xavi/android_kernel_m2note - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Incorrect the handling of async transactions.	songjinshi	2017-06-28	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Consider the following sequence of events: 1. Binder thread A1 receive an async transaction T1 and return to user space to execute 2. Another process's thread A2 request an async transaction T2, T2 and T1 belongs a same target_node, so it will be place to the async_todo of the target_node 3. A1 execute done the T1 and write a BC_FREE_BUFFER to mOut 4. A1 continue execute the processPendingDerefs and destruct a BBinder B1 5. B1's destruct function request a sync BC_TRANSACTION T3 and running into binder driver 6. The BC_FREE_BUFFER will be executed first, it move the T2 to A1's todo 7. Then the T3 will be executed, and it add a BR_TRANSACTION_COMPLETE to A1's todo 8. A1 will read the todo after write done, it will got T2 and return to user space to execute. 9. T3's BR_REPLY be place to A1's todo,now the A1's todo has two BR, first one is BR_TRANSACTION_COMPLETE,another one is BR_REPLY 10. T2 in execute process will request an async transaction T4 and running into binder driver 11. A1 will place the T4 to target list and add a BR_TRANSACTION_COMPLETE to the self's todo,now the A1's todo has three BR,first one is BR_TRANSACTION_COMPLETE,second one is BR_REPLY,the third one is BR_TRANSACTION_COMPLETE 12. A1 will read the todo after write done. it will got BR_TRANSACTION_COMPLETE and BR_REPLY,then return to the user space to execute,because the T4 is an async transaction so it will consume a BR_TRANSACTION_COMPLETE and exit the waitForResponse,then return to the T3's waitForResponse 13. T3 will consume a BR_REPLY and exit the waitForResponse,because it is a sync transaction, now the A1's todo still have a BR_TRANSACTION_COMPLETE 14. A1 continue execute the getAndExecuteCommand and talkWithDriver,it will got a BR_TRANSACTION_COMPLETE and return to user space to execute 15. A1 continue execute executeCommand, it will running into the default label of the switch and return an UNKNOWN_ERROR 16. A1 will check the results of the getAndExecuteCommand,if the UNKNOWN_ERROR occurs it will abort self. So we should move the async transaction to proc's todo when execute the BC_FREE_BUFFER to avoid the BAD CMD issue caused by sync transactions nested async transactions, move to the proc's todo will make the binder thread load balancing, and enhance the parallel capacity, the current binder thread will be execute it if the proc's todo have other transaction and the async transaction will be move to the tail of the proc's todo and waiting for execute of the other binder thread or current binder thread, so always only one binder thread to execute the async transactions, if another binder thread to got the async transaction to execute the current binder thread will idle, if no one another thread to got the async transction, the current thread will got it in the binder_thread_read after binder_thread_write execute done. https://code.google.com/p/android/issues/detail?id=228385 Signed-off-by: songjinshi <songjinshi@xiaomi.com>
*	binder: merge aosp-common/3.10 binder drivers (uptodate)	Mister Oyster	2017-06-18	2	-571/+1375
\|
*	binder: remove unused var	Mister Oyster	2017-05-29	1	-1/+0
\| \| \| \| \| \|	../../../../../../kernel/meizu/m2note/drivers/android/binder.c:63:14: warning: 'system_server_pid' defined but not used [-Wunused-variable] static pid_t system_server_pid;
*	binder: Quiet Binder	Uma Maheshwari Bhiram	2017-05-29	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	Temporary change to avoid watchdog bark because of excessive failed transaction logging CRs-Fixed: 572081 Change-Id: Id664d65ab9e78627991f8b7d4f4e5e126908c214 Signed-off-by: Uma Maheshwari Bhiram <ubhira@codeaurora.org>
