git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Todd Kjos <tkjos@google.com>
	Wed, 30 Nov 2022 03:58:02 +0000 (03:58 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 2 Dec 2022 16:40:04 +0000 (17:40 +0100)
commit	c9d3f25a7f4e3aab3dfd91885e3d428bccdcb0e1
tree	1cbdd3ca221a32c4d691e3798199c2268d455ad6	tree
parent	5204296fc76623552d53f042e2dc411b49c151f2	commit \| diff

binder: defer copies of pre-patched txn data

commit 09184ae9b5756cc469db6fd1d1cfdcffbf627c2d upstream.

BINDER_TYPE_PTR objects point to memory areas in the
source process to be copied into the target buffer
as part of a transaction. This implements a scatter-
gather model where non-contiguous memory in a source
process is "gathered" into a contiguous region in
the target buffer.

The data can include pointers that must be fixed up
to correctly point to the copied data. To avoid making
source process pointers visible to the target process,
this patch defers the copy until the fixups are known
and then copies and fixeups are done together.

There is a special case of BINDER_TYPE_FDA which applies
the fixup later in the target process context. In this
case the user data is skipped (so no untranslated fds
become visible to the target).

Reviewed-by: Martijn Coenen <maco@android.com>
Signed-off-by: Todd Kjos <tkjos@google.com>
Link: https://lore.kernel.org/r/20211130185152.437403-5-tkjos@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[cmllamas: fix trivial merge conflict]
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>