oneway spamming will be reported only once when exceeding the threshold (target process dips below 80% of its oneway space, and current process is responsible for either more than 50 transactions, or more than 50% of the oneway space). And the detection will restart when the async buffer has returned to a healthy state. Acked-by: Todd Kjos <tkjos@google.com> Signed-off-by: Hang Lu <hangl@codeaurora.org> Link: https://lore.kernel.org/r/1617961246-4502-3-git-send-email-hangl@codeaurora.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2021-03-24T07:26:31Z Marco Ballesio balejs@google.com 2021-03-16T01:16:30Z urn:sha1:ae28c1be1e54f2eda1c8b4469c4652e8a24056ed User space needs to know if binder transactions occurred to frozen processes. Introduce a new BINDER_GET_FROZEN ioctl and keep track of transactions occurring to frozen proceses. Signed-off-by: Marco Ballesio <balejs@google.com> Signed-off-by: Li Li <dualli@google.com> Acked-by: Todd Kjos <tkjos@google.com> Link: https://lore.kernel.org/r/20210316011630.1121213-4-dualli@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2021-03-24T07:26:31Z Marco Ballesio balejs@google.com 2021-03-16T01:16:28Z urn:sha1:432ff1e91694e4c55a5bf6bc0574f4c254970232 Frozen tasks can't process binder transactions, so a way is required to inform transmitting ends of communication failures due to the frozen state of their receiving counterparts. Additionally, races are possible between transitions to frozen state and binder transactions enqueued to a specific process. Implement BINDER_FREEZE ioctl for user space to inform the binder driver about the intention to freeze or unfreeze a process. When the ioctl is called, block the caller until any pending binder transactions toward the target process are flushed. Return an error to transactions to processes marked as frozen. Co-developed-by: Todd Kjos <tkjos@google.com> Acked-by: Todd Kjos <tkjos@google.com> Signed-off-by: Marco Ballesio <balejs@google.com> Signed-off-by: Todd Kjos <tkjos@google.com> Signed-off-by: Li Li <dualli@google.com> Link: https://lore.kernel.org/r/20210316011630.1121213-2-dualli@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-12-09T14:41:21Z Todd Kjos tkjos@google.com 2020-11-20T23:37:43Z urn:sha1:0f966cba95c78029f491b433ea95ff38f414a761 Add a per-transaction flag to indicate that the buffer must be cleared when the transaction is complete to prevent copies of sensitive data from being preserved in memory. Signed-off-by: Todd Kjos <tkjos@google.com> Link: https://lore.kernel.org/r/20201120233743.3617529-1-tkjos@google.com Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-07-23T07:35:36Z Randy Dunlap rdunlap@infradead.org 2020-07-19T00:27:38Z urn:sha1:1859f4ebcf2dfe2e878a3805700036fdc4e01e2c Drop the repeated word "the" in a comment. Cc: Arve Hjønnevåg <arve@android.com> Cc: Todd Kjos <tkjos@android.com> Cc: Martijn Coenen <maco@android.com> Cc: Joel Fernandes <joel@joelfernandes.org> Cc: Hridya Valsaraju <hridya@google.com> Cc: Suren Baghdasaryan <surenb@google.com> Cc: devel@driverdev.osuosl.org Acked-by: Christian Brauner <christian.brauner@ubuntu.com> Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Link: https://lore.kernel.org/r/20200719002738.20210-1-rdunlap@infradead.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-28T07:13:52Z Greg Kroah-Hartman gregkh@linuxfoundation.org 2019-01-28T07:13:52Z urn:sha1:fdddcfd9c93c6db006004fa5ba7fd9380e721c3f We need the char-misc fixes in here as well. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-22T12:55:08Z Todd Kjos tkjos@android.com 2019-01-14T17:10:21Z urn:sha1:ec74136ded792deed80780a2f8baf3521eeb72f9 To allow servers to verify client identity, allow a node flag to be set that causes the sender's security context to be delivered with the transaction. The BR_TRANSACTION command is extended in BR_TRANSACTION_SEC_CTX to contain a pointer to the security context string. Signed-off-by: Todd Kjos <tkjos@google.com> Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-22T11:13:17Z Christian Brauner christian@brauner.io 2019-01-21T11:01:20Z urn:sha1:7d0174065f4903fb0ce0bab3d5047284faa7226d We allow more then 255 binderfs binder devices to be created since there are workloads that require more than that. If we use __u8 we'll overflow after 255. So let's use a __u32. Note that there's no released kernel with binderfs out there so this is not a regression. Signed-off-by: Christian Brauner <christian@brauner.io> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-22T11:13:17Z Christian Brauner christian@brauner.io 2019-01-21T11:01:19Z urn:sha1:6fc23b6ed8fa0ba6cc47b2f8756df1199abc3a5c When we switched over from binder_ctl.h to binderfs.h we forgot to change the include guards. It's minor but it's obviously correct. Signed-off-by: Christian Brauner <christian@brauner.io> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2019-01-11T09:18:24Z Christian Brauner christian@brauner.io 2019-01-10T23:25:41Z urn:sha1:c13295ad219d8bb0e47942d4cfc8251de449a67e It doesn't make sense to call the header binder_ctl.h when its sole existence is tied to binderfs. So give it a sensible name. Users will far more easily remember binderfs.h than binder_ctl.h. Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>