Use vma->file_ref_count to protect vma->vm_file from destruction during
speculative page fault handling.
Bug: 234527424
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I0ebebcafe5f50444e582ec5835eb6005fa85f5b1
Use vma->file_ref_count to protect vma->vm_file from destruction during
speculative page fault handling.
Bug: 234527424
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Icdd558532872095869f9106cc7e4b7e07dc46748
Use vma->file_ref_count to protect vma->vm_file from destruction during
speculative page fault handling.
Bug: 234527424
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I4c826fd5ef45576566e1eb8f8f23d17e620e7fc9
In order to prevent destruction of vma->vm_file while it's being used
during speculative page fault handling, introduce an atomic refcounter.
Bug: 234527424
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I0e971156f3e76feb45136bac1582a7eaab8c75df
We've recently added a .data section for the hypervisor, which kmemleak
is eager to parse. This clearly doesn't go well, so add the section to
kmemleak's block list.
Bug: 232768943
Bug: 235903024
Signed-off-by: Quentin Perret <qperret@google.com>
Change-Id: I29d81cb1246c590bd5203d560ea369e5f29d59b0
Single memory zone feature will remove ZONE_DMA32 and ZONE_DMA and
cause pgtable PA size larger than 32bit.
Since Mediatek IOMMU hardware support at most 35bit PA in pgtable,
so add a quirk to allow the PA of pgtables support up to bit35.
Signed-off-by: Ning Li <ning.li@mediatek.com>
Link: https://lore.kernel.org/linux-mediatek/20220616120713.12728-2-yf.wang@mediatek.com/
Bug: 235767992
Signed-off-by: Yunfei Wang <yf.wang@mediatek.com>
Change-Id: I5dd226507bfbbbe85cb00aa27d03cd3592740055
Add vendor hook to get signal for vendor-specific tuning.
Conflicts:
drivers/android/vendor_hooks.c
Bug: 184898838
Signed-off-by: Zhuguangqing <zhuguangqing@xiaomi.com>
Change-Id: I83a28b0a6eb413976f4c57f2314d008ad792fa0d
(cherry picked from commit d623f1ff72)
Export is_ashmem_file function which will be used
by the minidump module to get ashmem info.
Bug: 193397560
Change-Id: I5b7816ad4775e5cf2c4f41c28b1c8dacc2c85b7e
Signed-off-by: liuhailong <liuhailong@oppo.com>
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
(cherry picked from commit 7bcfde2601)
In following scenario(diagram), when one thread X running dev_coredumpm()
adds devcd device to the framework which sends uevent notification to
userspace and another thread Y reads this uevent and call to
devcd_data_write() which eventually try to delete the queued timer that
is not initialized/queued yet.
So, debug object reports some warning and in the meantime, timer is
initialized and queued from X path. and from Y path, it gets reinitialized
again and timer->entry.pprev=NULL and try_to_grab_pending() stucks.
To fix this, introduce mutex and a boolean flag to serialize the behaviour.
cpu0(X) cpu1(Y)
dev_coredump() uevent sent to user space
device_add() ======================> user space process Y reads the
uevents writes to devcd fd
which results into writes to
devcd_data_write()
mod_delayed_work()
try_to_grab_pending()
del_timer()
debug_assert_init()
INIT_DELAYED_WORK()
schedule_delayed_work()
debug_object_fixup()
timer_fixup_assert_init()
timer_setup()
do_init_timer()
/*
Above call reinitializes
the timer to
timer->entry.pprev=NULL
and this will be checked
later in timer_pending() call.
*/
timer_pending()
!hlist_unhashed_lockless(&timer->entry)
!h->pprev
/*
del_timer() checks h->pprev and finds
it to be NULL due to which
try_to_grab_pending() stucks.
*/
Bug: 235577024
Change-Id: I5e86abf72e8dff6952ba493fd9f43a26b2b40352
Link: https://lore.kernel.org/lkml/2e1f81e2-428c-f11f-ce92-eb11048cb271@quicinc.com/
Link: https://lore.kernel.org/lkml/1653660220-19197-1-git-send-email-quic_mojha@quicinc.com/
Signed-off-by: Mukesh Ojha <quic_mojha@quicinc.com>
The reserved_mem array must be statically allocated because it is used
prior to memblock being aware of all "no-map" or otherwise reserved
regions which have fixed physical addresses. Due to this limitation,
if one architecture/board has a large number of reserved_mem regions,
this limit must be raised for all.
In particular, certain new qcom boards currently have 63 reserved memory
regions, which when new features are added, pushes them over the existing
limit of 64.
A generalized breakdown by region type:
13 for linux-loaded device firmware
9 for guest-vms or inter-vm communication
15 cma heaps/dma-buf heaps
24 for bootloaders/hypervisor/secure-world devices or software
2 misc
Although this number could be reduced by a minor amount by combining
physically adjacent regions, this comes at the cost of losing
documention on what/who the regions are used by. In addition, combining
adjacent regions is not possible if there are phandles in devicetree
refering to the regions in question, such as "memory-region".
Vmlinux size before:
text data bss dec hex filename
31030829 15807732 588524 47427085 2d3ae0d dist/vmlinux
text data bss dec hex filename
31030877 15807668 592108 47430653 2d3bbfd dist/vmlinux
Bug: 229767760
Link: https://lore.kernel.org/linux-devicetree/1650488954-26662-1-git-send-email-quic_pdaly@quicinc.com/T/#u
Change-Id: I2bdc6ad1ecfe273aad3c72390283b6d1247b18c3
Signed-off-by: Patrick Daly <quic_pdaly@quicinc.com>
Signed-off-by: Sukadev Bhattiprolu <quic_sukadev@quicinc.com>
This reverts commit c555553a40d6795e0c5d18b8ee94ac516a0aef09.
Reason for revert: The binaries, and /sbin/ is not even present on Android systems. This patch was never tested :(
Bug: 202192667
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia1c35eba4a89a62ba678d8004742563372d3d920
This fixes the following build error:
ERROR: modules list out of date
Update it with:
cp [...]/out/android13-5.15/common/modules.order common/android/gki_aarch64_fips140_modules
Bug: 188620248
Change-Id: I5e06053001a3ea3cf488e9ad0af8f6e4af2de0a2
Signed-off-by: Eric Biggers <ebiggers@google.com>
There are two tracepoints in dwc3_readl() and dwc3_writel().
This patch will export the tracepoints so that vendor modules
can use them.
Bug: 184920962
Signed-off-by: Ray Chi <raychi@google.com>
Change-Id: I1170d853be1fa1c47afbba133567b1996418d8e8
To use the tracepoint in kernel module, add EXPORT_TRACE_SYMBOL_GPL to
export the dwc3_ep_queue tracepoint.
Bug: 181736013
Change-Id: I211e747e10d232342cbaf877d7ad670c60e3ad0f
Signed-off-by: Oh Eomji <eomji.oh@samsung.com>
DWC3 controller soft reset is important operation for USB functionality.
In case when it fails, currently there is no failure log. Hence add
error log when core soft reset failed.
Signed-off-by: Mayank Rana <quic_mrana@quicinc.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 235863377
(cherry picked from commit 859bdc3595)
Change-Id: I60500f66af47d93cf9d60bdecab32e6dc48d4b7c
Signed-off-by: Mayank Rana <quic_mrana@quicinc.com>
When watchdog or anr occur, we need to read
dev/binderfs/binder_logs/proc/pid or dev/binderfs/binder_logs/state
node to know the time-consuming information of the binder call.
We need to add the time-consuming information of binder transaction.
Bug: 190413570
Signed-off-by: zhang chuang <zhangchuang3@xiaomi.com>
Change-Id: I0423d4e821d5cd725a848584133dc7245cbc233a
(cherry picked from commit eabe9707f2)
Signed-off-by: Carlos Llamas <cmllamas@google.com>
[cmllamas: fix trivial merge conflict in vendor_hooks.c]
Need this vendor hook to support patial init functionality. This hook needs to be restricted as the additional vendor handling need to perform operations (such as wait_for_completion) in non-atomic context.
One of the main functionality of Partial init feature is to reduce latency during resume.
Bug: 231654364
Link: https://lore.kernel.org/lkml/ea318551ec0b43429ce47bfac9ebf285@quicinc.com/#r
Change-Id: Ia1cb0b7173db3318d2d6686f4bd4719f3cfefd8b
Signed-off-by: kamasali <quic_kamasali@quicinc.com>
Add hooks to init oem data of mutex.
Bug: 231527236
Signed-off-by: Dezhi Huang <huangdezhi@hihonor.com>
Change-Id: Id0aeac168e81bd3d88051657c32ba709c329dbdd
Some SoC(e.g NXP imx8MQ) may have a wrong default power down scale
setting so need init it to be the correct value, the power down
scale setting description in DWC3 databook:
Power Down Scale (PwrDnScale)
The USB3 suspend_clk input replaces pipe3_rx_pclk as a clock source to
a small part of the USB3 core that operates when the SS PHY is in its
lowest power (P3) state, and therefore does not provide a clock.
The Power Down Scale field specifies how many suspend_clk periods fit
into a 16 kHz clock period. When performing the division, round up the
remainder.
For example, when using an 8-bit/16-bit/32-bit PHY and 25-MHz Suspend
clock,
Power Down Scale = 25000 kHz/16 kHz = 13'd1563 (rounder up)
So use the suspend clock rate to calculate it.
Reviewed-by: Thinh Nguyen <Thinh.Nguyen@synopsys.com>
Signed-off-by: Li Jun <jun.li@nxp.com>
Link: https://lore.kernel.org/r/1654568404-3461-1-git-send-email-jun.li@nxp.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 234219431
(cherry picked from commit 3497b9a5c8
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing)
[jindong: rebase to v5.15, get "suspend" clk from of to replace nonexistent dwc->susp_clk]
Change-Id: I0ce2c8041810d4add84b628fc8c3964063aacd5c
Signed-off-by: Jindong Yue <jindong.yue@nxp.com>
Add hook to tcp/udp to collect network info and do performance tuning.
Bug: 190523684
Change-Id: Id790a381d5ce6c35a747697510f14678ccf3ff2f
Signed-off-by: Liangliang Li <liliangliang@vivo.com>
(cherry picked from commit 81c8161bed)
We want to get binder free space information in the binder
transaction, but this needs to hold the mutex lock. So we add
this restrict hook to do this.
Bug: 205648032
Change-Id: Ie1f377018da686bd62f5ac2d1e5421899741e6d5
Signed-off-by: Liangliang Li <liliangliang@vivo.com>
(cherry picked from commit 2f3f5731de)
During a reply, the target gets woken up and then the priority of the
replier is restored. The order is such to allow the target to process
the reply ASAP. Otherwise, we risk the sender getting scheduled out
before the wakeup happens. This strategy reduces transaction latency.
However, a subsequent transaction from the same target could be started
before the priority of the replier gets restored. At this point we save
the wrong priority and it gets reinstated at the end of the transaction.
This patch allows the incoming transaction to detect the race condition
and save the correct next priority. Additionally, the replier will abort
its pending priority restore which allows the new transaction to always
run at the desired priority.
Bug: 148101660
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: I6fec41ae1a1342023f78212ab1f984e26f068221
(cherry picked from commit cac827f261)
[cmllamas: fixed trivial merge conflict]
Refactor binder priority functions to take in 'struct binder_thread *'
instead of just 'struct task_struct *'. This allows access to other
thread fields used in subsequent patches. In any case, the same task
reference is still available under thread->task.
There is no functional impact from this patch.
Bug: 148101660
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: I67b599884580d957d776500e467827e5035c99f6
(cherry picked from commit 759d98484b)
Avoid making unnecessary stack copies of struct binder_priority and pass
the argument by reference instead. Rename 'desired_prio' to 'desired' to
match the usage in other priority functions.
There is no functional impact from this patch.
Bug: 148101660
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: I66ff5305296e7b9dba56ed265236f2af518f66e0
(cherry picked from commit 52d85f8a16)
The setup of node_prio is always the same, so just fold this logic into
binder_transaction_priority() to avoid duplication. Let's pass the node
reference instead, which also gives access to node->inherit_rt.
There is no functional impact from this patch.
Bug: 148101660
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: Ib390204556e69c4bc8492cd9cd873773f9cdce42
(cherry picked from commit 498bf715b7)
Add a hook in account_process_tick, which help us to get information
about the high load task and the cpu they running on.
Bug: 183260319
Change-Id: I54162ce3c65bd69e08d2d4747e4d4883efe4c442
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
(cherry picked from commit 63399b4e2e)