*	mtk: binder: remove debug stuff to ease future merge	Mister Oyster	2017-05-28	1	-2392/+11
\|
*	mtk: binder: 3.10 updates	Mister Oyster	2017-05-28	1	-43/+41
\|
*	Staging: android: binder: Remove support for old 32 bit binder protocol.	Arve Hjønnevåg	2017-05-07	2	-17/+0
\| \| \| \| \| \|	Change-Id: I371072175a298282254a21ea69503b9d75633dc5 Signed-off-by: Arve Hjønnevåg <arve@android.com> Signed-off-by: Mister Oyster <oysterized@gmail.com>
*	android: binder: fix duplicate error return.	Riley Andrews	2017-04-30	1	-1/+1
\| \| \| \| \| \| \| \|	Duplicate errors can be returned to userspace when the thread error code is left set when the read buffer runs out of space. Change-Id: I921effcb6a7d620841177741a5ad5784acc7a907 Signed-off-by: Riley Andrews <riandrews@google.com>
*	Security patches	fire855	2017-04-16	1	-15/+24
\| \| \| \|	Signed-off-by: Mister Oyster <oysterized@gmail.com>
*	binder: use group leader instead of open thread	Martijn Coenen	2017-04-11	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The binder allocator assumes that the thread that called binder_open will never die for the lifetime of that proc. That thread is normally the group_leader, however it may not be. Use the group_leader instead of current. Bug: 35707103 Test: Created test case to open with temporary thread Change-Id: Id693f74b3591f3524a8c6e9508e70f3e5a80c588 Signed-off-by: Todd Kjos <tkjos@google.com> Signed-off-by: Martijn Coenen <maco@android.com>
*	binder: blacklist %p kptr_restrict	Nick Desaulniers	2017-04-11	1	-13/+13
\| \| \| \| \| \| \| \| \|	Bug: 31495231 Change-Id: Iebc150f6bc939b56e021424ee44fb30ce8d732fd [d-cagle@codeaurora.org: Applied to correct file location] Git-repo: https://android.googlesource.com/kernel/msm.git Git-commit: 0804d7840364fc1a93652632bd43a93c055c658e Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
*	binder: blacklist %p kptr_restrict	fire855	2017-04-11	1	-12/+12
\|
*	Binder: fix build warning	Anmin Hsu	2016-12-25	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	[Detail] db_flag is not included in CONFIG_MTK_AEE_FEATURE macro define. [Solution] Add CONFIG_MTK_AEE_FEATURE macro define to db_flag [Feature] Binder MTK-Commit-Id: 7c2be71301a506592b997e575103a29f8352ba6c Change-Id: I5bca795883c63980384ab5ce50edd64562acc511 Signed-off-by: mtk09083 <ian.hou@mediatek.com> CR-Id: ALPS02319875
*	android: drivers: workaround debugfs race in binder	Riley Andrews	2016-11-17	1	-17/+9
\| \| \| \| \| \| \| \| \| \| \| \| \|	If a /d/binder/proc/[pid] entry is kept open after linux has torn down the associated process, binder_proc_show can deference an invalid binder_proc that has been stashed in the debugfs inode. Validate that the binder_proc ptr passed into binder_proc_show has not been freed by looking for it within the global process list whilst the global lock is held. If the ptr is not valid, print nothing. Bug 19587483 Change-Id: Ice878c171db51ef9a4879c2f9299a2deb873d255 Signed-off-by: Riley Andrews <riandrews@android.com>
*	ANDROID: binder: Clear binder and cookie when setting handle in flat binder ↵	Arve Hjønnevåg	2016-11-07	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \|	struct Prevents leaking pointers between processes BUG: 30768347 Change-Id: Id898076926f658a1b8b27a3ccb848756b36de4ca Signed-off-by: Arve Hjønnevåg <arve@android.com> Ticket: PORRIDGE-499
*	binder: prevent kptr leak by using %pK format specifier	Nick Desaulniers	2016-11-07	1	-1/+1
\| \| \| \| \| \| \| \|	Works in conjunction with kptr_restrict. Bug: 30143283 Change-Id: I2b3ce22f4e206e74614d51453a1d59b7080ab05a (cherry picked from commit 7905a759cc685b58078483013cc584dc8327d118)
*	first commit	Meizu OpenSource	2016-08-15	4	-0/+6482