Todd Kjos 7a9ad4aceb binder: avoid potential data leakage when copying txn ... [ Upstream commit 6d98eb95b4 ] Transactions are copied from the sender to the target first and objects like BINDER_TYPE_PTR and BINDER_TYPE_FDA are then fixed up. This means there is a short period where the sender's version of these objects are visible to the target prior to the fixups. Instead of copying all of the data first, copy data only after any needed fixups have been applied. Fixes: 457b9a6f09 ("Staging: android: add binder driver") Reviewed-by: Martijn Coenen <maco@android.com> Acked-by: Christian Brauner <christian.brauner@ubuntu.com> Signed-off-by: Todd Kjos <tkjos@google.com> Link: https://lore.kernel.org/r/20211130185152.437403-3-tkjos@google.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org>		2022-01-27 11:04:09 +01:00
..
binder.c	binder: avoid potential data leakage when copying txn	2022-01-27 11:04:09 +01:00
binder_alloc.c	binder: fix async_free_space accounting for empty parcels	2022-01-05 12:42:39 +01:00
binder_alloc.h	binder: tell userspace to dump current backtrace when detected oneway spamming	2021-04-10 10:52:04 +02:00
binder_alloc_selftest.c	binder: print warnings when detecting oneway spamming.	2020-09-03 18:24:41 +02:00
binder_internal.h	binder: use euid from cred instead of using task	2021-11-12 15:05:48 +01:00
binder_trace.h	binder: add trace at free transaction.	2020-11-11 08:20:44 +01:00
binderfs.c	binderfs: add support for feature files	2021-07-21 13:46:36 +02:00
Kconfig	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
Makefile