lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1589200521.22902.18.camel@mtkswgap22>
Date:   Mon, 11 May 2020 20:35:21 +0800
From:   Frankie Chang <Frankie.Chang@...iatek.com>
To:     Todd Kjos <tkjos@...gle.com>
CC:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Joel Fernandes <joel@...lfernandes.org>,
        Martijn Coenen <maco@...roid.com>,
        Arve Hjønnevåg <arve@...roid.com>,
        Christian Brauner <christian@...uner.io>,
        LKML <linux-kernel@...r.kernel.org>,
        <linux-mediatek@...ts.infradead.org>,
        wsd_upstream <wsd_upstream@...iatek.com>,
        Jian-Min Liu <Jian-Min.Liu@...iatek.com>
Subject: Re: [PATCH v4 3/3] binder: add transaction latency tracer

On Thu, 2020-05-07 at 11:21 -0700, Todd Kjos wrote:
> On Thu, May 7, 2020 at 1:11 AM Frankie Chang <Frankie.Chang@...iatek.com> wrote:
> >
> > From: "Frankie.Chang" <Frankie.Chang@...iatek.com>
> >
> > Record start/end timestamp for binder transaction.
> > When transaction is completed or transaction is free,
> > it would be checked if transaction latency over threshold (2 sec),
> 
> If this is a hard-coded threshold, provide rationale for why 2 sec is
> the right value and it doesn't need to be tunable
> 

Some of modules would trigger timeout NE if their binder transaction
don't finish in time, such as audio timeout (5 sec), even BT command
timeout (2 sec), etc.

Therefore, we want to record related transactions which exceed 2 sec. It
could be helpful to debug.

> > if yes, printing related information for tracing.
> >
> > /* Implement details */
> > - Add latency tracer module to monitor slow transaction.
> >   The trace_binder_free_transaction would not be enabled
> >   by default. Monitoring which transaction is too slow to
> >   cause some of exceptions is important. So we hook the
> >   tracepoint to call the monitor function.
> 
> Please add a more complete description. This patch adds a module to
> monitor transaction latency by attaching to new tracepoints introduced
> when transactions are allocated and freed. Describe this in the commit
> message.
> 

Okay, we would add these description in next version.

> >
> > Signed-off-by: Frankie.Chang <Frankie.Chang@...iatek.com>
> > ---
> >  drivers/android/Kconfig                 |    8 +++
> >  drivers/android/Makefile                |    1 +
> >  drivers/android/binder.c                |    2 +
> >  drivers/android/binder_internal.h       |   13 ++++
> >  drivers/android/binder_latency_tracer.c |  105 +++++++++++++++++++++++++++++++
> >  drivers/android/binder_trace.h          |   26 +++++++-
> >  6 files changed, 152 insertions(+), 3 deletions(-)
> >  create mode 100644 drivers/android/binder_latency_tracer.c
> >
> >  Change from v4:
> >    split up into patch series.
> >
> >  Change from v3:
> >    use tracepoints for binder_update_info and print_binder_transaction_ext,
> >    instead of custom registration functions.
> >
> >  Change from v2:
> >    create transaction latency module to monitor slow transaction.
> >
> >  Change from v1:
> >    first patchset.
> >
> > diff --git a/drivers/android/Kconfig b/drivers/android/Kconfig
> > index 6fdf2ab..7ba80eb 100644
> > --- a/drivers/android/Kconfig
> > +++ b/drivers/android/Kconfig
> > @@ -54,6 +54,14 @@ config ANDROID_BINDER_IPC_SELFTEST
> >           exhaustively with combinations of various buffer sizes and
> >           alignments.
> >
> > +config BINDER_USER_TRACKING
> 
> Why not "BINDER_TRANSACTION_LATENCY_TRACKING"?
> 

Thanks for your advice. We would modify the config name to this proper
one.

