Re: [PATCH v17 0/3] binder: report txn errors via generic netlink

From: Li Li
Date: Wed Apr 16 2025 - 11:58:06 EST

Next message: David Hildenbrand: "Re: [RFC PATCH] mm: don't promote exclusive file folios of dying processes"
Previous message: Bartosz Golaszewski: "Re: [PATCH] gpio: blzp1600: drop dependency on OF headers"
In reply to: Alice Ryhl: "Re: [PATCH v17 0/3] binder: report txn errors via generic netlink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 16, 2025 at 3:41 AM Alice Ryhl <aliceryhl@xxxxxxxxxx> wrote:
>
> On Tue, Apr 15, 2025 at 12:10:14AM -0700, Li Li wrote:
> > From: Li Li <dualli@xxxxxxxxxx>
> >
> > It's a known issue that neither the frozen processes nor the system
> > administration process of the OS can correctly deal with failed binder
> > transactions. The reason is that there's no reliable way for the user
> > space administration process to fetch the binder errors from the kernel
> > binder driver.
> >
> > Android is such an OS suffering from this issue. Since cgroup freezer
> > was used to freeze user applications to save battery, innocent frozen
> > apps have to be killed when they receive sync binder transactions or
> > when their async binder buffer is running out.
> >
> > This patch introduces the Linux generic netlink messages into the binder
> > driver so that the Linux/Android system administration process can
> > listen to important events and take corresponding actions, like stopping
> > a broken app from attacking the OS by sending huge amount of spamming
> > binder transactiions.
>
> I'm a bit confused about this series. Why is [PATCH] binder: add
> setup_report permission a reply to [PATCH v17 1/3] lsm, selinux: Add
> setup_report permission to binder? Which patches are supposed to be
> included and in which order?
>

"[PATCH] binder: add setup_report permission" isn't a Linux kernel patch
so it's not part of this kernel patchset.

Paul was asking for a test case of selinux-testsuite in v16. I added
it in v17, which is
"[PATCH v2] policy,tests: add test for new permission binder:setup_report".
The test depends on the patch you mentioned. So I linked both of them to
the kernel patchset for your convenience. Sorry for the confusion.

In short, the kernel patchset includes 3 patches:
2025-04-15 7:10 [PATCH v17 0/3] binder: report txn errors via generic netlink
2025-04-15 7:10 ` [PATCH v17 1/3] lsm, selinux: Add setup_report
permission to binder Li Li
2025-04-15 7:10 ` [PATCH v17 2/3] binder: report txn errors via
generic netlink Li Li
2025-04-15 7:10 ` [PATCH v17 3/3] binder: transaction report
binder_features flag Li Li

The corresponding test (for https://github.com/SELinuxProject/selinux-testsuite)
and its dependency (for https://github.com/SELinuxProject/refpolicy):

2025-04-15 7:13 ` [PATCH] binder: add setup_report permission Li Li
2025-04-15 7:47 ` [PATCH v2] policy,tests: add test for new
permission binder:setup_report Li Li

Next message: David Hildenbrand: "Re: [RFC PATCH] mm: don't promote exclusive file folios of dying processes"
Previous message: Bartosz Golaszewski: "Re: [PATCH] gpio: blzp1600: drop dependency on OF headers"
In reply to: Alice Ryhl: "Re: [PATCH v17 0/3] binder: report txn errors via generic netlink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]