From 8148a162755bf5500a07cf41a65a02c8f3eb0af9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dhiego=20Cassiano=20Foga=C3=A7a=20Barbosa?= Date: Tue, 23 Nov 2021 17:49:24 -0300 Subject: [PATCH] sync with android binder.c --- binder/binder.c | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/binder/binder.c b/binder/binder.c index 0056b73..1b97cfc 100644 --- a/binder/binder.c +++ b/binder/binder.c @@ -420,6 +420,9 @@ enum binder_deferred_state { * (invariant after initialized) * @tsk task_struct for group_leader of process * (invariant after initialized) + * @cred struct cred associated with the `struct file` + * in binder_open() + * (invariant after initialized) * @deferred_work_node: element for binder_deferred_list * (protected by binder_deferred_lock) * @deferred_work: bitmap of deferred work to perform @@ -465,9 +468,15 @@ struct binder_proc { struct list_head waiting_threads; int pid; struct task_struct *tsk; + const struct cred *cred; struct hlist_node deferred_work_node; int deferred_work; + int outstanding_txns; bool is_dead; + bool is_frozen; + bool sync_recv; + bool async_recv; + wait_queue_head_t freeze_wait; struct list_head todo; struct binder_stats stats; @@ -483,6 +492,7 @@ struct binder_proc { spinlock_t inner_lock; spinlock_t outer_lock; struct dentry *binderfs_entry; + bool oneway_spam_detection_enabled; }; enum { @@ -2436,7 +2446,7 @@ static int binder_translate_binder(struct flat_binder_object *fp, goto done; } #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,2)) - if (security_binder_transfer_binder(proc->tsk->real_cred, target_proc->tsk->real_cred)) { + if (security_binder_transfer_binder(proc->cred, target_proc->cred)) { #else if (security_binder_transfer_binder(proc->tsk, target_proc->tsk)) { #endif @@ -2486,7 +2496,7 @@ static int binder_translate_handle(struct flat_binder_object *fp, return -EINVAL; } #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,2)) - if (security_binder_transfer_binder(proc->tsk->real_cred, target_proc->tsk->real_cred)) { + if (security_binder_transfer_binder(proc->cred, target_proc->cred)) { #else if (security_binder_transfer_binder(proc->tsk, target_proc->tsk)) { #endif @@ -2578,7 +2588,7 @@ static int binder_translate_fd(u32 fd, binder_size_t fd_offset, goto err_fget; } #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,2)) - ret = security_binder_transfer_file(proc->tsk->real_cred, target_proc->tsk->real_cred, file); + ret = security_binder_transfer_file(proc->cred, target_proc->cred, file); #else ret = security_binder_transfer_file(proc->tsk, target_proc->tsk, file); #endif @@ -2980,8 +2990,8 @@ static void binder_transaction(struct binder_proc *proc, goto err_invalid_target_handle; } #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,2)) - if (security_binder_transaction(proc->tsk->real_cred, - target_proc->tsk->real_cred) < 0) { + if (security_binder_transaction(proc->cred, + target_proc->cred) < 0) { #else if (security_binder_transaction(proc->tsk, target_proc->tsk) < 0) { @@ -4928,7 +4938,7 @@ static int binder_ioctl_set_ctx_mgr(struct file *filp, goto out; } #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,2)) - ret = security_binder_set_context_mgr(proc->tsk->real_cred); + ret = security_binder_set_context_mgr(proc->cred); #else ret = security_binder_set_context_mgr(proc->tsk); #endif @@ -5238,6 +5248,7 @@ static int binder_open(struct inode *nodp, struct file *filp) spin_lock_init(&proc->outer_lock); get_task_struct(current->group_leader); proc->tsk = current->group_leader; + proc->cred = get_cred(filp->f_cred); INIT_LIST_HEAD(&proc->todo); proc->default_priority = task_nice(current); /* binderfs stashes devices in i_private */