ANDROID: sdcardfs: Directly pass lower file for mmap
authorDaniel Rosenberg <drosen@google.com>
Tue, 11 Apr 2017 03:54:30 +0000 (20:54 -0700)
committerDaniel Rosenberg <drosen@google.com>
Tue, 30 Jan 2018 03:40:08 +0000 (19:40 -0800)
Instead of relying on a copy hack, pass the lower file
as private data. This lets the kernel find the vma
mapping for pages used by the file, allowing pages
used by mapping to be reclaimed.

This is adapted from following esdfs patches
commit 0647e638d: ("esdfs: store lower file in vm_file for mmap")
commit 064850866: ("esdfs: keep a counter for mmaped file")

Change-Id: I75b74d1e5061db1b8c13be38d184e118c0851a1a
Signed-off-by: Daniel Rosenberg <drosen@google.com>
fs/sdcardfs/file.c
fs/sdcardfs/mmap.c

index c0146e03fa2e1fb4d6204212d5956e0d563240f8..1f6921e2ffbfd1228ad7fb51d249537a5ce4eb9d 100644 (file)
@@ -192,6 +192,9 @@ static int sdcardfs_mmap(struct file *file, struct vm_area_struct *vma)
        file->f_mapping->a_ops = &sdcardfs_aops; /* set our aops */
        if (!SDCARDFS_F(file)->lower_vm_ops) /* save for our ->fault */
                SDCARDFS_F(file)->lower_vm_ops = saved_vm_ops;
+       vma->vm_private_data = file;
+       get_file(lower_file);
+       vma->vm_file = lower_file;
 
 out:
        return err;
index 51266f517fe243c0bfe335736c67ca58f31e474a..391d2a7d10e9ed0a48c8d064d1db7b44ebb70f2b 100644 (file)
 static int sdcardfs_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
 {
        int err;
-       struct file *file, *lower_file;
+       struct file *file;
        const struct vm_operations_struct *lower_vm_ops;
-       struct vm_area_struct lower_vma;
 
-       memcpy(&lower_vma, vma, sizeof(struct vm_area_struct));
-       file = lower_vma.vm_file;
+       file = (struct file *)vma->vm_private_data;
        lower_vm_ops = SDCARDFS_F(file)->lower_vm_ops;
        BUG_ON(!lower_vm_ops);
 
-       lower_file = sdcardfs_lower_file(file);
-       /*
-        * XXX: vm_ops->fault may be called in parallel.  Because we have to
-        * resort to temporarily changing the vma->vm_file to point to the
-        * lower file, a concurrent invocation of sdcardfs_fault could see a
-        * different value.  In this workaround, we keep a different copy of
-        * the vma structure in our stack, so we never expose a different
-        * value of the vma->vm_file called to us, even temporarily.  A
-        * better fix would be to change the calling semantics of ->fault to
-        * take an explicit file pointer.
-        */
-       lower_vma.vm_file = lower_file;
-       err = lower_vm_ops->fault(&lower_vma, vmf);
+       err = lower_vm_ops->fault(vma, vmf);
        return err;
 }
 
+static void sdcardfs_vm_open(struct vm_area_struct *vma)
+{
+       struct file *file = (struct file *)vma->vm_private_data;
+
+       get_file(file);
+}
+
+static void sdcardfs_vm_close(struct vm_area_struct *vma)
+{
+       struct file *file = (struct file *)vma->vm_private_data;
+
+       fput(file);
+}
+
 static int sdcardfs_page_mkwrite(struct vm_area_struct *vma,
                               struct vm_fault *vmf)
 {
        int err = 0;
-       struct file *file, *lower_file;
+       struct file *file;
        const struct vm_operations_struct *lower_vm_ops;
-       struct vm_area_struct lower_vma;
 
-       memcpy(&lower_vma, vma, sizeof(struct vm_area_struct));
-       file = lower_vma.vm_file;
+       file = (struct file *)vma->vm_private_data;
        lower_vm_ops = SDCARDFS_F(file)->lower_vm_ops;
        BUG_ON(!lower_vm_ops);
        if (!lower_vm_ops->page_mkwrite)
                goto out;
 
-       lower_file = sdcardfs_lower_file(file);
-       /*
-        * XXX: vm_ops->page_mkwrite may be called in parallel.
-        * Because we have to resort to temporarily changing the
-        * vma->vm_file to point to the lower file, a concurrent
-        * invocation of sdcardfs_page_mkwrite could see a different
-        * value.  In this workaround, we keep a different copy of the
-        * vma structure in our stack, so we never expose a different
-        * value of the vma->vm_file called to us, even temporarily.
-        * A better fix would be to change the calling semantics of
-        * ->page_mkwrite to take an explicit file pointer.
-        */
-       lower_vma.vm_file = lower_file;
-       err = lower_vm_ops->page_mkwrite(&lower_vma, vmf);
+       err = lower_vm_ops->page_mkwrite(vma, vmf);
 out:
        return err;
 }
@@ -98,4 +83,6 @@ const struct address_space_operations sdcardfs_aops = {
 const struct vm_operations_struct sdcardfs_vm_ops = {
        .fault          = sdcardfs_fault,
        .page_mkwrite   = sdcardfs_page_mkwrite,
+       .open           = sdcardfs_vm_open,
+       .close          = sdcardfs_vm_close,
 };