staging: android: ashmem: Shrink directly through shmem_fallocate

When ashmem_shrink is called from direct reclaim on a user thread, a call to do_fallocate will check for permissions against the security policy of that user thread. It can thus fail by chance if called on a thread that isn't permitted to modify the relevant ashmem areas. Because we know that we have a shmem file underneath, call the shmem implementation of fallocate directly instead of going through the user-space interface for fallocate. Signed-off-by: Tobias Lindskog <tobias.lindskog@sonymobile.com> Signed-off-by: Jeff Vander Stoep <jeffv@google.com> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-07-06 14:44:16 -07:00 · 2018-07-06 14:44:16 -07:00 · 173a4906ae
commit 173a4906ae
parent ab608b341b
1 changed files with 3 additions and 3 deletions
--- a/drivers/staging/android/ashmem.c
+++ b/drivers/staging/android/ashmem.c
@ -450,9 +450,9 @@ ashmem_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
 		loff_t start = range->pgstart * PAGE_SIZE;
 		loff_t end = (range->pgend + 1) * PAGE_SIZE;

-		vfs_fallocate(range->asma->file,
-			      FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
-			      start, end - start);
+		range->asma->file->f_op->fallocate(range->asma->file,
+				FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
+				start, end - start);
 		range->purged = ASHMEM_WAS_PURGED;
 		lru_del(range);