FROMLIST: android_pipe: Pin pages to memory while copying and other cleanups
The existing code had a troubling TODO statement concerning the fact
that it just did a check if the page that the QEMU backend was going to
read from / write to was there before the call to the QEMU backend and
then relying on the fact that the page stayed around, even in a
preemptible SMP kernel. Obviously the page could go away or be
reassigned, and strange things may happen.
Further, writes were not tracked, so any use of COW or KSM-like
features would break completely. Probably that was never used by adbd
(the only current active user of the pipe), but could prove much more
dangerous for the GPU passthrough mechanism.
Instead, use get_user_pages() as the comment suggested and cleanup the
error path and add the set_page_dirt() call on a successful read
operation.
Also clarify the count used to return from successful read/write calls
and use Linux style commentary in various places of the file.
Note: The "just ignore error and return whatever we read so far" error
handling is really quite horrific. I cannot change it without a more
careful study of all user space ABIs reliance on this 'feature'.
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Jin Qian <jinqian@android.com>
Bug: 25515960
Patchset: goldfish support
Change-Id: I12b4304f31e78861c73837e380a13e88f79911c5
Message-Id: <1449084968-30211-3-git-send-email-jinqian@android.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
1 file changed
