Commit 57bab7cb authored by Tair Rzayev's avatar Tair Rzayev Committed by Greg Kroah-Hartman

staging: android: binder.c: Use more appropriate functions for euid retrieval

Instead of getting the reference to whole credential structure, use
task_euid() and current_euid() to get it.
Signed-off-by: default avatarTair Rzayev <tair.rzayev@gmail.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 5bcfab13
...@@ -1326,7 +1326,6 @@ static void binder_transaction(struct binder_proc *proc, ...@@ -1326,7 +1326,6 @@ static void binder_transaction(struct binder_proc *proc,
struct binder_transaction *in_reply_to = NULL; struct binder_transaction *in_reply_to = NULL;
struct binder_transaction_log_entry *e; struct binder_transaction_log_entry *e;
uint32_t return_error; uint32_t return_error;
const struct cred *cred = __task_cred(proc->tsk);
e = binder_transaction_log_add(&binder_transaction_log); e = binder_transaction_log_add(&binder_transaction_log);
e->call_type = reply ? 2 : !!(tr->flags & TF_ONE_WAY); e->call_type = reply ? 2 : !!(tr->flags & TF_ONE_WAY);
...@@ -1468,7 +1467,7 @@ static void binder_transaction(struct binder_proc *proc, ...@@ -1468,7 +1467,7 @@ static void binder_transaction(struct binder_proc *proc,
t->from = thread; t->from = thread;
else else
t->from = NULL; t->from = NULL;
t->sender_euid = cred->euid; t->sender_euid = task_euid(proc->tsk);
t->to_proc = target_proc; t->to_proc = target_proc;
t->to_thread = target_thread; t->to_thread = target_thread;
t->code = tr->code; t->code = tr->code;
...@@ -2602,7 +2601,7 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) ...@@ -2602,7 +2601,7 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
struct binder_thread *thread; struct binder_thread *thread;
unsigned int size = _IOC_SIZE(cmd); unsigned int size = _IOC_SIZE(cmd);
void __user *ubuf = (void __user *)arg; void __user *ubuf = (void __user *)arg;
const struct cred *cred = current_cred(); kuid_t curr_euid = current_euid();
/*pr_info("binder_ioctl: %d:%d %x %lx\n", proc->pid, current->pid, cmd, arg);*/ /*pr_info("binder_ioctl: %d:%d %x %lx\n", proc->pid, current->pid, cmd, arg);*/
...@@ -2688,15 +2687,16 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) ...@@ -2688,15 +2687,16 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
goto err; goto err;
} }
if (uid_valid(binder_context_mgr_uid)) { if (uid_valid(binder_context_mgr_uid)) {
if (!uid_eq(binder_context_mgr_uid, cred->euid)) { if (!uid_eq(binder_context_mgr_uid, curr_euid)) {
pr_err("BINDER_SET_CONTEXT_MGR bad uid %d != %d\n", pr_err("BINDER_SET_CONTEXT_MGR bad uid %d != %d\n",
from_kuid(&init_user_ns, cred->euid), from_kuid(&init_user_ns, curr_euid),
from_kuid(&init_user_ns, binder_context_mgr_uid)); from_kuid(&init_user_ns, binder_context_mgr_uid));
ret = -EPERM; ret = -EPERM;
goto err; goto err;
} }
} else } else {
binder_context_mgr_uid = cred->euid; binder_context_mgr_uid = curr_euid;
}
binder_context_mgr_node = binder_new_node(proc, 0, 0); binder_context_mgr_node = binder_new_node(proc, 0, 0);
if (binder_context_mgr_node == NULL) { if (binder_context_mgr_node == NULL) {
ret = -ENOMEM; ret = -ENOMEM;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment