android: Fix information disclosure vulnerability
authorGagan Grover <ggrover@nvidia.com>
Tue, 15 Nov 2016 07:18:31 +0000 (12:18 +0530)
committermobile promotions <svcmobile_promotions@nvidia.com>
Wed, 23 Nov 2016 01:14:19 +0000 (17:14 -0800)
commit2dea262e88d863321e66a5dbc6bc355ebb5fcd67
treedde293808a9cbc3a5ae8285b9033b755c5362aec
parentbfd92481a78132cfb8af383d93e4b1dba1e179f6
android: Fix information disclosure vulnerability

The format specifier %p can leak kernel addresses while not valuing the
kptr_restrict system settings.
The fix is designed to use %pK instead of %p, which also evaluates whether
kptr_restrict is set.

CVE-2016-6683 A-30143283
CVE-2016-6684 A-30148243

Bug 1812688

Change-Id: If2b1d25948af5c21333a189fe25e5412c6c2c27f
Signed-off-by: Gagan Grover <ggrover@nvidia.com>
Reviewed-on: http://git-master/r/1253303
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
drivers/android/binder.c
drivers/staging/android/sync.c