Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a15a4042 authored by Liam Mark's avatar Liam Mark
Browse files

ion: Ensure ion_buffer fields are initialized 



In the process_one_prefetch and process_one_shrink functions there are
local ion_buffer objects with fields which aren't initialized.

This can be a problem, for example if the private_flags
ION_PRIV_FLAG_SHRINKER_FREE flag is randomly set then this can lead to
memory which is not HYP assigned to the HLOS vmid being freed back to the
buddy allocator.

-002|__free_pages()
-003|ion_page_pool_free_pages()
-004|ion_page_pool_free_immediate()
-005|free_buffer_page()
-006|split_page_from_secure_pool()
-007|alloc_from_pool_preferred()
-007|ion_system_heap_allocate()
-008|process_one_shrink()
-008|ion_system_secure_heap_prefetch_work()

To fix this issue initialize all ion_buffer fields to zero for these local
variables.

Change-Id: I6bff85e9bf1e975d393d0ae6cef2f3931c8db217
Signed-off-by: default avatarLiam Mark <lmark@codeaurora.org>
parent d8f81fe4
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment