Re: [PATCH RESEND] android: binder: Sanity check at binder ioctl
From: Greg KH
Date: Tue Jan 19 2016 - 03:35:21 EST
On Tue, Jan 19, 2016 at 03:49:27PM +0800, chenfeng wrote:
>
>
> On 2016/1/19 15:33, Greg KH wrote:
> > On Tue, Jan 19, 2016 at 11:45:36AM +0800, Chen Feng wrote:
> >> When a process fork a child process, we should not allow the
> >> child process use the binder which opened by parent process.
> >>
> >> But if the binder-object creater is a thread of one process who exit,
> >> the other thread can also use this binder-object normally.
> >> We can distinguish this by the member proc->tsk->mm.
> >> If the thread exit the tsk->mm will be NULL.
> >>
> >> proc->tsk->mm != current->mm && proc->tsk->mm
> >>
> >> So only allow the shared mm_struct to use the same binder-object and
> >> check the existence of mm_struct.
> >>
> >> Signed-off-by: Chen Feng <puck.chen@xxxxxxxxxxxxx>
> >> Signed-off-by: Wei Dong <weidong2@xxxxxxxxxxxxx>
> >> Signed-off-by: Junmin Zhao <zhaojunmin@xxxxxxxxxx>
> >> Reviewed-by: Zhuangluan Su <suzhuangluan@xxxxxxxxxxxxx>
> >> ---
> >> drivers/android/binder.c | 2 ++
> >> 1 file changed, 2 insertions(+)
> >
> > Why resend? What changed from the previous version?
> >
> My fault, it's my error commit.
> mistake the current->mm with current->tsk->mm.
> The robot-compile finds out this error.
Then please make it a 'v2' patch, and say what you changed, otherwise
I'll assume it's identical to the first patch you sent in.
And how did you test the first patch if it couldn't even compile?
greg k-h