android/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
143ac63130
android_kernel_xiaomi_sm8450/security
History
Todd Kjos 3af7a2f610 BACKPORT: binder: use cred instead of task for selinux checks 
Since binder was integrated with selinux, it has passed
'struct task_struct' associated with the binder_proc
to represent the source and target of transactions.
The conversion of task to SID was then done in the hook
implementations. It turns out that there are race conditions
which can result in an incorrect security context being used.

Fix by using the 'struct cred' saved during binder_open and pass
it to the selinux subsystem.

Cc: stable@vger.kernel.org # 5.14 (need backport for earlier stables)
Fixes: 79af73079d ("Add security hooks to binder and implement the hooks for SELinux.")
Suggested-by: Jann Horn <jannh@google.com>
Signed-off-by: Todd Kjos <tkjos@google.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Bug: 200688826
(cherry picked from commit 52f88693378a58094c538662ba652aff0253c4fe)
[ refactored to avoid changing KMI: struct binder_proc ]
Change-Id: I1664c1f0c2142c17e9ca0d6790bb94de79f531e3
2021-11-11 19:18:33 +00:00
..
apparmor treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
bpf bpf: Implement bpf_local_storage for inodes 2020-08-25 15:00:04 -07:00
integrity This is the 5.10.65 stable release 2021-09-15 14:16:47 +02:00
keys KEYS: trusted: Fix memory leak on object td 2021-05-19 10:12:50 +02:00
loadpin LSM: Add "contents" flag to kernel_read_file hook 2020-10-05 13:37:03 +02:00
lockdown This is the 5.10.59 stable release 2021-08-15 14:16:00 +02:00
safesetid LSM: SafeSetID: Fix warnings reported by test bot 2020-10-13 09:17:36 -07:00
selinux BACKPORT: binder: use cred instead of task for selinux checks 2021-11-11 19:18:33 +00:00
smack This is the 5.10.51 stable release 2021-07-19 17:29:53 +02:00
tomoyo tomoyo: recognize kernel threads correctly 2021-03-09 11:11:15 +01:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
commoncap.c Merge 5.10.36 into android12-5.10 2021-05-13 14:22:11 +02:00
device_cgroup.c device_cgroup: Fix RCU list debugging warning 2020-08-20 11:25:03 -07:00
inode.c Revert "ANDROID: vfs: Add permission2 for filesystems with per mount permissions" 2020-05-29 08:49:28 +02:00
Kconfig Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
Kconfig.hardening BACKPORT: kasan: remove redundant config option 2021-03-24 15:09:15 -07:00
lsm_audit.c This is the 5.10.9 stable release 2021-01-19 18:49:54 +01:00
Makefile device_cgroup: Cleanup cgroup eBPF device filter code 2020-04-13 14:41:54 -04:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c BACKPORT: binder: use cred instead of task for selinux checks 2021-11-11 19:18:33 +00:00