Originally Posted by espenfjo
Samsung has released the kernel sources with their approach, i9300 update 7.
It is basically this:
Their approach is very similar to AndreiLuxs, but they have also patched the other attack vectors such as s3c-mem, fimg/fimc.
Verified that the original exynos-abuse indeed does not work with this approach.
That commit contains way too much, some are CMA stuff unrelated to the security fix.
I extracted the fixes properly and they're in my repo, check it out. And yes the secmem patch is also needed (s5p-smem, also fixed that back in December but we kept it undisclosed, although my commit was public). https://github.com/AndreiLux/Perseus-S3
I'm having some inconsistency on their fimc checks though with video decoding on higher resolutions causing size accesses to exceed the cma limits on the MFC block on some frames. I #if 0'ed that part until I find out what causes it. So watch out with that.