Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp678156ybz; Fri, 1 May 2020 06:40:17 -0700 (PDT) X-Google-Smtp-Source: APiQypKLD4QVmPUTn/LkUJ6MkmnGZaUKDQLbZWVjEUwfk5YMY1/EGmjWqmdNGwIWa1DDyjW8LhNW X-Received: by 2002:a17:906:3296:: with SMTP id 22mr3310141ejw.195.1588340417691; Fri, 01 May 2020 06:40:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588340417; cv=none; d=google.com; s=arc-20160816; b=RKoig+Q9VeGFwwomKD2IHWpq6ZVAdYBvj1b/fuxupUfQ1D4sfzNIKfILNANcmb3W9c N5WwBbY0GiV57ZQIemRW4BTY7fkbtaBBibqZEWityGDB11OqQ9HUjTNGH/bjVcu8ApAO 5tEzl3kIX3NAgckzqV80zTgnYrRXEXhudLL4M/vGUpdqYKU9eA7NSgY2QbtK055P76wc pBM3L5yYNWoJSQCaEeAbA5ON1dMvamvx0zvGh9Vf78yEEikns4TiwKnbGK2fEVmmnAyo M5jz+Gjm+e86CebQztL3HyrhYiJVMhukGkOQMp7p9f8lDdeIMBUYyZDEE0zTTKZueTAz w2aQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ws/kg9NAV3IegGC27jI0yY6Sf23hTEUyNPv9yy41VIQ=; b=BEL4smRz3HwqF53aOshfO9VgRFXMsD9scSnrpKdBP2oqje9Afw2vUL/DzsF+//8Pwx LSbidvKW/0cbaR/NqeRx6r/61cI66NPhmFGoNDLMoJVFNKRIYo8VxfuiAenAR2V4PQ6P NH5pb69RwOwSBh4PkmCsRcSdzqj/mzAEvEYqn3DFBgVYOAJk9LkOKNfYznj5+t15E6tH YKy23mry/qr9j9Qeh3GqrA1EYKKY3JW2kxfp5uOGmAj5uzNg+M9yoJSghSQ6AfjL++fr kyJmTBlajFUpQPLSmMakkIbiebkXXr3Fzu0ndKkyxfbakAQeDS8udxqBeYO4g34HwZAB QNIA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=D6YjrdvZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cn25si1603698edb.589.2020.05.01.06.39.54; Fri, 01 May 2020 06:40:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=D6YjrdvZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729131AbgEANgB (ORCPT + 99 others); Fri, 1 May 2020 09:36:01 -0400 Received: from mail.kernel.org ([198.145.29.99]:34348 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728872AbgEANf7 (ORCPT ); Fri, 1 May 2020 09:35:59 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EC9D524957; Fri, 1 May 2020 13:35:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588340158; bh=qD6bBSu2ZmstztKjHgRkJXOnn8LSOtvA6gBtfCm4XtM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D6YjrdvZU5eNeA4svb5tHdjdHJSo002OAc7U8xGZZxhDJyt14eBwdawitEB9flbvo 5CNOVnDCxYiuSNL90bb6kGmYTi5a8t+P7mzDkXb6oEwnG4zvbQWGvKedNUVueC29uh uGharmzYThNesuHHI6JSdw8heNml7w40ZyvSckWA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Tyler Hicks , Todd Kjos , Guenter Roeck Subject: [PATCH 4.19 04/46] binder: take read mode of mmap_sem in binder_alloc_free_page() Date: Fri, 1 May 2020 15:22:29 +0200 Message-Id: <20200501131500.358343650@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200501131457.023036302@linuxfoundation.org> References: <20200501131457.023036302@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tyler Hicks commit 60d4885710836595192c42d3e04b27551d30ec91 upstream. Restore the behavior of locking mmap_sem for reading in binder_alloc_free_page(), as was first done in commit 3013bf62b67a ("binder: reduce mmap_sem write-side lock"). That change was inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim"). In addition, change the name of the label for the error path to accurately reflect that we're taking the lock for reading. Backporting note: This fix is only needed when *both* of the commits mentioned above are applied. That's an unlikely situation since they both landed during the development of v5.1 but only one of them is targeted for stable. Fixes: 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim") Signed-off-by: Tyler Hicks Acked-by: Todd Kjos Cc: Guenter Roeck Signed-off-by: Greg Kroah-Hartman --- drivers/android/binder_alloc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -970,8 +970,8 @@ enum lru_status binder_alloc_free_page(s mm = alloc->vma_vm_mm; if (!mmget_not_zero(mm)) goto err_mmget; - if (!down_write_trylock(&mm->mmap_sem)) - goto err_down_write_mmap_sem_failed; + if (!down_read_trylock(&mm->mmap_sem)) + goto err_down_read_mmap_sem_failed; vma = binder_alloc_get_vma(alloc); list_lru_isolate(lru, item); @@ -986,7 +986,7 @@ enum lru_status binder_alloc_free_page(s trace_binder_unmap_user_end(alloc, index); } - up_write(&mm->mmap_sem); + up_read(&mm->mmap_sem); mmput(mm); trace_binder_unmap_kernel_start(alloc, index); @@ -1001,7 +1001,7 @@ enum lru_status binder_alloc_free_page(s mutex_unlock(&alloc->mutex); return LRU_REMOVED_RETRY; -err_down_write_mmap_sem_failed: +err_down_read_mmap_sem_failed: mmput_async(mm); err_mmget: err_page_already_freed: