android: binder: use copy_from_user_preempt_disabled

To keep the driver consistent, and until we have
fine-grained locking in place.

Change-Id: Idda7ae8df889b5fae5e96bf343ab17782b4c46b1
Signed-off-by: Martijn Coenen <maco@android.com>

diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index 0f65a9ca7d8f61804abf84802e028bfa3ff9e058..0672721e43463a1e9b5c37d200c4756cdd5c4d72 100644 (file)
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -2222,9 +2222,10 @@ static void binder_transaction(struct binder_proc *proc,
                                return_error = BR_FAILED_REPLY;
                                goto err_bad_offset;
                        }
-                       if (copy_from_user(sg_bufp,
-                                          (const void __user *)(uintptr_t)
-                                          bp->buffer, bp->length)) {
+                       if (copy_from_user_preempt_disabled(
+                                       sg_bufp,
+                                       (const void __user *)(uintptr_t)
+                                       bp->buffer, bp->length)) {
                                binder_user_error("%d:%d got transaction with invalid offsets ptr\n",
                                                  proc->pid, thread->pid);
                                return_error = BR_FAILED_REPLY;
@@ -2516,7 +2517,8 @@ int binder_thread_write(struct binder_proc *proc,
                case BC_REPLY_SG: {
                        struct binder_transaction_data_sg tr;
 
-                       if (copy_from_user(&tr, ptr, sizeof(tr)))
+                       if (copy_from_user_preempt_disabled(&tr, ptr,
+                                                           sizeof(tr)))
                                return -EFAULT;
                        ptr += sizeof(tr);
                        binder_transaction(proc, thread, &tr.transaction_data,