scm_call2 is printing the input arguments if TZ ret value is < 0
leading to information leak. Remove printing input arguments.
Change-Id: I21dd6d83fa979aed2c79ebb2c9c8de63a247dded
CRs-Fixed: 1076407
Signed-off-by: Swetha Chikkaboraiah <schikk@codeaurora.org>
Signed-off-by: Paresh Purabhiya <ppurab@codeaurora.org>
Signed-off-by: Runmin Wang <runminw@codeaurora.org>
There is a double fetch problem in audit_log_single_execve_arg()
where we first check the execve(2) argumnets for any "bad" characters
which would require hex encoding and then re-fetch the arguments for
logging in the audit record[1]. Of course this leaves a window of
opportunity for an unsavory application to munge with the data.
This patch reworks things by only fetching the argument data once[2]
into a buffer where it is scanned and logged into the audit
records(s). In addition to fixing the double fetch, this patch
improves on the original code in a few other ways: better handling
of large arguments which require encoding, stricter record length
checking, and some performance improvements (completely unverified,
but we got rid of some strlen() calls, that's got to be a good
thing).
As part of the development of this patch, I've also created a basic
regression test for the audit-testsuite, the test can be tracked on
GitHub at the following link:
* https://github.com/linux-audit/audit-testsuite/issues/25
[1] If you pay careful attention, there is actually a triple fetch
problem due to a strnlen_user() call at the top of the function.
[2] This is a tiny white lie, we do make a call to strnlen_user()
prior to fetching the argument data. I don't like it, but due to the
way the audit record is structured we really have no choice unless we
copy the entire argument at once (which would require a rather
wasteful allocation). The good news is that with this patch the
kernel no longer relies on this strnlen_user() value for anything
beyond recording it in the log, we also update it with a trustworthy
value whenever possible.
Reported-by: Pengfei Wang <wpengfeinudt@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Change-Id: Ie9848961d236739df5014474f2c2a781af9fb811
Git-repo: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git
Git-commit: 43761473c254b45883a64441dd0bc85a42f3645c
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
Add thermal properties to enable kernel thermal monitoring and
mitigations like hotplug, thermal reset, vdd restriction, etc.
for msmfalcon. Add mitigation profiles for each physical CPU which
has information like sensor to monitor and various mitigation types
to enable for msmfalcon.
Change-Id: I36ca125143cf9929fb0bd781990bdd8ab1dbeebf
Signed-off-by: Manaf Meethalavalappu Pallikunhi <manafm@codeaurora.org>
Add thermal sensor related information, which provides information
such as alias, type and scaling factor to Kernel Thermal Monitor(KTM).
The KTM exposes these sensor information via sysfs to thermal-engine.
Change-Id: Ie564c181db61f6229479a49917cdb9e6c1887fc5
Signed-off-by: Manaf Meethalavalappu Pallikunhi <manafm@codeaurora.org>
Add checks of the user input count to avoid possible heap overflow
Signed-off-by: Min Chong <mchong@google.com>
Bug: 30937462
Git-repo: https://android.googlesource.com/kernel/msm.git
Git-commit: a6accafb252a76256f11c83e28c556c8ca4b8e1f
Change-Id: I6fc8323cbcf395a2c24e49e65cc7012709d031a2
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
