Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 5d4b707b authored by Abhinav Parihar's avatar Abhinav Parihar Committed by Michael Bestas
Browse files

BACKPORT: dsp-kernel: Add attribute and flag checks during map creation 



A persistence map is expected to hold refs=2 during its creation.
However, the Fuzzy test can create a persistence map by configuring
a mismatch between attributes and flags using the KEEP MAP attribute
and FD NOMAP flags. This sets the map reference count to 1. The user
then calls fastrpc_internal_munmap_fd to free the map since it
doesn't check flags, which can cause a use-after-free (UAF) for the
file map and shared buffer. Add a check to restrict DMA handle
maps with invalid attributes.

Change-Id: I2f024ef99cc2a0487010504166e3af3433d5302d
Acked-by: default avatarSantosh <quic_ssakore@quicinc.com>
Signed-off-by: default avatarAbhinav Parihar <quic_parihar@quicinc.com>
parent 8736793a
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment