bughz/anbox-modules
1
0
Fork 0
mirror of https://github.com/choff/anbox-modules.git synced 2025-04-12 23:33:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix for kernel 6.14+

Browse Source
This commit is contained in:
llyyr 2025-03-05 05:27:59 +05:30
parent d2f89a2b8a
commit 10c115cdde
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
binder/binder.c
View File

@ -2869,8 +2869,12 @@ static void binder_transaction(struct binder_proc *proc,
binder_size_t last_fixup_min_off = 0;
struct binder_context *context = proc->context;
int t_debug_id = atomic_inc_return(&binder_last_id);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
struct lsm_context lsmctx = {};
#else
char *secctx = NULL;
u32 secctx_sz = 0;
#endif
e = binder_transaction_log_add(&binder_transaction_log);
e->debug_id = t_debug_id;
@ -3135,14 +3139,23 @@ static void binder_transaction(struct binder_proc *proc,
#else
security_task_getsecid(proc->tsk, &secid);
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
ret = security_secid_to_secctx(secid, &lsmctx);
if (ret < 0) {
#else
ret = security_secid_to_secctx(secid, &secctx, &secctx_sz);
if (ret) {
#endif
return_error = BR_FAILED_REPLY;
return_error_param = ret;
return_error_line = __LINE__;
goto err_get_secctx_failed;
}
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
added_size = ALIGN(lsmctx.len, sizeof(u64));
#else
added_size = ALIGN(secctx_sz, sizeof(u64));
#endif
extra_buffers_size += added_size;
if (extra_buffers_size < added_size) {
/* integer overflow of extra_buffers_size */
@ -3169,23 +3182,40 @@ static void binder_transaction(struct binder_proc *proc,
t->buffer = NULL;
goto err_binder_alloc_buf_failed;
}
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
if (lsmctx.context) {
#else
if (secctx) {
#endif
int err;
size_t buf_offset = ALIGN(tr->data_size, sizeof(void *)) +
ALIGN(tr->offsets_size, sizeof(void *)) +
ALIGN(extra_buffers_size, sizeof(void *)) -
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
ALIGN(lsmctx.len, sizeof(u64));
#else
ALIGN(secctx_sz, sizeof(u64));
#endif
t->security_ctx = (uintptr_t)t->buffer->user_data + buf_offset;
err = binder_alloc_copy_to_buffer(&target_proc->alloc,
t->buffer, buf_offset,
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
lsmctx.context, lsmctx.len);
#else
secctx, secctx_sz);
#endif
if (err) {
t->security_ctx = 0;
WARN_ON(1);
}
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
security_release_secctx(&lsmctx);
lsmctx.context = NULL;
#else
security_release_secctx(secctx, secctx_sz);
secctx = NULL;
#endif
}
t->buffer->debug_id = t->debug_id;
t->buffer->transaction = t;
@ -3242,7 +3272,11 @@ static void binder_transaction(struct binder_proc *proc,
off_end_offset = off_start_offset + tr->offsets_size;
sg_buf_offset = ALIGN(off_end_offset, sizeof(void *));
sg_buf_end_offset = sg_buf_offset + extra_buffers_size -
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
ALIGN(lsmctx.len, sizeof(u64));
#else
ALIGN(secctx_sz, sizeof(u64));
#endif
off_min = 0;
for (buffer_offset = off_start_offset; buffer_offset < off_end_offset;
buffer_offset += sizeof(binder_size_t)) {
@ -3518,8 +3552,13 @@ err_copy_data_failed:
binder_alloc_free_buf(&target_proc->alloc, t->buffer);
err_binder_alloc_buf_failed:
err_bad_extra_size:
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 14, 0)
if (lsmctx.context)
security_release_secctx(&lsmctx);
#else
if (secctx)
security_release_secctx(secctx, secctx_sz);
#endif
err_get_secctx_failed:
kfree(tcomplete);
binder_stats_deleted(BINDER_STAT_TRANSACTION_COMPLETE);