binder: use euid from cred instead of using task
Save the 'struct cred' associated with a binder process at initial open to avoid potential race conditions when converting to an euid. Set a transaction's sender_euid from the 'struct cred' saved at binder_open() instead of looking up the euid from the binder proc's 'struct task'. This ensures the euid is associated with the security context that of the task that opened binder. Cc: stable@vger.kernel.org # 4.4+ Fixes: 457b9a6f ("Staging: android: add binder driver") Signed-off-by:Todd Kjos <tkjos@google.com> Suggested-by:
Stephen Smalley <stephen.smalley.work@gmail.com> Suggested-by:
Jann Horn <jannh@google.com> Acked-by:
Casey Schaufler <casey@schaufler-ca.com> Signed-off-by:
Paul Moore <paul@paul-moore.com>
Loading
-
mentioned in commit de6e4371
-
mentioned in commit d4929773
-
mentioned in commit 48dde38f
-
mentioned in commit 571bdfd6
-
mentioned in commit 5af09c80
-
mentioned in commit 10b22835
-
mentioned in commit b509b2d4
-
mentioned in commit 876c4823
-
mentioned in commit 18b5683a
-
mentioned in commit 5d3d2bcf
-
mentioned in commit 4be78b10
Please sign in to comment