libgralloc: Fix secure buffer issues.
-- Though buffer usage is not marked with any Heap, if usage flags set with GRALLOC_USAGE_PROTECTED allocate from IOMMU heap. -- Allow using GRALLOC_USAGE_PROTECTED for non tz level protection. Change-Id: Ie3c8bd8821f4ab344a2b798a723ab65d4ef5b44e CRs-fixed: 484838 CRs-fixed: 480493
This commit is contained in:
Prabhanjan Kandula
committed by
Gerrit - the friendly Code Review server
Gerrit - the friendly Code Review server
parent
082f0553c0
commit
92896b8622
@@ -182,6 +182,12 @@ IAllocController* IAllocController::getInstance(void)
|
||||
IonController::IonController()
|
||||
{
|
||||
mIonAlloc = new IonAlloc();
|
||||
mUseTZProtection = false;
|
||||
char property[PROPERTY_VALUE_MAX];
|
||||
if ((property_get("persist.gralloc.cp.level3", property, NULL) <= 0) ||
|
||||
(atoi(property) != 1)) {
|
||||
mUseTZProtection = true;
|
||||
}
|
||||
}
|
||||
|
||||
int IonController::allocate(alloc_data& data, int usage)
|
||||
@@ -201,26 +207,28 @@ int IonController::allocate(alloc_data& data, int usage)
|
||||
if(usage & GRALLOC_USAGE_PRIVATE_IOMMU_HEAP)
|
||||
ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
|
||||
|
||||
//MM Heap is exclusively a secure heap.
|
||||
if(usage & GRALLOC_USAGE_PRIVATE_MM_HEAP) {
|
||||
//XXX: Right now the MM heap is the only secure heap we have. When we
|
||||
//have other secure heaps, we can change this.
|
||||
if(usage & GRALLOC_USAGE_PROTECTED) {
|
||||
if(usage & GRALLOC_USAGE_PROTECTED) {
|
||||
if ((mUseTZProtection) && (usage & GRALLOC_USAGE_PRIVATE_MM_HEAP)) {
|
||||
ionFlags |= ION_HEAP(ION_CP_MM_HEAP_ID);
|
||||
ionFlags |= ION_SECURE;
|
||||
}
|
||||
else {
|
||||
ALOGW("GRALLOC_USAGE_PRIVATE_MM_HEAP \
|
||||
cannot be used as an insecure heap!\
|
||||
trying to use IOMMU instead !!");
|
||||
} else {
|
||||
// for targets/OEMs which do not need HW level protection
|
||||
// do not set ion secure flag & MM heap. Fallback to IOMMU heap.
|
||||
ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
|
||||
}
|
||||
} else if(usage & GRALLOC_USAGE_PRIVATE_MM_HEAP) {
|
||||
//MM Heap is exclusively a secure heap.
|
||||
//If it is used for non secure cases, fallback to IOMMU heap
|
||||
ALOGW("GRALLOC_USAGE_PRIVATE_MM_HEAP \
|
||||
cannot be used as an insecure heap!\
|
||||
trying to use IOMMU instead !!");
|
||||
ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
|
||||
}
|
||||
|
||||
if(usage & GRALLOC_USAGE_PRIVATE_ADSP_HEAP)
|
||||
ionFlags |= ION_HEAP(ION_ADSP_HEAP_ID);
|
||||
|
||||
if(usage & GRALLOC_USAGE_PROTECTED)
|
||||
if(ionFlags & ION_SECURE)
|
||||
data.allocType |= private_handle_t::PRIV_FLAGS_SECURE_BUFFER;
|
||||
|
||||
// if no flags are set, default to
|
||||
|
||||
Reference in New Issue
Block a user