Lines Matching full:proc
15 * 1) proc->outer_lock : protects binder_ref
21 * 3) proc->inner_lock : protects the thread and node lists
22 * (proc->threads, proc->waiting_threads, proc->nodes)
24 * (proc->todo, thread->todo, proc->delivered_death and
37 * foo_ilocked() : requires proc->inner_lock
38 * foo_oilocked(): requires proc->outer_lock and proc->inner_lock
39 * foo_nilocked(): requires node->lock and proc->inner_lock
93 DEFINE_SHOW_ATTRIBUTE(proc);
264 * @proc: struct binder_proc to acquire
266 * Acquires proc->outer_lock. Used to protect binder_ref
267 * structures associated with the given proc.
269 #define binder_proc_lock(proc) _binder_proc_lock(proc, __LINE__) argument
271 _binder_proc_lock(struct binder_proc *proc, int line) in _binder_proc_lock() argument
272 __acquires(&proc->outer_lock) in _binder_proc_lock()
276 spin_lock(&proc->outer_lock); in _binder_proc_lock()
281 * @proc: struct binder_proc to acquire
285 #define binder_proc_unlock(proc) _binder_proc_unlock(proc, __LINE__) argument
287 _binder_proc_unlock(struct binder_proc *proc, int line) in _binder_proc_unlock() argument
288 __releases(&proc->outer_lock) in _binder_proc_unlock()
292 spin_unlock(&proc->outer_lock); in _binder_proc_unlock()
297 * @proc: struct binder_proc to acquire
299 * Acquires proc->inner_lock. Used to protect todo lists
301 #define binder_inner_proc_lock(proc) _binder_inner_proc_lock(proc, __LINE__) argument
303 _binder_inner_proc_lock(struct binder_proc *proc, int line) in _binder_inner_proc_lock() argument
304 __acquires(&proc->inner_lock) in _binder_inner_proc_lock()
308 spin_lock(&proc->inner_lock); in _binder_inner_proc_lock()
313 * @proc: struct binder_proc to acquire
317 #define binder_inner_proc_unlock(proc) _binder_inner_proc_unlock(proc, __LINE__) argument
319 _binder_inner_proc_unlock(struct binder_proc *proc, int line) in _binder_inner_proc_unlock() argument
320 __releases(&proc->inner_lock) in _binder_inner_proc_unlock()
324 spin_unlock(&proc->inner_lock); in _binder_inner_proc_unlock()
363 * Acquires node->lock. If node->proc also acquires
364 * proc->inner_lock. Used to protect binder_node fields
369 __acquires(&node->lock) __acquires(&node->proc->inner_lock) in _binder_node_inner_lock()
374 if (node->proc) in _binder_node_inner_lock()
375 binder_inner_proc_lock(node->proc); in _binder_node_inner_lock()
378 __acquire(&node->proc->inner_lock); in _binder_node_inner_lock()
390 __releases(&node->lock) __releases(&node->proc->inner_lock) in _binder_node_inner_unlock()
392 struct binder_proc *proc = node->proc; in _binder_node_inner_unlock() local
396 if (proc) in _binder_node_inner_unlock()
397 binder_inner_proc_unlock(proc); in _binder_node_inner_unlock()
400 __release(&node->proc->inner_lock); in _binder_node_inner_unlock()
411 * @proc: binder_proc associated with list
416 static bool binder_worklist_empty(struct binder_proc *proc, in binder_worklist_empty() argument
421 binder_inner_proc_lock(proc); in binder_worklist_empty()
423 binder_inner_proc_unlock(proc); in binder_worklist_empty()
435 * Requires the proc->inner_lock to be held.
455 * Requires the proc->inner_lock to be held.
473 * Requires the proc->inner_lock to be held.
506 binder_inner_proc_lock(thread->proc); in binder_enqueue_thread_work()
508 binder_inner_proc_unlock(thread->proc); in binder_enqueue_thread_work()
519 * @proc: binder_proc associated with list
526 binder_dequeue_work(struct binder_proc *proc, struct binder_work *work) in binder_dequeue_work() argument
528 binder_inner_proc_lock(proc); in binder_dequeue_work()
530 binder_inner_proc_unlock(proc); in binder_dequeue_work()
545 binder_defer_work(struct binder_proc *proc, enum binder_deferred_state defer);
547 static void binder_free_proc(struct binder_proc *proc);
556 !binder_worklist_empty_ilocked(&thread->proc->todo)); in binder_has_work_ilocked()
563 binder_inner_proc_lock(thread->proc); in binder_has_work()
565 binder_inner_proc_unlock(thread->proc); in binder_has_work()
576 static void binder_wakeup_poll_threads_ilocked(struct binder_proc *proc, in binder_wakeup_poll_threads_ilocked() argument
582 for (n = rb_first(&proc->threads); n != NULL; n = rb_next(n)) { in binder_wakeup_poll_threads_ilocked()
595 * binder_select_thread_ilocked() - selects a thread for doing proc work.
596 * @proc: process to select a thread from
607 binder_select_thread_ilocked(struct binder_proc *proc) in binder_select_thread_ilocked() argument
611 assert_spin_locked(&proc->inner_lock); in binder_select_thread_ilocked()
612 thread = list_first_entry_or_null(&proc->waiting_threads, in binder_select_thread_ilocked()
623 * binder_wakeup_thread_ilocked() - wakes up a thread for doing proc work.
624 * @proc: process to wake up a thread in
628 * This function wakes up a thread in the @proc process.
638 static void binder_wakeup_thread_ilocked(struct binder_proc *proc, in binder_wakeup_thread_ilocked() argument
642 assert_spin_locked(&proc->inner_lock); in binder_wakeup_thread_ilocked()
652 /* Didn't find a thread waiting for proc work; this can happen in binder_wakeup_thread_ilocked()
665 binder_wakeup_poll_threads_ilocked(proc, sync); in binder_wakeup_thread_ilocked()
668 static void binder_wakeup_proc_ilocked(struct binder_proc *proc) in binder_wakeup_proc_ilocked() argument
670 struct binder_thread *thread = binder_select_thread_ilocked(proc); in binder_wakeup_proc_ilocked()
672 binder_wakeup_thread_ilocked(proc, thread, /* sync = */false); in binder_wakeup_proc_ilocked()
693 static struct binder_node *binder_get_node_ilocked(struct binder_proc *proc, in binder_get_node_ilocked() argument
696 struct rb_node *n = proc->nodes.rb_node; in binder_get_node_ilocked()
699 assert_spin_locked(&proc->inner_lock); in binder_get_node_ilocked()
721 static struct binder_node *binder_get_node(struct binder_proc *proc, in binder_get_node() argument
726 binder_inner_proc_lock(proc); in binder_get_node()
727 node = binder_get_node_ilocked(proc, ptr); in binder_get_node()
728 binder_inner_proc_unlock(proc); in binder_get_node()
733 struct binder_proc *proc, in binder_init_node_ilocked() argument
737 struct rb_node **p = &proc->nodes.rb_node; in binder_init_node_ilocked()
744 assert_spin_locked(&proc->inner_lock); in binder_init_node_ilocked()
769 rb_insert_color(&node->rb_node, &proc->nodes); in binder_init_node_ilocked()
771 node->proc = proc; in binder_init_node_ilocked()
783 proc->pid, current->pid, node->debug_id, in binder_init_node_ilocked()
789 static struct binder_node *binder_new_node(struct binder_proc *proc, in binder_new_node() argument
797 binder_inner_proc_lock(proc); in binder_new_node()
798 node = binder_init_node_ilocked(proc, new_node, fp); in binder_new_node()
799 binder_inner_proc_unlock(proc); in binder_new_node()
819 struct binder_proc *proc = node->proc; in binder_inc_node_nilocked() local
822 if (proc) in binder_inc_node_nilocked()
823 assert_spin_locked(&proc->inner_lock); in binder_inc_node_nilocked()
828 !(node->proc && in binder_inc_node_nilocked()
829 node == node->proc->context->binder_context_mgr_node && in binder_inc_node_nilocked()
879 struct binder_proc *proc = node->proc; in binder_dec_node_nilocked() local
882 if (proc) in binder_dec_node_nilocked()
883 assert_spin_locked(&proc->inner_lock); in binder_dec_node_nilocked()
899 if (proc && (node->has_strong_ref || node->has_weak_ref)) { in binder_dec_node_nilocked()
901 binder_enqueue_work_ilocked(&node->work, &proc->todo); in binder_dec_node_nilocked()
902 binder_wakeup_proc_ilocked(proc); in binder_dec_node_nilocked()
907 if (proc) { in binder_dec_node_nilocked()
909 rb_erase(&node->rb_node, &proc->nodes); in binder_dec_node_nilocked()
965 * (node->proc is NULL), use binder_dead_nodes_lock to protect
973 if (node->proc) in binder_inc_node_tmpref()
974 binder_inner_proc_lock(node->proc); in binder_inc_node_tmpref()
978 if (node->proc) in binder_inc_node_tmpref()
979 binder_inner_proc_unlock(node->proc); in binder_inc_node_tmpref()
996 if (!node->proc) in binder_dec_node_tmpref()
1002 if (!node->proc) in binder_dec_node_tmpref()
1023 static struct binder_ref *binder_get_ref_olocked(struct binder_proc *proc, in binder_get_ref_olocked() argument
1026 struct rb_node *n = proc->refs_by_desc.rb_node; in binder_get_ref_olocked()
1047 static u32 slow_desc_lookup_olocked(struct binder_proc *proc, u32 offset) in slow_desc_lookup_olocked() argument
1054 for (n = rb_first(&proc->refs_by_desc); n; n = rb_next(n)) { in slow_desc_lookup_olocked()
1065 * Find an available reference descriptor ID. The proc->outer_lock might
1069 static int get_ref_desc_olocked(struct binder_proc *proc, in get_ref_desc_olocked() argument
1073 struct dbitmap *dmap = &proc->dmap; in get_ref_desc_olocked()
1078 offset = (node == proc->context->binder_context_mgr_node) ? 0 : 1; in get_ref_desc_olocked()
1081 *desc = slow_desc_lookup_olocked(proc, offset); in get_ref_desc_olocked()
1091 * The dbitmap is full and needs to grow. The proc->outer_lock in get_ref_desc_olocked()
1095 binder_proc_unlock(proc); in get_ref_desc_olocked()
1097 binder_proc_lock(proc); in get_ref_desc_olocked()
1105 * @proc: binder_proc that owns the ref
1113 * into the given proc rb_trees and node refs list.
1122 struct binder_proc *proc, in binder_get_ref_for_node_olocked() argument
1132 p = &proc->refs_by_node.rb_node; in binder_get_ref_for_node_olocked()
1148 /* might release the proc->outer_lock */ in binder_get_ref_for_node_olocked()
1149 if (get_ref_desc_olocked(proc, node, &desc) == -EAGAIN) in binder_get_ref_for_node_olocked()
1154 new_ref->proc = proc; in binder_get_ref_for_node_olocked()
1157 rb_insert_color(&new_ref->rb_node_node, &proc->refs_by_node); in binder_get_ref_for_node_olocked()
1160 p = &proc->refs_by_desc.rb_node; in binder_get_ref_for_node_olocked()
1173 rb_insert_color(&new_ref->rb_node_desc, &proc->refs_by_desc); in binder_get_ref_for_node_olocked()
1180 proc->pid, new_ref->data.debug_id, new_ref->data.desc, in binder_get_ref_for_node_olocked()
1188 struct dbitmap *dmap = &ref->proc->dmap; in binder_cleanup_ref_olocked()
1193 ref->proc->pid, ref->data.debug_id, ref->data.desc, in binder_cleanup_ref_olocked()
1198 rb_erase(&ref->rb_node_desc, &ref->proc->refs_by_desc); in binder_cleanup_ref_olocked()
1199 rb_erase(&ref->rb_node_node, &ref->proc->refs_by_node); in binder_cleanup_ref_olocked()
1223 ref->proc->pid, ref->data.debug_id, in binder_cleanup_ref_olocked()
1225 binder_dequeue_work(ref->proc, &ref->death->work); in binder_cleanup_ref_olocked()
1230 binder_dequeue_work(ref->proc, &ref->freeze->work); in binder_cleanup_ref_olocked()
1243 * Increment the ref. @ref->proc->outer_lock must be held on entry
1284 ref->proc->pid, ref->data.debug_id, in binder_dec_ref_olocked()
1295 ref->proc->pid, ref->data.debug_id, in binder_dec_ref_olocked()
1310 * binder_get_node_from_ref() - get the node from the given proc/desc
1311 * @proc: proc containing the ref
1316 * Given a proc and ref handle, return the associated binder_node
1321 struct binder_proc *proc, in binder_get_node_from_ref() argument
1328 binder_proc_lock(proc); in binder_get_node_from_ref()
1329 ref = binder_get_ref_olocked(proc, desc, need_strong_ref); in binder_get_node_from_ref()
1340 binder_proc_unlock(proc); in binder_get_node_from_ref()
1345 binder_proc_unlock(proc); in binder_get_node_from_ref()
1366 static void try_shrink_dmap(struct binder_proc *proc) in try_shrink_dmap() argument
1371 binder_proc_lock(proc); in try_shrink_dmap()
1372 nbits = dbitmap_shrink_nbits(&proc->dmap); in try_shrink_dmap()
1373 binder_proc_unlock(proc); in try_shrink_dmap()
1379 binder_proc_lock(proc); in try_shrink_dmap()
1380 dbitmap_shrink(&proc->dmap, new, nbits); in try_shrink_dmap()
1381 binder_proc_unlock(proc); in try_shrink_dmap()
1386 * @proc: proc containing the ref
1392 * Given a proc and ref handle, increment or decrement the ref
1397 static int binder_update_ref_for_handle(struct binder_proc *proc, in binder_update_ref_for_handle() argument
1405 binder_proc_lock(proc); in binder_update_ref_for_handle()
1406 ref = binder_get_ref_olocked(proc, desc, strong); in binder_update_ref_for_handle()
1418 binder_proc_unlock(proc); in binder_update_ref_for_handle()
1422 try_shrink_dmap(proc); in binder_update_ref_for_handle()
1427 binder_proc_unlock(proc); in binder_update_ref_for_handle()
1433 * @proc: proc containing the ref
1442 static int binder_dec_ref_for_handle(struct binder_proc *proc, in binder_dec_ref_for_handle() argument
1445 return binder_update_ref_for_handle(proc, desc, false, strong, rdata); in binder_dec_ref_for_handle()
1450 * binder_inc_ref_for_node() - increment the ref for given proc/node
1451 * @proc: proc containing the ref
1457 * Given a proc and node, increment the ref. Create the ref if it
1462 static int binder_inc_ref_for_node(struct binder_proc *proc, in binder_inc_ref_for_node() argument
1472 binder_proc_lock(proc); in binder_inc_ref_for_node()
1473 ref = binder_get_ref_for_node_olocked(proc, node, NULL); in binder_inc_ref_for_node()
1475 binder_proc_unlock(proc); in binder_inc_ref_for_node()
1479 binder_proc_lock(proc); in binder_inc_ref_for_node()
1480 ref = binder_get_ref_for_node_olocked(proc, node, new_ref); in binder_inc_ref_for_node()
1496 binder_proc_unlock(proc); in binder_inc_ref_for_node()
1510 assert_spin_locked(&target_thread->proc->inner_lock); in binder_pop_transaction_ilocked()
1536 binder_inner_proc_lock(thread->proc); in binder_thread_dec_tmpref()
1539 binder_inner_proc_unlock(thread->proc); in binder_thread_dec_tmpref()
1543 binder_inner_proc_unlock(thread->proc); in binder_thread_dec_tmpref()
1547 * binder_proc_dec_tmpref() - decrement proc->tmp_ref
1548 * @proc: proc to decrement
1551 * handle a transaction. proc->tmp_ref is incremented when
1555 * proc if appropriate (proc has been released, all threads have
1558 static void binder_proc_dec_tmpref(struct binder_proc *proc) in binder_proc_dec_tmpref() argument
1560 binder_inner_proc_lock(proc); in binder_proc_dec_tmpref()
1561 proc->tmp_ref--; in binder_proc_dec_tmpref()
1562 if (proc->is_dead && RB_EMPTY_ROOT(&proc->threads) && in binder_proc_dec_tmpref()
1563 !proc->tmp_ref) { in binder_proc_dec_tmpref()
1564 binder_inner_proc_unlock(proc); in binder_proc_dec_tmpref()
1565 binder_free_proc(proc); in binder_proc_dec_tmpref()
1568 binder_inner_proc_unlock(proc); in binder_proc_dec_tmpref()
1598 * Same as binder_get_txn_from() except it also acquires the proc->inner_lock
1607 __acquires(&t->from->proc->inner_lock) in binder_get_txn_from_and_acq_inner()
1613 __acquire(&from->proc->inner_lock); in binder_get_txn_from_and_acq_inner()
1616 binder_inner_proc_lock(from->proc); in binder_get_txn_from_and_acq_inner()
1621 binder_inner_proc_unlock(from->proc); in binder_get_txn_from_and_acq_inner()
1622 __acquire(&from->proc->inner_lock); in binder_get_txn_from_and_acq_inner()
1655 from_proc = t->from ? t->from->proc->pid : 0; in binder_txn_latency_free()
1704 target_thread->proc->pid, in binder_send_failed_reply()
1724 binder_inner_proc_unlock(target_thread->proc); in binder_send_failed_reply()
1729 __release(&target_thread->proc->inner_lock); in binder_send_failed_reply()
1771 * @proc: binder_proc owning the buffer
1785 static size_t binder_get_object(struct binder_proc *proc, in binder_get_object() argument
1804 if (binder_alloc_copy_from_buffer(&proc->alloc, object, buffer, in binder_get_object()
1839 * @proc: binder_proc owning the buffer
1860 struct binder_proc *proc, in binder_validate_ptr() argument
1876 if (binder_alloc_copy_from_buffer(&proc->alloc, &object_offset, in binder_validate_ptr()
1880 object_size = binder_get_object(proc, NULL, b, object_offset, object); in binder_validate_ptr()
1891 * @proc: binder_proc owning the buffer
1928 static bool binder_validate_fixup(struct binder_proc *proc, in binder_validate_fixup() argument
1945 size_t object_size = binder_get_object(proc, NULL, b, in binder_validate_fixup()
1961 if (binder_alloc_copy_from_buffer(&proc->alloc, in binder_validate_fixup()
2032 static void binder_transaction_buffer_release(struct binder_proc *proc, in binder_transaction_buffer_release() argument
2043 proc->pid, buffer->debug_id, in binder_transaction_buffer_release()
2059 if (!binder_alloc_copy_from_buffer(&proc->alloc, &object_offset, in binder_transaction_buffer_release()
2062 object_size = binder_get_object(proc, NULL, buffer, in binder_transaction_buffer_release()
2077 node = binder_get_node(proc, fp->binder); in binder_transaction_buffer_release()
2097 ret = binder_dec_ref_for_handle(proc, fp->handle, in binder_transaction_buffer_release()
2147 parent = binder_validate_ptr(proc, buffer, &ptr_object, in binder_transaction_buffer_release()
2187 &proc->alloc, &fd, buffer, in binder_transaction_buffer_release()
2211 static inline void binder_release_entire_buffer(struct binder_proc *proc, in binder_release_entire_buffer() argument
2221 binder_transaction_buffer_release(proc, thread, buffer, in binder_release_entire_buffer()
2230 struct binder_proc *proc = thread->proc; in binder_translate_binder() local
2235 node = binder_get_node(proc, fp->binder); in binder_translate_binder()
2237 node = binder_new_node(proc, fp); in binder_translate_binder()
2243 proc->pid, thread->pid, (u64)fp->binder, in binder_translate_binder()
2249 if (security_binder_transfer_binder(proc->cred, target_proc->cred)) { in binder_translate_binder()
2282 struct binder_proc *proc = thread->proc; in binder_translate_handle() local
2288 node = binder_get_node_from_ref(proc, fp->handle, in binder_translate_handle()
2292 proc->pid, thread->pid, fp->handle); in binder_translate_handle()
2295 if (security_binder_transfer_binder(proc->cred, target_proc->cred)) { in binder_translate_handle()
2301 if (node->proc == target_proc) { in binder_translate_handle()
2308 if (node->proc) in binder_translate_handle()
2309 binder_inner_proc_lock(node->proc); in binder_translate_handle()
2311 __acquire(&node->proc->inner_lock); in binder_translate_handle()
2315 if (node->proc) in binder_translate_handle()
2316 binder_inner_proc_unlock(node->proc); in binder_translate_handle()
2318 __release(&node->proc->inner_lock); in binder_translate_handle()
2356 struct binder_proc *proc = thread->proc; in binder_translate_fd() local
2369 proc->pid, thread->pid, in binder_translate_fd()
2379 proc->pid, thread->pid, fd); in binder_translate_fd()
2383 ret = security_binder_transfer_file(proc->cred, target_proc->cred, file); in binder_translate_fd()
2670 struct binder_proc *proc = thread->proc; in binder_translate_fd_array() local
2679 proc->pid, thread->pid, (u64)fda->num_fds); in binder_translate_fd_array()
2686 proc->pid, thread->pid, (u64)fda->num_fds); in binder_translate_fd_array()
2704 proc->pid, thread->pid); in binder_translate_fd_array()
2737 struct binder_proc *proc = thread->proc; in binder_fixup_parent() local
2751 proc->pid, thread->pid); in binder_fixup_parent()
2760 proc->pid, thread->pid); in binder_fixup_parent()
2768 proc->pid, thread->pid); in binder_fixup_parent()
2807 * Requires the proc->inner_lock to be held.
2830 * @proc: process to send the transaction to
2831 * @thread: thread in @proc to send the transaction to (may be NULL)
2835 * wake it up. If no thread is found, the work is queued to the proc
2849 struct binder_proc *proc, in binder_proc_transaction() argument
2868 binder_inner_proc_lock(proc); in binder_proc_transaction()
2869 if (proc->is_frozen) { in binder_proc_transaction()
2871 proc->sync_recv |= !oneway; in binder_proc_transaction()
2872 proc->async_recv |= oneway; in binder_proc_transaction()
2875 if ((frozen && !oneway) || proc->is_dead || in binder_proc_transaction()
2877 binder_inner_proc_unlock(proc); in binder_proc_transaction()
2883 thread = binder_select_thread_ilocked(proc); in binder_proc_transaction()
2888 binder_enqueue_work_ilocked(&t->work, &proc->todo); in binder_proc_transaction()
2898 proc->outstanding_txns--; in binder_proc_transaction()
2905 binder_wakeup_thread_ilocked(proc, thread, !oneway /* sync */); in binder_proc_transaction()
2907 proc->outstanding_txns++; in binder_proc_transaction()
2908 binder_inner_proc_unlock(proc); in binder_proc_transaction()
2921 binder_release_entire_buffer(proc, NULL, buffer, false); in binder_proc_transaction()
2922 binder_alloc_free_buf(&proc->alloc, buffer); in binder_proc_transaction()
2936 * @procp: returns @node->proc if valid
2947 * the transaction. We also need a tmpref on the proc while we are
2950 * Return: The target_node with refs taken or NULL if no @node->proc is NULL.
2951 * Also sets @procp if valid. If the @node->proc is NULL indicating that the
2952 * target proc has died, @error is set to BR_DEAD_REPLY.
