19.1: switch to latest hardened_malloc revision

+ other fixes

Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-05-06 14:11:19 -04:00
parent c26af5a755
commit 2c90c48637
No known key found for this signature in database
GPG Key ID: E599F62ECBAEAF2E
14 changed files with 68 additions and 40 deletions

View File

@ -52,7 +52,7 @@ external/ImageMagick 346cf7f5b84b846bd3ed13bcc6a31a23d608cfa2
external/OpenCL-CTS 8c79c498686952c108943422bd01c1924f4f8346
external/OpenCSD f61ef1151ed648047dbf8ba0a5feb887c2e54ba7
external/Reactive-Extensions/RxCpp 5f4c3264fe797590114da4338e67590bddfb9179
external/SecureCamera 488f5c27410aefae5a433cd112f8a490724943b4
external/SecureCamera 6b16f075e691d064379fe9d855f4c5c5a44c7f55
external/TestParameterInjector 912440cd7e915b2020af273373381d3f1c01a79d
external/XNNPACK 8f8ffbb9d2bd3229b58f7570f9912f320b612c6c
external/aac f9e918f31535e5dcfc53c788f630d9844d05e2c8
@ -185,7 +185,7 @@ external/guava db153ed224e785e82b70793d0516a792f52503c4
external/guice 6c56943a3c554b86b83cb82ec787e43b4c1892d8
external/gwp_asan d8ce6a5e15b8567d1a4e35e34ba7644b877c9787
external/hamcrest 543f2c338c205a34590a522c90c9812adb2c07a5
external/hardened_malloc 0d6d63cbe7cb6326bb06e1161b680cb3229f25a0
external/hardened_malloc 749640c274d54e084505a24fa758bcb5f96a25ef
external/harfbuzz_ng ea886e460b1fc556a80869cf5c93a53454abc569
external/hyphenation-patterns 109c2beeed753e908248ff37d0f2641c845a54d1
external/icing 90395e474e3e50b6e8a411cc845e05591d971043

View File

@ -49,7 +49,7 @@
<!-- START OF ADDITIONAL REPOS -->
<!-- GrapheneOS -->
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="0d6d63cbe7cb6326bb06e1161b680cb3229f25a0" />
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="749640c274d54e084505a24fa758bcb5f96a25ef" />
<project path="external/SecureCamera" name="GrapheneOS/platform_external_Camera" remote="github" revision="6b16f075e691d064379fe9d855f4c5c5a44c7f55" />
<!-- END OF ADDITIONAL REPOS -->

