Re: [PATCH 2/4] binder: migrate ioctl to new PF_SPAM_DETECTION
From: Carlos Llamas
Date: Mon Apr 22 2024 - 18:24:31 EST
On Mon, Apr 22, 2024 at 10:52:57AM +0200, Alice Ryhl wrote:
> On Sun, Apr 21, 2024 at 1:49 AM Carlos Llamas <cmllamas@xxxxxxxxxx> wrote:
> >
> > On Thu, Apr 18, 2024 at 08:12:22AM +0000, Alice Ryhl wrote:
> > > Carlos Llamas <cmllamas@xxxxxxxxxx> writes:
> > > > @@ -5553,7 +5553,8 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
> > > > goto err;
> > > > }
> > > > binder_inner_proc_lock(proc);
> > > > - proc->oneway_spam_detection_enabled = (bool)enable;
> > > > + proc->flags &= ~PF_SPAM_DETECTION;
> > > > + proc->flags |= enable & PF_SPAM_DETECTION;
> > >
> > > The bitwise and in `enable & PF_SPAM_DETECTION` only works because
> > > PF_SPAM_DETECTION happens to be equal to 1. This seems pretty fragile to
> > > me. Would you be willing to do this instead?
> > >
> > > proc->flags &= ~PF_SPAM_DETECTION;
> > > if (enable)
> > > proc->flags |= PF_SPAM_DETECTION;
> > >
> >
> > I don't think it is fragile since PF_SPAM_DETECTION is fixed. However,
> > I agree the code is missing context about the flag being bit 0 and your
> > version addresses this problem. So I'll take it for v2, thanks!
>
> Thanks! By fragile I mean that it could result in future mistakes,
> e.g. somebody could copy this code and use it elsewhere with a
> different bit flag that might not be bit 0.
Oh, I see. Yeah that would be a problem.
>
> > > Carlos Llamas <cmllamas@xxxxxxxxxx> writes:
> > > > - if (proc->oneway_spam_detection_enabled &&
> > > > - w->type == BINDER_WORK_TRANSACTION_ONEWAY_SPAM_SUSPECT)
> > > > + if (proc->flags & PF_SPAM_DETECTION &&
> > > > + w->type == BINDER_WORK_TRANSACTION_ONEWAY_SPAM_SUSPECT)
> > >
> > > Maybe I am just not sufficiently familiar with C, but I had to look up
> > > the operator precedence rules for this one. Could we add parenthesises
> > > around `proc->flags & PF_SPAM_DETECTION`? Or even define a macro for it?
> >
> > I think this is fairly common in C but I can definitly add the extra
> > paranthesis if it helps.
>
> Yeah, makes sense. Thanks!
>
> With the mentioned changes, you may add:
> Reviewed-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
Done. Thanks!