Shrink ashmem directly through shmem_fallocate
Tobias Lindskog [Mon, 9 Feb 2015 07:10:39 +0000 (08:10 +0100)]
When ashmem_shrink is called from direct reclaim on a user thread, a
call to do_fallocate will check for permissions against the security
policy of that user thread.  It can thus fail by chance if called on a
thread that isn't permitted to modify the relevant ashmem areas.

Because we know that we have a shmem file underneath, call the shmem
implementation of fallocate directly instead of going through the
user-space interface for fallocate.

FIX=DMS06243560
Area: Kernel/Linux Kernel

Bug: 21951515
Bug 1715409

Change-Id: Ie98fff18a2bdeb535cd24d4fbdd13677e12681a7
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
(cherry picked from commit 2ecc7f173a30ee7df10240d6944108252a5f5b7d)
Signed-off-by: Amit Sharma <amisharma@nvidia.com>
Reviewed-on: http://git-master/r/928294
GVS: Gerrit_Virtual_Submit
Reviewed-by: Krishna Reddy <vdumpa@nvidia.com>
Reviewed-by: Inamdar Sharif <isharif@nvidia.com>
Reviewed-by: Bharat Nihalani <bnihalani@nvidia.com>
Tested-by: Bharat Nihalani <bnihalani@nvidia.com>

drivers/staging/android/ashmem.c

index ccaef8b..9ab0320 100644 (file)
@@ -370,7 +370,7 @@ static int ashmem_shrink(struct shrinker *s, struct shrink_control *sc)
                loff_t start = range->pgstart * PAGE_SIZE;
                loff_t end = (range->pgend + 1) * PAGE_SIZE;
 
-               do_fallocate(range->asma->file,
+               range->asma->file->f_op->fallocate(range->asma->file,
                                FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
                                start, end - start);
                range->purged = ASHMEM_WAS_PURGED;