To allow servers to verify client identity, allow a node
flag to be set that causes the sender's security context
to be delivered with the transaction. The BR_TRANSACTION
command is extended in BR_TRANSACTION_SEC_CTX to
contain a pointer to the security context string.
Bug: 25646100
Change-Id: I0ec053072d6337576680067e07f90dd054b1ecfb
Signed-off-by: Todd Kjos <tkjos@google.com>
This allows the context manager to retrieve information about nodes
that it holds a reference to, such as the current number of
references to those nodes.
Such information can for example be used to determine whether the
servicemanager is the only process holding a reference to a node.
This information can then be passed on to the process holding the
node, which can in turn decide whether it wants to shut down to
reduce resource usage.
Signed-off-by: Martijn Coenen <maco@android.com>
Bug: 79983843
Change-Id: I3fefe649b09186e269700e58356202f3060d624a
(cherry picked from commit cb28adba1a)
The BINDER_GET_NODE_DEBUG_INFO ioctl will return debug info on
a node. Each successive call reusing the previous return value
will return the next node. The data will be used by
libmemunreachable to mark the pointers with kernel references
as reachable.
Bug: 28275695
Change-Id: I8a5f9463a62037329d95c7dc14021141ea57b64e
Signed-off-by: Colin Cross <ccross@android.com>
Signed-off-by: Martijn Coenen <maco@android.com>
Allows a binder node to specify whether it wants to
inherit real-time scheduling policy from a caller.
Change-Id: I375b6094bf441c19f19cba06d5a6be02cd07d714
Signed-off-by: Martijn Coenen <maco@android.com>
This change adds flags to flat_binder_object.flags
to allow indicating a minimum scheduling policy for
the node. It also clarifies the valid value range
for the priority bits in the flags.
Internally, we use the priority map that the kernel
uses, e.g. [0..99] for real-time policies and [100..139]
for the SCHED_NORMAL/SCHED_BATCH policies.
Bug: 34461621
Bug: 37293077
Change-Id: I12438deecb53df432da18c6fc77460768ae726d2
Signed-off-by: Martijn Coenen <maco@google.com>
binder_fd_array_object starts with a 4-byte header,
followed by a few fields that are 8 bytes when
ANDROID_BINDER_IPC_32BIT=N.
This can cause alignment issues in a 64-bit kernel
with a 32-bit userspace, as on x86_32 an 8-byte primitive
may be aligned to a 4-byte address. Pad with a __u32
to fix this.
Change-Id: I4374ed2cc3ccd3c6a1474cb7209b53ebfd91077b
Signed-off-by: Martijn Coenen <maco@android.com>
Revert all the fine-grained locking and later patches so we can
merge the latest version of the binder driver from upstream
This reverts these commits:
4cb89f9e0f ANDROID: binder: don't enqueue death notifications to thread todo.
ee1eb67d88 ANDROID: binder: Switch binder_deferred_lock to a spinlock.
668537b30e android: binder: Move buffer out of area shared with user space
6a89fb9f7a android: binder: Add allocator selftest
0e9d8599d7 android: binder: Refactor prev and next buffer into a helper function
2410d72197 binder: always allocate/map first BINDER_MIN_ALLOC pages
b37ba51aa9 Add BINDER_GET_NODE_DEBUG_INFO ioctl
a1f38bfe50 ANDROID: binder: call poll_wait() unconditionally.
9359a93d41 ANDROID: binder: don't queue async transactions to thread.
991e8349d2 ANDROID: binder: fix race in thread cleanup.
cc0bec85bc ANDROID: binder: correctly initialize ref to zombie node.
8de4509205 binder: fix rb_insert_color crash
533020a794 binder: add target pid:tid to transaction failed message
6604007441 Revert "binder: clear rb nodes before inserting"
911673a208 ANDROID: binder: don't check prio permissions on restore.
92d6d33a36 ANDROID: binder: fix death race conditions.
b5f8fb6ac0 binder: clear rb nodes before inserting
cd293dbeb8 binder: allow binder_alloc_get_user_buffer_offset when proc dying
3c28d4f40e binder: eliminate possible OOO mutex acq in binder_mmap
a9bd05a7d2 binder: use atomic for transaction_log index
742755f37c ANDROID: binder: improve priority inheritance for oneway.
539760bcea ANDROID: binder: add min sched_policy to node.
1e99fc9c25 ANDROID: binder: Add tracing for binder priority inheritance.
9351657436 ANDROID: binder: do proper priority inheritance checking.
155fa2bb21 ANDROID: binder: blacklist %p kptr_restrict
81013cdd62 binder: protect against stale pointers in print_binder_transaction
eda5c2c85d binder: protect against two threads freeing buffer
4ea3c9accb binder: guarantee txn complete / errors delivered in-order
cccd311546 ANDROID: binder: improve priority inheritance.
47747abe74 ANDROID: binder: push new transactions to waiting threads.
7f27d5bc65 ANDROID: binder: remove proc waitqueue.
777b711e0c binder: add missing locks for transaction_stack and return_error
1bfb0526f6 Merge branch 'android-msm-8998-4.4-common' into android-msm-wahoo-4.4
3c9f33d6b0 binder: allow new refs to zombie nodes if other refs exist
d668aac7f1 binder: make FIFO inheritance a per-context option
333086d0cb binder: add log information for binder transaction failures
00c7cfdff5 binder_alloc: prevent possible OOO mutex acquisition
1c8a9c8183 binder: fix false BUG_ON
3257ab4314 binder: avoid using strong references on nodes for internal refs
88c8126c20 binder: make inc/ref user commands atomic with node state
a790f8b2ad binder: prevent long delays in zombie reaping
bbef697a0b binder: protect enqueuing of death notifications
01228354e4 ANDROID: binder: add more debug info when allocation fails.
7b7c3cb589 binder: read thread sequence number on every iteration when reaping
e98c35d65d binder: make active thread sequence counter 64-bit
aa8bac23d5 binder: prevent new refs to zombie nodes
773fc2f1ee android: binder: use copy_from_user_preempt_disabled
53d223b94f binder: use group leader instead of open thread
e14ae0a106 android: binder: don't change schedpolicy for oneway calls.
7a154d0e3e android: binder: have threads inherit scheduling policy.
e04d752ca7 binder: remove global binder lock
f120798fab binder: ensure binder_node has reference when starting transaction
8b8d920edd binder: fix use-after-free discovered with KASAN
b31b594bd1 binder: return BR_DEAD_REPLY if target proc is dying
6956e166c1 binder: fix possible race with put_files_struct
fade544640 binder: Make sure BR_TRANSACTION_COMPLETE is handled before reply
cfc2155f1b binder: fix thread hangs waiting for proc work
c9c6590330 binder: don't modify thread->looper from other threads
e3ede3cdf6 binder: Fix overly strict assertion in binder_pop_transaction
9cce95e7c6 binder: make sure todo lists are handled in-order
097a1e2bfc binder: fix binder_ref delete-before-add race
7b7208746b binder: fix race condition between delete/add new ref on node
005172f700 binder: add zombie list to cleanup dead refs
902a22e61b binder: add active thread tracking and deferred free
b5fc610f20 binder: add locking for print functions
edbe2b61b9 binder: add spinlocks to protect proc, node, thread, and ref
1f6c11ca4b binder: add spinlocks to protect todo lists
c3eef445f4 binder: use atomics for weak/strong counters
c363358e81 binder: change binder_stats to atomics
fd24ab4afc binder: use mutexes for non-perf cases
ec80df4a97 binder: move binder allocator to separate file
8a990d2ecb binder: use mutex for binder allocator
707d528ce5 binder: separate binder allocator structure from binder proc
The BINDER_GET_NODE_DEBUG_INFO ioctl will return debug info on
a node. Each successive call reusing the previous return value
will return the next node. The data will be used by
libmemunreachable to mark the pointers with kernel references
as reachable.
Bug: 28275695
Change-Id: Idbbafa648a33822dc023862cd92b51a595cf7c1c
Signed-off-by: Colin Cross <ccross@android.com>
Signed-off-by: Martijn Coenen <maco@android.com>
This change adds flags to flat_binder_object.flags
to allow indicating a minimum scheduling policy for
the node. It also clarifies the valid value range
for the priority bits in the flags.
Internally, we use the priority map that the kernel
uses, e.g. [0..99] for real-time policies and [100..139]
for the SCHED_NORMAL/SCHED_BATCH policies.
We also need to start keeping track of the default
scheduling policy for a process, as that is what
we will restore to after handling oneway transactions
that temporarily increased the priority.
Bug: 34461621
Bug: 37293077
Change-Id: Ifc6a0d691c2feb48e8349a21f56fb2eeb22f1bb5
Signed-off-by: Martijn Coenen <maco@google.com>
Add a new ioctl to binder to control whether FIFO inheritance should happen.
In particular, hwbinder should inherit FIFO priority from callers, but standard
binder threads should not.
Test: boots
bug 36516194
Signed-off-by: Tim Murray <timmurray@google.com>
Change-Id: I8100c4364b7d15d1bf00a8ca5c286e4d4b23ce85
This patch introduces a new binder_fd_array object,
that allows us to support one or more file descriptors
embedded in a buffer that is scatter-gathered.
Change-Id: I647a53cf0d905c7be0dfd9333806982def68dd74
Signed-off-by: Martijn Coenen <maco@google.com>
Previously all data passed over binder needed
to be serialized, with the exception of Binder
objects and file descriptors.
This patchs adds support for scatter-gathering raw
memory buffers into a binder transaction, avoiding
the need to first serialize them into a Parcel.
To remain backwards compatibile with existing
binder clients, it introduces two new command
ioctls for this purpose - BC_TRANSACTION_SG and
BC_REPLY_SG. These commands may only be used with
the new binder_transaction_data_sg structure,
which adds a field for the total size of the
buffers we are scatter-gathering.
Because memory buffers may contain pointers to
other buffers, we allow callers to specify
a parent buffer and an offset into it, to indicate
this is a location pointing to the buffer that
we are fixing up. The kernel will then take care
of fixing up the pointer to that buffer as well.
Change-Id: I02417f28cff14688f2e1d6fcb959438fd96566cc
Signed-off-by: Martijn Coenen <maco@google.com>
flat_binder_object is used for both handling
binder objects and file descriptors, even though
the two are mostly independent. Since we'll
have more fixup objects in binder in the future,
instead of extending flat_binder_object again,
split out file descriptors to their own object
while retaining backwards compatibility to
existing user-space clients. All binder objects
just share a header.
Change-Id: If3c55f27a2aa8f21815383e0e807be47895e4786
Signed-off-by: Martijn Coenen <maco@google.com>
The Android binder code has been "stable" for many years now. No matter
what comes in the future, we are going to have to support this API, so
might as well move it to the "real" part of the kernel as there's no
real work that needs to be done to the existing code.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
