DivestOS/Patches/Linux_CVEs/CVE-2016-8414/ANY/0.patch

53 lines
2.1 KiB
Diff
Raw Normal View History

From 320970d3da9b091e96746424c44649a91852a846 Mon Sep 17 00:00:00 2001
From: Swetha Chikkaboraiah <schikk@codeaurora.org>
Date: Wed, 2 Nov 2016 16:49:41 +0530
Subject: qcom: scm: remove printing input arguments
scm_call2 is printing the input arguments if TZ ret value is < 0
leading to information leak. Remove printing input arguments.
Change-Id: I21dd6d83fa979aed2c79ebb2c9c8de63a247dded
CRs-Fixed: 1076407
Signed-off-by: Swetha Chikkaboraiah <schikk@codeaurora.org>
---
drivers/soc/qcom/scm.c | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
diff --git a/drivers/soc/qcom/scm.c b/drivers/soc/qcom/scm.c
index 795f33d..d057328 100644
--- a/drivers/soc/qcom/scm.c
+++ b/drivers/soc/qcom/scm.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2015, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2010-2016, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -644,10 +644,6 @@ int scm_call2(u32 fn_id, struct scm_desc *desc)
desc->ret[0] = desc->ret[1] = desc->ret[2] = 0;
- pr_debug("scm_call: func id %#llx, args: %#x, %#llx, %#llx, %#llx, %#llx\n",
- x0, desc->arginfo, desc->args[0], desc->args[1],
- desc->args[2], desc->x5);
-
if (scm_version == SCM_ARMV8_64)
ret = __scm_call_armv8_64(x0, desc->arginfo,
desc->args[0], desc->args[1],
@@ -667,10 +663,8 @@ int scm_call2(u32 fn_id, struct scm_desc *desc)
} while (ret == SCM_V2_EBUSY && (retry_count++ < SCM_EBUSY_MAX_RETRY));
if (ret < 0)
- pr_err("scm_call failed: func id %#llx, arginfo: %#x, args: %#llx, %#llx, %#llx, %#llx, ret: %d, syscall returns: %#llx, %#llx, %#llx\n",
- x0, desc->arginfo, desc->args[0], desc->args[1],
- desc->args[2], desc->x5, ret, desc->ret[0],
- desc->ret[1], desc->ret[2]);
+ pr_err("scm_call failed: func id %#llx, ret: %d, syscall returns: %#llx, %#llx, %#llx\n",
+ x0, ret, desc->ret[0], desc->ret[1], desc->ret[2]);
if (arglen > N_REGISTER_ARGS)
kfree(desc->extra_arg_buf);
--
cgit v1.1