// prune "pruneRows" of type "id" from the buffer. // // This garbage collection task is used to expire log entries. It is called to // remove all logs (clear), all UID logs (unprivileged clear), or every // 256 or 10% of the total logs (whichever is less) to prune the logs. // // First there is a prep phase where we discover the reader region lock that // acts as a backstop to any pruning activity to stop there and go no further. // // There are three major pruning loops that follow. All expire from the oldest // entries. Since there are multiple log buffers, the Android logging facility // will appear to drop entries 'in the middle' when looking at multiple log // sources and buffers. This effect is slightly more prominent when we prune // the worst offender by logging source. Thus the logs slowly loose content // and value as you move back in time. This is preferred since chatty sources // invariably move the logs value down faster as less chatty sources would be // expired in the noise. // // The first loop performs blacklisting and worst offender pruning. Falling // through when there are no notable worst offenders and have not hit the // region lock preventing further worst offender pruning. This loop also looks // after managing the chatty log entries and merging to help provide // statistical basis for blame. The chatty entries are not a notification of // how much logs you may have, but instead represent how much logs you would // have had in a virtual log buffer that is extended to cover all the in-memory // logs without loss. They last much longer than the represented pruned logs // since they get multiplied by the gains in the non-chatty log sources. // // The second loop get complicated because an algorithm of watermarks and // history is maintained to reduce the order and keep processing time // down to a minimum at scale. These algorithms can be costly in the face // of larger log buffers, or severly limited processing time granted to a // background task at lowest priority. // // This second loop does straight-up expiration from the end of the logs // (again, remember for the specified log buffer id) but does some whitelist // preservation. Thus whitelist is a Hail Mary low priority, blacklists and // spam filtration all take priority. This second loop also checks if a region // lock is causing us to buffer too much in the logs to help the reader(s), // and will tell the slowest reader thread to skip log entries, and if // persistent and hits a further threshold, kill the reader thread. // // The third thread is optional, and only gets hit if there was a whitelist // and more needs to be pruned against the backstop of the region lock. // // mLogElementsLock must be held when this function is called. // bool LogBuffer::prune(log_id_t id, unsignedlong pruneRows, uid_t caller_uid) { // ... }
if (__predict_false(caller_uid != AID_ROOT)) { // unlikely // Only here if clear all request from non system source, so chatty // filter logistics is not required. it = mLastSet[id] ? mLast[id] : mLogElements.begin(); while (it != mLogElements.end()) { LogBufferElement* element = *it;
// prune by worst offenders; by blacklist, UID, and by PID of system UID bool hasBlacklist = (id != LOG_ID_SECURITY) && mPrune.naughty(); while (!clearAll && (pruneRows > 0)) { // recalculate the worst offender on every batched pass int worst = -1; // not valid for getUid() or getKey() size_t worst_sizes = 0; size_t second_worst_sizes = 0; pid_t worstPid = 0; // POSIX guarantees PID != 0
if (worstUidEnabledForLogid(id) && mPrune.worstUidEnabled()) { // Calculate threshold as 12.5% of available storage size_t threshold = log_buffer_size(id) / 8;
if ((id == LOG_ID_EVENTS) || (id == LOG_ID_SECURITY)) { // 按照 tag 来区分,选出写入 log 数据最多的 tag // 对应 tag 的总数据必须大于 threshold stats.sortTags(AID_ROOT, (pid_t)0, 2, id) .findWorst(worst, worst_sizes, second_worst_sizes, threshold); // per-pid filter for AID_SYSTEM sources is too complex } else { // 按照 uid 来区分,选出写入 log 数据最多的用户 stats.sort(AID_ROOT, (pid_t)0, 2, id) .findWorst(worst, worst_sizes, second_worst_sizes, threshold);
if (dropped) { // 如果是 dropped log,添加到 last 里面,下个循环里的其他需要删除的 log 可以跟这一条合并 last.add(element); // 还记得前面刚进入循环时的工作吗,这里把当前的迭代器缓存起来,可以加速以后的 prune 调用 // 需要注意的是,第一条 add 到 LogBufferElementLast 里的 log 条目并不会被删除,这样 // 才能保证接下来我们保存的迭代器是有效的 if (worstPid && ((!gc && (element->getPid() == worstPid)) || (mLastWorstPidOfSystem[id].find(element->getPid()) == mLastWorstPidOfSystem[id].end()))) { // element->getUid() may not be AID_SYSTEM, next best // watermark if current one empty. id is not LOG_ID_EVENTS // or LOG_ID_SECURITY because of worstPid check. mLastWorstPidOfSystem[id][element->getPid()] = it; } if ((!gc && !worstPid && (key == worst)) || (mLastWorst[id].find(key) == mLastWorst[id].end())) { mLastWorst[id][key] = it; } ++it; continue; }
// 这个 log 项是无辜的,放过它 if ((key != worst) || (worstPid && (element->getPid() != worstPid))) { // 已经至少跳过了一条 log,所以 leading = false leading = false; last.clear(element); ++it; continue; } // key == worst below here // If worstPid set, then element->getPid() == worstPid below here
pruneRows--; if (pruneRows == 0) { break; }
kick = true;
unsignedshort len = element->getMsgLen();
// do not create any leading drops if (leading) { // 不创建 leading drops,因为创建了没有用。这个 dropped log 主要是为了 // 加速后面对同一个“用户”的 log 的删除操作。如果 dropped log 在列表最前面, // 我们只需要从 mLogElements.begin() 开始查找就可以了 it = erase(it); } else { stats.drop(element); element->setDropped(1); if (last.coalesce(element, 1)) { it = erase(it, true); } else { // 和上面那段一样 last.add(element); if (worstPid && (!gc || (mLastWorstPidOfSystem[id].find(worstPid) == mLastWorstPidOfSystem[id].end()))) { // element->getUid() may not be AID_SYSTEM, next best // watermark if current one empty. id is not // LOG_ID_EVENTS or LOG_ID_SECURITY because of worstPid. mLastWorstPidOfSystem[id][worstPid] = it; } if ((!gc && !worstPid) || (mLastWorst[id].find(worst) == mLastWorst[id].end())) { mLastWorst[id][worst] = it; } ++it; } } if (worst_sizes < second_worst_sizes) { break; } worst_sizes -= len; } last.clear();
// 一整个循环都没有删除那些写了太多 log 的条目,黑名单也没有启用,就不需要再开始下一次循环了 if (!kick || !mPrune.worstUidEnabled()) { break; // the following loop will ask bad clients to skip/drop } }
// Do not save the whitelist if we are reader range limited if (whitelist && (pruneRows > 0)) { it = mLastSet[id] ? mLast[id] : mLogElements.begin(); while ((it != mLogElements.end()) && (pruneRows > 0)) { LogBufferElement* element = *it;
if (element->getLogId() != id) { ++it; continue; }