2962 if (node->proc) { in binder_get_node_refs_for_txn()
2966 node->proc->tmp_ref++; in binder_get_node_refs_for_txn()
2967 *procp = node->proc; in binder_get_node_refs_for_txn()
2982 __release(&from->proc->inner_lock); in binder_set_txn_from_error()
2989 binder_inner_proc_unlock(from->proc); in binder_set_txn_from_error()
2993 static void binder_transaction(struct binder_proc *proc, in binder_transaction() argument
3017 struct binder_context *context = proc->context; in binder_transaction()
3031 e->from_proc = proc->pid; in binder_transaction()
3036 strscpy(e->context_name, proc->context->name, BINDERFS_MAX_NAME); in binder_transaction()
3038 binder_inner_proc_lock(proc); in binder_transaction()
3040 binder_inner_proc_unlock(proc); in binder_transaction()
3043 binder_inner_proc_lock(proc); in binder_transaction()
3046 binder_inner_proc_unlock(proc); in binder_transaction()
3048 proc->pid, thread->pid); in binder_transaction()
3057 proc->pid, thread->pid, in_reply_to->debug_id, in binder_transaction()
3063 binder_inner_proc_unlock(proc); in binder_transaction()
3071 binder_inner_proc_unlock(proc); in binder_transaction()
3076 __release(&target_thread->proc->inner_lock); in binder_transaction()
3078 thread->pid, proc->pid); in binder_transaction()
3085 proc->pid, thread->pid, in binder_transaction()
3089 binder_inner_proc_unlock(target_thread->proc); in binder_transaction()
3097 target_proc = target_thread->proc; in binder_transaction()
3099 binder_inner_proc_unlock(target_thread->proc); in binder_transaction()
3111 binder_proc_lock(proc); in binder_transaction()
3112 ref = binder_get_ref_olocked(proc, tr->target.handle, in binder_transaction()
3120 proc->pid, thread->pid, tr->target.handle); in binder_transaction()
3123 binder_proc_unlock(proc); in binder_transaction()
3134 if (target_node && target_proc->pid == proc->pid) { in binder_transaction()
3136 proc->pid, thread->pid); in binder_transaction()
3145 thread->pid, proc->pid); in binder_transaction()
3154 if (WARN_ON(proc == target_proc)) { in binder_transaction()
3156 thread->pid, proc->pid); in binder_transaction()
3162 if (security_binder_transaction(proc->cred, in binder_transaction()
3165 thread->pid, proc->pid); in binder_transaction()
3171 binder_inner_proc_lock(proc); in binder_transaction()
3182 * thread from proc->waiting_threads to enqueue in binder_transaction()
3187 proc->pid, thread->pid); in binder_transaction()
3188 binder_inner_proc_unlock(proc); in binder_transaction()
3202 proc->pid, thread->pid, tmp->debug_id, in binder_transaction()
3207 binder_inner_proc_unlock(proc); in binder_transaction()
3218 if (from && from->proc == target_proc) { in binder_transaction()
3228 binder_inner_proc_unlock(proc); in binder_transaction()
3238 thread->pid, proc->pid); in binder_transaction()
3251 thread->pid, proc->pid); in binder_transaction()
3265 proc->pid, thread->pid, t->debug_id, in binder_transaction()
3274 proc->pid, thread->pid, t->debug_id, in binder_transaction()
3285 t->from_pid = proc->pid; in binder_transaction()
3287 t->sender_euid = task_euid(proc->tsk); in binder_transaction()
3298 security_cred_getsecid(proc->cred, &secid); in binder_transaction()
3302 thread->pid, proc->pid); in binder_transaction()
3312 thread->pid, proc->pid); in binder_transaction()
3374 proc->pid, thread->pid); in binder_transaction()
3382 proc->pid, thread->pid, (u64)tr->offsets_size); in binder_transaction()
3390 proc->pid, thread->pid, in binder_transaction()
3418 thread->pid, proc->pid); in binder_transaction()
3438 proc->pid, thread->pid); in binder_transaction()
3448 proc->pid, thread->pid, in binder_transaction()
3479 thread->pid, proc->pid); in binder_transaction()
3498 thread->pid, proc->pid); in binder_transaction()
3520 thread->pid, proc->pid); in binder_transaction()
3544 proc->pid, thread->pid); in binder_transaction()
3557 proc->pid, thread->pid); in binder_transaction()
3568 binder_get_object(proc, user_buffer, t->buffer, in binder_transaction()
3572 proc->pid, thread->pid, in binder_transaction()
3591 thread->pid, proc->pid); in binder_transaction()
3609 proc->pid, thread->pid); in binder_transaction()
3620 thread->pid, proc->pid); in binder_transaction()
3626 /* Fixup buffer pointer to target proc address space */ in binder_transaction()
3644 thread->pid, proc->pid); in binder_transaction()
3655 proc->pid, thread->pid, hdr->type); in binder_transaction()
3669 proc->pid, thread->pid); in binder_transaction()
3680 proc->pid, thread->pid); in binder_transaction()
3709 binder_inner_proc_lock(proc); in binder_transaction()
3721 binder_inner_proc_unlock(proc); in binder_transaction()
3725 binder_inner_proc_lock(proc); in binder_transaction()
3727 binder_inner_proc_unlock(proc); in binder_transaction()
3761 thread->pid, proc->pid); in binder_transaction()
3763 binder_dequeue_work(proc, tcomplete); in binder_transaction()
3804 proc->pid, thread->pid, reply ? "reply" : in binder_transaction()
3842 binder_inner_proc_lock(proc); in binder_transaction()
3845 binder_inner_proc_unlock(proc); in binder_transaction()
3852 binder_request_freeze_notification(struct binder_proc *proc, in binder_request_freeze_notification() argument
3862 binder_proc_lock(proc); in binder_request_freeze_notification()
3863 ref = binder_get_ref_olocked(proc, handle_cookie->handle, false); in binder_request_freeze_notification()
3866 proc->pid, thread->pid, handle_cookie->handle); in binder_request_freeze_notification()
3867 binder_proc_unlock(proc); in binder_request_freeze_notification()
3875 proc->pid, thread->pid); in binder_request_freeze_notification()
3877 binder_proc_unlock(proc); in binder_request_freeze_notification()
3888 if (ref->node->proc) { in binder_request_freeze_notification()
3889 binder_inner_proc_lock(ref->node->proc); in binder_request_freeze_notification()
3890 freeze->is_frozen = ref->node->proc->is_frozen; in binder_request_freeze_notification()
3891 binder_inner_proc_unlock(ref->node->proc); in binder_request_freeze_notification()
3893 binder_inner_proc_lock(proc); in binder_request_freeze_notification()
3894 binder_enqueue_work_ilocked(&freeze->work, &proc->todo); in binder_request_freeze_notification()
3895 binder_wakeup_proc_ilocked(proc); in binder_request_freeze_notification()
3896 binder_inner_proc_unlock(proc); in binder_request_freeze_notification()
3900 binder_proc_unlock(proc); in binder_request_freeze_notification()
3905 binder_clear_freeze_notification(struct binder_proc *proc, in binder_clear_freeze_notification() argument
3912 binder_proc_lock(proc); in binder_clear_freeze_notification()
3913 ref = binder_get_ref_olocked(proc, handle_cookie->handle, false); in binder_clear_freeze_notification()
3916 proc->pid, thread->pid, handle_cookie->handle); in binder_clear_freeze_notification()
3917 binder_proc_unlock(proc); in binder_clear_freeze_notification()
3925 proc->pid, thread->pid); in binder_clear_freeze_notification()
3927 binder_proc_unlock(proc); in binder_clear_freeze_notification()
3931 binder_inner_proc_lock(proc); in binder_clear_freeze_notification()
3934 proc->pid, thread->pid, (u64)freeze->cookie, in binder_clear_freeze_notification()
3936 binder_inner_proc_unlock(proc); in binder_clear_freeze_notification()
3938 binder_proc_unlock(proc); in binder_clear_freeze_notification()
3952 binder_enqueue_work_ilocked(&freeze->work, &proc->todo); in binder_clear_freeze_notification()
