| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aIZtWGPFCsHdNvq1@google.com> Date: Sun, 27 Jul 2025 18:18:00 +0000 From: Carlos Llamas <cmllamas@...gle.com> To: Alice Ryhl <aliceryhl@...gle.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Arve Hjønnevåg <arve@...roid.com>, Todd Kjos <tkjos@...roid.com>, Martijn Coenen <maco@...roid.com>, Joel Fernandes <joelagnelf@...dia.com>, Christian Brauner <brauner@...nel.org>, Suren Baghdasaryan <surenb@...gle.com>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, Donald Hunter <donald.hunter@...il.com>, Li Li <dualli@...gle.com> Cc: Tiffany Yang <ynaffit@...gle.com>, John Stultz <jstultz@...gle.com>, Shai Barack <shayba@...gle.com>, Thiébaud Weksteen <tweek@...gle.com>, kernel-team@...roid.com, linux-kernel@...r.kernel.org, "open list:NETWORKING [GENERAL]" <netdev@...r.kernel.org> Subject: Re: [PATCH v19 3/5] binder: introduce transaction reports via netlink On Fri, Jul 25, 2025 at 06:37:46PM +0000, Carlos Llamas wrote: > From: Li Li <dualli@...gle.com> > > Introduce a generic netlink multicast event to report binder transaction > failures to userspace. This allows subscribers to monitor these events > and take appropriate actions, such as stopping a misbehaving application > that is spamming a service with huge amount of transactions. > > The multicast event contains full details of the failed transactions, > including the sender/target PIDs, payload size and specific error code. > This interface is defined using a YAML spec, from which the UAPI and > kernel headers and source are auto-generated. > > Signed-off-by: Li Li <dualli@...gle.com> > Signed-off-by: Carlos Llamas <cmllamas@...gle.com> > --- > Documentation/netlink/specs/binder.yaml | 96 +++++++++++++++++++++ > MAINTAINERS | 1 + > drivers/android/Kconfig | 1 + > drivers/android/Makefile | 2 +- > drivers/android/binder.c | 85 +++++++++++++++++- > drivers/android/binder_netlink.c | 32 +++++++ > drivers/android/binder_netlink.h | 21 +++++ > include/uapi/linux/android/binder_netlink.h | 37 ++++++++ > 8 files changed, 270 insertions(+), 5 deletions(-) > create mode 100644 Documentation/netlink/specs/binder.yaml > create mode 100644 drivers/android/binder_netlink.c > create mode 100644 drivers/android/binder_netlink.h > create mode 100644 include/uapi/linux/android/binder_netlink.h > > diff --git a/Documentation/netlink/specs/binder.yaml b/Documentation/netlink/specs/binder.yaml > new file mode 100644 > index 000000000000..a2e54aa42448 > --- /dev/null > +++ b/Documentation/netlink/specs/binder.yaml > @@ -0,0 +1,96 @@ > +# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) > +# > +# Copyright 2025 Google LLC > +# > +--- > +name: binder > +protocol: genetlink > +uapi-header: linux/android/binder_netlink.h > +doc: Binder interface over generic netlink > + > +attribute-sets: > + - > + name: report > + doc: | > + Attributes included within a transaction failure report. The elements > + correspond directly with the specific transaction that failed, along > + with the error returned to the sender e.g. BR_DEAD_REPLY. > + > + attributes: > + - > + name: error > + type: u32 > + doc: The enum binder_driver_return_protocol returned to the sender. > + - > + name: context > + type: string > + doc: The binder context where the transaction occurred. > + - > + name: from_pid > + type: u32 > + doc: The PID of the sender process. > + - > + name: from_tid > + type: u32 > + doc: The TID of the sender thread. > + - > + name: to_pid > + type: u32 > + doc: | > + The PID of the recipient process. This attribute may not be present > + if the target could not be determined. > + - > + name: to_tid > + type: u32 > + doc: | > + The TID of the recipient thread. This attribute may not be present > + if the target could not be determined. > + - > + name: is_reply > + type: flag > + doc: When present, indicates the failed transaction is a reply. > + - > + name: flags > + type: u32 > + doc: The bitmask of enum transaction_flags from the transaction. > + - > + name: code > + type: u32 > + doc: The application-defined code from the transaction. > + - > + name: data_size > + type: u32 > + doc: The transaction payload size in bytes. > + > +operations: > + list: > + - > + name: report > + doc: | > + A multicast event sent to userspace subscribers to notify them about > + binder transaction failures. The generated report provides the full > + details of the specific transaction that failed. The intention is for > + programs to monitor these events and react to the failures as needed. > + > + attribute-set: report > + mcgrp: report > + event: > + attributes: > + - error > + - context > + - from_pid > + - from_tid > + - to_pid > + - to_tid > + - is_reply > + - flags > + - code > + - data_size > + > +kernel-family: > + headers: ["binder_internal.h"] Hmm, it seems this header inclusion was left in from patchset v13, where the 'struct binder_context' needed to be exposed. Not anymore though, so I'll send out a new version that drops this part.
Powered by blists - more mailing lists