View File

@ -8,12 +8,12 @@ Subject: [PATCH] workarounds for Pixel 3 SoC era camera driver bugs
1 file changed, 28 insertions(+), 5 deletions(-)
diff --git a/h_malloc.c b/h_malloc.c
index 39ba84d..5fceaef 100644
index 15be0a2..3fa9ed7 100644
--- a/h_malloc.c
+++ b/h_malloc.c
@@ -76,6 +76,9 @@ static union {
#ifdef USE_PKEY
int metadata_pkey;
@@ -80,6 +80,9 @@ static union {
#ifdef MEMTAG
bool is_memtag_disabled;
#endif
+ bool zero_on_free;
+ bool purge_slabs;
@ -21,7 +21,7 @@ index 39ba84d..5fceaef 100644
};
char padding[PAGE_SIZE];
} ro __attribute__((aligned(PAGE_SIZE)));
@@ -443,7 +446,7 @@ static void *slot_pointer(size_t size, void *slab, size_t slot) {
@@ -465,7 +468,7 @@ static void *slot_pointer(size_t size, void *slab, size_t slot) {
}
static void write_after_free_check(const char *p, size_t size) {
@ -30,25 +30,25 @@ index 39ba84d..5fceaef 100644
return;
}
@@ -693,7 +696,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
if (likely(!is_zero_size)) {
check_canary(metadata, p, size);
@@ -812,7 +815,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
}
#endif
- if (ZERO_ON_FREE) {
+ if (ro.zero_on_free) {
- if (ZERO_ON_FREE && !skip_zero) {
+ if (ro.zero_on_free && !skip_zero) {
memset(p, 0, size - canary_size);
}
}
@@ -770,7 +773,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
metadata->prev = NULL;
@@ -890,7 +893,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
if (c->empty_slabs_total + slab_size > max_empty_slabs_total) {
int saved_errno = errno;
- if (!memory_map_fixed(slab, slab_size)) {
+ if (ro.purge_slabs && !memory_map_fixed(slab, slab_size)) {
label_slab(slab, slab_size, class);
stats_slab_deallocate(c, slab_size);
enqueue_free_slab(c, metadata);
@@ -855,7 +858,7 @@ static void regions_quarantine_deallocate_pages(void *p, size_t size, size_t gua
@@ -976,7 +979,7 @@ static void regions_quarantine_deallocate_pages(void *p, size_t size, size_t gua
return;
}
@ -57,7 +57,7 @@ index 39ba84d..5fceaef 100644
memory_purge(p, size);
} else {
memory_set_name(p, size, "malloc large quarantine");
@@ -1071,6 +1074,21 @@ static inline void enforce_init(void) {
@@ -1192,6 +1195,21 @@ static inline void enforce_init(void) {
}
}
@ -76,10 +76,10 @@ index 39ba84d..5fceaef 100644
+ }
+}
+
COLD static void init_slow_path(void) {
static struct mutex lock = MUTEX_INITIALIZER;
static struct mutex init_lock = MUTEX_INITIALIZER;
@@ -1085,6 +1103,11 @@ COLD static void init_slow_path(void) {
COLD static void init_slow_path(void) {
@@ -1207,6 +1225,11 @@ COLD static void init_slow_path(void) {
ro.metadata_pkey = pkey_alloc(0, 0);
#endif
@ -91,7 +91,7 @@ index 39ba84d..5fceaef 100644
if (unlikely(sysconf(_SC_PAGESIZE) != PAGE_SIZE)) {
fatal_error("runtime page size does not match compile-time page size which is not supported");
}
@@ -1360,7 +1383,7 @@ EXPORT void *h_calloc(size_t nmemb, size_t size) {
@@ -1491,7 +1514,7 @@ EXPORT void *h_calloc(size_t nmemb, size_t size) {
}
total_size = adjust_size_for_canary(total_size);
void *p = alloc(total_size);
@ -99,4 +99,4 @@ index 39ba84d..5fceaef 100644
+ if (!ro.zero_on_free && likely(p != NULL) && total_size && total_size <= max_slab_size_class) {
memset(p, 0, total_size - canary_size);
}
return p;
#ifdef HAS_ARM_MTE

View File

@ -10,16 +10,16 @@ Change-Id: I23513ec0379bbb10829f989690334e9704fd20e2
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/h_malloc.c b/h_malloc.c
index 5fceaef..70a3e82 100644
index 3fa9ed7..0308d73 100644
--- a/h_malloc.c
+++ b/h_malloc.c
@@ -1082,7 +1082,8 @@ COLD static void handle_bugs(void) {
@@ -1203,7 +1203,8 @@ COLD static void handle_bugs(void) {
// Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL camera provider
const char camera_provider[] = "/vendor/bin/hw/android.hardware.camera.provider@2.4-service_64";
- if (strcmp(camera_provider, path) == 0) {
+ // Any camera executable on system partition
+ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0))) {
+ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0 || strncmp("/apex", path, 5) == 0))) {
ro.zero_on_free = false;
ro.purge_slabs = false;
ro.region_quarantine_protect = false;

View File

@ -0,0 +1,31 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 22 Nov 2022 07:23:10 -0500
Subject: [PATCH] Add workaround for OnePlus 8 & 9 display driver crash
Change-Id: Ie7a0ca79bb629814e57958d57546f85030b67048
Signed-off-by: Tad <tad@spotco.us>
---
h_malloc.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/h_malloc.c b/h_malloc.c
index 0308d73..6c3b148 100644
--- a/h_malloc.c
+++ b/h_malloc.c
@@ -1209,6 +1209,15 @@ COLD static void handle_bugs(void) {
ro.purge_slabs = false;
ro.region_quarantine_protect = false;
}
+
+ // OnePlus 8 & 9 display composer
+ // https://gitlab.com/divested-mobile/divestos-build/-/issues/19
+ const char hwc[] = "/vendor/bin/hw/vendor.qti.hardware.display.composer-service";
+ if (strcmp(hwc, path) == 0) {
+ ro.zero_on_free = false;
+ ro.purge_slabs = false;
+ ro.region_quarantine_protect = false;
+ }
}
static struct mutex init_lock = MUTEX_INITIALIZER;

@ -1 +1 @@
Subproject commit 6979e159c035f7add4e2a36f30e42eac3e9fec40
Subproject commit 02a693fb0f8a4831c487b530ad37e0449c897f1a

View File

@ -430,7 +430,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48619/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48636/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48651/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48659/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48672/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48687/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48695/4.14/0003.patch
@ -607,7 +606,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27074/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27075/^6.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27388/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
editKernelLocalversion "-dos.p607"
editKernelLocalversion "-dos.p606"
else echo "kernel_xiaomi_sm6150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

View File

@ -516,7 +516,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48619/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48636/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48651/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48659/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48672/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48687/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48695/4.14/0003.patch
@ -699,7 +698,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/4.14/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/4.14/0002.patch
editKernelLocalversion "-dos.p699"
editKernelLocalversion "-dos.p698"
else echo "kernel_xiaomi_sm8150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

View File

@ -66,10 +66,9 @@ patchWorkspaceReal() {
verifyAllPlatformTags;
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
source build/envsetup.sh;
#source build/envsetup.sh;
#repopick -ift twelve-bt-sbc-hd-dualchannel;
#repopick -it twelve-colors;
repopick -it S_asb_2024-04;
sh "$DOS_SCRIPTS/Patch.sh";
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

View File

@ -119,6 +119,10 @@ if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
if enterAndClear "external/hardened_malloc"; then
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-1.patch"; #Workarounds for Pixel 3 SoC era camera driver bugs (GrapheneOS)
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-2.patch"; #Expand workaround to all camera executables (DivestOS)
applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0002-Broken_Displays.patch"; #Add workaround for OnePlus 8 & 9 display driver crash (DivestOS)
sed -i 's/34359738368/2147483648/' Android.bp; #revert 48-bit address space requirement
sed -i -e '76,78d;' Android.bp; #fix compile under A13
sed -i -e '22,24d;' androidtest/Android.bp; #fix compile under A12
fi;
fi;

View File

@ -75,7 +75,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-3061/^5.18/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4382/^6.2/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20382/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-1989/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3777/^6.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-6270/^6.8/0001.patch
@ -160,7 +159,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27059/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27074/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27075/^6.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27388/^6.8/0002.patch
editKernelLocalversion "-dos.p160"
editKernelLocalversion "-dos.p159"
else echo "kernel_google_msm-4.14 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

View File

@ -483,7 +483,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48619/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48636/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48651/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48659/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48672/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48687/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48695/4.14/0003.patch
@ -665,7 +664,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27388/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/4.14/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.14/0002.patch
editKernelLocalversion "-dos.p665"
editKernelLocalversion "-dos.p664"
else echo "kernel_oneplus_sm8150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

View File

@ -83,7 +83,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20371/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-0590/4.14/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-1989/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3567/4.14/0007.patch
@ -173,7 +172,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27059/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27074/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27075/^6.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27388/^6.8/0002.patch
editKernelLocalversion "-dos.p173"
editKernelLocalversion "-dos.p172"
else echo "kernel_xiaomi_sm6150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

View File

@ -81,7 +81,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20371/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-48671/^6.0/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-0590/4.14/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-1989/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-3567/4.14/0007.patch
@ -178,7 +177,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27059/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27074/^6.8/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27075/^6.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27388/^6.8/0002.patch
editKernelLocalversion "-dos.p178"
editKernelLocalversion "-dos.p177"
else echo "kernel_xiaomi_vayu is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"