Re: RFC: android logger feedback request
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
On Wed, 21 Dec 2011, Brian Swetland wrote:
On Wed, Dec 21, 2011 at 5:20 PM, NeilBrown <neilb@xxxxxxx> wrote:On Wed, 21 Dec 2011 16:36:21 -0800 Tim Bird <tim.bird@xxxxxxxxxxx> wrote:On 12/21/2011 03:19 PM, Greg KH wrote:That all describes the current code, but you haven't described what's wrong with the existing syslog interface that requires this new driver to be written. And why can't the existing interface be fixed to address these (potential) shortcomings?One specific question I have is where is the most appropriate place for this code to live, in the kernel source tree? Other embedded systems might want to use this system (it is simpler than syslog, and superior in some ways), so I don't think it should remain in an android-specific directory.What way is it superior?Here are some ways that this code is superior to syslog:It is certainly nice and simple. It really looks more like a filesystem than a char device though... though they aren't really files so much as lossy pipes. I don't think that's a problem though, lots of things in filesystems don't behave exactly like files. If you created a 'logbuf' filesystem that used libfs to provide a single directory in which privileged processes could create files then you wouldn't need the kernel to "know" the allowed logs: radio, events, main, system. The size could be set by ftruncate() (by privileged used again) rather than being hardcoded.
The result would be much the same amount of code, but an interface which has fewer details hard-coded and is generally more versatile and accessible.Moving away from hard coding the names/sizes of the logs in the driver is something that has been on the todo list for a while. One thing we'd likely want to accomplish there is avoid creating a vector for consuming large amounts of memory by creating new logs. One planned change (likely to happen in the Android J release timeframe) is to adjust permissions such that any process can write messages, but unless they belong to the correct group they can only read back messages written by their own PID. This is to allow apps to grab their own log output after a crash or during a user problem report without needing to grant them the ability to read all log messages. Currently the logger driver does not provide a mechanism for allowing logs to survive a reboot (unlike the ramconsole), but this is functionality that we've thought about adding. Generally the kernel logs are most interesting after an unexpected panic/reboot, but getting a picture of what userspace has been up to can be useful too. The goals behind the logger driver have been: - keep userland and kernel logging separate (so that spammy userland logging doesn't make us lose critical kernel logs or the other way round) - make log writing very inexpensive -- avoid having to pass messages between processes (more critical on ARM9 platforms where this implied extra cache flushing), avoid having to make several syscalls to write a log message (getting time of day, etc), and so on - make log writing reliable -- don't trust userland to report its timestamp, PID, or to correctly format the datagrams, etc - allow a log watching process (logcat) to easily pull data from all logs at once - avoid committing a vast amount of memory to logging - try to prevent clients from spamming each other out of log space (only successful on a coarse granularity right now with the main/system/radio/events logs) - ensure logs are not lost at the moment an app crashes On one hand, having each app (per PID) be able to create their own logs up to a specified size limit could be really useful and is something we've kicked around -- for one it would allow us to avoid the ever present request from userspace developers to increase the log size because of too much log spam ("reduce log spam" never seems to be an answer that makes them happy) -- but we haven't come up with a reasonable plan for dealing with "well if we allow 16KB of log per app and the user installs 100 apps, they may be pinning up to 1.6MB of ram worst case", and so on.
At this point you are starting to sound like something much closer to a traditional syslog daemon. you are adding so many variations, persistant storage, etc that you really don't want to have to have all this in the kernel, make these be interfaces into a userspace logging tool (ideally syslog compatible), and you have the option to easily have different policies, consuming different amounts of space, depending on the device and how resource limited it is.