3953 binder_wakeup_proc_ilocked(proc); in binder_clear_freeze_notification()
3957 binder_inner_proc_unlock(proc); in binder_clear_freeze_notification()
3959 binder_proc_unlock(proc); in binder_clear_freeze_notification()
3964 binder_freeze_notification_done(struct binder_proc *proc, in binder_freeze_notification_done() argument
3971 binder_inner_proc_lock(proc); in binder_freeze_notification_done()
3972 list_for_each_entry(w, &proc->delivered_freeze, entry) { in binder_freeze_notification_done()
3983 proc->pid, thread->pid, (u64)cookie); in binder_freeze_notification_done()
3984 binder_inner_proc_unlock(proc); in binder_freeze_notification_done()
3991 binder_enqueue_work_ilocked(&freeze->work, &proc->todo); in binder_freeze_notification_done()
3992 binder_wakeup_proc_ilocked(proc); in binder_freeze_notification_done()
3994 binder_inner_proc_unlock(proc); in binder_freeze_notification_done()
4000 * @proc: binder proc that owns buffer
4010 binder_free_buf(struct binder_proc *proc, in binder_free_buf() argument
4014 binder_inner_proc_lock(proc); in binder_free_buf()
4019 binder_inner_proc_unlock(proc); in binder_free_buf()
4027 BUG_ON(buf_node->proc != proc); in binder_free_buf()
4034 w, &proc->todo); in binder_free_buf()
4035 binder_wakeup_proc_ilocked(proc); in binder_free_buf()
4040 binder_release_entire_buffer(proc, thread, buffer, is_failure); in binder_free_buf()
4041 binder_alloc_free_buf(&proc->alloc, buffer); in binder_free_buf()
4044 static int binder_thread_write(struct binder_proc *proc, in binder_thread_write() argument
4050 struct binder_context *context = proc->context; in binder_thread_write()
4064 atomic_inc(&proc->stats.bc[_IOC_NR(cmd)]); in binder_thread_write()
4089 if (ctx_mgr_node->proc == proc) { in binder_thread_write()
4091 proc->pid, thread->pid); in binder_thread_write()
4096 proc, ctx_mgr_node, in binder_thread_write()
4103 proc, target, increment, strong, in binder_thread_write()
4107 proc->pid, thread->pid, in binder_thread_write()
4127 proc->pid, thread->pid, debug_string, in binder_thread_write()
4133 proc->pid, thread->pid, debug_string, in binder_thread_write()
4151 node = binder_get_node(proc, node_ptr); in binder_thread_write()
4154 proc->pid, thread->pid, in binder_thread_write()
4163 proc->pid, thread->pid, in binder_thread_write()
4175 proc->pid, thread->pid, in binder_thread_write()
4185 proc->pid, thread->pid, in binder_thread_write()
4198 proc->pid, thread->pid, in binder_thread_write()
4221 buffer = binder_alloc_prepare_to_free(&proc->alloc, in binder_thread_write()
4227 proc->pid, thread->pid, in binder_thread_write()
4232 proc->pid, thread->pid, in binder_thread_write()
4239 proc->pid, thread->pid, (u64)data_ptr, in binder_thread_write()
4242 binder_free_buf(proc, thread, buffer, false); in binder_thread_write()
4253 binder_transaction(proc, thread, &tr.transaction_data, in binder_thread_write()
4264 binder_transaction(proc, thread, &tr, in binder_thread_write()
4272 proc->pid, thread->pid); in binder_thread_write()
4273 binder_inner_proc_lock(proc); in binder_thread_write()
4277 proc->pid, thread->pid); in binder_thread_write()
4278 } else if (proc->requested_threads == 0) { in binder_thread_write()
4281 proc->pid, thread->pid); in binder_thread_write()
4283 proc->requested_threads--; in binder_thread_write()
4284 proc->requested_threads_started++; in binder_thread_write()
4287 binder_inner_proc_unlock(proc); in binder_thread_write()
4292 proc->pid, thread->pid); in binder_thread_write()
4296 proc->pid, thread->pid); in binder_thread_write()
4303 proc->pid, thread->pid); in binder_thread_write()
4336 proc->pid, thread->pid); in binder_thread_write()
4340 binder_proc_lock(proc); in binder_thread_write()
4341 ref = binder_get_ref_olocked(proc, target, false); in binder_thread_write()
4344 proc->pid, thread->pid, in binder_thread_write()
4349 binder_proc_unlock(proc); in binder_thread_write()
4356 proc->pid, thread->pid, in binder_thread_write()
4368 proc->pid, thread->pid); in binder_thread_write()
4370 binder_proc_unlock(proc); in binder_thread_write()
4378 if (ref->node->proc == NULL) { in binder_thread_write()
4381 binder_inner_proc_lock(proc); in binder_thread_write()
4383 &ref->death->work, &proc->todo); in binder_thread_write()
4384 binder_wakeup_proc_ilocked(proc); in binder_thread_write()
4385 binder_inner_proc_unlock(proc); in binder_thread_write()
4390 proc->pid, thread->pid); in binder_thread_write()
4392 binder_proc_unlock(proc); in binder_thread_write()
4398 proc->pid, thread->pid, in binder_thread_write()
4402 binder_proc_unlock(proc); in binder_thread_write()
4406 binder_inner_proc_lock(proc); in binder_thread_write()
4418 &proc->todo); in binder_thread_write()
4420 proc); in binder_thread_write()
4426 binder_inner_proc_unlock(proc); in binder_thread_write()
4429 binder_proc_unlock(proc); in binder_thread_write()
4440 binder_inner_proc_lock(proc); in binder_thread_write()
4441 list_for_each_entry(w, &proc->delivered_death, in binder_thread_write()
4455 proc->pid, thread->pid, (u64)cookie, in binder_thread_write()
4459 proc->pid, thread->pid, (u64)cookie); in binder_thread_write()
4460 binder_inner_proc_unlock(proc); in binder_thread_write()
4474 &proc->todo); in binder_thread_write()
4475 binder_wakeup_proc_ilocked(proc); in binder_thread_write()
4478 binder_inner_proc_unlock(proc); in binder_thread_write()
4488 error = binder_request_freeze_notification(proc, thread, in binder_thread_write()
4501 error = binder_clear_freeze_notification(proc, thread, &handle_cookie); in binder_thread_write()
4514 error = binder_freeze_notification_done(proc, thread, cookie); in binder_thread_write()
4521 proc->pid, thread->pid, cmd); in binder_thread_write()
4529 static void binder_stat_br(struct binder_proc *proc, in binder_stat_br() argument
4535 atomic_inc(&proc->stats.br[_IOC_NR(cmd)]); in binder_stat_br()
4540 static int binder_put_node_cmd(struct binder_proc *proc, in binder_put_node_cmd() argument
4562 binder_stat_br(proc, thread, cmd); in binder_put_node_cmd()
4564 proc->pid, thread->pid, cmd_name, node_debug_id, in binder_put_node_cmd()
4575 struct binder_proc *proc = thread->proc; in binder_wait_for_work() local
4578 binder_inner_proc_lock(proc); in binder_wait_for_work()
4585 &proc->waiting_threads); in binder_wait_for_work()
4586 binder_inner_proc_unlock(proc); in binder_wait_for_work()
4588 binder_inner_proc_lock(proc); in binder_wait_for_work()
4596 binder_inner_proc_unlock(proc); in binder_wait_for_work()
4603 * @proc: binder_proc associated @t->buffer
4614 static int binder_apply_fd_fixups(struct binder_proc *proc, in binder_apply_fd_fixups() argument
4635 if (binder_alloc_copy_to_buffer(&proc->alloc, t->buffer, in binder_apply_fd_fixups()
4655 static int binder_thread_read(struct binder_proc *proc, in binder_thread_read() argument
4674 binder_inner_proc_lock(proc); in binder_thread_read()
4676 binder_inner_proc_unlock(proc); in binder_thread_read()
4682 !binder_worklist_empty(proc, &thread->todo)); in binder_thread_read()
4687 proc->pid, thread->pid, thread->looper); in binder_thread_read()
4691 binder_set_nice(proc->default_priority); in binder_thread_read()
4716 binder_inner_proc_lock(proc); in binder_thread_read()
4719 else if (!binder_worklist_empty_ilocked(&proc->todo) && in binder_thread_read()
4721 list = &proc->todo; in binder_thread_read()
