From bf8c6549e125711b8a57e7c7457e27c8f952a1b6 Mon Sep 17 00:00:00 2001
From: Stuart Scott <stuartscott@google.com>
Date: Mon, 7 May 2018 12:23:38 -0700
Subject: [PATCH] Revert "ion: ensure CMO target is valid"

This reverts commit 68c7d675b252c84411b2fdec9e582cc9eb56d2da.

Bug: 72957321
Bug: 79219092
Change-Id: I90185fe30d3d39ce42df0d8a063d87b3ad827815
Signed-off-by: Stuart Scott <stuartscott@google.com>
---
 drivers/staging/android/ion/ion.c         |  5 -----
 drivers/staging/android/ion/msm/msm_ion.c | 12 ++++++------
 2 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/drivers/staging/android/ion/ion.c b/drivers/staging/android/ion/ion.c
index fd8ba5b18908..1077d2b58bb1 100644
--- a/drivers/staging/android/ion/ion.c
+++ b/drivers/staging/android/ion/ion.c
@@ -1526,11 +1526,6 @@ static int ion_sync_for_device(struct ion_client *client, int fd)
 	}
 	buffer = dmabuf->priv;
 
-	if (get_secure_vmid(buffer->flags) > 0) {
-		pr_err("%s: cannot sync a secure dmabuf\n", __func__);
-		dma_buf_put(dmabuf);
-		return -EINVAL;
-	}
 	dma_sync_sg_for_device(NULL, buffer->sg_table->sgl,
 			       buffer->sg_table->nents, DMA_BIDIRECTIONAL);
 	dma_buf_put(dmabuf);
diff --git a/drivers/staging/android/ion/msm/msm_ion.c b/drivers/staging/android/ion/msm/msm_ion.c
index 5baab39489ee..46262869ac20 100644
--- a/drivers/staging/android/ion/msm/msm_ion.c
+++ b/drivers/staging/android/ion/msm/msm_ion.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2011-2016, The Linux Foundation. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 and
@@ -356,7 +356,7 @@ int ion_do_cache_op(struct ion_client *client, struct ion_handle *handle,
 	if (!ION_IS_CACHED(flags))
 		return 0;
 
-	if (get_secure_vmid(flags) > 0)
+	if (flags & ION_FLAG_SECURE)
 		return 0;
 
 	table = ion_sg_table(client, handle);
@@ -742,11 +742,11 @@ long msm_ion_custom_ioctl(struct ion_client *client,
 
 		down_read(&mm->mmap_sem);
 
-		start = (unsigned long)data.flush_data.vaddr +
-			data.flush_data.offset;
-		end = start + data.flush_data.length;
+		start = (unsigned long) data.flush_data.vaddr;
+		end = (unsigned long) data.flush_data.vaddr
+			+ data.flush_data.length;
 
-		if (check_vaddr_bounds(start, end)) {
+		if (start && check_vaddr_bounds(start, end)) {
 			pr_err("%s: virtual address %pK is out of bounds\n",
 			       __func__, data.flush_data.vaddr);
 			ret = -EINVAL;
-- 
GitLab