On Thu, Nov 08, 2018 at 01:02:32PM +, chouryzhou(周威) wrote:
> We are working for running android in container, but we found that binder is
> not isolated by ipc namespace. Since binder is a form of IPC and therefore
> should
> be tied to ipc namespace. With this patch, we can run more than o
On November 12, 2018 8:45:07 AM PST, Todd Kjos wrote:
>+christ...@brauner.io +Martijn Coenen
>
>Christian,
>
>Does this patch work for your container use-cases? If not, please
>comment on this thread. Let's discuss at LPC this week.
I have not received an answer to my questions in the last versio
o provide backwards
> compatibility for non-container use-cases.
>
> The etherpad notes are at [2] (look at "Dynamically Allocated Binder
> Devices" section)
>
> Christian Brauner will be sending out more details.
Ok, sorry for the delay I got caught up in other work
ot;name suffix %d\n", device.major, device.minor,
device.suffix);
exit(EXIT_SUCCESS);
}
/* Demo */
A demo of how binderfs works can be found under [2].
[1]: https://goo.gl/JL2tfX
[2]: https://asciinema.org/a/zYUCqL7OySASWK9S2yVFq2sxM
Cc: Martijn Coenen
Cc: Todd Kjos
Cc
On Wed, Dec 05, 2018 at 09:01:45PM +0100, Greg KH wrote:
> On Tue, Dec 04, 2018 at 02:12:39PM +0100, Christian Brauner wrote:
> > As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
> > implementation of binderfs. If you want to skip reading and just see h
On Thu, Dec 06, 2018 at 03:04:03PM +0100, Greg KH wrote:
> On Wed, Dec 05, 2018 at 10:42:06PM +0100, Christian Brauner wrote:
> > On Wed, Dec 05, 2018 at 09:01:45PM +0100, Greg KH wrote:
> > > > /* binder-control */
> > > > Each new binderfs instance comes with
T_FAILURE);
}
printf("Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
/* Demo */
A demo of how binderfs works can be found under [2].
[1
On Tue, Dec 11, 2018 at 03:44:48AM +, chouryzhou(周威) wrote:
> > chouryzhou@, can you confirm that this implementation works for your
> > android-in-container use-case?
> >
> > -Todd
> >
> We are running Android Pie in container now. If it works for later Android
> release, it will works for
On Mon, Mar 15, 2021 at 06:16:27PM -0700, Li Li wrote:
> From: Li Li
>
> To improve the user experience when switching between recently used
> applications, the background applications which are not currently needed
> are cached in the memory. Normally, a well designed application will not
> cons
On Mon, Mar 15, 2021 at 06:16:28PM -0700, Li Li wrote:
> From: Marco Ballesio
>
> Frozen tasks can't process binder transactions, so a way is required to
> inform transmitting ends of communication failures due to the frozen
> state of their receiving counterparts. Additionally, races are possibl
On Thu, Apr 01, 2021 at 05:09:30PM +0800, Xie Yongji wrote:
> This series starts from Christian's comments on the series[1].
> We'd like to export receive_fd() which can not only be used by
> our module in the series[1] but also allow further cleanups
> like patch 2 does.
>
> Now this series is ba
On Thu, Apr 01, 2021 at 11:54:45AM +0200, Greg KH wrote:
> On Thu, Apr 01, 2021 at 05:09:32PM +0800, Xie Yongji wrote:
> > Use receive_fd() to receive file from another process instead of
> > combination of get_unused_fd_flags() and fd_install(). This simplifies
> > the logic and also makes sure we
On Fri, Apr 16, 2021 at 05:55:16AM +, Al Viro wrote:
> On Fri, Apr 16, 2021 at 05:19:50AM +, Al Viro wrote:
> > On Thu, Apr 01, 2021 at 12:40:34PM +0200, Christian Brauner wrote:
>
> > > and see whether all of them can be switched to simply using
> > > re
On Fri, Apr 16, 2021 at 02:09:35PM +, Al Viro wrote:
> On Fri, Apr 16, 2021 at 03:42:52PM +0200, Christian Brauner wrote:
> > > > are drivers/dma-buf/sw_sync.c and drivers/dma-buf/sync_file.c, etc.
> > >
> > > FWIW, pretty much all ioctls that return
On Fri, Apr 16, 2021 at 03:35:59PM +, Al Viro wrote:
> On Fri, Apr 16, 2021 at 05:13:10PM +0200, Christian Brauner wrote:
>
> > My point here was more that the _file_ has already been opened _before_
> > that call to io_uring_add_task_file(). But any potential non-trivial
&
On Fri, Apr 16, 2021 at 05:58:25PM +0200, Christian Brauner wrote:
> On Fri, Apr 16, 2021 at 03:35:59PM +, Al Viro wrote:
> > On Fri, Apr 16, 2021 at 05:13:10PM +0200, Christian Brauner wrote:
> >
> > > My point here was more that the _file_ has already been opened _be
or the file object may never be
> dereferenced -- which can lead to hung processes.
>
> Force the binder thread back to userspace if an fd is closed during
> BC_FREE_BUFFER handling.
>
> Signed-off-by: Todd Kjos
> ---
Looks good. Th
ow
> 'is_failure' can be used to accurately detect this case.
>
> Fixes: 44d8047f1d87 ("binder: use standard functions to allocate fds")
> Signed-off-by: Todd Kjos
> ---
Looks good to me.
Acked-by: Christian Brauner
__
tigation. It is a partial
> reversion because subsequent patches rely on proc->cred.
>
> Cc: sta...@vger.kernel.org # 4.4+
> Fixes: 29bc22ac5e5b ("binder: use euid from cred instead of using task")
> Signed-off-by: Todd Kjos
> Change-Id: I9b1769a3510fed250bb
re visible to the
> target prior to the fixups.
>
> Instead of copying all of the data first, copy data only
> after any needed fixups have been applied.
>
> Fixes: 457b9a6f09f0 ("Staging: android: add binder driver")
> Reviewed-by: Martijn Coenen
> Signed-off-by
Suggested-by: Dan Carpenter
> Signed-off-by: Todd Kjos
> ---
Looks good.
Acked-by: Christian Brauner
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
ent checks. Previously the alignment checks would
> have been done in a different place, but this lets us print more
> useful error messages.
>
> Reviewed-by: Martijn Coenen
> Signed-off-by: Todd Kjos
> ---
Looks good.
Acked-by: Christian Brauner
oid: binder: Move buffer out of area shared with
> user space")
> Signed-off-by: Todd Kjos
> ---
Looks good.
Acked-by: Christian Brauner
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
es-Coverity: ("Unused value")
> Signed-off-by: Colin Ian King
> ---
Thanks!
Acked-by: Christian Brauner
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
On Mon, Sep 21, 2020 at 04:24:23PM +0800, Liu Shixin wrote:
> Simplify the return expression.
>
> Signed-off-by: Liu Shixin
> ---
Why not is all I can really say. :) But if this is about simplifying you
could get rid of the "ret" and "failure string" variables, and the goto
in that function comp
On Tue, Sep 29, 2020 at 09:52:16AM +0800, Liu Shixin wrote:
> Simplify the return expression.
>
> Signed-off-by: Liu Shixin
> ---
Thanks!
Acked-by: Christian Brauner
___
devel mailing list
de...@linuxdriverproj
version doesn't change the overflow wrap around behavior.
>
> Signed-off-by: Shuah Khan
> Reviewed-by: Joel Fernandes (Google)
> Reviewed-by: Kees Cook
> ---
Thanks!
Reviewed-by: Christian Brauner
___
devel mailing list
de...@lin
binder_work element
> must not be accessed after releasing the inner_proc_lock while
> processing the todo list elements since another thread might be
> handling a deref on the node containing the binder_work element
> leading to the node being freed
On Mon, Oct 26, 2020 at 07:03:14PM +0800, Zhang Qilong wrote:
> Depending on the context, the error return value
> here (extra_buffers_size < added_size) should be
> negative.
>
> Signed-off-by: Zhang Qilong
> ---
Thanks!
Acked-
> On Fri, Dec 7, 2018 at 3:26 PM Christian Brauner wrote:
> >
> > As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
> > implementation of binderfs.
> >
> > binderfs is a backwards-compatible filesystem for Android's binder ipc
> &
On Thu, Dec 13, 2018 at 06:56:26PM +0100, Greg Kroah-Hartman wrote:
> On Wed, Dec 12, 2018 at 01:51:27PM +0100, Christian Brauner wrote:
> > > > Cc: Martijn Coenen
> > > > Cc: Todd Kjos
> > > > Cc: Greg Kroah-Hartman
> > > > Signed-off-by: C
quot;Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
Cc: Martijn Coenen
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
Acked-by: Todd Kjos
---
v1:
On Fri, Dec 14, 2018 at 10:11:23AM +0300, Dan Carpenter wrote:
> On Thu, Dec 13, 2018 at 10:59:11PM +0100, Christian Brauner wrote:
> > +/**
> > + * binderfs_new_inode - allocate inode from super block of a binderfs mount
> > + * @ref_inode: inode from wich the supe
quot;Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
Cc: Martijn Coenen
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
Acked-by: Todd Kjos
---
v3
On Wed, Dec 19, 2018 at 09:47:56AM +0100, Greg KH wrote:
> On Fri, Dec 14, 2018 at 01:11:14PM +0100, Christian Brauner wrote:
> > As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
> > implementation of binderfs.
>
>
>
> Looks good to me, th
binderfs mounts.
3. /proc/sys/fs/binder/reserved:
Ensure that global root can reserve binder devices for the initial
binderfs mount in the initial ipc namespace to prevent DOS attacks.
This is equivalent to sysctls of devpts.
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c
On Fri, Dec 21, 2018 at 02:55:09PM +0100, Greg KH wrote:
> On Fri, Dec 21, 2018 at 02:39:09PM +0100, Christian Brauner wrote:
> > This implements three sysctls that have very specific goals:
>
> Ick, why?
>
> What are these going to be used for? Who will "control&q
On Fri, Dec 21, 2018 at 04:37:58PM +0100, Greg KH wrote:
> On Fri, Dec 21, 2018 at 03:12:42PM +0100, Christian Brauner wrote:
> > On Fri, Dec 21, 2018 at 02:55:09PM +0100, Greg KH wrote:
> > > On Fri, Dec 21, 2018 at 02:39:09PM +0100, Christian Brauner wrote:
> > > >
On Fri, Dec 21, 2018 at 05:33:16PM +0100, Greg KH wrote:
> On Fri, Dec 21, 2018 at 04:59:19PM +0100, Christian Brauner wrote:
> > On Fri, Dec 21, 2018 at 04:37:58PM +0100, Greg KH wrote:
> > > On Fri, Dec 21, 2018 at 03:12:42PM +0100, Christian Brauner wrote:
> > > >
+gdvw4fkkk8oznair9g5icjlyodo8hykv3o0o1jt...@mail.gmail.com/
[4]: https://lore.kernel.org/lkml/20181221192044.5yvfnuri7gdop...@brauner.io/
Cc: Todd Kjos
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 109 +++--
1 file
On Sun, Dec 23, 2018 at 12:29:44PM +0100, Greg KH wrote:
> On Sat, Dec 22, 2018 at 10:18:06PM +0100, Christian Brauner wrote:
> > Since binderfs can be mounted by userns root in non-initial user namespaces
> > some precautions are in order. First, a way to set a maximum on the numbe
On Sat, Dec 22, 2018 at 10:18:06PM +0100, Christian Brauner wrote:
> Since binderfs can be mounted by userns root in non-initial user namespaces
> some precautions are in order. First, a way to set a maximum on the number
> of binder devices that can be allocated per binderfs instance a
ut risking that all minor numbers have
already been used up.
