Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1e16ab2c authored by Jim Blackler's avatar Jim Blackler Committed by Gerrit - the friendly Code Review server
Browse files

ANDROID: Avoid taking multiple locks in handle_lmk_event 



Conflicting lock events have been reported resulting from
rcu_read_lock, mmap_sem (in get_cmdline) and lmk_event_lock.

This CL avoids the possibility of these conditions by moving
handle_lmk_event outside rcu_read_lock and invoking get_cmdline before
lmk_event_lock is taken.

Bug: 133479338, 133829075
Signed-off-by: default avatarJim Blackler <jimblackler@google.com>
Change-Id: Ib3c32587472bd972e3ac108798e2af3f4a5c329a
Git-commit: bee613dd
Git-repo: https://android.googlesource.com/kernel/common/


[spathi@codeaurora.org: resolved trivial merge conflicts]
Signed-off-by: default avatarSrinivasarao P <spathi@codeaurora.org>
parent 7b3a06ea

drivers/staging/android/lowmemorykiller.c

+17 −12
Original line number Diff line number Diff line
@@ -127,6 +127,7 @@ void handle_lmk_event(struct task_struct *selected, short min_score_adj) 
	struct lmk_event *event;

	int res;

	long rss_in_pages = -1;

	char taskname[MAX_TASKNAME];

	struct mm_struct *mm = get_task_mm(selected);



	if (mm) {
@@ -134,6 +135,17 @@ void handle_lmk_event(struct task_struct *selected, short min_score_adj) 
		mmput(mm);

	}



	res = get_cmdline(selected, taskname, MAX_TASKNAME - 1);



	/* No valid process name means this is definitely not associated with a

	 * userspace activity.

	 */



	if (res <= 0 || res >= MAX_TASKNAME)

		return;



	taskname[res] = '\0';



	spin_lock(&lmk_event_lock);



	head = event_buffer.head;
@@ -148,18 +160,8 @@ void handle_lmk_event(struct task_struct *selected, short min_score_adj) 
	events = (struct lmk_event *) event_buffer.buf;

	event = &events[head];



	res = get_cmdline(selected, event->taskname, MAX_TASKNAME - 1);

	memcpy(event->taskname, taskname, res + 1);



	/* No valid process name means this is definitely not associated with a

	 * userspace activity.

	 */



	if (res <= 0 || res >= MAX_TASKNAME) {

		spin_unlock(&lmk_event_lock);

		return;

	}



	event->taskname[res] = '\0';

	event->pid = selected->pid;

	event->uid = from_kuid_munged(current_user_ns(), task_uid(selected));

	if (selected->group_leader)
@@ -785,7 +787,6 @@ static unsigned long lowmem_scan(struct shrinker *s, struct shrink_control *sc) 


		lowmem_deathpending_timeout = jiffies + HZ;

		rem += selected_tasksize;

		handle_lmk_event(selected, min_score_adj);

		rcu_read_unlock();

		/* give the system time to free up the memory */

		msleep_interruptible(20);
@@ -800,6 +801,10 @@ static unsigned long lowmem_scan(struct shrinker *s, struct shrink_control *sc) 
	lowmem_print(4, "lowmem_scan %lu, %x, return %lu\n",

		     sc->nr_to_scan, sc->gfp_mask, rem);

	mutex_unlock(&scan_mutex);



	if (selected)

		handle_lmk_event(selected, min_score_adj);



	return rem;

}