> > +       bool "Android Binder transaction tracking"
> > +       help
> > +         Used for track abnormal binder transaction which is over 2 seconds,
> > +         when the transaction is done or be free, this transaction would be
> > +         checked whether it executed overtime.
> > +         If yes, printing out the detail info about it.
> 
> "If yes, print out the detailed info"
> 

We would modify it, thanks.

> > +
> >  endif # if ANDROID
> >
> >  endmenu
> > diff --git a/drivers/android/Makefile b/drivers/android/Makefile
> > index c9d3d0c9..552e8ac 100644
> > --- a/drivers/android/Makefile
> > +++ b/drivers/android/Makefile
> > @@ -4,3 +4,4 @@ ccflags-y += -I$(src)                   # needed for trace events
> >  obj-$(CONFIG_ANDROID_BINDERFS)         += binderfs.o
> >  obj-$(CONFIG_ANDROID_BINDER_IPC)       += binder.o binder_alloc.o
> >  obj-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
> > +obj-$(CONFIG_BINDER_USER_TRACKING)     += binder_latency_tracer.o
> > diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> > index 4c3dd98..b89d75a 100644
> > --- a/drivers/android/binder.c
> > +++ b/drivers/android/binder.c
> > @@ -2657,6 +2657,7 @@ static void binder_transaction(struct binder_proc *proc,
> >                 return_error_line = __LINE__;
> >                 goto err_alloc_t_failed;
> >         }
> > +       trace_binder_update_info(t, e);
> 
> Can this be a more descriptive name? Perhaps "trace_binder_txn_create()"
> 

Okay, we would replace the original name with
trace_binder_txn_latency_alloc.

> >         INIT_LIST_HEAD(&t->fd_fixups);
> >         binder_stats_created(BINDER_STAT_TRANSACTION);
> >         spin_lock_init(&t->lock);
> > @@ -5145,6 +5146,7 @@ static void print_binder_transaction_ilocked(struct seq_file *m,
> >                    t->to_thread ? t->to_thread->pid : 0,
> >                    t->code, t->flags, t->priority, t->need_reply);
> >         spin_unlock(&t->lock);
> > +       trace_print_binder_transaction_ext(m, t);
> 
> Why do you need to trace when dumping out the transaction info?
> 

Because we want to get the start time about this transaction, to check
whether these transactions consume too much time.

Converting kernel time to android time let us easily correspond kernel
log to android log. But it is not necessary if you think that is too
redundant.

> >
> >         if (proc != to_proc) {
> >                 /*
> > diff --git a/drivers/android/binder_internal.h b/drivers/android/binder_internal.h
> > index ed61b3e..24d7beb 100644
> > --- a/drivers/android/binder_internal.h
> > +++ b/drivers/android/binder_internal.h
> > @@ -12,6 +12,11 @@
> >  #include <linux/types.h>
> >  #include <linux/uidgid.h>
> >
> > +#ifdef CONFIG_BINDER_USER_TRACKING
> > +#include <linux/rtc.h>
> > +#include <linux/time.h>
> > +#endif
> > +
> >  struct binder_context {
> >         struct binder_node *binder_context_mgr_node;
> >         struct mutex context_mgr_node_lock;
> > @@ -131,6 +136,10 @@ struct binder_transaction_log_entry {
> >         uint32_t return_error;
> >         uint32_t return_error_param;
> >         char context_name[BINDERFS_MAX_NAME + 1];
> > +#ifdef CONFIG_BINDER_USER_TRACKING
> > +       struct timespec timestamp;
> > +       struct timeval tv;
> > +#endif
> >  };
> >
> >  struct binder_transaction_log {
> > @@ -520,6 +529,10 @@ struct binder_transaction {
> >          * during thread teardown
> >          */
> >         spinlock_t lock;
> > +#ifdef CONFIG_BINDER_USER_TRACKING
> > +       struct timespec timestamp;
> > +       struct timeval tv;
> > +#endif
> >  };
> >
> >  /**
> > diff --git a/drivers/android/binder_latency_tracer.c b/drivers/android/binder_latency_tracer.c
> > new file mode 100644
> > index 0000000..45c14fb
> > --- /dev/null
> > +++ b/drivers/android/binder_latency_tracer.c
> > @@ -0,0 +1,105 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) 2019 MediaTek Inc.
> > + */
> > +
> > +#include <linux/module.h>
> > +#include <uapi/linux/android/binder.h>
> > +#include "binder_alloc.h"
> > +#include "binder_internal.h"
> > +#include "binder_trace.h"
> > +
> > +/*
> > + * probe_binder_free_transaction - Output info of a delay transaction
> > + * @t:          pointer to the over-time transaction
> > + */
> > +void probe_binder_free_transaction(void *ignore, struct binder_transaction *t)
> > +{
> > +       struct rtc_time tm;
> > +       struct timespec *startime;
> > +       struct timespec cur, sub_t;
> > +
> > +       ktime_get_ts(&cur);
> > +       startime = &t->timestamp;
> > +       sub_t = timespec_sub(cur, *startime);
> > +
> > +       /* if transaction time is over than 2 sec,
> > +        * show timeout warning log.
> > +        */
> > +       if (sub_t.tv_sec < 2)
> > +               return;
> > +
> > +       rtc_time_to_tm(t->tv.tv_sec, &tm);
> > +
> > +       spin_lock(&t->lock);
> > +       pr_info_ratelimited("%d: from %d:%d to %d:%d",
> > +                       t->debug_id,
> > +                       t->from ? t->from->proc->pid : 0,
> > +                       t->from ? t->from->pid : 0,
> > +                       t->to_proc ? t->to_proc->pid : 0,
> > +                       t->to_thread ? t->to_thread->pid : 0);
> > +       spin_unlock(&t->lock);
> > +
> > +       pr_info_ratelimited(" total %u.%03ld s code %u start %lu.%03ld android %d-%02d-%02d %02d:%02d:%02d.%03lu\n",
> > +                       (unsigned int)sub_t.tv_sec,
> > +                       (sub_t.tv_nsec / NSEC_PER_MSEC),
> > +                       t->code,
> > +                       (unsigned long)startime->tv_sec,
> > +                       (startime->tv_nsec / NSEC_PER_MSEC),
> > +                       (tm.tm_year + 1900), (tm.tm_mon + 1), tm.tm_mday,
> > +                       tm.tm_hour, tm.tm_min, tm.tm_sec,
> > +                       (unsigned long)(t->tv.tv_usec / USEC_PER_MSEC));
> > +}
> > +
> > +static void probe_binder_update_info(void *ignore, struct binder_transaction *t,
> > +                          struct binder_transaction_log_entry *e)
> > +{
> > +       ktime_get_ts(&e->timestamp);
> > +       do_gettimeofday(&e->tv);
> > +       e->tv.tv_sec -= (sys_tz.tz_minuteswest * 60);
> > +       memcpy(&t->timestamp, &e->timestamp, sizeof(struct timespec));
> > +       memcpy(&t->tv, &e->tv, sizeof(struct timeval));
> > +}
> > +
> > +static void probe_print_binder_transaction_ext(void *ignore, struct seq_file *m,
> > +                                        struct binder_transaction *t)
> > +{
> > +       struct rtc_time tm;
> > +
> > +       rtc_time_to_tm(t->tv.tv_sec, &tm);
> > +       seq_printf(m,
> > +                  " start %lu.%06lu android %d-%02d-%02d %02d:%02d:%02d.%03lu",
> > +                  (unsigned long)t->timestamp.tv_sec,
> > +                  (t->timestamp.tv_nsec / NSEC_PER_USEC),
> > +                  (tm.tm_year + 1900), (tm.tm_mon + 1), tm.tm_mday,
> > +                  tm.tm_hour, tm.tm_min, tm.tm_sec,
> > +                  (unsigned long)(t->tv.tv_usec / USEC_PER_MSEC));
> > +
> > +}
> > +
> > +static int __init init_binder_latency_tracer(void)
> > +{
> > +       register_trace_binder_free_transaction(
> > +                       probe_binder_free_transaction, NULL);
> > +       register_trace_binder_update_info(
> > +                       probe_binder_update_info, NULL);
> > +       register_trace_print_binder_transaction_ext(
> > +                       probe_print_binder_transaction_ext, NULL);
> 
> Ah, now the trace in the print path makes sense. Please add a more
> detailed description to the commit message. Also add a comment at the
> trace point that it is for modules to attach to so additional
> information can be printed. Also, make the names of the tracepoints
> more descriptive of what they really are ...something like
> trace_binder_txn_latency_(alloc|info|free)
> 