Cc: Todd Kjos
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
v1:
- patch introduced
v0:
- patch not present
---
drivers/android/binderfs.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drive
: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
v1:
- split reserving devices for the binderfs instance in the initial ipc
namespace into a separate patch (cf. [1])
- s/
- use simple int instead of atomic_t for counting devices since we're
incrementing and decrementing under a
On Sun, Dec 23, 2018 at 03:35:49PM +0100, Christian Brauner wrote:
> Since binderfs can be mounted by userns root in non-initial user namespaces
> some precautions are in order. First, a way to set a maximum on the number
> of binder devices that can be allocated per binderfs instance a
On Mon, Dec 24, 2018 at 12:45:59PM +0100, Greg KH wrote:
> On Mon, Dec 24, 2018 at 12:09:37PM +0100, Christian Brauner wrote:
> > On Sun, Dec 23, 2018 at 03:35:49PM +0100, Christian Brauner wrote:
> > > Since binderfs can be mounted by userns root in non-initial user
> >
On Wed, Jan 02, 2019 at 12:17:31PM +0300, Dan Carpenter wrote:
> On Sun, Dec 23, 2018 at 03:35:49PM +0100, Christian Brauner wrote:
> > static inline struct binderfs_info *BINDERFS_I(const struct inode *inode)
> > @@ -110,10 +132,16 @@ static int binderfs_binder_device_crea
: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
v2:
- grab mutex to decrement device_count in the one place where it was
missing (cf. [changelog-3]).
v1:
- split reserving devices for the binderfs instance in the initial ipc
namespace into a separate patch (cf. [changelog-1])
- s/
- use
ut risking that all minor numbers have
already been used up.
Cc: Todd Kjos
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
v2:
- patch unchanged
v1:
- patch introduced
v0:
- patch not present
---
drivers/android/binderfs.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
On Wed, Jan 2, 2019 at 12:32 PM Christian Brauner wrote:
>
> Since binderfs can be mounted by userns root in non-initial user namespaces
> some precautions are in order. First, a way to set a maximum on the number
> of binder devices that can be allocated per binderfs instance and sec
On Thu, Jan 03, 2019 at 12:25:24PM -0800, Todd Kjos wrote:
> On Sun, Dec 23, 2018 at 6:36 AM Christian Brauner
> wrote:
> >
> > The binderfs instance in the initial ipc namespace will always have a
> > reserve of 4 binder devices unless explicitly capped by specifying a
On Thu, Jan 03, 2019 at 01:47:13PM -0800, Todd Kjos wrote:
> On Thu, Jan 3, 2019 at 12:34 PM Christian Brauner
> wrote:
> >
> > On Thu, Jan 03, 2019 at 12:25:24PM -0800, Todd Kjos wrote:
> > > On Sun, Dec 23, 2018 at 6:36 AM Christian Brauner
> > > wrote:
&
The binderfs filesystem never needs to be mounted by the kernel itself.
This is conceptually wrong and should never have been done in the first
place.
Fixes: 3ad20fe393b ("binder: implement binderfs")
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 10
More details can be found in the commit message for each patch.
Thanks!
Christian
Christian Brauner (2):
binderfs: remove wrong kern_mount() call
binderfs: make each binderfs mount a new instance
drivers/android/binderfs.c | 51 ++
1 file changed, 2 inser
to get a private kdbusfs instance
in the same IPC namespace by making each mount of kdbusfs a separate
instance. I think that makes a lot of sense.
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 41 ++
1 file changed, 2 insertions(+), 39 d
It doesn't make sense to call the header binder_ctl.h when its sole
existence is tied to binderfs. So give it a sensible name. Users will far
more easily remember binderfs.h than binder_ctl.h.
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c
On Fri, Jan 11, 2019 at 10:18:18AM +0100, Greg KH wrote:
> On Wed, Jan 02, 2019 at 12:32:19PM +0100, Christian Brauner wrote:
> > The binderfs instance in the initial ipc namespace will always have a
> > reserve of 4 binder devices unless explicitly capped by specifying a lower
&g
ut risking that all minor numbers have
already been used up.
Cc: Todd Kjos
Cc: Greg Kroah-Hartman
Signed-off-by: Christian Brauner
---
v2:
- patch unchanged
v1:
- patch introduced
v0:
- patch not present
---
drivers/android/binderfs.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
On Fri, Jan 11, 2019 at 11:19:40AM +0100, Christian Brauner wrote:
> The binderfs instance in the initial ipc namespace will always have a
> reserve of 4 binder devices unless explicitly capped by specifying a lower
> value via the "max" mount option.
> This ensures when bind
kbuild reported a build faile in [1]. This is triggered when CONFIG_IPC_NS
is not set. So let's make the use of init_ipc_ns conditional on
CONFIG_IPC_NS being set.
[1]: https://lists.01.org/pipermail/kbuild-all/2019-January/056903.html
Signed-off-by: Christian Brauner
---
drivers/an
On Wed, Jan 16, 2019 at 03:01:04AM +, Wei Yongjun wrote:
> Fix to return a negative error code -ENOMEM from the new_inode() and
> d_make_root() error handling cases instead of 0, as done elsewhere in
> this function.
>
> Fixes: 3ad20fe393b3 ("binder: implement binderfs")
> Signed-off-by: Wei Y
On Wed, Jan 16, 2019 at 07:25:46AM +0100, Christian Brauner wrote:
> On Wed, Jan 16, 2019 at 03:01:04AM +, Wei Yongjun wrote:
> > Fix to return a negative error code -ENOMEM from the new_inode() and
> > d_make_root() error handling cases instead of 0, as done elsewhere in
&g
On Wed, Jan 16, 2019 at 08:34:02AM +, Wei Yongjun wrote:
> Fix to return a negative error code -ENOMEM from the new_inode() and
> d_make_root() error handling cases instead of 0, as done elsewhere in
> this function.
>
> Fixes: 3ad20fe393b3 ("binder: implement binderfs")
This should be:
Fixe
On Wed, Jan 16, 2019 at 09:41:08AM +0100, Christian Brauner wrote:
> On Wed, Jan 16, 2019 at 08:34:02AM +, Wei Yongjun wrote:
> > Fix to return a negative error code -ENOMEM from the new_inode() and
> > d_make_root() error handling cases instead of 0, as done elsewhere in
&g
works
Cc: Todd Kjos
Signed-off-by: Christian Brauner
---
tools/testing/selftests/Makefile | 1 +
.../selftests/filesystems/binderfs/.gitignore | 1 +
.../selftests/filesystems/binderfs/Makefile | 6 +
.../filesystems/binderfs/binderfs_test.c | 120
On January 16, 2019 5:54:50 PM GMT+02:00, Greg KH
wrote:
>On Wed, Jan 16, 2019 at 02:19:03PM +0100, Christian Brauner wrote:
>> This adds the promised selftest for binderfs. It will verify the
>following
>> things:
>> - binderfs mounting works
>> - binder device al
On January 16, 2019 6:42:20 PM GMT+02:00, Greg KH
wrote:
>On Wed, Jan 16, 2019 at 06:21:12PM +0200, Christian Brauner wrote:
>> On January 16, 2019 5:54:50 PM GMT+02:00, Greg KH
> wrote:
>> >On Wed, Jan 16, 2019 at 02:19:03PM +0100, Christian Brauner wrote:
>> >>
On Wed, Jan 16, 2019 at 06:57:10PM +0200, Christian Brauner wrote:
> On January 16, 2019 6:42:20 PM GMT+02:00, Greg KH
> wrote:
> >On Wed, Jan 16, 2019 at 06:21:12PM +0200, Christian Brauner wrote:
> >> On January 16, 2019 5:54:50 PM GMT+02:00, Greg KH
> > wrote:
>
works
Cc: Todd Kjos
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- check for ENODEV on mount failure to detect whether binderfs is
available
If it is not, skip the test and exit with success.
