Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b7fe1b21 authored by Mitchel Humpherys's avatar Mitchel Humpherys
Browse files

ion: cma_secure_heap: validate buffer length 



The secure CMA heap only supports buffers lengths that are multiples of
1MB. Currently, we simply crash if a bad length is requested. Rather
than crashing, log an error and return a failure.

Change-Id: I0387ee9f2900e44c817d3a7497e9b0528dd8c33b
Signed-off-by: default avatarMitchel Humpherys <mitchelh@codeaurora.org>
parent 7c7e3ec1

drivers/staging/android/ion/ion_cma_secure_heap.c

+6 −0
Original line number Diff line number Diff line
@@ -515,6 +515,12 @@ static int ion_secure_cma_allocate(struct ion_heap *heap, 
		return -ENOMEM;

	}



	if (!IS_ALIGNED(len, SZ_1M)) {

		pr_err("%s: length of allocation from %s must be a multiple of 1MB\n",

			__func__, heap->name);

		return -ENOMEM;

	}





	buf = __ion_secure_cma_allocate(heap, buffer, len, align, flags);