4723 binder_inner_proc_unlock(proc); in binder_thread_read()
4732 binder_inner_proc_unlock(proc); in binder_thread_read()
4741 binder_inner_proc_unlock(proc); in binder_thread_read()
4749 binder_inner_proc_unlock(proc); in binder_thread_read()
4756 binder_stat_br(proc, thread, cmd); in binder_thread_read()
4761 if (proc->oneway_spam_detection_enabled && in binder_thread_read()
4768 binder_inner_proc_unlock(proc); in binder_thread_read()
4775 binder_stat_br(proc, thread, cmd); in binder_thread_read()
4778 proc->pid, thread->pid); in binder_thread_read()
4790 BUG_ON(proc != node->proc); in binder_thread_read()
4816 proc->pid, thread->pid, in binder_thread_read()
4820 rb_erase(&node->rb_node, &proc->nodes); in binder_thread_read()
4821 binder_inner_proc_unlock(proc); in binder_thread_read()
4835 binder_inner_proc_unlock(proc); in binder_thread_read()
4839 proc, thread, &ptr, node_ptr, in binder_thread_read()
4844 proc, thread, &ptr, node_ptr, in binder_thread_read()
4849 proc, thread, &ptr, node_ptr, in binder_thread_read()
4854 proc, thread, &ptr, node_ptr, in binder_thread_read()
4860 proc->pid, thread->pid, in binder_thread_read()
4883 proc->pid, thread->pid, in binder_thread_read()
4889 binder_inner_proc_unlock(proc); in binder_thread_read()
4894 w, &proc->delivered_death); in binder_thread_read()
4895 binder_inner_proc_unlock(proc); in binder_thread_read()
4904 binder_stat_br(proc, thread, cmd); in binder_thread_read()
4918 binder_enqueue_work_ilocked(w, &proc->delivered_freeze); in binder_thread_read()
4919 binder_inner_proc_unlock(proc); in binder_thread_read()
4927 binder_stat_br(proc, thread, BR_FROZEN_BINDER); in binder_thread_read()
4936 binder_inner_proc_unlock(proc); in binder_thread_read()
4945 binder_stat_br(proc, thread, BR_CLEAR_FREEZE_NOTIFICATION_DONE); in binder_thread_read()
4949 binder_inner_proc_unlock(proc); in binder_thread_read()
4951 proc->pid, thread->pid, w->type); in binder_thread_read()
4983 struct task_struct *sender = t_from->proc->tsk; in binder_thread_read()
4992 ret = binder_apply_fd_fixups(proc, t); in binder_thread_read()
5003 binder_free_buf(proc, thread, buffer, true); in binder_thread_read()
5006 proc->pid, thread->pid, in binder_thread_read()
5015 binder_stat_br(proc, thread, cmd); in binder_thread_read()
5054 binder_stat_br(proc, thread, cmd); in binder_thread_read()
5057 proc->pid, thread->pid, in binder_thread_read()
5061 t->debug_id, t_from ? t_from->proc->pid : 0, in binder_thread_read()
5071 binder_inner_proc_lock(thread->proc); in binder_thread_read()
5075 binder_inner_proc_unlock(thread->proc); in binder_thread_read()
5085 binder_inner_proc_lock(proc); in binder_thread_read()
5086 if (proc->requested_threads == 0 && in binder_thread_read()
5087 list_empty(&thread->proc->waiting_threads) && in binder_thread_read()
5088 proc->requested_threads_started < proc->max_threads && in binder_thread_read()
5092 proc->requested_threads++; in binder_thread_read()
5093 binder_inner_proc_unlock(proc); in binder_thread_read()
5096 proc->pid, thread->pid); in binder_thread_read()
5099 binder_stat_br(proc, thread, BR_SPAWN_LOOPER); in binder_thread_read()
5101 binder_inner_proc_unlock(proc); in binder_thread_read()
5105 static void binder_release_work(struct binder_proc *proc, in binder_release_work() argument
5112 binder_inner_proc_lock(proc); in binder_release_work()
5115 binder_inner_proc_unlock(proc); in binder_release_work()
5177 struct binder_proc *proc, struct binder_thread *new_thread) in binder_get_thread_ilocked() argument
5181 struct rb_node **p = &proc->threads.rb_node; in binder_get_thread_ilocked()
5198 thread->proc = proc; in binder_get_thread_ilocked()
5204 rb_insert_color(&thread->rb_node, &proc->threads); in binder_get_thread_ilocked()
5215 static struct binder_thread *binder_get_thread(struct binder_proc *proc) in binder_get_thread() argument
5220 binder_inner_proc_lock(proc); in binder_get_thread()
5221 thread = binder_get_thread_ilocked(proc, NULL); in binder_get_thread()
5222 binder_inner_proc_unlock(proc); in binder_get_thread()
5227 binder_inner_proc_lock(proc); in binder_get_thread()
5228 thread = binder_get_thread_ilocked(proc, new_thread); in binder_get_thread()
5229 binder_inner_proc_unlock(proc); in binder_get_thread()
5236 static void binder_free_proc(struct binder_proc *proc) in binder_free_proc() argument
5240 BUG_ON(!list_empty(&proc->todo)); in binder_free_proc()
5241 BUG_ON(!list_empty(&proc->delivered_death)); in binder_free_proc()
5242 if (proc->outstanding_txns) in binder_free_proc()
5244 __func__, proc->outstanding_txns); in binder_free_proc()
5245 device = container_of(proc->context, struct binder_device, context); in binder_free_proc()
5247 kfree(proc->context->name); in binder_free_proc()
5250 binder_alloc_deferred_release(&proc->alloc); in binder_free_proc()
5251 put_task_struct(proc->tsk); in binder_free_proc()
5252 put_cred(proc->cred); in binder_free_proc()
5254 dbitmap_free(&proc->dmap); in binder_free_proc()
5255 kfree(proc); in binder_free_proc()
5262 binder_proc_dec_tmpref(thread->proc); in binder_free_thread()
5266 static int binder_thread_release(struct binder_proc *proc, in binder_thread_release() argument
5274 binder_inner_proc_lock(thread->proc); in binder_thread_release()
5276 * take a ref on the proc so it survives in binder_thread_release()
5277 * after we remove this thread from proc->threads. in binder_thread_release()
5281 proc->tmp_ref++; in binder_thread_release()
5287 rb_erase(&thread->rb_node, &proc->threads); in binder_thread_release()
5303 proc->pid, thread->pid, in binder_thread_release()
5308 thread->proc->outstanding_txns--; in binder_thread_release()
5337 binder_inner_proc_unlock(thread->proc); in binder_thread_release()
5351 binder_release_work(proc, &thread->todo); in binder_thread_release()
5359 struct binder_proc *proc = filp->private_data; in binder_poll() local
5363 thread = binder_get_thread(proc); in binder_poll()
5367 binder_inner_proc_lock(thread->proc); in binder_poll()
5371 binder_inner_proc_unlock(thread->proc); in binder_poll()
5385 struct binder_proc *proc = filp->private_data; in binder_ioctl_write_read() local
5395 proc->pid, thread->pid, in binder_ioctl_write_read()
5400 ret = binder_thread_write(proc, thread, in binder_ioctl_write_read()
5413 ret = binder_thread_read(proc, thread, bwr.read_buffer, in binder_ioctl_write_read()
5418 binder_inner_proc_lock(proc); in binder_ioctl_write_read()
5419 if (!binder_worklist_empty_ilocked(&proc->todo)) in binder_ioctl_write_read()
5420 binder_wakeup_proc_ilocked(proc); in binder_ioctl_write_read()
5421 binder_inner_proc_unlock(proc); in binder_ioctl_write_read()
5430 proc->pid, thread->pid, in binder_ioctl_write_read()
5445 struct binder_proc *proc = filp->private_data; in binder_ioctl_set_ctx_mgr() local
5446 struct binder_context *context = proc->context; in binder_ioctl_set_ctx_mgr()
5456 ret = security_binder_set_context_mgr(proc->cred); in binder_ioctl_set_ctx_mgr()
5471 new_node = binder_new_node(proc, fbo); in binder_ioctl_set_ctx_mgr()
5489 static int binder_ioctl_get_node_info_for_ref(struct binder_proc *proc, in binder_ioctl_get_node_info_for_ref() argument
5493 struct binder_context *context = proc->context; in binder_ioctl_get_node_info_for_ref()
5499 proc->pid); in binder_ioctl_get_node_info_for_ref()
