staging: ion: Fix ION subsystem privilege vulnerability
authorGagan Grover <ggrover@nvidia.com>
Fri, 25 Nov 2016 12:28:44 +0000 (17:28 +0530)
committerWinnie Hsu <whsu@nvidia.com>
Thu, 19 Apr 2018 16:59:03 +0000 (09:59 -0700)
commitf8e1def2a2dc506eff85364de331db2543746624
tree725ad9291ecf88800dd783fb9e50e6e2cf6fa3b7
parent86d51cfe09ee9f123aa5ec3c9b7ff1d94d5de39b
staging: ion: Fix ION subsystem privilege vulnerability

A malicious application can take advantage of the ION kmalloc heap
to create a specific memory chunk size to exercise a rowhammer
attack on the physical hardware.

The fix is designed to disable ION heap type.

CVE-2016-6728: A-30400942

Bug 1823317

Change-Id: I6b6d891a85da0c175f88cc1a3e48875796db80d4
Signed-off-by: Gagan Grover <ggrover@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/1689490
GVS: Gerrit_Virtual_Submit
Reviewed-by: Bibek Basu <bbasu@nvidia.com>
Tested-by: Amulya Yarlagadda <ayarlagadda@nvidia.com>
Reviewed-by: Winnie Hsu <whsu@nvidia.com>
drivers/staging/android/ion/ion_heap.c