From: Christian Brauner <christian.brauner@ubuntu.com>
To: Todd Kjos <tkjos@google.com>
Cc: gregkh@linuxfoundation.org, christian@brauner.io,
arve@android.com, devel@driverdev.osuosl.org,
linux-kernel@vger.kernel.org, maco@google.com,
joel@joelfernandes.org, kernel-team@android.com,
avakj45@gmail.com, Martijn Coenen <maco@android.com>
Subject: Re: [PATCH v2 2/4] binder: avoid potential data leakage when copying txn
Date: Wed, 1 Dec 2021 14:54:42 +0100 [thread overview]
Message-ID: <20211201135442.d4r3va2q75rressv@wittgenstein> (raw)
In-Reply-To: <20211130185152.437403-3-tkjos@google.com>
On Tue, Nov 30, 2021 at 10:51:50AM -0800, Todd Kjos wrote:
> Transactions are copied from the sender to the target
> first and objects like BINDER_TYPE_PTR and BINDER_TYPE_FDA
> are then fixed up. This means there is a short period where
> the sender's version of these objects are visible to the
> target prior to the fixups.
>
> Instead of copying all of the data first, copy data only
> after any needed fixups have been applied.
>
> Fixes: 457b9a6f09f0 ("Staging: android: add binder driver")
> Reviewed-by: Martijn Coenen <maco@android.com>
> Signed-off-by: Todd Kjos <tkjos@google.com>
> ---
Looks good.
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
next prev parent reply other threads:[~2021-12-01 13:55 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-30 18:51 [PATCH v2 0/4] binder: Prevent untranslated sender data from being copied to target Todd Kjos
2021-11-30 18:51 ` [PATCH v2 1/4] binder: fix handling of error during copy Todd Kjos
2021-12-01 13:49 ` Christian Brauner
2021-11-30 18:51 ` [PATCH v2 2/4] binder: avoid potential data leakage when copying txn Todd Kjos
2021-12-01 13:54 ` Christian Brauner [this message]
2021-11-30 18:51 ` [PATCH v2 3/4] binder: read pre-translated fds from sender buffer Todd Kjos
2021-12-01 13:58 ` Christian Brauner
2021-11-30 18:51 ` [PATCH v2 4/4] binder: defer copies of pre-patched txn data Todd Kjos
2021-12-01 6:13 ` [PATCH v2 0/4] binder: Prevent untranslated sender data from being copied to target Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211201135442.d4r3va2q75rressv@wittgenstein \
--to=christian.brauner@ubuntu.com \
--cc=arve@android.com \
--cc=avakj45@gmail.com \
--cc=christian@brauner.io \
--cc=devel@driverdev.osuosl.org \
--cc=gregkh@linuxfoundation.org \
--cc=joel@joelfernandes.org \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=maco@android.com \
--cc=maco@google.com \
--cc=tkjos@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.