5506 context->binder_context_mgr_node->proc != proc) { in binder_ioctl_get_node_info_for_ref()
5512 node = binder_get_node_from_ref(proc, handle, true, NULL); in binder_ioctl_get_node_info_for_ref()
5525 static int binder_ioctl_get_node_debug_info(struct binder_proc *proc, in binder_ioctl_get_node_debug_info() argument
5533 binder_inner_proc_lock(proc); in binder_ioctl_get_node_debug_info()
5534 for (n = rb_first(&proc->nodes); n != NULL; n = rb_next(n)) { in binder_ioctl_get_node_debug_info()
5545 binder_inner_proc_unlock(proc); in binder_ioctl_get_node_debug_info()
5550 static bool binder_txns_pending_ilocked(struct binder_proc *proc) in binder_txns_pending_ilocked() argument
5555 if (proc->outstanding_txns > 0) in binder_txns_pending_ilocked()
5558 for (n = rb_first(&proc->threads); n; n = rb_next(n)) { in binder_txns_pending_ilocked()
5566 static void binder_add_freeze_work(struct binder_proc *proc, bool is_frozen) in binder_add_freeze_work() argument
5572 binder_inner_proc_lock(proc); in binder_add_freeze_work()
5573 for (n = rb_first(&proc->nodes); n; n = rb_next(n)) { in binder_add_freeze_work()
5578 binder_inner_proc_unlock(proc); in binder_add_freeze_work()
5589 binder_inner_proc_lock(ref->proc); in binder_add_freeze_work()
5591 binder_inner_proc_unlock(ref->proc); in binder_add_freeze_work()
5597 binder_enqueue_work_ilocked(&ref->freeze->work, &ref->proc->todo); in binder_add_freeze_work()
5598 binder_wakeup_proc_ilocked(ref->proc); in binder_add_freeze_work()
5604 binder_inner_proc_unlock(ref->proc); in binder_add_freeze_work()
5608 binder_inner_proc_lock(proc); in binder_add_freeze_work()
5609 if (proc->is_dead) in binder_add_freeze_work()
5612 binder_inner_proc_unlock(proc); in binder_add_freeze_work()
5703 binder_inner_proc_lock(thread->proc); in binder_ioctl_get_extended_error()
5706 binder_inner_proc_unlock(thread->proc); in binder_ioctl_get_extended_error()
5717 struct binder_proc *proc = filp->private_data; in binder_ioctl() local
5722 proc->pid, current->pid, cmd, arg);*/ in binder_ioctl()
5724 binder_selftest_alloc(&proc->alloc); in binder_ioctl()
5732 thread = binder_get_thread(proc); in binder_ioctl()
5752 binder_inner_proc_lock(proc); in binder_ioctl()
5753 proc->max_threads = max_threads; in binder_ioctl()
5754 binder_inner_proc_unlock(proc); in binder_ioctl()
5776 proc->pid, thread->pid); in binder_ioctl()
5777 binder_thread_release(proc, thread); in binder_ioctl()
5798 ret = binder_ioctl_get_node_info_for_ref(proc, &info); in binder_ioctl()
5817 ret = binder_ioctl_get_node_debug_info(proc, &info); in binder_ioctl()
5912 binder_inner_proc_lock(proc); in binder_ioctl()
5913 proc->oneway_spam_detection_enabled = (bool)enable; in binder_ioctl()
5914 binder_inner_proc_unlock(proc); in binder_ioctl()
5932 pr_info("%d:%d ioctl %x %lx returned %d\n", proc->pid, current->pid, cmd, arg, ret); in binder_ioctl()
5940 struct binder_proc *proc = vma->vm_private_data; in binder_vma_open() local
5944 proc->pid, vma->vm_start, vma->vm_end, in binder_vma_open()
5951 struct binder_proc *proc = vma->vm_private_data; in binder_vma_close() local
5955 proc->pid, vma->vm_start, vma->vm_end, in binder_vma_close()
5958 binder_alloc_vma_close(&proc->alloc); in binder_vma_close()
5974 struct binder_proc *proc = filp->private_data; in binder_mmap() local
5976 if (proc->tsk != current->group_leader) in binder_mmap()
5981 __func__, proc->pid, vma->vm_start, vma->vm_end, in binder_mmap()
5987 proc->pid, vma->vm_start, vma->vm_end, "bad vm_flags", -EPERM); in binder_mmap()
5993 vma->vm_private_data = proc; in binder_mmap()
5995 return binder_alloc_mmap_handler(&proc->alloc, vma); in binder_mmap()
6000 struct binder_proc *proc, *itr; in binder_open() local
6009 proc = kzalloc(sizeof(*proc), GFP_KERNEL); in binder_open()
6010 if (proc == NULL) in binder_open()
6013 dbitmap_init(&proc->dmap); in binder_open()
6014 spin_lock_init(&proc->inner_lock); in binder_open()
6015 spin_lock_init(&proc->outer_lock); in binder_open()
6017 proc->tsk = current->group_leader; in binder_open()
6018 proc->cred = get_cred(filp->f_cred); in binder_open()
6019 INIT_LIST_HEAD(&proc->todo); in binder_open()
6020 init_waitqueue_head(&proc->freeze_wait); in binder_open()
6021 proc->default_priority = task_nice(current); in binder_open()
6032 proc->context = &binder_dev->context; in binder_open()
6033 binder_alloc_init(&proc->alloc); in binder_open()
6036 proc->pid = current->group_leader->pid; in binder_open()
6037 INIT_LIST_HEAD(&proc->delivered_death); in binder_open()
6038 INIT_LIST_HEAD(&proc->delivered_freeze); in binder_open()
6039 INIT_LIST_HEAD(&proc->waiting_threads); in binder_open()
6040 filp->private_data = proc; in binder_open()
6044 if (itr->pid == proc->pid) { in binder_open()
6049 hlist_add_head(&proc->proc_node, &binder_procs); in binder_open()
6055 snprintf(strbuf, sizeof(strbuf), "%u", proc->pid); in binder_open()
6057 * proc debug entries are shared between contexts. in binder_open()
6062 proc->debugfs_entry = debugfs_create_file(strbuf, 0444, in binder_open()
6064 (void *)(unsigned long)proc->pid, in binder_open()
6072 snprintf(strbuf, sizeof(strbuf), "%u", proc->pid); in binder_open()
6080 strbuf, &proc_fops, (void *)(unsigned long)proc->pid); in binder_open()
6082 proc->binderfs_entry = binderfs_entry; in binder_open()
6097 struct binder_proc *proc = filp->private_data; in binder_flush() local
6099 binder_defer_work(proc, BINDER_DEFERRED_FLUSH); in binder_flush()
6104 static void binder_deferred_flush(struct binder_proc *proc) in binder_deferred_flush() argument
6109 binder_inner_proc_lock(proc); in binder_deferred_flush()
6110 for (n = rb_first(&proc->threads); n != NULL; n = rb_next(n)) { in binder_deferred_flush()
6119 binder_inner_proc_unlock(proc); in binder_deferred_flush()
6122 "binder_flush: %d woke %d threads\n", proc->pid, in binder_deferred_flush()
6128 struct binder_proc *proc = filp->private_data; in binder_release() local
6130 debugfs_remove(proc->debugfs_entry); in binder_release()
6132 if (proc->binderfs_entry) { in binder_release()
6133 binderfs_remove_file(proc->binderfs_entry); in binder_release()
6134 proc->binderfs_entry = NULL; in binder_release()
6137 binder_defer_work(proc, BINDER_DEFERRED_RELEASE); in binder_release()
6146 struct binder_proc *proc = node->proc; in binder_node_release() local
6148 binder_release_work(proc, &node->async_todo); in binder_node_release()
6151 binder_inner_proc_lock(proc); in binder_node_release()
6158 binder_inner_proc_unlock(proc); in binder_node_release()
6165 node->proc = NULL; in binder_node_release()
6168 binder_inner_proc_unlock(proc); in binder_node_release()
6182 binder_inner_proc_lock(ref->proc); in binder_node_release()
6184 binder_inner_proc_unlock(ref->proc); in binder_node_release()
6193 &ref->proc->todo); in binder_node_release()
6194 binder_wakeup_proc_ilocked(ref->proc); in binder_node_release()
6195 binder_inner_proc_unlock(ref->proc); in binder_node_release()
6207 static void binder_deferred_release(struct binder_proc *proc) in binder_deferred_release() argument
6209 struct binder_context *context = proc->context; in binder_deferred_release()
6214 hlist_del(&proc->proc_node); in binder_deferred_release()
6219 context->binder_context_mgr_node->proc == proc) { in binder_deferred_release()
6222 __func__, proc->pid); in binder_deferred_release()
6226 binder_inner_proc_lock(proc); in binder_deferred_release()
6228 * Make sure proc stays alive after we in binder_deferred_release()
6231 proc->tmp_ref++; in binder_deferred_release()
6233 proc->is_dead = true; in binder_deferred_release()
6234 proc->is_frozen = false; in binder_deferred_release()
6235 proc->sync_recv = false; in binder_deferred_release()
6236 proc->async_recv = false; in binder_deferred_release()
6239 while ((n = rb_first(&proc->threads))) { in binder_deferred_release()
6243 binder_inner_proc_unlock(proc); in binder_deferred_release()
6245 active_transactions += binder_thread_release(proc, thread); in binder_deferred_release()
6246 binder_inner_proc_lock(proc); in binder_deferred_release()
6251 while ((n = rb_first(&proc->nodes))) { in binder_deferred_release()
6262 rb_erase(&node->rb_node, &proc->nodes); in binder_deferred_release()
6263 binder_inner_proc_unlock(proc); in binder_deferred_release()
6265 binder_inner_proc_lock(proc); in binder_deferred_release()
6267 binder_inner_proc_unlock(proc); in binder_deferred_release()
6270 binder_proc_lock(proc); in binder_deferred_release()
6271 while ((n = rb_first(&proc->refs_by_desc))) { in binder_deferred_release()
6277 binder_proc_unlock(proc); in binder_deferred_release()
6279 binder_proc_lock(proc); in binder_deferred_release()
6281 binder_proc_unlock(proc); in binder_deferred_release()
6283 binder_release_work(proc, &proc->todo); in binder_deferred_release()
6284 binder_release_work(proc, &proc->delivered_death); in binder_deferred_release()
6285 binder_release_work(proc, &proc->delivered_freeze); in binder_deferred_release()
6289 __func__, proc->pid, threads, nodes, incoming_refs, in binder_deferred_release()
6292 binder_proc_dec_tmpref(proc); in binder_deferred_release()
6297 struct binder_proc *proc; in binder_deferred_func() local
6304 proc = hlist_entry(binder_deferred_list.first, in binder_deferred_func()
6306 hlist_del_init(&proc->deferred_work_node); in binder_deferred_func()
6307 defer = proc->deferred_work; in binder_deferred_func()
6308 proc->deferred_work = 0; in binder_deferred_func()
6310 proc = NULL; in binder_deferred_func()
6316 binder_deferred_flush(proc); in binder_deferred_func()
6319 binder_deferred_release(proc); /* frees proc */ in binder_deferred_func()
6320 } while (proc); in binder_deferred_func()
6325 binder_defer_work(struct binder_proc *proc, enum binder_deferred_state defer) in binder_defer_work() argument
6328 proc->deferred_work |= defer; in binder_defer_work()
6329 if (hlist_unhashed(&proc->deferred_work_node)) { in binder_defer_work()
6330 hlist_add_head(&proc->deferred_work_node, in binder_defer_work()
6338 struct binder_proc *proc, in print_binder_transaction_ilocked() argument
6359 if (proc != to_proc) { in print_binder_transaction_ilocked()
6362 * correct proc inner lock for this node in print_binder_transaction_ilocked()
6376 proc->alloc.vm_start - buffer->user_data); in print_binder_transaction_ilocked()
6380 struct binder_proc *proc, in print_binder_work_ilocked() argument
6392 m, proc, transaction_prefix, t); in print_binder_work_ilocked()
6448 print_binder_transaction_ilocked(m, thread->proc, in print_binder_thread_ilocked()
6452 print_binder_transaction_ilocked(m, thread->proc, in print_binder_thread_ilocked()
6456 print_binder_transaction_ilocked(m, thread->proc, in print_binder_thread_ilocked()
6462 print_binder_work_ilocked(m, thread->proc, " ", in print_binder_thread_ilocked()
6484 seq_puts(m, " proc"); in print_binder_node_nilocked()
6486 seq_printf(m, " %d", ref->proc->pid); in print_binder_node_nilocked()
6489 if (node->proc) { in print_binder_node_nilocked()
6491 print_binder_work_ilocked(m, node->proc, " ", in print_binder_node_nilocked()
6502 ref->node->proc ? "" : "dead ", in print_binder_ref_olocked()
6509 struct binder_proc *proc, int print_all) in print_binder_proc() argument
6517 seq_printf(m, "proc %d\n", proc->pid); in print_binder_proc()
6518 seq_printf(m, "context %s\n", proc->context->name); in print_binder_proc()
6521 binder_inner_proc_lock(proc); in print_binder_proc()
6522 for (n = rb_first(&proc->threads); n != NULL; n = rb_next(n)) in print_binder_proc()
6526 for (n = rb_first(&proc->nodes); n != NULL; n = rb_next(n)) { in print_binder_proc()
6539 binder_inner_proc_unlock(proc); in print_binder_proc()
6546 binder_inner_proc_lock(proc); in print_binder_proc()
6548 binder_inner_proc_unlock(proc); in print_binder_proc()
6553 binder_proc_lock(proc); in print_binder_proc()
6554 for (n = rb_first(&proc->refs_by_desc); in print_binder_proc()
6560 binder_proc_unlock(proc); in print_binder_proc()
6562 binder_alloc_print_allocated(m, &proc->alloc); in print_binder_proc()
6563 binder_inner_proc_lock(proc); in print_binder_proc()
6564 list_for_each_entry(w, &proc->todo, entry) in print_binder_proc()
6565 print_binder_work_ilocked(m, proc, " ", in print_binder_proc()
6567 list_for_each_entry(w, &proc->delivered_death, entry) { in print_binder_proc()
6571 list_for_each_entry(w, &proc->delivered_freeze, entry) { in print_binder_proc()
6575 binder_inner_proc_unlock(proc); in print_binder_proc()
6632 "proc",
6685 struct binder_proc *proc) in print_binder_proc_stats() argument
6692 binder_alloc_get_free_async_space(&proc->alloc); in print_binder_proc_stats()
6694 seq_printf(m, "proc %d\n", proc->pid); in print_binder_proc_stats()
6695 seq_printf(m, "context %s\n", proc->context->name); in print_binder_proc_stats()
6698 binder_inner_proc_lock(proc); in print_binder_proc_stats()
6699 for (n = rb_first(&proc->threads); n != NULL; n = rb_next(n)) in print_binder_proc_stats()
6702 list_for_each_entry(thread, &proc->waiting_threads, waiting_thread_node) in print_binder_proc_stats()
6708 " free async space %zd\n", proc->requested_threads, in print_binder_proc_stats()
6709 proc->requested_threads_started, proc->max_threads, in print_binder_proc_stats()
6713 for (n = rb_first(&proc->nodes); n != NULL; n = rb_next(n)) in print_binder_proc_stats()
6715 binder_inner_proc_unlock(proc); in print_binder_proc_stats()
6720 binder_proc_lock(proc); in print_binder_proc_stats()
6721 for (n = rb_first(&proc->refs_by_desc); n != NULL; n = rb_next(n)) { in print_binder_proc_stats()
6728 binder_proc_unlock(proc); in print_binder_proc_stats()
6731 count = binder_alloc_get_allocated_count(&proc->alloc); in print_binder_proc_stats()
6734 binder_alloc_print_pages(m, &proc->alloc); in print_binder_proc_stats()
6737 binder_inner_proc_lock(proc); in print_binder_proc_stats()
6738 list_for_each_entry(w, &proc->todo, entry) { in print_binder_proc_stats()
6742 binder_inner_proc_unlock(proc); in print_binder_proc_stats()
6745 print_binder_stats(m, " ", &proc->stats); in print_binder_proc_stats()
6750 struct binder_proc *proc; in state_show() local
6780 hlist_for_each_entry(proc, &binder_procs, proc_node) in state_show()
6781 print_binder_proc(m, proc, 1); in state_show()
6789 struct binder_proc *proc; in stats_show() local
6796 hlist_for_each_entry(proc, &binder_procs, proc_node) in stats_show()
6797 print_binder_proc_stats(m, proc); in stats_show()
6805 struct binder_proc *proc; in transactions_show() local
6809 hlist_for_each_entry(proc, &binder_procs, proc_node) in transactions_show()
6810 print_binder_proc(m, proc, 0); in transactions_show()
6824 seq_puts(m, "binder proc state:\n"); in proc_show()
6989 binder_debugfs_dir_entry_proc = debugfs_create_dir("proc", in binder_init()