---
tools/testing/selftests/Makefile | 1 +
.../selftests/filesystems
On Wed, Jan 16, 2019 at 11:40:50PM +0100, Greg KH wrote:
> On Wed, Jan 16, 2019 at 11:27:45PM +0100, Christian Brauner wrote:
> > This adds the promised selftest for binderfs. It will verify the following
> > things:
> > - binderfs mounting works
> > - bin
On Wed, Jan 16, 2019 at 04:11:55PM -0700, shuah wrote:
> Hi Christian,
>
> On 1/16/19 3:27 PM, Christian Brauner wrote:
> > This adds the promised selftest for binderfs. It will verify the following
> > things:
> > - binderfs mounting works
> > - binder device al
works
The tests are performed both privileged and unprivileged. The latter
verifies that binderfs behaves correctly in user namespaces.
Cc: Todd Kjos
Signed-off-by: Christian Brauner
---
/* Changelog */
v2:
- make failure to create /dev/binderfs directory fatal in all circumstances
- make tests run
On Thu, Jan 17, 2019 at 11:55:49AM +0100, Greg KH wrote:
> On Thu, Jan 17, 2019 at 11:28:21AM +0100, Christian Brauner wrote:
> > This adds the promised selftest for binderfs. It will verify the following
> > things:
> > - binderfs mounting works
> > - bin
works
The tests are performed both privileged and unprivileged. The latter
verifies that binderfs behaves correctly in user namespaces.
Cc: Todd Kjos
Signed-off-by: Christian Brauner
---
/* Changelog */
v3:
- s/printf/ksft_print_msg/g
- do not report misleading errno on short write
v2:
- make
arate helper is_binderfs_control_device() since it's now used in two
places.
Additionally, replace the custom rename dance we did with call to
simple_rename().
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 33 -
1 file c
stian
Christian Brauner (5):
binderfs: remove outdated comment
binderfs: prevent renaming the control dentry
binderfs: rework binderfs_fill_super()
binderfs: kill_litter_super() before cleanup
binderfs: drop lock in binderfs_binder_ctl_create
drivers/android/binderfs.c
up on error.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 35 +--
1 file changed, 9 insertions(+), 26 deletions(-)
diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
index 02c96b5edfa9..c0fa495ee994 100644
The binderfs_binder_ctl_create() call is a no-op on subsequent calls and
the first call is done before we unlock the suberblock. Hence, there is no
need to take inode_lock() in there. Let's remove it.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
Note, that fs/de
The comment stems from an early version of that patchset and is just
confusing now.
Cc: Al Viro
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 4
1 file changed, 4 deletions(-)
diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c
index e4ff4c3fa371
Al pointed out that first calling kill_litter_super() before cleaning up
info is more correct since destroying info doesn't depend on the state of
the dentries and inodes. That the opposite remains true is not guaranteed.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
dr
On Fri, Jan 18, 2019 at 10:55:52PM +, Al Viro wrote:
> On Fri, Jan 18, 2019 at 03:53:41PM +0100, Christian Brauner wrote:
> > We don't allow to unlink it since it is crucial for binderfs to be useable
> > but if we allow to rename it we make the unlink trivial to by
On Fri, Jan 18, 2019 at 11:03:54PM +, Al Viro wrote:
> On Fri, Jan 18, 2019 at 03:53:42PM +0100, Christian Brauner wrote:
> > static int binderfs_fill_super(struct super_block *sb, void *data, int
> > silent)
> > {
> > + int ret;
> > struct bin
On Fri, Jan 18, 2019 at 11:26:34PM +, Al Viro wrote:
> On Fri, Jan 18, 2019 at 03:53:39PM +0100, Christian Brauner wrote:
> > Hey everyone,
> >
> > Al gave me a really helpful review of binderfs and pointed out a range
> > of bugs. The most obvious and serious on
Christian
Christian Brauner (7):
binderfs: remove outdated comment
binderfs: prevent renaming the control dentry
binderfs: rework binderfs_fill_super()
binderfs: rework binderfs_binder_device_create()
binderfs: kill_litter_super() before cleanup
binderfs: drop lock in binderfs_binder_
The comment stems from an early version of that patchset and is just
confusing now.
