LinuxLists.cc - Re: [PATCH] binder: fix proc->files use-after-free

2017-11-16 23:52:39

Subject: Re: [PATCH] binder: fix proc->files use-after-free

> @@ -875,22 +871,34 @@ static void binder_free_thread(struct binder_thread *thread);
> static void binder_free_proc(struct binder_proc *proc);
> static void binder_inc_node_tmpref_ilocked(struct binder_node *node);
>
> +struct files_struct *binder_get_files_struct(struct binder_proc *proc)

This should be declared static:
static struct files_struct *binder_get_files_struct(struct binder_proc *proc)

Greg- should I send a "v2" for this?

> +{
> + return get_files_struct(proc->tsk);
> +}
> +

From 1584246545423727391@xxx Thu Nov 16 18:00:41 +0000 2017
X-GM-THRID: 1584096400353009036
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread

2017-11-16 18:00:41

by Greg Kroah-Hartman

[permalink] [raw]

Subject: Re: [PATCH] binder: fix proc->files use-after-free

On Thu, Nov 16, 2017 at 09:48:13AM -0800, Todd Kjos wrote:
> > @@ -875,22 +871,34 @@ static void binder_free_thread(struct binder_thread *thread);
> > static void binder_free_proc(struct binder_proc *proc);
> > static void binder_inc_node_tmpref_ilocked(struct binder_node *node);
> >
> > +struct files_struct *binder_get_files_struct(struct binder_proc *proc)
>
> This should be declared static:
> static struct files_struct *binder_get_files_struct(struct binder_proc *proc)
>
> Greg- should I send a "v2" for this?

Please do, I can't do anything with these until after 4.15-rc1 is out,
so you have time to do it :)

thanks,

greg k-h

From 1584096400353009036@xxx Wed Nov 15 02:14:11 +0000 2017
X-GM-THRID: 1584096400353009036
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread