mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-07-01 09:02:05 +00:00
25cc717ec2
+ 16.0: some other misc hardening patches from GrapheneOS - always restrict access to Build.SERIAL - don't grant location permission to system browsers - fbe: pad filenames more + 16.0: Contacts: remove Privacy Policy and Terms of Service links
34 lines
1.2 KiB
Diff
34 lines
1.2 KiB
Diff
From 14800a3e7070240a314cbd695f71984a888cc90f Mon Sep 17 00:00:00 2001
|
|
From: Daniel Micay <danielmicay@gmail.com>
|
|
Date: Wed, 5 Dec 2018 09:29:25 -0500
|
|
Subject: [PATCH] avoid setting RLIMIT_AS with hardened malloc
|
|
|
|
This needs to be ported to a better mechanism like memory control groups
|
|
in order to remain compatible with hardening mechanisms based on large
|
|
PROT_NONE address space reservations.
|
|
|
|
Change-Id: Ibfb7164d764fcb9244055953bedc9a1c424cedcb
|
|
---
|
|
media/libmedia/MediaUtils.cpp | 8 ++++++++
|
|
1 file changed, 8 insertions(+)
|
|
|
|
diff --git a/media/libmedia/MediaUtils.cpp b/media/libmedia/MediaUtils.cpp
|
|
index bcdc3bdcf..de217c70b 100644
|
|
--- a/media/libmedia/MediaUtils.cpp
|
|
+++ b/media/libmedia/MediaUtils.cpp
|
|
@@ -38,6 +38,14 @@ void limitProcessMemory(
|
|
return;
|
|
}
|
|
|
|
+#ifdef __LP64__
|
|
+ // This needs to be ported to a better mechanism like memory control groups
|
|
+ // in order to remain compatible with hardening mechanisms based on large
|
|
+ // PROT_NONE address space reservations.
|
|
+ ALOGW("Running with hardened malloc implementation, skip enforcing memory limitations.");
|
|
+ return;
|
|
+#endif
|
|
+
|
|
long pageSize = sysconf(_SC_PAGESIZE);
|
|
long numPages = sysconf(_SC_PHYS_PAGES);
|
|
size_t maxMem = SIZE_MAX;
|