[PATCH v4] binder: frozen notification
From: Yu-Ting Tseng
Date: Mon Jul 01 2024 - 14:23:29 EST
> I believe the external link would be https://r.android.com/3070045
Fixed
> BR_ERROR and binder_debug
Removed
> Are we ok modifying the ref->freeze->* space here without the
inner_lock?
Good catch. Moved freeze->* access earlier before it's assigned to ref->freeze so that's safe without locking.
> I'm not entirely sure why we attempt to queue this as thread work
Was mimicking how it's done with death notification. Removed.
> We set the work type to CLEAR regardless, might as well factor it out.
Done
> It seems the freeze->* space is protected by the proc->inner_lock right
Yes, freeze->* is protected by the proc inner lock. ref->freeze is protected by the node lock.
> I believe you should zero the 'info' before copy_to_user()
Done.
> So we traverse every single reference of every single node in this proc
looking for references subscribed to freeze, correct?
That's correct.
> What if there a EAGAIN error following this below?
Fixed. Moved binder_add_freeze_work(target_proc, true) near the end of the function where we know whether freezing is successful.
> any reason why is_frozen didn't make it to the bitfields?
Fixed
> No need for a struct
Fixed
> You could still keep the original bool for bitfields too if you want.
Sure. Done.
Yu-Ting Tseng (1):
binder: frozen notification
drivers/android/binder.c | 300 +++++++++++++++++++++++++++-
drivers/android/binder_internal.h | 23 ++-
include/uapi/linux/android/binder.h | 35 ++++
3 files changed, 354 insertions(+), 4 deletions(-)
base-commit: 14d7c92f8df9c0964ae6f8b813c1b3ac38120825
--
2.45.2.803.g4e1b14247a-goog