mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-01 19:06:25 -05:00
110 lines
4.3 KiB
Diff
110 lines
4.3 KiB
Diff
From 0de2c7600c8f1f0152a2f421c6593f931186400a Mon Sep 17 00:00:00 2001
|
|
From: Mallikarjuna Reddy Amireddy <mamire@codeaurora.org>
|
|
Date: Mon, 25 Jul 2016 18:14:39 +0530
|
|
Subject: qseecom: Change format specifier %p to %pK
|
|
|
|
Format specifier %p can leak kernel addresses while not valuing the
|
|
kptr_restrict system settings. When kptr_restrict is set to (1), kernel
|
|
pointers printed using the %pK format specifier will be replaced with 0's.
|
|
So that %pK will not leak kernel pointers to unprivileged users.
|
|
So change the format specifier from %p to %pK.
|
|
|
|
Debugging Note : &pK prints only Zeros as address. if you need actual
|
|
address information, pls echo 0 to kptr_restrict.
|
|
$ echo 0 > /proc/sys/kernel/kptr_restrict
|
|
|
|
Change-Id: I0baf2be2d5a476e2e4267f20b99d0ddf5492469e
|
|
Signed-off-by: Mallikarjuna Reddy Amireddy <mamire@codeaurora.org>
|
|
---
|
|
drivers/misc/qseecom.c | 18 +++++++++---------
|
|
1 file changed, 9 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/drivers/misc/qseecom.c b/drivers/misc/qseecom.c
|
|
index 52034c7..4fab447 100644
|
|
--- a/drivers/misc/qseecom.c
|
|
+++ b/drivers/misc/qseecom.c
|
|
@@ -1133,7 +1133,7 @@ static int qseecom_set_client_mem_param(struct qseecom_dev_handle *data,
|
|
|
|
if ((req.ifd_data_fd <= 0) || (req.virt_sb_base == NULL) ||
|
|
(req.sb_len == 0)) {
|
|
- pr_err("Inavlid input(s)ion_fd(%d), sb_len(%d), vaddr(0x%p)\n",
|
|
+ pr_err("Inavlid input(s)ion_fd(%d), sb_len(%d), vaddr(0x%pK)\n",
|
|
req.ifd_data_fd, req.sb_len, req.virt_sb_base);
|
|
return -EFAULT;
|
|
}
|
|
@@ -1653,7 +1653,7 @@ int __qseecom_process_rpmb_svc_cmd(struct qseecom_dev_handle *data_ptr,
|
|
void *req_buf = NULL;
|
|
|
|
if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) {
|
|
- pr_err("Error with pointer: req_ptr = %p, send_svc_ptr = %p\n",
|
|
+ pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n",
|
|
req_ptr, send_svc_ireq_ptr);
|
|
return -EINVAL;
|
|
}
|
|
@@ -1700,7 +1700,7 @@ int __qseecom_process_fsm_key_svc_cmd(struct qseecom_dev_handle *data_ptr,
|
|
uint32_t reqd_len_sb_in = 0;
|
|
|
|
if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) {
|
|
- pr_err("Error with pointer: req_ptr = %p, send_svc_ptr = %p\n",
|
|
+ pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n",
|
|
req_ptr, send_svc_ireq_ptr);
|
|
return -EINVAL;
|
|
}
|
|
@@ -3025,7 +3025,7 @@ int qseecom_send_command(struct qseecom_handle *handle, void *send_buf,
|
|
if (ret)
|
|
return ret;
|
|
|
|
- pr_debug("sending cmd_req->rsp size: %u, ptr: 0x%p\n",
|
|
+ pr_debug("sending cmd_req->rsp size: %u, ptr: 0x%pK\n",
|
|
req.resp_len, req.resp_buf);
|
|
return ret;
|
|
}
|
|
@@ -4844,7 +4844,7 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg)
|
|
ret = -EINVAL;
|
|
break;
|
|
}
|
|
- pr_debug("SET_MEM_PARAM: qseecom addr = 0x%p\n", data);
|
|
+ pr_debug("SET_MEM_PARAM: qseecom addr = 0x%pK\n", data);
|
|
ret = qseecom_set_client_mem_param(data, argp);
|
|
if (ret)
|
|
pr_err("failed Qqseecom_set_mem_param request: %d\n",
|
|
@@ -4860,7 +4860,7 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg)
|
|
break;
|
|
}
|
|
data->type = QSEECOM_CLIENT_APP;
|
|
- pr_debug("LOAD_APP_REQ: qseecom_addr = 0x%p\n", data);
|
|
+ pr_debug("LOAD_APP_REQ: qseecom_addr = 0x%pK\n", data);
|
|
mutex_lock(&app_access_lock);
|
|
atomic_inc(&data->ioctl_count);
|
|
if (qseecom.qsee_version > QSEEE_VERSION_00) {
|
|
@@ -4886,7 +4886,7 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg)
|
|
ret = -EINVAL;
|
|
break;
|
|
}
|
|
- pr_debug("UNLOAD_APP: qseecom_addr = 0x%p\n", data);
|
|
+ pr_debug("UNLOAD_APP: qseecom_addr = 0x%pK\n", data);
|
|
mutex_lock(&app_access_lock);
|
|
atomic_inc(&data->ioctl_count);
|
|
ret = qseecom_unload_app(data, false);
|
|
@@ -5017,7 +5017,7 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg)
|
|
data->type = QSEECOM_CLIENT_APP;
|
|
mutex_lock(&app_access_lock);
|
|
atomic_inc(&data->ioctl_count);
|
|
- pr_debug("APP_LOAD_QUERY: qseecom_addr = 0x%p\n", data);
|
|
+ pr_debug("APP_LOAD_QUERY: qseecom_addr = 0x%pK\n", data);
|
|
ret = qseecom_query_app_loaded(data, argp);
|
|
atomic_dec(&data->ioctl_count);
|
|
mutex_unlock(&app_access_lock);
|
|
@@ -5288,7 +5288,7 @@ static int qseecom_release(struct inode *inode, struct file *file)
|
|
int ret = 0;
|
|
|
|
if (data->released == false) {
|
|
- pr_debug("data: released=false, type=%d, mode=%d, data=0x%p\n",
|
|
+ pr_debug("data: released=false, type=%d, mode=%d, data=0x%pK\n",
|
|
data->type, data->mode, data);
|
|
switch (data->type) {
|
|
case QSEECOM_LISTENER_SERVICE:
|
|
--
|
|
cgit v1.1
|
|
|