[PATCH v5 0/3] binder: use cred instead of task for security context

Paul Moore paul at paul-moore.com
Thu Oct 14 21:33:48 UTC 2021


On Tue, Oct 12, 2021 at 12:56 PM Todd Kjos <tkjos at google.com> wrote:
>
> This series fixes the possible use of an incorrect security context
> when checking selinux permissions, getting a security ID, or lookup
> up the euid.
>
> The previous behavior was to save the group_leader 'struct task_struct'
> in binder_open() and using that to obtain security IDs or euids.
>
> This has been shown to be unreliable, so this series instead saves the
> 'struct cred' of the task that called binder_open(). This cred is used
> for these lookups instead of the task.

Hi Todd,

I just merged all three patches into selinux/next, thanks for your
help patience on this patchset.  Ultimately I merged these patches
into selinux/next as opposed to selinux/stable-5.15 because I felt
that a couple of weeks in -next before going to Linus would be a good
thing.  I'm also not certain how widespread binder is outside of
Android so I figured the practical difference between next and
stable-5.15 is likely very small.  Regardless, all of your Fixes and
stable tags remain in the patches so as soon as they go up to Linus
during the next merge window the stable folks will be notified.

-- 
paul moore
www.paul-moore.com



More information about the Linux-security-module-archive mailing list