[PATCH v2 00/28] binder: convert alloc->mutex to spinlock

[Carlos Llamas]

This series refactors the binder buffer allocation space to be able to
convert the alloc->mutex into a spinlock. Doing so decreases the latency
of binder transactions seen under worst-case scenarios.

I attempted to organize and improve readability of things that were
touched during this process. I also include a couple of fixes (unrelated
to the lock conversion) for issues I found along the way.

Regards,
Carlos Llamas

Cc: Todd Kjos <tkjos@xxxxxxxxxx>
Cc: Alice Ryhl <aliceryhl@xxxxxxxxxx>
Cc: John Stultz <jstultz@xxxxxxxxxx>
Cc: Suren Baghdasaryan <surenb@xxxxxxxxxx> 
Cc: Tim Murray <timmurray@xxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

v2:
 - New fix for wasted alloc->free_sync_space calculation
 - Fix issues pointed out by Alice: incorrect size overflow check, data
   race in buffer->async_transaction, reorder of __free_page(page) and
   new_buffer leak in some error paths.
 - Better naming and comments to accommodate the new scope of things
   e.g. binder_lru_freelist_add() and binder_install_single_page().
 - Dropped patch ("binder: do not add pages to LRU in release path")
   since it is not worth the added complexity.
 - Avoid _new_ logs of unhashed userspace addresses.
 - More minor cosmeting changes.
 - Add Reviewed-by tags.

v1:
   https://lore.kernel.org/all/20231102185934.773885-1-cmllamas@xxxxxxxxxx/

Carlos Llamas (28):
  binder: use EPOLLERR from eventpoll.h
  binder: fix use-after-free in shinker's callback
  binder: fix race between mmput() and do_exit()
  binder: fix async space check for 0-sized buffers
  binder: fix unused alloc->free_async_space
  binder: fix trivial typo of binder_free_buf_locked()
  binder: fix comment on binder_alloc_new_buf() return value
  binder: remove extern from function prototypes
  binder: keep vma addresses type as unsigned long
  binder: split up binder_update_page_range()
  binder: do unlocked work in binder_alloc_new_buf()
  binder: remove pid param in binder_alloc_new_buf()
  binder: separate the no-space debugging logic
  binder: relocate low space calculation
  binder: relocate binder_alloc_clear_buf()
  binder: refactor page range allocation
  binder: malloc new_buffer outside of locks
  binder: initialize lru pages in mmap callback
  binder: perform page installation outside of locks
  binder: remove redundant debug log
  binder: make oversized buffer code more readable
  binder: rename lru shrinker utilities
  binder: document the final page calculation
  binder: collapse print_binder_buffer() into caller
  binder: refactor binder_delete_free_buffer()
  binder: avoid user addresses in debug logs
  binder: reverse locking order in shrinker callback
  binder: switch alloc->mutex to spinlock_t

 drivers/android/binder.c                |  27 +-
 drivers/android/binder_alloc.c          | 858 ++++++++++++------------
 drivers/android/binder_alloc.h          |  61 +-
 drivers/android/binder_alloc_selftest.c |  14 +-
 drivers/android/binder_trace.h          |   2 +-
 5 files changed, 489 insertions(+), 473 deletions(-)


base-commit: 994d5c58e50e91bb02c7be4a91d5186292a895c8
-- 
2.43.0.rc2.451.g8631bc7472-goog