]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8a275f2) | patch
binder: fix atomic sleep when get extended error
authorSchspa Shi <schspa@gmail.com>
Wed, 18 May 2022 01:17:54 +0000 (09:17 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 19 May 2022 16:41:33 +0000 (18:41 +0200)
commit32ef041d505bbe89bedd51f4c84a94bb96d80b77
treec2b1088b38013f9c542130de9cf107fbaa3a87eetree | snapshot
parent8a275f212871e17f1d3742a4d40db7841c645c61commit | diff
binder: fix atomic sleep when get extended error

binder_inner_proc_lock(thread->proc) is a spin lock, copy_to_user can't
be called with in this lock.

Copy it as a local variable to fix it.

Fixes: b20924a89a67 ("binder: add BINDER_GET_EXTENDED_ERROR ioctl")
Reported-by: syzbot+46fff6434a7f968ecb39@syzkaller.appspotmail.com
Reviewed-by: Carlos Llamas <cmllamas@google.com>
Signed-off-by: Schspa Shi <schspa@gmail.com>
Link: https://lore.kernel.org/r/20220518011754.49348-1-schspa@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/android/binder.c diff | blob | history
Linux Kernel Source Tree.