msm-core: Ensure the userspace data is copied before access (acc1eaaf) · Commits · e / devices / android_kernel_xiaomi_markw

drivers/power/qcom/msm-core.c

+11 −8

Original line number	Diff line number	Diff line
		@@ -363,11 +363,14 @@ static int update_userspace_power(struct sched_params __user *argp)
		int cpu;
		struct cpu_activity_info *node;
		struct cpu_static_info sp, clear_sp;
		int mpidr = (argp->cluster << 8);
		int cpumask = argp->cpumask;
		int cpumask, cluster, mpidr;

		pr_debug("%s: cpumask %d, cluster: %d\n", __func__, argp->cpumask,
		argp->cluster);
		get_user(cpumask, &argp->cpumask);
		get_user(cluster, &argp->cluster);
		mpidr = cluster << 8;

		pr_debug("%s: cpumask %d, cluster: %d\n", __func__, cpumask,
		cluster);
		for (i = 0; i < MAX_CORES_PER_CLUSTER; i++, cpumask >>= 1) {
		if (!(cpumask & 0x01))
		continue;
		@@ -412,11 +415,11 @@ static int update_userspace_power(struct sched_params __user *argp)
		* argp->cpumask within the cluster (argp->cluster)
		*/
		spin_lock(&update_lock);
		cpumask = argp->cpumask;
		get_user(cpumask, &argp->cpumask);
		for (i = 0; i < MAX_CORES_PER_CLUSTER; i++, cpumask >>= 1) {
		if (!(cpumask & 0x01))
		continue;
		mpidr = (argp->cluster << CLUSTER_OFFSET_FOR_MPIDR);
		mpidr = (cluster << CLUSTER_OFFSET_FOR_MPIDR);
		mpidr \|= i;
		for_each_possible_cpu(cpu) {
		if (!(cpu_logical_map(cpu) == mpidr))
		@@ -454,12 +457,12 @@ static long msm_core_ioctl(struct file *file, unsigned int cmd,
		struct cpu_activity_info *node = NULL;
		struct sched_params __user argp = (struct sched_params __user )arg;
		int i, cpu = num_possible_cpus();
		int mpidr;
		int cpumask;
		int mpidr, cluster, cpumask;

		if (!argp)
		return -EINVAL;

		get_user(cluster, &argp->cluster);
		mpidr = (argp->cluster << (MAX_CORES_PER_CLUSTER *
		MAX_NUM_OF_CLUSTERS));
		cpumask = argp->cpumask;