Gitiles
Code Review Sign In
review.blissroms.org / platform_hardware_qcom_display-sm8150-caf / 92896b8622438b2a5b2353f7e5b4eb667ddfa936^! / . / libgralloc / alloc_controller.cpp
commit92896b8622438b2a5b2353f7e5b4eb667ddfa936[log] [tgz]
authorPrabhanjan Kandula <pkandula@codeaurora.org>Tue May 07 19:58:24 2013 +0530
committerGerrit - the friendly Code Review server <code-review@localhost>Wed May 22 22:21:33 2013 -0700
treea6d4a489de1b9600200454d11ea438d38d7e2b5b
parent082f0553c06e7ce07c51d27c3977de16dbd05595 [diff] [blame]
libgralloc: Fix secure buffer issues.

-- Though buffer usage is not marked with any Heap, if usage flags
set with GRALLOC_USAGE_PROTECTED allocate from IOMMU heap.
-- Allow using  GRALLOC_USAGE_PROTECTED for non tz level protection.

Change-Id: Ie3c8bd8821f4ab344a2b798a723ab65d4ef5b44e
CRs-fixed: 484838
CRs-fixed: 480493

diff --git a/libgralloc/alloc_controller.cpp b/libgralloc/alloc_controller.cpp
index 677bb4e..bcae381 100644
--- a/libgralloc/alloc_controller.cpp
+++ b/libgralloc/alloc_controller.cpp

@@ -182,6 +182,12 @@
 IonController::IonController()
 {
     mIonAlloc = new IonAlloc();
+    mUseTZProtection = false;
+    char property[PROPERTY_VALUE_MAX];
+    if ((property_get("persist.gralloc.cp.level3", property, NULL) <= 0) ||
+                            (atoi(property) != 1)) {
+        mUseTZProtection = true;
+    }
 }
 
 int IonController::allocate(alloc_data& data, int usage)
@@ -201,26 +207,28 @@
     if(usage & GRALLOC_USAGE_PRIVATE_IOMMU_HEAP)
         ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
 
-    //MM Heap is exclusively a secure heap.
-    if(usage & GRALLOC_USAGE_PRIVATE_MM_HEAP) {
-        //XXX: Right now the MM heap is the only secure heap we have. When we
-        //have other secure heaps, we can change this.
-        if(usage & GRALLOC_USAGE_PROTECTED) {
+    if(usage & GRALLOC_USAGE_PROTECTED) {
+        if ((mUseTZProtection) && (usage & GRALLOC_USAGE_PRIVATE_MM_HEAP)) {
             ionFlags |= ION_HEAP(ION_CP_MM_HEAP_ID);
             ionFlags |= ION_SECURE;
-        }
-        else {
-            ALOGW("GRALLOC_USAGE_PRIVATE_MM_HEAP \
-                  cannot be used as an insecure heap!\
-                  trying to use IOMMU instead !!");
+        } else {
+            // for targets/OEMs which do not need HW level protection
+            // do not set ion secure flag & MM heap. Fallback to IOMMU heap.
             ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
         }
+    } else if(usage & GRALLOC_USAGE_PRIVATE_MM_HEAP) {
+        //MM Heap is exclusively a secure heap.
+        //If it is used for non secure cases, fallback to IOMMU heap
+        ALOGW("GRALLOC_USAGE_PRIVATE_MM_HEAP \
+                                cannot be used as an insecure heap!\
+                                trying to use IOMMU instead !!");
+        ionFlags |= ION_HEAP(ION_IOMMU_HEAP_ID);
     }
 
     if(usage & GRALLOC_USAGE_PRIVATE_ADSP_HEAP)
         ionFlags |= ION_HEAP(ION_ADSP_HEAP_ID);
 
-    if(usage & GRALLOC_USAGE_PROTECTED)
+    if(ionFlags & ION_SECURE)
          data.allocType |= private_handle_t::PRIV_FLAGS_SECURE_BUFFER;
 
     // if no flags are set, default to