Loading drivers/staging/android/ashmem.c +28 −0 Original line number Diff line number Diff line Loading @@ -370,8 +370,23 @@ static inline vm_flags_t calc_vm_may_flags(unsigned long prot) _calc_vm_trans(prot, PROT_EXEC, VM_MAYEXEC); } static int ashmem_vmfile_mmap(struct file *file, struct vm_area_struct *vma) { /* do not allow to mmap ashmem backing shmem file directly */ return -EPERM; } static unsigned long ashmem_vmfile_get_unmapped_area(struct file *file, unsigned long addr, unsigned long len, unsigned long pgoff, unsigned long flags) { return current->mm->get_unmapped_area(file, addr, len, pgoff, flags); } static int ashmem_mmap(struct file *file, struct vm_area_struct *vma) { static struct file_operations vmfile_fops; struct ashmem_area *asma = file->private_data; int ret = 0; Loading Loading @@ -412,6 +427,19 @@ static int ashmem_mmap(struct file *file, struct vm_area_struct *vma) } vmfile->f_mode |= FMODE_LSEEK; asma->file = vmfile; /* * override mmap operation of the vmfile so that it can't be * remapped which would lead to creation of a new vma with no * asma permission checks. Have to override get_unmapped_area * as well to prevent VM_BUG_ON check for f_ops modification. */ if (!vmfile_fops.mmap) { vmfile_fops = *vmfile->f_op; vmfile_fops.mmap = ashmem_vmfile_mmap; vmfile_fops.get_unmapped_area = ashmem_vmfile_get_unmapped_area; } vmfile->f_op = &vmfile_fops; } get_file(asma->file); Loading Loading
drivers/staging/android/ashmem.c +28 −0 Original line number Diff line number Diff line Loading @@ -370,8 +370,23 @@ static inline vm_flags_t calc_vm_may_flags(unsigned long prot) _calc_vm_trans(prot, PROT_EXEC, VM_MAYEXEC); } static int ashmem_vmfile_mmap(struct file *file, struct vm_area_struct *vma) { /* do not allow to mmap ashmem backing shmem file directly */ return -EPERM; } static unsigned long ashmem_vmfile_get_unmapped_area(struct file *file, unsigned long addr, unsigned long len, unsigned long pgoff, unsigned long flags) { return current->mm->get_unmapped_area(file, addr, len, pgoff, flags); } static int ashmem_mmap(struct file *file, struct vm_area_struct *vma) { static struct file_operations vmfile_fops; struct ashmem_area *asma = file->private_data; int ret = 0; Loading Loading @@ -412,6 +427,19 @@ static int ashmem_mmap(struct file *file, struct vm_area_struct *vma) } vmfile->f_mode |= FMODE_LSEEK; asma->file = vmfile; /* * override mmap operation of the vmfile so that it can't be * remapped which would lead to creation of a new vma with no * asma permission checks. Have to override get_unmapped_area * as well to prevent VM_BUG_ON check for f_ops modification. */ if (!vmfile_fops.mmap) { vmfile_fops = *vmfile->f_op; vmfile_fops.mmap = ashmem_vmfile_mmap; vmfile_fops.get_unmapped_area = ashmem_vmfile_get_unmapped_area; } vmfile->f_op = &vmfile_fops; } get_file(asma->file); Loading
