changed, 1 insertion(+), 1 deletion(-)
This looks okay to me. I assume this is going in via GregKH's tree?
Acked-by: Paul Moore
> diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> index 49fb74196d02..cffbe57a8e08 100644
> --- a/drivers/android/binder.c
>
not certain how widespread binder is outside of
Android so I figured the practical difference between next and
stable-5.15 is likely very small. Regardless, all of your Fixes and
stable tags remain in the patches so as soon as they go up to Linus
during the next merge window the stable
On Tue, Oct 12, 2021 at 5:41 AM Dan Carpenter wrote:
>
> On Mon, Oct 11, 2021 at 02:59:13PM -0700, Casey Schaufler wrote:
> > On 10/11/2021 2:33 PM, Paul Moore wrote:
> > > On Wed, Oct 6, 2021 at 8:46 PM Todd Kjos wrote:
> > >> Use the 'struct cred'
On Mon, Oct 11, 2021 at 5:59 PM Casey Schaufler wrote:
> On 10/11/2021 2:33 PM, Paul Moore wrote:
> > On Wed, Oct 6, 2021 at 8:46 PM Todd Kjos wrote:
> >> Use the 'struct cred' saved at binder_open() to lookup
> >> the security ID via security_cred_getsecid()
On Fri, Oct 8, 2021 at 5:24 PM Todd Kjos wrote:
>
> On Fri, Oct 8, 2021 at 2:12 PM Paul Moore wrote:
> >
> > On Wed, Oct 6, 2021 at 8:46 PM Todd Kjos wrote:
> > >
> > > Set a transaction's sender_euid from the 'struct cred'
> > > save
On Fri, Oct 8, 2021 at 5:25 PM Casey Schaufler wrote:
>
> On 10/8/2021 2:12 PM, Paul Moore wrote:
> > On Wed, Oct 6, 2021 at 8:46 PM Todd Kjos wrote:
> >> Set a transaction's sender_euid from the 'struct cred'
> >> saved at binder_open() instead of lo
ic inline void security_cred_getsecid(const struct cred *c, u32 *secid)
> +{
> +}
Since security_cred_getsecid() doesn't return an error code we should
probably set the secid to 0 in this case, for example:
static inline void security_cred_getsecid(...)
{
*secid = 0;
}
--
paul moore
www.paul-moore.com
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
> - t->sender_euid = task_euid(proc->tsk);
> + t->sender_euid = proc->cred->euid;
> t->to_proc = target_proc;
> t->to_thread = target_thread;
> t->code = tr->code;
> --
> 2.33.0.800.g4c38ced690-goog
--
paul m
; > without
> > > > > > needing to have any access to the underlying file.
> > > > >
> > > > > A mechanism sufficiently entrenched.
> > > >
> > > > It's not just "entrenched", it is a fundamental requiremen
binder and implement the
> > hooks for SELinux.")
> > Signed-off-by: Todd Kjos
> > Cc: sta...@vger.kernel.org # 5.14+ (need backport for earlier stables)
> > ---
> > v2: updated comments as suggested by Paul Moore
> >
> > drivers/android/binder.c
On Fri, Oct 1, 2021 at 10:38 AM Paul Moore wrote:
> On Thu, Sep 30, 2021 at 10:45 PM Todd Kjos wrote:
> >
> > Save the struct cred associated with a binder process
> > at initial open to avoid potential race conditions
> > when converting to a security ID.
> >
bjective
> -* creds/SID of another task, this function will make it easier to
> -* identify the various places where we make use of the task SIDs in
> -* the binder code. It is also likely that we will need to adjust
> -* the main drivers/android binder code as well.
> -*/
> - return task_sid_obj(task);
> -}
--
paul moore
www.paul-moore.com
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
was a bit quicker than you and I think I managed to fix the test
> > myself :)
> >
> > See:
> > https://github.com/SELinuxProject/selinux-testsuite/pull/50/commits/b559c3f54eae6130cb9e79c295b0f94db26e09e4
>
> Looks good. Thanks!
I'm getting clean runs on
On Wed, Mar 20, 2019 at 7:26 PM Todd Kjos wrote:
> I can send you a patch tomorrow (I won't be able to test it though).
I may not know much about binder, but I do know how to run the test suite :)
Thanks Todd.
> On Wed, Mar 20, 2019 at 4:23 PM Paul Moore wrote:
> >
> >
at might explain why the test used to work, but now fails - a
different compiler (I rebuild the test before each test run).
Keeping in mind I'm really quite ignorant when it comes to binder, how
would you suggest fixing the test?
--
paul moore
www.paul-moore.com
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
On Wed, Mar 20, 2019 at 11:54 AM Todd Kjos wrote:
> So, then it sounds like the test is not running properly ...
Yes, the test is almost surely broken to some extent, although the
kernel hitting the BUG_ON() was clearly a bug too :)
> Can I add a "Tested-by: Paul Moore &q
98c678c2d6a Linux 5.1-rc1
> > ...
> > 26528be6720bb binder: fix handling of misaligned binder object
> > bde4a19fc04f5 binder: use userspace pointer as base of buffer space
> > c41358a5f5217 binder: remove user_buffer_offset
> > db6b0b810bf94 binder: avoid kernel vm_area for buffer
On Tue, Mar 19, 2019 at 6:16 PM Todd Kjos wrote:
> On Tue, Mar 19, 2019 at 3:08 PM Paul Moore wrote:
> >
> > On Tue, Mar 19, 2019 at 3:33 PM Paul Moore wrote:
> > > On Tue, Mar 19, 2019 at 12:51 PM Todd Kjos wrote:
> > > > Paul,
> > > >
> >
On Tue, Mar 19, 2019 at 3:33 PM Paul Moore wrote:
> On Tue, Mar 19, 2019 at 12:51 PM Todd Kjos wrote:
> > Paul,
> >
> > I think this patch will fix it... can you run the selinux-testsuite
> > with the patch to verify? (the conditional assumed that size_t can go
> &
izeof(*hdr) ||
> + !IS_ALIGNED(offset, sizeof(u32)))
> return 0;
> binder_alloc_copy_from_buffer(&proc->alloc, object, buffer,
> offset, read_size);
>
> On Mon, Mar 18, 2019 at 4:02 PM Paul Moore wrote:
On Mon, Mar 18, 2019 at 6:51 PM Todd Kjos wrote:
> On Mon, Mar 18, 2019 at 2:31 PM Paul Moore wrote:
> > Hello all.
> >
> > When running the selinux-testsuite (link below) against v5.1-rc1 I hit
> > the BUG_ON() at the top of binder_alloc_do_buffer_copy() (trace
> &
ulni_intel joydev
virtio_balloon i2c_piix4 drm_kms_helper virtio_net net_failover
failover ttm drm mlx5_core crc32c_intel virtio_blk ata_generic
virtio_console mlxfw serio_raw pata_acpi qemu_fw_cfg [last unloaded:
arp_tables]
[ 823.339786] ---[ end trace 6f761f654b297775 ]---
--
paul moore
w
t. However,
>> that's a relatively small thing to worry about.
--
paul moore
www.paul-moore.com
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
esent the times.
> The log strings can handle this transition as strings can
> hold upto 1024 characters.
>
> Signed-off-by: Deepa Dinamani
> Reviewed-by: Arnd Bergmann
> Acked-by: Paul Moore
> Acked-by: Richard Guy Briggs
> ---
> include/linux/audit.h | 4 ++--
> ke
24 matches
Mail list logo