Yes, we agree that this is a better way to make these tracepoints more
meaningful, and we would change it.

> > +
> > +       return 0;
> > +}
> > +
> > +static void exit_binder_latency_tracer(void)
> > +{
> > +       unregister_trace_binder_free_transaction(
> > +                       probe_binder_free_transaction, NULL);
> > +       unregister_trace_binder_update_info(
> > +                       probe_binder_update_info, NULL);
> > +       unregister_trace_print_binder_transaction_ext(
> > +                       probe_print_binder_transaction_ext, NULL);
> > +}
> > +
> > +module_init(init_binder_latency_tracer);
> > +module_exit(exit_binder_latency_tracer);
> > +
> > +MODULE_LICENSE("GPL v2");
> > diff --git a/drivers/android/binder_trace.h b/drivers/android/binder_trace.h
> > index 7acc18d..466993e 100644
> > --- a/drivers/android/binder_trace.h
> > +++ b/drivers/android/binder_trace.h
> > @@ -18,6 +18,7 @@
> >  struct binder_ref_data;
> >  struct binder_thread;
> >  struct binder_transaction;
> > +struct binder_transaction_log_entry;
> >
> >  TRACE_EVENT(binder_ioctl,
> >         TP_PROTO(unsigned int cmd, unsigned long arg),
> > @@ -95,6 +96,18 @@
> >                   __entry->thread_todo)
> >  );
> >
> > +DECLARE_TRACE(binder_update_info,
> > +       TP_PROTO(struct binder_transaction *t,
> > +                struct binder_transaction_log_entry *e),
> > +       TP_ARGS(t, e)
> > +);
> > +
> > +DECLARE_TRACE(print_binder_transaction_ext,
> > +       TP_PROTO(struct seq_file *m,
> > +                struct binder_transaction *t),
> > +       TP_ARGS(m, t)
> > +);
> > +
> >  TRACE_EVENT(binder_free_transaction,
> >         TP_PROTO(struct binder_transaction *t),
> >         TP_ARGS(t),
> > @@ -115,11 +128,18 @@
> >                 __entry->to_thread = t->to_thread ? t->to_thread->pid : 0;
> >                 __entry->code = t->code;
> >                 __entry->flags = t->flags;
> > -       ),
> > -       TP_printk("transaction=%d from %d:%d to %d:%d flags=0x%x code=0x%x",
> > +#ifdef CONFIG_BINDER_USER_TRACKING
> > +               __entry->start_sec = t->timestamp.tv_sec;
> > +               __entry->start_nsec = t->timestamp.tv_nsec / NSEC_PER_MSEC;
> > +#else
> > +               __entry->start_sec = 0;
> > +               __entry->start_nsec = 0;
> > +#endif
> > +       ),
> > +       TP_printk("transaction=%d from %d:%d to %d:%d flags=0x%x code=0x%x start %lu.%03ld",
> >                   __entry->debug_id, __entry->from_proc, __entry->from_thread,
> >                   __entry->to_proc, __entry->to_thread, __entry->code,
> > -                 __entry->flags)
> > +                 __entry->flags, __entry->start_sec, __entry->start_nsec)
> >  );
> >
> >  TRACE_EVENT(binder_transaction,
> > --
> > 1.7.9.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