SODP 2020-02-05 Security state

Reference: 2020-02-01 Google Bulletin

Kernel

ANDROID: binder: synchronize_rcu() when using POLLFREE
android.googlesource.com/kernel/common/+/5eeb2ca0
Already merged in 4.9
Already merged in 4.14

coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
android.googlesource.com/kernel/common/+/04f586
Already merged in 4.9
Already merged in 4.14

ANDROID: fix binder change in merge of 4.9.188
android.googlesource.com/kernel/common/+/3378ce
Fixed for 4.9 via 232r1-security-2020-02-05-binder
Does not affect 4.14

CAF Kernel

msm: camera: isp: use correct number of entries
source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=a2198a
Already merged in 4.9
Already merged in 4.14 (copypasted from 4.9)

ion: Ensure non-HLOS memory cannot be mapped by CPU
source.codeaurora.org/quic/la/kernel/msm-4.14/commit/?id=311420
Already merged in 4.9
Already merged in 4.14

diag: Mark Buffer as NULL after freeing
source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=c0cb07
Already merged in 4.9
Already merged in 4.14

ASoC: bolero: check for port validation before configuration
source.codeaurora.org/quic/la/platform/vendor/opensource/audio-kernel/commit/?id=bab05c
Not affected, we don’t have or even ship the bolero codec

msm: kgsl: Verify the offset of the profiling buffer
source.codeaurora.org/quic/la/kernel/msm-4.14/commit/?id=fb37ff
Fixed for 4.9 via 232r1-security-caf
Already merged in 4.14 via “Fast forward Adreno driver to LA.UM.8.1.r1-11600-sm8150.0”

msm: kgsl: Use a bitmap allocator for global addressing
source.codeaurora.org/quic/la/kernel/msm-4.14/commit/?id=a8acbcb0
Fixed for 4.9 via 232r1-security-caf
Already merged in 4.14 via “Fast forward Adreno driver to LA.UM.8.1.r1-11600-sm8150.0”

msm: kgsl: Execute user profiling commands in an IB
source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=1aa9c6
Fixed for 4.9 via 232r1-security-caf
Already merged in 4.14 via “Fast forward Adreno driver to LA.UM.8.1.r1-11600-sm8150.0”

msm: camera: icp: Fix out of bound access issue in ICP
source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=9c3d81
Already merged in 4.9
Already merged in 4.14

Framework and System

Patched via sync of latest AOSP sources.

Published by Felix on 8 Feb, 2020

Edit source on Github