Re: [PATCH] ANDROID: binderfs: add capabilities support

From: Carlos Llamas
Date: Thu Jul 08 2021 - 12:33:51 EST


On Wed, Jul 7, 2021 at 10:59 AM Greg Kroah-Hartman
<gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Wed, Jul 07, 2021 at 04:24:19PM +0000, Carlos Llamas wrote:
> > Provide userspace with a mechanism to discover binder driver
> > capabilities to refrain from using these unsupported features
> > in the first place. Note that older capabilities are assumed
> > to be supported and only new ones will be added.
>
> What defines "new" vs. "old"? Where was the line drawn?

Any feature after "one way spam" may be added to the capabilities.
I'll amend the commit message to indicate this.

>
> > Signed-off-by: Carlos Llamas <cmllamas@xxxxxxxxxx>
> > ---
> > drivers/android/binderfs.c | 45 ++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 45 insertions(+)
> >
> > diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
> > index e80ba93c62a9..f793887f6dc8 100644
> > --- a/drivers/android/binderfs.c
> > +++ b/drivers/android/binderfs.c
> > @@ -58,6 +58,10 @@ enum binderfs_stats_mode {
> > binderfs_stats_mode_global,
> > };
> >
> > +struct binder_capabilities {
> > + bool oneway_spam;
> > +};
> > +
> > static const struct constant_table binderfs_param_stats[] = {
> > { "global", binderfs_stats_mode_global },
> > {}
> > @@ -69,6 +73,10 @@ static const struct fs_parameter_spec binderfs_fs_parameters[] = {
> > {}
> > };
> >
> > +static struct binder_capabilities binder_caps = {
> > + .oneway_spam = true,
> > +};
> > +
> > static inline struct binderfs_info *BINDERFS_SB(const struct super_block *sb)
> > {
> > return sb->s_fs_info;
> > @@ -583,6 +591,39 @@ static struct dentry *binderfs_create_dir(struct dentry *parent,
> > return dentry;
> > }
> >
> > +static int binder_caps_show(struct seq_file *m, void *unused)
> > +{
> > + bool *cap = m->private;
> > +
> > + seq_printf(m, "%d\n", *cap);
> > +
> > + return 0;
> > +}
> > +DEFINE_SHOW_ATTRIBUTE(binder_caps);
> > +
> > +static int init_binder_caps(struct super_block *sb)
> > +{
> > + struct dentry *dentry, *root;
> > + int ret = 0;
> > +
> > + root = binderfs_create_dir(sb->s_root, "caps");
> > + if (IS_ERR(root)) {
> > + ret = PTR_ERR(root);
> > + goto out;
> > + }
> > +
> > + dentry = binderfs_create_file(root, "oneway_spam",
> > + &binder_caps_fops,
> > + &binder_caps.oneway_spam);
> > + if (IS_ERR(dentry)) {
> > + ret = PTR_ERR(dentry);
> > + goto out;
>
> If this fails, you still report that an error happened, yet you do not
> remove the directory? Is that intended?

Propagating an error in this case will kill the super block along with the
capabilities entries. At a user level the binderfs will fail to be mounted,
so anything created up until this point is removed.

>
> And where is this new file documented? Where are the existing binderfs
> files documented?

oh! we do have "Documentation/admin-guide/binderfs.rst". I'll add a
brief explanation of these new capabilities files there.

>
> thanks,
>
> greg k-h

thanks,
carlos llamas