git.baikalelectronics.ru Git - kernel.git/commit

author	Schspa Shi <schspa@gmail.com>
	Wed, 18 May 2022 01:17:54 +0000 (09:17 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 19 May 2022 16:41:33 +0000 (18:41 +0200)
commit	809a4b9be1feedb3cf6548d2439cf1fdf443880f
tree	c2b1088b38013f9c542130de9cf107fbaa3a87ee	tree \| snapshot
parent	0f25b197c7b5b31ef1908a20f104325021650913	commit \| diff

binder: fix atomic sleep when get extended error

binder_inner_proc_lock(thread->proc) is a spin lock, copy_to_user can't
be called with in this lock.

Copy it as a local variable to fix it.

Fixes: b90830dc3430 ("binder: add BINDER_GET_EXTENDED_ERROR ioctl")
Reported-by: syzbot+46fff6434a7f968ecb39@syzkaller.appspotmail.com
Reviewed-by: Carlos Llamas <cmllamas@google.com>
Signed-off-by: Schspa Shi <schspa@gmail.com>
Link: https://lore.kernel.org/r/20220518011754.49348-1-schspa@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>