Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Feb 20, 2021 at 3:45 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
>
> On Fri, Feb 19, 2021 at 9:57 PM James Morris <jmorris@xxxxxxxxx> wrote:
> > On Fri, 19 Feb 2021, Paul Moore wrote:
> > > diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> > > index c119736ca56ac..39d501261108d 100644
> > > --- a/drivers/android/binder.c
> > > +++ b/drivers/android/binder.c
> > > @@ -2700,7 +2700,7 @@ static void binder_transaction(struct binder_proc *proc,
> > >               u32 secid;
> > >               size_t added_size;
> > >
> > > -             security_task_getsecid(proc->tsk, &secid);
> > > +             security_task_getsecid_subj(proc->tsk, &secid);
> > >               ret = security_secid_to_secctx(secid, &secctx, &secctx_sz);
> > >               if (ret) {
> > >                       return_error = BR_FAILED_REPLY;
> >
> > Can someone from the Android project confirm this is correct for binder?

This looks correct to me.
>
> Yes, please take a look Android folks.  As I mentioned previously,
> review of the binder changes is one area where I think some extra
> review is needed; I'm just not confident enough in my understanding of
> binder.
>
> --
> paul moore
> www.paul-moore.com



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux