| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Aug 2019 09:21:24 -0700
From: Todd Kjos <tkjos@...gle.com>
To: Christian Brauner <christian.brauner@...ntu.com>
Cc: Hridya Valsaraju <hridya@...gle.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Arve Hjønnevåg <arve@...roid.com>,
Todd Kjos <tkjos@...roid.com>,
Martijn Coenen <maco@...roid.com>,
Joel Fernandes <joel@...lfernandes.org>,
"open list:ANDROID DRIVERS" <devel@...verdev.osuosl.org>,
LKML <linux-kernel@...r.kernel.org>,
Android Kernel Team <kernel-team@...roid.com>
Subject: Re: [PATCH 4/4] binder: Add binder_proc logging to binderfs
On Wed, Aug 28, 2019 at 6:08 AM Christian Brauner
<christian.brauner@...ntu.com> wrote:
>
> On Tue, Aug 27, 2019 at 01:41:52PM -0700, Hridya Valsaraju wrote:
> > Currently /sys/kernel/debug/binder/proc contains
> > the debug data for every binder_proc instance.
> > This patch makes this information also available
> > in a binderfs instance mounted with a mount option
> > "stats=global" in addition to debugfs. The patch does
> > not affect the presence of the file in debugfs.
> >
> > If a binderfs instance is mounted at path /dev/binderfs,
> > this file would be present at /dev/binderfs/binder_logs/proc.
> > This change provides an alternate way to access this file when debugfs
> > is not mounted.
> >
> > Signed-off-by: Hridya Valsaraju <hridya@...gle.com>
>
> I'm still wondering whether there's a nicer way to create those debuf
> files per-process without doing it in binder_open() but it has worked
> fine for a long time with debugfs.
>
> Also, one minor question below. Otherwise
>
> Acked-by: Christian Brauner <christian.brauner@...ntu.com>
Acked-by: Todd Kjos <tkjos@...gle.com>
>
> > ---
> > drivers/android/binder.c | 38 ++++++++++++++++++-
> > drivers/android/binder_internal.h | 46 ++++++++++++++++++++++
> > drivers/android/binderfs.c | 63 ++++++++++++++-----------------
> > 3 files changed, 111 insertions(+), 36 deletions(-)
> >
> > diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> > index bed217310197..37189838f32a 100644
> > --- a/drivers/android/binder.c
> > +++ b/drivers/android/binder.c
> > @@ -481,6 +481,7 @@ struct binder_priority {
> > * @inner_lock: can nest under outer_lock and/or node lock
> > * @outer_lock: no nesting under innor or node lock
> > * Lock order: 1) outer, 2) node, 3) inner
> > + * @binderfs_entry: process-specific binderfs log file
> > *
> > * Bookkeeping structure for binder processes
> > */
> > @@ -510,6 +511,7 @@ struct binder_proc {
> > struct binder_context *context;
> > spinlock_t inner_lock;
> > spinlock_t outer_lock;
> > + struct dentry *binderfs_entry;
> > };
> >
> > enum {
> > @@ -5347,6 +5349,8 @@ static int binder_open(struct inode *nodp, struct file *filp)
> > {
> > struct binder_proc *proc;
> > struct binder_device *binder_dev;
> > + struct binderfs_info *info;
> > + struct dentry *binder_binderfs_dir_entry_proc = NULL;
> >
> > binder_debug(BINDER_DEBUG_OPEN_CLOSE, "%s: %d:%d\n", __func__,
> > current->group_leader->pid, current->pid);
> > @@ -5368,11 +5372,14 @@ static int binder_open(struct inode *nodp, struct file *filp)
> > }
> >
> > /* binderfs stashes devices in i_private */
> > - if (is_binderfs_device(nodp))
> > + if (is_binderfs_device(nodp)) {
> > binder_dev = nodp->i_private;
> > - else
> > + info = nodp->i_sb->s_fs_info;
> > + binder_binderfs_dir_entry_proc = info->proc_log_dir;
> > + } else {
> > binder_dev = container_of(filp->private_data,
> > struct binder_device, miscdev);
> > + }
> > proc->context = &binder_dev->context;
> > binder_alloc_init(&proc->alloc);
> >
> > @@ -5403,6 +5410,27 @@ static int binder_open(struct inode *nodp, struct file *filp)
> > &proc_fops);
> > }
> >
> > + if (binder_binderfs_dir_entry_proc) {
> > + char strbuf[11];
> > + struct dentry *binderfs_entry;
> > +
> > + snprintf(strbuf, sizeof(strbuf), "%u", proc->pid);
> > + /*
> > + * Similar to debugfs, the process specific log file is shared
> > + * between contexts. If the file has already been created for a
> > + * process, the following binderfs_create_file() call will
> > + * fail if another context of the same process invoked
> > + * binder_open(). This is ok since same as debugfs,
> > + * the log file will contain information on all contexts of a
> > + * given PID.
> > + */
> > + binderfs_entry = binderfs_create_file(binder_binderfs_dir_entry_proc,
> > + strbuf, &proc_fops, (void *)(unsigned long)proc->pid);
> > + if (!IS_ERR(binderfs_entry))
> > + proc->binderfs_entry = binderfs_entry;
>
> You are sure that you don't want to fail the open, when the debug file
> cannot be created in the binderfs instance? I'm not objecting at all, I
> just want to make sure that this is the semantics you want because it
> would be easy to differentiate between the non-fail-debugfs and the new
> binderfs case.
I don't think we should fail the open, but it would be nice to have
some indication that it failed -- maybe a pr_warn() ?
>
> > +
> > + }
> > +
> > return 0;
> > }
> >
> > @@ -5442,6 +5470,12 @@ static int binder_release(struct inode *nodp, struct file *filp)
> > struct binder_proc *proc = filp->private_data;
> >
> > debugfs_remove(proc->debugfs_entry);
> > +
> > + if (proc->binderfs_entry) {
> > + binderfs_remove_file(proc->binderfs_entry);
> > + proc->binderfs_entry = NULL;
> > + }
> > +
> > binder_defer_work(proc, BINDER_DEFERRED_RELEASE);
> >
> > return 0;
> > diff --git a/drivers/android/binder_internal.h b/drivers/android/binder_internal.h
> > index b9be42d9464c..bd47f7f72075 100644
> > --- a/drivers/android/binder_internal.h
> > +++ b/drivers/android/binder_internal.h
> > @@ -35,17 +35,63 @@ struct binder_device {
> > struct inode *binderfs_inode;
> > };
> >
> > +/**
> > + * binderfs_mount_opts - mount options for binderfs
> > + * @max: maximum number of allocatable binderfs binder devices
> > + * @stats_mode: enable binder stats in binderfs.
> > + */
> > +struct binderfs_mount_opts {
> > + int max;
> > + int stats_mode;
> > +};
> > +
> > +/**
> > + * binderfs_info - information about a binderfs mount
> > + * @ipc_ns: The ipc namespace the binderfs mount belongs to.
> > + * @control_dentry: This records the dentry of this binderfs mount
> > + * binder-control device.
> > + * @root_uid: uid that needs to be used when a new binder device is
> > + * created.
> > + * @root_gid: gid that needs to be used when a new binder device is
> > + * created.
> > + * @mount_opts: The mount options in use.
> > + * @device_count: The current number of allocated binder devices.
> > + * @proc_log_dir: Pointer to the directory dentry containing process-specific
> > + * logs.
> > + */
> > +struct binderfs_info {
> > + struct ipc_namespace *ipc_ns;
> > + struct dentry *control_dentry;
> > + kuid_t root_uid;
> > + kgid_t root_gid;
> > + struct binderfs_mount_opts mount_opts;
> > + int device_count;
> > + struct dentry *proc_log_dir;
> > +};
> > +
> > extern const struct file_operations binder_fops;
> >
> > extern char *binder_devices_param;
> >
> > #ifdef CONFIG_ANDROID_BINDERFS
> > extern bool is_binderfs_device(const struct inode *inode);
> > +extern struct dentry *binderfs_create_file(struct dentry *dir, const char *name,
> > + const struct file_operations *fops,
> > + void *data);
> > +extern void binderfs_remove_file(struct dentry *dentry);
> > #else
> > static inline bool is_binderfs_device(const struct inode *inode)
> > {
> > return false;
> > }
> > +static inline struct dentry *binderfs_create_file(struct dentry *dir,
> > + const char *name,
> > + const struct file_operations *fops,
> > + void *data)
> > +{
> > + return NULL;
> > +}
> > +static inline void binderfs_remove_file(struct dentry *dentry) {}
> > #endif
> >
> > #ifdef CONFIG_ANDROID_BINDERFS
> > diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
> > index dc25a7d759c9..c386a3738290 100644
> > --- a/drivers/android/binderfs.c
> > +++ b/drivers/android/binderfs.c
> > @@ -48,16 +48,6 @@ static dev_t binderfs_dev;
> > static DEFINE_MUTEX(binderfs_minors_mutex);
> > static DEFINE_IDA(binderfs_minors);
> >
> > -/**
> > - * binderfs_mount_opts - mount options for binderfs
> > - * @max: maximum number of allocatable binderfs binder devices
> > - * @stats_mode: enable binder stats in binderfs.
> > - */
> > -struct binderfs_mount_opts {
> > - int max;
> > - int stats_mode;
> > -};
> > -
> > enum {
> > Opt_max,
> > Opt_stats_mode,
> > @@ -75,27 +65,6 @@ static const match_table_t tokens = {
> > { Opt_err, NULL }
> > };
> >
> > -/**
> > - * binderfs_info - information about a binderfs mount
> > - * @ipc_ns: The ipc namespace the binderfs mount belongs to.
> > - * @control_dentry: This records the dentry of this binderfs mount
> > - * binder-control device.
> > - * @root_uid: uid that needs to be used when a new binder device is
> > - * created.
> > - * @root_gid: gid that needs to be used when a new binder device is
> > - * created.
> > - * @mount_opts: The mount options in use.
> > - * @device_count: The current number of allocated binder devices.
> > - */
> > -struct binderfs_info {
> > - struct ipc_namespace *ipc_ns;
> > - struct dentry *control_dentry;
> > - kuid_t root_uid;
> > - kgid_t root_gid;
> > - struct binderfs_mount_opts mount_opts;
> > - int device_count;
> > -};
> > -
> > static inline struct binderfs_info *BINDERFS_I(const struct inode *inode)
> > {
> > return inode->i_sb->s_fs_info;
> > @@ -535,7 +504,22 @@ static struct dentry *binderfs_create_dentry(struct dentry *dir,
> > return dentry;
> > }
> >
> > -static struct dentry *binderfs_create_file(struct dentry *dir, const char *name,
> > +void binderfs_remove_file(struct dentry *dentry)
> > +{
> > + struct inode *dir;
> > +
> > + dir = d_inode(dentry->d_parent);
> > + inode_lock(dir);
> > + if (simple_positive(dentry)) {
> > + dget(dentry);
> > + simple_unlink(dir, dentry);
> > + d_delete(dentry);
> > + dput(dentry);
> > + }
> > + inode_unlock(dir);
> > +}
> > +
> > +struct dentry *binderfs_create_file(struct dentry *dir, const char *name,
> > const struct file_operations *fops,
> > void *data)
> > {
> > @@ -604,7 +588,8 @@ static struct dentry *binderfs_create_dir(struct dentry *parent,
> >
> > static int init_binder_logs(struct super_block *sb)
> > {
> > - struct dentry *binder_logs_root_dir, *file_dentry;
> > + struct dentry *binder_logs_root_dir, *file_dentry, *proc_log_dir;
> > + struct binderfs_info *info;
> > int ret = 0;
> >
> > binder_logs_root_dir = binderfs_create_dir(sb->s_root,
> > @@ -648,8 +633,18 @@ static int init_binder_logs(struct super_block *sb)
> > "failed_transaction_log",
> > &binder_transaction_log_fops,
> > &binder_transaction_log_failed);
> > - if (IS_ERR(file_dentry))
> > + if (IS_ERR(file_dentry)) {
> > ret = PTR_ERR(file_dentry);
> > + goto out;
> > + }
> > +
> > + proc_log_dir = binderfs_create_dir(binder_logs_root_dir, "proc");
> > + if (IS_ERR(proc_log_dir)) {
> > + ret = PTR_ERR(proc_log_dir);
> > + goto out;
> > + }
> > + info = sb->s_fs_info;
> > + info->proc_log_dir = proc_log_dir;
> >
> > out:
> > return ret;
> > --
> > 2.23.0.187.g17f5b7556c-goog
> >
>
> --
> To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@...roid.com.
>
Powered by blists - more mailing lists