linux/drivers/android
Todd Kjos 5e57d171e2 binder: don't detect sender/target during buffer cleanup
commit 32e9f56a96 upstream.

When freeing txn buffers, binder_transaction_buffer_release()
attempts to detect whether the current context is the target by
comparing current->group_leader to proc->tsk. This is an unreliable
test. Instead explicitly pass an 'is_failure' boolean.

Detecting the sender was being used as a way to tell if the
transaction failed to be sent.  When cleaning up after
failing to send a transaction, there is no need to close
the fds associated with a BINDER_TYPE_FDA object. Now
'is_failure' can be used to accurately detect this case.

Fixes: 44d8047f1d ("binder: use standard functions to allocate fds")
Cc: stable <stable@vger.kernel.org>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Todd Kjos <tkjos@google.com>
Link: https://lore.kernel.org/r/20211015233811.3532235-1-tkjos@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-11-12 15:05:49 +01:00
..
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
binder.c binder: don't detect sender/target during buffer cleanup 2021-11-12 15:05:49 +01:00
binder_alloc.c binder: tell userspace to dump current backtrace when detected oneway spamming 2021-04-10 10:52:04 +02:00
binder_alloc.h binder: tell userspace to dump current backtrace when detected oneway spamming 2021-04-10 10:52:04 +02:00
binder_alloc_selftest.c binder: print warnings when detecting oneway spamming. 2020-09-03 18:24:41 +02:00
binder_internal.h binder: use euid from cred instead of using task 2021-11-12 15:05:48 +01:00
binder_trace.h binder: add trace at free transaction. 2020-11-11 08:20:44 +01:00
binderfs.c binderfs: add support for feature files 2021-07-21 13:46:36 +02:00