| Message ID | 20241113193239.2113577-1-dualli@chromium.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | binder: report txn errors via generic netlink | expand |
On Wed, 13 Nov 2024 11:32:37 -0800 Li Li wrote: > Jakub Kicinski (1): > tools: ynl-gen: allow uapi headers in sub-dirs I'll take a look at your code later in the week (the merge window has started), but I'll apply patch 1 (AKA my own patch) already. Fewer potential cross-tree conflicts.
Hello: This series was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Wed, 13 Nov 2024 11:32:37 -0800 you wrote: > From: Li Li <dualli@google.com> > > It's a known issue that neither the frozen processes nor the system > administration process of the OS can correctly deal with failed binder > transactions. The reason is that there's no reliable way for the user > space administration process to fetch the binder errors from the kernel > binder driver. > > [...] Here is the summary with links: - [net-next,v8,1/2] tools: ynl-gen: allow uapi headers in sub-dirs https://git.kernel.org/netdev/net-next/c/6204656478be - [net-next,v8,2/2] binder: report txn errors via generic netlink (no matching commit) You are awesome, thank you!
From: Li Li <dualli@google.com> It's a known issue that neither the frozen processes nor the system administration process of the OS can correctly deal with failed binder transactions. The reason is that there's no reliable way for the user space administration process to fetch the binder errors from the kernel binder driver. Android is such an OS suffering from this issue. Since cgroup freezer was used to freeze user applications to save battery, innocent frozen apps have to be killed when they receive sync binder transactions or when their async binder buffer is running out. This patch introduces the Linux generic netlink messages into the binder driver so that the Linux/Android system administration process can listen to important events and take corresponding actions, like stopping a broken app from attacking the OS by sending huge amount of spamming binder transactiions. The 1st version uses a global generic netlink for all binder contexts, raising potential security concerns. There were a few other feedbacks like request to kernel docs and test code. The thread can be found at https://lore.kernel.org/lkml/20240812211844.4107494-1-dualli@chromium.org/ The 2nd version fixes those issues and has been tested on the latest version of AOSP. See https://r.android.com/3305462 for how userspace is going to use this feature and the test code. It can be found at https://lore.kernel.org/lkml/20241011064427.1565287-1-dualli@chromium.org/ The 3rd version replaces the handcrafted netlink source code with the netlink protocal specs in YAML. It also fixes the documentation issues. https://lore.kernel.org/lkml/20241021182821.1259487-1-dualli@chromium.org/ The 4th version just containsi trivial fixes, making the subject of the patch aligned with the subject of the cover letter. https://lore.kernel.org/lkml/20241021191233.1334897-1-dualli@chromium.org/ The 5th version incorporates the suggested fixes to the kernel doc and the init function. It also removes the unsupported uapi-header in YAML that contains "/" for subdirectory. https://lore.kernel.org/lkml/20241025075102.1785960-1-dualli@chromium.org/ The 6th version has some trivial kernel doc fixes, without modifying any other source code. https://lore.kernel.org/lkml/20241028101952.775731-1-dualli@chromium.org/ The 7th version breaks the binary struct netlink message into individual attributes to better support automatic error checking. Thanks Jakub for improving ynl-gen. https://lore.kernel.org/all/20241031092504.840708-1-dualli@chromium.org/ The 8th version solves the multi-genl-family issue by demuxing the messages based on a new context attribute. It also improves the YAML spec to be consistent with netlink tradition. A Huge 'Thank You' to Jakub who taught me a lot about the netlink protocol! v1: add a global binder genl socket for all contexts v2: change to per-context binder genl for security reason replace the new ioctl with a netlink command add corresponding doc Documentation/admin-guide/binder_genl.rst add user space test code in AOSP v3: use YNL spec (./tools/net/ynl/ynl-regen.sh) fix documentation index v4: change the subject of the patch and remove unsed #if 0 v5: improve the kernel doc and the init function remove unsupported uapi-header in YAML v6: fix some trivial kernel doc issues v7: break the binary struct binder_report into individual attributes v8: use multiplex netlink message in a unified netlink family improve the YAML spec to be consistent with netlink tradition Jakub Kicinski (1): tools: ynl-gen: allow uapi headers in sub-dirs Li Li (1): binder: report txn errors via generic netlink Documentation/admin-guide/binder_genl.rst | 96 +++++++ Documentation/admin-guide/index.rst | 1 + Documentation/netlink/specs/binder_genl.yaml | 108 +++++++ drivers/android/Kconfig | 1 + drivers/android/Makefile | 2 +- drivers/android/binder.c | 287 ++++++++++++++++++- drivers/android/binder_genl.c | 39 +++ drivers/android/binder_genl.h | 18 ++ drivers/android/binder_internal.h | 27 +- drivers/android/binder_trace.h | 35 +++ drivers/android/binderfs.c | 2 + include/uapi/linux/android/binder_genl.h | 55 ++++ tools/net/ynl/ynl-gen-c.py | 1 + 13 files changed, 666 insertions(+), 6 deletions(-) create mode 100644 Documentation/admin-guide/binder_genl.rst create mode 100644 Documentation/netlink/specs/binder_genl.yaml create mode 100644 drivers/android/binder_genl.c create mode 100644 drivers/android/binder_genl.h create mode 100644 include/uapi/linux/android/binder_genl.h base-commit: 31a1f8752f7df7e3d8122054fbef02a9a8bff38f