Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6f5f7ff4 authored by Jordan Crouse's avatar Jordan Crouse
Browse files

msm: kgsl: Don't set VM_IO on mmap()ed GPU memory objects 



VM_IO prevents mapped memory from being peeked by ptrace(). That
kind of protection isn't really needed for nominal GPU buffers.
A process given itself up to ptrace() already expects to be
examined so there is no additional risk to let the parent examine
GPU buffers too.  This is done universally now, but there is no
reason why we wouldn't let the process choose which buffers to
keep private in the future.

That said; there is more of a concern about including GPU buffers
in a core dump since that is a more permanent and less secure
record of the memory so add VM_DONTDUMP for all GPU buffers to
protect against that.

CRs-Fixed: 654751
Change-Id: Ic0dedbade91a2ec458bcb27eff3312d4ec6e4389
Signed-off-by: default avatarJordan Crouse <jcrouse@codeaurora.org>
parent 903129f4

drivers/gpu/msm/kgsl.c

+18 −1
Original line number Diff line number Diff line
@@ -87,6 +87,8 @@ static int kgsl_setup_dma_buf(struct kgsl_mem_entry *entry, 
				struct kgsl_device *device,

				struct dma_buf *dmabuf);



static const struct file_operations kgsl_fops;



static int kgsl_memfree_hist_init(void)

{

	void *base;
@@ -2611,9 +2613,21 @@ static int kgsl_setup_useraddr(struct kgsl_mem_entry *entry, 
	 */

	down_read(&current->mm->mmap_sem);

	vma = find_vma(current->mm, param->hostptr);



	if (vma && vma->vm_file) {

		int fd;



		/*

		 * Check to see that this isn't our own memory that we have

		 * already mapped

		 */

		if (vma->vm_file->f_op == &kgsl_fops) {

			up_read(&current->mm->mmap_sem);

			return -EFAULT;

		}



		/* Look for the fd that matches this the vma file */

		int fd = iterate_fd(current->files, 0,

		fd = iterate_fd(current->files, 0,

				match_file, vma->vm_file);

		if (fd != 0)

			dmabuf = dma_buf_get(fd - 1);
@@ -2917,6 +2931,9 @@ error_attach: 
	}

	kgsl_sharedmem_free(&entry->memdesc);

error:

	/* Clear gpuaddr here so userspace doesn't get any wrong ideas */

	param->gpuaddr = 0;



	kfree(entry);

	return result;

}

drivers/gpu/msm/kgsl_sharedmem.c

+2 −2
Original line number Diff line number Diff line
@@ -467,7 +467,7 @@ static void kgsl_cma_coherent_free(struct kgsl_memdesc *memdesc) 
/* Global - also used by kgsl_drm.c */

static struct kgsl_memdesc_ops kgsl_page_alloc_ops = {

	.free = kgsl_page_alloc_free,

	.vmflags = VM_IO | VM_DONTEXPAND,

	.vmflags = VM_DONTDUMP | VM_DONTEXPAND,

	.vmfault = kgsl_page_alloc_vmfault,

	.map_kernel = kgsl_page_alloc_map_kernel,

	.unmap_kernel = kgsl_page_alloc_unmap_kernel,
@@ -476,7 +476,7 @@ static struct kgsl_memdesc_ops kgsl_page_alloc_ops = { 
/* CMA ops - used during NOMMU mode */

static struct kgsl_memdesc_ops kgsl_cma_ops = {

	.free = kgsl_cma_coherent_free,

	.vmflags = VM_IO | VM_PFNMAP | VM_DONTEXPAND,

	.vmflags = VM_DONTDUMP | VM_PFNMAP | VM_DONTEXPAND,

	.vmfault = kgsl_contiguous_vmfault,

};