Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 90e82848 authored Apr 14, 2020 by Isaac J. Manjarres

ion: Forbid multi-VMID allocation requests for the secure system heap



The secure system heap does not support multi-VMID allocations,
so do not allow them. Also, fortify the secure allocation check
for the system heap allocation path.

Change-Id: I51d53274c2374632db778461ba7505de4d723439
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>

parent dcdd5691

drivers/staging/android/ion/heaps/ion_system_heap.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -288,7 +288,7 @@ static int ion_system_heap_allocate(struct ion_heap *heap,
		return -ENOMEM;

		if (ion_heap_is_system_heap_type(buffer->heap->type) &&
		is_secure_vmid_valid(vmid)) {
		is_secure_allocation(buffer->flags)) {
		pr_info("%s: System heap doesn't support secure allocations\n",
		__func__);
		return -EINVAL;

drivers/staging/android/ion/heaps/ion_system_secure_heap.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -79,9 +79,10 @@ static int ion_system_secure_heap_allocate(struct ion_heap *heap,
		struct ion_system_secure_heap *secure_heap =
		to_system_secure_heap(heap);
		enum ion_heap_type type = secure_heap->heap.ion_heap.type;
		unsigned long cp_flags = buffer->flags & ION_FLAGS_CP_MASK;

		if (!ion_heap_is_system_secure_heap_type(type) \|\|
		!is_cp_flag_present(flags)) {
		!is_cp_flag_present(flags) \|\| (hweight_long(cp_flags) != 1)) {
		pr_info("%s: Incorrect heap type or incorrect flags\n",
		__func__);
		return -EINVAL;