Cc: Al Viro
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- patch unchanged
---
drivers/android/binderfs.c | 4
1 file changed, 4 deletions(-)
diff --git a/drivers/android/binderfs.c b/drivers
up on error.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- correctly grab and stash a reference to task's ipc_ns to prevent leaks
- replace d_alloc_name() + d_lookup() combination with lookup_one_len()
- replace kmalloc() + strscpy() with kmemdup()
---
drive
1 R14: ff9c R15: 00c0bc60
Cc: Al Viro
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- patch introduced
---
drivers/android/binderfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/android/binderfs.c b/drivers/android
ction down to first check whether we're trying to rename the
control dentry. If we do EPERM the caller and if not call simple_rename().
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- simplify is_binderfs_control_device() to only take a dentry argument
in
The binderfs_binder_ctl_create() call is a no-op on subsequent calls and
the first call is done before we unlock the suberblock. Hence, there is no
need to take inode_lock() in there. Let's remove it.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
Note, that fs/de
Al pointed out that first calling kill_litter_super() before cleaning up
info is more correct since destroying info doesn't depend on the state of
the dentries and inodes. That the opposite remains true is not guaranteed.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
/* Chan
eturn the existing dentry or a new one.
- switch from kmalloc() + strscpy() to kmemdup():
Use a more idiomatic way to copy the name for the new dentry that
userspace gave us.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
---
/* Changelog */
v1:
- patch introduced
---
drivers/an
We allow more then 255 binderfs binder devices to be created since there
are workloads that require more than that. If we use __u8 we'll overflow
after 255. So let's use a __u32.
Note that there's no released kernel with binderfs out there so this is
not a regression.
Signed-of
When we switched over from binder_ctl.h to binderfs.h we forgot to change
the include guards. It's minor but it's obviously correct.
Signed-off-by: Christian Brauner
---
include/uapi/linux/android/binderfs.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/in
On Thu, Jan 17, 2019 at 12:48:54PM +0100, Christian Brauner wrote:
> This adds the promised selftest for binderfs. It will verify the following
> things:
> - binderfs mounting works
> - binder device allocation works
> - performing a binder ioctl() request through a binder
binderfs_binder_ctl_create() that we perform in
binderfs_binder_device_create().
Fixes: 36bdf3cae09d ("binderfs: reserve devices for initial mount")
Signed-off-by: Christian Brauner
---
drivers/android/binderfs.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git
="".
When CONFIG_ANDROID_BINDERFS=n then this always succeeds so there's no
regression potential for legacy workloads.
Signed-off-by: Christian Brauner
---
drivers/android/binder.c | 4
drivers/android/binder_internal.h | 9 +
drivers/android/binderfs.c|
On Wed, Jan 23, 2019 at 07:15:01AM -0700, shuah wrote:
> On 1/23/19 4:00 AM, Greg KH wrote:
> > On Wed, Jan 23, 2019 at 11:54:58AM +0100, Christian Brauner wrote:
> > > On Thu, Jan 17, 2019 at 12:48:54PM +0100, Christian Brauner wrote:
> > > > This adds the promised
R15: 55b629ebec60
So check for the empty string since strsep() will otherwise return the
emtpy string which will cause kobject_add_internal() to panic when trying
to add a kobject with an emtpy name.
Fixes: ac4812c5ffbb ("binder: Support multiple /dev instances")
Cc: Martij
On Wed, Jan 30, 2019 at 03:24:12PM +0100, Greg KH wrote:
> On Wed, Jan 23, 2019 at 12:41:16PM +0100, Christian Brauner wrote:
> > binderfs should not have a separate device_initcall(). When a kernel is
> > compiled with CONFIG_ANDROID_BINDERFS register the files
="".
When CONFIG_ANDROID_BINDERFS=n then this always succeeds so there's no
regression potential for legacy workloads.
Signed-off-by: Christian Brauner
---
/* Changelog */
- ensure that device_name is set to NULL so kfree() doesn't freak out
---
drivers/android/binder.c
1 - 100 of 168 matches
Mail list logo
