Commit Graph

62 Commits

Author SHA1 Message Date
John Stultz 0391d4fe2f staging: ashmem: Fix SIGBUS crash when traversing mmaped ashmem pages
Amit Pundir and Youling in parallel reported crashes with recent
mainline kernels running Android:

  F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
  F DEBUG   : Build fingerprint: 'Android/db410c32_only/db410c32_only:Q/OC-MR1/102:userdebug/test-key
  F DEBUG   : Revision: '0'
  F DEBUG   : ABI: 'arm'
  F DEBUG   : pid: 2261, tid: 2261, name: zygote  >>> zygote <<<
  F DEBUG   : signal 7 (SIGBUS), code 2 (BUS_ADRERR), fault addr 0xec00008
  ... <snip> ...
  F DEBUG   : backtrace:
  F DEBUG   :     #00 pc 00001c04  /system/lib/libc.so (memset+48)
  F DEBUG   :     #01 pc 0010c513  /system/lib/libart.so (create_mspace_with_base+82)
  F DEBUG   :     #02 pc 0015c601  /system/lib/libart.so (art::gc::space::DlMallocSpace::CreateMspace(void*, unsigned int, unsigned int)+40)
  F DEBUG   :     #03 pc 0015c3ed  /system/lib/libart.so (art::gc::space::DlMallocSpace::CreateFromMemMap(art::MemMap*, std::__1::basic_string<char, std::__ 1::char_traits<char>, std::__1::allocator<char>> const&, unsigned int, unsigned int, unsigned int, unsigned int, bool)+36)
  ...

This was bisected back to commit bfd40eaff5ab ("mm: fix
vma_is_anonymous() false-positives").

create_mspace_with_base() in the trace above, utilizes ashmem, and with
ashmem, for shared mappings we use shmem_zero_setup(), which sets the
vma->vm_ops to &shmem_vm_ops.  But for private ashmem mappings nothing
sets the vma->vm_ops.

Looking at the problematic patch, it seems to add a requirement that one
call vma_set_anonymous() on a vma, otherwise the dummy_vm_ops will be
used.  Using the dummy_vm_ops seem to triggger SIGBUS when traversing
unmapped pages.

Thus, this patch adds a call to vma_set_anonymous() for ashmem private
mappings and seems to avoid the reported problem.

Fixes: bfd40eaff5ab ("mm: fix vma_is_anonymous() false-positives")
Cc: Kirill Shutemov <kirill.shutemov@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Joel Fernandes <joelaf@google.com>
Cc: Colin Cross <ccross@google.com>
Cc: Matthew Wilcox <willy@infradead.org>
Reported-by: Amit Pundir <amit.pundir@linaro.org>
Reported-by: Youling 257 <youling257@gmail.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-09-02 11:40:16 +02:00
Simon Fels 2a5ea7c88b
Merge pull request #5 from megies/patch-1
Fix modprobe call in README
2018-07-13 08:04:06 +02:00
Tobias Megies 1049f488ff
Update README.md
built module name for binder was not correct.. so the modprobe command needs changing compare c0c9d8f5d5/ashmem/dkms.conf (L5)
2018-07-12 15:38:08 +02:00
Simon Fels c0c9d8f5d5
Merge pull request #3 from zhsj/add-install-doc
add install instruction
2018-06-23 14:21:13 +02:00
Shengjing Zhu 7c5c2226b8 add install instruction
Signed-off-by: Shengjing Zhu <i@zhsj.me>
2018-06-22 22:50:18 +08:00
Simon Fels 5635fc41a2
Merge pull request #2 from zhsj/travis
add travis to test module build
2018-06-12 08:44:22 +02:00
Shengjing Zhu ad88288e8a add travis to test module build
Signed-off-by: Shengjing Zhu <i@zhsj.me>
2018-06-12 11:20:12 +08:00
Simon Fels c807ff7648
Merge pull request #1 from zhsj/master
WIP: improve debian package
2018-06-08 18:25:50 +02:00
Shengjing Zhu 3839bfd6e2 improve debian package
Signed-off-by: Shengjing Zhu <i@zhsj.me>
2018-06-09 00:22:45 +08:00
Simon Fels f6a8d43b1d Add travis CI build status to our README 2018-06-08 17:29:53 +02:00
Simon Fels f55cccbe65 scripts: add travis build support 2018-06-08 17:24:42 +02:00
Simon Fels f3d77d660c Import kernel module source from original Anbox repository 2018-06-08 17:20:21 +02:00